Skip to main content

Service Workbench installation components

Serverless framework and projects

Service Workbench on AWS is a serverless environment that is deployed using an event-driven API framework. Its components are spread across AWS Lambda instances, static webpages using Amazon CloudFront, and Amazon S3. It can use Amazon Cognito for authentication. Service Workbench relies on AWS Service Catalog to host and manage AWS CloudFormation templates that define the Workspaces. Service Workbench contains five serverless projects. You can find these components under the <service_workbench>/main/solution directory.

ComponentInstallation DirectoryWhat does it contain?
Infrastructuresolution/infrastructure/The following AWS resources are created as part of this component deployment:
  • S3 bucket is used for logging the following actions:
    • Studying data uploads.
    • Accessing CloudFormation templates’ bucket.
    • Accessing CloudFront distribution service.
    • Hosting the static Service Workbench website.
  • CloudFront distribution service to accelerate Service Workbench website access based on user location.
Backendsolution/backend/After the environment has been deployed, the backend component creates and configures the following AWS resources:
S3 bucket
  • Stores uploaded study data. This bucket also receives an encryption key from AWS Key Management Service for encrypting this data and making it available to the Service Workbench website.
  • Stores bootstrap scripts. These scripts are used to launch the Workspace instances like SageMaker, EC2, Amazon EMR.
  • Sets up IAM roles and policies for accessing Lambda functions and invoking step functions.
Amazon DynamoDBBackend SDC creates DynamoDB tablesStores information concerning user authentication, AWS accounts, workflows, access tokens, study data etc. This component is also responsible for deploying the following Lambda functions/services:
  • Authentication layer handler - Handles the authentication layer for API handlers.
  • Open data scrape handler - Handles scraping the metadata from the AWS open data registry.
  • API handler - Provides a path for public and protected API operations.
  • Workflow loop runner - Invoked by AWS Step Functions.
Edge Lambdamain/solution/edge-lambdaAn inline JavaScript interceptor function that adds security headers to the CloudFront output response. This function is declared inline because the code requires API Gateway URL for the backend API operations.
Machine imagessolution/machine-images/Deploys spot instances using machine images for EC2 and Amazon EMR templates.
Prepare master accountsmain/solution/prepare-master-accCreates a master IAM role for organization access.
Post deploymentsolution/post-deployment/Creates an IAM role for the post deployment function with policies granting permission to S3 buckets, DynamoDB tables, KMS encryption key, CloudFront, and Lambda functions.
User interfacesolution/ui/Contains code used to create and support the UI functionality of the application.

Continuous integration/continuous delivery

Service Workbench includes the continuous integration/continuous delivery feature:

  • cicd/cicd-pipeline/serverless.yml
  • cicd/cicd-source/serverless.yml