Research Service Workbench on AWS (RSW) is an AWS Solution designed for research IT departments and their administrators to create a self-service portal for secure research environments, without requiring knowledge about cloud administration or security. It includes the necessary functionality to create research workspaces, connect to data, and control access to AWS resources. With the provided APIs, administrators can establish users, projects, and data sources. The administrators can also create the available environments (including tools and compute resources), data sources, and can assign researchers and resources to defined projects. AWS Partners can use the APIs to swiftly develop a self-service portal for researchers.
Deploy an interactive sample research environment using Jupyter Notebook with AWS services.
Maintain consistent security, compliance, and governance.
Collaborate with researchers everywhere.
Virtually limitless tooling through the AWS Service Catalog.
This is an architecture diagram of Research Services Workbench on AWS that depicts the relationships between the different components.
Deploy using an AWS CloudFormation template or by using the Cloud Development Kit (CDK) Command Line Interface (CLI) in the main account and the hosting account subsequently.
Users get access based on their group permissions stored in the encrypted Amazon DynamoDB authorization table.
AWS Systems Manager processes the shared documents from the main account in the hosting account to launch the environment.
To launch an environment, AWS Service Catalog runs the CloudFormation template within the product.
After creation, environments within the hosting account can connect to the Amazon Simple Storage Service (Amazon S3) artifacts bucket in the main account to set up custom scripts in the instance. After creation, environments created with attached datasets can access datasets within the Amazon S3 datasets bucket through Access Points in the main account.
IT administrators can customize the source code hosted on GitHub, including full customization of environment lifecycles (launch, terminate, start, and stop) and connection. Changes to source code require re-deployment of RSW.
IT administrators can publish custom environment types to Service Catalog within the main account.
Users can request pre-signed S3 URLs through an RSW API endpoint. With that pre-signed S3 URL, users can add data to datasets within the Datasets S3 bucket in the main account.