Set up a secure AWS account from scratch — configuring root user credentials, enabling MFA via authenticator app, setting up billing alerts with CloudWatch and SNS, and activating Free Tier safeguards to prevent unexpected charges.
Deployed a static website to Amazon S3, configuring bucket policies, ACLs, and public access settings. Troubleshot and resolved a 403 Forbidden error by correctly managing object-level permissions alongside bucket-level settings.
Built an Amazon VPC from scratch — defining CIDR blocks, creating public and private subnets, attaching an Internet Gateway, and configuring route tables. Also used AWS CloudShell and CLI to create resources programmatically.
Configured Security Groups and Network ACLs to control inbound and outbound traffic. Implemented layered security at both resource and subnet levels, and deployed resources across multiple regions to explore EC2 Global View.
Built a real-world IAM access control setup — creating users, user groups, and a multi-statement JSON policy restricting interns to development EC2 instances only. Verified using live testing and the IAM Policy Simulator.