AWS Advantages

Medplum provides a suite of digital healthcare services such as authentication, access controls, user management, FHIR server, automation, and more.

Medplum's hosted offering runs on AWS, so naturally the AWS configuration is most full-featured and most battle-tested. This document describes which features are only available on AWS, and possible alternatives.

info

Are you interested in a non-AWS environment? Please contact us to learn about partnership or sponsorship opportunities. As the Medplum project grows, we intend to target as many hosting options as possible.

For more details on self hosting on AWS, see Install on AWS.

The following diagram roughly represents the AWS architecture:

The following AWS services are setup automatically with no extra engineering required:

• AWS CDK - Infrastructure as code (IaC). Medplum provides CDK code that can create the entire AWS environment from scratch.
  • Alternatives: Terraform, Microsoft Resource Manager
• AWS VPC - Private cloud and network firewall.
  • Alternatives: Azure Virtual Network, Google Cloud VPC
• AWS Fargate/ECS - Server orchestration for high availability and zero downtime deployments. Medplum deployment scripts use Fargate features to follow AWS best practices for smooth deployment.
  • Alternatives: Kubernetes, Azure Container Instances, Google Cloud Run
• AWS Elastic Load Balancing - Distribute network traffic to improve application scalability and availability.
  • Alternatives: Azure Load Balancer, Google Cloud Load Balancing
• AWS Aurora - Managed PostgreSQL database with monitoring, redundancy, patch maintenance, backups, and more.
  • Alternatives: Azure Cosmos DB, Google Cloud SQL for PostgreSQL, self managed
• AWS ElastiCache - Managed Redis cache for resource caching and asynchronous job queues.
  • Alternatives: Azure Cache for Redis, Google Cloud Memorystore, self managed
• AWS S3 - High availability, high durability blob storage.
  • Alternatives: Microsoft Azure Blob, Google Cloud Storage
• AWS SES - Reliable and scalable email automation.
  • Alternatives: Twilio SendGrid, Azure Communication Services
• AWS CloudFront - High availability Content Delivery Network (CDN) used for static asset hosting and user content via "Pre Signed URLs".
  • Alternatives: Cloudflare CDN, Azure CDN, Google Cloud CDN
• AWS Lambda - Serverless short lived code execution, used for background jobs and Medplum Bots.
  • Alternatives: Azure Automation, Google Cloud Functions
• AWS Secrets Manager - Manage and rotate service secrets such as database credentials.
  • Alternatives: HashiCorp Vault, Azure Key Vault, Google Secrets Manager
• AWS Web Application Firewall (WAF) - Protect against common web exploits and bots.
  • Alternatives: Cloudflare WAF, Azure WAF, Google Cloud Armor
• AWS CloudWatch Logs - Centralized logs from all services.
  • Alternatives: Azure Monitor Logs, Google Cloud Logging, Splunk, Sumo Logic