You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The current version of the instructions for setting up AWS Batch instructs people to create three IAM policies, but none of the three grants s3:ListBucket and s3:GetObject access to the s3://nextstrain-data/ bucket that the ncov Open build uses for intermediate GenBank artifacts. This means that people who attempt to run a build on Batch modeled after that one will experience errors like I did in this ticket:
Agreed we should adjust the example policy in those instructions to grant to nextstrain-data and add explanation of why/when its useful, noting that it's technically optional. Not all Batch setups will need it, but we will be extending other core pathogen builds to use a similar input data file pattern so good to include it earlier than later.
Background context here is that the example policy in these instructions long predates the ncov build and its data files on s3://nextstrain-data. The policy also doesn't assume any particular build is being run, but since the ncov build and its input data is so widely-used it'd still be good to add grant/mention now.
The current version of the instructions for setting up AWS Batch instructs people to create three IAM policies, but none of the three grants
s3:ListBucket
ands3:GetObject
access to thes3://nextstrain-data/
bucket that the ncov Open build uses for intermediate GenBank artifacts. This means that people who attempt to run a build on Batch modeled after that one will experience errors like I did in this ticket:For an example IAM policy that grants access to that bucket, see:
The text was updated successfully, but these errors were encountered: