Skip to content

Checklist and Prerequisites

Deploying YData Fabric in the AWS cloud offers a scalable and efficient solution for managing and generating synthetic data. AWS provides a robust infrastructure that ensures high availability, security, and performance, making it an ideal platform for YData Fabric.

This cloud deployment allows for rapid scaling of resources to meet varying workloads, ensuring optimal performance and cost-efficiency.

With AWS's comprehensive security features, including data encryption, network firewalls, and identity management, your synthetic data and models are protected against unauthorized access and threats. Additionally, AWS's global infrastructure allows for the deployment of YData Fabric in multiple regions, ensuring low latency and high availability for users worldwide.


If you don't have an AWS account, create a free account before you begin.

Basic Configuration

  • Stack name: The name of the CloudFormation stack
  • Location: where to install the platform and create the resources. You can check the available supported regions here:
  • **Available regions: ** You can find the aws regions where YData Fabric is available here.


Check and add (if needed) the necessary permissions to the account and region where the platform will be installed.

  • Go to Identity and Access Management (IAM)
  • Select your user or role used for deployment
  • Under the permissions tab, check if you have the following permissions:
    • AdministratorAccess

*this will be updated in the future with only the necessary permissions to create and access the application.

You can find AWS official documentation here.

Service Linked Roles

During the deployment all the required Service-Linked Roles are created by AWS by default with the exception of the EKS Service-Linked Role.

Please go to IAM β†’ Roles Verify that the following Service-Linked role exists in IAM:

  • AWSServiceRoleForAmazonEKS AWS IAM Role config

Otherwise, please create the missing service linked role:

  • Click β€œCreate role”
  • Choose AWS service and EKS:

AWS EKS Service

  • Click β€œNext” β†’ β€œNext”
  • Click β€œCreate role”

*You can find AWS official documentation for service-linked roles.*


Check and set (if needed) new quotas for the region where the application will be installed.

  • Go to Service Quotas (ensure that you are in the right region).
  • Select AWS Services β†’ Amazon Elastic Compute Cloud (Amazon EC2)
  • Check for the following quota limits:
Quota Minimum Recommended
Running On-Demand Standard (A, C, D, H, I, M, R, T, Z) instances 50ΒΉ 100Β²
Running On-Demand G and VT instances 0ΒΉ 20Β²

1. These limits are the required only for the installation of the platform. Usage is limited. 2. Each limit will depend on the platform usage and each client requirements.

If needed, request for a new limit to the AWS support team. More on available instance types can be found here.

Network configuration

Choose how you want to connect to the platform.

The parameters below will be used during the deployment process.

DNS Configuration:

In AWS, you will connect the platform providing your own DNS custom domain, for example: For that, a registered domain is necessary.

Domain Name and Route53 Hosted Zone ID

If you have your domain registered in Route53, you can pass the Route53 Hosted Zone ID and the Domain Name, and the CloudFormation template will create an ACM certificate and a Route53 record pointing to the ALB used to connect the platform. So no steps are required before or after the installation.

Domain Name and ACM Certificate ARN

Otherwise, if you have your domain registered in another provider or in a route53 in another account, you will need to do one of the following steps:

Request public certificate Certificate granted
Select an IDE Python or R

After the certificate is requested, copy the CNAME value and name, and create the record in your DNS provider so the certificate can be validated.

Request public certificate Certificate granted
Select an IDE Python or R

After the certificate is imported, ensure the certificate is validated.

After the installation, you will need to create another CNAME record pointing to the ALB endpoint, available in the CF Outputs.

For example: CNAME β†’ Route 53 example

Login Provider

In AWS you can use multiple providers to connect to the platform. During the parameter section you can choose to create a Cognito or to use one on your own: Choose login provider

Setting this to True, unless you want to use a custom one, you don’t need to specify any other parameters under the OAuth Configuration.

You can only have one Cognito

You can only choose one Cognito:

  • The created during the platform installation.
  • One created by you, where you need to pass the credentials parameters.

If both are set, the provided parameters will be ignored and the one created during installation will be used.

Some regions do not support Cognito

This is not currently supported for some regions! For this regions you will need to use the region specific template and pass your own custom oauth configuration!

Check regions information here.

You can log in to our app currently using the following providers - at least one is required, but you can choose multiple ones:

  • Google
  • Microsoft
  • Cognito (you own or the default created during installation)
  • GitHub

More detailed instructions for each login provider can be found here. If you required another authentication method, please fill up a support case at

After configuring your login provider, please save the values. This values will be used during the deployment process.

As soon as the above steps are all completed, you are ready to start the deployment.