• Manuals

Browse the manual

• Introduction
  • Prerequisites
• Configuring the cloud connection
  • Settings for Amazon Web Services
  • Settings for CLC Genomics Cloud Engine
• Importing data from the cloud
• Exporting data to the cloud
• Running workflows in the cloud
• Cloud Job Search
  • Downloading all results
  • Selective download of results
• Using the Cloud Plugin with the CLC Genomics Server
• Configuring the Cloud Server Plugin
  • Configuring the AWS and CLC Genomics Cloud Engine settings
  • Configuring cloud presets
• Troubleshooting
• Installing and uninstalling Workbench plugins
  • Install
  • Uninstall

Configuring the AWS and CLC Genomics Cloud Engine settings

To configure the Cloud Server Plugin, click on Plugins, and confirm that the Cloud Server Plugin is shown in the list. Then, click on the Edit Plugin settings... button at the bottom of the list (figure 8.1), followed by the Edit button next to the Cloud Server Plugin.

Figure 8.19: Configure the Cloud Server Plugin by clicking the Edit Plugin settings button.

This will allow you to configure the following parameters:

AWS access key ID: The access key ID for programmatic access, set up for the AWS IAM user as described in Prerequisites.

AWS secret access key: The secret access key ID for programmatic access, set up for the AWS IAM user as described in Prerequisites.

AWS region: We recommend using one of the geographically nearest regions.

GCE S3 cloud cache bucket name: The cache bucket to be used when uploading data to the cloud, as described in Prerequisites.

GCE job mananger rest host URI: The URL pointing to the GCE instance deployed on the specified AWS account, as described in Prerequisites. Note that this URL must be the same as the "URL" setting specified in the CLC Workbench, under File | Cloud Connection.

GCE http oauth2 client id: The client ID used by the to authenticate using OAuth2 Client Credentials Grant.

GCE http oauth2 client secret: The client secret used by the CLC Genomics Server to authenticate using OAuth2 Client Credentials Grant.

GCE http oauth2 authorization server: The access token endpoint of the authentication server used by the CLC Genomics Cloud Engine.

Accept untrusted certificate: This checkbox should be selected when the GCE has been set up with a self-signed certificate. We recommend setting up the GCE with a trusted certificate.

Validate settings: This option, which is enabled by default, validates the settings when you press OK. Uncheck this box only if you need to temporarily store invalid settings.

GLOBAL_OVERRIDABLE: This setting has no effect for the Cloud Server Plugin and we recommend leaving it at the default settings.

Unlike the CLC Workbench, the CLC Genomics Server uses the OAuth2 Client Credentials Grant flow for authentication. This flow is suitable for server-to-server integration, and will ensure that the CLC Genomics Server will have valid credentials that do not need to be periodically renewed. CLC Workbench users who connect to the CLC Genomics Server will be granted access to the CLC Genomics Cloud Engine via the server's credentials, but jobs will be run under the user's user name.

Please note the following security-related information:

• By configuring the AWS settings in CLC Genomics Server, CLC Workbench users connecting to the server and using the Cloud Plugin will be able to see each other's data in AWS S3, as they will have access through the shared credentials stored in the server.
• There are no user permissions on jobs in GCE. This means that GCE users will be able to find each other's jobs, for example by using the Cloud Job Search functionality.
• It is possible to prevent a CLC Workbench user from being able to submit jobs to the cloud by configuring permissions for each cloud preset. (Global permissions | Cloud presets)

---