reference deployment

Tableau Server on AWS for healthcare

Deploy business intelligence for HIPAA workloads on AWS

This Quick Start helps you deploy a Tableau Server standalone environment on the AWS Cloud, following best practices from AWS and Tableau Software. Specifically, this environment can help organizations with workloads that fall within the scope of the U.S. Health Insurance Portability and Accountability Act (HIPAA). The Quick Start addresses certain technical requirements in the Privacy, Security, and Breach Notification Rules under the HIPAA Administrative Simplification Regulations (45 C.F.R. Parts 160 and 164).  

The Quick Start includes AWS CloudFormation templates, which automatically configure the Tableau Server environment in less than an hour. The security controls reference (Microsoft Excel spreadsheet) shows how Quick Start architecture decisions, components, and configurations map to HIPAA regulatory requirements.

This Quick Start is for health IT infrastructure architects, administrators, and DevOps professionals who are planning to implement or extend their Tableau Server workloads on the AWS Cloud.

tableau_rgb

This Quick Start was developed by Tableau Software in collaboration with AWS. Tableau Software is an APN Partner.

  •  What you'll build
  •  How to deploy
  •  Cost and licenses
  •  What you'll build
  • Use this Quick Start to set up the following environment on AWS:

    • A virtual private cloud (VPC) configured with public and private subnets according to AWS best practices.*
    • An internet gateway to allow access to the internet.*
    • In the public subnets, managed NAT gateways to allow outbound internet access for resources in the private subnets.*
    • In the public subnets, a bastion host in an Auto Scaling group to allow remote access to the VPC.*
    • In a private subnet, an Amazon Elastic Compute Cloud (Amazon EC2) instance that contains Tableau Server, in an Auto Scaling group.
    • An Application Load Balancer to route traffic to Tableau Server over HTTPS.
    • A Secure Sockets Layer (SSL) certificate managed by AWS Certificate Manager (ACM) on the load balancer to encrypt all traffic between the internet and the load balancer. A separate self-signed certificate is generated on the EC2 instance to encrypt traffic between the load balancer and Tableau Server.
    • AWS Config rules to monitor the Tableau Server deployment configuration. If you haven’t created a configuration recorder and delivery channel, the Quick Start will create those as well.
    • An Amazon Route 53 record set that maps the fully qualified domain name to the load balancer DNS.

    * The template that deploys the Quick Start into an existing VPC skips the tasks marked by asterisks and prompts you for your existing VPC configuration.

  •  How to deploy
  • Before you deploy the Quick Start with protected health information (PHI), you must accept the AWS Business Associate Addendum (BAA) and configure your AWS account(s) as required by the BAA. You must also have a Tableau Server trial license or product key, and a domain managed by Amazon Route 53. For details, see the deployment guide.

    After you complete these prerequisites, you can build the Quick Start reference environment in about 45-50 minutes by following the instructions in the deployment guide. The deployment process includes these steps:

    1. If you don't already have an AWS account, sign up at https://aws.amazon.com.
    2. Launch the Quick Start. You can choose from two options:
    3. Test your deployment by logging in to Tableau Server and verifying that all processes are running.
  •  Cost and licenses
  • You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start. See the pricing pages for each AWS service you will be using for cost estimates.

    This Quick Start requires a license for Tableau Server. You can also use a 14-day trial version of Tableau Server, which is free of charge. You can sign up for a trial license on the Tableau Server website. To obtain a product key, contact sales@tableau.com.