Considerations - Virtual Andon on AWS


Architecture with all optional resources

This solution includes optional AWS CloudFormation parameters. When these parameters are activated, additional infrastructure, including support for a SAML Identity Provider and data analytics tools, is included in the solution’s architecture. If the bucket name used with Amazon Lookout for Equipment is supplied, the solution will be configured to monitor that bucket for updated files.

Virtual Andon on AWS architecture with optional resources

Figure 5: Virtual Andon on AWS architecture with optional resources

Figure 5 shows the Virtual Andon on AWS architecture with the optional AWS resources activated. Refer to the Architecture overview section for details about steps 1 through 7.

  1. If you are using Lookout for Equipment to monitor your machines, you can supply the name of the Amazon S3 bucket where inference files will be delivered in the Anomaly Detection Output Bucket CloudFormation parameter. This solution can be configured to automatically raise Issues if an anomaly is detected.

  2. When the Activate Glue Workflow CloudFormation parameter is set to Yes, an AWS Glue workflow will be created to extract data from DynamoDB to an AWS AWS Glue Data Catalog in Amazon S3. For more information, refer to the Data Analysis section.

  3. If you would like to use an existing SAML provider as an additional Identity Provider for access to this solution, you can configure the Cognito Domain Prefix, SAML Provider Name, and SAML Provider Metadata Url CloudFormation parameters. For more information, refer to SAML identity provider.

Amazon Cognito limits

This solution uses Amazon Cognito user pools to manage users. Amazon Cognito sends an email every time you create a user, change a password, or reset a password. Amazon Cognito limits the number of emails sent daily per user pool to 50. For customers who plan to use this solution for a large number of users, we recommend using Amazon Simple Email Service (Amazon SES) for these emails. For more information, refer to Authorizing Amazon Cognito to Send Amazon SES Email on Your Behalf in the Amazon Cognito Developer Guide.

Regional deployments

This solution uses AWS AppSync and Amazon Cognito, which are currently available in specific AWS Regions only. Therefore, you must launch this solution in an AWS Region where these AWS services are available. For the most current availability by Region, refer to the AWS Regional Services List.

Additionally, Amazon Simple Notification Service (Amazon SNS) supports SMS messaging in specific AWS Regions only. For a list of supported Regions, refer to Supported Regions and Countries in the Amazon SNS Developer Guide.


Effective June 1, 2021, changes have been made that will require manual setup to send SMS messages to US destinations. For more information, refer to special requirements for sending SMS messages to US destinations in the Amazon SNS Developer Guide.

Solution updates

Virtual Andon on AWS v3.0 includes breaking changes and cannot be upgraded from previous versions. Updating from version 2.x to version 3.0 requires migrating all your data from the previous deployment to the new deployment (such as data stored in Amazon DynamoDB). Raise questions on the Issues page in the GitHub repository.