--- version1 2020-01-16 +++ version2 2020-07-30 @@ -1,83 +1,135 @@ -The CloudBank initiative, a collaboration of the University of California, San Diego, the University of Washington, and the University of California, Berkeley offers services and support to the computer science research and education community for access to public cloud resources funded via NSF’s Cloud Access program. Whereas CloudBank provides access to these resources, the resources themselves are hosted and operated by public cloud providers. It is important that all users are aware of and abide by th+The CloudBank initiative, a collaboration of the University of California, San Diego, the University of Washington, and the University of California, Berkeley (collectively, “Institutions”) offers services and support to the computer science research and education community for access to public cloud resources, funded via the National Science Foundation’s (NSF) Cloud Access program. Whereas CloudBank provides access to these resources, the resources themselves are hosted and operated by public cloud -This policy addresses access to the CloudBank user portal and public cloud providers, with scope and distinctions noted below. User agreement with this policy applies to all future CloudBank related portal use, allocations, and fund management. +This Policy addresses access to the CloudBank user portal and public cloud providers, with scope and distinctions noted below. User agreement with this Policy applies to all future CloudBank related portal use, allocations, and management. -Policies +Agreement to Policy +Users agree to abide by this Policy. By using or accessing CloudBank, Users signify their agreement to be bound by this Policy. Failure to do so may lead to disciplinary actions described herein. CloudBank reserves the right to modify this Policy at any time and will publish notice of any modifications. By continuing to access or use CloudBank after notice of such modifications has been published, you signify your agreement to be bound by the modifications. -Users agree to abide by the following policies. Failure to do so may lead to disciplinary actions described in the next section. +User Age and Eligibility +Use of or participation in CloudBank is restricted to those individuals who have registered; who have agreed to this Policy; who are 18 years of age and over, emancipated minors, or who possess parental or legal guardian consent; and who are fully able and competent to agree to this Policy, terms, conditions, obligations, affirmations, representations and warranties herein. +Any use or access by anyone under the age of 13 is prohibited. If you are under 13 years of age, do not use CloudBank. By accessing or using CloudBank, you affirm that you are at least 13 years old and meet the eligibility requirements. + All Users +If you are a User, you agree not to: -Sharing of CloudBank and public cloud User Credentials is strictly prohibited. -Public cloud resources may only be used to perform research work consistent with the project goals set forth in the NSF awards associated with individual Principal Investigators. -CloudBank and public cloud resources may not be used for commercial purposes, financial gain, personal gain, or any unlawful purpose. -Users are only allowed one CloudBank portal account per person, unless otherwise approved by CloudBank. -Users may have access to multiple cloud providers, and it is understood that in some cases, may have a need for multiple cloud provider accounts. -Users will never try to circumvent login procedures or otherwise attempt to gain access where it has not been granted. +Violate local, state, national, or international law or breach any of your contractual obligations or fiduciary duties; + +Share your CloudBank or public cloud User Credentials, or do anything that might put your account at risk; + +Use public cloud resources for any purpose other than to perform work consistent with the project goals set forth in the NSF awards associated with individual Principal Investigators; + +Use CloudBank or public cloud resources for commercial purposes, financial gain, personal gain, or any unlawful purpose; + +Create more than one CloudBank portal account per person, unless otherwise approved in writing by CloudBank; + +Circumvent or try to circumvent login procedures or otherwise attempt to gain access where it has not been granted; + +Attempt to access any other user's account; + +Reproduce, transfer, sell, resell, or otherwise misuse any content from CloudBank, unless specifically authorized to do so; + +Access, tamper with, or use non-public areas of our systems, unless specifically authorized to do so; + +Break or circumvent our authentication or security or otherwise test the vulnerability of our systems or networks, unless specifically authorized to do so; + +Try to interfere with any user, host, or network, for example by sending a virus, malware, overloading, spamming, or mail-bombing; + +Impersonate or misrepresent your affiliation with any person or entity; + +Encourage or help anyone do any of the above. + Principal Investigators (PIs) +If you are a Principal Investigator, you agree that: -PIs are responsible for notifying CloudBank when project users should be deactivated due to the departure of the user or completion of the project. -Project Leads/PIs are responsible for ensuring that users are conducting work on the CloudBank user portal and public cloud provider as part of their project, and that they observe the Acceptable Use Policy described herein. -The CloudBank project has access to public cloud cost and usage records for projects awarded via CloudBank and will use this information as part of its regular reporting to NSF. Some of this information may be public as part of CloudBank’s Broader Impacts work. In these cases, no identifying PI or user data will be shared. -CloudBank public cloud resources are physically located at public cloud providers and therefore users are subject to the policies of those providers. It is the responsibility of users to understand and accept the terms and conditions of those providers. These include, for example: +You shall notify CloudBank when project Users’ accounts should be deactivated due to the departure of the User or completion of the project; +You shall be responsible for ensuring that Users are conducting work on the CloudBank user portal and public cloud provider as part of their project, and that they observe the Acceptable Use Policy described herein; + +You shall be responsible for ensuring that your usage and billing data does not contain any personally identifiable information (other than that which is needed to normally administer the account); + +You shall ensure that CloudBank has access to public cloud cost and usage records for projects awarded via CloudBank. + +If you are a PI, you further acknowledge and understand that CloudBank will use information about public cloud cost and usage records as part of its regular reporting to NSF. Some of this information may be public as part of CloudBank’s Broader Impacts work. + +Third-Party Policies +CloudBank public cloud resources are physically located at public cloud providers and Users are subject to the policies of those providers. It is the responsibility of Users to understand and accept the terms and conditions of those providers. These include, but are not limited to, for example: + Microsoft Azure: https://azure.microsoft.com/en-us/support/legal/subscription-agreement -Google Cloud: https://cloud.google.com/terms -AWS: https://aws.amazon.com/agreement -Disciplinary Actions -Notwithstanding any action that might be taken by public cloud providers, disciplinary actions for infractions of the Acceptable Use Policy include, but are not limited to the following: +Google Cloud: https://cloud.google.com/terms/aup -Written or verbal warnings -Revocation of access privileges to CloudBank -Termination of project(s) on CloudBank -Criminal prosecution -Portal and Cloud Accounts +AWS: https://aws.amazon.com/aup -CloudBank is integrated with CILogon and therefore most users will be able to access the portal using their institutional credentials. For privileged access, e.g., the ability to add allocations to accounts, Multi-factor authentication will be required. +Disciplinary Actions +Notwithstanding any action that might be taken by public cloud providers, disciplinary actions for infractions of the Acceptable Use Policy include, but are not limited to, the following: -Account Deactivation Policy +Written or verbal warnings; -Accounts will be deactivated for any of the following reasons:
 +Revocation of access privileges to CloudBank; -PI Request +Termination of project(s) on CloudBank; -An account deactivation request by a PI will result in the account being denied access to use the PI's project's allocation; if the account does not have access to another active project it will also be deactivated. +Referral to law enforcement authorities. -Project Expiration +Account Deactivation Policy +CloudBank reserves the right to deactivate Accounts for any of the following reasons:
 +PI Request for User Deactivation +A user deactivation request by a PI will result in the user being denied access to use the PI's project's allocation. + +Project Expiration Upon project completion, all accounts (PI and users) will be immediately denied access to the allocation. Overrun of Allocation +In the event of an overrun of allocation, PI and users will be immediately denied access to the allocation. PI will receive notifications when they have 20%, 10%, and 5% of their allocation remaining and thus will have opportunities to take action to avoid cost overruns. In the event that they exhaust their allocations, they will have access to the CloudBank portal for the purpose of reviewing their usage. -PI will receive notifications when they have 20%, 10%, and 5% of their allocation remaining and thus will have opportunities to take action to avoid cost overruns. In the event that they exhaust their allocations, they will have access to the CloudBank portal for the purpose of reviewing their usage. - Violation of Policy - Any user account determined to be in violation of this policy will be subject to the Disciplinary Actions described above, and may immediately be denied access to CloudBank and associated cloud provider accounts without notification depending on the severity of the event. -Use of Protected Software and Data +Termination Rights +You agree that CloudBank, in its sole discretion, may request from the NSF that your use of or access to CloudBank be terminated for any reason or no reason and at any time; CloudBank shall not have any liability to you for such a request. -The terms of specific NSF-awarded projects may permit PIs and users to install or use software or data on public cloud providers that falls under protected categories, including for example: International Traffic in Arms Regulations (ITAR), Export Administration Regulations (EAR), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA), Personally Identifiable Information (PII), and other protected data. The management of such data and software is en+Enforcement and Violations +Upon receiving notice or information that you have violated these Terms or any applicable law or policy, CloudBank may temporarily suspend your privileges pending further proceedings. +A User accused of a violation will be notified in writing of the charge(s) and will have an opportunity to respond in writing before CloudBank makes a final decision about the violation or imposes a permanent sanction. Appropriate cases will be referred to appropriate law enforcement authorities. + +In addition to sanctions available under applicable law and policies, CloudBank may impose a temporary or permanent reduction or elimination of access privileges to CloudBank. + +If CloudBank believes it necessary to preserve the integrity of computing and communication resources or data, CloudBank may temporarily suspend any account, whether or not the account User is suspected of any violation. + +Use of Protected Software and Data +The terms of specific NSF-awarded projects may permit PIs and Users to install or use software or data on public cloud providers that falls under protected categories, including for example: International Traffic in Arms Regulations (ITAR), Export Administration Regulations (EAR), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA), Personally Identifiable Information (PII), and other protected data. The management of such data and software is en Violations of this policy may result in the immediate removal of said software and/or data and deactivation of related projects, allocations, and user accounts. Data Retention +Unless agreements between PIs and public cloud providers specify otherwise (e.g., for a specific public dataset) data hosted in public cloud debits a project’s funding allocation. Therefore, you agree that you shall review these charges and take steps to migrate data from the cloud prior to the termination of your allocations. You acknowledge and understand that all data associated with an allocation will be removed from public cloud upon expiration of the project. CloudBank is not responsible for the ba -Unless agreements between PIs and public cloud providers specify otherwise (e.g., for a specific public dataset) data hosted in public cloud debits a project’s funding allocation. Therefore, it is imperative that users understand these charges and take steps to migrate data from the cloud prior to the termination of their allocations. All data associated with an allocation will be removed from public cloud upon expiration of the project. CloudBank is not responsible for the backup, recovery, or costs ass User Support +CloudBank users are encouraged to request assistance when necessary. All requests for support must be submitted by emailing help@cloudbank.org. -CloudBank users are encouraged to request assistance when necessary. All requests for support must be submitted by emailing info@cloudbank.org. - Refund Requests +Users may submit Service Credit requests for services that terminate abnormally and can be attributed to hardware and system software failure. Users shall implement safeguards such as snapshotting to minimize the amount of lost time due to hardware or system software failure. Requests for Service Credit refunds should be made by sending e-mail to help@cloudbank.org. The request should include information to assist CloudBank staff in reviewing the root cause, such as usage records, job log files, error mess -Users may submit Service Credit requests for services that terminate abnormally that can be attributed to hardware and system software failure. Users should implement safeguards such as snapshotting to minimize the amount of lost time due to hardware or system software failure. Requests for Service Credit refunds should be made by sending e-mail to info@cloudbank.org. The request should include information to assist CloudBank staff in reviewing the root cause, such as usage records, job log files, error me User News +Information regarding important CloudBank activities, including system availability and upgrades, training classes, allocation renewal notifications, and holiday consulting coverage may be communicated to the user community via the CloudBank user portal and CloudBank User News. Users are automatically subscribed to CloudBank User News. Users may unsubscribe from User News, but then must assume responsibility and outcomes for not receiving User News via email by finding the information in the appropriate lo -Information regarding important CloudBank activities, including system availability and upgrades, training classes, allocation renewal notifications, and holiday consulting coverage will be communicated to the user community via the CloudBank user portal and CloudBank User News. Users are automatically subscribed to CloudBank User News. Users may unsubscribe from User News, but then must assume responsibility and outcomes for not receiving User News via email by finding the information in the appropriate l Acknowledgement of CloudBank in Publications +An acknowledgement of support from the CloudBank project and the National Science Foundation shall appear in any publication of material, whether copyrighted or not, that describes work which benefited from access to CloudBank resources. The acknowledgement is as follows: "Results presented in this paper were obtained using CloudBank, which is supported by the National Science Foundation under award #1925001." -An acknowledgement of support from the CloudBank project and the National Science Foundation should appear in any publication of material, whether copyrighted or not, that describes work which benefited from access to CloudBank resources. The acknowledgement is as follows: "Results presented in this paper were obtained using CloudBank, which is supported by the National Science Foundation under award #1925001". +Disclaimer of Warranties +CloudBank and any associated services and any information, products or services therein are provided "as is" without warranty of any kind, either express or implied, including without limitation, the implied warranties of merchantability, fitness for use of a particular purpose, or noninfringement. + +Institutions does not warrant, and hereby disclaims any warranties, either express or implied, with respect to the accuracy, adequacy, or completeness of CloudBank, any associated services, sites within CloudBank, information obtained from CloudBank, or link to a site. Institutions does not warrant that CloudBank will operate in an uninterrupted or error-free manner or that CloudBank and associated services are free of viruses or other harmful components. You agree and acknowledge that use of CloudBank or