:xrefstyle: short

Deploying this Quick Start for a new virtual private cloud (VPC) with
default parameters builds the following {partner-product-short-name} environment in the
AWS Cloud.

// Replace this example diagram with your own. Follow our wiki guidelines: https://w.amazon.com/bin/view/AWS_Quick_Starts/Process_for_PSAs/#HPrepareyourarchitecturediagram. Upload your source PowerPoint file to the GitHub {deployment name}/docs/images/ directory in this repo. 

[#architecture1]
.Quick Start architecture for {partner-product-short-name} on AWS
image::../images/architecture_diagram.png[Architecture,width=648,height=467]

As shown in <<architecture1>>, the Quick Start sets up the following:

* A highly available architecture that spans two Availability Zones.*
* A VPC configured with public and private subnets, according to AWS
best practices, to provide you with your own virtual network on AWS.*
* Three *security groups*, one for each network interface (Management, Client, Server), that act as virtual firewalls to control the traffic for their associated instances.
* In the public subnets:
** Managed network address translation (NAT) gateways to allow outbound
internet access for resources in the private subnets.*
** A Linux bastion host in an Auto Scaling group to allow inbound Secure
Shell (SSH) access to EC2 instances in public and private subnets.*
* In the private subnets, a network interface with a private IP address for the Management (NSIP) and a network interface with a private IP address for the back-end Server subnet (SNIP).
* An AWS Lambda function to handle Citrix ADC VPX high availability and load balancing configuration.
* An AWS Identity and Access Management (IAM) role to securely control access to AWS services and resources for your users.

[.small]#* The template that deploys the Quick Start into an existing VPC skips the components marked by asterisks and prompts you for your existing VPC configuration.#