You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current metaflow-computation module creates a custom service role.
AWS Batch introduced a service-linked role (SLR) a few years ago, which obviates this need.
The SLR is also a requirement for in-place compute environment updates for an expanded set of compute environment properties. SLRs are created automatically on the first compute environment creation.
There is still a use-case for user-defined service roles, but this is a legacy feature and should be used intentionally.
I propose to simplify the computation submodule to remove the created custom service role, thus defaulting to the SLR, and creating a new variable that allows a user to provide a custom service role that they created outside of the module.
The text was updated successfully, but these errors were encountered:
delagoya
pushed a commit
to delagoya/terraform-aws-metaflow
that referenced
this issue
Nov 8, 2024
The current
metaflow-computation
module creates a custom service role.AWS Batch introduced a service-linked role (SLR) a few years ago, which obviates this need.
The SLR is also a requirement for in-place compute environment updates for an expanded set of compute environment properties. SLRs are created automatically on the first compute environment creation.
There is still a use-case for user-defined service roles, but this is a legacy feature and should be used intentionally.
I propose to simplify the computation submodule to remove the created custom service role, thus defaulting to the SLR, and creating a new variable that allows a user to provide a custom service role that they created outside of the module.
The text was updated successfully, but these errors were encountered: