Install Medplum on AWS

Medplum

6 Mar 202426:40

Summary

TLDRThis tutorial guides you through the process of setting up a self-hosted Med Plum instance on AWS, covering everything from installing AWS CLI tools to configuring DNS with Route 53. It walks through the creation of environment names, setting up the necessary resources using AWS CDK, and deploying the Med Plum app. The video demonstrates key configuration steps, including managing SSL certificates and verifying AWS resources, with a focus on ensuring functionality for binary storage, resource creation, and bot deployment. By the end, you’ll have a fully operational Med Plum cluster ready for use.

Takeaways

🖥️ The video demonstrates how to set up a self-hosted Med Plum instance on AWS, specifically in the EU West 2 region.
⚙️ AWS CLI tools must be installed and configured with access keys, default region, and output format to manage AWS resources.
🌐 DNS setup via Route 53 is recommended to handle domain management and automate SSL certificate validation.
📦 A new NPM package is created for Med Plum infrastructure code, including CDK and CLI dependencies.
📝 The AWS CDK initialization script configures environment settings, API servers, S3 buckets, database instances, and SSL certificates.
🔒 Configuration values are stored securely in AWS Parameter Store, which manages all sensitive settings for Med Plum.
🚀 Deployment involves running `cdk bootstrap`, `cdk synth`, `cdk diff`, and `cdk deploy --all` to provision AWS resources.
🗂️ Post-deployment validation includes checking CloudFormation stacks, S3 buckets, ECS Fargate tasks, RDS instances, and CloudFront distributions.
🤖 Med Plum Bot Lambda layer can be deployed by cloning the source repo and running the deploy script, enabling automation features.
✅ A smoke test validates core functionality: creating a project, adding a patient, uploading a binary, and testing a simple bot.
📧 Amazon SES setup is optional for sending system emails, but is recommended for full functionality.
📊 Best practices suggest creating separate environments for staging, production, and developer testing to ensure safe deployments.

Q & A

What is the first step in setting up Med Plum on AWS according to the tutorial?
-The first step is to install the AWS CLI tools on your system, which provides access to AWS utilities.
How does the tutorial suggest configuring AWS credentials?
-You generate an access key in the AWS IAM dashboard, then use the 'aws configure' command in the terminal to input your access key, secret key, default region, and preferred output format.
Why does the tutorial recommend using AWS Route 53 for DNS management?
-Using Route 53 allows the Med Plum deployment tools to automatically set up SSL certificates and manage DNS for the deployment.
What is the purpose of creating a new NPM package in the tutorial?
-The NPM package holds the infrastructure code and dependencies needed for deploying Med Plum using the AWS CDK tooling.
What does the 'medplum aws init' command do?
-It launches an interactive setup that generates the Med Plum server configuration file, signing keys for binary storage, sets up SSL certificates if DNS is configured via Route 53, and stores configuration settings in AWS Parameter Store.
Which AWS services are used for storing the Med Plum app and binary data?
-S3 buckets are used: one for the app content and one for binary storage, such as images and PDFs.
How does the tutorial validate that the SSL certificates are correctly configured?
-It uses AWS Certificate Manager to check for pending validations and then creates CNAME records in Route 53 to validate the certificates automatically.
What are the main steps before deploying the Med Plum cluster using CDK?
-The steps include running 'cdk bootstrap' to provision initial resources, 'cdk synth' to check for logical errors, and 'cdk diff' to review changes before deployment.
How can you verify that the Med Plum cluster is running correctly after deployment?
-By checking the CloudFormation stack resources, S3 buckets, ECS Fargate tasks, RDS database instances, CloudFront distributions, and testing the API health endpoint.
How are bots enabled and tested in a Med Plum project?
-Bots are enabled at the project level via the super admin project. Once enabled, you can create and deploy a bot using the built-in editor to perform simple automated actions such as greeting a patient.
What are best practices for creating projects in Med Plum after deployment?
-It is recommended to create at least three projects: a developer project, a staging project, and a production project, rather than using the super admin project for clinical data.
What additional step is required for S3 buckets when deploying outside the US East 1 region?
-You need to update the S3 bucket policies using the 'medplum aws update-bucket-policies' command to ensure correct permissions.