I am looking at deploying Dask using dask-distributed’s FargateCluster.
I can see that a public IP address is assigned to the scheduler. As I understand it IAM permissions are required in order to submit jobs to the cluster and it would not be possible to arbitrarily start jobs if a bad actor knew the IP address of the scheduler.
Is there a part of the dask-cloudprovider documentation that discusses this? Is anyone able to explain how this works in more detail?