Skip to content

Move lineage AWS IAM permissions into compute env and manual setup pages#1401

Open
bebosudo wants to merge 1 commit intomasterfrom
chiusole/relocate-lineage-aws-permissions
Open

Move lineage AWS IAM permissions into compute env and manual setup pages#1401
bebosudo wants to merge 1 commit intomasterfrom
chiusole/relocate-lineage-aws-permissions

Conversation

@bebosudo
Copy link
Copy Markdown
Member

@bebosudo bebosudo commented May 8, 2026

Summary

Addresses the suggestion in #1383 (comment): #1383 (comment)

  • AWS Batch and AWS Cloud pages: add a new Data lineage (optional) section under Required Platform IAM permissions with the Platform integration credentials (SQS queue management + S3 bucket notifications), scoped to <REGION>/<ACCOUNT_ID> for SQS
  • Manual AWS Batch setup page: add the lineage S3 bucket policy to the Create an EC2 instance role section, for users who manage their own roles rather than using Batch Forge
  • Data lineage page: replace the inline policy blocks with cross-references to the two pages above, split by role type (integration credentials vs. instance/head job role)

Test plan

  • Check Netlify preview for platform-cloud/docs/compute-envs/aws-batch, aws-cloud, data/data-lineage, and enterprise/advanced-topics/manual-aws-batch-setup
  • Verify anchor links #data-lineage-optional resolve correctly in both compute env pages
  • Verify cross-reference links in data-lineage.md resolve correctly

🤖 Generated with Claude Code

@bebosudo @claude
Move lineage AWS IAM permissions into compute env and manual setup pages
493e423 
Relocates the lineage-specific AWS IAM policies from the data-lineage
page into the appropriate IAM reference pages, so users don't need to
visit a separate page to find the full set of permissions required.

- AWS Batch and AWS Cloud: add Data lineage (optional) section with
  Platform integration credentials (SQS + S3 bucket notifications),
  locked down to <REGION>/<ACCOUNT_ID> for SQS
- manual-aws-batch-setup: add lineage S3 policy to the EC2 instance
  role section for users managing their own roles
- data-lineage: replace policy blocks with cross-references to the
  above pages

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@netlify
Copy link
Copy Markdown

netlify Bot commented May 8, 2026
edited
Loading

Deploy Preview for seqera-docs ready!

Name Link
🔨 Latest commit 493e423
🔍 Latest deploy log https://app.netlify.com/projects/seqera-docs/deploys/69fe010b5bd7f40008c66000
😎 Deploy Preview https://deploy-preview-1401--seqera-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@bebosudo bebosudo marked this pull request as ready for review May 8, 2026 15:29
@bebosudo
Copy link
Copy Markdown
Member Author

bebosudo commented May 8, 2026

ready for review, please check that the service role change makes sense, I haven't touched that part of the docs

robnewman
robnewman approved these changes May 8, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@robnewman robnewman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@robnewman robnewman robnewman approved these changes

@justinegeffen justinegeffen Awaiting requested review from justinegeffen

@christopher-hakkaart christopher-hakkaart Awaiting requested review from christopher-hakkaart

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bebosudo @robnewman