Deploy using CDK CLI
Step 1: Configure the stack
-
Clone the GitHub repository
for the solution. -
Go to
solutions/swb-reference
. -
Copy
src/config/example.yaml
and and rename the copied file within the config folder. Remember the name you assigned this file for this deployment. Some common values that can be used are dev, beta, and gamma.Example:
<STAGE>
.yaml -
Open your copied yaml file and uncomment the stage attribute. Provide the correct
value for the attribute.<STAGE>
Note
The stage value should match the name of your copied file.
-
In the copied
file uncomment:<STAGE>
.yamlawsRegion
Determines what AWS Region the solution deploys in. Must be a supported region.
-
awsRegionShortName
You can choose a two or three letter abbreviation for this value.
-
Uncomment
rootUserEmailParamStorePath
and provide a name for a Systems Manager parameter that will contain the main account user's email address, e.g./rsw/
.<stage>
/rootUser/email -
Create a Systems Manager parameter in your main account and set the name as the assigned value in
rootUserEmailParamStorePath
. Use the main account user's email address as the parameter. -
Uncomment
allowedOrigins
and provide a list of URLs allowed to access the solution's API.Example: ['http://localhost:3000','http://localhost:3002']
-
Uncomment
cognitoDomain
and provide a globally unique string for the Amazon Cognito domain. This should be an alphanumeric string (hyphens allowed) that does not conflict with any other existing Amazon Cognito domains. -
Do one of the following:
-
For a default deployment, leave
vpcId
andalbSubnetIds
commented. -
For a bring-your-own-network (BYON) or custom network deployment, uncomment
vpcId
andalbSubnetIds
and provide your network values.
-
-
Do one of the following:
-
For an internet-facing ALB instance, uncomment
albInternetFacing
and set the value totrue
. -
For a non-internet-facing ALB instance, uncomment
albInternetFacing
and set the value tofalse
.
-
-
Uncomment
hostedZoneId
anddomainName
and provide their values from your hosted zone. If you don’t have a domain configured, see Working with hosted zones to create a hosted zone. -
Uncomment
fieldsToMaskWhenAuditing
and use the default values. -
Save the stage file.
-
Run
chmod 777
to allow the local script to read the file.<STAGE>
.yaml
Step 2: Launch the stack in the main account
Before starting these steps, ensure you are using the main account's AWS profile in the terminal.
-
In the terminal, go to
solutions/swb-reference
within the cloned repository. -
Compile the code base:
rush update && rush build && rushx compile
Note
If you have not already performed the CDK bootstrap, run
STAGE=
before continuing.<STAGE>
rushx cdk bootstrap -
Deploy the CDK:
STAGE=
<STAGE>
rushx cdk-deployThe solution is now deployed in your account.
-
Note the AWS CloudFormation output values. You will need them in future steps.
-
S3BucketArtifactsArnOutput
-
AccountHandlerLambdaRoleOutput
-
ApiLambdaRoleOutput
-
StatusHandlerLambdaRoleOutput
-
APIGatewayAPIEndpoint
-
DataSetsBucketName
-
-
Run a post-deployment step to setup the Service Catalog portfolio and products:
STAGE=
<STAGE>
rushx run-postDeploymentThe main account user will receive an email with a temporary password. Note this password for future API authenticated requests.
Note
We employ a shared
responsibility model
Step 3: Deploy the hosting account
The solution must also be deployed in a second account known as the hosting account.