Skip to content

Update aws-batch.mdx External ID for Cloud#1511

Open
MichaelTansiniSeqera wants to merge 17 commits into
masterfrom
MichaelTansiniSeqera-patch-1
Open

Update aws-batch.mdx External ID for Cloud#1511
MichaelTansiniSeqera wants to merge 17 commits into
masterfrom
MichaelTansiniSeqera-patch-1

Conversation

@MichaelTansiniSeqera

@MichaelTansiniSeqera MichaelTansiniSeqera commented Jun 3, 2026

Copy link
Copy Markdown
Contributor

DRAFT improve external ID

@MichaelTansiniSeqera
Update aws-batch.mdx DRAFT
06d959b 
DRAFT improve external ID

Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@netlify

netlify Bot commented Jun 3, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for seqera-docs ready!

Name Link
🔨 Latest commit f091a2c
🔍 Latest deploy log https://app.netlify.com/projects/seqera-docs/deploys/6a2dc09ca8dbf50008b20095
😎 Deploy Preview https://deploy-preview-1511--seqera-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@MichaelTansiniSeqera
Update aws-batch.mdx
eec2c11 
Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@MichaelTansiniSeqera
Update aws-batch.mdx
238f942 
Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@MichaelTansiniSeqera
Update aws-batch.mdx
f218647 
Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@MichaelTansiniSeqera
Update aws-batch.mdx
87cde21 
Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@MichaelTansiniSeqera
Update aws-batch.mdx
c7097af 
Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@MichaelTansiniSeqera
Update aws-batch.mdx
2652b30 
Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@MichaelTansiniSeqera
Update aws-batch.mdx
23e531f 
Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@MichaelTansiniSeqera
Update aws-batch.mdx
6be170b 
Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@MichaelTansiniSeqera
Update aws-batch.mdx
07926c9 
Signed-off-by: MichaelTansiniSeqera <michael.tansini@seqera.io>
@MichaelTansiniSeqera MichaelTansiniSeqera changed the title Update aws-batch.mdx DRAFT Update aws-batch.mdx External ID for Cloud Jun 3, 2026
@MichaelTansiniSeqera MichaelTansiniSeqera marked this pull request as ready for review June 3, 2026 16:02
@MichaelTansiniSeqera

MichaelTansiniSeqera commented Jun 3, 2026

Copy link
Copy Markdown
Contributor Author

Adding reviewers, specifically @munishchouhan for correctness and @gwright99 for technical clarity

@justinegeffen justinegeffen added the 3. Dev/PM/SME reviews complete SMEs have reviewed and approved. label Jun 8, 2026
stefanoboriero
stefanoboriero reviewed Jun 8, 2026
View reviewed changes

@stefanoboriero stefanoboriero left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have 3 ways AWS credentials can be defined:

  1. With AWS user access keys
  2. With an AWS role and AWS user access keys to be used to assume the role (so the role is still assumed by the customer AWS user)
  3. With an AWS role and externalID + trust policy for the role to be assumed by Seqera jump role

This change effectively removes the documentation of option number 2, driving people who want to user an AWS role towards the externalID option: I wanted to check if this is intentional. Feels a bit off removing documentation for something that is still supported by Platform and not deprecated AFAIK

@justinegeffen justinegeffen added 1. Dev/PM/SME Needs a review by a Dev/PM/SME do not merge Do not merge until this label is removed additional work req. Additional work is required/comments need to be addressed before second review and removed 3. Dev/PM/SME reviews complete SMEs have reviewed and approved. labels Jun 8, 2026
munishchouhan
munishchouhan reviewed Jun 8, 2026
View reviewed changes
Comment thread platform-cloud/docs/compute-envs/aws-batch.mdx
To create and launch pipelines, explore buckets with Data Explorer or run Studio sessions with the AWS Batch compute environment, an IAM user with specific permissions must be provided. Some permissions are mandatory for the compute environment to be created and function correctly, while others are optional and used for example to provide list of values to pick from in the Platform UI.

Permissions can be attached directly to an [IAM user](#iam-user-creation), or to an [IAM role](#iam-role-creation-optional) that the IAM user can assume when accessing AWS resources.
Permissions can be attached directly to an [IAM user](#iam-user-creation), or to an [IAM role](#iam-role-based-credential-creation) that the IAM user can assume when accessing AWS resources.

@munishchouhan munishchouhan Jun 8, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

do we want clarify here which IAM user will assume the role?

@MichaelTansiniSeqera MichaelTansiniSeqera Jun 8, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes - so replace 'IAM user' with Seqera Cloud?

@munishchouhan munishchouhan Jun 10, 2026

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes some thing like platform cloud pod identity

@MichaelTansiniSeqera

MichaelTansiniSeqera commented Jun 8, 2026

Copy link
Copy Markdown
Contributor Author

With an AWS role and AWS user access keys to be used to assume the role (so the role is still assumed by the customer AWS user)

@stefanoboriero no we should still include this but perhaps put it within its own section to make clear it's a hybrid role - I will amend.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@munishchouhan munishchouhan munishchouhan approved these changes

@stefanoboriero stefanoboriero stefanoboriero left review comments

@cristianrcv cristianrcv cristianrcv approved these changes

@gwright99 gwright99 Awaiting requested review from gwright99

@justinegeffen justinegeffen Awaiting requested review from justinegeffen

Assignees

No one assigned

Labels

1. Dev/PM/SME Needs a review by a Dev/PM/SME additional work req. Additional work is required/comments need to be addressed before second review do not merge Do not merge until this label is removed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@MichaelTansiniSeqera @munishchouhan @stefanoboriero @cristianrcv @justinegeffen @christopher-hakkaart