Sharing workflows - AWS HealthOmics
Share a private workflow (console)Share a private workflow (API)Accept a shared workflow (console)Run a shared workflow (console)Run a shared workflow (API)

Sharing workflows

As the owner of a private workflow, you can share the workflow with an AWS account in the same region. To share a workflow with more than one AWS account, you create multiple shares of the same workflow.

As the owner, you can revoke access to a shared workflow by deleting the share.

Note

To share the Amazon ECR containers associated with a shared workflow, you need to adjust the container permissions to allow cross-account access. For more information, including an example policy, see Amazon ECR permissions.

To subscribe to a shared workflow, you follow these steps to accept and use the workflow:

  1. Use the console or API to accept the share. Set your current region to the same region as the share request.

    • To find the share request in the console, navigate to the All Resource shares page, then choose the Shared with me tab.

  2. Use the console or API to create a run for the shared workflow.

    • To find the workflow details page in the console, navigate to Shared with me (see step 1), then choose the Resource link for the shared workflow.

  3. You provide your own input data for the workflow.

  4. The shared workflow runs in your AWS account.

As the subscriber to a shared workflow, the system blocks you from performing the following workflow actions:

  • Exporting a shared workflow

  • Re-running the shared workflow

    • You create a new run for the shared workflow.

  • Re-sharing the workflow.

  • Assigning a tag to the workflow.

  • Deleting the workflow.

    • When you no longer need the workflow, you delete the workflow share.

See Cross-account resource sharing in AWS HealthOmics for additional information about resource sharing.

Share a private workflow (console)

From the console, you can share a private workflow with an AWS account in the same region as the workflow.

To share a private workflow

  1. Open the HealthOmics console https://console.aws.amazon.com/omics/.

  2. In the left navigation pane, choose Private workflows.

  3. From the Workflows table on the Private workflows page, select the workflow to share, and choose Share.

  4. In the Share details panel of the Share workflow page, enter a descriptive name for the share and enter the AWS account of the subscriber.

  5. Choose Share resource. The console displays resource shares in the All resource shares page.

The initial state of the share is pending. After the subscriber accepts the share, the state changes to active.

Share a private workflow (API)

Use the create-share API operation to create a workflow share. The principal subscriber is the AWS account of the user who will get access to the workflow. 

aws omics create-share \
  --resource-arn "arn:aws:omics:us-west-2:555555555555:workflow/123456" \
  --principal-subscriber "123456789012" \
  --name "my_Share-123"

If the create is successful, you receive a response with the share ID and status.

{
"shareId": "495c21bedc889d07d0ab69d710a6841e-dd75ab7a1a9c384fa848b5bd8e5a7e0a",
"name": "my_Share-123",
"status": "PENDING"
}

The share remains in pending state until the subscriber accepts it using the accept-share API operation.

See Cross-account resource sharing in AWS HealthOmics for other API usage examples.

Accept a shared workflow (console)

You can use the console to accept an offered workflow share. Make sure to set the console to the same Region as the workflow.

  1. Open the HealthOmics console https://console.aws.amazon.com/omics/.

  2. In the left navigation pane, choose All Resource shares, then choose the Shared with me tab.

  3. From the Resources shared with me table , select the workflow share and then choose Accept.

After you accept the workflow, choose the Resource link for the shared workflow to view its details.

Run a shared workflow (console)

After you accept a workflow share, you can start a run on the workflow.

  1. Open the HealthOmics console https://console.aws.amazon.com/omics/.

  2. In the left navigation pane, choose All Resource shares, then choose the Shared with me tab.

  3. From the Resources shared with me table, choose the Resource link for the shared workflow.

  4. In the Workflow details page, choose Create run.

    The console opens the Create run page, with the workflow type (shared) and Workflow ID pre-populated.

  5. Configure the remaining fields in the Create run form. For additional information, see Starting a run (console).

Run a shared workflow (API)

Use get-workflow to retrieve the ARN of the shared workflow.

aws omics get-workflow --id 1234567 \
--workflow-owner-id 55555555555

When you run the workflow, provide the workflow owner’s AWS account ID and the ARN of the shared workflow.

aws omics start-run --id 1234567 --workflow-owner-id 55555555555 \
--role-arn arn:aws:iam::1234567892012:role/service-role/OmicsWorkflow-20221004T164236 \
--name ArchiveTest --retention-mode REMOVE