No S3 permissions for LoginNodes CustomActions

[michaelmayer2]

I am very excited to see AWS ParallelCluster to have Support for CustomActions on the Login Nodes as of 3.11.0.

There however is no way on how to add Iam S3Access permissions in the LoginNodes section of the cluster-config.yaml.

It would be great to add this so that the CustomActions on the Login Nodes can be used more flexibly.

[hanwen-pcluste]

Hi Michael,

This task is in our backlog.

Thank you for the suggestion,
Hanwen

[joehellmersNOAA]

This is actually pretty important to us as well.

[michaelmayer2]

@hanwen-pcluste thanks so much for having this task in your backlog to make parallelcluster better.

On a related note - not sure if it deserves a separate issue - at the moment when trying to use CustomActions with LoginNodes and there is any error in the script (for now it only cannot be downloaded, but later on I can imagine that the cript may contain errors and fail as well) the ScalingGroup is in a perpetual state of marking an instance failed and booting up a new one without a timeout. pcluster describe-cluster would still report CREATION_IN_PROGRESS. I had left one of my deployments running over night and when I eventually found out I could see the perpetual spin up and fail of the login nodes in the Activity Log of the ScalingGroup. It would be good to add timeouts to these operations as well.

[hanwen-pcluste]

My pleasure Michael!

Adding timeout or "protected mode" to login nodes is a great idea. Our team will discuss this.

Thank you,
Hanwen