Admin Guide Overview

This Admin Guide provides information about how to configure Express for Energy Data Insights, and what underlying AWS resources you can expect your instance of the platform to contain. The Admin Guide describes AWS services architecture, user setup and authorization, and how to ingest your own data in the following pages.

AWS Service Architecture

AWS Service Architecture for Express for Energy Data Insights

For Dedicated-Tenant, a subscription includes an instance of the most recent milestone release of the OSDU® Data Platform and uses the following prerequisite and underlying AWS Services.

For Multi-Tenant, a subscription includes a new dedicated data partition in an instance of the OSDU® Data Platform that serves multiple tenants.

Energy Data Insights Architecture

AWS Services

Infrastructure

For Dedicated-Tenant, Express for Energy Data Insights includes an OSDU Data Platform deployed into a single AWS Account. All AWS services used will be launched within and billed to that account. The OSDU Forum provides open source code that is then deployed to AWS and linked to cloud-provider-specific prerequisite services through a Service Provider Interface (SPI). In some cases the infrastructure is dedicated and persistent and in other cases it is serverless or ephemeral.

For Multi-Tenant, Express for Energy Data Insights includes a data partition instance in a shared OSDU Data Platform instance that is managed by 47Lining on behalf of multiple tenants.

Data

When you load the OSDU Data Platform with data, the data platform persists your data using Amazon S3 and Amazon DynamoDB. You use the OSDU Data Platform APIs to load, search for, and retrieve data. Apart from the OSDU Data Platform APIs, neither you nor other users should typically have direct access to the data or to the underlying AWS services used to manage and store data that has been loaded to the data platform.

An administrator of the AWS account where your Energy Data Insights resides may provide access policies that enable access to these underlying AWS services and resources, but you should use the OSDU Data Platform APIs to interact with your data. Such direct access may sometimes be useful when attempting to diagnose unexpected behavior or other issues to root cause.

Security

In order to provide secure access to the OSDU Data Platform, the entitlements service is used for user and group management. Using this service, users can be granted access to the API endpoints, allowing for certain actions to be undertaken by users of different types. The entitlements service can also be used to grant access to datasets based on a prescribed set of parameters such as geographic region.

Cost

Express for Energy Data Insights is provided as a metered, consumption-based SaaS service as described in Pricing.

This means that you can easily access and use OSDU Data Platform services at minimal cost beyond the cost of the underlying AWS services. Charges for those AWS services will be included on your monthly AWS invoice. A separate item for the minimal monthly charges resulting from your AWS Marketplace subscription to the Energy Data Insights will also appear on your monthly AWS invoice.

AWS Services Used

All Services

Deployed by AWS CodePipeline in Amazon VPC with logging to Amazon CloudWatch
Services are behind Amazon CloudFront and an AWS Application Load Balancer
Deployment uses AWS Systems Manager Parameter Store and AWS Secrets Manager to store and securely access parameters

AWS Service Architecture