From 0b02804dcb89c411d9f95cd7c0bd735134ace7c3 Mon Sep 17 00:00:00 2001
From: depristo <depristo@348d0f76-0448-11de-a6fe-93d51630548a>
Date: Sat, 2 Apr 2011 13:39:47 +0000
Subject: [PATCH] Scripts for creating S3 IGV account

git-svn-id: file:///humgen/gsa-scr1/gsa-engineering/svn_contents/trunk@5557 348d0f76-0448-11de-a6fe-93d51630548a
---
 analysis/depristo/s3GATKReport/IGVPolicy.txt  | 12 +++++
 analysis/depristo/s3GATKReport/IGV_cred.txt   |  2 +
 .../depristo/s3GATKReport/setupS3IGVUser.csh  | 45 +++++++++++++++++++
 3 files changed, 59 insertions(+)
 create mode 100755 analysis/depristo/s3GATKReport/IGVPolicy.txt
 create mode 100644 analysis/depristo/s3GATKReport/IGV_cred.txt
 create mode 100755 analysis/depristo/s3GATKReport/setupS3IGVUser.csh

diff --git a/analysis/depristo/s3GATKReport/IGVPolicy.txt b/analysis/depristo/s3GATKReport/IGVPolicy.txt
new file mode 100755
index 000000000..3fb797e7d
--- /dev/null
+++ b/analysis/depristo/s3GATKReport/IGVPolicy.txt
@@ -0,0 +1,12 @@
+{
+  "Statement": [
+    {
+      "Sid": "Stmt1296439478068",
+      "Action": [
+        "s3:PutObject"
+      ],
+      "Effect": "Allow",
+      "Resource": "arn:aws:s3:::IGV_crowdsourcing/*"
+    }
+  ]
+}
diff --git a/analysis/depristo/s3GATKReport/IGV_cred.txt b/analysis/depristo/s3GATKReport/IGV_cred.txt
new file mode 100644
index 000000000..f073a3ced
--- /dev/null
+++ b/analysis/depristo/s3GATKReport/IGV_cred.txt
@@ -0,0 +1,2 @@
+AKIAIM64MSUYNQ2465HQ
+D+l3HfPQFWia9HF8rKh/fJ5+yNYsltWUpj0C7L0Z
diff --git a/analysis/depristo/s3GATKReport/setupS3IGVUser.csh b/analysis/depristo/s3GATKReport/setupS3IGVUser.csh
new file mode 100755
index 000000000..5fd1459fe
--- /dev/null
+++ b/analysis/depristo/s3GATKReport/setupS3IGVUser.csh
@@ -0,0 +1,45 @@
+#!/bin/tcsh
+
+# download CLI tools
+# http://aws.amazon.com/developertools/AWS-Identity-and-Access-Management/4143
+
+setenv JAVA_HOME /usr/
+setenv AWS_IAM_HOME ~/Downloads/IAMCli-1.1.0
+setenv PATH $AWS_IAM_HOME/bin:$PATH
+setenv AWS_CREDENTIAL_FILE /Users/depristo/Desktop/broadLocal/GATK/trunk/account-key
+
+setenv CREATE_GROUPS false
+setenv CREATE_IGV_USER false
+setenv UPDATE_USER_KEYS false
+setenv UPDATE_USER_POLICY true
+
+# Create the administrators group:
+# we aren't actually using this, in fact
+if ( $CREATE_GROUPS == true ) then
+iam-groupcreate -g Admins
+iam-grouplistbypath
+iam-groupuploadpolicy -g Admins -p AdminsGroupPolicy -f GroupPolicy.txt
+iam-grouplistpolicies -g Admins
+endif
+
+# Create the IGV user -- uncomment if the IGV user needs to be created from scratch
+# update the secret key
+if $CREATE_IGV_USER == true then
+iam-usercreate -u IGV -k -v > IGV_cred.txt
+endif
+
+# the user access and secret keys are in the IGV source file IGVRunReport.java
+# and must be updated to be the most current ones
+if $UPDATE_USER_KEYS == true then
+iam-userdelkey -u IGV -k $1 # $1 -> current access key
+iam-useraddkey -u IGV > IGV_cred.txt 
+cat IGV_cred.txt
+endif
+
+echo "IGV user policies"
+if $UPDATE_USER_POLICY == true then
+echo "Deleting policy"
+iam-userdelpolicy -u IGV -p IGVRunReportUploading
+iam-useruploadpolicy -u IGV -p IGVRunReportUploading -f IGVPolicy.txt
+endif
+iam-userlistpolicies -u IGV -v