University in a Box – Mission with Speed
As universities deal with the challenging situation in 2020 with remote assets, workforce and students, there is a need to make education frictionless by leveraging cloud based solutions in a pre-packaged model. Working closely with the AWS partnership in trying to make Digital Learning frictionless, Relevance Lab is bringing a unique new concept to the market of University in a Box, that extends a self-contained Cloud Portal with basic applications to power the needs of a university. This new, radical and innovative concept is based on the idea of a school, college and university going from zero (no AWS account) to cloud native in hours. This enables the Cloud “Mission with Speed” with a mature, secure and comprehensive adoption very fast.
A typical university starting on their cloud journey needs a Self-service interactive interface with user logins, tracking and offering the deployed products, provide actions for connectivity after assets are deployed, ability to have lifecycle interactions in UI of Cloud Portal with no need to go to the AWS Console and with a comprehensive view of cost and budgets tracking.
The key building blocks for University In A Box comprise the following
- University Catalog – Cloud Formation Templates useful to Higher Education packaged as Service Catalog Products
- Self-Service Cloud Portal for University IT users to order items with security, governance and budget tracking
- Easy onboarding model to get started with a hosted option or self-managed instances of Cloud Portal
Leverage existing investments in AWS and standard products the foundational pieces includes a Portfolio of useful software and architectures often used by universities.
- Deploy Control Tower
- Deploy GuardDuty
- Deploy Security Hub
- Deploy VPC + VPN
- Deploy AD Extension
- Deploy Web Applications SSO, Shibboleth, Drupal
- Deploy FSx File Server
- Deploy S3 Buckets for Backup Software
- Deploy HIPAA workload
- Deploy Other solutions as needed, Workspaces, Duo, Appstream, etc
- WordPress Reference Architecture
- Drupal Reference Architecture
- Moodle Reference Architecture
- Shibboleth Reference Architecture
How to set up and use University in a Box?
The RLCatalyst Cloud Portal solution enables a University with no existing Cloud to deploy a self-service model for internal IT and consume standard applications seamlessly.
|Steps for University Specific Setup||Time Taken (Approx)|
|A new University wants to enable core systems on AWS Cloud and the Root account is created||0.5 Hours|
|Launch Control Tower and Create Core OU & University OU||1.5 Hours|
|User and Access Management, Account Creation, Budget Enablement||1 Hour|
|Network Design of the University Landing Zone (Creation + Configuration)||1.5 Hours|
|Provision of basic assets (Infra & Applications ) from the standard catalog||1 Hour|
|Enable Security and Governance (Includes VA, PM, Security Hub)||1.5 Hours|
|User Training and Handover||1 Hours|
The following diagram explains the deployment architecture of the solution.
University Users, Roles and Organization planning
Planning for university users, roles and organizations requires mapping to existing departments, IT and non-IT roles and empowering users for self-service without compromising on security or governance. This can vary between organizations but common patterns are encountered as explained below.
- Common Delegation use cases for University IT
- Delegate a product from a Lead Architect to Helpdesk, or a less skilled co-worker
- Delegate a product from Lead Architect or Central IT, to another IT group, DBA team, Networking Team, Analytics Team
- Delegate a product to another University Department – Academic, Video, etc
- Delegate a product to a researcher or faculty member
Setup planning considerations on deployment and onboarding
|Initial Catalog Setup|
|Optimizing Setup parameters and Catalog binding for ease of use|
|Additional Setup considerations||
Standard Catalog for University in a Box leverages AWS provided standard architecture best practices
The basic setup leverages AWS Well Architected framework extensively and builds on AWS Reference Architecture as detailed below. Sharing a sample Products Preview List based on AWS Provided University Catalog under Open Source Program.
|University Catalog Portfolio||Portfolio of useful software and architectures often used by colleges and universities.|
|WordPress Product with Reference Architecture||This Quick Start deploys WordPress. WordPress is a web publishing platform for building blogs and websites. It can be customized via a wide selection of themes, extensions, and plugins. The Quick Start includes AWS Cloud Formation templates and a guide that provides step-by-step instructions to help you get the most out of your deployment. This reference architecture provides a set of YAML templates for deploying WordPress on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS Cloud Formation.|
|Scale Out Computing Product||Amazon Web Services (AWS) enables data scientists and engineers to manage their scale-out workloads such as high-performance computing (HPC) and deep learning training, without having extensive cloud experience. The Scale-Out Computing on AWS solution helps customers more easily deploy and operate a multiuser environment for computationally intensive workflows such as Computer-Aided Engineering (CAE). The solution features a large selection of compute resources, a fast network backbone, unlimited storage, and budget and cost management directly integrated within AWS. This solution also deploys a user interface (UI) with cloud workstations, file management, and automation tools that enable you to create your own queues, scheduler resources, Amazon Machine Images (AMIs), and management functions for user and group permissions. This solution is designed to be a production ready reference implementation you can use as a starting point for deploying an AWS environment to run scale-out workloads, enabling users to focus on running simulations designed to solve complex computational problems. For example, with the unlimited storage capacity provided by Amazon Elastic File System (Amazon EFS), users won’t run out of space for project input and output files. Additionally, you can integrate your existing LDAP directory with Amazon Cognito to enable users to seamlessly authenticate and run jobs on AWS.|
|Drupal Reference Architecture||Drupal is an open-source, content management platform written in the PHP server-side scripting language. Drupal provides a backend framework for many enterprise websites. Deploying Drupal on AWS makes it easy to use AWS services to further enhance the performance and extend functionality of your content management framework. This reference architecture provides a set of YAML templates for deploying Drupal on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS Cloud Formation.|
|Moodle Reference Architecture||Moodle is a learning platform designed to provide educators, administrators and learners with a single robust, secure and integrated system to create personalised learning environments. This repository consists of a set of nested templates which deploy a highly available, elastic, and scalable Moodle environment on AWS. Moodle is a learning platform designed to provide educators, administrators and learners with a single robust, secure and integrated system to create personalized learning environments. This reference architecture provides a set of YAML templates for deploying Moodle on AWS using Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Compute Cloud (Amazon EC2), Auto Scaling, Elastic Load Balancing (Application Load Balancer), Amazon Relational Database Service (Amazon RDS), Amazon ElastiCache, Amazon Elastic File System (Amazon EFS), Amazon CloudFront, Amazon Route 53, Amazon Certificate Manager (Amazon ACM) with AWS Cloud Formation. This architecture may be overkill for many Moodle deployments, however the templates can be run individually and/or modified to deploy a subset of the architecture that fits your needs.|
|Shibboleth Reference Architecture with EC2||This Shibboleth IdP reference architecture will deploy a fully functional, scalable, and containerized Shibboleth IdP. This reference architecture includes rotation of IdP sealer keys, utilizing AWS Secrets Manager and AWS Lambda. In addition, the certificates that are part of the IdP as well as some of the LDAP settings (including the username/password) are stored in AWS Secrets Manager. This project is intended to be a starting point for getting the Shibboleth IdP up and running quickly and easily on AWS and provide the foundation to build a production ready deployment around. Be aware that if you do delete the stack, it will delete your CodeCommit repository so your customizations will be lost. Therefore, if you intend to use this for production, it would be a good idea to make a copy of the repo and host it in your own account and take precautions to safeguard your changes.|
|REDCap on AWS Cloud Formation||This repository contains AWS Cloud Formation templates to automatically deploy a REDCap environment that adheres to AWS architectural best practices. In order to use this automation, you must supply your own copy of the REDCap source files. These are available for qualified entities at projectredcap.org. Once you have downloaded your source files then you can follow the below instructions for deployment. In their own words – REDCap is a secure web application for building and managing online surveys and databases. While REDCap can be used to collect virtually any type of data,including 21 CFR Part 11, FISMA, and HIPAA-compliant environments, it is specifically geared to support online or offline data capture for research studies and operations.|
University in a Box is a powerful example of a specific business problem solved with leverage of Cloud integrated with existing customer specific use cases and easy deployment options to save time, money and achieve quick maturity.
For Universities, colleges and schools trying to use AWS Cloud infrastructure, applications and self-service models the solution can bring significant cost, effort and compliance benefits to help them focus on “Driving Effective Learning” than worrying about enabling cloud infrastructure, basic day to day applications and delegation of tasks to achieve scale. With a combination of pre-built solution and a managed services model to handhold customers with a full lifecycle of development, enhancement and support services, Relevance Lab can be your trusted partner for digital learning enablement.
For demo video, please click here.
To learn more about this solution or participate in using the same for your internal needs feel free to contact firstname.lastname@example.org