This is a CDK (python) project to deploy components of the GDI starter kit to AWS.
This project aims to capture as much configuration as possible in the pre-deployment phase, making services operational after simply running:
cdk deploy GdiStarterKitStack
Currently, the following services are deployed:
- REMS
- An OIDC Provider (OP) — for example LS-AAI or Google Identity — configured with your
service endpoints as RPs. You generally need to specify at least:
- login URL
- redirect URL
- oAuth flow (e.g. PKCE)
- scopes
and note the generated
client-id
andclient-secret
- An AWS account with permissions to create resources
- An AWS Route 53 Hosted Zone record configured with your domain e.g.
my.org
- An AWS Secrets Manager entry (type: other) describing the REMS OIDC RP config
with 3 key-vals:
- 'oidc-metadata-url'
- 'oidc-client-id'
- 'oidc-client-secret'
- The
rems_oidc_sec_name
CDK context variable set to the name of the Secrets Manager record containing the RP config - The
hz_domain
context variable set to the HZ domain you want to deploy to e.g.my.org
- (optionally) the
rems_domain_prefix
context variable set to the domain prefix to generate the deployed public URL (login URL as configured in the OP). If not supplied this defaults torems
— e.g. the public URL will berems.my.org
The application is primarily configured via the config.edn
file.
Follow the steps documented here to demo:
- Adding yourself as an Owner
- Creating API key and using it to update the application, e.g.:
- Adding test data
- Creating a robot user
- Getting GA4GH visas from the API (use https://jwt.io/ to inspect the returned JWT)
Follow the steps documented here to configure the application with your own Forms, Workflows, Resources etc.