wassname/ray
1
0
Fork 0
mirror of https://github.com/wassname/ray.git synced 2026-06-28 04:55:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Revert "[autoscaler] Also grant roles to worker nodes" (#3199)

Browse Source 
This reverts commit 55d161b49f.
This commit is contained in:
Eric Liang
2018-11-01 23:23:06 -07:00
committed by GitHub
parent e612e26103
commit 2bef9844bf
2 changed files with 4 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
python/ray/autoscaler/aws/config.py
-1
View File
@@ -101,7 +101,6 @@ def _configure_iam_role(config):
logger.info("Role not specified for head node, using {}".format(
profile.arn))
config["head_node"]["IamInstanceProfile"] = {"Arn": profile.arn}
config["worker_nodes"]["IamInstanceProfile"] = {"Arn": profile.arn}
return config
python/ray/autoscaler/gcp/config.py
+4 -8
View File
@@ -168,16 +168,12 @@ def _configure_iam_role(config):
_add_iam_policy_binding(service_account, DEFAULT_SERVICE_ACCOUNT_ROLES)
# NOTE: The amount of access is determined by the scope + IAM
# role of the service account. Even if the cloud-platform scope
# gives (scope) access to the whole cloud-platform, the service
# account is limited by the IAM rights specified below.
config["head_node"]["serviceAccounts"] = [{
"email": service_account["email"],
"scopes": ["https://www.googleapis.com/auth/cloud-platform"]
}]
config["worker_nodes"]["serviceAccounts"] = [{
"email": service_account["email"],
# NOTE: The amount of access is determined by the scope + IAM
# role of the service account. Even if the cloud-platform scope
# gives (scope) access to the whole cloud-platform, the service
# account is limited by the IAM rights specified below.
"scopes": ["https://www.googleapis.com/auth/cloud-platform"]
}]