Skip to content

Commit

Permalink
Use KMS encryption when upload data to s3
Browse files Browse the repository at this point in the history
Mustn't be required in pieriandx dev testing
  • Loading branch information
alexiswl committed Nov 6, 2024
1 parent b2b904d commit f4e073a
Show file tree
Hide file tree
Showing 2 changed files with 33 additions and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -23,15 +23,22 @@
"""

# Standard imports
from tempfile import TemporaryDirectory
from pathlib import Path
from urllib.parse import urlparse
from wrapica.project_data import read_icav2_file_contents, convert_uri_to_project_data_obj
import logging

# Layer imports
from pieriandx_pipeline_tools.utils.s3_helpers import set_s3_access_cred_env_vars, upload_file
from pieriandx_pipeline_tools.utils.secretsmanager_helpers import set_icav2_env_vars
from pieriandx_pipeline_tools.utils.compression_helpers import decompress_file

# Logger
logger = logging.getLogger()
logger.setLevel(logging.INFO)


def handler(event, context):
"""
Expand Down Expand Up @@ -107,3 +114,21 @@ def handler(event, context):
# },
# None
# )

# if __name__ == "__main__":
# from os import environ
# environ["AWS_PROFILE"] = 'umccr-production'
# environ['AWS_REGION'] = 'ap-southeast-2'
# environ["ICAV2_ACCESS_TOKEN_SECRET_ID"] = "ICAv2JWTKey-umccr-prod-service-production"
# environ['PIERIANDX_S3_ACCESS_CREDENTIALS_SECRET_ID'] = "PierianDx/S3Credentials"
#
# handler(
# {
# "needs_decompression": False,
# "src_uri": "s3://pipeline-prod-cache-503977275616-ap-southeast-2/byob-icav2/production/analysis/cttsov2/202411053da6481e/Results/L2401560/L2401560_MetricsOutput.tsv",
# "contents": None,
# "dest_uri": "s3://pdx-xfer/melbourne/241101_A01052_0236_BHVJNMDMXY__L2401560__V2__20241105f6bc3fb9__20241105f6bc3fb9/Data/Intensities/BaseCalls/L2401560_MetricsOutput.tsv"
# },
# None
# )
#
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,14 @@ def get_s3_client() -> 'S3Client':

def upload_file(bucket: str, key: str, input_file_path: Path) -> None:
s3 = get_s3_client()
s3.upload_file(str(input_file_path), bucket, key.lstrip("/"))
s3.upload_file(
str(input_file_path),
bucket,
key.lstrip("/"),
ExtraArgs={
'ServerSideEncryption': 'AES256'
}
)


def set_s3_access_cred_env_vars():
Expand Down

0 comments on commit f4e073a

Please sign in to comment.