Analytics and Search

Data Governance with Amazon DataZone - Data Discovery, Sharing, and Access Control

Learn how to build a domain-based data catalog and implement data discovery, sharing, and access control through subscription workflows.

約 3 分で読めます

DataZone Overview

DataZone is a service that unifies data discovery, sharing, and governance within an organization, capable of managing thousands of data assets and hundreds of users. Data producers publish data assets to the catalog, and data consumers search the catalog for needed data and submit subscription requests. After approval, consumers can access data directly from Athena or Redshift.

Domains and Subscriptions

Domains are logical groups corresponding to business units or teams, clarifying data ownership and management responsibility. In the subscription workflow, consumers request access to data assets, and producers or administrators approve the requests. After approval, Lake Formation permissions are automatically granted, and consumers can execute queries from Athena.

Data Quality and Catalog Management

DataZone's data quality rules automatically validate the quality of published data assets. Define rules for completeness (percentage of NULL values), uniqueness (duplicate records), and freshness (last update date), and display quality scores in the catalog. The business glossary manages organization-wide term definitions, and by tagging data assets, you can search for data by business meaning rather than just technical table names. Metadata forms define custom attributes such as data owner, update frequency, and sensitivity level, attaching governance-relevant information to data assets. Integration with the Glue Data Catalog enables automatic import of existing table definitions into DataZone. For a comprehensive understanding of DataZone design patterns, refer to technical books (Amazon).

DataZone Pricing

DataZone pricing consists of the number of data assets registered in the catalog and metadata API call volume. Data assets cost approximately $0.10 per asset per month, and metadata API calls cost approximately $4.25 per million requests. Subscription approval and management are available at no additional charge. In large organizations where data assets can reach thousands, manage costs through regular inventory of unnecessary assets. Leveraging existing metadata through Glue Data Catalog integration avoids duplicate catalog management and reduces operational costs.

Summary

DataZone is a service that unifies data discovery, sharing, and governance to maximize data value across the organization. Domain-based ownership management clarifies data responsibility, and subscription workflows enable approval-based data sharing. Data quality rules and business glossaries improve catalog reliability and searchability.

Related Services

Amazon DataZoneA data management service that unifies data discovery, sharing, and governanceAWS GlueA serverless ETL service that automates data extraction, transformation, and loadingAmazon AthenaA serverless query service that lets you analyze data in S3 using standard SQL

Related Articles

Building a Cloud Data Warehouse with Amazon Redshift - Choosing Between Serverless and RA3Learn the criteria for choosing between Serverless and RA3 provisioned clusters, and how to prevent data silos using data sharing and Spectrum for data lake integration.Building a Data Lake with AWS Lake Formation - Fine-Grained Access Control and Data CatalogEstablish data lake governance with column-level and row-level fine-grained access control and tag-based management. This article covers integration with Glue Data Catalog and cross-account access.BI Dashboard Visualization - Building a Data-Driven Decision Platform with Amazon QuickSightExplains how to build interactive BI dashboards with Amazon QuickSight and a serverless data analytics platform with Athena integration. Covers high-speed visualization with the SPICE engine and practical methods for sharing insights across the organization.

More on This Topic

Practical Use Cases for Amazon Quick - Department-Specific Scenarios and Workflow Automation Design PatternsExplore concrete use cases for sales, IT, and finance departments, along with design patterns for notifications, approvals, and multi-step workflows using Quick Flows.BI Dashboard Visualization - Building a Data-Driven Decision Platform with Amazon QuickSightExplains how to build interactive BI dashboards with Amazon QuickSight and a serverless data analytics platform with Athena integration. Covers high-speed visualization with the SPICE engine and practical methods for sharing insights across the organization.Building Blockchain Networks - Leveraging Distributed Ledgers with Amazon Managed Blockchain and QLDBExplains how to build blockchain networks with Amazon Managed Blockchain and use Amazon QLDB as a verifiable ledger database. Covers practical use cases such as supply chain management and ensuring transparency in financial transactions.Privacy-Preserving Data Collaboration with AWS Clean RoomsRun joint analysis across multiple companies without sharing or copying data. Learn about aggregation rules for preventing individual identification and Cryptographic Computing for encrypted analysis.Customer Identity Unification - Resolving Scattered Customer Data with AWS Entity ResolutionLearn how to perform entity resolution (record matching) on customer data using AWS Entity Resolution. This article covers ML-based matching, rule-based matching, privacy protection, and integration with Clean Rooms.Leveraging Third-Party Data with AWS Data Exchange - Data Procurement and Subscription ManagementProcure third-party data products via Marketplace and build automated delivery pipelines to S3. This article also covers how to productize and monetize your own data.Building a Data Lake with Amazon S3 and Lake Formation - Design Patterns and GovernanceExplore data lake design patterns using S3 as the storage foundation and Lake Formation for fine-grained access control. This article also covers ETL pipelines and cost optimization.Data Lake Governance - Centralized Access Control with AWS Lake FormationLearn about building, access control, and governance for data lakes using AWS Lake Formation. This article covers fine-grained column-level and row-level permission management for S3-based data lakes, along with Glue and Athena integration.

Similar Articles and Services

Amazon DataZoneA data management portal that integrates data cataloging, access governance, and self-service data sharingIT Service Provisioning - Self-Service Infrastructure Delivery with AWS Service CatalogLearn how to catalog approved IT services with AWS Service Catalog and enable self-service infrastructure provisioning through CloudFormation integration. This article covers operational patterns that maintain governance while empowering development teams.AWS Data ExchangeA data marketplace service for subscribing to third-party datasets via AWS Marketplace and ingesting them directly into S3 or RedshiftAWS Service CatalogA catalog service for delivering approved IT services across your organization via self-service