Checklist and Prerequisites
Deploying YData Fabric in the AWS cloud offers a scalable and efficient solution for managing and generating synthetic data. AWS provides a robust infrastructure that ensures high availability, security, and performance, making it an ideal platform for YData Fabric.
This cloud deployment allows for rapid scaling of resources to meet varying workloads, ensuring optimal performance and cost-efficiency.
With AWS's comprehensive security features, including data encryption, network firewalls, and identity management, your synthetic data and models are protected against unauthorized access and threats. Additionally, AWS's global infrastructure allows for the deployment of YData Fabric in multiple regions, ensuring low latency and high availability for users worldwide.
Prerequisites
If you don't have an AWS account, create a free account before you begin.
Basic Configuration
- Stack name: The name of the CloudFormation stack
- Location: where to install the platform and create the resources. You can check the available supported regions here:
- **Available regions: ** You can find the aws regions where YData Fabric is available here.
Permissions
Check and add (if needed) the necessary permissions to the account and region where the platform will be installed.
- Go to Identity and Access Management (IAM)
- Select your user or role used for deployment
- Under the permissions tab, check if you have the following permissions:
- AdministratorAccess
*this will be updated in the future with only the necessary permissions to create and access the application.
You can find AWS official documentation here.
Service Linked Roles
During the deployment all the required Service-Linked Roles are created by AWS by default with the exception of the EKS Service-Linked Role.
Please go to IAM β Roles Verify that the following Service-Linked role exists in IAM:
AWSServiceRoleForAmazonEKS
Otherwise, please create the missing service linked role:
- Click βCreate roleβ
- Choose AWS service and EKS:
- Click βNextβ β βNextβ
- Click βCreate roleβ
*You can find AWS official documentation for service-linked roles.*
Quotas
Check and set (if needed) new quotas for the region where the application will be installed.
- Go to Service Quotas (ensure that you are in the right region).
- Select AWS Services β Amazon Elastic Compute Cloud (Amazon EC2)
- Check for the following quota limits:
Quota | Minimum | Recommended |
---|---|---|
Running On-Demand Standard (A, C, D, H, I, M, R, T, Z) instances | 50ΒΉ | 100Β² |
Running On-Demand G and VT instances | 0ΒΉ | 20Β² |
1. These limits are the required only for the installation of the platform. Usage is limited. 2. Each limit will depend on the platform usage and each client requirements.
If needed, request for a new limit to the AWS support team. More on available instance types can be found here.
Network configuration
Choose how you want to connect to the platform.
The parameters below will be used during the deployment process.
DNS Configuration:
In AWS, you will connect the platform providing your own DNS custom domain, for example: platform.ydata.ai
.
For that, a registered domain is necessary.
Domain Name and Route53 Hosted Zone ID
If you have your domain registered in Route53, you can pass the Route53 Hosted Zone ID and the Domain Name, and the CloudFormation template will create an ACM certificate and a Route53 record pointing to the ALB used to connect the platform. So no steps are required before or after the installation.
Domain Name and ACM Certificate ARN
Otherwise, if you have your domain registered in another provider or in a route53 in another account, you will need to do one of the following steps:
Request public certificate | Certificate granted |
---|---|
After the certificate is requested, copy the CNAME value and name, and create the record in your DNS provider so the certificate can be validated.
Request public certificate | Certificate granted |
---|---|
After the certificate is imported, ensure the certificate is validated.
After the installation, you will need to create another CNAME record pointing to the ALB endpoint, available in the CF Outputs.
For example:
CNAME β ydata-alb-xxxxxxxxx.eu-west-1.elb.amazonaws.com
Login Provider
In AWS you can use multiple providers to connect to the platform. During the parameter section you can choose to create a Cognito or to use one on your own:
Setting this to True, unless you want to use a custom one, you donβt need to specify any other parameters under the OAuth Configuration.
You can only have one Cognito
You can only choose one Cognito:
- The created during the platform installation.
- One created by you, where you need to pass the credentials parameters.
If both are set, the provided parameters will be ignored and the one created during installation will be used.
Some regions do not support Cognito
This is not currently supported for some regions! For this regions you will need to use the region specific template and pass your own custom oauth configuration!
Check regions information here.
You can log in to our app currently using the following providers - at least one is required, but you can choose multiple ones:
- Microsoft
- Cognito (you own or the default created during installation)
- GitHub
More detailed instructions for each login provider can be found here. If you required another authentication method, please fill up a support case at support.ydata.ai
After configuring your login provider, please save the values. This values will be used during the deployment process.
As soon as the above steps are all completed, you are ready to start the deployment.