Implement a {custom} subscription workflow for unmanaged Amazon S3 property printed with Amazon DataZone

Organizational knowledge is usually fragmented throughout a number of traces of enterprise, resulting in inconsistent and generally duplicate datasets. This fragmentation can delay decision-making and erode belief in accessible knowledge. Amazon DataZone, a knowledge administration service, helps you catalog, uncover, share, and govern knowledge saved throughout AWS, on-premises methods, and third-party sources. Though Amazon DataZone automates subscription success for structured knowledge property—equivalent to knowledge saved in Amazon Easy Storage Service (Amazon S3), cataloged with the AWS Glue Information Catalog, or saved in Amazon Redshift—many organizations additionally rely closely on unstructured knowledge. For these clients, extending the streamlined knowledge discovery and subscription workflows in Amazon DataZone to unstructured knowledge, equivalent to information saved in Amazon S3, is important.

For instance, Genentech, a number one biotechnology firm, has huge units of unstructured gene sequencing knowledge organized throughout a number of S3 buckets and prefixes. They should allow direct entry to those knowledge property for downstream functions effectively, whereas sustaining governance and entry controls.

On this put up, we reveal learn how to implement a {custom} subscription workflow utilizing Amazon DataZone, Amazon EventBridge, and AWS Lambda to automate the success course of for unmanaged knowledge property, equivalent to unstructured knowledge saved in Amazon S3. This answer enhances governance and simplifies entry to unstructured knowledge property throughout the group.

Answer overview

For our use case, the info producer has unstructured knowledge saved in S3 buckets, organized with S3 prefixes. We need to publish this knowledge to Amazon DataZone as discoverable S3 knowledge. On the patron facet, customers have to seek for these property, request subscriptions, and entry the info inside an Amazon SageMaker pocket book, utilizing their very own {custom} AWS Identification and Entry Administration (IAM) roles.

The proposed answer entails making a {custom} subscription workflow that makes use of the event-driven structure of Amazon DataZone. Amazon DataZone retains you knowledgeable of key actions (occasions) inside your knowledge portal, equivalent to subscription requests, updates, feedback, and system occasions. These occasions are delivered by way of the EventBridge default occasion bus.

An EventBridge rule captures subscription occasions and invokes a {custom} Lambda perform. This Lambda perform incorporates the logic to handle entry insurance policies for the subscribed unmanaged asset, automating the subscription course of for unstructured S3 property. This method streamlines knowledge entry whereas making certain correct governance.

To study extra about working with occasions utilizing EventBridge, discuss with Occasions through Amazon EventBridge default bus.

The answer structure is proven within the following screenshot.

To implement the answer, we full the next steps:

1. As a knowledge producer, publish an unstructured S3 primarily based knowledge asset as S3ObjectCollectionType to Amazon DataZone.
2. For the patron, create a {custom} AWS service atmosphere within the client Amazon DataZone challenge and add a subscription goal for the IAM position hooked up to a SageMaker pocket book occasion. Now, as a client, request entry to the unstructured asset printed within the earlier step.
3. When the request is permitted, seize the subscription created occasion utilizing an EventBridge rule.
4. Invoke a Lambda perform because the goal for the EventBridge rule and cross the occasion payload to it:
5. The Lambda perform does 2 issues:
   1. Fetches the asset particulars, together with the Amazon Useful resource Title (ARN) of the S3 printed asset and the IAM position ARN from the subscription goal.
   2. Makes use of the knowledge to replace the S3 bucket coverage granting Record/Get entry to the IAM position.

Stipulations

To observe together with the put up, you must have an AWS account. For those who don’t have one, you may join one.

For this put up, we assume you know the way to create an Amazon DataZone area and Amazon DataZone initiatives. For extra data, see Create domains and Working with initiatives and environments in Amazon DataZone.

Additionally, for simplicity, we use the identical IAM position for the Amazon DataZone admin (creating domains) as effectively the producer and client personas.

Publish unstructured S3 knowledge to Amazon DataZone

We’ve got uploaded some pattern unstructured knowledge into an S3 bucket. That is the info that shall be printed to Amazon DataZone. You should utilize any unstructured knowledge, equivalent to a picture or textual content file.

On the Properties tab of the S3 folder, word the ARN of the S3 bucket prefix.

Full the next steps to publish the info:

1. Create an Amazon DataZone area within the account and navigate to the area portal utilizing the hyperlink for Information portal URL.

2. Create a brand new Amazon DataZone challenge (for this put up, we title it unstructured-data-producer-project) for publishing the unstructured S3 knowledge asset.
3. On the Information tab of the challenge, select Create knowledge asset.

4. Enter a reputation for the asset.
5. For Asset sort, select S3 object assortment.
6. For S3 location ARN, enter the ARN of the S3 prefix.

After you create the asset, you may add glossaries or metadata kinds, but it surely’s not obligatory for this put up. You’ll be able to publish the info asset so it’s now discoverable inside the Amazon DataZone portal.

Arrange the SageMaker pocket book and SageMaker occasion IAM position

Create an IAM position which shall be hooked up to the SageMaker pocket book occasion. For the belief coverage, permit SageMaker to imagine this position and go away the Permissions tab clean. We discuss with this position because the instance-role all through the put up.

Subsequent, create a SageMaker pocket book occasion from the SageMaker console. Connect the instance-role to the pocket book occasion.

Arrange the patron Amazon DataZone challenge, {custom} AWS service atmosphere, and subscription goal

Full the next steps:

1. Log in to the Amazon DataZone portal and create a client challenge (for this put up, we name it custom-blueprint-consumer-project), which is able to utilized by the patron persona to subscribe to the unstructured knowledge asset.

We use the lately launched {custom} blueprints for AWS companies for creating the atmosphere on this client challenge. The {custom} blueprint means that you can convey your individual atmosphere IAM position to combine your present AWS sources with Amazon DataZone. For this put up, we create a {custom} atmosphere to immediately combine SageMaker pocket book entry from the Amazon DataZone portal.

2. Earlier than you create the {custom} atmosphere, create the atmosphere IAM position that shall be used within the {custom} blueprint. The position ought to have a belief coverage as proven within the following screenshot. For the permissions, connect the AWS managed coverage AmazonSageMakerFullAccess. We discuss with this position because the environment-role all through the put up.

3. To create the {custom} atmosphere, first allow the Customized AWS Service blueprint on the Amazon DataZone console.

4. Open the blueprint to create a brand new atmosphere as proven within the following screenshot.
5. For Proudly owning challenge, use the patron challenge that you just created earlier and for Permissions, use the environment-role.

6. After you create the atmosphere, open it to create a personalized URL for the SageMaker pocket book entry.

7. Create a brand new {custom} AWS hyperlink and enter the URL from the SageMaker pocket book.

Yow will discover it by navigating to the SageMaker console and selecting Notebooks within the navigation pane.

8. Select Customise so as to add the {custom} hyperlink.

9. Subsequent, create a subscription goal within the {custom} atmosphere to cross the occasion position that wants entry to the unstructured knowledge.

A subscription goal is an Amazon DataZone engineering idea that enables Amazon DataZone to satisfy subscription requests for managed property by granting entry primarily based on the knowledge outlined within the goal like domain-id, environment-id, or authorized-principals.

At the moment, creation of subscription targets is barely allowed utilizing the AWS Command Line Interface (AWS CLI). You should utilize the command create-subscription-target to create the subscription goal.

The next is an instance JSON payload for the subscription goal creation. Create it as a JSON file in your workstation (for this put up, we name it blog-sub-target.json). Substitute the area ID and the atmosphere ID with the corresponding values on your area and atmosphere.

{
"domainIdentifier": ">",
"environmentIdentifier": ">",
"title": "custom-s3-target-consumerenv",
"sort": "GlueSubscriptionTargetType",
"manageAccessRole": ">",
"applicableAssetTypes": ["S3ObjectCollectionAssetType"],
"supplier": "Customized Supplier",
"authorizedPrincipals": [ ">"],
"subscriptionTargetConfig": [{
"formName": "GlueSubscriptionTargetConfigForm",
"content": "{"databaseName":"customdb1"}"
}]
}

You may get the area ID from the consumer title button within the higher proper Amazon DataZone knowledge portal; it’s within the format dzd_>.

For the atmosphere ID, yow will discover it on the Settings tab of the atmosphere inside your client challenge.

10. Open an AWS CloudShell atmosphere and add the JSON payload file utilizing the Actions choice within the CloudShell terminal.
11. Now you can create a brand new subscription goal utilizing the next AWS CLI command:

aws datazone create-subscription-target --cli-input-json file://blog-sub-target.json

12. To confirm the subscription goal was created efficiently, run the list-subscription-target command from the AWS CloudShell atmosphere:

aws datazone list-subscription-targets —domain-identifier > —environment-identifier >

Create a perform to answer subscription occasions

Now that you’ve got the patron atmosphere and subscription goal arrange, the following step is to implement a {custom} workflow for dealing with subscription requests.

The only mechanism to deal with subscription occasions is a Lambda perform. The precise implementation might differ primarily based on atmosphere; for this put up, we stroll by way of the steps to create a easy perform to deal with subscription creation and cancellation.

1. On the Lambda console, select Features within the navigation pane.
2. Select Create perform.
3. Choose Writer from scratch.
4. For Operate title, enter a reputation (for instance, create-s3policy-for-subscription-target).
5. For Runtime¸ select Python 3.12.
6. Select Create perform.

This could open the Code tab for the perform and permit modifying of the Python code for the perform. Let’s have a look at among the key elements of a perform to deal with the subscription for unmanaged S3 property.

Deal with solely related occasions

When the perform will get invoked, we examine to verify it’s one of many occasions that’s related for managing entry. In any other case, the perform can merely return a message with out taking additional motion.

def lambda_handler(occasion, context):
    # Get the essential information concerning the occasion
    event_detail = occasion['detail']

    # Be sure that it is one of many occasions we're thinking about
    event_source = occasion['source']
    event_type = occasion['detail-type']

    if event_source != 'aws.datazone':
        return '{"Response" : "Not a DataZone occasion"}'
    elif event_type not in ['Subscription Created', 'Subscription Cancelled', 
                               'Subscription Revoked']:
        return '{"Response" : "Not a subscription created, cancelled, or revoked occasion"}'

These subscription occasions ought to embody each the area ID and a request ID (amongst different attributes). You should utilize these to search for the main points of the subscription request in Amazon DataZone:

sub_request = dz.get_subscription_request_details(
domainIdentifier = domain_id,
identifier= sub_request_id
)
asset_listing = sub_request['subscribedListings'][0]['item']['assetListing']
form_data = json.masses(asset_listing['forms'])
asset_id = asset_listing['entityId']
asset_version = asset_listing['entityRevision']
asset_type = asset_listing['entityType']

A part of the subscription request ought to embody the ARN for the S3 bucket in query, so you may retrieve that:

# We solely need to take motion if it is a S3 asset
    if asset_type == 'S3ObjectCollectionAssetType':
        # Get the bucket ARN from the shape information for the asset
        bucket_arn = form_data['S3ObjectCollectionForm']['bucketArn']
        
        #Get the principal from the subscription goal
        principal = get_principal(domain_id,project_id)

        strive:
            # Get the bucket title from the ARN                    
            bucket_name_with_prefix = bucket_arn.break up(':')[5]
            bucket_name = bucket_name_with_prefix.break up('/')[0]
           
        besides IndexError:
            response="{"Response" : "Couldn't discover bucket title in ARN"}"
            return response

You may as well use the Amazon DataZone API calls to get the atmosphere related to the challenge making the subscription request for this S3 asset. After retrieving the atmosphere ID, you may examine which IAM principals have been approved to entry unmanaged S3 property utilizing the subscription goal:

        list_sub_target = dz.list_subscription_targets(
            domainIdentifier=domain_id,
            environmentIdentifier=environment_id,
            maxResults=50,
            sortBy='CREATED_AT',
            sortOrder="DESCENDING"
            )
        
        print('asset sort:', list_sub_target['items'][0]['applicableAssetTypes'])
        
        if list_sub_target['items'][0]['applicableAssetTypes'] == ['S3ObjectCollectionAssetType']:
            role_arn = list_sub_target['items'][0]['authorizedPrincipals']
            print('position arn',role_arn)

If it is a new subscription, add the related IAM principal to the S3 bucket coverage by appending an announcement that enables the specified S3 actions on this bucket for the brand new principal:

        if event_type == 'Subscription Created':
            if bucket_arn[-1] == '/':
                statement_block.append({
                    'Sid' : sid_string,
                    'Motion': S3_ACTION_STRING,
                    'Useful resource': [
                        bucket_arn,
                        bucket_arn + '*'
                    ],
                    'Impact': 'Enable',
                    'Principal': {'AWS': principal}
                })

Conversely, if it is a subscription being revoked or cancelled, take away the beforehand added assertion from the bucket coverage to verify the IAM principal not has entry:

        elif event_type == 'Subscription Cancelled' or event_type == 'Subscription Revoked':
            # Take away the assertion from the coverage if it is there
            # Made certain to deal with case the place there isn't any Sid for an announcement
            pruned_statement_block = []
            for assertion in statement_block:
                if 'Sid' not in assertion or assertion['Sid'] != sid_string:
                    pruned_statement_block.append(assertion)
            statement_block = pruned_statement_block

The finished perform ought to be capable to deal with including or eradicating principals like IAM roles or customers to a bucket coverage. Be sure you deal with instances the place there isn’t a present bucket coverage or the place a cancellation means eradicating the one assertion within the coverage, that means the complete bucket coverage is not wanted.

The next is an instance of a accomplished perform:

import json
import boto3
import os


dz = boto3.consumer('datazone')
s3 = boto3.consumer('s3')

# The record of actions to be permitted on the bucket within the newly granted coverage
S3_ACTION_STRING = 's3:*'

def build_policy_statements(event_type, statement_block, principal, sub_request_id, bucket_arn):
        # Generate a Sid that needs to be distinctive
        sid_string = ''.be a part of(c for c in f'DZ{principal}{sub_request_id}' if c.isalnum())
        # Add a brand new coverage assertion that offers the prinicpal entry to complete bucket.
        # If it seems one thing apart from bucket ARN is allowed in asset, we will
        # get extra granular than that
        # Sid that needs to be distinctive in case we have to deal with unsubscribe
        print('assertion block :',statement_block)
        if event_type == 'Subscription Created':
            if bucket_arn[-1] == '/':
                statement_block.append({
                    'Sid' : sid_string,
                    'Motion': S3_ACTION_STRING,
                    'Useful resource': [
                        bucket_arn,
                        bucket_arn + '*'
                    ],
                    'Impact': 'Enable',
                    'Principal': {'AWS': principal}
                })
            else:
                statement_block.append({
                    'Sid' : sid_string,
                    'Motion': S3_ACTION_STRING,
                    'Useful resource': [
                        bucket_arn,
                        bucket_arn + '/*'
                    ],
                    'Impact': 'Enable',
                    'Principal': {'AWS': principal}
                })
        elif event_type == 'Subscription Cancelled' or event_type == 'Subscription Revoked':
            # Take away the assertion from the coverage if it is there
            # Made certain to deal with case the place there isn't any Sid for an announcement
            pruned_statement_block = []
            for assertion in statement_block:
                if 'Sid' not in assertion or assertion['Sid'] != sid_string:
                    pruned_statement_block.append(assertion)
            statement_block = pruned_statement_block
           

        return statement_block

def lambda_handler(occasion, context):
    """Lambda perform reacting to DataZone subscribe occasions

    Parameters
    ----------
    occasion: dict, required
        Occasion Bridge Occasions Format

    context: object, required
        Lambda Context runtime strategies and attributes

    Returns
    ------
        Easy reponse indicating success or failure purpose
    """
    # Get the essential information concerning the occasion
    event_detail = occasion['detail']

    # Be sure that it is one of many occasions we're thinking about
    event_source = occasion['source']
    event_type = occasion['detail-type']

    if event_source != 'aws.datazone':
        return '{"Response" : "Not a DataZone occasion"}'
    elif event_type not in ['Subscription Created', 'Subscription Cancelled', 
                               'Subscription Revoked']:
        return '{"Response" : "Not a subscription created, cancelled, or revoked occasion"}'

    
    # get the domain_id and different data
    domain_id = event_detail['metadata']['domain']
    project_id = event_detail['metadata']['owningProjectId']
    sub_request_id = event_detail['data']['subscriptionRequestId']
    listing_id = event_detail['data']['subscribedListing']['id']
    listing_version = event_detail['data']['subscribedListing']['version']
    
    print('domain-id',domain_id)
    print('project-id:',project_id)
    
    sub_request = dz.get_subscription_request_details(
        domainIdentifier = domain_id,
        identifier= sub_request_id
    )
   
    # Retrieve information concerning the asset from the request
    asset_listing = sub_request['subscribedListings'][0]['item']['assetListing']
    form_data = json.masses(asset_listing['forms'])
    asset_id = asset_listing['entityId']
    asset_version = asset_listing['entityRevision']
    asset_type = asset_listing['entityType']

    # We solely need to take motion if it is a S3 asset
    if asset_type == 'S3ObjectCollectionAssetType':
        # Get the bucket ARN from the shape information for the asset
        bucket_arn = form_data['S3ObjectCollectionForm']['bucketArn']
        
        #Get the principal from the subscription goal
        principal = get_principal(domain_id,project_id)

        strive:
            # Get the bucket title from the ARN                    
            bucket_name_with_prefix = bucket_arn.break up(':')[5]
            bucket_name = bucket_name_with_prefix.break up('/')[0]
           
        besides IndexError:
            response="{"Response" : "Couldn't discover bucket title in ARN"}"
            return response

        # Get the present bucket coverage, or else make a clean one if there at the moment
        # isn't any coverage
        strive:
            bucket_policy = json.masses(s3.get_bucket_policy(Bucket=bucket_name)['Policy'])
        besides s3.exceptions.from_code('NoSuchBucketPolicy'):
            bucket_policy = {'Assertion': []}
        besides:
            response="{"Response" : "Couldn't get bucket coverage"}"
            return response
        
        # Will get new coverage with the subscribing principal both added or eliminated primarily based on
        # occasion sort
        new_policy_statements = build_policy_statements(event_type, bucket_policy['Statement'], principal, 
                                               sub_request_id, bucket_arn)

            
        # Write again the brand new coverage. This may fail if the brand new coverage is just too huge
        # or if for some purpose the perform position does not have rights to do that
        # If we eliminated the one coverage assertion, then simply delete the coverage
        strive: 
            if not new_policy_statements:
                s3.delete_bucket_policy(Bucket = bucket_name)
            else:
                bucket_policy['Statement'] = new_policy_statements
                policy_string = json.dumps(bucket_policy)
                print('coverage string :',policy_string)
                s3.put_bucket_policy(
                    Bucket=bucket_name,
                    Coverage = policy_string
                )
        besides Exception as e: 
            response = f'{{"Response" : "Error updating bucket coverage: {e.args}"}}'
            return response
        
        # If we obtained right here every thing went as deliberate
        response = f'{{"Response" : "Up to date coverage for " + {bucket_name}}}'
    else:
        response="{"Response" : "Not an S3 asset"}"


    return response

def get_principal(domain_id,project_id):
    # Name record environments to get the atmosphere id
    listenv_request = dz.list_environments(
        domainIdentifier = domain_id,
        projectIdentifier= project_id
    )
    
   # In our instance atmosphere, there is just one of those
    environment_id = listenv_request['items'][0]['id']

   # Get the position we need to give entry to from the subscription goal information
    list_sub_target = dz.list_subscription_targets(
        domainIdentifier=domain_id,
        environmentIdentifier=environment_id,
        maxResults=50,
        sortBy='CREATED_AT',
        sortOrder="DESCENDING"
        )

    if list_sub_target['items'][0]['applicableAssetTypes'] == ['S3ObjectCollectionAssetType']:
       role_arn = list_sub_target['items'][0]['authorizedPrincipals']
   else:
        role_arn = []

    return role_arn

As a result of this Lambda perform is meant to handle bucket insurance policies, the position assigned to it would want a coverage that enables the next actions on any buckets it’s meant to handle:

• s3:GetBucketPolicy
• s3:PutBucketPolicy
• s3:DeleteBucketPolicy

Now you have got a perform that’s able to modifying bucket insurance policies so as to add or take away the principals configured on your subscription targets, however you want one thing to invoke this perform any time a subscription is created, cancelled, or revoked. Within the subsequent part, we cowl learn how to use EventBridge to combine this new perform with Amazon DataZone.

Reply to subscription occasions in EventBridge

For occasions that happen inside Amazon DataZone, it publishes details about every occasion in EventBridge. You’ll be able to look ahead to any of those occasions, and invoke actions primarily based on matching predefined guidelines. On this case, we’re thinking about asset subscriptions being created, cancelled, or revoked, as a result of these will decide once we grant or revoke entry to the info in Amazon S3.

1. On the EventBridge console, select Guidelines within the navigation pane.

The default occasion bus ought to robotically be current; we use it for creating the Amazon DataZone subscription rule.

2. Select Create rule.
3. Within the Rule element part, enter the next:
   1. For Title, enter a reputation (for instance, DataZoneSubscriptions).
   2. For Description, enter an outline that explains the aim of the rule.
   3. For Occasion bus, select default.
   4. Activate Allow the rule on the chosen occasion bus.
   5. For Rule sort, choose Rule with an occasion sample.
4. Select Subsequent.

5. Within the Occasion supply part, choose AWS Occasions or EventBridge associate occasions because the supply of the occasions.

6. Within the Creation technique part, choose Customized Sample (JSON editor) to allow actual specification of the occasions wanted for this answer.

7. Within the Occasion sample part, enter the next code:

{
"detail-type": ["Subscription Created", "Subscription Cancelled", "Subscription Revoked"],
"supply": ["aws.datazone"]
}

8. Select Subsequent.

Now that we’ve outlined the occasions to look at for, we will make sure that these Amazon DataZone occasions get despatched to the Lambda perform we outlined within the earlier part.

9. On the Choose goal(s) web page, enter the next for Goal 1:
   1. For Goal varieties, choose AWS service.
   2. For Choose a goal, select Lambda perform
   3. For Operate, select create-s3policy-for-subscription-target.
10. Select Skip to Overview and create.

11. On the Overview and create web page, select Create rule.

Subscribe to the unstructured knowledge asset

Now that you’ve got the {custom} subscription workflow in place, you may take a look at the workflow by subscribing to the unstructured knowledge asset.

1. Within the Amazon DataZone portal, seek for the unstructured knowledge asset you printed by shopping the catalog.

2. Subscribe to the unstructured knowledge asset utilizing the patron challenge, which begins the Amazon DataZone approval workflow.

3. It’s best to get a notification for the subscription request; observe the hyperlink and approve it.

When the subscription is permitted, it would invoke the {custom} EventBridge Lambda workflow, which is able to create the S3 bucket insurance policies for the occasion position to entry the S3 object. You’ll be able to confirm that by navigating to the S3 bucket and reviewing the permissions.

Entry the subscribed asset from the Amazon DataZone portal

Now that the patron challenge has been given entry to the unstructured asset, you may entry it from the Amazon DataZone portal.

1. Within the Amazon DataZone portal, open the patron challenge and navigate to the Environments
2. Select the SageMaker-Pocket book

3. Within the affirmation pop-up, select Open {custom}.

It will redirect you to the SageMaker pocket book assuming the atmosphere position. You’ll be able to see the SageMaker pocket book occasion.

4. Select Open JupyterLab.

5. Select conda_python3 to launch a brand new pocket book.

6. Add code to run get_object on the unstructured S3 knowledge that you just subscribed earlier and run the cells.

Now, as a result of the S3 bucket coverage has been up to date to permit the occasion position entry to the S3 objects, you must see the get_object name return a HTTPStatusCode of 200.

Multi-account implementation

Within the directions to date, we’ve deployed every thing in a single AWS account, however in bigger organizations, sources could be distributed all through AWS accounts, usually managed by AWS Organizations. The identical sample could be utilized in a multi-account atmosphere, with some minor additions. As an alternative of immediately performing on a bucket, the Lambda perform within the area account can assume a task in different accounts that include S3 buckets to be managed. In every account with an S3 bucket containing property, create a task that enables modifying the bucket coverage and has a belief coverage referencing the Lambda position within the area account as a principal.

Clear up

For those who’ve completed experimenting and don’t need to incur any additional value for the sources deployed, you may clear up the elements as follows:

1. Delete the Amazon DataZone area.
2. Delete the Lambda perform.
3. Delete the SageMaker occasion.
4. Delete the S3 bucket that hosted the unstructured asset.
5. Delete the IAM roles.

Conclusion

By implementing this tradition workflow, organizations can prolong the simplified subscription and entry workflows supplied by Amazon DataZone to their unstructured knowledge saved in Amazon S3. This method gives better management over unstructured knowledge property, facilitating discovery and entry throughout the enterprise.

We encourage you to check out the answer on your personal use case, and share your suggestions within the feedback.

In regards to the Authors

Somdeb Bhattacharjee is a Senior Options Architect specializing on knowledge and analytics. He’s a part of the worldwide Healthcare and Life sciences business at AWS, serving to his clients modernize their knowledge platform options to realize their enterprise outcomes.

Sam Yates is a Senior Options Architect within the Healthcare and Life Sciences enterprise unit at AWS. He has spent a lot of the previous 20 years serving to life sciences corporations apply expertise in pursuit of their missions to assist sufferers. Sam holds BS and MS levels in Pc Science.