Welcome to the forum @decarlson.
The guide includes a discussion of access controls.
Regarding the specific concern about anonymous job submissions, allowing the system user that “owns” the cryoSPARC instance to trigger job submissions as another user may raise additional security concerns. However, the {{ cryosparc_username }} variable can be used in the submission script template to link specific (cryoSPARC) users to cluster job submissions. Even if that information cannot be used by slurm directly for “Fairshare” enforcement, it would enable (customized) usage accounting.
For more finely grained control, but with some loss of intra-group data sharing and with additional administrative complexity, user-specific, carefully separated cryoSPARC instances are another possibility.
1 Like