

# Deploy the solution


This section provides detailed instructions for deploying the Spatial Data Management Application to your AWS account.

## Deployment Overview


The solution is deployed using AWS CloudFormation, which creates all necessary resources in a single operation. The deployment typically takes approximately 45 minutes to complete.

## Prerequisites


Before you deploy, ensure you have:
+ Completed [deployment planning](plan-your-deployment.md) including AWS Region selection
+ AWS Command Line Interface (AWS CLI) installed and configured
+ Appropriate AWS Identity and Access Management (IAM) permissions for AWS CloudFormation stack creation
+ Verified solution availability in your target Region

# Deployment Steps


## Step 1: Launch stack


 **Option 1: Launch directly in AWS Console** 

Choose the following link to launch the CloudFormation stack directly in the AWS Management Console:

 [https://console.aws.amazon.com/cloudformation/home#/stacks/new?stackName=SpatialDataManagement&templateURL=https://solutions-reference.s3.amazonaws.com/spatial-data-management/latest/SpatialDataManagementStack.template](https://console.aws.amazon.com/cloudformation/home#/stacks/new?stackName=SpatialDataManagement&templateURL=https://solutions-reference.s3.amazonaws.com/spatial-data-management/latest/SpatialDataManagementStack.template) 

This opens the CloudFormation console with the template pre-loaded. You can select your preferred AWS Region from the console before proceeding.

 **Option 2: Download and upload template file** 

You can also download the template and upload it manually:

1. Download the [CloudFormation template](https://solutions-reference.s3.amazonaws.com/spatial-data-management/latest/SpatialDataManagementStack.template) 

1. Open the [CloudFormation console](https://console.aws.amazon.com/cloudformation/) 

1. Choose **Create stack**, and then choose **With new resources (standard)** 

1. Under **Specify template**, choose **Upload a template file** 

1. Choose **Choose file** and select the downloaded template

1. Choose **Next** 

![\[Create stack page showing template selection options\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/create-stack-select-template.png)


## Step 2: Configure Stack Details


Enter the stack name (for example, `SpatialDataManagement`) and configure basic options.

**Note**  
If you choose a different stack name, replace `SpatialDataManagement` with your chosen name in all CLI commands throughout this guide.

![\[Stack details page showing default parameters for development deployment\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/poc-deploy-default-parameters.png)


## Step 3: Specify Stack Parameters


You can configure the deployment parameters based on your environment.

Key parameters to configure:


| Parameter | Description | Default | Valid Values | 
| --- | --- | --- | --- | 
|   `DeploymentMode`   |  Deployment environment – Dev or Prod. You can use this to configure scale and cost tendencies  |   `dev`   |   `dev`, `prod`   | 

Optional Parameters


| Parameter | Description | Default | Valid Values | 
| --- | --- | --- | --- | 
|   `LogBucketRetentionDays`   |  Number of days to retain logs in the log bucket  |   `90`   |  Any positive integer  | 
|   `PortalFullyQualifiedDomainName`   |  Fully qualified domain name for custom domain  |  Empty  |  Valid domain name or empty  | 
|   `PortalRoute53HostedZoneId`   |  Route53 hosted zone ID for custom domain  |  Empty  |  Valid Route53 hosted zone ID (starts with Z) or empty  | 
|   `ExistingDeadlineFarmId`   |  ID of the Deadline Cloud Farm to use for jobs  |  Empty  |  Valid Deadline Cloud Farm ID (farm-<32 hex chars>) or empty  | 
|   `ExistingDeadlineQueueId`   |  ID of the Deadline Cloud Queue to use for jobs  |  Empty  |  Valid Deadline Cloud Queue ID (queue-<32 hex chars>) or empty  | 

![\[Advanced parameters configuration for production deployment\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/production-advanced-parameters-deploy.png)


## Step 4: Configure Stack Options


You can set additional stack options:

You can configure the following options:
+  **Stack policy** (optional) – Defines which IAM actions are allowed on specific resources. For more information, see [Prevent updates to stack resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/protect-stack-resources.html) in the AWS CloudFormation User Guide.
+  **Rollback configuration** – Specifies whether to roll back the stack if creation fails. For more information, see [Stack creation options](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-console-create-stack.html) in the AWS CloudFormation User Guide.
+  **Notification options** – Specifies Amazon SNS topics to receive stack-related notifications. For more information, see [Monitoring stack creation and updates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-notifications.html) in the AWS CloudFormation User Guide.
+  **Tags** – Key-value pairs for resource organization and cost allocation. For more information, see [Tagging resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) in the AWS CloudFormation User Guide.

![\[CloudFormation stack options page showing basic configuration settings\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/cloudformation-basic-stack-options.png)


![\[CloudFormation stack options page showing permissions and advanced settings\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/cloud-formation-stack-options-set-2.png)


![\[CloudFormation stack options page showing tags and additional configuration\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/cloud-formation-stack-options-set-3.png)


## Step 5: Review and Create


Review your configuration and choose **Create stack** to begin deployment. The stack creation typically takes approximately 45 minutes to complete.

![\[Review page showing stack parameters and configuration summary\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/review-stack-parameters-and-create-set-1.png)


![\[Review page showing capabilities acknowledgment and create button\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/review-stack-parameters-and-create-set-2.png)


## Step 6: Monitor Deployment Progress


You can monitor stack creation progress in the CloudFormation console:

1. Open the [CloudFormation console](https://console.aws.amazon.com/cloudformation/) 

1. Select your stack (SpatialDataManagement)

1. Choose the **Events** tab to view real-time creation progress

1. Watch for the **CREATE\$1COMPLETE** status

For more information, see [Monitoring stack creation, update, and deletion progress](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-notifications.html) in the AWS CloudFormation User Guide.

## Step 7: Retrieve Outputs


After successful deployment:

1. Open the [CloudFormation console](https://console.aws.amazon.com/cloudformation/) 

1. Select your stack (SpatialDataManagement)

1. Choose the **Outputs** tab to view deployment outputs

1. Copy the output values for use in post-deployment configuration

## Nested Stacks


The main stack creates the following nested stacks:

1.  **VPC Stack** (5-7 minutes) – Amazon Virtual Private Cloud (Amazon VPC) with 2 Availability Zones – Public, private, and isolated subnets – NAT gateways – VPC endpoints for AWS services

1.  **Auth Stack** (3-5 minutes) – Amazon Cognito user pool for authentication – Amazon Cognito identity pool for authorization – User and group management

1.  **Asset Management Stack** (5-8 minutes) – Amazon DynamoDB tables for asset metadata – AWS Lambda functions for API operations – Amazon Simple Storage Service (Amazon S3) buckets for asset storage – Amazon Simple Queue Service (Amazon SQS) queues for asynchronous processing – Amazon API Gateway for REST endpoints

1.  **OpenSearch Stack** (3-5 minutes) – Amazon OpenSearch Serverless collection – VPC endpoint for private access – Security and network policies

1.  **Portal Stack** (2-3 minutes) – Amazon CloudFront distribution for content delivery – S3 bucket for web assets – CloudFront key pair for signed URLs

1.  **Deadline Stack** (2-3 minutes, if enabled) – AWS Deadline Cloud farm configuration – Integration with asset management system – Job queue setup

1.  **Monitoring Stack** (2-3 minutes) – Amazon CloudWatch alarms and dashboards – AWS CloudTrail for audit logging – Amazon Athena workgroup for log analysis

# Deployment Validation


## Verify Stack Status in Console


To verify successful deployment:

1. Open the [CloudFormation console](https://console.aws.amazon.com/cloudformation/) 

1. Select your stack (SpatialDataManagement or the name you choose during deployment steps)

1. Verify the stack status shows **CREATE\$1COMPLETE** 

1. Review the **Outputs** tab to confirm the PortalURL output is present and copy its value for later use

This console verification is sufficient to confirm deployment success. The following CLI-based validation steps are optional but useful if you want to verify the deployment through multiple layers and ensure everything is configured appropriately.

# Post-Deployment Configuration


## 1. Create Initial User


To create initial users:

1. Open the [Cognito console](https://console.aws.amazon.com/cognito/) 

1. Select the User Pool created during deployment (the name follows the pattern `spatial-data-management-user-pool`)

1. Choose **Users** and then choose **Create user** 

1. Choose **Create user** 

1. Repeat steps 3-5 to create one or two additional test users

1. Select the first user you created

1. Choose **Add user to group** 

1. Select the **SpatialDataManagementAdministrators** group

1. Choose **Add to group** 

We recommend creating multiple test users (2-3 users) when performing a proof of concept or test run. The first user assigned to the SpatialDataManagementAdministrators group automatically has ownership of the Library and can assign permission levels to other users as they onboard. You can use the additional users to test different permission levels on various resources, simulating different access scenarios and validating the authorization model.

For more information, see [Creating and managing users](https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-manage-user-accounts.html) in the Amazon Cognito Developer Guide.

## 2. Verify Deployment


Access the web portal:

1. Open the [CloudFormation console](https://console.aws.amazon.com/cloudformation/) 

1. Select your stack and choose the **Outputs** tab

1. Copy the PortalUrl value

1. Open the URL in your web browser to verify the portal is accessible

1. Log in using one of the users you created in the previous step

1. Verify you can access the portal interface successfully

Upon successful login, you will see different interfaces depending on your user role:

 **Administrator User:** 

![\[First-time login portal view for administrator users showing full access to all features and management capabilities\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/first-time-login-portal-browser-adminuser.png)


 **General User:** 

![\[First-time login portal view for general users showing standard access to portal features\]](http://docs.aws.amazon.com/solutions/latest/spatial-data-management-on-aws/images/first-time-login-portal-browser-user.png)


**Note**  
The interface you see on first-time login will vary based on your assigned user group and permissions. Administrator users (members of the SpatialDataManagementAdministrators group) have access to additional management features and system configuration options. General users who are not part of the administrators group and have not been granted specific permissions to the Default Library or any Projects will see the standard portal interface with limited access until additional permissions are assigned to them.