Skip to main content

Data Sources

Introduction

Service Workbench can host Studies internally, and provide access to External Studies residing in S3 buckets external to the AWS account where the application was deployed. The Data Sources page enables administrators to configure and manage these Studies.

The external study account must provide Service Workbench with permissions to access the specific S3 bucket and path that contain the data for the External Study. These permissions are created in the external account using an AWS CloudFormation template generated by the application.

The Data Sources page lists external Studies that have been registered with Service Workbench. External Studies also appear on the Studies page, where permissions are configured.

Registering an external Study with Service Workbench

To register an external Study, follow these steps:

Step 1: Set up an external Study account

  1. Navigate to the Data Sources page using the menu on the left.
  2. Click the Register Studies button.
  3. Enter the AWS Account ID for the AWS account containing the S3 bucket.
    • Previously registered external Study accounts are available in the drop-down.
    • If a previously registered account is chosen, skip to step 2.
  4. Select the region that will be used to deploy the onboarding template.
  5. Enter an account name for identifying this account in the Service Workbench UI.
  6. Specify optional contact information for the account.

Step 2: Specify the S3 bucket details

  1. For Bucket Name, choose a name of the external S3 bucket.
    • Previously registered external buckets are available in the drop-down.
    • If a previously registered bucket is chosen, skip to step 3.
  2. For Bucket Region, choose a region.
  3. For Bucket Default Encryption, if the external bucket uses AWS Key Management Service key (SSE-KMS), then a value is required for the KMS Arn field.

Step 3: Specify the Study project details

  1. Click Add Study.
  2. For Study Id, enter a unique Study ID.
  3. For Study Name, enter the Study name.
  4. For Study Folder, enter the folder name (path in the S3 bucket).
  5. For Project, choose a project.
  6. Choose the Type. For more information, refer to Creating a Study.
  7. For Access, choose either Read Only or Read/Write. Appropriate permissions can be assigned on a per-user basis on the Studies page, if it is an organization's Study.
  8. For Description, enter the Study project details.
  9. For Study KMS ARN, enter the value, if applicable.
  10. For Admin, choose one or more admins for the Study, if it is an organization's Study. This can be edited later on the Studies page.
  11. Click Save & Continue.

An information panel is displayed indicating the account, bucket, and Study have been registered within Service Workbench. The final step is to use the generated CloudFormation template to onboard the account.

Onboarding an external Study account

If an external study account is being onboarded with Service Workbench for the first time, then Create Stack option is selected. The application will generate a new CloudFormation template suitable for first-time onboarding.

If the external study account has already been onboarded (refer to "Registering an External Study with Service Workbench" section above), then the Update Stack option is selected. The application generates an update to the previously deployed CloudFormation template.

To onboard an external study account for the first time:

  1. In the Register Studies window, click Next to display CloudFormation template information.
  2. The generated CloudFormation template, specific to the external study account and external S3 bucket is displayed. The appropriate Create Stack or Update Stack option is selected.
  3. If you have admin access to the external study account:
    1. In a new browser tab, log in to the external study account in the AWS Management Console. Ensure the correct region is selected.
    2. In Service Workbench, click the Create Stack or Update Stack button as appropriate to load the CloudFormation template into the AWS Management Console.
    3. In AWS Management Console, follow the prompts and click Create Stack.
    4. Click Done.
  4. If you do not have admin access to the AWS account where the S3 bucket resides:
    1. Click the button to copy the CloudFormation template link to the clipboard.
    2. Create an email to the admins of the account containing the link to the CloudFormation template. Note: Link to the CloudFormation template is valid for 12 hours.
    3. Click Done.
  5. The Data Sources page is displayed, with the newly registered study in the Pending status. After all onboarding has been completed and Service Workbench can reach the Study, it will show the status as Available.
  6. Click Test Connection.

Removing External Studies

Removing external Studies is not supported at this time and it will be available in a future release.

To remove access to the data in the external study account, delete the CloudFormation stack in the AWS account (specified in the "Onboarding an external Study account section above"). This removes permissions enabling access to the data.