Request access to Edge Services
What we are going to cover
Prerequisites
No. 1 Account
You need a profile on My DataLake Services: How to create a profile on My DataLake Services.
No. 2 Administrative privileges within a project
You need to be a member of a project and have administrative privileges in it. That project must be accepted by an operator of My DataLake Services.
To learn how to create a project, check How to create a project on My DataLake Services. During this step, you will also be offered the option to request access to the services listed below:
Hook
Stack-jupyter
Stack-dask
Islet
Alternatively, you can join an existing project and its admin can grant you admin privileges. In order to do so, the user with administrative rights to the project will have to invite you to the project. How to invite a user to a project on My DataLake Services
The essential access to the HDA service is granted even if you do not have a project. You should see the hda-public-data-access and hda-low quota roles by default in your active roles.
Adding roles to a project
You may need to request a role in one of the following scenarios:
You have not requested access to an Edge service during project creation and want to request it now.
You want to request different access role for the HDA service.
For a service that you have access to, you want to request a different quota role.
Choosing which role to request
Sign in to My DataLake Services https://application.data.destination-earth.eu/.
Navigate to Role requests:
You should see a page similar to this:
You can use the Services section to:
Request access to a new service - click on Request access by the given service.
Change permissions for an already requested service - click on Edit access by a given service.
After selecting either option, you will be taken to the Request access page. This page can have two sections – Access roles and Quota roles – or just one section - Quota roles - for services where you have already requested access roles and no roles with higher access permissions are available.
You will need to fill out both of these forms, providing justification for your needs.
Example of role request page for stack-dask service:
Please note that using a service requires both an access role and a quota role. Below you will find a list of all services you may access through My DataLake Services:
Service Access and Quota Roles
| Service name | Access roles | Quota roles | Detailed instructions |
|---|---|---|---|
| eodata | eodata-basic | eodata-low | How to obtain eodata S3 keys? |
| hook | hook-workflows | hook-low hook-medium hook-high |
How to obtain hook access? |
| hda | hda-public-data-access* hda-restricted-data-access |
hda-low* hda-basic hda-medium hda-high |
How to obtain hda access? |
| islet | islet-access | Islet-low islet-medium islet-high |
How to obtain Islet access? |
| S3-object-storage | s3-object-storage-access | s3-object-storage-low s3-object-storage-medium s3-object-storage-high |
How to obtain object storage S3 keys? |
| stack-dask | stack-dask | stack-dask-low stack-dask-medium stack-dask-high |
How to obtain Stack Dask access? |
| stack-jupyter | stack-jupyter | stack-jupyter-low stack-jupyter-medium stack-jupyter-high |
How to obtain JupyterHub access? |
* Roles granted by default
List of role requests
You will now see a list of role requests.
There are two options now available for the request:
- Details
This is the standard option for all requests, regardless of their status. Click on the Details button to see the details of the chosen role, which include the submitted form, quota selection, logs for the request and any comments from the operator.
- Delete
The Delete option is available only for requests in pending status. You can only delete a request before the operator approves or rejects it.
After clicking on the Delete button, you will be prompted to either confirm or cancel your deletion request.
If you confirm, a message will appear in the bottom right corner of the browser window confirming the deletion of the role:
The request status will be marked as REJECTED, which in this case means that it was user-deleted — not rejected by the operator.
If not deleted by the user, the request will in due time appear before the operator, who will approve it or reject it.
Operator approval
The next phase is waiting for the DEDL operator to approve (or reject) your requests.
If your request is rejected, you will see the message the operator sent you under Comment in the Logs section.
Approved role requests will appear as shown below. They will have the status “Approved”:
Once approved, you will see it in the list of Active roles.
List active roles
Using the Access -> Active roles option from the left-side menu, you can view your active roles. In the following image, the user has activated all the available services:
Your setup may differ depending on the services you require.
How to change assigned roles
It is possible to change your current role to another one available for the service. If there was only one role to start with, it is not possible to change it to a different one.
You may decide to upgrade your quota limits if you anticipate your project’s fast growth. The opposite is also true – you may downgrade the quota if the usage is light or for cost control.
Go to the Role Requests tab, and for the service you want to modify, choose Edit access.
If there was only one access role and only one quota role for the service available, there are no other options to choose from. Therefore, you will see a message like the one shown below:
If there is more than one role available, you will be able to request a fitting role by putting forward a request.
How to remove access to a service on My DataLake Services
Once you are approved for access to a service, there is no option within the My DataLake Services application to detach from that service. You will have to ask the Support team for that type of change.
Similarly, if you want to stop being an owner of a My DataLake Services account, ask the same Support team to delete it for you.