User Guide
This document is an introduction to using the environment from the point of view of various roles. Since the environment is designed to be highly flexible with respect to the "how" of data analysis, it focuses on how to access the environment and on the movement of data in and out.
The SRE is accessed using Azure Virtual Desktop (AVD), a secure way to access Microsoft Azure services anytime, from anywhere and from any device.
The recommended (and easiest) way to access the SRE is to use the AVD web client via this link aka.ms/avdwebarm. Any HTML5-capable web browser is supported.
There are also native Remote Desktop versions for Windows, macOS, iOS and Android.
Chromebook users are supported in two ways - either the HTML5 client via the included Chrome browser or installing the Android Remote Desktop app from the Play store.
Functionality may vary by client and also on the configuration of the AVD environment by its administrators. For example, copy/paste into and out of an AVD session may be blocked for sensitive envirionments.
There is currently no native Linux AVD client but there are multiple HTML5-compatible web browsers available for Linux. As noted above, any modern web browser should be fine.
When you use AVD to connect to the SRE, you will be promprted to log in. Use your organization's account information to connect. If you are not sure what credentials to use, please contact your organization's IT team for assistance.
Once you connect, you should see a list of icons which represent the various options available to you. If your organization is already using AVD then there may be multiple icons present.
The default SRE deployment creates an AVD "Workspace" named "Research Enclave Access". If you have been granted access to a SRE, you should see something like the below image in the AVD window. Select the "Remote Desktop" icon to connect to the SRE and begin your work. If you have access to mutiple environments then there will be an icon (or more than one icon) for each environment.
For the PI or the "Data Owner" roles, the primary tasks are related to maintaining control over the data sets that are being used, specifically moving them in and out of the environment.
The SRE has an external-facing Azure Storage Account as the ingress/egress point for data sets. This is configured as blob (object) storage and data sets can be uploaded or downloaded using a variety of mechanisms including a REST API, the AzCopy CLI tool, the standard SFTP protocol (currently in preview) and Azure Storage Explorer.
To add data to the environment, upload the file(s) to the container named "ingest" on the storage account which has external (public) access enabled. One way to do this is by uysing the Azure Storage Explorer tool, a GUI client which is optimiezd for file transfers to and from Azure storage services. It is available for Windows, Linux and MacOS as an open source project on GitHub at https://github.com/microsoft/AzureStorageExplorer/releases. To upload a data set to the storage account using Storage Explorer, follow the directions on this page.
You can also transfer data to and from Azure storage accounts using the Azcopy CLI tool, Powershell or the REST API.
The upload location to introuce new data sets is a contaier which is named "ingest" by default.
(coming soon)