Skip to main content

AWS Clean Rooms Documentation

Multiparty

Collaborate with multiple parties

With AWS Clean Rooms, you are enabled to analyze data with multiple other parties in a single collaboration. Each collaboration member keeps data in their own accounts. AWS Clean Rooms is designed to help you generate insights from you and your partners collective data. You are enabled to create a clean room, invite companies you want to collaborate with, and select which participants can run SQL analyses or generate predictive insights with AWS Clean Rooms ML within the collaboration.

Collaborate on your data where it lives

AWS Clean Rooms is designed to help you can collaborate on multi-party data without having to move or share your raw data. You are enabled to permission your data in AWS and start collaborating with your partners' datasets. When you match records, run queries, train an ML model, or generate predictive insights, AWS Clean Rooms is designed to read the data from where it lives. AWS Entity Resolution on AWS Clean Rooms is designed so that the underlying data used to configure a dataset that maps between multiple collaborators identifiers is not shared or revealed among collaborators. When you use SQL query analysis, you are enabled to specify rules and SQL query restrictions allowed on your data, which are designed to be applied to protect each participant's underlying data. AWS Clean Rooms ML is designed so that the underlying data used to train a model or generate a lookalike segment is not shared or revealed among collaborators or used by AWS to train models.

Programmatic access

In addition to the AWS Management Console, AWS Clean Rooms functionality is designed to be accessible with an API. You are enabled to use the AWS SDKs or command line interface (CLI) to help with AWS Clean Rooms operations, integrate Clean Rooms functionality within your existing workflows and products, or create your own version of clean room offering for your customers.

Configurable roles

Configure collaboration member roles

When you set up an AWS Clean Rooms collaboration, you are enabled to specify different abilities for each collaboration member to suit your SQL querying use cases. When you set up a collaboration, you are also enabled to configure SQL query payment responsibilities and assign a chosen member to be billed for the query compute costs in the collaboration.

SQL queries subject to analysis rules

Analysis rules are restrictions that give you control of how your data can be analyzed. Collaboration members who create or join a collaboration as designated query runners are enabled write queries to intersect and analyze your data tables subject to the analysis rules that you set. AWS Clean Rooms controls are designed to support three types of analysis rules: list, aggregation, and custom. 

Aggregation analysis rule

The aggregation analysis rule is designed to allow you to run queries that generate aggregate statistics, such as how large the intersection of two datasets is. When using the aggregation analysis rule, you are enabled to allow only aggregation queries be run on your data and enforce restrictions on specific parts of the queries that run. You are also enabled to control the minimum aggregation constraint in the output. 

List analysis rule

The list analysis rule is designed to allow you to run queries that extract the row-level list of the intersection of multiple datasets, such as the overlap of two datasets. When using the list analysis rule, you are enabled to allow only list queries be run on your data and enforce restrictions of the queries that run.  

Custom analysis rule

The custom analysis rule is designed to allow you to create custom queries using most of ANSI-standard SQL, review and allow queries prior to collaboration partners running them, and review other collaborators' queries before they are allowed to run on your tables. When using the custom analysis rule, you are enabled to determine or limit how your underlying data could be analyzed. When you use custom SQL queries, you are also enabled to create or use analysis templates to store custom queries with parameters in the collaborations.

Implement differential privacy

AWS Clean Rooms Differential Privacy is designed to obfuscate the contribution of any individual’s data from AWS Clean Rooms collaboration aggregate outputs, and it is designed to help you run a range of SQL queries.

Build queries

With Analysis Builder, users are enabled to build queries following the data restrictions that each collaborator has set on their tables. Analysis Builder is designed to help with collaborations that have one or two tables configured with either aggregation or list analysis rule.

Cryptographic computing

AWS Clean Rooms is designed to run queries on cryptographically protected data. You are enabled to pre-encrypt your data using a collaboration-specific, shared encryption key so that data is encrypted even when queries are run. 

Machine Learning (ML)

AWS Clean Rooms ML is designed to help you and your partners apply machine learning (ML) to generate insights without having to share raw data with each other. AWS Clean Rooms ML is designed to support custom and lookalike machine learning (ML) modeling. With custom modeling, you are enabled to bring a custom model for training and run inference on collective datasets, without sharing underlying data or intellectual property among collaborators. With lookalike modeling, you are enabled to use an AWS-authored model to generate an expanded set of similar profiles based on a small sample of profiles that your partners bring to a collaboration.

ML and synthetic dataset generation

AWS Clean Rooms enables you and your partners to generate synthetic datasets from your collective data to train regression and classification machine learning (ML) models. Synthetic dataset generation for custom machine learning in AWS Clean Rooms ML is designed to de-identify subjects—such as people or entities about whom data has been collected—in the original data.

Additional Information

For additional information about service controls, security features and functionalities, including, as applicable, information about storing, retrieving, modifying, restricting, and deleting data, please see https://docs.aws.amazon.com/index.html. This additional information does not form part of the Documentation for purposes of the AWS Customer Agreement available at http://aws.amazon.com/agreement, or other agreement between you and AWS governing your use of AWS’s services.