Menu
Standardized Architecture for HIPAA on AWS
Quick Start Reference Deployment Guide

Step 2. Launch the Stacks

This automated AWS CloudFormation template deploys the Quick Start architecture into Amazon VPCs in multiple Availability Zones into Amazon VPCs. Please review the technical requirements and pre-deployment steps before launching the stacks.

  1. Launch the AWS CloudFormation template into your AWS account.

    
                                HIPAA Quick Start launch button

    The template will be deployed into the AWS Region that appears in the navigation bar at the upper-right corner of the AWS Management Console. You can change the region by using the region selector in the navigation bar. Note that if you select a region where AWS Config is available, make sure to manually initialize the AWS Config service in that region.

    If you have an AWS GovCloud (US) account, you can launch the template in the AWS GovCloud (US) Region.

    The stacks take approximately 30 minutes to create.

    Note

    You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using this Quick Start. For full details, see the pricing pages for each AWS service you will be using in this Quick Start. Prices are subject to change.

    You can also download the template to use it as a starting point for your own implementation.

  2. On the Select Template page, keep the default settings for the template URL, and then choose Next.

  3. On the Specify Details page, provide the seven required parameter values for the template. These are described in the following table.

    Label Parameter Default Description
    Database Password pDBPassword Requires input Password for the database administrator account. This must be a complex password that’s between 8 and 28 mixed, alphanumeric characters.
    Notification Email Address pNotifyEmail distlist@example.org Notification email address for security events (you will receive confirmation email).
    Existing SSH Key for Bastion Instance pEC2KeyPairBastion Requires input The SSH key pair in your account to use for bastion host login (see pre-deployment steps).
    Existing SSH Key for Other Instances pEC2KeyPair Requires input The SSH key pair in your account to use for all other host logins (see pre-deployment steps).
    Support Config pSupportsConfig Requires input Select Yes if you are deploying in an AWS Region where AWS Config is available, and you want to use AWS Config (see pre-deployment steps)
    First Availability Zone pAvailabilityZoneA Requires input Select your desired first Availability Zone (Note: Some Availability Zones may be restricted. If the deployment fails, you may need to use a different Availability Zone.)
    Second Availability Zone pAvailabilityZoneB Requires input Select your desired second Availability Zone (Note: Some Availability Zones may be restricted. If the deployment fails, you may need to use a different Availability Zone.)

    AWS Quick Start Configuration:

    Parameter label Parameter name Default Description
    Quick Start S3 Bucket Name QSS3BucketName quickstart-reference S3 bucket where the Quick Start templates and scripts are installed. Use this parameter to specify the S3 bucket name you’ve created for your copy of Quick Start assets, if you decide to customize or extend the Quick Start for your own use. The bucket name can include numbers, lowercase letters, uppercase letters, and hyphens, but should not start or end with a hyphen.
    Quick Start S3 Key Prefix QSS3KeyPrefix enterprise-accelerator/hipaa/latest The S3 key name prefix used to simulate a folder for your copy of Quick Start assets, if you decide to customize or extend the Quick Start for your own use. This prefix can include numbers, lowercase letters, uppercase letters, hyphens, and forward slashes, but should not start or end with a forward slash (which is automatically added).
  4. On the Options page, you can specify tags (key-value pairs) for resources in your stack and set additional options. When you're done, choose Next.

  5. On the Review page, review the settings and select the acknowledgement check box. This simply states that the template will create IAM resources.

    
                        IAM resource acknowledgement

    Figure 12: IAM resource acknowledgement

  6. Choose Create to deploy the stack.

  7. Monitor the status of the stack being deployed. When the status field shown in Figure 13 displays CREATE_COMPLETE for all the stacks deployed, the cluster for this reference architecture is ready. Since you’re deploying the full architecture, you’ll see eight stacks listed (for the main template and seven nested templates).

    
                        Status message for deployment

    Figure 13: Status message for deployment