Skip to main content

Step 3: Deploy the Network stack

Install the Network CloudFormation stack in the hub account.

How to Install this Stack

  1. Login to the AWS Management Console using the Hub Account.
  2. Navigate to the CloudFormation page.
  3. Click Create Stack and select With new resources (standard).
  4. For Template Source, select Amazon S3 URL and enter the CloudFormation Template URL shown below and click Next.
  5. On the Specify Stack page, enter the stack name 'SandboxStudio-Network' and use the parameters shown below. 

CloudFormation Template URL

https://sandbox-studio-software-dist.s3.amazonaws.com/versions/<VERSION>/SandboxStudio-Network.template.json

For more information on how to find the latest version, click here.

Parameters

Key What to enter
Namespace Use the same namespace you used in step 1.

About this Stack

Purpose

  • Creates the VPC foundation required by the application.

  • Provides private subnets for the database and private subnets with egress for Lambda functions that require outbound access.

Where to deploy

  • Hub account.

What it creates

  • One VPC with multiple subnets (at minimum: private subnets for RDS and for VPC‑attached Lambdas).

  • Route configuration to allow egress from private subnets (for example, via NAT or suitable endpoints).

  • VPC endpoints for AWS services that support private routing.
  • Internet Gateway and NAT Gateway for AWS services that do not support private routing. 

Validation checks

  • VPC and subnets are visible in the VPC console.

  • Private subnets have no direct internet ingress and can reach required AWS endpoints for the application.

Tips

  • Adjust VPC after installation to suit your needs such as routing through enterprise firewalls if needed.

No comments to display

Back to top