Seqera Platform Feature Requests

Anonymous

Feature requests for the Seqera Platform (https://cloud.seqera.io)
Managed (AKA passthrough) identity for all Seqera-supported infra providers
We’d love to see Seqera Platform support cloud identity passthrough, allowing pipelines to securely access cloud resources (like storage, compute, secrets) using native identity mechanisms from AWS, Azure, and GCP — without needing to manage long-lived credentials. (Seqera Platform already supports this for HPC). This would allow access to cloud services to be governed directly by cloud IAM policies, improving both security and enterprise integration. Why this matters Today, jobs typically authenticate to cloud services using infrastructure-level credentials (e.g., an IAM role or service principal attached to the compute environment). These credentials are: Shared across users Often over-permissioned Not user-aware — cloud services can’t tell who requested access This limits enterprises from applying their existing IAM policies and can create operational or audit complexity. ✅ What we’re asking for Enable Seqera Platform to support cloud-native, credential-less authentication, such as: AWS: IAM Roles with identity federation (e.g., via IAM Identity Center or OIDC) Azure: System- and user-assigned Managed Identities GCP: Workload Identity Federation tied to user or workspace context This would allow: Per-user or per-pipeline IAM role/identity selection Fine-grained access controls to cloud resources, managed entirely in the cloud provider’s IAM system Removal of static secrets (like service principal keys or access tokens)
4
·

acknowledged

Pipeline Data Lifecycle Management and Cleanup
This post consolidates multiple related requests around managing pipeline run data on the Seqera Platform, specifically in the areas of log persistence and cleanup of scratch/intermediate data. Persistent Logs After Run Completion Support for archiving essential execution data — including .log, .timeline, .sh scripts, and reports — to a persistent S3 bucket (Tower-managed or user-defined). Allows run logs and metadata to remain visible in the Tower UI after work directories are deleted. Enables integration with custom lifecycle rules for scratch storage. Preserves artifacts critical for auditability, troubleshooting, and provenance. Manual Clean-Up via Tower UI ( A “Clean” action in the run details interface to: ) Trigger cleanup of intermediate files and caches (e.g., nextflow clean -l <run_name> ). Reclaim storage post-execution while retaining archived logs. Offer fine-grained control over data cleanup, one run at a time. Auto Clean-Up Option at Launch A toggle in the pipeline launch form to enable automatic cleanup when a run completes. Useful for test or debug workflows where data retention is not required. Prevents accumulation of scratch data without manual intervention. Clean-Up on Run Deletion An optional checkbox when deleting a run to also remove associated scratch/workdir data. Ensures that run deletion can include cleanup of underlying execution storage. Offers a single-step way to retire a workflow and its resource footprint. Out of Scope Automatic deletion of archived logs when a run is deleted. Cleanup functionality for in-progress or running workflows. Advanced or rule-based retention policies; current scope is limited to manual actions and simple toggles.
10
·

acknowledged

Load More