It is working with "Resource": "*" , I will try to use it and maybe use deny for specific configuration, thanks :)

CostlyOstrich36 I would like to add more conditions such as security groups and instance types- this is only an example :)

CostlyOstrich36 Through the PRO version

Dont sure if this a good solution for me since I wanted to add it as a paramater....
For example:
In dataset_creation utility I do this upload:
task.upload_artifact('id_of_running_creation', artifact_object=id_of_running)In Inference utility I do this upload:
task.upload_artifact('id_of_running_inference', artifact_object=id_of_running)and I would like to use them as a parameters to the next step of the pipeline run:
like this:
` pipe.add_step(
name='post_processing',....,
pa...

actually not exactly, The parameter I wanted to pass is not an input parameter of the parent task, I would like to save it as an artifact or something like that.

Hi @<1523701205467926528:profile|AgitatedDove14> , I send the agent's logs to log management and monitoring service, and we get big amount of info logs (especially if we use schedulers and launch agents again and again as part of the production pipeline). I think that it is important to set level also for other levels then debugging, WDYT?

@<1523701205467926528:profile|AgitatedDove14> Actually what my service do is to collect stdout/stderr from the Docker socket. I meant to the stdout/stderr .

Hi CostlyOstrich36 ,Thanks for your answer, I would like it to be configurable , just like I set logging level for my logs.

Maybe if there would be a way to change their format, it could also help filtering them from my side.

@<1523701205467926528:profile|AgitatedDove14> I am not sure if it would help but lets try 🙂

ok, thanks 🙂

@<1523701205467926528:profile|AgitatedDove14> Even if there is a way to set the format of those logs, that will be fine for now

@Is there a way to choose other logs format ? to get a json or something like that?
or setting logging level?

I think that it happened again, am I right?

Hi TimelyPenguin76 , how are you? have you found something?

Hi TimelyPenguin76 , What is your estimation to the next release ? We are really waiting for this 🙂

Hi TimelyPenguin76 , Is there any news about the release? 🙂

CornyDeer86 you are the best! AnxiousSeal95 thanks for your help also, we have been trying to solve this problem for a long time, and now it works like a magic.
conclusions:
minimal policy needed for the auto-scaling service if we want to specify security group and subnet for RunInstances action permissions and also to use spot instances (as far as we found until now):
still one problem is existing - AWS doesn't support specifications of resources for DescribeInstances/RequestSpotInstances...

No, I want to use AWS user with much lower credentials ( Only to relevant for the autoscaler missions)- for example Describe/ RequestSpotInstance/ StopInstances permissions only for the relevant subnet, security group and instance types..

I tried again and now it is working ,The version is: v1.4.0.
about the options of subnet & security group, I saw it already, but I use it but still I want to give the app lower policy that enable it to run only this network and this security group. CostlyOstrich36

AnxiousSeal95 Maybe you could help me? 🙂

CostlyOstrich36 AnxiousSeal95
So ,when I was added specific configuration it failed.
Is there a way to lower the needed credentials for specific actions such as: run, stop, start instances etc...? for example: fixing it to work only with conditions of specific subnet, security group and instance types? ( I was trying doing it but as I said it failed with this message:
` An error occurred (UnauthorizedOperation) when calling the RunInstances operation: You are not authorized to perform th...

CostlyOstrich36 Any idea? :)\

CostlyOstrich36 actually, as I see it from logs, it spun a new instance but not retried the task, maybe because shown 'Found 0 tasks in queue' (after a mission is running it is removed automatically from queue). I cant see something new in the task logs also (still stuck), so it seems that the problem still exist .

Yes 🙂

About the CPU mode, used t3.medium...
About the specific configuration, of course- was trying this policy for example ( when I remove the ec2-vpc condition it works)
` {
"Sid": "GeneralEC2",
"Effect": "Allow",
"Action": [
"ec2:AttachClassicLinkVpc",
"ec2:CancelSpotInstanceRequests",
"ec2:CreateFleet",
"ec2:Describe*",
"ec2:GetConsoleOutput",
"ec2:DetachClassicL...

CostlyOstrich36 , Is it already solved?

[{"resource_name": "clearml_agent_gpu", "instance_type": "g4dn.xlarge", "cpu_only": false, "is_spot": false, "availability_zone": "eu-west-1a", "ami_id": "ami-00511f188b842c5cc", "num_instances": 1, "queue_name": "default", "tags": "*", "ebs_device_name": "/dev/sda1", "ebs_volume_size": 500, "ebs_volume_type": "gp3", "key_name": "***", "security_group_ids": "", "subnet_id": "**"}]

Hi CostlyOstrich36 AnxiousSeal95 , Do you have any idea ?

We are working vpc, actually I didn't try on of the params cause we need them both...
Do you mean to the resources configuration or the general?