Build self-service portals for research institutions and empower rapid experimentation
Overview
Research Service Workbench on AWS is an AWS Solution designed for research IT departments and their administrators to create a self-service portal for secure research environments, without requiring knowledge about cloud administration or security. It includes the necessary functionality to create research workspaces, connect to data, and control access to AWS resources. With the provided APIs, administrators can establish users, projects, and data sources. The administrators can also create the available environments (including tools and compute resources), data sources, and can assign researchers and resources to defined projects. AWS Partners can use the APIs to swiftly develop a self-service portal for researchers.
Benefits
Deploy an interactive sample research environment using Jupyter Notebook with AWS services.
Maintain consistent security, compliance, and governance.
Collaborate with researchers everywhere.
Virtually limitless tooling through the AWS Service Catalog.
Technical details
You can automatically deploy this architecture using the implementation guide and the accompanying AWS CloudFormation template.
Step 1
Deploy using an AWS CloudFormation template or by using the Cloud Development Kit (CDK) Command Line Interface (CLI) in the main account and the hosting account subsequently.
Step 2
Users get access based on their group permissions stored in the encrypted Amazon DynamoDB authorization table.
Step 3
AWS Systems Manager processes the shared documents from the main account in the hosting account to launch the environment.
Step 4
To launch an environment, AWS Service Catalog runs the CloudFormation template within the product.
Step 5
CloudFormation creates a stack from the template to launch the environment within the Virtual Private Cloud (VPC) of the Hosting Account. Environments are created within Public Subnets of the VPC. An example of these environments are Amazon SageMaker Notebooks.
Step 6
After creation, environments within the hosting account can connect to the Amazon Simple Storage Service (Amazon S3) artifacts bucket in the main account to set up custom scripts in the instance. After creation, environments created with attached datasets can access datasets within the S3 datasets bucket through Access Points in the main account.
Step 7
IT administrators can customize the source code hosted on GitHub, including full customization of environment lifecycles (launch, terminate, start, and stop) and connection. Changes to source code require re-deployment of this solution.
Step 8
IT administrators can publish custom environment types to Service Catalog within the main account.
Step 9
Users can request pre-signed S3 URLs through this solution's API endpoint. With that pre-signed S3 URL, users can add data to datasets within the Datasets S3 bucket in the main account.
- Publish Date