LogoLogo
Illumina KnowledgeIllumina SupportSign In
  • Home
  • Overview
    • Illumina® DRAGEN™ Secondary Analysis
    • DRAGEN Applications
    • Deployment Options
  • Product Guides
    • DRAGEN v4.4
      • Getting Started
      • DRAGEN Host Software
        • DRAGEN Secondary Analysis
      • Clinical Research Workflows
        • DRAGEN Heme WGS Tumor Only Pipeline
          • Quick Start
          • Sample Sheets
            • Introduction
            • Requirements
            • Templates
          • Run Planning
            • Sample Sheet Creation in BaseSpace
            • Custom Config Support
          • DRAGEN Server App
            • Getting Started
            • Launching Analysis
            • Command Line Options
            • Output
            • Advanced Topics
              • Custom Workflow
              • Custom Config Support
              • Illumina Connected Insights
          • ICA Cloud App
            • Getting Started
            • Launching Analysis
            • Advanced Topics
              • Custom Workflow
              • Custom Config Support
              • Post Processing
              • Illumina Connected Insights
          • Analysis Output
          • Analysis Methods
          • Troubleshooting
        • DRAGEN Solid WGS Tumor Normal Pipeline
          • Quick Start
          • Sample Sheets
            • Introduction
            • Requirements
            • Templates
          • Run Planning
            • Sample Sheet Creation in BaseSpace
            • Custom Config Support
          • DRAGEN Server App
            • Quick Start
            • Getting Started
            • Launching Analysis
            • Command Line Options
            • Output
            • Advanced Topics
            • Custom Workflow
              • Custom Config Support
            • Illumina Connected Insights
          • ICA Cloud App
            • Getting Started
            • Launching Analysis
            • Output
            • Advanced Topics
              • Custom Workflow
              • Custom Config Support
              • Post Processing
              • Illumina Connected Insights
          • Analysis Output
          • Analysis Methods
          • Troubleshooting
      • DRAGEN Recipes
        • DNA Germline Panel UMI
        • DNA Germline Panel
        • DNA Germline WES UMI
        • DNA Germline WES
        • DNA Germline WGS UMI
        • DNA Germline WGS
        • DNA Somatic Tumor-Normal Solid Panel UMI
        • DNA Somatic Tumor-Normal Solid Panel
        • DNA Somatic Tumor-Normal Solid WES UMI
        • DNA Somatic Tumor-Normal Solid WES
        • DNA Somatic Tumor-Normal Solid WGS UMI
        • DNA Somatic Tumor-Normal Solid WGS
        • DNA Somatic Tumor-Only Heme WGS
        • DNA Somatic Tumor-Only Solid Panel UMI
        • DNA Somatic Tumor-Only Solid Panel
        • DNA Somatic Tumor-Only Solid WES UMI
        • DNA Somatic Tumor-Only Solid WES
        • DNA Somatic Tumor-Only Solid WGS UMI
        • DNA Somatic Tumor-Only Solid WGS
        • DNA Somatic Tumor-Only ctDNA Panel UMI
        • Illumina scRNA
        • Other scRNA prep
        • RNA Panel
        • RNA WTS
      • DRAGEN Reference Support
        • Prepare a Reference Genome
      • DRAGEN DNA Pipeline
        • DNA Mapping
        • Read Trimming
        • DRAGEN FASTQC
        • Sorting and Duplicate Marking
        • Small Variant Calling
          • ROH Caller
          • B-Allele Frequency Output
          • Somatic Mode
          • Pedigree Analysis
          • De Novo Small Variant Filtering
          • Autogenerated MD5SUM for VCF Files
          • Force Genotyping
          • Machine Learning for Variant Calling
          • Evidence BAM
          • Mosaic Detection
          • VCF Imputation
          • Multi-Region Joint Detection
        • Copy Number Variant Calling
          • Available pipelines
            • Germline CNV Calling (WGS/WES)
            • Germline CNV Calling ASCN (WGS)
            • Multisample Germline CNV Calling
            • Somatic CNV Calling ASCN (WGS)
            • Somatic CNV Calling WES
            • Somatic CNV Calling ASCN (WES)
          • Additional documentation
            • CNV Input
            • CNV Preprocessing
            • CNV Segmentation
            • CNV Output
            • CNV ASCN module
            • CNV with SV Support
            • Cytogenetics Modality
        • Repeat Expansion Detection
          • De Novo Repeat Expansion Detection
        • Targeted Caller
          • CYPDB6 Caller
          • CYP2D6 Caller
          • CYP21A2 Caller
          • GBA Caller
          • HBA Caller
          • LPA Caller
          • Rh Caller
          • SMN Caller
        • Structural Variant Calling
          • Structural Variant De Novo Quality Scoring
          • Structural Variant IGV Tutorial
        • VNTR Calling
        • Population Genotyping
        • Filter Duplicate Variants
        • Ploidy Calling
          • Ploidy Estimator
          • Ploidy Caller
        • Multi Caller
        • QC Metrics Reporting
        • JSON Metrics Reporting
        • HLA Typing
        • Biomarkers
          • Tumor Mutational Burden
          • Microsatellite Instability
          • Homologous Recombination Deficiency
          • BRCA Large Genomic Rearrangment
          • DRAGEN Fragmentomics
        • Downsampling
          • Fractional (Raw Reads) Downsampling
        • Unique Molecular Identifiers
        • Indel Re-aligner (Beta)
        • Star Allele Caller
        • High Coverage Analysis
        • CheckFingerprint
        • Population Haplotyping (Beta)
        • DUX4 Rearrangement Caller
      • DRAGEN RNA Pipeline
        • RNA Alignment
        • Gene Fusion Detection
        • Gene Expression Quantification
        • RNA Variant Calling
        • Splice Variant Caller
      • DRAGEN Single Cell Pipeline
        • Illumina PIPseq scRNA
        • Other scRNA Prep
        • scATAC
        • Single-Cell Multiomics
      • DRAGEN Methylation Pipeline
      • DRAGEN MRD Pipeline
      • DRAGEN Amplicon Pipeline
      • Explify Analysis Pipeline
        • Kmer Classifier
        • Kmer Classifier Database Builder
      • BCL conversion
      • Illumina Connected Annotations
      • ORA Compression
      • Command Line Options
        • Docker Requirements
      • DRAGEN Reports
      • Tools and Utilities
    • DRAGEN v4.3
      • Getting Started
      • DRAGEN Host Software
        • DRAGEN Secondary Analysis
      • DRAGEN Reference Support
        • Prepare a Reference Genome
      • DRAGEN DNA Pipeline
        • DNA Mapping
        • Read Trimming
        • DRAGEN FASTQC
        • Sorting and Duplicate Marking
        • Small Variant Calling
          • ROH Caller
          • B-Allele Frequency Output
          • Somatic Mode
          • Joint Analysis
          • De Novo Small Variant Filtering
          • Autogenerated MD5SUM for VCF Files
          • Force Genotyping
          • Machine Learning for Variant Calling
          • Evidence BAM
          • Mosaic Detection
          • VCF Imputation
          • Multi-Region Joint Detection
        • Copy Number Variant Calling
          • CNV Output
          • CNV with SV Support
          • Multisample CNV Calling
          • Somatic CNV Calling WGS
          • Somatic CNV Calling WES
          • Allele Specific CNV for Somatic WES CNV
        • Repeat Expansion Detection
          • De Novo Repeat Expansion Detection
        • Targeted Caller
          • CYPDB6 Caller
          • CYP2D6 Caller
          • CYP21A2 Caller
          • GBA Caller
          • HBA Caller
          • LPA Caller
          • Rh Caller
          • SMN Caller
        • Structural Variant Calling
          • Structural Variant De Novo Quality Scoring
        • VNTR Calling
        • Filter Duplicate Variants
        • Ploidy Calling
          • Ploidy Estimator
          • Ploidy Caller
        • Multi Caller
        • QC Metrics Reporting
        • HLA Typing
        • Biomarkers
          • Tumor Mutational Burden
          • Microsatellite Instability
          • Homologous Recombination Deficiency
          • BRCA Large Genomic Rearrangment
          • DRAGEN Fragmentomics
        • Downsampling
          • Fractional (Raw Reads) Downsampling
          • Effective Coverage Downsampling
        • Unique Molecular Identifiers
        • Indel Re-aligner (Beta)
        • Star Allele Caller
        • High Coverage Analysis
        • CheckFingerprint
        • Population Haplotyping (Beta)
        • DUX4 Rearrangement Caller
      • DRAGEN RNA Pipeline
        • RNA Alignment
        • Gene Fusion Detection
        • Gene Expression Quantification
        • RNA Variant Calling
        • Splice Variant Caller
      • DRAGEN Single-Cell Pipeline
        • scRNA
        • scATAC
        • Single-Cell Multiomics
      • DRAGEN Methylation Pipeline
      • DRAGEN Amplicon Pipeline
      • Explify Analysis Pipeline
        • Kmer Classifier
        • Kmer Classifier Database Builder
      • DRAGEN Recipes
        • DNA Germline Panel UMI
        • DNA Germline Panel
        • DNA Germline WES UMI
        • DNA Germline WES
        • DNA Germline WGS UMI
        • DNA Germline WGS
        • DNA Somatic Tumor-Normal Solid Panel UMI
        • DNA Somatic Tumor-Normal Solid Panel
        • DNA Somatic Tumor-Normal Solid WES UMI
        • DNA Somatic Tumor-Normal Solid WES
        • DNA Somatic Tumor-Normal Solid WGS UMI
        • DNA Somatic Tumor-Normal Solid WGS
        • DNA Somatic Tumor-Only Heme WGS
        • DNA Somatic Tumor-Only Solid Panel UMI
        • DNA Somatic Tumor-Only Solid Panel
        • DNA Somatic Tumor-Only Solid WES UMI
        • DNA Somatic Tumor-Only Solid WES
        • DNA Somatic Tumor-Only Solid WGS UMI
        • DNA Somatic Tumor-Only Solid WGS
        • DNA Somatic Tumor-Only ctDNA Panel UMI
        • RNA Panel
        • RNA WTS
      • BCL conversion
      • Illumina Connected Annotations
      • ORA Compression
      • Command Line Options
      • DRAGEN Reports
      • Tools and Utilities
  • Reference
    • DRAGEN Server
    • DRAGEN Multi-Cloud
      • DRAGEN on AWS
      • DRAGEN on AWS Batch
      • DRAGEN on Microsoft Azure
        • Run DRAGEN VM on Azure
      • DRAGEN on Microsoft Azure Batch
        • Azure Batch Run Modes
    • DRAGEN Licensing
      • DRAGEN Server Licensing
      • DRAGEN Cloud Licensing
    • DRAGEN Application Manager
    • Support
    • Resource Files
      • Noise Baselines
    • Supplementary Information
    • Troubleshooting
    • Citing DRAGEN software
    • Release Notes
    • Revision History
Powered by GitBook
On this page
  • Running DRAGEN Cloud BYOL with Credential Licensing
  • Providing Credentials via License Credentials File
  • Providing Credentials via Command Line
  • Instance Identity
  • AWS Instance Metadata Service (IMDSv1/IMDSv2)
  • Azure Instance Metadata Service (IMDS)
  • Retrieving License Information using dragen_lic
  • Retrieving License Information using API endpoint
  • Usage Reporting

Was this helpful?

Export as PDF
  1. Reference
  2. DRAGEN Licensing

DRAGEN Cloud Licensing

Credential based authentication is required for users that run DRAGEN on the cloud with the Bring-Your-Own-License (BYOL) model. DRAGEN must have access to the DRAGEN License server at runtime, license.dragen.illumina.com.

To verify connectivity to the license server, you can query the healthcheck endpoint which will return a 200 status code and a small JSON body if successful.

curl https://license.dragen.illumina.com/healthcheck/version
{"version":"<server version>"}

Running DRAGEN Cloud BYOL with Credential Licensing

BYOL users must provide credentials to DRAGEN at runtime, using one of two options.

Providing Credentials via License Credentials File

The suggested method for specifying your credentials is through a file passed in to DRAGEN at runtime. The file can be pointed to using the option --lic-credentials <path to file>. This method provides a more secure way to pass credentials, which avoids accidental credentials leaks from command line console logs.

The License Credentials File should be formatted as follows;

credentials-1=<username>
credentials-2=<password>

Note: when using the License Credentials file, a default license server domain will be used based off the version of DRAGEN being used;

  • DRAGEN 4.4 and above: https://license.dragen.illumina.com

  • DRAGEN 4.3 and earlier: https://license.edicogenome.com

    • If you wish to override this behavior, you can add the credentials-3 option to the credentials file. Note, do not specify the protocol (i.e. https).

    credentials-3=license.dragen.illumina.com

Providing Credentials via Command Line

Alternatively, you can simply provide your credentials over the command line using the option --lic-server <license server URL with credentials>.

The license server URL should be formatted as follows;

https://<username>:<password>@license.dragen.illumina.com

Instance Identity

DRAGEN Cloud runs access the local instance identity document via the Instance Metadata Service to be used with credential authentication. It uses the IPv4 local address. If access to the local address is not allowed, authentication will fail.

Alternately, the user may save the instance identity document(s) and point DRAGEN to use them instead, if the user does not want to allow applications to access this service. The instance identity document(s) only need to be saved once per account and region, and those files can be re-used subsequently. This is achieved using the command line option --lic-instance-id-location <instance identity folder>.

AWS Instance Metadata Service (IMDSv1/IMDSv2)

DRAGEN supports both AWS IMDSv1, and the more secure AWS IMDSv2. AWS IMDSv2 must be enabled on the AWS instance, otherwise, IMDSv1 is used by default. DRAGEN software will automatically detect the IMDS version in use and adapt its behavior accordingly.

Notes

  • Currently, input streaming from an S3 bucket is supported only with IMDSv1.

  • IDMSv2 is only supported in DRAGEN versions 4.3 and above.

Saving the IMDSv1 document:

curl -v -H Metadata:true --noproxy "*" "http://169.254.169.254/latest/dynamic/instance-identity/pkcs7" -o /opt/instance-identity/pkcs7
curl -v -H Metadata:true --noproxy "*" "http://169.254.169.254/latest/dynamic/instance-identity/document" -o /opt/instance-identity/document
cp /opt/instance-identity/pkcs7 /opt/instance-identity/signature

Saving the IDMSv2 document:

curl -X PUT -H "X-aws-ec2-metadata-token-ttl-seconds: 300" -H "X-aws-ec2-metadata-token: required" --noproxy "*" "http://169.254.169.254/latest/api/token"
curl -H "X-aws-ec2-metadata-token: <your-token>" --noproxy "*" "http://169.254.169.254/latest/dynamic/instance-identity/document"
curl -H "X-aws-ec2-metadata-token: <your-token>" --noproxy "*" "http://169.254.169.254/latest/dynamic/instance-identity/signature"
curl -H "X-aws-ec2-metadata-token: <your-token>" --noproxy "*" "http://169.254.169.254/latest/dynamic/instance-identity/pkcs7"

The instance identity folder must contain three files, respectively named pkcs7, signature, and document.

Azure Instance Metadata Service (IMDS)

Saving the IDMS document:

curl -v -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance?api-version=2020-09-01" -o /opt/instance-identity/instance
curl -v -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/attested/document?api-version=2020-09-01" -o /opt/instance-identity/document

The instance identity folder must contain two files, respectively named instance and document.

Retrieving License Information using dragen_lic

There are two options for retrieving information for your licenses using the packaged dragen_lic tool. Examples for each one are below.

  • Basic Output (i.e. no additional arguments). This is the recommended method to view license information by a human user as the output is more readable.

  • JSON Output (i.e. using the -j flag). This is the recommended method to view license information by a machine user as the output is already in a machine readable JSON format.

Note: Just like running DRAGEN as noted above, you must specify your credentials using the --lic-credentials or --lic-server command line options.

Note: Retrieving license information using the dragen_lic tool is only supported on DRAGEN 4.4 and above.

$ dragen_lic --lic-credentials my_credentials.cfg
User: <username>
DRAGEN Version: <DRAGEN version>
Time: <time>

DRAGEN Core:
    Status: Active
    Used: 68.0 Gbases since 2023-Dec-05
    Quota: 100250 Gbases
    Expiry: 2024-Feb-13
    Includes; Genome, JointGenotype, CNV, Somatic, Transcriptome License(s)

Compression:
    Status: Active - !!! EXPIRING IN LESS THAN 30 DAYS !!!
    Used: 0 Gbases since 2024-Jan-12
    Quota: Unlimited
    Expiry: 2024-Feb-13
$ dragen_lic --lic-credentials my_credentials.cfg -j
{"dragen_boards":[{"user":"<username>","installed_licenses":{"Compression":[{"expiry":"2025-Mar-19","quota_limit":100250,"start":"2023-Dec-01","status":"Active","units":"Gbases","used":5223}],"TSO500Combined":[{"expiry":"2050-Jan-01","quota_limit":-1,"start":"2022-Jul-13","status":"Active","units":"Gbases","used":23518284}],"TSO500_HRD":[{"expiry":"2024-Feb-13","quota_limit":-1,"start":"2021-Oct-13","status":"Active","units":"Gbases","used":0}],"Dragen_Core":[{"expiry":"2024-Feb-13","includes":{"CNV":{"expiration":"2025-Mar-19","status":"Active"},"Genome":{"expiration":"2024-Feb-13","status":"Active"},"JointGenotype":{"expiration":"2025-Mar-19","status":"Active"},"Somatic":{"expiration":"2025-Mar-19","status":"Active"},"Transcriptome":{"expiration":"2025-Mar-19","status":"Active"}},"quota_limit":-1,"start":"2023-Oct-14","status":"Active","units":"Gbases","used":79708}]}}],"generated":"<ISO time>"}

Retrieving License Information using API endpoint

Alternatively, you can retrieve license information using our License Server endpoint specified below without the use of DRAGEN. License information is returned in a JSON format.

GET request to https://license.dragen.illumina.com/api/v2/query_quota. Your user credentials must be provided as a Basic Authorization header. An example of this using the curl tool is shown below.

curl https://license.dragen.illumina.com/api/v2/query_quota --user <username>:<password>
{"user": "<username>", "credential_expiration": "<date>", "generated": "<date>", "licenses": [{"pipeline": "Compression", "start": "2024-12-02T00:00:00Z", "expiration": "2025-03-02T00:00:00Z", "quota_limit": 2.5, "usage": 0, "units": "Tbases"}, {"pipeline": "Genome", "start": "2024-12-02T00:00:00Z", "expiration": "2025-03-02T00:00:00Z", "quota_limit": 2.5, "usage": 0.727295399, "units": "Tbases"}], "per-pipeline-licenses": true, "message": "Active Licenses Found"}

Usage Reporting

Usage reporting is a key component of the DRAGEN Licensing infrastructure. After each individual run, usage data will automatically be uploaded to Illumina's License server. Usage data entails the following information for each individual run

  • run date

  • run duration

  • licensing quota consumed (number of bases) in that run

  • run status

  • software version used for the run.

  • instance identity document

PreviousDRAGEN Server LicensingNextDRAGEN Application Manager

Last updated 2 days ago

Was this helpful?

If using IDMSv2 and running DRAGEN in a container, you may need to hop count to be at least 2.

AWS Instance Metadata Service Information
increase the default
Azure Instance Metadata Service Information