Create external resources

This CloudFormation stack creates networking, storage, active directory, and domain certificates (if a PortalDomainName is provided). You must have these external resources available to deploy the product.

You may download the recipes template before deployment.

Time to deploy: Approximately 40-90 minutes

1. Sign in to the AWS Management Console and open the AWS CloudFormation console at https://console.aws.amazon.com/cloudformation.

   Note

   Make sure you are in your administrator account.

2. Launch the template in the console.

   If you are deploying in the AWS GovCloud (US-West) Region, launch the template in the GovCloud partition account.

3. Enter the template parameters:

   Parameter	Default	Description
   DomainName	corp.res.com	Domain used for the active directory. The default value is supplied in the LDIF file which sets up bootstrap users. If you would like to use the default users, leave the value as default. To change the value, update and provide a separate LDIF file. This does not need to match the domain used for active directory.
   SubDomain (GovCloud only)		This parameter is optional for commercial regions, but required for GovCloud regions. If you provide a SubDomain, the parameter will be prefixed to the DomainName provided. The provided Active Directory domain name will become a subdomain.
   AdminPassword		The password for the active directory administrator (username Admin). This user is created in the active directory for the initial bootstrapping phase and is not used after. Note: The password for this user must meet the password complexity requirements for active directory.
   ServiceAccountPassword		Password used to create a service account (ReadOnlyUser). This account is used for synchronization. Important: as of Research and Engineering Studio release 2024.06 you must provide a Secret ARN which contains the plaintext password for the ServiceAccount. Note: The password for this user must meet the password complexity requirements for active directory.
   Keypair		Connects the administrative instances using an SSH client. Note: AWS Systems Manager Session Manager can also be used to connect to instances.
   LDIFS3Path	aws-hpc-recipes/main/recipes/res/res_demo_env/assets/res.ldif	The Amazon S3 path to an LDIF file imported during the bootstrapping phase of active directory setup. For more information, see LDIF Support. The parameter prepopulates with a file that creates a number of users in the active directory. To view the file, see the res.ldif file available in GitHub.
   ClientIpCidr		The IP address from which you will access the site. For example, you can select your IP address and use [IPADDRESS]/32 to only allow access from your host. You can update this post-deployment.
   ClientPrefixList		Enter a prefix list to provide access to the active directory management nodes. For information on creating a managed prefix list, see Work with customer-managed prefix lists.
   EnvironmentName	res-[environment name]	If the PortalDomainName is provided, this parameter is used to add tags to the secrets generated so that they can be used within the environment. This will need to match the EnvironmentName parameter used when creating the RES stack. If you are deploying multiple environments in your account, this will need to be unique.
   PortalDomainName		For GovCloud deployments, do not enter this parameter. The certificates and secrets were manually created during the prerequisites. The domain name in Amazon Route 53 for the account. If this is provided, then a public certificate and key file will be generated and uploaded to AWS Secrets Manager. If you have your own domain and certificates, this parameter and EnvironmentName can be left blank.

4. Acknowledge all checkboxes in Capabilities, and choose Create stack.