This page outlines Coiled’s security and privacy policies.
When you set up Coiled with the coiled login command line utility, your account username
and token are stored in a local configuration file. This username and token combination gives access to run computations
from a Coiled account and should be treated like a password.
Coiled generates TLS certificates on a per-cluster basis which are used to manage access to each cluster’s Dask scheduler
and workers. These certificates are stored in our database and are available to our development teams.
Additionally, the scheduler and workers for a cluster use
secure communication between them and are isolated by
AWS networking security groups.
If a higher level of security is required for your application, please contact firstname.lastname@example.org to inquire about deploying
Coiled on your internal systems.
Often Dask workers in a cluster will need AWS permissions to access private data or private AWS services.
To address this need, Coiled will use your local AWS credentials to generate a session token and then forward
that token to the Dask workers in your cluster.
Note that having local AWS credentials is not required to use use Coiled. However, in this case only publicly
accessible data and services will be available to your cluster.
Information like your software environments and cluster configurations is publicly accessible by default to promote
sharing and collaboration. In the future private plans which limit access will be available.
Note that information about any cluster running on your account is not publicly accessible and is only available
to users which are members of the account.
Coiled collects basic user data when you create an account, like your name, e-mail address, username, and social login.
Additionally, Coiled collects and stores telemetry data from your Dask clusters, similar to the information that is
displayed in the Dask dashboard. We are working to expose this aggregated information to you across several runs in our
A full description of what information is collected, as well as how we use and do not use this information, is listed