#2 Installation - Setup Guide (Bookstack)

Bookstack is managed and configured via CloudFormation.

📌 0. How to Find Required Parameters

To properly deploy BookStack, you need to provide the following network parameters and certificate ARN:

1ī¸âƒŖ VpcCidrBlock (CIDR block for the VPC)

â€ĸ If you are creating a new VPC, use 10.0.0.0/16 as the default value.

â€ĸ If you are using an existing VPC, retrieve the CIDR block:

â€ĸ Open AWS Console → VPC → Your VPCs

0-vpc-your-vpc.png

â€ĸ Locate your VPC and copy the IPv4 CIDR value.

0-vpccidrblock.png

2ī¸âƒŖ VpcId (VPC ID)

â€ĸ Locate your VPC and copy its VPC ID (e.g., vpc-0a1ba422ba9a105e9).

0-vpcid.png

3ī¸âƒŖ Subnet1Id & Subnet2Id (Subnet IDs)

â€ĸ Open AWS Console → VPC → Subnets

â€ĸ Select your VPC, and at the bottom panel, navigate to the Resource Map tab.

â€ĸ Here, you will see a list of all subnets associated with your VPC.

â€ĸ Choose two private subnets (preferably in different Availability Zones) and copy their Subnet IDs (e.g., subnet-040155a08a9508bb6, subnet-02e4a590db71371f9).

0-vpc-subnets.png

⚠ Important Notice! Ensure that the region of your resources matches the deployment region in CloudFormation. If you select resource IDs from Region A but deploy in Region B, you will encounter an error stating that the specified resources do not exist. This happens because each AWS region has its own unique set of resource IDs.

4ī¸âƒŖ Obtain an SSL Certificate (if you don’t have one):

â€ĸ Navigate to AWS Certificate Manager (ACM) in the AWS Management Console.

â€ĸ Request a new certificate by selecting “Request a public certificate” and click Next.

1-req-pub-cert.png

â€ĸ Follow the steps to validate your domain using DNS validation (recommended) or Email validation.

2-req-pub-cert-configuration.png

â€ĸ Select ECDSA P-256 as the key algorithm. This is equivalent in cryptographic strength to RSA 3072 but provides better performance. If ECDSA P-256 is not supported by your use case, you can use RSA 2048 instead (though it is less efficient). Create the tag with Key=Name, Value=bookstack (or any other meaningful name that helps you recognize it)

3-req-pub-cert-algoritm.png

â€ĸ Once the certificate is issued, copy its ARN and use it in the SSLCertificate parameter during deployment.

4-cert-arn.png

⚠ Important Notice! Ensure that the certificate is created in the same AWS region where you are deploying the CloudFormation stack. If the certificate is in a different region, the ALB will not be able to use it, and the deployment will fail.

📌 1. Check Region Availability for RDS MariaDB & EC2-instance

Check RDS MariaDB availability for your region 

The availability of Graviton for RDS MariaDB may vary depending on your region. To speed up deployment and minimize the risk of an unavailable RDS instance type in your chosen region, we recommend referring to the MariaDB availability table based on the region from which you plan to deploy the BookStack infrastructure. 

📅 Last availability scan date: March 19, 2025.

Checking region: ap-south-1

Checking region: eu-north-1 Checking region: eu-west-3 Checking region: eu-west-2
db.m6g.large db.m6g.large db.m6g.large db.m6g.large
db.m7g.large db.m7g.large db.m7g.large db.m7g.large
db.r6g.large db.r6g.large db.r6g.large db.r6g.large
db.r7g.large db.r7g.large db.t4g.medium

db.r7g.large

db.t4g.medium db.t4g.medium db.t4g.small db.t4g.medium
db.t4g.small db.t4g.small
db.t4g.small

Checking region: eu-west-1 Checking region: ap-northeast-3 Checking region: ap-northeast-2 Checking region: ap-northeast-1
db.m6g.large db.m6g.large db.m6g.large db.m6g.large
db.m7g.large db.r6g.large db.m7g.large db.m7g.large
db.r6g.large db.t4g.medium db.r6g.large db.r6g.large
db.r7g.large db.t4g.small db.r7g.large db.r7g.large
db.t4g.medium
db.t4g.medium db.t4g.medium
db.t4g.small
db.t4g.small db.t4g.small

Checking region: ca-central-1 Checking region: sa-east-1 Checking region: ap-southeast-1 Checking region: ap-southeast-2
db.m6g.large db.m6g.large db.m6g.large db.m6g.large
db.m7g.large db.r6g.large db.m7g.large db.m7g.large
db.r6g.large db.t4g.medium db.r6g.large db.r6g.large
db.r7g.large db.t4g.small db.r7g.large db.r7g.large
db.t4g.medium
db.t4g.medium db.t4g.medium
db.t4g.small
db.t4g.small db.t4g.small

Checking region: eu-central-1 Checking region: us-east-1 Checking region: us-east-2 Checking region: us-west-1 Checking region: us-west-2
db.m6g.large db.m6g.large db.m6g.large db.m6g.large

db.m6g.large
db.m7g.large db.m7g.large db.m7g.large db.m7g.large db.m7g.large
db.r6g.large db.r6g.large db.r6g.large db.r6g.large db.r6g.large
db.r7g.large db.r7g.large db.r7g.large db.r7g.large db.r7g.large
db.t4g.medium db.t4g.medium db.t4g.medium db.t4g.medium db.t4g.medium
db.t4g.small db.t4g.small db.t4g.small db.t4g.small db.t4g.small

Check EC2-instance availability for your region

The availability of Graviton for EC2 instance may vary depending on your region. To speed up deployment and minimize the risk of an unavailable EC2 instance type in your chosen region, we recommend referring to the EC2 availability table based on the region from which you plan to deploy the BookStack infrastructure. 

📅 Last availability scan date: March 20, 2025.

Checking region: ap-south-1 Checking region: eu-north-1 Checking region: eu-west-3 Checking region:eu-west-2
r6g.large t4g.small c6g.large m7g.large

t4g.medium

r6g.large m6g.large r6g.large
c6g.large c6g.large t4g.small r7g.large
m7g.large m6g.large r6g.large m6g.large
t4g.small m7g.large m7g.large t4g.medium
r7g.large r7g.large t4g.medium t4g.small
m6g.large t4g.medium
c6g.large

Checking region: eu-west-1 Checking region: ap-northeast-3 Checking region: ap-northeast-2 Checking region: ap-northeast-1
c6g.large c6g.large t4g.medium t4g.medium
t4g.medium t4g.small m6g.large t4g.small
m7g.large t4g.medium r6g.large c6g.large
t4g.small r6g.large c6g.large r7g.large
r6g.large m6g.large m7g.large r6g.large
m6g.large m7g.large t4g.small m6g.large
r7g.large
r7g.large m7g.large
Checking region: ca-central-1 Checking region: sa-east-1 Checking region: ap-southeast-1 Checking region: ap-southeast-2
t4g.medium r6g.large m6g.large t4g.medium
c6g.large c6g.large t4g.small t4g.small
t4g.small m6g.large m7g.large m6g.large
r6g.large t4g.medium r7g.large r7g.large
m6g.large t4g.small r6g.large r6g.large
m7g.large r7g.large t4g.medium m7g.large
r7g.large m7g.large c6g.large c6g.large
Checking region: eu-central-1 Checking region: us-east-1 Checking region: us-east-2 Checking region: us-west-1 Checking region: us-west-2
m7g.large r7g.large m7g.large c6g.large m6g.large
r6g.large t4g.small r6g.large m7g.large r7g.large
t4g.medium m6g.large c6g.large r6g.large m7g.large
t4g.small c6g.large t4g.medium r7g.large t4g.small
m6g.large t4g.medium m6g.large m6g.large r6g.large
r7g.large m7g.large t4g.small t4g.medium c6g.large
c6g.large r6g.large r7g.large t4g.small t4g.medium

📌 2. Configuring Parameters for main stack

Step 1. Prerequisite - Prepare template

We did the first step previously, when subscribed for the product in AWS Marketplace - Setup Guide, so move forward to the next step.

2.1. Deploy.png

Step 2. Specify stack details

Here, you need to fill in the Stack name. You can choose any name for your stack, but we recommend using a structured format like: bookstack (e.g., wiki, docs, etc.). 

For this guide, we will use wiki as an example.

4-Step 2 Name.jpeg

There are 21 parameters, some of which are predefined. You don’t need to fill in all of them — just focus on the required and empty fields. For additional guidance, refer to the help description provided under each parameter.

4-step-2-parameters.png

⚠ Important Notice!: There are three additional parameters for AWS Marketplace Store. They are starting from prefixes as "MPS", so you shouldn't modify them - otherwise, CloudFormation will fail with an error.

4-step-2-MPS-parameters-new.png

7 Required Parameters:

1. Deployment Environment – Specify the environment (e.g., dev, prod).

2. For optional parameters, you can leave the string blank, as we did with CostAllocationTag, GoogleClientId, GoogleClientSecret.

3. AppURL – Define the URL where BookStack will be accessible.

4. VPC ID – Enter the ID of an existing VPC.

5. VPC CIDR block – Provide the CIDR block of your existing VPC.

6. Subnet IDs – Enter the IDs of your existing subnets (e.g., Subnet 1 ID, Subnet 2 ID).

4-2 Step 2 Parameters.png

⚠ Important Notice!: If you want to create new VPC, you should fill ONLY the VPC CIDR Block. 

4-2 Step 2 Parameters-addition.png

7. EnableUserSignUp, MultipleAuthMethods - by default set to false for best security practices.

cognito-params.jpeg

8. SSL Certificate ARN – Provide the ARN of your SSL Certificate for the ALB. (If you don’t have one, you must create it.)

4-3 Step 2 Parameters.jpeg 

⚠ Important Notice!: There is one required parameter for EC2AMI. Its value is set to "/aws/service/marketplace/prod-ymfbr3id36e3k/version-v1.0-bookstack-v24.05.4", so you shouldn't modify it - otherwise, CloudFormation will fail with an error. 

4-3 Step 2 EC2Parameters-new.png

Override Optional Parameters

Some parameters have predefined default values. You can modify them as needed or leave them unchanged:

â€ĸ EC2 instance type (t4g.small is the default and is recommended for small environments).

â€ĸ RDS DB instance type (db.t4g.small is the default).

â€ĸ RDS storage size (20 GB by default).

â€ĸ Multi-AZ deployment (set to false for cost efficiency).

â€ĸ Enable/Disable RDS backups.

â€ĸ Enable/Disable RDS deletion protection. ⚠ Important Notice!: If this parameter is enabled, you will not be able to delete the stack. To proceed with deletion, go to AWS Console → Amazon RDS → Databases, select your database, click Modify, and uncheck "Enable deletion protection" for bookstack-dev-rds. After this, you can delete the main stack in CloudFormation.

â€ĸ Schedule backup rules.

â€ĸ Schedule backup deletion.

Step 3. Configure stack options 

Scroll to the bottom, check both checkboxes in the Capabilities field, and click the Next button.

5-Step 3 Capabilities 2.jpeg

Step 4. Review and create

Scroll to the bottom and click the Submit button. 

6-Step 4 Submit.jpeg

Now you can see how your environment is being deployed.

7-Step 4 Deploying.jpeg

Follow these simple steps to access your product:

1ī¸âƒŖ Retrieving the Access URL

1. After successful deployment, your product will be available at a generated URL, which can be found in the bookstack-$Environment-main stack under the Outputs section, key LoadBalancerDNSName, key AppURL.

2. In your domain registrar, create a CNAME record for AppURL, pointing to the generated LoadBalancerDNSName.

3. Open AppURL in your browser and enjoy!

7-Outputs.png

2ī¸âƒŖ Accessing BookStack

1. Open AppURL in your browser.

2. Log in using the default credentials:

â€ĸ Username: admin@admin.com

â€ĸ Password: password

3. Change your password immediately! You can do this under Profile → Settings.

8-Login.png

Additional Information

✅ Application logs are available in CloudWatch Logs.

✅ Data is stored in RDS, while Bookstack files are stored on Amazon EFS.

✅ Deletion: If needed, delete the main CloudFormation Stack to remove all associated resources automatically. 

⚠ Important Notice! Before proceeding, navigate to AWS Backup → Vaults → your-backup-vault-name → Recovery Points. Select all recovery points, click the Actions button, and choose Delete. This will remove all EFS backups.
Otherwise, deleting the CloudFormation stack will result in an error.Bookstack-aws-backup.png

vault recovery points.png

 

â„šī¸ Additional Information:

Some minor issues may occur during the initial launch, which are known and documented. Please visit the BookStack Bugs and Known Issues section for more information.