Automated deployment
Before you launch the solution, review the cost, architecture, network security, and other considerations discussed in this guide. Follow the step-by-step instructions in this section to configure and deploy the solution into your account.
Time to deploy: Approximately 30 minutes (getting-started stack only)
Prerequisites
-
AWS account console permissions equivalent to Administrator Access.
-
Activate CloudWatch logging from API Gateway:
-
Sign in to the API Gateway console
and select the Region where you plan to install the stacks. If you have existing APIs defined in this Region:
-
Select any API.
-
From the left navigation, select Settings.
-
Check for a value in the CloudWatch log role ARN field.
-
If there is no ARN, install the
virtual-waiting-room-on-aws-api-gateway-cw-logs-role.template
. -
If there is an ARN, start with launching the getting-started stack.
If there are no existing APIs defined in this Region, install the
virtual-waiting-room-on-aws-api-gateway-cw-logs-role.template
.
-
-
-
Knowledge of the architecture and implementation details of the target site to protect.
Deployment overview
Use the following steps to deploy this solution on AWS. For detailed instructions, follow the links for each step.
Step 1. Launch the getting-started stack
-
Launch the AWS CloudFormation template into your AWS account.
-
Review the templates parameters and enter or adjust the default values as needed.
Step 2. (Optional) Test the waiting room
-
Generate AWS keys to call the IAM secured APIs.
-
Open up the sample waiting room’s control panel.
-
Test the sample waiting room.
Step 1. Launch the getting-started stack
This automated AWS CloudFormation template deploys the core, authorizers, and sample waiting room templates which allows you to view and test a working waiting room. You must read and understand the Prerequisites before launching the stack.
Note
You are responsible for the cost of the AWS services used while running this solution. For more details, visit the Cost section in this guide, and refer to the pricing webpage for each AWS service used in this solution.
-
Sign in to the AWS Management Console
and select the button to launch the virtual-waiting-room-on-aws-getting-started.template
AWS CloudFormation template.Alternatively, you can download the template as a starting point for your own implementation. -
The template launches in the US East (N. Virginia) Region by default. To launch the solution in a different AWS Region, use the Region selector in the console navigation bar.
-
On the Create stack page, verify that the correct template URL is in the Amazon S3 URL text box and choose Next.
-
On the Specify stack details page, assign a name to your solution stack. For information about naming character limitations, refer to IAM and STS Limits in the AWS Identity and Access Management User Guide.
-
Under Parameters, review the parameters for this solution template and modify them as necessary. This solution uses the following default values.
Parameter Default Description Event ID Sample
Unique ID for this instance of the waiting room, GUID format suggested. Validity Period 3600
Token validity period in seconds. Enable Events Generation false
If set to
true
, metrics related to the Waiting Room are written to its event bus every minuteElasticache (Redis OSS) Port 1785
The port number to use for connecting to Elasticache (Redis OSS) server. Recommended not to use the default Elasticache (Redis OSS) port of
6379
.EnableQueuePositionExpiry true
If set to
false
, queue position expiry period is not applied.QueuePositionExpiryPeriod 900
It is the time interval in seconds beyond which a queue position is ineligible to generate a token.
IncrSvcOnQueuePositionExpiry false
If set to
true
, the serving counter is automatically advanced based on expired queue positions that did not successfully generate tokens. -
Choose Next.
-
On the Configure stack options page, choose Next.
-
On the Review page, review and confirm the settings. Check the box acknowledging that the template creates AWS Identity and Access Management (IAM) resources.
-
Choose Create stack to deploy the stack.
You can view the status of the stack in the AWS CloudFormation Console in the Status column. You should receive a CREATE_COMPLETE status in approximately 30 minutes.
Step 2. (Optional) Test the waiting room
If you deployed the getting-started stack, the following steps help you test the waiting room’s functionality. To complete testing, you need AWS keys with permissions to call the IAM secured APIs in the core stack.
Generate AWS keys to call the IAM secured APIs
-
Create or use an IAM user in the AWS account where the
aws-virtual-waiting-room-getting-started.template
CloudFormation template was deployed. -
Grant the IAM user programmatic access. When creating a new set of access keys for the IAM user, download the key file when presented. You need the IAM user’s Access Key ID and Secret Access Key to test the waiting room.
-
Add the IAM user to the ProtectedAPIGroup IAM user group created by the template.
Open up the sample waiting room’s control panel
-
Sign in to the AWS CloudFormation console
and select the solution’s getting-started stack. -
Choose the Outputs tab.
-
Under the Key column, locate ControlPanelURL, and select the corresponding value.
-
Open the control panel in a new tab or browser window.
-
In the control panel, expand the Configuration section.
-
Enter the Access key ID and Secret Access Key you retrieved in Generate AWS keys to call the IAM secured APIs. The endpoints and event ID are filled in from the URL parameters.
-
Choose Use. The button activates after you have supplied the credentials.
Test the sample waiting room
-
In the AWS CloudFormation console
, select the solution’s getting-started stack. -
Choose the Outputs tab.
-
Under the Key column, locate WaitingRoomURL, and select the corresponding value.
-
Open the waiting room, then choose Reserve to enter the waiting room.
-
Navigate back to the browser tab that has the control panel.
-
Under Increment Serving Counter, choose Change. This allows 100 users to move on from the waiting room to the target site.
-
Navigate back to the waiting room and choose Check out now! You will now get redirected to the target site.
-
Choose Purchase now to finish your transaction at the target site.