| 2026-05-29 |
Use Medplum's official AWS CDK path as the initial installation route. |
Medplum docs mark AWS as recommended and battle-tested; CDK automates VPC/ECS/RDS/Redis/CloudFront/S3/SSM/etc. |
Ubuntu install, scratch install, GCP/Azure Terraform, Kubernetes/Helm. |
Robbie |
Engineering/security review before deploy |
| 2026-05-29 |
Use vimmedicine.app as VIM's base non-prod/internal/platform domain. |
Jeremy selected and purchased vimmedicine.app; Route 53 parent hosted zone exists in the management/default account. |
Use only vimmedicine.com; use separate domains per environment. |
Jeremy |
None |
| 2026-05-29 |
Delegate medplum-dev.vimmedicine.app to the Dev AWS account for the initial Medplum dev path. |
Keeps parent domain centrally owned while letting the Dev account manage Medplum DNS/ACM records cleanly. |
Put all Medplum records directly in parent zone; grant Dev account cross-account parent-zone write access. |
Robbie |
Revisit naming if moving to medplum.dev.vimmedicine.app |
| 2026-05-31 |
Treat Dev, Stage, and Prod as shared VIM environment accounts, not Medplum-only accounts. |
Jeremy clarified the accounts will host all apps: Medplum first, then Patient app, Doctor UI, and other applications. This prevents accidentally constraining account, DNS, repo, or IAM naming around Medplum. |
Create Medplum-specific dev/stage/prod accounts and rename environment assets around Medplum. |
Jeremy |
None |
| 2026-05-31 |
Use shared environment zones dev.vimmedicine.app and stage.vimmedicine.app delegated to the matching environment accounts. |
Keeps non-prod naming app-agnostic and lets each shared environment account own its DNS records. |
Use Medplum-specific non-prod zones only; keep all records in the parent vimmedicine.app zone. |
Jeremy/Robbie |
None |
| 2026-05-31 |
Delegate app-specific internal prod zones to the Prod account as needed, starting with medplum.vimmedicine.app when Medplum prod is imminent. |
Keeps management account as parent-domain owner, keeps Prod as production workload owner, limits DNS permissions/blast radius, and works better with Medplum/CDK hosted-zone lookup expectations. |
Keep all prod internal records in the parent zone; delegate all of vimmedicine.app to Prod; pre-create every possible future app zone. |
Jeremy/Robbie |
Confirm before prod DNS creation |
| 2026-05-31 |
Use hosted Metriport as VIM's initial external clinical record retrieval layer feeding Medplum. |
Metriport is API-first, FHIR-oriented, supports raw documents plus consolidated patient data, fits the Medplum ingestion direction, and avoids the near-term operational burden of self-hosting/network plumbing. Expected retrieval pattern: large upfront historical pull followed by appointment-based refreshes. |
Particle Health, Health Gorilla, Zus Health, Redox, 1upHealth, Moxe, direct CommonWell/Carequality/eHealth/TEFCA participation, and self-hosted Metriport. |
Jeremy/Robbie |
Security/compliance, clinical, legal/privacy, pricing, and production-access review before PHI use |