biotech blueprint

AWS Biotech Blueprint - Core

Core template for deploying a preclinical, cloud-based research infrastructure and optional informatics software on AWS

This Quick Start builds an informatics infrastructure for a biotech company on the AWS Cloud. It sets up a virtual data center by creating virtual private clouds (VPCs) and automatically configures this infrastructure for identity management, access control, encryption key management, network configuration, logging, alarms, partitioned environments (for example, to separate preclinical, clinical, and management processes), and built-in compliance auditing.  

You can also use the Quick Start to automatically deploy the industry’s leading scientific research applications into this informatics infrastructure. Currently, you can deploy an electronic lab notebook (ELN), molecular R&D solutions, and a chemical compound registry. We'll be expanding the Quick Start Biotech Blueprint catalog to include laboratory information management systems (LIMS), screening tools, and freezer management tools. For more information, see the Add-on products tab.


This Quick Start was developed by
AWS solutions architects.

  •  What you'll build
  •  Add-on products
  •  How to deploy
  •  Cost and licenses
  •  What you'll build
  • This Quick Start sets up the following:

    • A highly available architecture that spans two Availability Zones.
    • A preclinical VPC configured with public and private subnets according to AWS best practices, to provide you with your own virtual network on AWS. This is where informatics and research applications will run.
    • A management VPC configured with public and private subnets, to support the future addition of IT-centric workloads such as Active Directory, security appliances, and virtual desktop interfaces.
    • An internet gateway to allow access to the internet for public resources.
    • Redundant, managed NAT gateways to allow outbound internet access for resources in the private subnets.
    • Certificate-based virtual private network (VPN) services through the use of OpenVPN.
    • A Linux bastion host to allow inbound Secure Shell (SSH) access to EC2 instances in public and private subnets. The bastion host is launched inside an Auto Scaling group of size 1 to ensure availability.
    • Private, split-horizon DNS with Amazon Route 53.
    • Best-practice IAM groups and policies based on separation of duties designed to follow the U.S. National Institute of Standards and Technology (NIST) guidelines.
    • A set of automated checks and alerts to notify you when AWS Config detects insecure configurations.
    • Account-level logging, audit, and storage mechanisms designed to follow NIST guidelines.
    • (Optional) Informatics software from leading biotech companies. For details, see the Add-on products tab.
  •  Add-on products
  • When you deploy the master template, you can choose one or more of the following informatics software from AWS partners. The Biotech Blueprint master template will automatically deploy the products you choose into your biotech informatics environment. You can also deploy these products later, after you build your biotech infrastructure, by using the Launch template link in the table.

    Category Partner Product
    Quick Start template
    Compound registry ChemAxon Compound Registration Launch
    Large molecule R&D, ELN Benchling Molecular Biology Suite Launch
    Screening Genedata Screener Coming soon
    LIMS Sapio Sciences Exemplar Coming soon
    Freezer management Titian Mosaic Coming soon
  •  How to deploy
  • To build your highly available biotech environment on AWS, follow the instructions in the deployment guide. The deployment process includes these steps:

    1. If you don't already have an AWS account, sign up at
    2. Subscribe to the Amazon Machine Image (AMI) for OpenVPN Access Server in AWS Marketplace.
    3. If you want to include ChemAxon Compound Registration in your deployment, subscribe to its AMI in AWS Marketplace.
    4. Launch the Quick Start. The deployment takes about 20 minutes. The Quick Start is available in the following AWS Regions: US East (N. Virginia), US West (Oregon), and EU (Ireland).
    5. Test the deployment by connecting to OpenVPN and accessing the informatics software you installed.

    To customize your deployment, you can configure DNS settings, specify CIDR blocks for VPC partitions, add AWS Config rules, and configure OpenVPN and informatics product settings, as discussed in the Quick Start deployment guide.

    If you didn't choose any add-on informatics products during deployment, you can add them to your environment later, by launching the templates in the Add-on products tab.

  •  Cost and licenses
  • You are responsible for the cost of the AWS services used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start.

    The AWS CloudFormation template for this Quick Start includes configuration parameters that you can customize. Some of these settings may affect the cost of deployment. See the pricing pages for each AWS service you will be using for cost estimates.

    You don't need a license to deploy the Biotech Blueprint core template. If you choose to use one of the participating ISV templates, licensing information will be detailed on the ISV documentation pages, and additional pricing, terms, and conditions may apply.