Skip to main content

Configuration

anycloud uses credentials for cloud provider access. Credentials are stored locally on your machine, encrypted at rest, and never sent to any external service. SSH keys are generated locally on each deployment.

Deployment settings are passed inline as CLI flags or SDK parameters. Leave compute region unset for normal jobs so anycloud can choose and retry across available regions. Explicit region pinning is an escape hatch for quota tests, debugging, or a user-imposed constraint.

Credentials

Create credentials by passing provider-specific flags (all credential values also accept an environment-variable fallback):

# AWS
anycloud credentials new prod-aws --provider aws \
--access-key-id AKIA... --secret-access-key ...

# Azure
anycloud credentials new prod-azure --provider azure \
--application-id ... --secret ... \
--subscription-id ... --directory-id ...

# GCP (inline values)
anycloud credentials new prod-gcp --provider gcp \
--project-id my-proj --client-email sa@my-proj.iam.gserviceaccount.com \
--private-key "$(cat /path/to/sa.json | jq -r .private_key)"

# Lambda Labs
anycloud credentials new prod-lambda --provider lambda --api-key ...

You can have multiple credentials for different accounts.

anycloud credentials list             # View configured credentials
anycloud credentials edit <name> # Update fields on existing credentials
anycloud credentials delete <name> # Remove credentials

On a terminal, omit the provider flags to launch an interactive wizard instead — it can read a local cloud-CLI profile, open a browser login, or provision a new least-privilege identity. See Getting Started → Add Credentials for the full walkthrough.

Deployment Settings

FieldDescription
credentials / --credentialsOptional pinned compute credentials. Omit to let anycloud choose from saved named credentials; unpinned compute also requires an unpinned region
regionCloud region (e.g., us-west-2). Leave unset for normal jobs; pin only for quota tests, debugging, or an explicit user constraint
gpu / --gpu-typeGPU type with optional count (e.g., h100, a100:8), or an ordered fallback list. Mutually exclusive with vmType. Set via the CLI --gpu-type flag or the SDK submit(gpu=…) argument — it is not a CloudConfig field
vmTypeVM instance type (e.g., t3.medium, Standard_D2s_v5, n1-standard-2), or an ordered fallback list
spotUse spot/preemptible instances (true/false)
diskSizeGbRoot OS disk capacity in GB
diskTierRoot OS disk performance tier on AWS: medium (default), high, or ultra
availabilityZoneSpecific zone (Azure: 1,2,3 / GCP: a,b,c)
inputBucketCloud bucket for read-only input data
outputBucketCloud bucket for job outputs
inputStorageCredentialsCredentials for the input bucket on another cloud (CLI --input-storage-credentials <name>; SDK fills it from a cross-Client bucket; defaults to compute credentials)
inputStorageRegionRegion for input bucket storage (required with cross-cloud input credentials)
outputStorageCredentialsCredentials for the output bucket on another cloud (CLI --output-storage-credentials <name>; defaults to compute credentials)
outputStorageRegionRegion for output bucket storage (required with cross-cloud output credentials)
checkpointStorageCredentialsCredentials for the spot checkpoint bucket on another cloud (CLI --checkpoint-storage-credentials <name>; defaults to compute credentials)
checkpointStorageRegionRegion for checkpoint bucket storage (required with cross-cloud checkpoint credentials)

Input and output storage are configured independently. If you omit inputStorageCredentials or outputStorageCredentials, that bucket uses the compute credentials — even when the other bucket's storage credentials are set.

These map to CLI flags and Python SDK parameters — most are CloudConfig fields; gpu is the submit-level argument. See CloudConfig Parameters.

diskSizeGb and diskTier are independent: --disk-size 100 --disk-tier high means a 100 GB root disk with the high performance tier. Omit diskTier for the current default (medium). In v1, diskTier is AWS-only and maps to gp3 root volume performance:

TierIOPSThroughput
medium3000125 MiB/s
high80001000 MiB/s
ultra160001000 MiB/s

Disk tiers tune root-disk performance for image pulls, container startup, and workload I/O. They do not change Docker image identity or registry behavior.

For details on GPU type vs VM type and config variants, see CloudConfig Internals.

note

The Python SDK's @anycloud.function() decorator accepts configuration inline via CloudConfig and decorator parameters. See Python SDK — Function Decorator and CloudConfig Parameters.