2021/03/31 - AWS Batch - 3 updated api methods
Changes AWS Batch adds support for Amazon EFS File System
{'jobDefinitions': {'containerProperties': {'volumes': {'efsVolumeConfiguration': {'authorizationConfig': {'accessPointId': 'string', 'iam': 'ENABLED ' '| ' 'DISABLED'}, 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED ' '| ' 'DISABLED', 'transitEncryptionPort': 'integer'}}}, 'nodeProperties': {'nodeRangeProperties': {'container': {'volumes': {'efsVolumeConfiguration': {'authorizationConfig': {'accessPointId': 'string', 'iam': 'ENABLED ' '| ' 'DISABLED'}, 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED ' '| ' 'DISABLED', 'transitEncryptionPort': 'integer'}}}}}}}
Describes a list of job definitions. You can specify a status (such as ACTIVE ) to only return job definitions that match that status.
See also: AWS API Documentation
Request Syntax
client.describe_job_definitions( jobDefinitions=[ 'string', ], maxResults=123, jobDefinitionName='string', status='string', nextToken='string' )
list
A list of up to 100 job definition names or full Amazon Resource Name (ARN) entries.
(string) --
integer
The maximum number of results returned by DescribeJobDefinitions in paginated output. When this parameter is used, DescribeJobDefinitions only returns maxResults results in a single page and a nextToken response element. The remaining results of the initial request can be seen by sending another DescribeJobDefinitions request with the returned nextToken value. This value can be between 1 and 100. If this parameter isn't used, then DescribeJobDefinitions returns up to 100 results and a nextToken value if applicable.
string
The name of the job definition to describe.
string
The status used to filter job definitions.
string
The nextToken value returned from a previous paginated DescribeJobDefinitions request where maxResults was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the nextToken value. This value is null when there are no more results to return.
Note
This token should be treated as an opaque identifier that's only used to retrieve the next items in a list and not for other programmatic purposes.
dict
Response Syntax
{ 'jobDefinitions': [ { 'jobDefinitionName': 'string', 'jobDefinitionArn': 'string', 'revision': 123, 'status': 'string', 'type': 'string', 'parameters': { 'string': 'string' }, 'retryStrategy': { 'attempts': 123, 'evaluateOnExit': [ { 'onStatusReason': 'string', 'onReason': 'string', 'onExitCode': 'string', 'action': 'RETRY'|'EXIT' }, ] }, 'containerProperties': { 'image': 'string', 'vcpus': 123, 'memory': 123, 'command': [ 'string', ], 'jobRoleArn': 'string', 'executionRoleArn': 'string', 'volumes': [ { 'host': { 'sourcePath': 'string' }, 'name': 'string', 'efsVolumeConfiguration': { 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED'|'DISABLED', 'transitEncryptionPort': 123, 'authorizationConfig': { 'accessPointId': 'string', 'iam': 'ENABLED'|'DISABLED' } } }, ], 'environment': [ { 'name': 'string', 'value': 'string' }, ], 'mountPoints': [ { 'containerPath': 'string', 'readOnly': True|False, 'sourceVolume': 'string' }, ], 'readonlyRootFilesystem': True|False, 'privileged': True|False, 'ulimits': [ { 'hardLimit': 123, 'name': 'string', 'softLimit': 123 }, ], 'user': 'string', 'instanceType': 'string', 'resourceRequirements': [ { 'value': 'string', 'type': 'GPU'|'VCPU'|'MEMORY' }, ], 'linuxParameters': { 'devices': [ { 'hostPath': 'string', 'containerPath': 'string', 'permissions': [ 'READ'|'WRITE'|'MKNOD', ] }, ], 'initProcessEnabled': True|False, 'sharedMemorySize': 123, 'tmpfs': [ { 'containerPath': 'string', 'size': 123, 'mountOptions': [ 'string', ] }, ], 'maxSwap': 123, 'swappiness': 123 }, 'logConfiguration': { 'logDriver': 'json-file'|'syslog'|'journald'|'gelf'|'fluentd'|'awslogs'|'splunk', 'options': { 'string': 'string' }, 'secretOptions': [ { 'name': 'string', 'valueFrom': 'string' }, ] }, 'secrets': [ { 'name': 'string', 'valueFrom': 'string' }, ], 'networkConfiguration': { 'assignPublicIp': 'ENABLED'|'DISABLED' }, 'fargatePlatformConfiguration': { 'platformVersion': 'string' } }, 'timeout': { 'attemptDurationSeconds': 123 }, 'nodeProperties': { 'numNodes': 123, 'mainNode': 123, 'nodeRangeProperties': [ { 'targetNodes': 'string', 'container': { 'image': 'string', 'vcpus': 123, 'memory': 123, 'command': [ 'string', ], 'jobRoleArn': 'string', 'executionRoleArn': 'string', 'volumes': [ { 'host': { 'sourcePath': 'string' }, 'name': 'string', 'efsVolumeConfiguration': { 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED'|'DISABLED', 'transitEncryptionPort': 123, 'authorizationConfig': { 'accessPointId': 'string', 'iam': 'ENABLED'|'DISABLED' } } }, ], 'environment': [ { 'name': 'string', 'value': 'string' }, ], 'mountPoints': [ { 'containerPath': 'string', 'readOnly': True|False, 'sourceVolume': 'string' }, ], 'readonlyRootFilesystem': True|False, 'privileged': True|False, 'ulimits': [ { 'hardLimit': 123, 'name': 'string', 'softLimit': 123 }, ], 'user': 'string', 'instanceType': 'string', 'resourceRequirements': [ { 'value': 'string', 'type': 'GPU'|'VCPU'|'MEMORY' }, ], 'linuxParameters': { 'devices': [ { 'hostPath': 'string', 'containerPath': 'string', 'permissions': [ 'READ'|'WRITE'|'MKNOD', ] }, ], 'initProcessEnabled': True|False, 'sharedMemorySize': 123, 'tmpfs': [ { 'containerPath': 'string', 'size': 123, 'mountOptions': [ 'string', ] }, ], 'maxSwap': 123, 'swappiness': 123 }, 'logConfiguration': { 'logDriver': 'json-file'|'syslog'|'journald'|'gelf'|'fluentd'|'awslogs'|'splunk', 'options': { 'string': 'string' }, 'secretOptions': [ { 'name': 'string', 'valueFrom': 'string' }, ] }, 'secrets': [ { 'name': 'string', 'valueFrom': 'string' }, ], 'networkConfiguration': { 'assignPublicIp': 'ENABLED'|'DISABLED' }, 'fargatePlatformConfiguration': { 'platformVersion': 'string' } } }, ] }, 'tags': { 'string': 'string' }, 'propagateTags': True|False, 'platformCapabilities': [ 'EC2'|'FARGATE', ] }, ], 'nextToken': 'string' }
Response Structure
(dict) --
jobDefinitions (list) --
The list of job definitions.
(dict) --
An object representing an AWS Batch job definition.
jobDefinitionName (string) --
The name of the job definition.
jobDefinitionArn (string) --
The Amazon Resource Name (ARN) for the job definition.
revision (integer) --
The revision of the job definition.
status (string) --
The status of the job definition.
type (string) --
The type of job definition. If the job is run on Fargate resources, then multinode isn't supported. For more information about multi-node parallel jobs, see Creating a multi-node parallel job definition in the AWS Batch User Guide .
parameters (dict) --
Default parameters or parameter substitution placeholders that are set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition. For more information about specifying parameters, see Job Definition Parameters in the AWS Batch User Guide .
(string) --
(string) --
retryStrategy (dict) --
The retry strategy to use for failed jobs that are submitted with this job definition.
attempts (integer) --
The number of times to move a job to the RUNNABLE status. You can specify between 1 and 10 attempts. If the value of attempts is greater than one, the job is retried on failure the same number of attempts as the value.
evaluateOnExit (list) --
Array of up to 5 objects that specify conditions under which the job should be retried or failed. If this parameter is specified, then the attempts parameter must also be specified.
(dict) --
Specifies a set of conditions to be met, and an action to take (RETRY or EXIT ) if all conditions are met.
onStatusReason (string) --
Contains a glob pattern to match against the StatusReason returned for a job. The pattern can be up to 512 characters long, and can contain letters, numbers, periods (.), colons (:), and white space (including spaces or tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
onReason (string) --
Contains a glob pattern to match against the Reason returned for a job. The pattern can be up to 512 characters long, and can contain letters, numbers, periods (.), colons (:), and white space (including spaces and tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
onExitCode (string) --
Contains a glob pattern to match against the decimal representation of the ExitCode returned for a job. The pattern can be up to 512 characters long, can contain only numbers, and can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
action (string) --
Specifies the action to take if all of the specified conditions (onStatusReason , onReason , and onExitCode ) are met. The values aren't case sensitive.
containerProperties (dict) --
An object with various properties specific to container-based jobs.
image (string) --
The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image :tag `` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run .
Note
Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources.
Images in Amazon ECR repositories use the full registry and repository URI (for example, 012345678910.dkr.ecr.<region-name>.amazonaws.com/<repository-name> ).
Images in official repositories on Docker Hub use a single name (for example, ubuntu or mongo ).
Images in other repositories on Docker Hub are qualified with an organization name (for example, amazon/amazon-ecs-agent ).
Images in other online repositories are qualified further by a domain name (for example, quay.io/assemblyline/ubuntu ).
vcpus (integer) --
The number of vCPUs reserved for the job. Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . The number of vCPUs must be specified but can be be specified in several places. You must specify it at least once for each node.
This parameter is supported on EC2 resources but isn't supported for jobs that run on Fargate resources. For these resources, use resourceRequirement instead. You can use this parameter or resourceRequirements structure but not both.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided. For jobs that run on Fargate resources, you must specify the vCPU requirement for the job using resourceRequirements .
memory (integer) --
This parameter indicates the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it is terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.
This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
This parameter is supported on EC2 resources but isn't supported on Fargate resources. For Fargate resources, you should specify the memory requirement using resourceRequirement . You can do this for EC2 resources.
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
command (list) --
The command that's passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run . For more information, see https://docs.docker.com/engine/reference/builder/#cmd .
(string) --
jobRoleArn (string) --
The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see IAM Roles for Tasks in the Amazon Elastic Container Service Developer Guide .
executionRoleArn (string) --
The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see AWS Batch execution IAM role in the AWS Batch User Guide .
volumes (list) --
A list of data volumes used in a job.
(dict) --
A data volume used in a job's container properties.
host (dict) --
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers associated with it stop running.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
sourcePath (string) --
The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
Note
This parameter isn't applicable to jobs that run on Fargate resources and shouldn't be provided.
name (string) --
The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints .
efsVolumeConfiguration (dict) --
This parameter is specified when you are using an Amazon Elastic File System file system for job storage. Jobs running on Fargate resources must specify a platformVersion of at least 1.4.0 .
fileSystemId (string) --
The Amazon EFS file system ID to use.
rootDirectory (string) --
The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying / will have the same effect as omitting this parameter.
Warning
If an EFS access point is specified in the authorizationConfig , the root directory parameter must either be omitted or set to / which will enforce the path set on the Amazon EFS access point.
transitEncryption (string) --
Whether or not to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide .
transitEncryptionPort (integer) --
The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see EFS Mount Helper in the Amazon Elastic File System User Guide .
authorizationConfig (dict) --
The authorization configuration details for the Amazon EFS file system.
accessPointId (string) --
The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration . For more information, see Working with Amazon EFS Access Points in the Amazon Elastic File System User Guide .
iam (string) --
Whether or not to use the AWS Batch execution IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration . If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS Access Points in the AWS Batch User Guide . EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
environment (list) --
The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run .
Warning
We don't recommend using plaintext environment variables for sensitive information, such as credential data.
Note
Environment variables must not start with AWS_BATCH ; this naming convention is reserved for variables that are set by the AWS Batch service.
(dict) --
A key-value pair object.
name (string) --
The name of the key-value pair. For environment variables, this is the name of the environment variable.
value (string) --
The value of the key-value pair. For environment variables, this is the value of the environment variable.
mountPoints (list) --
The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run .
(dict) --
Details on a Docker volume mount point that's used in a job's container properties. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
containerPath (string) --
The path on the container where the host volume is mounted.
readOnly (boolean) --
If this value is true , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false .
sourceVolume (string) --
The name of the volume to mount.
readonlyRootFilesystem (boolean) --
When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run .
privileged (boolean) --
When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run . The default value is false.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided, or specified as false.
ulimits (list) --
A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The ulimit settings to pass to the container.
Note
This object isn't applicable to jobs running on Fargate resources.
hardLimit (integer) --
The hard limit for the ulimit type.
name (string) --
The type of the ulimit .
softLimit (integer) --
The soft limit for the ulimit type.
user (string) --
The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run .
instanceType (string) --
The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.
Note
This parameter isn't applicable to single-node container jobs or for jobs that run on Fargate resources and shouldn't be provided.
resourceRequirements (list) --
The type and amount of resources to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
(dict) --
The type and amount of a resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
value (string) --
The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
type="GPU"
The number of physical GPUs to reserve for the container. The number of GPUs reserved for all containers in a job shouldn't exceed the number of available GPUs on the compute resource that the job is launched on.
Note
GPUs are not available for jobs running on Fargate resources.
type="MEMORY"
The memory hard limit (in MiB) present to the container. This parameter is supported for jobs running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
For jobs running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
value = 512
VCPU = 0.25
value = 1024
VCPU = 0.25 or 0.5
value = 2048
VCPU = 0.25, 0.5, or 1
value = 3072
VCPU = 0.5, or 1
value = 4096
VCPU = 0.5, 1, or 2
value = 5120, 6144, or 7168
VCPU = 1 or 2
value = 8192
VCPU = 1, 2, or 4
value = 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
VCPU = 2 or 4
value = 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
VCPU = 4
type="VCPU"
The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.
For jobs running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, and 4
value = 0.25
MEMORY = 512, 1024, or 2048
value = 0.5
MEMORY = 1024, 2048, 3072, or 4096
value = 1
MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
value = 2
MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
value = 4
MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
type (string) --
The type of resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
linuxParameters (dict) --
Linux-specific modifications that are applied to the container, such as details for device mappings.
devices (list) --
Any host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the --device option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
An object representing a container instance host device.
Note
This object isn't applicable to jobs running on Fargate resources and shouldn't be provided.
hostPath (string) --
The path for the device on the host container instance.
containerPath (string) --
The path inside the container used to expose the host device. By default, the hostPath value is used.
permissions (list) --
The explicit permissions to provide to the container for the device. By default, the container has permissions for read , write , and mknod for the device.
(string) --
initProcessEnabled (boolean) --
If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
sharedMemorySize (integer) --
The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the --shm-size option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
tmpfs (list) --
The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The container path, mount options, and size of the tmpfs mount.
Note
This object isn't applicable to jobs running on Fargate resources.
containerPath (string) --
The absolute file path in the container where the tmpfs volume is mounted.
size (integer) --
The size (in MiB) of the tmpfs volume.
mountOptions (list) --
The list of tmpfs volume mount options.
Valid values: "defaults " | "ro " | "rw " | "suid " | "nosuid " | "dev " | "nodev " | "exec " | "noexec " | "sync " | "async " | "dirsync " | "remount " | "mand " | "nomand " | "atime " | "noatime " | "diratime " | "nodiratime " | "bind " | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime " | "norelatime " | "strictatime " | "nostrictatime " | "mode " | "uid " | "gid " | "nr_inodes " | "nr_blocks " | "mpol "
(string) --
maxSwap (integer) --
The total amount of swap memory (in MiB) a container can use. This parameter is translated to the --memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see ` --memory-swap details <https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details>`__ in the Docker documentation.
If a maxSwap value of 0 is specified, the container doesn't use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn't use the swap configuration for the container instance it is running on. A maxSwap value must be set for the swappiness parameter to be used.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
swappiness (integer) --
This allows you to tune a container's memory swappiness behavior. A swappiness value of 0 causes swapping not to happen unless absolutely necessary. A swappiness value of 100 causes pages to be swapped very aggressively. Accepted values are whole numbers between 0 and 100 . If the swappiness parameter isn't specified, a default value of 60 is used. If a value isn't specified for maxSwap then this parameter is ignored. If maxSwap is set to 0, the container doesn't use swap. This parameter maps to the --memory-swappiness option to docker run .
Consider the following when you use a per-container swap configuration.
Swap space must be enabled and allocated on the container instance for the containers to use.
Note
The Amazon ECS optimized AMIs don't have swap enabled by default. You must enable swap on the instance to use this feature. For more information, see Instance Store Swap Volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
The swap space parameters are only supported for job definitions using EC2 resources.
If the maxSwap and swappiness parameters are omitted from a job definition, each container will have a default swappiness value of 60, and the total swap usage will be limited to two times the memory reservation of the container.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
logConfiguration (dict) --
The log configuration specification for the container.
This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the --log-driver option to docker run . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers in the Docker documentation.
Note
AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type).
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
Note
The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS Container Agent Configuration in the Amazon Elastic Container Service Developer Guide .
logDriver (string) --
The log driver to use for the container. The valid values listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default.
The supported log drivers are awslogs , fluentd , gelf , json-file , journald , logentries , syslog , and splunk .
Note
Jobs running on Fargate resources are restricted to the awslogs and splunk log drivers.
awslogs
Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs Log Driver in the AWS Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
fluentd
Specifies the Fluentd logging driver. For more information, including usage and options, see Fluentd logging driver in the Docker documentation.
gelf
Specifies the Graylog Extended Format (GELF) logging driver. For more information, including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
journald
Specifies the journald logging driver. For more information, including usage and options, see Journald logging driver in the Docker documentation.
json-file
Specifies the JSON file logging driver. For more information, including usage and options, see JSON File logging driver in the Docker documentation.
splunk
Specifies the Splunk logging driver. For more information, including usage and options, see Splunk logging driver in the Docker documentation.
syslog
Specifies the syslog logging driver. For more information, including usage and options, see Syslog logging driver in the Docker documentation.
Note
If you have a custom driver that's not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that's available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn't currently support running modified copies of this software.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
options (dict) --
The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
(string) --
(string) --
secretOptions (list) --
The secrets to pass to the log configuration. For more information, see Specifying Sensitive Data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) --
The name of the secret.
valueFrom (string) --
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
secrets (list) --
The secrets for the container. For more information, see Specifying sensitive data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) --
The name of the secret.
valueFrom (string) --
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
networkConfiguration (dict) --
The network configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
assignPublicIp (string) --
Indicates whether the job should have a public IP address. For a job running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, in order to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking . The default value is "DISABLED".
fargatePlatformConfiguration (dict) --
The platform configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
platformVersion (string) --
The AWS Fargate platform version where the jobs are running. A platform version is specified only for jobs running on Fargate resources. If one isn't specified, the LATEST platform version is used by default. This uses a recent, approved version of the AWS Fargate platform for compute resources. For more information, see AWS Fargate platform versions in the Amazon Elastic Container Service Developer Guide .
timeout (dict) --
The timeout configuration for jobs that are submitted with this job definition. You can specify a timeout duration after which AWS Batch terminates your jobs if they haven't finished.
attemptDurationSeconds (integer) --
The time duration in seconds (measured from the job attempt's startedAt timestamp) after which AWS Batch terminates your jobs if they have not finished. The minimum value for the timeout is 60 seconds.
nodeProperties (dict) --
An object with various properties specific to multi-node parallel jobs.
Note
If the job runs on Fargate resources, then you must not specify nodeProperties ; use containerProperties instead.
numNodes (integer) --
The number of nodes associated with a multi-node parallel job.
mainNode (integer) --
Specifies the node index for the main node of a multi-node parallel job. This node index value must be fewer than the number of nodes.
nodeRangeProperties (list) --
A list of node ranges and their properties associated with a multi-node parallel job.
(dict) --
An object representing the properties of the node range for a multi-node parallel job.
targetNodes (string) --
The range of nodes, using node index values. A range of 0:3 indicates nodes with index values of 0 through 3 . If the starting range value is omitted (:n ), then 0 is used to start the range. If the ending range value is omitted (n: ), then the highest possible node index is used to end the range. Your accumulative node ranges must account for all nodes (0:n ). You can nest node ranges, for example 0:10 and 4:5 , in which case the 4:5 range properties override the 0:10 properties.
container (dict) --
The container details for the node range.
image (string) --
The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image :tag `` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run .
Note
Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources.
Images in Amazon ECR repositories use the full registry and repository URI (for example, 012345678910.dkr.ecr.<region-name>.amazonaws.com/<repository-name> ).
Images in official repositories on Docker Hub use a single name (for example, ubuntu or mongo ).
Images in other repositories on Docker Hub are qualified with an organization name (for example, amazon/amazon-ecs-agent ).
Images in other online repositories are qualified further by a domain name (for example, quay.io/assemblyline/ubuntu ).
vcpus (integer) --
The number of vCPUs reserved for the job. Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . The number of vCPUs must be specified but can be be specified in several places. You must specify it at least once for each node.
This parameter is supported on EC2 resources but isn't supported for jobs that run on Fargate resources. For these resources, use resourceRequirement instead. You can use this parameter or resourceRequirements structure but not both.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided. For jobs that run on Fargate resources, you must specify the vCPU requirement for the job using resourceRequirements .
memory (integer) --
This parameter indicates the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it is terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.
This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
This parameter is supported on EC2 resources but isn't supported on Fargate resources. For Fargate resources, you should specify the memory requirement using resourceRequirement . You can do this for EC2 resources.
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
command (list) --
The command that's passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run . For more information, see https://docs.docker.com/engine/reference/builder/#cmd .
(string) --
jobRoleArn (string) --
The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see IAM Roles for Tasks in the Amazon Elastic Container Service Developer Guide .
executionRoleArn (string) --
The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see AWS Batch execution IAM role in the AWS Batch User Guide .
volumes (list) --
A list of data volumes used in a job.
(dict) --
A data volume used in a job's container properties.
host (dict) --
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers associated with it stop running.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
sourcePath (string) --
The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
Note
This parameter isn't applicable to jobs that run on Fargate resources and shouldn't be provided.
name (string) --
The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints .
efsVolumeConfiguration (dict) --
This parameter is specified when you are using an Amazon Elastic File System file system for job storage. Jobs running on Fargate resources must specify a platformVersion of at least 1.4.0 .
fileSystemId (string) --
The Amazon EFS file system ID to use.
rootDirectory (string) --
The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying / will have the same effect as omitting this parameter.
Warning
If an EFS access point is specified in the authorizationConfig , the root directory parameter must either be omitted or set to / which will enforce the path set on the Amazon EFS access point.
transitEncryption (string) --
Whether or not to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide .
transitEncryptionPort (integer) --
The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see EFS Mount Helper in the Amazon Elastic File System User Guide .
authorizationConfig (dict) --
The authorization configuration details for the Amazon EFS file system.
accessPointId (string) --
The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration . For more information, see Working with Amazon EFS Access Points in the Amazon Elastic File System User Guide .
iam (string) --
Whether or not to use the AWS Batch execution IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration . If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS Access Points in the AWS Batch User Guide . EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
environment (list) --
The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run .
Warning
We don't recommend using plaintext environment variables for sensitive information, such as credential data.
Note
Environment variables must not start with AWS_BATCH ; this naming convention is reserved for variables that are set by the AWS Batch service.
(dict) --
A key-value pair object.
name (string) --
The name of the key-value pair. For environment variables, this is the name of the environment variable.
value (string) --
The value of the key-value pair. For environment variables, this is the value of the environment variable.
mountPoints (list) --
The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run .
(dict) --
Details on a Docker volume mount point that's used in a job's container properties. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
containerPath (string) --
The path on the container where the host volume is mounted.
readOnly (boolean) --
If this value is true , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false .
sourceVolume (string) --
The name of the volume to mount.
readonlyRootFilesystem (boolean) --
When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run .
privileged (boolean) --
When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run . The default value is false.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided, or specified as false.
ulimits (list) --
A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The ulimit settings to pass to the container.
Note
This object isn't applicable to jobs running on Fargate resources.
hardLimit (integer) --
The hard limit for the ulimit type.
name (string) --
The type of the ulimit .
softLimit (integer) --
The soft limit for the ulimit type.
user (string) --
The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run .
instanceType (string) --
The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.
Note
This parameter isn't applicable to single-node container jobs or for jobs that run on Fargate resources and shouldn't be provided.
resourceRequirements (list) --
The type and amount of resources to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
(dict) --
The type and amount of a resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
value (string) --
The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
type="GPU"
The number of physical GPUs to reserve for the container. The number of GPUs reserved for all containers in a job shouldn't exceed the number of available GPUs on the compute resource that the job is launched on.
Note
GPUs are not available for jobs running on Fargate resources.
type="MEMORY"
The memory hard limit (in MiB) present to the container. This parameter is supported for jobs running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
For jobs running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
value = 512
VCPU = 0.25
value = 1024
VCPU = 0.25 or 0.5
value = 2048
VCPU = 0.25, 0.5, or 1
value = 3072
VCPU = 0.5, or 1
value = 4096
VCPU = 0.5, 1, or 2
value = 5120, 6144, or 7168
VCPU = 1 or 2
value = 8192
VCPU = 1, 2, or 4
value = 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
VCPU = 2 or 4
value = 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
VCPU = 4
type="VCPU"
The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.
For jobs running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, and 4
value = 0.25
MEMORY = 512, 1024, or 2048
value = 0.5
MEMORY = 1024, 2048, 3072, or 4096
value = 1
MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
value = 2
MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
value = 4
MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
type (string) --
The type of resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
linuxParameters (dict) --
Linux-specific modifications that are applied to the container, such as details for device mappings.
devices (list) --
Any host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the --device option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
An object representing a container instance host device.
Note
This object isn't applicable to jobs running on Fargate resources and shouldn't be provided.
hostPath (string) --
The path for the device on the host container instance.
containerPath (string) --
The path inside the container used to expose the host device. By default, the hostPath value is used.
permissions (list) --
The explicit permissions to provide to the container for the device. By default, the container has permissions for read , write , and mknod for the device.
(string) --
initProcessEnabled (boolean) --
If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
sharedMemorySize (integer) --
The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the --shm-size option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
tmpfs (list) --
The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The container path, mount options, and size of the tmpfs mount.
Note
This object isn't applicable to jobs running on Fargate resources.
containerPath (string) --
The absolute file path in the container where the tmpfs volume is mounted.
size (integer) --
The size (in MiB) of the tmpfs volume.
mountOptions (list) --
The list of tmpfs volume mount options.
Valid values: "defaults " | "ro " | "rw " | "suid " | "nosuid " | "dev " | "nodev " | "exec " | "noexec " | "sync " | "async " | "dirsync " | "remount " | "mand " | "nomand " | "atime " | "noatime " | "diratime " | "nodiratime " | "bind " | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime " | "norelatime " | "strictatime " | "nostrictatime " | "mode " | "uid " | "gid " | "nr_inodes " | "nr_blocks " | "mpol "
(string) --
maxSwap (integer) --
The total amount of swap memory (in MiB) a container can use. This parameter is translated to the --memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see ` --memory-swap details <https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details>`__ in the Docker documentation.
If a maxSwap value of 0 is specified, the container doesn't use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn't use the swap configuration for the container instance it is running on. A maxSwap value must be set for the swappiness parameter to be used.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
swappiness (integer) --
This allows you to tune a container's memory swappiness behavior. A swappiness value of 0 causes swapping not to happen unless absolutely necessary. A swappiness value of 100 causes pages to be swapped very aggressively. Accepted values are whole numbers between 0 and 100 . If the swappiness parameter isn't specified, a default value of 60 is used. If a value isn't specified for maxSwap then this parameter is ignored. If maxSwap is set to 0, the container doesn't use swap. This parameter maps to the --memory-swappiness option to docker run .
Consider the following when you use a per-container swap configuration.
Swap space must be enabled and allocated on the container instance for the containers to use.
Note
The Amazon ECS optimized AMIs don't have swap enabled by default. You must enable swap on the instance to use this feature. For more information, see Instance Store Swap Volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
The swap space parameters are only supported for job definitions using EC2 resources.
If the maxSwap and swappiness parameters are omitted from a job definition, each container will have a default swappiness value of 60, and the total swap usage will be limited to two times the memory reservation of the container.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
logConfiguration (dict) --
The log configuration specification for the container.
This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the --log-driver option to docker run . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers in the Docker documentation.
Note
AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type).
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
Note
The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS Container Agent Configuration in the Amazon Elastic Container Service Developer Guide .
logDriver (string) --
The log driver to use for the container. The valid values listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default.
The supported log drivers are awslogs , fluentd , gelf , json-file , journald , logentries , syslog , and splunk .
Note
Jobs running on Fargate resources are restricted to the awslogs and splunk log drivers.
awslogs
Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs Log Driver in the AWS Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
fluentd
Specifies the Fluentd logging driver. For more information, including usage and options, see Fluentd logging driver in the Docker documentation.
gelf
Specifies the Graylog Extended Format (GELF) logging driver. For more information, including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
journald
Specifies the journald logging driver. For more information, including usage and options, see Journald logging driver in the Docker documentation.
json-file
Specifies the JSON file logging driver. For more information, including usage and options, see JSON File logging driver in the Docker documentation.
splunk
Specifies the Splunk logging driver. For more information, including usage and options, see Splunk logging driver in the Docker documentation.
syslog
Specifies the syslog logging driver. For more information, including usage and options, see Syslog logging driver in the Docker documentation.
Note
If you have a custom driver that's not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that's available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn't currently support running modified copies of this software.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
options (dict) --
The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
(string) --
(string) --
secretOptions (list) --
The secrets to pass to the log configuration. For more information, see Specifying Sensitive Data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) --
The name of the secret.
valueFrom (string) --
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
secrets (list) --
The secrets for the container. For more information, see Specifying sensitive data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) --
The name of the secret.
valueFrom (string) --
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
networkConfiguration (dict) --
The network configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
assignPublicIp (string) --
Indicates whether the job should have a public IP address. For a job running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, in order to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking . The default value is "DISABLED".
fargatePlatformConfiguration (dict) --
The platform configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
platformVersion (string) --
The AWS Fargate platform version where the jobs are running. A platform version is specified only for jobs running on Fargate resources. If one isn't specified, the LATEST platform version is used by default. This uses a recent, approved version of the AWS Fargate platform for compute resources. For more information, see AWS Fargate platform versions in the Amazon Elastic Container Service Developer Guide .
tags (dict) --
The tags applied to the job definition.
(string) --
(string) --
propagateTags (boolean) --
Specifies whether to propagate the tags from the job or job definition to the corresponding Amazon ECS task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the tasks during task creation. For tags with the same name, job tags are given priority over job definitions tags. If the total number of combined tags from the job and job definition is over 50, the job is moved to the FAILED state.
platformCapabilities (list) --
The platform capabilities required by the job definition. If no value is specified, it defaults to EC2 . Jobs run on Fargate resources specify FARGATE .
(string) --
nextToken (string) --
The nextToken value to include in a future DescribeJobDefinitions request. When the results of a DescribeJobDefinitions request exceed maxResults , this value can be used to retrieve the next page of results. This value is null when there are no more results to return.
{'jobs': {'container': {'volumes': {'efsVolumeConfiguration': {'authorizationConfig': {'accessPointId': 'string', 'iam': 'ENABLED ' '| ' 'DISABLED'}, 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED ' '| ' 'DISABLED', 'transitEncryptionPort': 'integer'}}}, 'nodeProperties': {'nodeRangeProperties': {'container': {'volumes': {'efsVolumeConfiguration': {'authorizationConfig': {'accessPointId': 'string', 'iam': 'ENABLED ' '| ' 'DISABLED'}, 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED ' '| ' 'DISABLED', 'transitEncryptionPort': 'integer'}}}}}}}
Describes a list of AWS Batch jobs.
See also: AWS API Documentation
Request Syntax
client.describe_jobs( jobs=[ 'string', ] )
list
[REQUIRED]
A list of up to 100 job IDs.
(string) --
dict
Response Syntax
{ 'jobs': [ { 'jobArn': 'string', 'jobName': 'string', 'jobId': 'string', 'jobQueue': 'string', 'status': 'SUBMITTED'|'PENDING'|'RUNNABLE'|'STARTING'|'RUNNING'|'SUCCEEDED'|'FAILED', 'attempts': [ { 'container': { 'containerInstanceArn': 'string', 'taskArn': 'string', 'exitCode': 123, 'reason': 'string', 'logStreamName': 'string', 'networkInterfaces': [ { 'attachmentId': 'string', 'ipv6Address': 'string', 'privateIpv4Address': 'string' }, ] }, 'startedAt': 123, 'stoppedAt': 123, 'statusReason': 'string' }, ], 'statusReason': 'string', 'createdAt': 123, 'retryStrategy': { 'attempts': 123, 'evaluateOnExit': [ { 'onStatusReason': 'string', 'onReason': 'string', 'onExitCode': 'string', 'action': 'RETRY'|'EXIT' }, ] }, 'startedAt': 123, 'stoppedAt': 123, 'dependsOn': [ { 'jobId': 'string', 'type': 'N_TO_N'|'SEQUENTIAL' }, ], 'jobDefinition': 'string', 'parameters': { 'string': 'string' }, 'container': { 'image': 'string', 'vcpus': 123, 'memory': 123, 'command': [ 'string', ], 'jobRoleArn': 'string', 'executionRoleArn': 'string', 'volumes': [ { 'host': { 'sourcePath': 'string' }, 'name': 'string', 'efsVolumeConfiguration': { 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED'|'DISABLED', 'transitEncryptionPort': 123, 'authorizationConfig': { 'accessPointId': 'string', 'iam': 'ENABLED'|'DISABLED' } } }, ], 'environment': [ { 'name': 'string', 'value': 'string' }, ], 'mountPoints': [ { 'containerPath': 'string', 'readOnly': True|False, 'sourceVolume': 'string' }, ], 'readonlyRootFilesystem': True|False, 'ulimits': [ { 'hardLimit': 123, 'name': 'string', 'softLimit': 123 }, ], 'privileged': True|False, 'user': 'string', 'exitCode': 123, 'reason': 'string', 'containerInstanceArn': 'string', 'taskArn': 'string', 'logStreamName': 'string', 'instanceType': 'string', 'networkInterfaces': [ { 'attachmentId': 'string', 'ipv6Address': 'string', 'privateIpv4Address': 'string' }, ], 'resourceRequirements': [ { 'value': 'string', 'type': 'GPU'|'VCPU'|'MEMORY' }, ], 'linuxParameters': { 'devices': [ { 'hostPath': 'string', 'containerPath': 'string', 'permissions': [ 'READ'|'WRITE'|'MKNOD', ] }, ], 'initProcessEnabled': True|False, 'sharedMemorySize': 123, 'tmpfs': [ { 'containerPath': 'string', 'size': 123, 'mountOptions': [ 'string', ] }, ], 'maxSwap': 123, 'swappiness': 123 }, 'logConfiguration': { 'logDriver': 'json-file'|'syslog'|'journald'|'gelf'|'fluentd'|'awslogs'|'splunk', 'options': { 'string': 'string' }, 'secretOptions': [ { 'name': 'string', 'valueFrom': 'string' }, ] }, 'secrets': [ { 'name': 'string', 'valueFrom': 'string' }, ], 'networkConfiguration': { 'assignPublicIp': 'ENABLED'|'DISABLED' }, 'fargatePlatformConfiguration': { 'platformVersion': 'string' } }, 'nodeDetails': { 'nodeIndex': 123, 'isMainNode': True|False }, 'nodeProperties': { 'numNodes': 123, 'mainNode': 123, 'nodeRangeProperties': [ { 'targetNodes': 'string', 'container': { 'image': 'string', 'vcpus': 123, 'memory': 123, 'command': [ 'string', ], 'jobRoleArn': 'string', 'executionRoleArn': 'string', 'volumes': [ { 'host': { 'sourcePath': 'string' }, 'name': 'string', 'efsVolumeConfiguration': { 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED'|'DISABLED', 'transitEncryptionPort': 123, 'authorizationConfig': { 'accessPointId': 'string', 'iam': 'ENABLED'|'DISABLED' } } }, ], 'environment': [ { 'name': 'string', 'value': 'string' }, ], 'mountPoints': [ { 'containerPath': 'string', 'readOnly': True|False, 'sourceVolume': 'string' }, ], 'readonlyRootFilesystem': True|False, 'privileged': True|False, 'ulimits': [ { 'hardLimit': 123, 'name': 'string', 'softLimit': 123 }, ], 'user': 'string', 'instanceType': 'string', 'resourceRequirements': [ { 'value': 'string', 'type': 'GPU'|'VCPU'|'MEMORY' }, ], 'linuxParameters': { 'devices': [ { 'hostPath': 'string', 'containerPath': 'string', 'permissions': [ 'READ'|'WRITE'|'MKNOD', ] }, ], 'initProcessEnabled': True|False, 'sharedMemorySize': 123, 'tmpfs': [ { 'containerPath': 'string', 'size': 123, 'mountOptions': [ 'string', ] }, ], 'maxSwap': 123, 'swappiness': 123 }, 'logConfiguration': { 'logDriver': 'json-file'|'syslog'|'journald'|'gelf'|'fluentd'|'awslogs'|'splunk', 'options': { 'string': 'string' }, 'secretOptions': [ { 'name': 'string', 'valueFrom': 'string' }, ] }, 'secrets': [ { 'name': 'string', 'valueFrom': 'string' }, ], 'networkConfiguration': { 'assignPublicIp': 'ENABLED'|'DISABLED' }, 'fargatePlatformConfiguration': { 'platformVersion': 'string' } } }, ] }, 'arrayProperties': { 'statusSummary': { 'string': 123 }, 'size': 123, 'index': 123 }, 'timeout': { 'attemptDurationSeconds': 123 }, 'tags': { 'string': 'string' }, 'propagateTags': True|False, 'platformCapabilities': [ 'EC2'|'FARGATE', ] }, ] }
Response Structure
(dict) --
jobs (list) --
The list of jobs.
(dict) --
An object representing an AWS Batch job.
jobArn (string) --
The Amazon Resource Name (ARN) of the job.
jobName (string) --
The name of the job.
jobId (string) --
The ID for the job.
jobQueue (string) --
The Amazon Resource Name (ARN) of the job queue that the job is associated with.
status (string) --
The current status for the job.
Note
If your jobs don't progress to STARTING , see Jobs Stuck in RUNNABLE Status in the troubleshooting section of the AWS Batch User Guide .
attempts (list) --
A list of job attempts associated with this job.
(dict) --
An object representing a job attempt.
container (dict) --
Details about the container in this job attempt.
containerInstanceArn (string) --
The Amazon Resource Name (ARN) of the Amazon ECS container instance that hosts the job attempt.
taskArn (string) --
The Amazon Resource Name (ARN) of the Amazon ECS task that's associated with the job attempt. Each container attempt receives a task ARN when they reach the STARTING status.
exitCode (integer) --
The exit code for the job attempt. A non-zero exit code is considered a failure.
reason (string) --
A short (255 max characters) human-readable string to provide additional details about a running or stopped container.
logStreamName (string) --
The name of the CloudWatch Logs log stream associated with the container. The log group for AWS Batch jobs is /aws/batch/job . Each container attempt receives a log stream name when they reach the RUNNING status.
networkInterfaces (list) --
The network interfaces associated with the job attempt.
(dict) --
An object representing the elastic network interface for a multi-node parallel job node.
attachmentId (string) --
The attachment ID for the network interface.
ipv6Address (string) --
The private IPv6 address for the network interface.
privateIpv4Address (string) --
The private IPv4 address for the network interface.
startedAt (integer) --
The Unix timestamp (in milliseconds) for when the attempt was started (when the attempt transitioned from the STARTING state to the RUNNING state).
stoppedAt (integer) --
The Unix timestamp (in milliseconds) for when the attempt was stopped (when the attempt transitioned from the RUNNING state to a terminal state, such as SUCCEEDED or FAILED ).
statusReason (string) --
A short, human-readable string to provide additional details about the current status of the job attempt.
statusReason (string) --
A short, human-readable string to provide additional details about the current status of the job.
createdAt (integer) --
The Unix timestamp (in milliseconds) for when the job was created. For non-array jobs and parent array jobs, this is when the job entered the SUBMITTED state (at the time SubmitJob was called). For array child jobs, this is when the child job was spawned by its parent and entered the PENDING state.
retryStrategy (dict) --
The retry strategy to use for this job if an attempt fails.
attempts (integer) --
The number of times to move a job to the RUNNABLE status. You can specify between 1 and 10 attempts. If the value of attempts is greater than one, the job is retried on failure the same number of attempts as the value.
evaluateOnExit (list) --
Array of up to 5 objects that specify conditions under which the job should be retried or failed. If this parameter is specified, then the attempts parameter must also be specified.
(dict) --
Specifies a set of conditions to be met, and an action to take (RETRY or EXIT ) if all conditions are met.
onStatusReason (string) --
Contains a glob pattern to match against the StatusReason returned for a job. The pattern can be up to 512 characters long, and can contain letters, numbers, periods (.), colons (:), and white space (including spaces or tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
onReason (string) --
Contains a glob pattern to match against the Reason returned for a job. The pattern can be up to 512 characters long, and can contain letters, numbers, periods (.), colons (:), and white space (including spaces and tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
onExitCode (string) --
Contains a glob pattern to match against the decimal representation of the ExitCode returned for a job. The pattern can be up to 512 characters long, can contain only numbers, and can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
action (string) --
Specifies the action to take if all of the specified conditions (onStatusReason , onReason , and onExitCode ) are met. The values aren't case sensitive.
startedAt (integer) --
The Unix timestamp (in milliseconds) for when the job was started (when the job transitioned from the STARTING state to the RUNNING state). This parameter isn't provided for child jobs of array jobs or multi-node parallel jobs.
stoppedAt (integer) --
The Unix timestamp (in milliseconds) for when the job was stopped (when the job transitioned from the RUNNING state to a terminal state, such as SUCCEEDED or FAILED ).
dependsOn (list) --
A list of job IDs that this job depends on.
(dict) --
An object representing an AWS Batch job dependency.
jobId (string) --
The job ID of the AWS Batch job associated with this dependency.
type (string) --
The type of the job dependency.
jobDefinition (string) --
The job definition that's used by this job.
parameters (dict) --
Additional parameters passed to the job that replace parameter substitution placeholders or override any corresponding parameter defaults from the job definition.
(string) --
(string) --
container (dict) --
An object representing the details of the container that's associated with the job.
image (string) --
The image used to start the container.
vcpus (integer) --
The number of vCPUs reserved for the container. For jobs that run on EC2 resources, you can specify the vCPU requirement for the job using resourceRequirements , but you can't specify the vCPU requirements in both the vcpus and resourceRequirement object. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . Each vCPU is equivalent to 1,024 CPU shares. You must specify at least one vCPU. This is required but can be specified in several places. It must be specified for each node at least once.
Note
This parameter isn't applicable to jobs that run on Fargate resources. For jobs that run on Fargate resources, you must specify the vCPU requirement for the job using resourceRequirements .
memory (integer) --
For jobs run on EC2 resources that didn't specify memory requirements using ResourceRequirement , the number of MiB of memory reserved for the job. For other jobs, including all run on Fargate resources, see resourceRequirements .
command (list) --
The command that's passed to the container.
(string) --
jobRoleArn (string) --
The Amazon Resource Name (ARN) associated with the job upon execution.
executionRoleArn (string) --
The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For more information, see AWS Batch execution IAM role in the AWS Batch User Guide .
volumes (list) --
A list of volumes associated with the job.
(dict) --
A data volume used in a job's container properties.
host (dict) --
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers associated with it stop running.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
sourcePath (string) --
The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
Note
This parameter isn't applicable to jobs that run on Fargate resources and shouldn't be provided.
name (string) --
The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints .
efsVolumeConfiguration (dict) --
This parameter is specified when you are using an Amazon Elastic File System file system for job storage. Jobs running on Fargate resources must specify a platformVersion of at least 1.4.0 .
fileSystemId (string) --
The Amazon EFS file system ID to use.
rootDirectory (string) --
The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying / will have the same effect as omitting this parameter.
Warning
If an EFS access point is specified in the authorizationConfig , the root directory parameter must either be omitted or set to / which will enforce the path set on the Amazon EFS access point.
transitEncryption (string) --
Whether or not to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide .
transitEncryptionPort (integer) --
The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see EFS Mount Helper in the Amazon Elastic File System User Guide .
authorizationConfig (dict) --
The authorization configuration details for the Amazon EFS file system.
accessPointId (string) --
The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration . For more information, see Working with Amazon EFS Access Points in the Amazon Elastic File System User Guide .
iam (string) --
Whether or not to use the AWS Batch execution IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration . If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS Access Points in the AWS Batch User Guide . EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
environment (list) --
The environment variables to pass to a container.
Note
Environment variables must not start with AWS_BATCH ; this naming convention is reserved for variables that are set by the AWS Batch service.
(dict) --
A key-value pair object.
name (string) --
The name of the key-value pair. For environment variables, this is the name of the environment variable.
value (string) --
The value of the key-value pair. For environment variables, this is the value of the environment variable.
mountPoints (list) --
The mount points for data volumes in your container.
(dict) --
Details on a Docker volume mount point that's used in a job's container properties. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
containerPath (string) --
The path on the container where the host volume is mounted.
readOnly (boolean) --
If this value is true , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false .
sourceVolume (string) --
The name of the volume to mount.
readonlyRootFilesystem (boolean) --
When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to ` docker run https://docs.docker.com/engine/reference/commandline/run/`__ .
ulimits (list) --
A list of ulimit values to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources.
(dict) --
The ulimit settings to pass to the container.
Note
This object isn't applicable to jobs running on Fargate resources.
hardLimit (integer) --
The hard limit for the ulimit type.
name (string) --
The type of the ulimit .
softLimit (integer) --
The soft limit for the ulimit type.
privileged (boolean) --
When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user). The default value is false.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided, or specified as false.
user (string) --
The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run .
exitCode (integer) --
The exit code to return upon completion.
reason (string) --
A short (255 max characters) human-readable string to provide additional details about a running or stopped container.
containerInstanceArn (string) --
The Amazon Resource Name (ARN) of the container instance that the container is running on.
taskArn (string) --
The Amazon Resource Name (ARN) of the Amazon ECS task that's associated with the container job. Each container attempt receives a task ARN when they reach the STARTING status.
logStreamName (string) --
The name of the CloudWatch Logs log stream associated with the container. The log group for AWS Batch jobs is /aws/batch/job . Each container attempt receives a log stream name when they reach the RUNNING status.
instanceType (string) --
The instance type of the underlying host infrastructure of a multi-node parallel job.
Note
This parameter isn't applicable to jobs running on Fargate resources.
networkInterfaces (list) --
The network interfaces associated with the job.
(dict) --
An object representing the elastic network interface for a multi-node parallel job node.
attachmentId (string) --
The attachment ID for the network interface.
ipv6Address (string) --
The private IPv6 address for the network interface.
privateIpv4Address (string) --
The private IPv4 address for the network interface.
resourceRequirements (list) --
The type and amount of resources to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
(dict) --
The type and amount of a resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
value (string) --
The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
type="GPU"
The number of physical GPUs to reserve for the container. The number of GPUs reserved for all containers in a job shouldn't exceed the number of available GPUs on the compute resource that the job is launched on.
Note
GPUs are not available for jobs running on Fargate resources.
type="MEMORY"
The memory hard limit (in MiB) present to the container. This parameter is supported for jobs running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
For jobs running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
value = 512
VCPU = 0.25
value = 1024
VCPU = 0.25 or 0.5
value = 2048
VCPU = 0.25, 0.5, or 1
value = 3072
VCPU = 0.5, or 1
value = 4096
VCPU = 0.5, 1, or 2
value = 5120, 6144, or 7168
VCPU = 1 or 2
value = 8192
VCPU = 1, 2, or 4
value = 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
VCPU = 2 or 4
value = 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
VCPU = 4
type="VCPU"
The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.
For jobs running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, and 4
value = 0.25
MEMORY = 512, 1024, or 2048
value = 0.5
MEMORY = 1024, 2048, 3072, or 4096
value = 1
MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
value = 2
MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
value = 4
MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
type (string) --
The type of resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
linuxParameters (dict) --
Linux-specific modifications that are applied to the container, such as details for device mappings.
devices (list) --
Any host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the --device option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
An object representing a container instance host device.
Note
This object isn't applicable to jobs running on Fargate resources and shouldn't be provided.
hostPath (string) --
The path for the device on the host container instance.
containerPath (string) --
The path inside the container used to expose the host device. By default, the hostPath value is used.
permissions (list) --
The explicit permissions to provide to the container for the device. By default, the container has permissions for read , write , and mknod for the device.
(string) --
initProcessEnabled (boolean) --
If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
sharedMemorySize (integer) --
The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the --shm-size option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
tmpfs (list) --
The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The container path, mount options, and size of the tmpfs mount.
Note
This object isn't applicable to jobs running on Fargate resources.
containerPath (string) --
The absolute file path in the container where the tmpfs volume is mounted.
size (integer) --
The size (in MiB) of the tmpfs volume.
mountOptions (list) --
The list of tmpfs volume mount options.
Valid values: "defaults " | "ro " | "rw " | "suid " | "nosuid " | "dev " | "nodev " | "exec " | "noexec " | "sync " | "async " | "dirsync " | "remount " | "mand " | "nomand " | "atime " | "noatime " | "diratime " | "nodiratime " | "bind " | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime " | "norelatime " | "strictatime " | "nostrictatime " | "mode " | "uid " | "gid " | "nr_inodes " | "nr_blocks " | "mpol "
(string) --
maxSwap (integer) --
The total amount of swap memory (in MiB) a container can use. This parameter is translated to the --memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see ` --memory-swap details <https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details>`__ in the Docker documentation.
If a maxSwap value of 0 is specified, the container doesn't use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn't use the swap configuration for the container instance it is running on. A maxSwap value must be set for the swappiness parameter to be used.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
swappiness (integer) --
This allows you to tune a container's memory swappiness behavior. A swappiness value of 0 causes swapping not to happen unless absolutely necessary. A swappiness value of 100 causes pages to be swapped very aggressively. Accepted values are whole numbers between 0 and 100 . If the swappiness parameter isn't specified, a default value of 60 is used. If a value isn't specified for maxSwap then this parameter is ignored. If maxSwap is set to 0, the container doesn't use swap. This parameter maps to the --memory-swappiness option to docker run .
Consider the following when you use a per-container swap configuration.
Swap space must be enabled and allocated on the container instance for the containers to use.
Note
The Amazon ECS optimized AMIs don't have swap enabled by default. You must enable swap on the instance to use this feature. For more information, see Instance Store Swap Volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
The swap space parameters are only supported for job definitions using EC2 resources.
If the maxSwap and swappiness parameters are omitted from a job definition, each container will have a default swappiness value of 60, and the total swap usage will be limited to two times the memory reservation of the container.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
logConfiguration (dict) --
The log configuration specification for the container.
This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the --log-driver option to docker run . By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance. Or, alternatively, it must be configured on a different log server for remote logging options. For more information on the options for different supported log drivers, see Configure logging drivers in the Docker documentation.
Note
AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type). Additional log drivers might be available in future releases of the Amazon ECS container agent.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
Note
The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS Container Agent Configuration in the Amazon Elastic Container Service Developer Guide .
logDriver (string) --
The log driver to use for the container. The valid values listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default.
The supported log drivers are awslogs , fluentd , gelf , json-file , journald , logentries , syslog , and splunk .
Note
Jobs running on Fargate resources are restricted to the awslogs and splunk log drivers.
awslogs
Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs Log Driver in the AWS Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
fluentd
Specifies the Fluentd logging driver. For more information, including usage and options, see Fluentd logging driver in the Docker documentation.
gelf
Specifies the Graylog Extended Format (GELF) logging driver. For more information, including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
journald
Specifies the journald logging driver. For more information, including usage and options, see Journald logging driver in the Docker documentation.
json-file
Specifies the JSON file logging driver. For more information, including usage and options, see JSON File logging driver in the Docker documentation.
splunk
Specifies the Splunk logging driver. For more information, including usage and options, see Splunk logging driver in the Docker documentation.
syslog
Specifies the syslog logging driver. For more information, including usage and options, see Syslog logging driver in the Docker documentation.
Note
If you have a custom driver that's not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that's available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn't currently support running modified copies of this software.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
options (dict) --
The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
(string) --
(string) --
secretOptions (list) --
The secrets to pass to the log configuration. For more information, see Specifying Sensitive Data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) --
The name of the secret.
valueFrom (string) --
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
secrets (list) --
The secrets to pass to the container. For more information, see Specifying sensitive data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) --
The name of the secret.
valueFrom (string) --
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
networkConfiguration (dict) --
The network configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
assignPublicIp (string) --
Indicates whether the job should have a public IP address. For a job running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, in order to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking . The default value is "DISABLED".
fargatePlatformConfiguration (dict) --
The platform configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
platformVersion (string) --
The AWS Fargate platform version where the jobs are running. A platform version is specified only for jobs running on Fargate resources. If one isn't specified, the LATEST platform version is used by default. This uses a recent, approved version of the AWS Fargate platform for compute resources. For more information, see AWS Fargate platform versions in the Amazon Elastic Container Service Developer Guide .
nodeDetails (dict) --
An object representing the details of a node that's associated with a multi-node parallel job.
nodeIndex (integer) --
The node index for the node. Node index numbering begins at zero. This index is also available on the node with the AWS_BATCH_JOB_NODE_INDEX environment variable.
isMainNode (boolean) --
Specifies whether the current node is the main node for a multi-node parallel job.
nodeProperties (dict) --
An object representing the node properties of a multi-node parallel job.
Note
This isn't applicable to jobs running on Fargate resources.
numNodes (integer) --
The number of nodes associated with a multi-node parallel job.
mainNode (integer) --
Specifies the node index for the main node of a multi-node parallel job. This node index value must be fewer than the number of nodes.
nodeRangeProperties (list) --
A list of node ranges and their properties associated with a multi-node parallel job.
(dict) --
An object representing the properties of the node range for a multi-node parallel job.
targetNodes (string) --
The range of nodes, using node index values. A range of 0:3 indicates nodes with index values of 0 through 3 . If the starting range value is omitted (:n ), then 0 is used to start the range. If the ending range value is omitted (n: ), then the highest possible node index is used to end the range. Your accumulative node ranges must account for all nodes (0:n ). You can nest node ranges, for example 0:10 and 4:5 , in which case the 4:5 range properties override the 0:10 properties.
container (dict) --
The container details for the node range.
image (string) --
The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image :tag `` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run .
Note
Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources.
Images in Amazon ECR repositories use the full registry and repository URI (for example, 012345678910.dkr.ecr.<region-name>.amazonaws.com/<repository-name> ).
Images in official repositories on Docker Hub use a single name (for example, ubuntu or mongo ).
Images in other repositories on Docker Hub are qualified with an organization name (for example, amazon/amazon-ecs-agent ).
Images in other online repositories are qualified further by a domain name (for example, quay.io/assemblyline/ubuntu ).
vcpus (integer) --
The number of vCPUs reserved for the job. Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . The number of vCPUs must be specified but can be be specified in several places. You must specify it at least once for each node.
This parameter is supported on EC2 resources but isn't supported for jobs that run on Fargate resources. For these resources, use resourceRequirement instead. You can use this parameter or resourceRequirements structure but not both.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided. For jobs that run on Fargate resources, you must specify the vCPU requirement for the job using resourceRequirements .
memory (integer) --
This parameter indicates the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it is terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.
This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
This parameter is supported on EC2 resources but isn't supported on Fargate resources. For Fargate resources, you should specify the memory requirement using resourceRequirement . You can do this for EC2 resources.
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
command (list) --
The command that's passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run . For more information, see https://docs.docker.com/engine/reference/builder/#cmd .
(string) --
jobRoleArn (string) --
The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see IAM Roles for Tasks in the Amazon Elastic Container Service Developer Guide .
executionRoleArn (string) --
The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see AWS Batch execution IAM role in the AWS Batch User Guide .
volumes (list) --
A list of data volumes used in a job.
(dict) --
A data volume used in a job's container properties.
host (dict) --
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers associated with it stop running.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
sourcePath (string) --
The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
Note
This parameter isn't applicable to jobs that run on Fargate resources and shouldn't be provided.
name (string) --
The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints .
efsVolumeConfiguration (dict) --
This parameter is specified when you are using an Amazon Elastic File System file system for job storage. Jobs running on Fargate resources must specify a platformVersion of at least 1.4.0 .
fileSystemId (string) --
The Amazon EFS file system ID to use.
rootDirectory (string) --
The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying / will have the same effect as omitting this parameter.
Warning
If an EFS access point is specified in the authorizationConfig , the root directory parameter must either be omitted or set to / which will enforce the path set on the Amazon EFS access point.
transitEncryption (string) --
Whether or not to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide .
transitEncryptionPort (integer) --
The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see EFS Mount Helper in the Amazon Elastic File System User Guide .
authorizationConfig (dict) --
The authorization configuration details for the Amazon EFS file system.
accessPointId (string) --
The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration . For more information, see Working with Amazon EFS Access Points in the Amazon Elastic File System User Guide .
iam (string) --
Whether or not to use the AWS Batch execution IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration . If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS Access Points in the AWS Batch User Guide . EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
environment (list) --
The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run .
Warning
We don't recommend using plaintext environment variables for sensitive information, such as credential data.
Note
Environment variables must not start with AWS_BATCH ; this naming convention is reserved for variables that are set by the AWS Batch service.
(dict) --
A key-value pair object.
name (string) --
The name of the key-value pair. For environment variables, this is the name of the environment variable.
value (string) --
The value of the key-value pair. For environment variables, this is the value of the environment variable.
mountPoints (list) --
The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run .
(dict) --
Details on a Docker volume mount point that's used in a job's container properties. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
containerPath (string) --
The path on the container where the host volume is mounted.
readOnly (boolean) --
If this value is true , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false .
sourceVolume (string) --
The name of the volume to mount.
readonlyRootFilesystem (boolean) --
When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run .
privileged (boolean) --
When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run . The default value is false.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided, or specified as false.
ulimits (list) --
A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The ulimit settings to pass to the container.
Note
This object isn't applicable to jobs running on Fargate resources.
hardLimit (integer) --
The hard limit for the ulimit type.
name (string) --
The type of the ulimit .
softLimit (integer) --
The soft limit for the ulimit type.
user (string) --
The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run .
instanceType (string) --
The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.
Note
This parameter isn't applicable to single-node container jobs or for jobs that run on Fargate resources and shouldn't be provided.
resourceRequirements (list) --
The type and amount of resources to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
(dict) --
The type and amount of a resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
value (string) --
The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
type="GPU"
The number of physical GPUs to reserve for the container. The number of GPUs reserved for all containers in a job shouldn't exceed the number of available GPUs on the compute resource that the job is launched on.
Note
GPUs are not available for jobs running on Fargate resources.
type="MEMORY"
The memory hard limit (in MiB) present to the container. This parameter is supported for jobs running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
For jobs running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
value = 512
VCPU = 0.25
value = 1024
VCPU = 0.25 or 0.5
value = 2048
VCPU = 0.25, 0.5, or 1
value = 3072
VCPU = 0.5, or 1
value = 4096
VCPU = 0.5, 1, or 2
value = 5120, 6144, or 7168
VCPU = 1 or 2
value = 8192
VCPU = 1, 2, or 4
value = 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
VCPU = 2 or 4
value = 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
VCPU = 4
type="VCPU"
The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.
For jobs running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, and 4
value = 0.25
MEMORY = 512, 1024, or 2048
value = 0.5
MEMORY = 1024, 2048, 3072, or 4096
value = 1
MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
value = 2
MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
value = 4
MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
type (string) --
The type of resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
linuxParameters (dict) --
Linux-specific modifications that are applied to the container, such as details for device mappings.
devices (list) --
Any host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the --device option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
An object representing a container instance host device.
Note
This object isn't applicable to jobs running on Fargate resources and shouldn't be provided.
hostPath (string) --
The path for the device on the host container instance.
containerPath (string) --
The path inside the container used to expose the host device. By default, the hostPath value is used.
permissions (list) --
The explicit permissions to provide to the container for the device. By default, the container has permissions for read , write , and mknod for the device.
(string) --
initProcessEnabled (boolean) --
If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
sharedMemorySize (integer) --
The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the --shm-size option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
tmpfs (list) --
The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The container path, mount options, and size of the tmpfs mount.
Note
This object isn't applicable to jobs running on Fargate resources.
containerPath (string) --
The absolute file path in the container where the tmpfs volume is mounted.
size (integer) --
The size (in MiB) of the tmpfs volume.
mountOptions (list) --
The list of tmpfs volume mount options.
Valid values: "defaults " | "ro " | "rw " | "suid " | "nosuid " | "dev " | "nodev " | "exec " | "noexec " | "sync " | "async " | "dirsync " | "remount " | "mand " | "nomand " | "atime " | "noatime " | "diratime " | "nodiratime " | "bind " | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime " | "norelatime " | "strictatime " | "nostrictatime " | "mode " | "uid " | "gid " | "nr_inodes " | "nr_blocks " | "mpol "
(string) --
maxSwap (integer) --
The total amount of swap memory (in MiB) a container can use. This parameter is translated to the --memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see ` --memory-swap details <https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details>`__ in the Docker documentation.
If a maxSwap value of 0 is specified, the container doesn't use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn't use the swap configuration for the container instance it is running on. A maxSwap value must be set for the swappiness parameter to be used.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
swappiness (integer) --
This allows you to tune a container's memory swappiness behavior. A swappiness value of 0 causes swapping not to happen unless absolutely necessary. A swappiness value of 100 causes pages to be swapped very aggressively. Accepted values are whole numbers between 0 and 100 . If the swappiness parameter isn't specified, a default value of 60 is used. If a value isn't specified for maxSwap then this parameter is ignored. If maxSwap is set to 0, the container doesn't use swap. This parameter maps to the --memory-swappiness option to docker run .
Consider the following when you use a per-container swap configuration.
Swap space must be enabled and allocated on the container instance for the containers to use.
Note
The Amazon ECS optimized AMIs don't have swap enabled by default. You must enable swap on the instance to use this feature. For more information, see Instance Store Swap Volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
The swap space parameters are only supported for job definitions using EC2 resources.
If the maxSwap and swappiness parameters are omitted from a job definition, each container will have a default swappiness value of 60, and the total swap usage will be limited to two times the memory reservation of the container.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
logConfiguration (dict) --
The log configuration specification for the container.
This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the --log-driver option to docker run . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers in the Docker documentation.
Note
AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type).
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
Note
The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS Container Agent Configuration in the Amazon Elastic Container Service Developer Guide .
logDriver (string) --
The log driver to use for the container. The valid values listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default.
The supported log drivers are awslogs , fluentd , gelf , json-file , journald , logentries , syslog , and splunk .
Note
Jobs running on Fargate resources are restricted to the awslogs and splunk log drivers.
awslogs
Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs Log Driver in the AWS Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
fluentd
Specifies the Fluentd logging driver. For more information, including usage and options, see Fluentd logging driver in the Docker documentation.
gelf
Specifies the Graylog Extended Format (GELF) logging driver. For more information, including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
journald
Specifies the journald logging driver. For more information, including usage and options, see Journald logging driver in the Docker documentation.
json-file
Specifies the JSON file logging driver. For more information, including usage and options, see JSON File logging driver in the Docker documentation.
splunk
Specifies the Splunk logging driver. For more information, including usage and options, see Splunk logging driver in the Docker documentation.
syslog
Specifies the syslog logging driver. For more information, including usage and options, see Syslog logging driver in the Docker documentation.
Note
If you have a custom driver that's not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that's available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn't currently support running modified copies of this software.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
options (dict) --
The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
(string) --
(string) --
secretOptions (list) --
The secrets to pass to the log configuration. For more information, see Specifying Sensitive Data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) --
The name of the secret.
valueFrom (string) --
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
secrets (list) --
The secrets for the container. For more information, see Specifying sensitive data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) --
The name of the secret.
valueFrom (string) --
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
networkConfiguration (dict) --
The network configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
assignPublicIp (string) --
Indicates whether the job should have a public IP address. For a job running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, in order to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking . The default value is "DISABLED".
fargatePlatformConfiguration (dict) --
The platform configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
platformVersion (string) --
The AWS Fargate platform version where the jobs are running. A platform version is specified only for jobs running on Fargate resources. If one isn't specified, the LATEST platform version is used by default. This uses a recent, approved version of the AWS Fargate platform for compute resources. For more information, see AWS Fargate platform versions in the Amazon Elastic Container Service Developer Guide .
arrayProperties (dict) --
The array properties of the job, if it is an array job.
statusSummary (dict) --
A summary of the number of array job children in each available job status. This parameter is returned for parent array jobs.
(string) --
(integer) --
size (integer) --
The size of the array job. This parameter is returned for parent array jobs.
index (integer) --
The job index within the array that's associated with this job. This parameter is returned for array job children.
timeout (dict) --
The timeout configuration for the job.
attemptDurationSeconds (integer) --
The time duration in seconds (measured from the job attempt's startedAt timestamp) after which AWS Batch terminates your jobs if they have not finished. The minimum value for the timeout is 60 seconds.
tags (dict) --
The tags applied to the job.
(string) --
(string) --
propagateTags (boolean) --
Specifies whether to propagate the tags from the job or job definition to the corresponding Amazon ECS task. If no value is specified, the tags aren't propagated. Tags can only be propagated to the tasks during task creation. For tags with the same name, job tags are given priority over job definitions tags. If the total number of combined tags from the job and job definition is over 50, the job is moved to the FAILED state.
platformCapabilities (list) --
The platform capabilities required by the job definition. If no value is specified, it defaults to EC2 . Jobs run on Fargate resources specify FARGATE .
(string) --
{'containerProperties': {'volumes': {'efsVolumeConfiguration': {'authorizationConfig': {'accessPointId': 'string', 'iam': 'ENABLED ' '| ' 'DISABLED'}, 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED ' '| ' 'DISABLED', 'transitEncryptionPort': 'integer'}}}, 'nodeProperties': {'nodeRangeProperties': {'container': {'volumes': {'efsVolumeConfiguration': {'authorizationConfig': {'accessPointId': 'string', 'iam': 'ENABLED ' '| ' 'DISABLED'}, 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED ' '| ' 'DISABLED', 'transitEncryptionPort': 'integer'}}}}}}
Registers an AWS Batch job definition.
See also: AWS API Documentation
Request Syntax
client.register_job_definition( jobDefinitionName='string', type='container'|'multinode', parameters={ 'string': 'string' }, containerProperties={ 'image': 'string', 'vcpus': 123, 'memory': 123, 'command': [ 'string', ], 'jobRoleArn': 'string', 'executionRoleArn': 'string', 'volumes': [ { 'host': { 'sourcePath': 'string' }, 'name': 'string', 'efsVolumeConfiguration': { 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED'|'DISABLED', 'transitEncryptionPort': 123, 'authorizationConfig': { 'accessPointId': 'string', 'iam': 'ENABLED'|'DISABLED' } } }, ], 'environment': [ { 'name': 'string', 'value': 'string' }, ], 'mountPoints': [ { 'containerPath': 'string', 'readOnly': True|False, 'sourceVolume': 'string' }, ], 'readonlyRootFilesystem': True|False, 'privileged': True|False, 'ulimits': [ { 'hardLimit': 123, 'name': 'string', 'softLimit': 123 }, ], 'user': 'string', 'instanceType': 'string', 'resourceRequirements': [ { 'value': 'string', 'type': 'GPU'|'VCPU'|'MEMORY' }, ], 'linuxParameters': { 'devices': [ { 'hostPath': 'string', 'containerPath': 'string', 'permissions': [ 'READ'|'WRITE'|'MKNOD', ] }, ], 'initProcessEnabled': True|False, 'sharedMemorySize': 123, 'tmpfs': [ { 'containerPath': 'string', 'size': 123, 'mountOptions': [ 'string', ] }, ], 'maxSwap': 123, 'swappiness': 123 }, 'logConfiguration': { 'logDriver': 'json-file'|'syslog'|'journald'|'gelf'|'fluentd'|'awslogs'|'splunk', 'options': { 'string': 'string' }, 'secretOptions': [ { 'name': 'string', 'valueFrom': 'string' }, ] }, 'secrets': [ { 'name': 'string', 'valueFrom': 'string' }, ], 'networkConfiguration': { 'assignPublicIp': 'ENABLED'|'DISABLED' }, 'fargatePlatformConfiguration': { 'platformVersion': 'string' } }, nodeProperties={ 'numNodes': 123, 'mainNode': 123, 'nodeRangeProperties': [ { 'targetNodes': 'string', 'container': { 'image': 'string', 'vcpus': 123, 'memory': 123, 'command': [ 'string', ], 'jobRoleArn': 'string', 'executionRoleArn': 'string', 'volumes': [ { 'host': { 'sourcePath': 'string' }, 'name': 'string', 'efsVolumeConfiguration': { 'fileSystemId': 'string', 'rootDirectory': 'string', 'transitEncryption': 'ENABLED'|'DISABLED', 'transitEncryptionPort': 123, 'authorizationConfig': { 'accessPointId': 'string', 'iam': 'ENABLED'|'DISABLED' } } }, ], 'environment': [ { 'name': 'string', 'value': 'string' }, ], 'mountPoints': [ { 'containerPath': 'string', 'readOnly': True|False, 'sourceVolume': 'string' }, ], 'readonlyRootFilesystem': True|False, 'privileged': True|False, 'ulimits': [ { 'hardLimit': 123, 'name': 'string', 'softLimit': 123 }, ], 'user': 'string', 'instanceType': 'string', 'resourceRequirements': [ { 'value': 'string', 'type': 'GPU'|'VCPU'|'MEMORY' }, ], 'linuxParameters': { 'devices': [ { 'hostPath': 'string', 'containerPath': 'string', 'permissions': [ 'READ'|'WRITE'|'MKNOD', ] }, ], 'initProcessEnabled': True|False, 'sharedMemorySize': 123, 'tmpfs': [ { 'containerPath': 'string', 'size': 123, 'mountOptions': [ 'string', ] }, ], 'maxSwap': 123, 'swappiness': 123 }, 'logConfiguration': { 'logDriver': 'json-file'|'syslog'|'journald'|'gelf'|'fluentd'|'awslogs'|'splunk', 'options': { 'string': 'string' }, 'secretOptions': [ { 'name': 'string', 'valueFrom': 'string' }, ] }, 'secrets': [ { 'name': 'string', 'valueFrom': 'string' }, ], 'networkConfiguration': { 'assignPublicIp': 'ENABLED'|'DISABLED' }, 'fargatePlatformConfiguration': { 'platformVersion': 'string' } } }, ] }, retryStrategy={ 'attempts': 123, 'evaluateOnExit': [ { 'onStatusReason': 'string', 'onReason': 'string', 'onExitCode': 'string', 'action': 'RETRY'|'EXIT' }, ] }, propagateTags=True|False, timeout={ 'attemptDurationSeconds': 123 }, tags={ 'string': 'string' }, platformCapabilities=[ 'EC2'|'FARGATE', ] )
string
[REQUIRED]
The name of the job definition to register. Up to 128 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed.
string
[REQUIRED]
The type of job definition. For more information about multi-node parallel jobs, see Creating a multi-node parallel job definition in the AWS Batch User Guide .
Note
If the job is run on Fargate resources, then multinode isn't supported.
dict
Default parameter substitution placeholders to set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition.
(string) --
(string) --
dict
An object with various properties specific to single-node container-based jobs. If the job definition's type parameter is container , then you must specify either containerProperties or nodeProperties .
Note
If the job runs on Fargate resources, then you must not specify nodeProperties ; use only containerProperties .
image (string) --
The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image :tag `` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run .
Note
Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources.
Images in Amazon ECR repositories use the full registry and repository URI (for example, 012345678910.dkr.ecr.<region-name>.amazonaws.com/<repository-name> ).
Images in official repositories on Docker Hub use a single name (for example, ubuntu or mongo ).
Images in other repositories on Docker Hub are qualified with an organization name (for example, amazon/amazon-ecs-agent ).
Images in other online repositories are qualified further by a domain name (for example, quay.io/assemblyline/ubuntu ).
vcpus (integer) --
The number of vCPUs reserved for the job. Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . The number of vCPUs must be specified but can be be specified in several places. You must specify it at least once for each node.
This parameter is supported on EC2 resources but isn't supported for jobs that run on Fargate resources. For these resources, use resourceRequirement instead. You can use this parameter or resourceRequirements structure but not both.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided. For jobs that run on Fargate resources, you must specify the vCPU requirement for the job using resourceRequirements .
memory (integer) --
This parameter indicates the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it is terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.
This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
This parameter is supported on EC2 resources but isn't supported on Fargate resources. For Fargate resources, you should specify the memory requirement using resourceRequirement . You can do this for EC2 resources.
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
command (list) --
The command that's passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run . For more information, see https://docs.docker.com/engine/reference/builder/#cmd .
(string) --
jobRoleArn (string) --
The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see IAM Roles for Tasks in the Amazon Elastic Container Service Developer Guide .
executionRoleArn (string) --
The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see AWS Batch execution IAM role in the AWS Batch User Guide .
volumes (list) --
A list of data volumes used in a job.
(dict) --
A data volume used in a job's container properties.
host (dict) --
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers associated with it stop running.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
sourcePath (string) --
The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
Note
This parameter isn't applicable to jobs that run on Fargate resources and shouldn't be provided.
name (string) --
The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints .
efsVolumeConfiguration (dict) --
This parameter is specified when you are using an Amazon Elastic File System file system for job storage. Jobs running on Fargate resources must specify a platformVersion of at least 1.4.0 .
fileSystemId (string) -- [REQUIRED]
The Amazon EFS file system ID to use.
rootDirectory (string) --
The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying / will have the same effect as omitting this parameter.
Warning
If an EFS access point is specified in the authorizationConfig , the root directory parameter must either be omitted or set to / which will enforce the path set on the Amazon EFS access point.
transitEncryption (string) --
Whether or not to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide .
transitEncryptionPort (integer) --
The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see EFS Mount Helper in the Amazon Elastic File System User Guide .
authorizationConfig (dict) --
The authorization configuration details for the Amazon EFS file system.
accessPointId (string) --
The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration . For more information, see Working with Amazon EFS Access Points in the Amazon Elastic File System User Guide .
iam (string) --
Whether or not to use the AWS Batch execution IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration . If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS Access Points in the AWS Batch User Guide . EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
environment (list) --
The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run .
Warning
We don't recommend using plaintext environment variables for sensitive information, such as credential data.
Note
Environment variables must not start with AWS_BATCH ; this naming convention is reserved for variables that are set by the AWS Batch service.
(dict) --
A key-value pair object.
name (string) --
The name of the key-value pair. For environment variables, this is the name of the environment variable.
value (string) --
The value of the key-value pair. For environment variables, this is the value of the environment variable.
mountPoints (list) --
The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run .
(dict) --
Details on a Docker volume mount point that's used in a job's container properties. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
containerPath (string) --
The path on the container where the host volume is mounted.
readOnly (boolean) --
If this value is true , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false .
sourceVolume (string) --
The name of the volume to mount.
readonlyRootFilesystem (boolean) --
When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run .
privileged (boolean) --
When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run . The default value is false.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided, or specified as false.
ulimits (list) --
A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The ulimit settings to pass to the container.
Note
This object isn't applicable to jobs running on Fargate resources.
hardLimit (integer) -- [REQUIRED]
The hard limit for the ulimit type.
name (string) -- [REQUIRED]
The type of the ulimit .
softLimit (integer) -- [REQUIRED]
The soft limit for the ulimit type.
user (string) --
The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run .
instanceType (string) --
The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.
Note
This parameter isn't applicable to single-node container jobs or for jobs that run on Fargate resources and shouldn't be provided.
resourceRequirements (list) --
The type and amount of resources to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
(dict) --
The type and amount of a resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
value (string) -- [REQUIRED]
The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
type="GPU"
The number of physical GPUs to reserve for the container. The number of GPUs reserved for all containers in a job shouldn't exceed the number of available GPUs on the compute resource that the job is launched on.
Note
GPUs are not available for jobs running on Fargate resources.
type="MEMORY"
The memory hard limit (in MiB) present to the container. This parameter is supported for jobs running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
For jobs running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
value = 512
VCPU = 0.25
value = 1024
VCPU = 0.25 or 0.5
value = 2048
VCPU = 0.25, 0.5, or 1
value = 3072
VCPU = 0.5, or 1
value = 4096
VCPU = 0.5, 1, or 2
value = 5120, 6144, or 7168
VCPU = 1 or 2
value = 8192
VCPU = 1, 2, or 4
value = 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
VCPU = 2 or 4
value = 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
VCPU = 4
type="VCPU"
The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.
For jobs running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, and 4
value = 0.25
MEMORY = 512, 1024, or 2048
value = 0.5
MEMORY = 1024, 2048, 3072, or 4096
value = 1
MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
value = 2
MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
value = 4
MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
type (string) -- [REQUIRED]
The type of resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
linuxParameters (dict) --
Linux-specific modifications that are applied to the container, such as details for device mappings.
devices (list) --
Any host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the --device option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
An object representing a container instance host device.
Note
This object isn't applicable to jobs running on Fargate resources and shouldn't be provided.
hostPath (string) -- [REQUIRED]
The path for the device on the host container instance.
containerPath (string) --
The path inside the container used to expose the host device. By default, the hostPath value is used.
permissions (list) --
The explicit permissions to provide to the container for the device. By default, the container has permissions for read , write , and mknod for the device.
(string) --
initProcessEnabled (boolean) --
If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
sharedMemorySize (integer) --
The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the --shm-size option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
tmpfs (list) --
The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The container path, mount options, and size of the tmpfs mount.
Note
This object isn't applicable to jobs running on Fargate resources.
containerPath (string) -- [REQUIRED]
The absolute file path in the container where the tmpfs volume is mounted.
size (integer) -- [REQUIRED]
The size (in MiB) of the tmpfs volume.
mountOptions (list) --
The list of tmpfs volume mount options.
Valid values: "defaults " | "ro " | "rw " | "suid " | "nosuid " | "dev " | "nodev " | "exec " | "noexec " | "sync " | "async " | "dirsync " | "remount " | "mand " | "nomand " | "atime " | "noatime " | "diratime " | "nodiratime " | "bind " | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime " | "norelatime " | "strictatime " | "nostrictatime " | "mode " | "uid " | "gid " | "nr_inodes " | "nr_blocks " | "mpol "
(string) --
maxSwap (integer) --
The total amount of swap memory (in MiB) a container can use. This parameter is translated to the --memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see ` --memory-swap details <https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details>`__ in the Docker documentation.
If a maxSwap value of 0 is specified, the container doesn't use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn't use the swap configuration for the container instance it is running on. A maxSwap value must be set for the swappiness parameter to be used.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
swappiness (integer) --
This allows you to tune a container's memory swappiness behavior. A swappiness value of 0 causes swapping not to happen unless absolutely necessary. A swappiness value of 100 causes pages to be swapped very aggressively. Accepted values are whole numbers between 0 and 100 . If the swappiness parameter isn't specified, a default value of 60 is used. If a value isn't specified for maxSwap then this parameter is ignored. If maxSwap is set to 0, the container doesn't use swap. This parameter maps to the --memory-swappiness option to docker run .
Consider the following when you use a per-container swap configuration.
Swap space must be enabled and allocated on the container instance for the containers to use.
Note
The Amazon ECS optimized AMIs don't have swap enabled by default. You must enable swap on the instance to use this feature. For more information, see Instance Store Swap Volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
The swap space parameters are only supported for job definitions using EC2 resources.
If the maxSwap and swappiness parameters are omitted from a job definition, each container will have a default swappiness value of 60, and the total swap usage will be limited to two times the memory reservation of the container.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
logConfiguration (dict) --
The log configuration specification for the container.
This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the --log-driver option to docker run . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers in the Docker documentation.
Note
AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type).
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
Note
The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS Container Agent Configuration in the Amazon Elastic Container Service Developer Guide .
logDriver (string) -- [REQUIRED]
The log driver to use for the container. The valid values listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default.
The supported log drivers are awslogs , fluentd , gelf , json-file , journald , logentries , syslog , and splunk .
Note
Jobs running on Fargate resources are restricted to the awslogs and splunk log drivers.
awslogs
Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs Log Driver in the AWS Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
fluentd
Specifies the Fluentd logging driver. For more information, including usage and options, see Fluentd logging driver in the Docker documentation.
gelf
Specifies the Graylog Extended Format (GELF) logging driver. For more information, including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
journald
Specifies the journald logging driver. For more information, including usage and options, see Journald logging driver in the Docker documentation.
json-file
Specifies the JSON file logging driver. For more information, including usage and options, see JSON File logging driver in the Docker documentation.
splunk
Specifies the Splunk logging driver. For more information, including usage and options, see Splunk logging driver in the Docker documentation.
syslog
Specifies the syslog logging driver. For more information, including usage and options, see Syslog logging driver in the Docker documentation.
Note
If you have a custom driver that's not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that's available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn't currently support running modified copies of this software.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
options (dict) --
The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
(string) --
(string) --
secretOptions (list) --
The secrets to pass to the log configuration. For more information, see Specifying Sensitive Data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) -- [REQUIRED]
The name of the secret.
valueFrom (string) -- [REQUIRED]
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
secrets (list) --
The secrets for the container. For more information, see Specifying sensitive data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) -- [REQUIRED]
The name of the secret.
valueFrom (string) -- [REQUIRED]
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
networkConfiguration (dict) --
The network configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
assignPublicIp (string) --
Indicates whether the job should have a public IP address. For a job running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, in order to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking . The default value is "DISABLED".
fargatePlatformConfiguration (dict) --
The platform configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
platformVersion (string) --
The AWS Fargate platform version where the jobs are running. A platform version is specified only for jobs running on Fargate resources. If one isn't specified, the LATEST platform version is used by default. This uses a recent, approved version of the AWS Fargate platform for compute resources. For more information, see AWS Fargate platform versions in the Amazon Elastic Container Service Developer Guide .
dict
An object with various properties specific to multi-node parallel jobs. If you specify node properties for a job, it becomes a multi-node parallel job. For more information, see Multi-node Parallel Jobs in the AWS Batch User Guide . If the job definition's type parameter is container , then you must specify either containerProperties or nodeProperties .
Note
If the job runs on Fargate resources, then you must not specify nodeProperties ; use containerProperties instead.
numNodes (integer) -- [REQUIRED]
The number of nodes associated with a multi-node parallel job.
mainNode (integer) -- [REQUIRED]
Specifies the node index for the main node of a multi-node parallel job. This node index value must be fewer than the number of nodes.
nodeRangeProperties (list) -- [REQUIRED]
A list of node ranges and their properties associated with a multi-node parallel job.
(dict) --
An object representing the properties of the node range for a multi-node parallel job.
targetNodes (string) -- [REQUIRED]
The range of nodes, using node index values. A range of 0:3 indicates nodes with index values of 0 through 3 . If the starting range value is omitted (:n ), then 0 is used to start the range. If the ending range value is omitted (n: ), then the highest possible node index is used to end the range. Your accumulative node ranges must account for all nodes (0:n ). You can nest node ranges, for example 0:10 and 4:5 , in which case the 4:5 range properties override the 0:10 properties.
container (dict) --
The container details for the node range.
image (string) --
The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `` repository-url /image :tag `` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run .
Note
Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources.
Images in Amazon ECR repositories use the full registry and repository URI (for example, 012345678910.dkr.ecr.<region-name>.amazonaws.com/<repository-name> ).
Images in official repositories on Docker Hub use a single name (for example, ubuntu or mongo ).
Images in other repositories on Docker Hub are qualified with an organization name (for example, amazon/amazon-ecs-agent ).
Images in other online repositories are qualified further by a domain name (for example, quay.io/assemblyline/ubuntu ).
vcpus (integer) --
The number of vCPUs reserved for the job. Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . The number of vCPUs must be specified but can be be specified in several places. You must specify it at least once for each node.
This parameter is supported on EC2 resources but isn't supported for jobs that run on Fargate resources. For these resources, use resourceRequirement instead. You can use this parameter or resourceRequirements structure but not both.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided. For jobs that run on Fargate resources, you must specify the vCPU requirement for the job using resourceRequirements .
memory (integer) --
This parameter indicates the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it is terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.
This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
This parameter is supported on EC2 resources but isn't supported on Fargate resources. For Fargate resources, you should specify the memory requirement using resourceRequirement . You can do this for EC2 resources.
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
command (list) --
The command that's passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run . For more information, see https://docs.docker.com/engine/reference/builder/#cmd .
(string) --
jobRoleArn (string) --
The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see IAM Roles for Tasks in the Amazon Elastic Container Service Developer Guide .
executionRoleArn (string) --
The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see AWS Batch execution IAM role in the AWS Batch User Guide .
volumes (list) --
A list of data volumes used in a job.
(dict) --
A data volume used in a job's container properties.
host (dict) --
The contents of the host parameter determine whether your data volume persists on the host container instance and where it is stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers associated with it stop running.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
sourcePath (string) --
The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported.
Note
This parameter isn't applicable to jobs that run on Fargate resources and shouldn't be provided.
name (string) --
The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, hyphens, and underscores are allowed. This name is referenced in the sourceVolume parameter of container definition mountPoints .
efsVolumeConfiguration (dict) --
This parameter is specified when you are using an Amazon Elastic File System file system for job storage. Jobs running on Fargate resources must specify a platformVersion of at least 1.4.0 .
fileSystemId (string) -- [REQUIRED]
The Amazon EFS file system ID to use.
rootDirectory (string) --
The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying / will have the same effect as omitting this parameter.
Warning
If an EFS access point is specified in the authorizationConfig , the root directory parameter must either be omitted or set to / which will enforce the path set on the Amazon EFS access point.
transitEncryption (string) --
Whether or not to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide .
transitEncryptionPort (integer) --
The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see EFS Mount Helper in the Amazon Elastic File System User Guide .
authorizationConfig (dict) --
The authorization configuration details for the Amazon EFS file system.
accessPointId (string) --
The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration . For more information, see Working with Amazon EFS Access Points in the Amazon Elastic File System User Guide .
iam (string) --
Whether or not to use the AWS Batch execution IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration . If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS Access Points in the AWS Batch User Guide . EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
environment (list) --
The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run .
Warning
We don't recommend using plaintext environment variables for sensitive information, such as credential data.
Note
Environment variables must not start with AWS_BATCH ; this naming convention is reserved for variables that are set by the AWS Batch service.
(dict) --
A key-value pair object.
name (string) --
The name of the key-value pair. For environment variables, this is the name of the environment variable.
value (string) --
The value of the key-value pair. For environment variables, this is the value of the environment variable.
mountPoints (list) --
The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run .
(dict) --
Details on a Docker volume mount point that's used in a job's container properties. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run.
containerPath (string) --
The path on the container where the host volume is mounted.
readOnly (boolean) --
If this value is true , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false .
sourceVolume (string) --
The name of the volume to mount.
readonlyRootFilesystem (boolean) --
When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run .
privileged (boolean) --
When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run . The default value is false.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided, or specified as false.
ulimits (list) --
A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The ulimit settings to pass to the container.
Note
This object isn't applicable to jobs running on Fargate resources.
hardLimit (integer) -- [REQUIRED]
The hard limit for the ulimit type.
name (string) -- [REQUIRED]
The type of the ulimit .
softLimit (integer) -- [REQUIRED]
The soft limit for the ulimit type.
user (string) --
The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run .
instanceType (string) --
The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type.
Note
This parameter isn't applicable to single-node container jobs or for jobs that run on Fargate resources and shouldn't be provided.
resourceRequirements (list) --
The type and amount of resources to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
(dict) --
The type and amount of a resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
value (string) -- [REQUIRED]
The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
type="GPU"
The number of physical GPUs to reserve for the container. The number of GPUs reserved for all containers in a job shouldn't exceed the number of available GPUs on the compute resource that the job is launched on.
Note
GPUs are not available for jobs running on Fargate resources.
type="MEMORY"
The memory hard limit (in MiB) present to the container. This parameter is supported for jobs running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the --memory option to docker run .
Note
If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory Management in the AWS Batch User Guide .
For jobs running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
value = 512
VCPU = 0.25
value = 1024
VCPU = 0.25 or 0.5
value = 2048
VCPU = 0.25, 0.5, or 1
value = 3072
VCPU = 0.5, or 1
value = 4096
VCPU = 0.5, 1, or 2
value = 5120, 6144, or 7168
VCPU = 1 or 2
value = 8192
VCPU = 1, 2, or 4
value = 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
VCPU = 2 or 4
value = 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
VCPU = 4
type="VCPU"
The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once.
For jobs running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, and 4
value = 0.25
MEMORY = 512, 1024, or 2048
value = 0.5
MEMORY = 1024, 2048, 3072, or 4096
value = 1
MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
value = 2
MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
value = 4
MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
type (string) -- [REQUIRED]
The type of resource to assign to a container. The supported resources include GPU , MEMORY , and VCPU .
linuxParameters (dict) --
Linux-specific modifications that are applied to the container, such as details for device mappings.
devices (list) --
Any host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the --device option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
An object representing a container instance host device.
Note
This object isn't applicable to jobs running on Fargate resources and shouldn't be provided.
hostPath (string) -- [REQUIRED]
The path for the device on the host container instance.
containerPath (string) --
The path inside the container used to expose the host device. By default, the hostPath value is used.
permissions (list) --
The explicit permissions to provide to the container for the device. By default, the container has permissions for read , write , and mknod for the device.
(string) --
initProcessEnabled (boolean) --
If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the --init option to docker run . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
sharedMemorySize (integer) --
The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the --shm-size option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
tmpfs (list) --
The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the --tmpfs option to docker run .
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
(dict) --
The container path, mount options, and size of the tmpfs mount.
Note
This object isn't applicable to jobs running on Fargate resources.
containerPath (string) -- [REQUIRED]
The absolute file path in the container where the tmpfs volume is mounted.
size (integer) -- [REQUIRED]
The size (in MiB) of the tmpfs volume.
mountOptions (list) --
The list of tmpfs volume mount options.
Valid values: "defaults " | "ro " | "rw " | "suid " | "nosuid " | "dev " | "nodev " | "exec " | "noexec " | "sync " | "async " | "dirsync " | "remount " | "mand " | "nomand " | "atime " | "noatime " | "diratime " | "nodiratime " | "bind " | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime " | "norelatime " | "strictatime " | "nostrictatime " | "mode " | "uid " | "gid " | "nr_inodes " | "nr_blocks " | "mpol "
(string) --
maxSwap (integer) --
The total amount of swap memory (in MiB) a container can use. This parameter is translated to the --memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see ` --memory-swap details <https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details>`__ in the Docker documentation.
If a maxSwap value of 0 is specified, the container doesn't use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn't use the swap configuration for the container instance it is running on. A maxSwap value must be set for the swappiness parameter to be used.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
swappiness (integer) --
This allows you to tune a container's memory swappiness behavior. A swappiness value of 0 causes swapping not to happen unless absolutely necessary. A swappiness value of 100 causes pages to be swapped very aggressively. Accepted values are whole numbers between 0 and 100 . If the swappiness parameter isn't specified, a default value of 60 is used. If a value isn't specified for maxSwap then this parameter is ignored. If maxSwap is set to 0, the container doesn't use swap. This parameter maps to the --memory-swappiness option to docker run .
Consider the following when you use a per-container swap configuration.
Swap space must be enabled and allocated on the container instance for the containers to use.
Note
The Amazon ECS optimized AMIs don't have swap enabled by default. You must enable swap on the instance to use this feature. For more information, see Instance Store Swap Volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
The swap space parameters are only supported for job definitions using EC2 resources.
If the maxSwap and swappiness parameters are omitted from a job definition, each container will have a default swappiness value of 60, and the total swap usage will be limited to two times the memory reservation of the container.
Note
This parameter isn't applicable to jobs running on Fargate resources and shouldn't be provided.
logConfiguration (dict) --
The log configuration specification for the container.
This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the --log-driver option to docker run . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers in the Docker documentation.
Note
AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type).
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
Note
The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS Container Agent Configuration in the Amazon Elastic Container Service Developer Guide .
logDriver (string) -- [REQUIRED]
The log driver to use for the container. The valid values listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default.
The supported log drivers are awslogs , fluentd , gelf , json-file , journald , logentries , syslog , and splunk .
Note
Jobs running on Fargate resources are restricted to the awslogs and splunk log drivers.
awslogs
Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs Log Driver in the AWS Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
fluentd
Specifies the Fluentd logging driver. For more information, including usage and options, see Fluentd logging driver in the Docker documentation.
gelf
Specifies the Graylog Extended Format (GELF) logging driver. For more information, including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
journald
Specifies the journald logging driver. For more information, including usage and options, see Journald logging driver in the Docker documentation.
json-file
Specifies the JSON file logging driver. For more information, including usage and options, see JSON File logging driver in the Docker documentation.
splunk
Specifies the Splunk logging driver. For more information, including usage and options, see Splunk logging driver in the Docker documentation.
syslog
Specifies the syslog logging driver. For more information, including usage and options, see Syslog logging driver in the Docker documentation.
Note
If you have a custom driver that's not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that's available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn't currently support running modified copies of this software.
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
options (dict) --
The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log into your container instance and run the following command: sudo docker version | grep "Server API version"
(string) --
(string) --
secretOptions (list) --
The secrets to pass to the log configuration. For more information, see Specifying Sensitive Data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) -- [REQUIRED]
The name of the secret.
valueFrom (string) -- [REQUIRED]
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
secrets (list) --
The secrets for the container. For more information, see Specifying sensitive data in the AWS Batch User Guide .
(dict) --
An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways:
To inject sensitive data into your containers as environment variables, use the secrets container definition parameter.
To reference sensitive information in the log configuration of a container, use the secretOptions container definition parameter.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
name (string) -- [REQUIRED]
The name of the secret.
valueFrom (string) -- [REQUIRED]
The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store.
Note
If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
networkConfiguration (dict) --
The network configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
assignPublicIp (string) --
Indicates whether the job should have a public IP address. For a job running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, in order to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking . The default value is "DISABLED".
fargatePlatformConfiguration (dict) --
The platform configuration for jobs running on Fargate resources. Jobs running on EC2 resources must not specify this parameter.
platformVersion (string) --
The AWS Fargate platform version where the jobs are running. A platform version is specified only for jobs running on Fargate resources. If one isn't specified, the LATEST platform version is used by default. This uses a recent, approved version of the AWS Fargate platform for compute resources. For more information, see AWS Fargate platform versions in the Amazon Elastic Container Service Developer Guide .
dict
The retry strategy to use for failed jobs that are submitted with this job definition. Any retry strategy that's specified during a SubmitJob operation overrides the retry strategy defined here. If a job is terminated due to a timeout, it isn't retried.
attempts (integer) --
The number of times to move a job to the RUNNABLE status. You can specify between 1 and 10 attempts. If the value of attempts is greater than one, the job is retried on failure the same number of attempts as the value.
evaluateOnExit (list) --
Array of up to 5 objects that specify conditions under which the job should be retried or failed. If this parameter is specified, then the attempts parameter must also be specified.
(dict) --
Specifies a set of conditions to be met, and an action to take (RETRY or EXIT ) if all conditions are met.
onStatusReason (string) --
Contains a glob pattern to match against the StatusReason returned for a job. The pattern can be up to 512 characters long, and can contain letters, numbers, periods (.), colons (:), and white space (including spaces or tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
onReason (string) --
Contains a glob pattern to match against the Reason returned for a job. The pattern can be up to 512 characters long, and can contain letters, numbers, periods (.), colons (:), and white space (including spaces and tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
onExitCode (string) --
Contains a glob pattern to match against the decimal representation of the ExitCode returned for a job. The pattern can be up to 512 characters long, can contain only numbers, and can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
action (string) -- [REQUIRED]
Specifies the action to take if all of the specified conditions (onStatusReason , onReason , and onExitCode ) are met. The values aren't case sensitive.
boolean
Specifies whether to propagate the tags from the job or job definition to the corresponding Amazon ECS task. If no value is specified, the tags are not propagated. Tags can only be propagated to the tasks during task creation. For tags with the same name, job tags are given priority over job definitions tags. If the total number of combined tags from the job and job definition is over 50, the job is moved to the FAILED state.
dict
The timeout configuration for jobs that are submitted with this job definition, after which AWS Batch terminates your jobs if they have not finished. If a job is terminated due to a timeout, it isn't retried. The minimum value for the timeout is 60 seconds. Any timeout configuration that's specified during a SubmitJob operation overrides the timeout configuration defined here. For more information, see Job Timeouts in the AWS Batch User Guide .
attemptDurationSeconds (integer) --
The time duration in seconds (measured from the job attempt's startedAt timestamp) after which AWS Batch terminates your jobs if they have not finished. The minimum value for the timeout is 60 seconds.
dict
The tags that you apply to the job definition to help you categorize and organize your resources. Each tag consists of a key and an optional value. For more information, see Tagging AWS Resources in AWS Batch User Guide .
(string) --
(string) --
list
The platform capabilities required by the job definition. If no value is specified, it defaults to EC2 . To run the job on Fargate resources, specify FARGATE .
(string) --
dict
Response Syntax
{ 'jobDefinitionName': 'string', 'jobDefinitionArn': 'string', 'revision': 123 }
Response Structure
(dict) --
jobDefinitionName (string) --
The name of the job definition.
jobDefinitionArn (string) --
The Amazon Resource Name (ARN) of the job definition.
revision (integer) --
The revision of the job definition.