Deploy using CDK CLI - Research Service Workbench on AWS
Step 1: Configure the stackStep 2: Launch the main account stackStep 3: Deploy the hosting account

Deploy using CDK CLI

Step 1: Configure the stack

  1. Clone the GitHub repository for the solution.

  2. Go to solutions/swb-reference.

  3. Copy src/config/example.yaml and and rename the copied file within the config folder. Remember the name you assigned this file for this deployment. Some common values that can be used are dev, beta, and gamma.

    Example: <STAGE>.yaml

  4. Open your copied yaml file and uncomment the stage attribute. Provide the correct <STAGE> value for the attribute.

    Note

    The stage value should match the name of your copied file.

  5. In the copied <STAGE>.yaml file uncomment:

    1. awsRegion

      Determines what AWS Region the solution deploys in. Must be a supported region.

    2. awsRegionShortName

      You can choose a two or three letter abbreviation for this value.

  6. Uncomment rootUserEmailParamStorePath and provide a name for a Systems Manager parameter that will contain the main account user's email address, e.g. /rsw/<stage>/rootUser/email.

  7. Create a Systems Manager parameter in your main account and set the name as the assigned value in rootUserEmailParamStorePath. Use the main account user's email address as the parameter.

  8. Uncomment allowedOrigins and provide a list of URLs allowed to access the solution's API.

    Example: ['http://localhost:3000','http://localhost:3002']

  9. Uncomment cognitoDomain and provide a globally unique string for the Amazon Cognito domain. This should be an alphanumeric string (hyphens allowed) that does not conflict with any other existing Amazon Cognito domains.

  10. Do one of the following:

    • For a default deployment, leave vpcId and albSubnetIds commented.

    • For a bring-your-own-network (BYON) or custom network deployment, uncomment vpcId and albSubnetIds and provide your network values.

  11. Do one of the following:

    • For an internet-facing ALB instance, uncomment albInternetFacing and set the value to true.

    • For a non-internet-facing ALB instance, uncomment albInternetFacing and set the value to false.

  12. Uncomment hostedZoneId and domainName and provide their values from your hosted zone. If you don’t have a domain configured, see Working with hosted zones to create a hosted zone.

  13. Uncomment fieldsToMaskWhenAuditing and use the default values.

  14. Save the stage file.

  15. Run chmod 777 <STAGE>.yaml to allow the local script to read the file.

Step 2: Launch the stack in the main account

Before starting these steps, ensure you are using the main account's AWS profile in the terminal.

  1. In the terminal, go to solutions/swb-reference within the cloned repository.

  2. Compile the code base:

    rush update && rush build && rushx compile
    Note

    If you have not already performed the CDK bootstrap, run STAGE=<STAGE> rushx cdk bootstrap before continuing.

  3. Deploy the CDK:

    STAGE=<STAGE> rushx cdk-deploy

    The solution is now deployed in your account.

  4. Note the AWS CloudFormation output values. You will need them in future steps.

    1. S3BucketArtifactsArnOutput

    2. AccountHandlerLambdaRoleOutput

    3. ApiLambdaRoleOutput

    4. StatusHandlerLambdaRoleOutput

    5. APIGatewayAPIEndpoint

    6. DataSetsBucketName

  5. Run a post-deployment step to setup the Service Catalog portfolio and products:

    STAGE=<STAGE> rushx run-postDeployment

    The main account user will receive an email with a temporary password. Note this password for future API authenticated requests.

Note

We employ a shared responsibility model when you bring your own network components.

Step 3: Deploy the hosting account

The solution must also be deployed in a second account known as the hosting account.