At Quilt, we believe teams deserve to own their data in an environment they control with deep guardrails. This philosophy is especially important in life sciences, where research data can be highly sensitive and subject to strict regulations. One of the core ways we empower this control is by deploying the Quilt data platform in your AWS cloud environment – not on a vendor’s servers. In this post, we’ll explore why hosting our data platform in Amazon Web Services (AWS) is so important, and how it benefits your organization in terms of data ownership, security, and scalability.
Control Over Your Data and Environment
When you deploy Quilt, it doesn’t live in someone else’s cloud – it runs as a private portal within your own AWS account and Virtual Private Cloud (VPC). This means you retain complete ownership of both the data and the infrastructure. All of your files, metadata, and databases reside under your AWS account, so your team has full say over how that data is handled. You aren’t forced to hand over your valuable research data to a third-party SaaS database; instead, Quilt leverages the storage you already trust. In fact, Quilt uses your existing Amazon S3 buckets to store data, leaving you with full control over your data at all times. There’s no proprietary storage to get locked into – your data stays in open formats on S3, so you avoid vendor lock-in by design.
Equally important, running in your environment means you control access policies through AWS Identity and Access Management (IAM). Quilt fully integrates with IAM, allowing fine-grained permission settings and single sign-on (SSO) integration with your identity provider. You manage which users and roles can see specific datasets or perform actions, using the same IAM framework your IT team already knows. As our documentation emphasizes, you control all IAM policies for Quilt’s deployment, ensuring that data access aligns with your internal governance rules. In short, hosting in AWS gives your administrators the ultimate oversight – the platform operates within guardrails you configure.
Security and Compliance on AWS
Security is paramount in life sciences, where data can include intellectual property or patient information. By hosting Quilt inside your AWS account, you benefit from AWS’s robust security infrastructure on top of having direct control. All Quilt services run within your VPC, isolated in private subnets with restricted network access. This network isolation means the platform can be wrapped inside your organization’s firewall or VPN – effectively, Quilt becomes an extension of your secure internal network. AWS security groups and access control lists can be tuned to only allow necessary traffic, greatly limiting exposure (include link to infrastructure diagram). In practical terms, your data platform isn’t sitting on a public multi-tenant cloud; it’s tucked away in a protected enclave of your AWS infrastructure.
Because you manage the environment, you can also enforce your own security standards. Want all data encrypted at rest and in transit? AWS makes that easy, and Quilt respects those settings. Need detailed audit logs of every access? AWS CloudTrail can log all API calls, and Quilt itself maintains detailed usage logs. In fact, Quilt’s design aligns with rigorous compliance requirements: the platform provides complete version histories and audit trails to help ensure FAIR data principles, GxP compliance, and other regulatory standards from day one. Life science teams can’t afford lapses in traceability, and hosting on AWS helps check that box. AWS’s data centers and services are already certified for high-security and regulatory environments (HIPAA, 21 CFR Part 11, etc.), and by keeping everything in your account, you can more easily validate and document compliance. The bottom line is that an AWS-hosted Quilt platform gives you enterprise-grade security infrastructure – and the power to tailor it to meet the strictest requirements of biotech and pharma.
AWS Building Blocks: S3, IAM, and VPC
Several key AWS services provide the foundation that makes this approach so powerful. By building on familiar AWS building blocks, Quilt ensures you get the best of cloud infrastructure without sacrificing control:
- Amazon S3 (Simple Storage Service) – S3 is AWS’s highly scalable object storage, and it’s the backbone of data storage in Quilt. All of your files, from raw instrument data to analysis results, are stored in your S3 buckets. This offers massive scalability and eleven-nines durability for your data, without the cost overhead of proprietary storage systems. (Quilt was designed to “replace expensive data stores with Amazon S3”.) Because Quilt uses your S3 infrastructure, there’s no data migration needed to get started and no duplication of storage. Your data remains in place, and you can continue to access it via S3’s APIs or AWS console, alongside using Quilt’s UI and APIs. S3 also seamlessly integrates with encryption and lifecycle policies, so you can enforce data retention or archival rules as needed.
- AWS IAM (Identity and Access Management) – IAM is the security backbone that governs who can do what in your AWS environment. Quilt leverages IAM for authentication and authorization, meaning every user action can be managed by standard IAM roles and policies. This is crucial for maintaining principle-of-least-privilege access to sensitive research data. You can, for example, create IAM roles that limit certain users to read-only access on specific datasets, or require MFA for console access, etc. Quilt’s integration with IAM also means it plugs into your existing SSO/identity provider, so scientists can log in with corporate credentials, and you avoid maintaining a separate siloed user directory. By building governance on IAM, Quilt ensures that data access is always auditable and tightly controlled under your organization’s established security practices.
- Amazon VPC (Virtual Private Cloud) – The Quilt platform is deployed into your VPC, which is essentially your own private cloud network within AWS. Running inside a VPC means that Quilt’s application and databases are isolated from the public internet by default. You can choose to expose the web interface internally only (or make it accessible externally via a load balancer, depending on your needs), but in all cases, the data and core services stay within your trusted network perimeter. The VPC setup also allows you to utilize network features like private endpoints or VPN connections. For instance, labs can connect to Quilt over a secure VPN, or you can set up AWS PrivateLink endpoints so that even internal traffic to S3 doesn’t traverse the public internet. In short, VPC gives you granular control over networking – you decide how open or closed the data platform should be. This level of isolation is a huge advantage for meeting internal IT policies and preventing any unauthorized access to sensitive data.
By relying on S3, IAM, and VPC – services that AWS has hardened and optimized for enterprise use – Quilt provides a data platform that is both easy to trust and easy to manage. Your team benefits from AWS’s proven reliability and security, while avoiding the compromises that come with using someone else’s cloud.
Scalability and Integration with AWS Ecosystem
Another major benefit of hosting the data platform in AWS is scalability. Life science data isn’t just sensitive – it’s also huge and growing exponentially (think high-resolution microscopy images, genome sequences, etc.). AWS infrastructure is built to handle this scale. Because Quilt runs on AWS resources (like Amazon ECS for containerized services and Amazon RDS for its internal database), it can scale out as your usage grows. Need to index millions of files? Quilt’s architecture uses Amazon OpenSearch (Elasticsearch) under the hood to index and search data, and this can be scaled and managed just like any AWS service. Need to add more storage? S3 will automatically handle more data without you having to provision anything. By deploying on AWS, Quilt inherits AWS’s ability to scale on demand, so the platform won’t be a bottleneck as your organization generates more data.
Equally important, hosting in AWS means your data doesn’t live in a silo. It’s in an environment where a whole world of analytics and machine learning tools is readily available. With your data in S3 and cataloged by Quilt, you can directly plug into AWS’s ecosystem: for example, running SQL queries on your data via Amazon Athena, or training models in Amazon SageMaker using data accessed through Quilt’s APIs. Quilt was built cloud-natively to take advantage of AWS services – offering first-class integrations with tools like S3, AWS Lambda, EventBridge, Athena, and more. This means you can set up event-driven workflows (e.g., trigger a pipeline when new data is added) or quickly spin up analytics jobs, all against the same data in place. There’s no need to extract or copy your datasets into another system to use these AWS services. The result is a streamlined ecosystem: your data platform becomes the hub that connects people, instruments, and analysis pipelines, all on top of AWS’s flexible infrastructure.
Finally, leveraging AWS can also be cost-efficient. You pay for cloud resources as you use them – storing terabytes in S3 or indexing files in OpenSearch – without hefty upfront investments in hardware or separate storage systems. And because Quilt lets you “maintain full control over data while providing self-service access” on AWS, your IT team can enforce cost policies (like transitioning old data to cheaper S3 tiers) knowing exactly where and how data is stored.
Conclusion
Hosting Quilt’s data platform in your AWS environment gives you the best of both worlds: the ownership and security of managing your own infrastructure, and the power and scalability of AWS’s cloud. Your team retains sovereignty over invaluable scientific data – an essential factor in establishing trust and meeting compliance in the life sciences – and at the same time, users get modern, fast access to data thanks to AWS’s technology under the hood.
By keeping data in your AWS account, Quilt ensures there are no black boxes: you can see, control, and audit everything. Features like Amazon S3 storage, IAM-based governance, and VPC isolation translate to a platform that is secure by design. And because it’s built on AWS, Quilt scales with your science – integrating with advanced cloud services whenever you’re ready to leverage them.
In an era when data is a competitive asset, we believe that giving teams full control of their data platform is the surest way to accelerate innovation. Hosting on AWS is a key part of that strategy, providing a solid foundation of trust, compliance, and technical capability. For life science organizations aiming to turn data into breakthroughs, an AWS-hosted Quilt platform offers a future-proof environment to do exactly that – all while keeping your data exactly where it is.
Comments