This guide covers the specialized permissions for the Data Science course, including Big Data (EMR) and Serverless (Lambda) capabilities.
All resources must be created in us-east-1.
Students can manage EMR clusters for big data processing.
To prevent high costs, the following limits are enforced by policy:
- Max Instances: A cluster cannot exceed 3 nodes (1 Master + 2 Workers).
- Small Instances Only: Only the C-family (large) instance types (e.g.,
c4.large,c5.large) are allowed for the cluster nodes. T-series instances are not supported by EMR. - Automatic Failure: Any attempt to create a cluster with more than 3 nodes or larger instance types will result in an "Access Denied" error.
Students have full access to:
- Create, list, and delete Lambda functions.
- View execution logs in CloudWatch Logs.
- Pass relevant IAM roles to their functions.
For classroom demonstrations, students can View and List:
- RDS Instances: See available databases (creation/deletion is restricted).
- VPCs: View network topology and subnets.
- S3 Naming Rule: Buckets MUST start with
jblabs-. EMR clusters are configured to access these buckets. - KeyPairs: Full control to create and manage SSH keys for EC2/EMR access.
Services like DynamoDB, Redshift, and EKS remain blocked to maintain lab stability.