With a service agent, you can work with other services, e.g. refresh your authorization tokens for {{ ml-platform-name }} notebooks.
A service agent is a special service account under which {{ ml-platform-name }} projects will perform actions in other {{ yandex-cloud }} services. Once enabled in a community, a service agent will be available for all the projects in that community.
{% note info %}
To enable a service agent in a {{ ml-platform-name }} community, you need the {{ roles-datasphere-communities-editor }} role or higher.
You need the admin or owner role for the cloud to manage access of services to resources.
{% endnote %}
{% include cli-install %}
-
To allow a service agent to operate in {{ ml-platform-name }}, ask your cloud's admin or owner to execute the following command in the {{ yandex-cloud }} CLI:
yc iam service-control enable datasphere --cloud-id <cloud_ID>
Where
--cloud-idis the ID of the cloud you are going to use in the {{ ml-platform-name }} community. -
Create a service account and assign to it the roles required to use the selected service. For more information about the required roles, see Access management for the service in question.
To send requests to nodes from a notebook, assign the
{{ roles-datasphere-user }}role to the service account. -
{% include ui-find-community %}
-
Select the community you want to create a service agent for.
-
Go to the {{ ui-key.yc-ui-datasphere.common.settings-key-value }} tab.
-
Under {{ ui-key.yc-ui-datasphere.spaces-page.ssa.settings.title }}, click {{ ui-key.yc-ui-datasphere.spaces-page.ssa.add-service-account.button }}.
-
In the window that opens, select the service account and click {{ ui-key.yc-ui-datasphere.common.add }}.
{% note info %}
To manage a community via API, add the service account to the community member list. To send requests to a node from a notebook or interact with a project via API, add the service account to the member lists of the community and the project.
{% endnote %}