drs-plan-automation

AWS Elastic Disaster Recovery Service (DRS) Plan Automation Solution

Overview

This solution provides an automated, sequential approach for AWS DRS drills and recoveries. The solution enables you to plan multiple application recoveries, each with their own recovery order and wait times. The solution provides a protected, React based user interface to accelerate and simplify use.

The solution enables you to organize collections of servers by tags in ordered waves, so you can recovery architectural components as groups. Each wave can also have a sequenced set of PreWave and PostWave automation actions. Automation actions are defined as SSM Automation runbooks providing broad flexibility for sequenced recovery. This enables you to support and orchestrate managed services recovery and automation for AWS services such as RDS, Lambda, Route 53, S3, etc either before or after a grouped EC2 recovery completed by DRS.

Features

• Organize and define automated disaster recovery plans for your applications using DRS in multiple AWS accounts and sequence the recovery of your servers and automation
• Specify and execute sequenced automation before and after server recovery as SSM Automation runbooks
• Define, copy, and test multiple recovery plans
• Define and copy multiple sequenced plan automation waves within a plan
• Record and reference drill / recovery results for automation and server recovery plans
• Enhance and implement your own features using CodePipeline / CodeCommit

Architecture

AWS Services

The following AWS services are integrated and used by the solution:

• AWS Elastic Disaster Recovery Service (DRS): Initiate DRS drills / recoveries
• AWS Systems Manager (SSM): Automate actions before and after DRS drills / recoveries.
• AWS Identity and Access Management (IAM): Authorize solution to perform automation and recoveries within deployed account and across AWS accounts with DRS.
• AWS Key Management Service (KMS): Encrypt AWS and solution resources.
• Amazon Cognito: Provide authentication to access and utilize solution and APIs
• AWS WAF: Optionally limit access to only specific CIDRs.
• Amazon CloudFront: Serve React front end interface.
• Amazon API Gateway: Integrate with frontend APIs implemented in AWS Lambda
• AWS Lambda: Provide APIs for CRUD operations to DynamoDB and implement orchestration logic
• AWS Step Functions: Orchestrate user defined recovery plans
• Amazon DynamoDB: Store data entities (accounts, applications, plans, waves, PreWave / PostWave actions)
• AWS CodeCommit: Version and store solution code, integrate with CI/CD pipeline.
• AWS CodePipeline: Orchestrate CI / CD process
• AWS CodeBuild: Validate templates, build and deploy AWS Lambda functions using SAM.
• AWS CloudFormation: CloudFormation is used to deploy all AWS resources as infrastructure as code.
• Amazon Simple Storage Service (S3): Store solution and CI/CD resources.
• Amazon Simple Notification Service (SNS): Provide notification for plan automation progression and failed pipelines.

Application Architecture

The solution provides a React based UI requiring authorized login provided by Amazon Cognito. The solution also uses AWS WAF to limit access to the defined IP addresses / CIDRs that you specify. The solution uses API Gateway and AWS Lambda to interface with Step Functions for orchestration and DynamoDB for data capture / retrieval.

Front End Interface

The front end application code is written in JavaScript using React. The following primary JavaScript libraries and approaches are used:

• React
• Material UI
• AWS Amplify
• React Hook Form

Middleware

The middleware is composed of two AWS Lambda functions.

drs-plan-automation-api

The drs-plan-automation-api AWS Lambda function provides a REST API for the front end interface to perform CRUD operations for the application data to DynamoDB. The function also initiates the execution of the AWS Step Function to initiate DRS Plan drills / recoveries.

This function is written in JavaScript for Node.js. The function uses the AWS Serverless Express library to provide REST operations.

drs-plan-automation

The drs-plan-automation AWS Lambda function provides control logic for the AWS step function orchestration of plans, coordinating sequenced SSM automation and DRS drill / recovery.

The function is written in Python 3.9 and executes and tracks DRS jobs and SSM automation for plans orchestrated by the AWS Step Function state machine.

State Machine and control logic

The solution uses AWS Step Functions to orchestrate recovery based on your plans defined sequence set of Waves and PreWave / PostWave actions. AWS Lambda is used to drive recovery / automation execution logic.

The following state machine is implemented to coordinate the execution of PreWave Actions, DRS Jobs, and PostWave Actions for DR plan automation. The state machine is supported by an AWS Lambda function that implements the control logic for the plan automation. The state machine and lambda function are deployed via CodePipeline using the drs-automation-plan.yaml CloudFormation template.

Data Architecture

The primary entities in the solution are: Applications, Plans, Waves, PreWave Actions, and PostWave Actions.

The primary entities for results are similar.

Data is stored in JSON format in DynamoDB. There are three DynamoDB tables used by the solution:

• drs-plan-automation-accounts-dev: This table is used to store the AWS accounts and DRS regions that applications can be configured to use.
• drs-plan-automation-applications-dev: This is the primary table used the the solution and defines your Applications and their related Plans, Waves, and PreWave / PostWave Actions.
• drs-plan-automation-results-dev: This table is used to store drill / recovery execution results.

NOTE: The tables and other AWS resources are suffixed with the environment name, the default environment name for deployment is dev.

drs-plan-automation-accounts

This table is used to store the AWS accounts and DRS regions that applications can be configured to use.

Sample Item

{
  "AccountId": "012345678912",
  "Region": "us-west-2"
}

• AccountId (string) -- The AWS Account ID where this application and its related resources (DRS source servers, SSM Automation Runbooks) reside.
• Region (string) -- The AWS region where this application and its related resources reside.

drs-plan-automation-applications

Sample Item

{
  "AppId": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d",
  "AppName": "Sample Application",
  "Description": "Sample Application Description",
  "KeyName": "Application",
  "KeyValue": "sample",
  "Owner": "[email protected]",
  "AccountId": "012345678912",
  "Region": "us-west-2",
  "Plans": [
    {
      "PlanId": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6a",
      "PlanName": "Sample Plan",
      "Description": "Sample plan for sample application",
      "Owner": "[email protected]",
      "RPO": "60",
      "RTO": "1200",
      "CreationDate": "1200",
      "LastModifiedDate": "1200",
      "LastExecutedDate": "1200",
      "Waves": [
        {
          "Name": "Sample Databases Wave",
          "Description": "Start database servers",
          "KeyName": "Role",
          "KeyValue": "DBServer",
          "MaxWaitTime": 900,
          "UpdateTime": 30,
          "PostWaveActions": [
            {
              "Name": "Sample PostWave Action - Database Wave: Create PostWave SSM OpsItem",
              "Description": "Create an SSM Ops Item after DRS wave completes",
              "MaxWaitTime": 90,
              "UpdateTime": 30,
              "StartAutomationExecution": {
                "DocumentName": "CreateOpsItem",
                "Parameters": {
                  "Category": [
                    "Recovery"
                  ],
                  "Description": [
                    "This is a test OpsItem created from a PostWaveAction from the DRS PLan Automation solution Database wave"
                  ],
                  "Priority": [
                    "1"
                  ],
                  "Title": [
                    "DRS Plan Automation PostWaveAction"
                  ]
                }
              }
            }
          ],
          "PreWaveActions": [
            {
              "Name": "Sample PreWave Action - Database Wave: Create PreWave SSM OpsItem",
              "Description": "Create an SSM OpsItem before DRS wave starts",
              "MaxWaitTime": 90,
              "UpdateTime": 30,
              "StartAutomationExecution": {
                "DocumentName": "CreateOpsItem",
                "Parameters": {
                  "Category": [
                    "Recovery"
                  ],
                  "Description": [
                    "This is a test OpsItem created from a PreWaveAction from the DRS PLan Automation solution Database Wave"
                  ],
                  "Priority": [
                    "1"
                  ],
                  "Title": [
                    "DRS Plan Automation PreWaveAction"
                  ]
                }
              }
            }
          ]
        }
      ]
    }
  ]
}

• AppId (string) -- A system generated uuid that uniquely identifies each application. The AppId is the key for the table and is a uuidv4 hash generated by the REST API whenever a new application is created.
• AppName (string) -- The user provided name for the application.
• Description (string) -- The user provided description for the application.
• KeyName (string) -- The Tag Key name that uniquely identifies DRS source servers that are a part of this application.
• KeyValue (string) -- The Tag Key value that uniquely identifies DRS source servers that are a part of this application.
• Owner (string) -- The email address for the owner of this application.
• AccountId (string) -- The AWS Account ID where this application and its related resources (DRS source servers, SSM Automation Runbooks) reside.
• Region (string) -- The AWS region where this application and its related resources reside.
• Plans (array) -- An array of 0 or more plans for the application
  • • PlanId (string) -- A system generated uuid that uniquely identifies each plan.
    • Name (string) -- The user provided name for the plan
    • Description (string) -- The user provided description for the plan.
    • KeyName (string) -- The Tag Key name that uniquely identifies DRS source servers that are a part of this plan.
    • KeyValue (string) -- The Tag Key value that uniquely identifies DRS source servers that are a part of this plan.
    • Owner (string) -- The email address for the owner of this application.
    • RPO (number) -- The user defined recovery point objective for this plan.
    • RTO (number) -- The user defined recovery time objective for this plan.
    • CreationDate (number) -- The creation date for this plan, in epoch format.
    • LastModifiedDate (number) -- The last modified date for this plan, in epoch format.
    • LastExecutedDate (number) -- The last execution date for this plan, in epoch format.
    • Waves (array) -- An array of 0 or more waves for the plan
      • A Wave Object defining its PreWave Automations, PostWave Automations, and DRS source servers selection by tag.
        • Name (string) -- The user provided name for the wave.
        • Description (string) -- The user provided description for the wave.
        • KeyName (string) -- The Tag Key name that uniquely identifies DRS source servers that are a part of this wave.
        • KeyValue (string) -- The Tag Key value that uniquely identifies DRS source servers that are a part of this wave.
        • MaxWaitTime (number) -- The maximum amount of time to wait for this wave to complete before it is considered a failure.
        • PreWaveActions (array) -- An array of 0 or more PreWave Actions to execute before initiating the DRS job for the wave.
          • A PreWave Action Object describing it and defining the SSM Automation document and parameters
            • Name (string) -- The user provided name for the PreWave action.
            • Description (string) -- The user provided description for the PreWave action.
            • MaxWaitTime (number) -- The maximum amount of time to wait for this wave to complete before it is considered a failure.
            • UpdateTime (number) -- The amount of time to wait before updating the results for this action.
            • StartAutomationExecution (object) -- The SSM Automation Runbook parameters as defined in the boto3 start_automation_execution function.
        • PostWaveActions (array) -- An array of 0 or more PostWave Actions to execute after completing the DRS job for the wave.
          • A PostWave Action Object describing it and defining the SSM Automation document and parameters
            • Name (string) -- The user provided name for the PostWave action.
            • Description (string) -- The user provided description for the PostWave action.
            • MaxWaitTime (number) -- The maximum amount of time to wait for this wave to complete before it is considered a failure.
            • UpdateTime (number) -- The amount of time to wait before updating the results for this action.
            • StartAutomationExecution (object) -- The SSM Automation Runbook parameters as defined in the boto3 start_automation_execution function.

drs-plan-automation-results

This table stores the results from a plan automation execution.

Sample Item

{
  "AppId_PlanId": "9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d_9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6a",
  "ExecutionId": "arn:aws:states:us-west-2:123456789012:execution:DRSPlanAutomationStateMachine-CT5o7CiTLdGG:86f4e81d-e7a8-4319-9ae2-e66916006f9b",
  "AppName": "Sample Application",
  "duration": "20m 44s",
  "ExecutionEndTime": "2022-12-07T19:35:50.311377+00:00",
  "ExecutionStartTime": "2022-12-07T19:15:06.161461+0000",
  "ExecutionStartTimeMs": 1670440506161,
  "isDrill": true,
  "KeyName": "Application",
  "KeyValue": "sample",
  "log": [
  ],
  "Owner": "[email protected]",
  "planDetails": {},
  "SourceServers": [
    {
      "s-51d6b65c73391918e": {}
    },
    {
      "s-51d6b65c73391918f": {}  
    }   
  ],
  "status": "completed",
  "topicArn": null,
  "user": "[email protected]",
  "Waves": [
    {
      "drs": {
        "job": {},
        "status": "completed"
      },
      "duration": "9m 50s",
      "ExecutionEndTime": "2022-12-07T19:24:56.870974+00:00",
      "ExecutionEndTimeMs": 1670441096871,
      "ExecutionStartTime": "2022-12-07T19:15:06.806098+00:00",
      "log": [
      ],
      "PostWaveActions": [
        {
          "id": "056d109b-0791-4317-85bc-e6cd6edbd80c",
          "job": {
            "AutomationExecutionId": "056d109b-0791-4317-85bc-e6cd6edbd80c",
            "AutomationExecutionStatus": "Success",
            "AutomationType": "Local",
            "DocumentName": "CreateOpsItem",
            "DocumentVersion": "1",
            "duration": "0m 1s",
            "ExecutedBy": "arn:aws:sts::123456789012:assumed-role/drs-plan-automation-lambd-DRSPlanAutomationLambdaR-WE9L727DYBJ0/drs-plan-automation",
            "ExecutionEndTime": "2022-12-07 19:24:58.061000+00:00",
            "ExecutionStartTime": "2022-12-07 19:24:57.211000+00:00",
            "LogFile": "",
            "Mode": "Auto",
            "Outputs": {},
            "ResolvedTargets": {
              "ParameterValues": [
              ],
              "Truncated": false
            },
            "Targets": [
            ]
          },
          "log": [
          ],
          "status": "completed"
        }
      ],
      "PreWaveActions": [
        {
          "id": "c69d3e99-a544-4f94-95d0-81468a531c2d",
          "job": {
            "AutomationExecutionId": "c69d3e99-a544-4f94-95d0-81468a531c2d",
            "AutomationExecutionStatus": "Success",
            "AutomationType": "Local",
            "DocumentName": "CreateOpsItem",
            "DocumentVersion": "1",
            "duration": "0m 1s",
            "ExecutedBy": "arn:aws:sts::123456789012:assumed-role/drs-plan-automation-lambd-DRSPlanAutomationLambdaR-WE9L727DYBJ0/drs-plan-automation",
            "ExecutionEndTime": "2022-12-07 19:15:08.272000+00:00",
            "ExecutionStartTime": "2022-12-07 19:15:07.375000+00:00",
            "LogFile": "",
            "Mode": "Auto",
            "Outputs": {},
            "ResolvedTargets": {
              "ParameterValues": [
              ],
              "Truncated": false
            },
            "Targets": [
            ]
          },
          "log": [
          ],
          "status": "completed"
        }
      ],
      "SourceServers": [
        "s-51d6b65c73391918f",
        "s-5c555d9c008f90131"
      ],
      "status": "completed"
    }
  ]
}

• AppId_PlanId (string) -- The key for an execution result is a combination of the AppId (uuid) and PlanId (uuid) seperated by an underscore (_).
• ExecutionId (string) -- The Execute ARN for the DRSPlanAutomationStateMachine for this result. Each plan execution is orchestrated by the DRSPlanAutomationStateMachine.
• AppName (string) -- The name of the application when this result was created.
• duration (string) -- The total duration for the plan automation execution, in minutes and seconds (#m #s)
• ExecutionEndTime (string) -- The end time for the plan automation execution, in ISO 8601 format
• ExecutionStartTime (string) -- The start time for the plan automation execution, in ISO 8601 format
• ExecutionStartTimeMs (number) -- The execution start time in epoch.
• isDrill (boolean) -- Boolean value indicating whether the DRS jobs in each wave should be executed as a drill or a recovery.
• KeyName (string) -- The Tag key value for the application associated with this result.
• KeyValue (string) -- The Tag key value for the application associated with this result.
• log (array) -- An array of 0 or more log messages associated with this plan execution, such as errors during execution, timeouts, etc
• Owner (string) -- The owner of the application at the time of plan execution.
• planDetails (object) -- The plan object at the time of execution for this result, refer to the Plan Object in the Applications section for details.
• SourceServers (array) -- The DRS source servers for the application key name and key value specified.
  • "<SourceServerID>" (object) -- The details for the source server at the time of execution, with key SourceServerID and value set to the object returned by describe_source_server()
• status (string) -- The overall status for the plan automation execution. Possible values are completed, failed, timeout
• topicArn (string) -- The SNS Topic ARN that will receive plan automation execution status updates.
• user (string) -- The email address of the application owner at the time of execution.
• Waves (array) -- An array of objects containing the results for each wave execution.
  • Wave result (object)
    • drs (object) -- The DRS job results and status for the wave. The DRS job for the wave selects DRS source servers tagged with the Tag Key and Tag Value specified for the wave.
      • job (object) -- The DRS job details for the wave, as returned by ..
      • status (string) -- The status for the DRS job. Possible values are completed, failed, timeout
    • duration (string) -- The total duration for the plan automation execution, in minutes and seconds (#m #s)
    • ExecutionEndTime (string) -- The end time for the plan automation execution, in ISO 8601 format
    • ExecutionStartTime (string) -- The start time for the plan automation execution, in ISO 8601 format
    • ExecutionEndTimeMs (number) -- The execution start time in epoch.
    • log (array) -- An array of 0 or more log messages associated with this wave execution, such as errors during execution, timeouts, etc
    • PreWaveActions (array) -- An array of objects containing the results for each PreWaveAction execution.
      • PreWaveAction result (object)
        • job (object) -- The SSM Automation Execution details for the PreWaveAction, as returned by ..
        • status (string) -- The status for the PreWaveAction. Possible values are completed, failed, timeout
        • log (array) -- An array of 0 or more log messages associated with this PreWaveAction execution, such as errors during execution, timeouts, etc
    • PostWaveActions (array) -- An array of objects containing the results for each PostWaveAction execution.
      • PostWaveAction result (object)
        • job (object) -- The SSM Automation Execution details for the PostWaveAction, as returned by ..
        • status (string) -- The status for the PostWaveAction. Possible values are completed, failed, timeout
        • log (array) -- An array of 0 or more log messages associated with this PostWaveAction execution, such as errors during execution, timeouts, etc
    • SourceServers (array) -- An array of 0 or more DRS Source Server IDs that will be included in the DRS drill / recovery job for the wave
    • status (string) -- The status for the Wave. Possible values are completed, failed, timeout

CI / CD Architecture

The solution deploys a complete CI/CD management solution using CodeCommit, CodePipeline, CodeBuild, and CloudFormation.
The solution commits the codebase and deployment options you have chosen and initiates CodePipeline to perform the remainder of the solution deployment. You can use this pipeline to iteratively make controlled changes and enhance your plan automation solution as needed. The pipeline creates a "Development" stage with all resources suffixed and configured to support multiple environments, as needed. You can add additional environment stages and configure the CodePipeline actions to deploy the green colored stacks for additional environment support.

The stacks color coded in blue in the diagram are deployed once when you deploy the solution. The stacks color coded in green are created / updated by CodePipeline on initial deployment and commit from CodeCommit.

Deployment

Deployment is performed by CloudFormation stack deployment and script automation. A script is provided to automate the deployment steps.

Prerequisites

• SAM CLI: The SAM CLI is used to build and deploy the lambda functions used in the solution. These lambda functions are deployed via CodePipeline. You should install the SAM CLI to enable you to locally test and invoke the deployed lambda functions. Install the SAM CLI following the instructions in the documentation.
• Python 3: The deployment script is written in Python and automates the deployment of cloudformation stacks and AWS resource lookups. With Python3 installed, install the required Python packages in requirements.txt with the command:
• Elastic Disaster Recovery Service (DRS) initialized in target region: Before you can start using the DRS service, you must initialize the service by configuring the default settings in your target DR region. Follow the instructions in the documentation.
• Set the environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN to the AWS account credentials that you want to use to deploy the solution. You will need sufficient credentials to deploy all the AWS resources used in the solution.

The deployment scripts provided rely on packages defined in requirements.txt. You can install them with the following command:

python3 -m pip install -r requirements.txt --user

Solution Deployment Script

A python deploy.py script is provided to automate the deployment of CloudFormation stacks for the solution.

This script deploys all the blue colored stacks in the CI / CD Architecture diagram. The script concludes by deploying a CodePipeline that deploys the remaining stacks for the solution and defines the basis for future updates.

Usage

Run your python interpreter against the deploy.py script with the required options.

python3 deploy.py [OPTIONS]

• Options:
• --user-email - REQUIRED: The email address for the cognito user for the solution. A new temporary password will be sent to this user to login to the solution.
• --solution-region - REQUIRED: The region where the plan automation solution should be deployed. This should be the same as the target DRS region.
• --environment - REQUIRED (default: dev): The environment name to append to the end of each stack name, eg environment 'dev' results in stack name 'drs-plan-automation-dev'. The default environment name is dev.
• --allowed-cidrs - The allowed IP address CIDRs that can access the cloudfront hosted front end interface. Specifying this option results in a WAF Web ACL being created and attached to the CloudFront Distribution. If this option isn't specified, then anyone with the URL for the CloudFront distribution will have network access to the user interface. Login is still required even if you have network access.
• --prefix: The prefix to preprend in front of each stack name, eg prefix 'myco' results in stack name 'myco-drs-plan-automation-lambda'
• --cleanup: Cleanup the deployed stacks and AWS resources. You must cleanup with the same parameter options that you specified for deployment.
• --prompt: Whether to prompt and require you to press enter after each stack is deployed.
• --help: Show this message and exit.

Sample Application and Sample Environment

The solution includes a sample application and environment, so you can quickly explore and test out the solution.

The sample application and environment deploys the following resources:

• AWS EC2 environment: This CloudFormation template sets up networking and deploys 3 EC2 instances, each with different tags identifying their roles and correlating to a separate wave in the sample application.
  • 1 VPC (CIDR 10.0.0.0/16)
  • 1 Internet Gateway
  • 1 Public Subnet (CIDR 10.0.0.0/24)
  • 3 EC2 Launch Templates
    • Amazon Linux 2
    • t3.micro
    • user data configured to install DRS agent
    • Tags
      • Name: sample-dbserver-instance | sample-webserver-instance | sample-appserver-instance
      • Application: sample
      • Role: DBServer | AppServer | WebServer
      • Purpose: drs-plan-automation-demo-source
  • 3 Fleets of EC2 instances with 1 instances each: sample-dbserver-instance | sample-webserver-instance | sample-appserver-instance

NOTE: EC2 instance tags are not replicated to the corresponding DRS source servers in the DRS service. These tags are required on the source servers so that the plan automation solution can select the right source servers for plan execution. You can automate the replication of EC2 instance tags to corresponding DRS source servers using the drs-synch-ec2-tags-and-instance-type solution

• One Application DynamoDB Item Record: This application record aligns to the sample EC2 environment, all three EC2 instances align to the Application: sample tag used to identify the application. Additionally, each EC2 instance is tagged with a Role tag aligning it to each wave.

  • Application: sample - All three EC2 instances in the sample environment are tagged with Application: Sample
  • 1 Plan:
    • 3 Waves
      • Role: DBServer - One EC2 instance is tagged with Role: DBServer
        • 1 PreWave Action: Create SSM OpsItem
        • 1 PostWave Action: Create SSM OpsItem
      • Role: AppServer - One EC2 instance is tagged with Role: AppServer
        • 1 PreWave Action: Create SSM OpsItem
        • 1 PostWave Action: Create SSM OpsItem
      • Role: WebServer - One EC2 instance is tagged with Role: WebServer
        • 1 PreWave Action: Create SSM OpsItem
        • 1 PostWave Action: Create SSM OpsItem

• One Application Result Item record: This result record demonstrates the Plan Results view without requiring you to initiate a drill / recovery. NOTE: The links in the result will not work since they are not linked to your deployment. You can execute a new drill / recovery to product an actual result with working links.

Sample Application Deployment Script

The deploy_sample.py python deployment script can be used to automate the sample application and environment deployment.

Run your python 3 interpreter against the deploy_sample.py script with the required options.

python3 deploy_sample.py [OPTIONS]

Options:

• --source-region: REQUIRED - Specify the AWS region where the sample AWS EC2 environment should be deployed. This will be a region different from your DRS / DR region. (e.g. us-east-1)
• --solution-region: REQUIRED - Specify the AWS region where the solution has been deployed. This should be the same AWS region where DRS is configured. (e.g. us-west-2)
• --environment: REQUIRED (default: dev) - The environment name to append to the end of each stack name and AWS resource, eg environment dev results in stack name drs-plan-automation-dev
• --help: Display and describe valid parameter options
• --prefix <prefix name>: The prefix to preprend in front of each stack name, eg prefix myco results in stack name myco-drs-plan-automation-s3.
• --cleanup: Cleanup the deployed stacks and AWS resources. You must cleanup with the same parameter options that you specified for deployment.
• --prompt: Whether to prompt and require you to press enter after each stack is deployed.

Usage

Once the solution is deployed, CodePipeline will execute and deploy the remaining resources through the pipeline.

Wait until the pipeline successfully completes execution. Once the pipeline has completed execution, proceed to Amazon CloudFront in the AWS Management Console.

Copy the CloudFront distribution URL and open it within a browser.

NOTE: If you used the --allowed-cidrs option when you deployed the solution, then you will only be able to access the user interface if your ip address is within the range specified.

Check the email address that you specified with the --user-email option. You should have received an email with subject Your temporary password from Amazon Cognito. You will need to login with this password. Cognito user registration is disabled by default. Once you login you will be required to change the password.

If you deployed the sample application with the deploy_sample.py script, then you will have a sample application already created in the solution. If not, you can proceed to create an application, plan, and associated waves.

Develop and test locally

You can enhance and develop the front end interface and lambda functions used in the solution locally.

You should clone the CodeCommit repository that was created for you with the deployed solution. The CodeCommit repository is linked to CodePipeline to initiate a deployment on commit to the main branch.

You should develop and test locally against your cloned CodeCommit repository in a feature branch. When you are ready to integrate your changes you should commit, push, and merge the branch into the main branch to initiate a deployment.

The Serverless Application Model (SAM) is configured for each lambda function used by the solution under the cfn/lambda directory. This allows you to develop and test your lambda functions locally before pushing changes to the pipeline.

Frontend React Interface Local Development

Follow these steps to configure, deploy, develop, and test the solution locally.

1. Update the aws-exports.js file with your deployed Amazon Cognito User Pool configuration. You must update the config file with your deployed cognito user pool so that your locally deployed interface can authenticate you.
2. Install the application package dependencies Install the application dependencies by: a. Change to the src directory: cd fe/src b. Install the dependencies: npm install
3. Start the local webserver. You can serve the frontend interface locally with: npm start
4. Make changes to the front end code. As you make changes to the front end code, the local server will hotload the changes so you can iterate and update the solution.

Troubleshooting

• I am getting a 403 error when trying to access the CloudFront distribution

  Make sure your ip address is within the IP address range for the CIDR block you specified when you deployed the solution with the --allowed-cidrs option.