Resource: awsBatchComputeEnvironment
Creates a AWS Batch compute environment. Compute environments contain the Amazon ECS container instances that are used to run containerized batch jobs.
For information about AWS Batch, see What is AWS Batch? . For information about compute environment, see Compute Environments .
\~> Note: To prevent a race condition during environment deletion, make sure to set dependsOn to the related awsIamRolePolicyAttachment; otherwise, the policy may be destroyed too soon and the compute environment will then get stuck in the deleting state, see Troubleshooting AWS Batch .
Example Usage
EC2 Type
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsSecurityGroupSample = new aws.securityGroup.SecurityGroup(
this,
"sample",
{
egress: [
{
cidrBlocks: ["0.0.0.0/0"],
fromPort: 0,
protocol: "-1",
toPort: 0,
},
],
name: "aws_batch_compute_environment_security_group",
}
);
const awsVpcSample = new aws.vpc.Vpc(this, "sample_1", {
cidrBlock: "10.1.0.0/16",
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsVpcSample.overrideLogicalId("sample");
const dataAwsIamPolicyDocumentBatchAssumeRole =
new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(
this,
"batch_assume_role",
{
statement: [
{
actions: ["sts:AssumeRole"],
effect: "Allow",
principals: [
{
identifiers: ["batch.amazonaws.com"],
type: "Service",
},
],
},
],
}
);
const dataAwsIamPolicyDocumentEc2AssumeRole =
new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(
this,
"ec2_assume_role",
{
statement: [
{
actions: ["sts:AssumeRole"],
effect: "Allow",
principals: [
{
identifiers: ["ec2.amazonaws.com"],
type: "Service",
},
],
},
],
}
);
const awsIamRoleAwsBatchServiceRole = new aws.iamRole.IamRole(
this,
"aws_batch_service_role",
{
assumeRolePolicy: dataAwsIamPolicyDocumentBatchAssumeRole.json,
name: "aws_batch_service_role",
}
);
const awsIamRoleEcsInstanceRole = new aws.iamRole.IamRole(
this,
"ecs_instance_role",
{
assumeRolePolicy: dataAwsIamPolicyDocumentEc2AssumeRole.json,
name: "ecs_instance_role",
}
);
const awsIamRolePolicyAttachmentAwsBatchServiceRole =
new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(
this,
"aws_batch_service_role_6",
{
policyArn: "arn:aws:iam::aws:policy/service-role/AWSBatchServiceRole",
role: awsIamRoleAwsBatchServiceRole.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsIamRolePolicyAttachmentAwsBatchServiceRole.overrideLogicalId(
"aws_batch_service_role"
);
const awsIamRolePolicyAttachmentEcsInstanceRole =
new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(
this,
"ecs_instance_role_7",
{
policyArn:
"arn:aws:iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role",
role: awsIamRoleEcsInstanceRole.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsIamRolePolicyAttachmentEcsInstanceRole.overrideLogicalId(
"ecs_instance_role"
);
const awsSubnetSample = new aws.subnet.Subnet(this, "sample_8", {
cidrBlock: "10.1.1.0/24",
vpcId: awsVpcSample.id,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsSubnetSample.overrideLogicalId("sample");
const awsIamInstanceProfileEcsInstanceRole =
new aws.iamInstanceProfile.IamInstanceProfile(this, "ecs_instance_role_9", {
name: "ecs_instance_role",
role: awsIamRoleEcsInstanceRole.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsIamInstanceProfileEcsInstanceRole.overrideLogicalId("ecs_instance_role");
const awsBatchComputeEnvironmentSample =
new aws.batchComputeEnvironment.BatchComputeEnvironment(this, "sample_10", {
computeEnvironmentName: "sample",
computeResources: {
instanceRole: awsIamInstanceProfileEcsInstanceRole.arn,
instanceType: ["c4.large"],
maxVcpus: 16,
minVcpus: 0,
securityGroupIds: [awsSecurityGroupSample.id],
subnets: [awsSubnetSample.id],
type: "EC2",
},
depends_on: [`\${${awsIamRolePolicyAttachmentAwsBatchServiceRole.fqn}}`],
serviceRole: awsIamRoleAwsBatchServiceRole.arn,
type: "MANAGED",
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsBatchComputeEnvironmentSample.overrideLogicalId("sample");
Fargate Type
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.batchComputeEnvironment.BatchComputeEnvironment(this, "sample", {
computeEnvironmentName: "sample",
computeResources: {
maxVcpus: 16,
securityGroupIds: ["${aws_security_group.sample.id}"],
subnets: ["${aws_subnet.sample.id}"],
type: "FARGATE",
},
depends_on: ["${aws_iam_role_policy_attachment.aws_batch_service_role}"],
serviceRole: "${aws_iam_role.aws_batch_service_role.arn}",
type: "MANAGED",
});
Argument Reference
computeEnvironmentName- (Optional, Forces new resource) The name for your compute environment. Up to 128 letters (uppercase and lowercase), numbers, and underscores are allowed. If omitted, Terraform will assign a random, unique name.computeEnvironmentNamePrefix- (Optional, Forces new resource) Creates a unique compute environment name beginning with the specified prefix. Conflicts withcomputeEnvironmentName.computeResources- (Optional) Details of the compute resources managed by the compute environment. This parameter is required for managed compute environments. See details below.eksConfiguration- (Optional) Details for the Amazon EKS cluster that supports the compute environment. See details below.serviceRole- (Required) The full Amazon Resource Name (ARN) of the IAM role that allows AWS Batch to make calls to other AWS services on your behalf.state- (Optional) The state of the compute environment. If the state isenabled, then the compute environment accepts jobs from a queue and can scale out automatically based on queues. Valid items areenabledordisabled. Defaults toenabled.tags- (Optional) Key-value map of resource tags. If configured with a providerdefaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.type- (Required) The type of the compute environment. Valid items aremanagedorunmanaged.
computeResources
allocationStrategy- (Optional) The allocation strategy to use for the compute resource in case not enough instances of the best fitting instance type can be allocated. Valid items areBEST_FIT_PROGRESSIVE,SPOT_CAPACITY_OPTIMIZEDorBEST_FIT. Defaults toBEST_FIT. See AWS docs for details. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.bidPercentage- (Optional) Integer of maximum percentage that a Spot Instance price can be when compared with the On-Demand price for that instance type before instances are launched. For example, if your bid percentage is 20% (20), then the Spot price must be below 20% of the current On-Demand price for that EC2 instance. If you leave this field empty, the default value is 100% of the On-Demand price. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.desiredVcpus- (Optional) The desired number of EC2 vCPUS in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.ec2Configuration- (Optional) Provides information used to select Amazon Machine Images (AMIs) for EC2 instances in the compute environment. If Ec2Configuration isn't specified, the default is ECS_AL2. This parameter isn't applicable to jobs that are running on Fargate resources, and shouldn't be specified.ec2KeyPair- (Optional) The EC2 key pair that is used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.imageId- (Optional) The Amazon Machine Image (AMI) ID used for instances launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. (Deprecated, useec2ConfigurationimageIdOverrideinstead)instanceRole- (Optional) The Amazon ECS instance role applied to Amazon EC2 instances in a compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.instanceType- (Optional) A list of instance types that may be launched. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.launchTemplate- (Optional) The launch template to use for your compute resources. See details below. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.maxVcpus- (Required) The maximum number of EC2 vCPUs that an environment can reach.minVcpus- (Optional) The minimum number of EC2 vCPUs that an environment should maintain. Forec2orspotcompute environments, if the parameter is not explicitly defined, a0default value will be set. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.securityGroupIds- (Optional) A list of EC2 security group that are associated with instances launched in the compute environment. This parameter is required for Fargate compute environments.spotIamFleetRole- (Optional) The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a SPOT compute environment. This parameter is required for SPOT compute environments. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.subnets- (Required) A list of VPC subnets into which the compute resources are launched.tags- (Optional) Key-value pair tags to be applied to resources that are launched in the compute environment. This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified.type- (Required) The type of compute environment. Valid items areec2,spot,fargateorFARGATE_SPOT.
ec2Configuration
ec2Configuration supports the following:
imageIdOverride- (Optional) The AMI ID used for instances launched in the compute environment that match the image type. This setting overrides theimageIdargument in thecomputeResourcesblock.imageType- (Optional) The image type to match with the instance type to select an AMI. If theimageIdOverrideparameter isn't specified, then a recent Amazon ECS-optimized Amazon Linux 2 AMI (ECS_AL2) is used.
launchTemplate
launchTemplate supports the following:
launchTemplateId- (Optional) ID of the launch template. You must specify either the launch template ID or launch template name in the request, but not both.launchTemplateName- (Optional) Name of the launch template.version- (Optional) The version number of the launch template. Default: The default version of the launch template.
eksConfiguration
eksConfiguration supports the following:
eksClusterArn- (Required) The Amazon Resource Name (ARN) of the Amazon EKS cluster.kubernetesNamespace- (Required) The namespace of the Amazon EKS cluster. AWS Batch manages pods in this namespace.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
arn- The Amazon Resource Name (ARN) of the compute environment.ecsClusterArn- The Amazon Resource Name (ARN) of the underlying Amazon ECS cluster used by the compute environment.status- The current status of the compute environment (for example, CREATING or VALID).statusReason- A short, human-readable string to provide additional details about the current status of the compute environment.tagsAll- A map of tags assigned to the resource, including those inherited from the providerdefaultTagsconfiguration block.
Import
AWS Batch compute can be imported using the computeEnvironmentName, e.g.,