Background
The AusSeabed Data Submission Service was developed within the Cloud Enablement Team (CET) principally by Jaleel Mohammad under the business direction of Natalie Lennard and Neal Evans.
This service was developed within the Amazon Web Services environment using the following technologies:
tba
tba
The core AWS components for management are:
Cognito
Amazon Cognito provides authentication, authorization, and user management for your web and mobile apps. Your users can sign in directly with a user name and password.
The two main components of Amazon Cognito are user pools and identity pools. User pools are user directories that provide sign-up and sign-in options for your app users. Identity pools enable you to grant your users access to other AWS services. You can use identity pools and user pools separately or together.
DynamoDB
Amazon DynamoDB is a fully managed proprietary NoSQL database service that supports key–value and document data structures and is offered by Amazon.com as part of the Amazon Web Services portfolio.
S3
Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services that provides object storage through a web service interface.
IAM
AWS Identity and Access Management (IAM) provides fine-grained access control across all of AWS. With IAM, you can specify who can access which services and resources, and under which conditions. With IAM policies, you manage permissions to your workforce and systems to ensure least-privilege permissions.
This initial service will be integrated into the overall Data Register platform providing a simple self-registration tool for Data Contributing Partners/Providers who intend to supply the AusSeabed community with their data. The data is upload to the Geoscience Australia Hub, and published to the Geoscience Australia Product catalogue – eCat (https://ecat.ga.gov.au/geonetwork/srv/eng/catalog.search#/home ) and the Marine Data Portal (https://portal.ga.gov.au/persona/marine#/ )
The service offers a user a Create Account screen asking for a user defined username modelled as firstname.lastname, a password and confirmation password, an email address and an Organisation or affiliation name. The service then automatically informs the GA AusSeabed Data Manager that a user has registered and requests the Data Manager to assess the applicant and confirm or deny the user access. If confirmed the user receives an automated confirmation email and is requested to login to the data submission services using the self-registered username and password.
Once the user logs in an automated process is initiated that creates a personalised secure AWS s3 bucket, ready for data upload. The user will also automatically receive another email with their newly created personalised AWS credentials. These are used to login in to the AWS environment, access their s3 storage bucket and upload data.
Purpose
This document provides guidance to the Data Management team within the Marine Branch, responsible for managing AusSeabed data contributions. It will be used to identify the components of the environment that require manual intervention to confirm registered users, manage access and migrate data to the GA AusSeabed Clearing House for long term storage and archival.