biotech blueprint

AWS Biotech Blueprint - Core

Core template for deploying a preclinical, cloud-based research infrastructure and optional informatics software on AWS

This Quick Start builds an informatics infrastructure for a biotech company on the Amazon Web Services (AWS) Cloud. It sets up a virtual data center by creating virtual private clouds (VPCs) and automatically configures this infrastructure for identity management, access control, encryption key management, network configuration, logging, alarms, partitioned environments (for example, to separate preclinical, clinical, and management processes), and built-in compliance auditing.  

You can also use the Quick Start to automatically deploy the industry’s leading scientific research applications into this informatics infrastructure. Currently, you can deploy an electronic lab notebook (ELN) and molecular R&D solution, a chemical compound registry, freezer management software, a biotech informatics and research infrastructure, and a genomics analysis environment. For more information, see the Add-on products tab.


This Quick Start was developed by
AWS solutions architects.

  •  What you'll build
  •  Add-on products
  •  How to deploy
  •  Cost and licenses
  •  What you'll build
  • This Quick Start sets up the following:

    • A highly available architecture that spans two Availability Zones.
    • A preclinical virtual private cloud (VPC) configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS. This is where informatics and research applications will run.
    • A management VPC configured with public and private subnets, to support the future addition of IT-centric workloads such as Active Directory, security appliances, and virtual desktop interfaces.
    • Redundant, managed NAT gateways to allow outbound internet access for resources in the private subnets.
    • Certificate-based virtual private network (VPN) services through the use of AWS Client VPN endpoints.
    • Private, split-horizon Domain Name System (DNS) with Amazon Route 53.
    • Best-practice AWS Identity and Access Management (IAM) groups and policies based on separation of duties, designed to follow the U.S. National Institute of Standards and Technology (NIST) guidelines.
    • A set of automated checks and alerts to notify you when AWS Config detects insecure configurations.
    • Account-level logging, audit, and storage mechanisms designed to follow NIST guidelines.
    • A secure way to remotely join the preclinical VPC network by using the AWS Client VPN endpoint.
    • A prepopulated set of AWS Systems Manager Parameter Store key/value pairs for common resource IDs. 
    • (Optional) An AWS Service Catalog portfolio of common informatics software that can be easily deployed into your preclinical VPC.
  •  Add-on products
  • After you deploy the master template, you can install the following informatics tools from AWS partners. By default, these tools will be available to launch in the AWS Service Catalog console. You can also deploy these tools by using the Launch links in the following table or in the deployment guides.

    Category Partner Product
    To install
    Large molecule R&D, ELN Benchling Molecular Biology Suite Launch Quick Start template
    Compound registry ChemAxon Compound Registration Launch Quick Start template
    Knowledge management Dotmatics Dotmatics suite Learn more | View guide
    Genomics analysis Nextflow Nextflow Learn more | View guide
    Sample management Titian Mosaic FreezerManagement Learn more | View guide
  •  How to deploy
  • To build your highly available biotech environment on AWS, follow the instructions in the deployment guide. The deployment process includes these steps:

    1. If you don't already have an AWS account, sign up at
    2. Launch the Quick Start. The deployment takes about 20 minutes. The Quick Start is available in the following AWS Regions: US East (N. Virginia), US West (Oregon), and EU (Ireland).
    3. Test the deployment by checking the VPCs and subnets, and connecting to the preclinical VPC.
    4. (Optional) Deploy ISV tools from AWS Service Catalog.

    To customize your deployment, you can configure DNS settings, specify CIDR blocks for VPC partitions, add AWS Config rules, and configure VPN settings, as discussed in the Quick Start deployment guide.

  •  Cost and licenses
  • You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start.

    The AWS CloudFormation template for this Quick Start includes configuration parameters that you can customize. Some of these settings may affect the cost of deployment. See the pricing pages for each AWS service you will be using for cost estimates.

    Tip   After you deploy the Quick Start, we recommend that you enable the AWS Cost and Usage Report to track costs associated with the Quick Start. This report delivers billing metrics to an S3 bucket in your account. It provides cost estimates based on usage throughout each month, and finalizes the data at the end of the month. For more information about the report, see the AWS documentation.

    You don't need a license to deploy the Biotech Blueprint core template. If you choose to use one of the participating ISV templates, licensing information will be detailed on the ISV documentation pages, and additional pricing, terms, and conditions may apply.