Sandbox Studio Installation Guide
This is the installation guide for Sandbox Studio
Solution overview
The overview describes the Features and Benefits, Use cases and concept and definitions.
Overview
Create temporary sandbox environments with configurable security and spend monitoring controls T...
Features and Benefits
Instant Account Access Stay on Budget Simplified Account Cleanup Built-in Security ...
Use cases
Development and innovation experiments Developers who want to build a proof of concept on new AW...
Concepts and definitions
Sandbox environment A controlled, isolated environment where teams can experiment with AWS servi...
Architecture overview
I think we need an "Architecture" section....not to explain how we built it - but to explain e.g....
Solution Architecture
@Team - decide what architecture diagram to share Sandbox Studio on AWS architecture The hi...
AWS Well-Architected design considerations
This solution uses the best practices from the AWS Well-Architected Framework which helps custome...
AWS services in this solution
What of this data do we share? AWS service Description Amazon CloudFront ...
Account Cleaner components
Review Image and text - do we include?? Sandbox Studio Account Cleaner components The Account...
Account lifecycle - TBCompleted
https://docs.aws.amazon.com/solutions/latest/innovation-sandbox-on-aws/account-lifecycle-in-isb.html
Plan your deployment
This section describes the Regions, cost, security, and other considerations prior to deploying t...
Supported AWS Regions
Sandbox Studio on AWS is available in the following AWS Regions. Learn more about enabling region...
Running Costs
There are two cost components for running Sandbox Studio: Administrative Cost: This is a sma...
Security
The following resources are engaged in setting up and running the Sandbox Studio solution. Resou...
Quotas
Quotas for AWS services in this solution Service quotas, also referred to as limits, are the max...
Choosing the deployment accounts
Accounts To deploy this solution, you will need access to these accounts. NEED TO ADD OTHER STA...
Deploy the Solution
Prerequisites
Adjust based on new install mechanisim Before launching the stacks, you must meet the following ...
AWS CloudFormation templates
This page needs careful work This solution uses AWS CloudFormation to automate the deployment of...
Prepare to Launch the Stack
Needs editing You must gather deployment parameter details before deploying the stacks. For deta...
Step 1: Deploy the AccountPool stack
This page needs techie work In this step, you will deploy the resources required to set up Organ...
Step 2: Deploy the IDC stack
This needs a proper look at by the techies. In this step, you will deploy the resources required...
Step 3: Deploy the Data stack
Needs a proper look at by techies In this step, you will deploy the data resources required for ...
Step 4: Deploy the Compute stack
This needs a proper check by techies In this step, you will deploy the compute resources require...
Step 5: ?????
Post-deployment configuration tasks
After you successfully deployed the stacks, complete the following tasks to configure the: IA...
Create a SAML 2.0 application
In this step, you federate your Identity Provider (IdP) to IAM Identity Center through SAML 2.0, ...
Map application attributes
In this step, you map application attributes to the user attribute in IAM Identity Center, using ...
Assign groups to your application
The IDC stack creates these three user groups in IAM Identity Center (where NAMESPACE is the name...
Assign users to groups
As you add new users to IAM Identity Center, you will have to assign them to one of the groups fo...
Update configuration using AWS AppConfig
Note: After setting up SAML 2.0, mapping application attributes, and setting up users and groups,...
Update values in AWS Secrets Manager
You must sign the SAML requests and responses with SAML certificates to establish trust and verif...
Using the web UI
This section provides detailed instructions on how to log into the web UI, and links to the end U...
Logging into the web UI
Important: Only Admins will have access to the CloudFormation console to retrieve the web UI URL....
User Guide
The User Guide has it's own documentation site, here: https://dev.docs.sandboxstudiosoftware.com/...
Manager Guide
The Manager Guide has it's own documentation site, here: https://dev.docs.sandboxstudiosoftware.c...
Administrator Guide
The Administrator Guide has it's own documentation site, here: https://dev.docs.sandboxstudiosoft...
Monitoring the solution
@Philippe is this needed with SBS?
Application Licencing
Troubleshooting & Support
If you need support, there is a full knowledge base and ticketing site here: https://support.san...
Uninstall the solution
To uninstall the solution, follow these steps: End leases and eject accounts Uninstall ...
End leases and eject accounts
Enable maintenance mode Maintenance mode allows Admins to perform sensitive maintenance work lik...
Uninstall solution stacks
You can uninstall the stacks, use the AWS Management Console or the AWS Command Line Interface (A...
Resources retained after deletion
Some resources, which contain customer data, are not deleted automatically when you uninstall the...
Delete the custom application in IAM Identity Center
In this step, delete the SAML2.0 application you created using the instructions in the Create SAM...
Revisions
Terms and Conditions
Installation script
Automatically deploy Sandbox Studio using our script
Running the wizard
Introduction This wizard has been created to facilitate the installation and deployment of the S...