Medplum Infra
CDK scripts to setup the full stack:
- S3 + CloudFront for static site
- VPC for private network
- Fargate for backend server
- Aurora RDS for database
Install
Medplum uses npm workspaces for a monorepo configuration.
See Developer Setup for cloning the repository and installing dependencies.
Deploy
First, create a configuration file.
Next, it is strongly recommended to diff
changes before deploying.
npx cdk diff -c config=my-config.json
npx cdk deploy -c config=my-config.json
Destroy
npx cdk destroy
Front End
Based on: https://github.com/aws-samples/aws-cdk-examples/tree/master/typescript/static-site
Creates:
- S3 Bucket
- CloudFront distribution
- SSL Certificate
- Route 53 Entries
Back End
Based on: Based on: https://github.com/aws-samples/http-api-aws-fargate-cdk/blob/master/cdk/singleAccount/lib/fargate-vpclink-stack.ts
Creates:
- VPC
- Security Groups
- Fargate Task and Service
- CloudWatch Log Groups
- Load Balancer
- SSL Certificate
- Route 53 Entries
Storage
Based on:
The CloudFront distribution requires a public key for signature verification.
Generate a 2048 bit RSA key:
openssl genrsa -des3 -out private.pem 2048
Export the public key to a file:
openssl rsa -in private.pem -outform PEM -pubout -out public.pem
Open the public.pem
file and ensure that it starts with -----BEGIN PUBLIC KEY-----
. This is how you know that this file is the public key of the pair and not a private key.
Add the public key to the CDK infrastructure configuration.
Add the private key to the server configuration settings (JSON, AWS Parameter Store, etc).