Skip to content

Launch with Cognito User Pool

Time to deploy: Approximately 15 minutes

Deployment Overview

Use the following steps to deploy this solution on AWS.

Step 1. Launch the stack

Step 2. Launch the web console

Step 1. Launch the stack

This AWS CloudFormation template automatically deploys the Clickstream Analytics on AWS solution on AWS.

  1. Sign in to the AWS Management Console and select the button to launch the AWS CloudFormation template.

    Launch in AWS Console
    Launch stack Launch Stack
    Launch stack with custom domain Launch Stack
  2. The template is launched in the default region after you log in to the console. To launch the Clickstream Analytics on AWS solution in a different AWS Region, use the Region selector in the console navigation bar.

  3. On the Create stack page, verify that the correct template URL is shown in the Amazon S3 URL text box and choose Next.

  4. On the Specify stack details page, assign a name to your solution stack. For information about naming character limitations, refer to IAM and AWS STS quotas in the AWS Identity and Access Management User Guide.

  5. Under Parameters, review the parameters for the template and modify them as necessary.

    • This solution uses the following parameters:

      Parameter Default Description
      Admin User Email (Email) <Requires input> Specify the email of the Administrator. This email address will receive a temporary password to access the Clickstream Analytics on AWS web console. You can create more users directly in the provisioned Cognito User Pool after launching the solution.
      IAM Role Prefix (IamRolePrefix) <Optional input> Specify the prefix for the name of IAM roles created in the solution.
      IAM Role Boundary ARN (IamRoleBoundaryArn) <Optional input> Specify the permissions boundary for the IAM roles created in the solution.

      Important

      By default, this deployment uses TLSv1.0 and TLSv1.1 in CloudFront. However, we recommend that you manually configure CloudFront to use the more secure TLSv1.2/TLSv1.3 and apply for a certificate and custom domain to enable this. We highly recommend that you update your TLS configuration and cipher suite selection according to the following recommendations:

      • Transport Layer Security Protocol: Upgrade to TLSv1.2 or higher
      • Key Exchange: ECDHE
      • Block Cipher Mode of Operation: GCM
      • Authentication: ECDSA
      • Encryption Cipher: AES256
      • Message Authentication: SHA(256/384/any hash function except for SHA1)

      Such as TLSv1.2_2021 can meet the above recommendations.

    • If you are launching the solution with custom domain in AWS regions, this solution uses the additional following parameters:

      Parameter Default Description
      Host Zone ID (HostedZoneId) <Requires input> Choose the public hosted zone ID of Amazon Route 53.
      Host Zone Name (HostedZoneName) <Requires input> The domain name of the public hosted zone, for example, example.com.
      Record Name (RecordName) <Requires input> The sub name (as known as record name in R53) of the domain name of console. For example, enter clickstream, if you want to use custom domain clickstream.example.com for the console.
  6. Choose Next.

  7. On the Configure stack options page, choose Next.

  8. On the Review page, review and confirm the settings. Select the box acknowledging that the template creates AWS Identity and Access Management (IAM) resources.

  9. Choose Create stack to deploy the stack.

You can view the status of the stack in the AWS CloudFormation console in the Status column. You should receive a CREATE_COMPLETE status in approximately 15 minutes.

Step 2. Launch the web Console

After the stack is successfully created, this solution generates a CloudFront domain name that gives you access to the Clickstream Analytics on AWS web console. Meanwhile, an auto-generated temporary password will be sent to your email address.

  1. Sign in to the AWS CloudFormation console.

  2. On the Stacks page, select the solution's stack.

  3. Choose the Outputs tab and record the domain name.

  4. Open the ControlPlaneURL using a web browser, and navigate to a sign-in page.

  5. Enter the Email and the temporary password.

    a. Set a new account password.

    b. (Optional) Verify your email address for account recovery.

  6. After the verification is complete, the system opens the Clickstream Analytics on AWS web console.

Once you have logged into the Clickstream Analytics on AWS console, you can start to create a project for your applications.