Platform Bootstrap Checklist
Copy this into your incident-tracker on day 1. Tick each box as you complete it.
Prerequisites
- Azure subscription assigned + Owner access verified
- Region chosen (primary + DR)
- Sizing approved
- Local tooling installed (
node,pnpm,az,psql,gh,docker) - DNS provider access for
medsuite.com - GitHub Actions admin access
- PagerDuty / on-call configured
- Cost alerts ($250/$500/$1000)
Infrastructure
- Resource group created
- Master Postgres flexible server provisioned
- First tenant DB server provisioned
- Key Vault provisioned + admin RBAC assigned
- Service Bus namespace provisioned
- Storage account with SFTP enabled
- Static Web Apps provisioned (3× docs + 2× apps)
- DB firewall rule for bootstrap workstation
- All credentials stashed in Key Vault
Services
- GitHub Actions secrets configured
- Initial deploy workflow run green
- Container Apps managed identities granted Key Vault read
-
/healthendpoints return 200 -
/metricsendpoints expose Prometheus
Master DB
-
rcm_masterdatabase created - All master migrations applied
- Schemas verified:
identity,security,rcm_master,reference - Reference data counts non-zero
- First
db_serverrow inserted
First platform admin
- Bootstrap script run (password captured)
- Admin can log in at
admin.rcm.medsuite.com - Password changed on first login
- Audit trail confirmed
- Bootstrap firewall rule removed
DNS / TLS
- Wildcard or per-tenant strategy decided
- DNS records created
- Custom domains bound to SWAs
- Front Door routes configured
- All certs valid
Smoke
- Health, metrics, sampled-tenants endpoints all clean
- Platform admin login works
-
/platform/tenantsreturns[] - Reference-data endpoints return non-empty
- Worker heartbeat current
- EDI gateway reports parsers ready
Sign-off:
| Name | Date | |
|---|---|---|
| Bootstrap completed by | ||
| Verified by |