Deploy the hosting account - Research Service Workbench on AWS

Deploy the hosting account

Before you deploy the hosting account, you must deploy the solution in the main account:

Step 1: Choose a template to deploy the hosting account

Important

You must configure Postman or another API client of your choice for this step. We recommend using Postman and provide instructions to import the solution collection into Postman. After importing the collection, you will need to follow the directions to obtain an access token.

Research Service Workbench hosts compute resources on the hosting account. You can choose between two options to deploy a hosting account:

  1. (Default) Onboard the hosting account with a new network.

    New network components will be created in the hosting account. You will onboard the hosting account without existing network components such as a VPC or subnet for the solution's resources created in the account.

  2. Onboard a hosting account with existing network components (BYON).

    Resources created will use existing network components. This is known as bring-your-own-network.

To choose, determine the amount of network flexibility your deployment requires. For more information, see Onboard a hosting account template.

Once you have determined your preferred method:

  1. In Postman or your preferred API client, locate the hosting accounts section.

  2. Choose Hosting Account Template URLs.

  3. Deploy the API call. The response will provide URLs for each of the three hosting account deployment options.

  4. From your browser, sign into the AWS account for your hosting account.

  5. In Postman, follow the link corresponding to your chosen network deployment option.

Step 2: Deploy the CloudFormation stack for the hosting account

After you've opened the URL in Postman, the AWS CloudFormation console opens in your browser. A new stack will have been created with the parameters completed.

  1. On the Quick Create Stack page, review and confirm the settings.

  2. Confirm the acknowledgment that the template will create AWS Identity and Access Management (IAM) resources.

  3. Choose Create stack to deploy the stack.

  4. View the status of the stack in the AWS CloudFormation console under the Status column. You should receive a CREATE_COMPLETE status in approximately ten minutes. The hosting account will be ready to onboard.

  5. Note the following values from the Outputs and Parameters section of the stack.

    1. EnvMgmtRoleArn

    2. HostingAccountHandlerRoleArn

    3. ExternalId

The following input parameters can be seen in the onboard account template. Not all parameters may apply to your chosen template.

Parameter Default Description
Namespace An environment name that will be prefixed to resource names. Make sure this matches your main account stack name.
Main Account Id Your Main Account ID where RSW is deployed
External Id A unique ID used to identify this account
Status Handler Role ARN The arn of status handler role in the main account
API Handler Role ARN The arn of API lambda handler role in the main account
Account Handler Role ARN The arn of account handler role in the main account
VPC CIDR 10.0.0.0/16 Enter the IP range (CIDR notation) for the VPC created by this template
Public Subnet CIDR 10.0.0.0/19 Enter the IP range (CIDR notation) for the Subnet created by this template
Launch Constraint Role Prefix * Role name prefix to use when creating a launch constraint role in the on-boarded account
Launch Constraint Policy Prefix * Customer managed policy name prefix to use when creating a launch constraint role in the on-boarded account
Enable Flow Logs Enable flow logs on VPCs and Subnets created on this account
VPC ID The ID of an existing VPC in which all instances will reside
Subnet ID The ID of an existing Subnet in which all instances will reside

After you've deployed the hosting account stack, explore account resources and APIs available in the solution's Developer Guide.