Security concerns when working with volumes

There are measures to ensure that operations on volumes by the CGC are secure and compliant with the security standards governing medical data.

Restrictions on viewing volume details

Volume owner

Only the volume's owner (the user who created the volume) can obtain the full details of that volume, including its exact configuration to the cloud storage provider.

This information never contains authentication credentials such as passwords or access keys. These credentials are never communicated back via the API. The owner of a volume is, however, free to reconfigure these credentials as well as any of the volume's other parameters.

Project members

If your project on the CGC contains aliases referring to your volume, project members can obtain the file details of these aliases which contain a restricted set of information identifying the source volume. For example, a project member viewing the details of a file imported to a project will see the following:

1252

In short, if a user has sufficient privileges to obtain the details of an alias, both the CGC's visual interface and the API will expose:

  • The volume identifier, consisting of owner's username and volume name. In the example above, the username is markot and the volume name is my_import_volume.
  • The key under which the object is stored on the cloud storage service. In the example above, the key is 243831_ATGTCA_L001_1P.fastq.gz.

📘

Users who are not members of projects referring to your volume cannot obtain any information about your volume or any of its resources.

Restrictions on volume operations

Only the volume's owner can perform operations on that volume, including listing volume details, updating volume configuration, deleting a volume, invoking alias operations on it or checking those operations' status.

Access policy for volumes on the CGC

By creating a volume, you authorize the CGC to access your cloud storage service and the resources you've specified on it on your behalf. You retain ownership of your cloud resources at all times – the CGC does not read volumes' contents independently of operations you perform on the volume. The resources will not be copied elsewhere by the CGC or their native metadata changed unless through an operation performed by you, the owner, or by an authorized user. Note that authorized users can only effect changes on aliases but not on the volume itself.

The owner of the resources in a volume can revoke access to the CGC at any time by:

When the CGC's access to a volume is revoked (or a volume is removed), any resources that link to that volume's data objects may remain on the CGC (e.g. any imported or exported files), but their content becomes unavailable until the volume is either recreated or reconfigured.

Viewing the content of an alias via the Web browser

Most cloud storage providers implement additional security measures limiting access to the contents of stored objects. This may prevent you from viewing the content of some aliases, even when the files are otherwise readable and can be used as inputs to computation.

If this is a problem, you can configure your cloud storage to allow viewing such content in a browser: