From 9fbb4920d046b3419748f6aa0243949f97f7c4da Mon Sep 17 00:00:00 2001
From: David Roazen <droazen@broadinstitute.org>
Date: Wed, 21 Aug 2013 12:39:30 -0400
Subject: [PATCH] Update GATK AWS phone-home configuration

-Switch to using new GSA AWS account for storage of phone home data

-Use DNS-compliant bucket names, as per Amazon's best practices

-Encrypt publicly-distributed version of credentials. Grant only PutObject
 permission, and only for the relevant buckets.

-Store non-distributed credentials in private/GATKLogs/newAWSAccountCredentials
 for now -- need to integrate with existing python/shell scripts
 later to get the log downloading working with the new account
---
 .../sting/gatk/phonehome/GATKRunReport.java     |  10 +++++-----
 .../phonehome/resources/GATK_AWS_access.key     | Bin 256 -> 256 bytes
 .../phonehome/resources/GATK_AWS_secret.key     | Bin 256 -> 256 bytes
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/public/java/src/org/broadinstitute/sting/gatk/phonehome/GATKRunReport.java b/public/java/src/org/broadinstitute/sting/gatk/phonehome/GATKRunReport.java
index 67d72189c..e8c8896f6 100644
--- a/public/java/src/org/broadinstitute/sting/gatk/phonehome/GATKRunReport.java
+++ b/public/java/src/org/broadinstitute/sting/gatk/phonehome/GATKRunReport.java
@@ -71,10 +71,10 @@ import java.util.zip.GZIPOutputStream;
  * @since 2010
  */
 public class GATKRunReport {
-    protected static final String REPORT_BUCKET_NAME = "GATK_Run_Reports";
-    protected static final String TEST_REPORT_BUCKET_NAME = "GATK_Run_Reports_Test";
-    protected final static String AWS_ACCESS_KEY_MD5 = "43433e5488d60788042ed5de3dcf9b0a";
-    protected final static String AWS_SECRET_KEY_MD5 = "0aa28b227ecacbdc9d2d5e8d82b10d32";
+    protected static final String REPORT_BUCKET_NAME = "broad.gsa.gatk.run.reports";
+    protected static final String TEST_REPORT_BUCKET_NAME = "broad.gsa.gatk.run.reports.test";
+    protected final static String AWS_ACCESS_KEY_MD5 = "34d4a26eb2062b3f06e833b28f9a38c6";
+    protected final static String AWS_SECRET_KEY_MD5 = "83f2332eec99ef1d7425d5dc5d4b514a";
 
     private static final DateFormat DATE_FORMAT = new SimpleDateFormat("yyyy/MM/dd HH.mm.ss");
 
@@ -525,7 +525,7 @@ public class GATKRunReport {
                         }
                         break;
                     case NORMAL:
-                        // IAM GATK user credentials -- only right is to PutObject into GATK_Run_Report bucket
+                        // IAM GATK user credentials -- only right is to PutObject into broad.gsa.gatk.run.reports bucket
                         final S3Service s3Service = initializeAWSService(getAWSUploadAccessKey(), getAWSUploadSecretKey());
 
                         // Create an S3Object based on a file, with Content-Length set automatically and
diff --git a/public/java/src/org/broadinstitute/sting/gatk/phonehome/resources/GATK_AWS_access.key b/public/java/src/org/broadinstitute/sting/gatk/phonehome/resources/GATK_AWS_access.key
index 5b3e0c2ecfde37da2e3833cb48c8b6091077389a..28f2cd0b8bbf52ba4aa3ec4f1fc7676347b04fcf 100644
GIT binary patch
literal 256
zcmV+b0ssCrL`oYbvpnkOGl&oO<7~bHWdo?N+>Z`%j;l@C(QZ+&1Z!6i3&@!5?_(vv
z?#hB(*H9x}=%x%5jdaE@y2*-zK&bdOB1y_x#F7?VsUHd$F2PPJ9b-FozF+r+VcpZ)
zfSnSB-OyKmvB6l@L~LFDkXlQ0o5i*So^;$9(;j?b>^Pz@iS%6?XmJ~MM-fQM%#YG`
zfi5RNp$^7>os80Q<>Oy1F+UZXAFA??<e$~3SE%N7Nq0;Sw+f{)od5&cHI|<0IH(Os
zZ(Nh>IWFq+tS8cTzo&raow0-G`x<el7)-aGWK`2gpGCilhck;zX?n|CR~b82&&nVn
G(S9iqrhG^M

literal 256
zcmV+b0ssCZ)s?=}0`w^+<0qS!+DM}|p<R3UG0|SSGRK;|%CXE_Z}|Mf2}Q}SF;(ny
zN;E$CTj;YGyt-+53>dh>j1@V&k5>l{_|L=rQ{#|d%Q{rHhB+O)r6=owaRvqvpa3)+
z!B>N5s>o75BYAdysT&$AoC<f5NJOJKn&Wm}I6=<f<~IqcWx^LR9pe3scY*CZTi3A{
zsFT?%yCHvG_h$H!1?raX`6hZ_X&JAm1o%>E*sWotupSnHe2n6!3<s8`jB(`_6b2j`
zvbJ&RXeO(oaY5_p6PF%?WDv<VCCq8NXAYv6`dN#T6-Y2qd!RcsL?7x0WQgF3_8ZR$
GCy_l?uX;iN

diff --git a/public/java/src/org/broadinstitute/sting/gatk/phonehome/resources/GATK_AWS_secret.key b/public/java/src/org/broadinstitute/sting/gatk/phonehome/resources/GATK_AWS_secret.key
index 9f1224a54b2d7a920b161c1ec1e2248c5e07a4ea..5c289a838b309f882b1d1d24728afa56ae8c7394 100644
GIT binary patch
literal 256
zcmV+b0ssCQ<KQ6WtH<R^H~FN6$z8!*2b@I#ZnWePgRUrv9eu~CzeJ)f9nwbFmP#=k
zn{({fefd;RQAsXDo#$Z@G1{X0gWV~*Hu&2-(I6Qj;XZ&wApE@`8}X;J7R1Z!Zyki{
zyQ?N3`#<O7z{8|Ne`gEEE?f%*7w5pA-m-|7B{=p-3$TFm3`@uL^6PXpF}uSTib;k^
ze*o?pKrWS|?E#D7na&^n*&Lldzq@oH{BdL77vcrgKO2~ruph!3ESCgj2wELiLCiw+
z*1y5J&w6l1B-deM!ma!ZgB{Q7IJ%T99-!@zd;aXG0B~((Z7OE0BmByo)bzl)2CDY)
Gs-9}o#DeDl

literal 256
zcmV+b0ssCiysMm`x*G%W0;!`&6H(6`P>8_R=NzKpk9#dl1NlQSVt+-=9EfxiX}5Rb
z8DygZ1zx4;d1WWDzVX{7=<pHTu#8eQ2xP}+S?Dy?7Eq8RFpqK68tF1e<ADrz9VDr;
z%Assny7S6VwaY(YfYJK7T??0Iv##H!N>}(Tg%ImiBB^yg^N>7YDaKrq4^OW{Gh3X`
zHBkxCQ?!iSxrmLJAahMkgp)oPdT0Z5Db~|1%%@xO1~AJZ@46$2)!r%6;%3~+(<&bE
zGwj~P-hX;B!2}dRG5Zl<>bz)a6J!qzDB|_3i#wI{6&<y}a$Sq#y4%#&5T%X?K&~jY
Ge57F7JADHH