<!--
Title: AWS InsuranceLake
Description: Serverless data lake solution accelerator and reference architecture fit for the insurance industry built on AWS
Author: cvisi@amazon.com
-->
# InsuranceLake Infrastructure
The InsuranceLake solution is comprised of two codebases: [Infrastructure](https://github.com/aws-samples/aws-insurancelake-infrastructure) and [ETL](https://github.com/aws-samples/aws-insurancelake-etl). This codebase and the documentation that follows is specific to the Infrastructure. For more comprehensive documentation, including several ways to get started quickly, refer to the [InsuranceLake ETL with CDK Pipeline README](https://github.com/aws-samples/aws-insurancelake-etl/blob/main/README.md).
This solution helps you deploy ETL processes and data storage resources to create an InsuranceLake. It uses Amazon S3 buckets for storage, [AWS Glue](https://docs.aws.amazon.com/glue/) for data transformation, and [AWS CDK Pipelines](https://docs.aws.amazon.com/cdk/latest/guide/cdk_pipeline.html). The solution is originally based on the AWS blog [Deploy data lake ETL jobs using CDK Pipelines](https://aws.amazon.com/blogs/devops/deploying-data-lake-etl-jobs-using-cdk-pipelines/).
[CDK Pipelines](https://docs.aws.amazon.com/cdk/api/latest/docs/pipelines-readme.html) is a construct library module for painless continuous delivery of CDK applications. CDK stands for Cloud Development Kit. It is an open source software development framework to define your cloud application resources using familiar programming languages.
Specifically, this solution helps you to:
1. Deploy a 3 Cs (Collect, Cleanse, Consume) InsuranceLake
1. Deploy ETL jobs needed make common insurance industry data souces available in a data lake
1. Use pySpark Glue jobs and supporting resoures to perform data transforms in a modular approach
1. Build and replicate the application in multiple environments quickly
1. Deploy ETL jobs from a central deployment account to multiple AWS environments such as Dev, Test, and Prod
1. Leverage the benefit of self-mutating feature of CDK Pipelines; specifically, the pipeline itself is infrastructure as code and can be changed as part of the deployment
1. Increase the speed of prototyping, testing, and deployment of new ETL jobs
---
## Contents
* [Architecture](#architecture)
* [InsuranceLake](#insurance-lake)
* [Infrastructure](#infrastructure)
* [Codebase](#codebase)
* [Source code Structure](#source-code-structure)
* [Automation Scripts](#automation-scripts)
* [Authors and Reviewers](#authors-and-reviewers)
* [License Summary](#license-summary)
---
## Architecture
In this section we talk about the overall InsuranceLake architecture and the infrastructure component.
### InsuranceLake
As shown in the figure below, we use Amazon S3 for storage. We use three S3 buckets:
1. Collect bucket to store raw data in its original format
1. Cleanse/Curate bucket to store the data that meets the quality and consistency requirements of the lake
1. Consume bucket for data that is used by analysts and data consumers of the lake (e.g. Amazon Quicksight, Amazon Sagemaker)
InsuranceLake is designed to support a number of source systems with different file formats and data partitions. To demonstrate, we have provided a CSV parser and sample data files for a source system with two data tables, which are uploaded to the Collect bucket.
We use AWS Lambda and AWS Step Functions for orchestration and scheduling of ETL workloads. We then use AWS Glue with pySpark for ETL and data cataloging, Amazon DynamoDB for transformation persistence, Amazon Athena for interactive queries and analysis. We use various AWS services for logging, monitoring, security, authentication, authorization, notification, build, and deployment.
**Note:** [AWS Lake Formation](https://aws.amazon.com/lake-formation/) is a service that makes it easy to set up a secure data lake in days. [Amazon QuickSight](https://aws.amazon.com/quicksight/) is a scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud. These two services are not used in this solution but can be added.
---
### Infrastructure
The figure below represents the infrastructure resources we provision for Data Lake.
1. Amazon Virtual Private Cloud (VPC)
1. Subnets
1. Security Groups
1. Route Table(s)
1. VPC Endpoints
1. Amazon S3 buckets for:
1. Collect data
1. Cleanse/Curate data
1. Consume data
---
## Codebase
### Source Code Structure
Table below explains how this source code structured:
| File / Folder | Description |
|------------------| -------------|
| [app.py](./app.py) | Application entry point. |
| [code_commit_stack.py](./lib/code_commit_stack.py) | Optional stack to deploy an empty CodeCommit respository for mirroring. |
| [pipeline_stack.py](./lib/pipeline_stack.py) | Pipeline stack entry point. |
| [pipeline_deploy_stage.py](./lib/pipeline_deploy_stage.py) | Pipeline deploy stage entry point. |
| [s3_bucket_zones_stack.py](./lib/s3_bucket_zones_stack.py) | Stack creates S3 buckets - raw, conformed, and purpose-built. This also creates an S3 bucket for server access logging and AWS KMS Key to enabled server side encryption for all buckets.|
| [tagging.py](./lib/tagging.py) | Program to tag all provisioned resources. |
| [vpc_stack.py](./lib/vpc_stack.py) | Contains all resources related to the VPC used by Data Lake infrastructure and services. This includes: VPC, Security Groups, and VPC Endpoints (both Gateway and Interface types). |
| [test](./test)| This folder contains pytest unit tests |
| [resources](./resources)| This folder has static resources such as architecture diagrams. |
---
### Automation scripts
This repository has the following automation scripts to complete steps before the deployment:
| Script | Purpose |
|-----------| -------------|
| [bootstrap_deployment_account.sh](./lib/prerequisites/bootstrap_deployment_account.sh) | Used to bootstrap deployment account |
| [bootstrap_target_account.sh](./lib/prerequisites/bootstrap_target_account.sh) | Used to bootstrap target environments for example dev, test, and production. |
| [configure_account_secrets.py](./lib/prerequisites/configure_account_secrets.py) | Used to configure account secrets for GitHub access token. |
---
## Authors and Reviewers
The following people are involved in the design, architecture, development, testing, and review of this solution:
1. **Cory Visi**, Senior Solutions Architect, Amazon Web Services
1. **Ratnadeep Bardhan Roy**, Senior Solutions Architect, Amazon Web Services
1. **Isaiah Grant**, Cloud Consultant, 2nd Watch, Inc.
1. **Muhammad Zahid Ali**, Data Architect, Amazon Web Services
1. **Ravi Itha**, Senior Data Architect, Amazon Web Services
1. **Justiono Putro**, Cloud Infrastructure Architect, Amazon Web Services
1. **Mike Apted**, Principal Solutions Architect, Amazon Web Services
1. **Nikunj Vaidya**, Senior DevOps Specialist, Amazon Web Services
---
## License Summary
This sample code is made available under the MIT-0 license. See the LICENSE file.
Copyright Amazon.com and its affiliates; all rights reserved. This file is Amazon Web Services Content and may not be duplicated or distributed without permission.
Raw data
{
"_id": null,
"home_page": "https://github.com/aws-samples/aws-insurancelake-infrastructure",
"name": "aws-insurancelake-infrastructure",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.9",
"maintainer_email": "",
"keywords": "aws-insurancelake-infrastructure aws cdk insurance datalake s3 vpc python",
"author": "Cory Visi <cvisi@amazon.com>, Ratnadeep Bardhan Roy <rdbroy@amazon.com>, Isaiah Grant <igrant@2ndwatch.com>, Ravi Itha <itharav@amazon.com>, Zahid Muhammad Ali <zhidli@amazon.com>",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/87/07/2fde20cb896737b9e3bbc4a3a50498161735c6c4fc2a37f3d1728e397a3c/aws-insurancelake-infrastructure-3.2.tar.gz",
"platform": null,
"description": "<!--\n Title: AWS InsuranceLake\n Description: Serverless data lake solution accelerator and reference architecture fit for the insurance industry built on AWS\n Author: cvisi@amazon.com\n -->\n# InsuranceLake Infrastructure\n\nThe InsuranceLake solution is comprised of two codebases: [Infrastructure](https://github.com/aws-samples/aws-insurancelake-infrastructure) and [ETL](https://github.com/aws-samples/aws-insurancelake-etl). This codebase and the documentation that follows is specific to the Infrastructure. For more comprehensive documentation, including several ways to get started quickly, refer to the [InsuranceLake ETL with CDK Pipeline README](https://github.com/aws-samples/aws-insurancelake-etl/blob/main/README.md).\n\nThis solution helps you deploy ETL processes and data storage resources to create an InsuranceLake. It uses Amazon S3 buckets for storage, [AWS Glue](https://docs.aws.amazon.com/glue/) for data transformation, and [AWS CDK Pipelines](https://docs.aws.amazon.com/cdk/latest/guide/cdk_pipeline.html). The solution is originally based on the AWS blog [Deploy data lake ETL jobs using CDK Pipelines](https://aws.amazon.com/blogs/devops/deploying-data-lake-etl-jobs-using-cdk-pipelines/).\n\n[CDK Pipelines](https://docs.aws.amazon.com/cdk/api/latest/docs/pipelines-readme.html) is a construct library module for painless continuous delivery of CDK applications. CDK stands for Cloud Development Kit. It is an open source software development framework to define your cloud application resources using familiar programming languages.\n\nSpecifically, this solution helps you to:\n\n1. Deploy a 3 Cs (Collect, Cleanse, Consume) InsuranceLake\n1. Deploy ETL jobs needed make common insurance industry data souces available in a data lake\n1. Use pySpark Glue jobs and supporting resoures to perform data transforms in a modular approach\n1. Build and replicate the application in multiple environments quickly\n1. Deploy ETL jobs from a central deployment account to multiple AWS environments such as Dev, Test, and Prod\n1. Leverage the benefit of self-mutating feature of CDK Pipelines; specifically, the pipeline itself is infrastructure as code and can be changed as part of the deployment\n1. Increase the speed of prototyping, testing, and deployment of new ETL jobs\n\n\n\n---\n\n## Contents\n\n* [Architecture](#architecture)\n * [InsuranceLake](#insurance-lake)\n * [Infrastructure](#infrastructure)\n* [Codebase](#codebase)\n * [Source code Structure](#source-code-structure)\n * [Automation Scripts](#automation-scripts)\n* [Authors and Reviewers](#authors-and-reviewers)\n* [License Summary](#license-summary)\n\n---\n\n## Architecture\n\nIn this section we talk about the overall InsuranceLake architecture and the infrastructure component.\n\n### InsuranceLake\n\nAs shown in the figure below, we use Amazon S3 for storage. We use three S3 buckets:\n 1. Collect bucket to store raw data in its original format\n 1. Cleanse/Curate bucket to store the data that meets the quality and consistency requirements of the lake\n 1. Consume bucket for data that is used by analysts and data consumers of the lake (e.g. Amazon Quicksight, Amazon Sagemaker)\n\nInsuranceLake is designed to support a number of source systems with different file formats and data partitions. To demonstrate, we have provided a CSV parser and sample data files for a source system with two data tables, which are uploaded to the Collect bucket.\n\nWe use AWS Lambda and AWS Step Functions for orchestration and scheduling of ETL workloads. We then use AWS Glue with pySpark for ETL and data cataloging, Amazon DynamoDB for transformation persistence, Amazon Athena for interactive queries and analysis. We use various AWS services for logging, monitoring, security, authentication, authorization, notification, build, and deployment.\n\n**Note:** [AWS Lake Formation](https://aws.amazon.com/lake-formation/) is a service that makes it easy to set up a secure data lake in days. [Amazon QuickSight](https://aws.amazon.com/quicksight/) is a scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud. These two services are not used in this solution but can be added.\n\n\n\n---\n\n### Infrastructure\n\nThe figure below represents the infrastructure resources we provision for Data Lake.\n\n 1. Amazon Virtual Private Cloud (VPC)\n 1. Subnets\n 1. Security Groups\n 1. Route Table(s)\n 1. VPC Endpoints\n 1. Amazon S3 buckets for:\n 1. Collect data\n 1. Cleanse/Curate data\n 1. Consume data\n\n\n\n---\n\n## Codebase\n\n### Source Code Structure\n\nTable below explains how this source code structured:\n\n | File / Folder | Description |\n |------------------| -------------|\n | [app.py](./app.py) | Application entry point. |\n | [code_commit_stack.py](./lib/code_commit_stack.py) | Optional stack to deploy an empty CodeCommit respository for mirroring. |\n | [pipeline_stack.py](./lib/pipeline_stack.py) | Pipeline stack entry point. |\n | [pipeline_deploy_stage.py](./lib/pipeline_deploy_stage.py) | Pipeline deploy stage entry point. |\n | [s3_bucket_zones_stack.py](./lib/s3_bucket_zones_stack.py) | Stack creates S3 buckets - raw, conformed, and purpose-built. This also creates an S3 bucket for server access logging and AWS KMS Key to enabled server side encryption for all buckets.|\n | [tagging.py](./lib/tagging.py) | Program to tag all provisioned resources. |\n | [vpc_stack.py](./lib/vpc_stack.py) | Contains all resources related to the VPC used by Data Lake infrastructure and services. This includes: VPC, Security Groups, and VPC Endpoints (both Gateway and Interface types). |\n | [test](./test)| This folder contains pytest unit tests |\n | [resources](./resources)| This folder has static resources such as architecture diagrams. |\n\n---\n\n### Automation scripts\n\nThis repository has the following automation scripts to complete steps before the deployment:\n\n | Script | Purpose |\n |-----------| -------------|\n | [bootstrap_deployment_account.sh](./lib/prerequisites/bootstrap_deployment_account.sh) | Used to bootstrap deployment account |\n | [bootstrap_target_account.sh](./lib/prerequisites/bootstrap_target_account.sh) | Used to bootstrap target environments for example dev, test, and production. |\n | [configure_account_secrets.py](./lib/prerequisites/configure_account_secrets.py) | Used to configure account secrets for GitHub access token. |\n\n---\n\n## Authors and Reviewers\n\nThe following people are involved in the design, architecture, development, testing, and review of this solution:\n\n1. **Cory Visi**, Senior Solutions Architect, Amazon Web Services\n1. **Ratnadeep Bardhan Roy**, Senior Solutions Architect, Amazon Web Services\n1. **Isaiah Grant**, Cloud Consultant, 2nd Watch, Inc.\n1. **Muhammad Zahid Ali**, Data Architect, Amazon Web Services\n1. **Ravi Itha**, Senior Data Architect, Amazon Web Services\n1. **Justiono Putro**, Cloud Infrastructure Architect, Amazon Web Services\n1. **Mike Apted**, Principal Solutions Architect, Amazon Web Services\n1. **Nikunj Vaidya**, Senior DevOps Specialist, Amazon Web Services\n\n---\n\n## License Summary\n\nThis sample code is made available under the MIT-0 license. See the LICENSE file.\n\nCopyright Amazon.com and its affiliates; all rights reserved. This file is Amazon Web Services Content and may not be duplicated or distributed without permission.\n",
"bugtrack_url": null,
"license": "MIT-0",
"summary": "A CDK Python app for deploying foundational infrastructure for InsuranceLake in AWS",
"version": "3.2",
"project_urls": {
"Homepage": "https://github.com/aws-samples/aws-insurancelake-infrastructure"
},
"split_keywords": [
"aws-insurancelake-infrastructure",
"aws",
"cdk",
"insurance",
"datalake",
"s3",
"vpc",
"python"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "27feb60ea07ff0b963677ea456ea96794cfcd6cca7860483ac20ecdce370e846",
"md5": "949b6c95b3e44a7ead2197950fcd2fd6",
"sha256": "db498539c9dba5f72d62d40aa1ff71c2b53a6ca1d7b4e6f9bd097776fc7cb3cd"
},
"downloads": -1,
"filename": "aws_insurancelake_infrastructure-3.2-py3-none-any.whl",
"has_sig": false,
"md5_digest": "949b6c95b3e44a7ead2197950fcd2fd6",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.9",
"size": 22323,
"upload_time": "2024-03-03T04:50:25",
"upload_time_iso_8601": "2024-03-03T04:50:25.530322Z",
"url": "https://files.pythonhosted.org/packages/27/fe/b60ea07ff0b963677ea456ea96794cfcd6cca7860483ac20ecdce370e846/aws_insurancelake_infrastructure-3.2-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "87072fde20cb896737b9e3bbc4a3a50498161735c6c4fc2a37f3d1728e397a3c",
"md5": "a3c3bfa24de51e99ce5ea52a1ff1ac7d",
"sha256": "12d3e133b3784419e697091bad3bd7a14ff75e20f06c98a7c69d1013cbf56331"
},
"downloads": -1,
"filename": "aws-insurancelake-infrastructure-3.2.tar.gz",
"has_sig": false,
"md5_digest": "a3c3bfa24de51e99ce5ea52a1ff1ac7d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.9",
"size": 21097,
"upload_time": "2024-03-03T04:50:27",
"upload_time_iso_8601": "2024-03-03T04:50:27.131965Z",
"url": "https://files.pythonhosted.org/packages/87/07/2fde20cb896737b9e3bbc4a3a50498161735c6c4fc2a37f3d1728e397a3c/aws-insurancelake-infrastructure-3.2.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-03-03 04:50:27",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "aws-samples",
"github_project": "aws-insurancelake-infrastructure",
"travis_ci": false,
"coveralls": true,
"github_actions": true,
"requirements": [],
"lcname": "aws-insurancelake-infrastructure"
}
JSON
