Skip to main content

Access resources from AWS

Check your docs version

This version of the Anyscale docs is deprecated. Go to the latest version for up to date information.

This page describes how you can access AWS resources from your Anyscale Cloud deployed on AWS. If you want to access AWS resources from Anyscale Clouds deployed on GCP, contact our support team.

Anyscale Cluster IAM Role

Each Anyscale Cloud on AWS has a default IAM Role assigned to all nodes managed by Anyscale.

  • Clouds deployed via Anyscale Managed Resources use a role that looks like:
arn:aws:iam::<your_aws_account_id>:role/<cloud_id>-cluster_node_role
  • Clouds deployed via Customer Defined Resources use the Role provided in the instance-iam-role field.
info

Determine the IAM role on a running Anyscale Cluster by running:

aws sts get-caller-identity
info

If you want to use existing IAM Roles for Clusters, follow the instructions here.

Access data in S3

You can perform operations on your S3 data on any Cluster as long as the IAM Role it runs with has proper permissions.

  • Learn more about how to grant permission to your own S3 buckets

Access Docker images in ECR

You can use images in your ECR as Cluster Environments for any Cluster as long as the Cluster's IAM Role has proper permissions.

  • Learn more about how to grant permission to your ECR

Access Secret stored in AWS Secrets Manager

There are many situations where your application or Cluster needs access to Secrets stored in AWS Secrets Manager.