This is a CDK (python) project to deploy components of the GDI starter kit to AWS.

Goal

This project aims to capture as much configuration as possible in the pre-deployment phase, making services operational after simply running:

cdk deploy GdiStarterKitStack

Status

Currently, the following services are deployed:

• REMS

Prerequisites

AAI

• An OIDC Provider (OP) — for example LS-AAI or Google Identity — configured with your service endpoints as RPs. You generally need to specify at least:
  • login URL
  • redirect URL
  • oAuth flow (e.g. PKCE)
  • scopes and note the generated client-id and client-secret

AWS

• An AWS account with permissions to create resources
• An AWS Route 53 Hosted Zone record configured with your domain e.g. my.org
• An AWS Secrets Manager entry (type: other) describing the REMS OIDC RP config with 3 key-vals:
  • 'oidc-metadata-url'
  • 'oidc-client-id'
  • 'oidc-client-secret'

Configuration

• The rems_oidc_sec_name CDK context variable set to the name of the Secrets Manager record containing the RP config
• The hz_domain context variable set to the HZ domain you want to deploy to e.g. my.org
• (optionally) the rems_domain_prefix context variable set to the domain prefix to generate the deployed public URL (login URL as configured in the OP). If not supplied this defaults to rems — e.g. the public URL will be rems.my.org

Post-deployment

REMS

The application is primarily configured via the config.edn file.

Follow the steps documented here to demo:

• Adding yourself as an Owner
• Creating API key and using it to update the application, e.g.:
• Adding test data
• Creating a robot user
• Getting GA4GH visas from the API (use https://jwt.io/ to inspect the returned JWT)

Follow the steps documented here to configure the application with your own Forms, Workflows, Resources etc.