Elastic CI Stack for AWS Parameters

To create an Auto Scaling group and the launch template for the Elastic CI Stack for AWS deployment, you can either use the default YAML config file, or you can copy it, and substitute that YAML config file with your own configuration file when you create new instances.

The following tables list all the available parameters for the aws-stack.yml template which creates an Auto Scaling group and the launch template for the Elastic CI Stack for AWS deployment.

You can use these parameters to configure the EC2 instances to suit your needs.

Note that you must provide a value for one of BuildkiteAgentTokenParameterStorePath or BuildkiteAgentToken to be able to use aws-stack.yml template, all other parameters are optional.

Buildkite Configuration

Parameter	Description
BuildkiteAgentTokenParameterStorePath (String)	AWS SSM path to the Buildkite agent registration token (this takes precedence over BuildkiteAgentToken). Expects a leading slash ('/'). Allowed Pattern: ^$|^/[a-zA-Z0-9_.\-/]+$
BuildkiteAgentTokenParameterStoreKMSKey (String)	AWS KMS key ID used to encrypt the SSM parameter (if encrypted)
BuildkiteAgentToken (String)	Buildkite agent registration token. Deprecated, use BuildkiteAgentTokenParameterStorePath instead.
BuildkiteQueue (String)	Queue name that agents will use, targeted in pipeline steps using "queue={value}" Default Value: default Minimum Length: 1

Advanced Buildkite Configuration

Parameter	Description
BuildkiteAgentRelease (String)	Allowed Values: stable beta edge Default Value: stable
BuildkiteAgentTags (String)	Additional tags separated by commas to provide to the agent. E.g os=linux,llamas=always
BuildkiteAgentTimestampLines (String)	Set to true to prepend timestamps to every line of output Allowed Values: true false Default Value: false
BuildkiteAgentExperiments (String)	Agent experiments to enable, comma delimited. See https://github.com/buildkite/agent/blob/master/EXPERIMENTS.md.
BuildkiteTerminateInstanceAfterJob (String)	Set to "true" to terminate the instance after a job has completed. Allowed Values: true false Default Value: false
BuildkiteAdditionalSudoPermissions (String)	Optional - Comma separated list of commands to allow the buildkite-agent user to run using sudo.
BuildkiteWindowsAdministrator (String)	Set to "true" to add the local "buildkite-agent" user account to the local Windows Administrator group. Allowed Values: true false Default Value: true

Network Configuration

Parameter	Description
VpcId (String)	Optional - Id of an existing VPC to launch instances into. Leave blank to have a new VPC created
Subnets (CommaDelimitedList)	Optional - Comma separated list of two existing VPC subnet ids where EC2 instances will run. Required if setting VpcId.
AvailabilityZones (CommaDelimitedList)	Optional - Comma separated list of AZs that subnets are created in (if Subnets parameter is not specified)
SecurityGroupId (String)	Optional - Comma separated list of security group ids to assign to instances
AssociatePublicIpAddress (String)	Associate instances with public IP addresses Allowed Values: true false Default Value: true

Instance Configuration

Parameter	Description
ImageId (String)	Optional - Custom AMI to use for instances (must be based on the stack's AMI)
ImageIdParameter (String)	Optional - Custom AMI SSM Parameter to use for instances (must be based on the stack's AMI)
InstanceType (String)	Instance type. Comma-separated list with 1-4 instance types. The order is a prioritized preference for launching OnDemand instances, and a non-prioritized list of types to consider for Spot Instances (where used). Default Value: t3.large Allowed Pattern: ^[\w\.]+(,[\w\.]*){0,3}$ Minimum Length: 1
EnableInstanceStorage (String)	Mount available NVMe Instance Storage at /mnt/ephemeral Allowed Values: true false Default Value: false
AgentsPerInstance (Number)	Number of Buildkite agents to run on each instance Default Value: 1 Minimum Value: 1
KeyName (String)	Optional - SSH keypair used to access the buildkite instances using ec2_user, setting this will enable SSH ingress
SpotPrice (String)	Maximum spot price to use for the instances, in instance cost per hour. Values >0 will result in 100% of instances being spot. 0 means only use normal (non-spot) instances. This parameter is deprecated - we recommend setting to 0 and using OnDemandPercentage to opt into spot instances. Default Value: 0
SecretsBucket (String)	Optional - Name of an existing S3 bucket containing pipeline secrets (Created if left blank)
ArtifactsBucket (String)	Optional - Name of an existing S3 bucket for build artifact storage
AuthorizedUsersUrl (String)	Optional - HTTPS or S3 URL to periodically download ssh authorized_keys from, setting this will enable SSH ingress. authorized_keys are applied to ec2_user
BootstrapScriptUrl (String)	Optional - HTTPS or S3 URL to run on each instance during boot
RootVolumeSize (Number)	Size of each instance's root EBS volume (in GB) Default Value: 250 Minimum Value: 10
RootVolumeName (String)	Name of the root block device for your AMI
RootVolumeType (String)	Type of root volume to use Default Value: gp3
ManagedPolicyARN (CommaDelimitedList)	Optional - Comma separated list of managed IAM policy ARNs to attach to the instance role
InstanceRoleName (String)	Optional - A name for the IAM Role attached to the Instance Profile
IMDSv2Tokens (String)	Whether IMDSv2 tokens must be used for the Instance Metadata Service. Allowed Values: optional required Default Value: optional

Auto-scaling Configuration

Parameter	Description
MinSize (Number)	Minimum number of instances Default Value: 0
MaxSize (Number)	Maximum number of instances Default Value: 10 Minimum Value: 1
OnDemandPercentage (Number)	Percentage of total instances that should launch as OnDemand. Default is 100% OnDemand - reduce this to use some Spot Instances when they're available and cheaper than the OnDemand price. A value of 70 means 70% OnDemand and 30% Spot Instances. Default Value: 100 Minimum Value: 0 Maximum Value: 100
ScaleOutFactor (Number)	A decimal factor to apply to scale out changes to speed up or slow down scale-out Default Value: 1.0
ScaleInIdlePeriod (Number)	Number of seconds an agent must be idle before terminating Default Value: 600
ScaleOutForWaitingJobs (String)	Whether to scale-out for steps behind wait steps. Make sure you have a long enough idle period! Allowed Values: true false Default Value: false
InstanceCreationTimeout (String)	Timeout period for Autoscaling Group Creation Policy

Cost Allocation Configuration

Parameter	Description
EnableCostAllocationTags (String)	Enables AWS Cost Allocation tags for all resources in the stack. See https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html Allowed Values: true false Default Value: false
CostAllocationTagName (String)	The name of the Cost Allocation Tag used for billing purposes Default Value: CreatedBy
CostAllocationTagValue (String)	The value of the Cost Allocation Tag used for billing purposes Default Value: buildkite-elastic-ci-stack-for-aws

Docker Daemon Configuration

Parameter	Description
EnableDockerUserNamespaceRemap (String)	Enables Docker user namespace remapping so docker runs as buildkite-agent Allowed Values: true false Default Value: true
EnableDockerExperimental (String)	Enables Docker experimental features Allowed Values: true false Default Value: false

Docker Registry Configuration

Parameter	Description
ECRAccessPolicy (String)	ECR access policy to give container instances Allowed Values: none readonly poweruser full Default Value: none

Plugin Configuration

Parameter	Description
EnableSecretsPlugin (String)	Enables s3-secrets plugin for all pipelines Allowed Values: true false Default Value: true
EnableECRPlugin (String)	Enables ecr plugin for all pipelines Allowed Values: true false Default Value: true
EnableDockerLoginPlugin (String)	Enables docker-login plugin for all pipelines Allowed Values: true false Default Value: true