Multiple user access to clusters

Learn to implement and manage multiple user access to a single cluster.

In this topic, an Amazon ParallelCluster user refers to a system user for compute instances. An example is an ec2-user for an Amazon EC2 instance.

Amazon ParallelCluster multi-user access support is available in all the Amazon Web Services Regions where Amazon ParallelCluster is currently available. It works with other Amazon Web Services services, including Amazon FSx for Lustre and Amazon Elastic File System.

You can use an Amazon Directory Service for Microsoft Active Directory or Simple AD to manage cluster access. Make sure to check Amazon Web Services Region availability for these services. To set up a cluster, specify an Amazon ParallelCluster DirectoryService configuration. Amazon Directory Service directories can be connected to multiple clusters. This allows for centralized management of identities across multiple environments and a unified login experience.

When you use Amazon Directory Service for Amazon ParallelCluster multiple user access, you can log in to the cluster with user credentials that are defined in the directory. These credentials consist of a user name and password. After you log in to the cluster for the first time, a user SSH key is automatically generated. You can use it to log in without a password.

You can create, delete, and modify a cluster’s users or groups after your directory service is deployed. With Amazon Directory Service, you can do this in the Amazon Web Services Management Console or by using the Active Directory Users and Computers tool. This tool is accessible from any Amazon EC2 instance that's joined to your Active Directory. For more information, see Installing the Active Directory administration tools.

If you plan to use Amazon ParallelCluster in a single subnet with no internet access, see Amazon ParallelCluster in a single subnet with no internet access for additional requirements.