interface ContainerPropertiesProperty
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Batch.CfnJobDefinition.ContainerPropertiesProperty |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awsbatch#CfnJobDefinition_ContainerPropertiesProperty |
 Java | software.amazon.awscdk.services.batch.CfnJobDefinition.ContainerPropertiesProperty |
 Python | aws_cdk.aws_batch.CfnJobDefinition.ContainerPropertiesProperty |
 TypeScript | aws-cdk-lib » aws_batch » CfnJobDefinition » ContainerPropertiesProperty |
Container properties are used for Amazon ECS based job definitions.
These properties to describe the container that's launched as part of a job.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_batch as batch } from 'aws-cdk-lib';
declare const options: any;
const containerPropertiesProperty: batch.CfnJobDefinition.ContainerPropertiesProperty = {
image: 'image',
// the properties below are optional
command: ['command'],
environment: [{
name: 'name',
value: 'value',
}],
ephemeralStorage: {
sizeInGiB: 123,
},
executionRoleArn: 'executionRoleArn',
fargatePlatformConfiguration: {
platformVersion: 'platformVersion',
},
instanceType: 'instanceType',
jobRoleArn: 'jobRoleArn',
linuxParameters: {
devices: [{
containerPath: 'containerPath',
hostPath: 'hostPath',
permissions: ['permissions'],
}],
initProcessEnabled: false,
maxSwap: 123,
sharedMemorySize: 123,
swappiness: 123,
tmpfs: [{
containerPath: 'containerPath',
size: 123,
// the properties below are optional
mountOptions: ['mountOptions'],
}],
},
logConfiguration: {
logDriver: 'logDriver',
// the properties below are optional
options: options,
secretOptions: [{
name: 'name',
valueFrom: 'valueFrom',
}],
},
memory: 123,
mountPoints: [{
containerPath: 'containerPath',
readOnly: false,
sourceVolume: 'sourceVolume',
}],
networkConfiguration: {
assignPublicIp: 'assignPublicIp',
},
privileged: false,
readonlyRootFilesystem: false,
repositoryCredentials: {
credentialsParameter: 'credentialsParameter',
},
resourceRequirements: [{
type: 'type',
value: 'value',
}],
runtimePlatform: {
cpuArchitecture: 'cpuArchitecture',
operatingSystemFamily: 'operatingSystemFamily',
},
secrets: [{
name: 'name',
valueFrom: 'valueFrom',
}],
ulimits: [{
hardLimit: 123,
name: 'name',
softLimit: 123,
}],
user: 'user',
vcpus: 123,
volumes: [{
efsVolumeConfiguration: {
fileSystemId: 'fileSystemId',
// the properties below are optional
authorizationConfig: {
accessPointId: 'accessPointId',
iam: 'iam',
},
rootDirectory: 'rootDirectory',
transitEncryption: 'transitEncryption',
transitEncryptionPort: 123,
},
host: {
sourcePath: 'sourcePath',
},
name: 'name',
}],
};
Properties
| Name | Type | Description |
|---|---|---|
| image | string | Required. |
| command? | string[] | The command that's passed to the container. |
| environment? | IResolvable | IResolvable | Environment[] | The environment variables to pass to a container. |
| ephemeral | IResolvable | Ephemeral | The amount of ephemeral storage to allocate for the task. |
| execution | string | The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. |
| fargate | IResolvable | Fargate | The platform configuration for jobs that are running on Fargate resources. |
| instance | string | |
| job | string | The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. |
| linux | IResolvable | Linux | Linux-specific modifications that are applied to the container, such as details for device mappings. |
| log | IResolvable | Log | The log configuration specification for the container. |
| memory? | number | This parameter is deprecated, use resourceRequirements to specify the memory requirements for the job definition. |
| mount | IResolvable | IResolvable | Mount[] | The mount points for data volumes in your container. |
| network | IResolvable | Network | The network configuration for jobs that are running on Fargate resources. |
| privileged? | boolean | IResolvable | When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user). |
| readonly | boolean | IResolvable | When this parameter is true, the container is given read-only access to its root file system. |
| repository | IResolvable | Repository | The private repository authentication credentials to use. |
| resource | IResolvable | IResolvable | Resource[] | The type and amount of resources to assign to a container. |
| runtime | IResolvable | Runtime | An object that represents the compute environment architecture for AWS Batch jobs on Fargate. |
| secrets? | IResolvable | IResolvable | Secret[] | The secrets for the container. |
| ulimits? | IResolvable | IResolvable | Ulimit[] | A list of ulimits to set in the container. |
| user? | string | The user name to use inside the container. |
| vcpus? | number | This parameter is deprecated, use resourceRequirements to specify the vCPU requirements for the job definition. |
| volumes? | IResolvable | IResolvable | Volumes[] | A list of data volumes used in a job. |
image
Type:
string
Required.
The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with *repository-url* / *image* : *tag* . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run .
Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources.
- Images in Amazon ECR Public repositories use the full
registry/repository[:tag]orregistry/repository[@digest]naming conventions. For example,public.ecr.aws/ *registry_alias* / *my-web-app* : *latest*. - Images in Amazon ECR repositories use the full registry and repository URI (for example,
123456789012.dkr.ecr.<region-name>.amazonaws.com/<repository-name>). - Images in official repositories on Docker Hub use a single name (for example,
ubuntuormongo). - Images in other repositories on Docker Hub are qualified with an organization name (for example,
amazon/amazon-ecs-agent). - Images in other online repositories are qualified further by a domain name (for example,
quay.io/assemblyline/ubuntu).
command?
Type:
string[]
(optional)
The command that's passed to the container.
This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run . For more information, see https://docs.docker.com/engine/reference/builder/#cmd .
environment?
Type:
IResolvable | IResolvable | Environment[]
(optional)
The environment variables to pass to a container.
This parameter maps to Env in the Create a container section of the Docker Remote API and the --env option to docker run .
We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with "
AWS_BATCH". This naming convention is reserved for variables that AWS Batch sets.
ephemeralStorage?
Type:
IResolvable | Ephemeral
(optional)
The amount of ephemeral storage to allocate for the task.
This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate .
executionRoleArn?
Type:
string
(optional)
The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume.
For jobs that run on Fargate resources, you must provide an execution role. For more information, see AWS Batch execution IAM role in the AWS Batch User Guide .
fargatePlatformConfiguration?
Type:
IResolvable | Fargate
(optional)
The platform configuration for jobs that are running on Fargate resources.
Jobs that are running on Amazon EC2 resources must not specify this parameter.
instanceType?
Type:
string
(optional)
jobRoleArn?
Type:
string
(optional)
The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions.
For more information, see IAM roles for tasks in the Amazon Elastic Container Service Developer Guide .
linuxParameters?
Type:
IResolvable | Linux
(optional)
Linux-specific modifications that are applied to the container, such as details for device mappings.
logConfiguration?
Type:
IResolvable | Log
(optional)
The log configuration specification for the container.
This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the --log-driver option to docker run . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers in the Docker documentation.
AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type).
This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep "Server API version"
The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the
ECS_AVAILABLE_LOGGING_DRIVERSenvironment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS container agent configuration in the Amazon Elastic Container Service Developer Guide .
memory?
Type:
number
(optional)
This parameter is deprecated, use resourceRequirements to specify the memory requirements for the job definition.
It's not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it's terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.
mountPoints?
Type:
IResolvable | IResolvable | Mount[]
(optional)
The mount points for data volumes in your container.
This parameter maps to Volumes in the Create a container section of the Docker Remote API and the --volume option to docker run .
networkConfiguration?
Type:
IResolvable | Network
(optional)
The network configuration for jobs that are running on Fargate resources.
Jobs that are running on Amazon EC2 resources must not specify this parameter.
privileged?
Type:
boolean | IResolvable
(optional)
When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user).
This parameter maps to Privileged in the Create a container section of the Docker Remote API and the --privileged option to docker run . The default value is false.
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false.
readonlyRootFilesystem?
Type:
boolean | IResolvable
(optional)
When this parameter is true, the container is given read-only access to its root file system.
This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the --read-only option to docker run .
repositoryCredentials?
Type:
IResolvable | Repository
(optional)
The private repository authentication credentials to use.
resourceRequirements?
Type:
IResolvable | IResolvable | Resource[]
(optional)
The type and amount of resources to assign to a container.
The supported resources include GPU , MEMORY , and VCPU .
runtimePlatform?
Type:
IResolvable | Runtime
(optional)
An object that represents the compute environment architecture for AWS Batch jobs on Fargate.
secrets?
Type:
IResolvable | IResolvable | Secret[]
(optional)
The secrets for the container.
For more information, see Specifying sensitive data in the AWS Batch User Guide .
ulimits?
Type:
IResolvable | IResolvable | Ulimit[]
(optional)
A list of ulimits to set in the container.
This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the --ulimit option to docker run .
This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided.
user?
Type:
string
(optional)
The user name to use inside the container.
This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run .
vcpus?
Type:
number
(optional)
This parameter is deprecated, use resourceRequirements to specify the vCPU requirements for the job definition.
It's not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job.
Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the --cpu-shares option to docker run . The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node.
volumes?
Type:
IResolvable | IResolvable | Volumes[]
(optional)
A list of data volumes used in a job.