How is job submission to FargateClusters controlled?

spatula · May 6, 2022, 12:54pm

I am looking at deploying Dask using dask-distributed’s FargateCluster.

I can see that a public IP address is assigned to the scheduler. As I understand it IAM permissions are required in order to submit jobs to the cluster and it would not be possible to arbitrarily start jobs if a bad actor knew the IP address of the scheduler.

Is there a part of the dask-cloudprovider documentation that discusses this? Is anyone able to explain how this works in more detail?

pavithraes · May 11, 2022, 6:42pm

@spatula Welcome! I’m wondering if this bit in the docs can help: Security — Dask Cloud Provider 2021.6.0+41.gc1e91f3 documentation? I also think you can check out Dask Gateway, which can take care of this directly.

@jacobtomlinson might be able to share more details.

Topic		Replies	Views
Dask EC2 in Private Subnet Distributed distributed	2	199	May 31, 2022
Starting EC2Cluster with dask_cloudprovider Distributed	2	252	April 19, 2023
Basic question about Dask AWS cloudprovider and scheduled/routine processing dask-cloudprovider	2	34	April 3, 2024
dask_kubernetes.operator.KubeCluster hard codes scheduler address Distributed kubernetes	4	84	November 22, 2023
Deploying Dask without cluster permissions (only with namespace permissions) Deploying Dask dask-gateway , kubernetes , distributed	8	418	March 14, 2023

How is job submission to FargateClusters controlled?

Related Topics