-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rerouted from temp-dev to research dev, built-in AccessFrom to cluster to prevent ssh access from everywhere #69
Conversation
Start_cluster: Uses AccessFrom to users local IP to restrict access to the cluster from ssh to just them. More for security checks, we don't use ssh access anyway. Readme: Added in SSO login issues whilst in pcluster env All other file changes due to redirection of config files to a new s3 bucket.
|
||
# FIXME: control error codes better, avoiding counterintuitive ones: i.e authed within a different account: | ||
# ERROR: The configuration parameter 'vpc_id' generated the following errors: | ||
# The vpc ID 'vpc-7d2b2e1a' does not exist |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Where does that copy-pasted VPC error come from? :-S
Also, the code above makes it seem like that error management is solved?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If a dev user runs through the Tothill account, I don't have access to that VPC.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this is still on the TODO list, or maybe I write something up in the troubleshooting section of the Readme.
I just started the download of the gridss hg38 refdata into an efs system and regretting not prioritising that as a morning task so now looking for things to do...
… Place additional errors in the readme rather than try control them from the script.
…ting to 0.0.0.0/0
This has been resolved in 3e95d38 with @victorskl suggestion |
Start_cluster:
Uses AccessFrom to users local IP to restrict access to the cluster from ssh to just them. More for security checks, we don't use ssh access anyway.
Readme:
Added in SSO login issues whilst in pcluster env
All other file changes due to redirection of config files to a new s3 bucket.