이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

aws_batch_job_definition

`account_id`

Type: STRING

`consumable_resource_properties`

Type: STRUCT
Provider name: consumableResourceProperties
Description: Contains a list of consumable resources required by the job.

consumable_resource_list
Type: UNORDERED_LIST_STRUCT
Provider name: consumableResourceList
Description: The list of consumable resources required by a job.
- consumable_resource
  Type: STRING
  Provider name: consumableResource
  Description: The name or ARN of the consumable resource.
- quantity
  Type: INT64
  Provider name: quantity
  Description: The quantity of the consumable resource that is needed.

`container_orchestration_type`

Type: STRING
Provider name: containerOrchestrationType
Description: The orchestration type of the compute environment. The valid values are ECS (default) or EKS.

`container_properties`

Type: STRUCT
Provider name: containerProperties
Description: An object with properties specific to Amazon ECS-based jobs. When containerProperties is used in the job definition, it can’t be used in addition to eksProperties, ecsProperties, or nodeProperties.

command
Type: UNORDERED_LIST_STRING
Provider name: command
Description: The command that’s passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see https://docs.docker.com/engine/reference/builder/#cmd.
environment
Type: UNORDERED_LIST_STRUCT
Provider name: environment
Description: The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the –env option to docker run. We don’t recommend using plaintext environment variables for sensitive information, such as credential data. Environment variables cannot start with “AWS_BATCH”. This naming convention is reserved for variables that Batch sets.
- name
  Type: STRING
  Provider name: name
  Description: The name of the key-value pair. For environment variables, this is the name of the environment variable.
- value
  Type: STRING
  Provider name: value
  Description: The value of the key-value pair. For environment variables, this is the value of the environment variable.
ephemeral_storage
Type: STRUCT
Provider name: ephemeralStorage
Description: The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on Fargate.
- size_in_gib
  Type: INT32
  Provider name: sizeInGiB
  Description: The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is 21 GiB and the maximum supported value is 200 GiB.
execution_role_arn
Type: STRING
Provider name: executionRoleArn
Description: The Amazon Resource Name (ARN) of the execution role that Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see Batch execution IAM role in the Batch User Guide.
fargate_platform_configuration
Type: STRUCT
Provider name: fargatePlatformConfiguration
Description: The platform configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter.
- platform_version
  Type: STRING
  Provider name: platformVersion
  Description: The Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources. If one isn’t specified, the LATEST platform version is used by default. This uses a recent, approved version of the Fargate platform for compute resources. For more information, see Fargate platform versions in the Amazon Elastic Container Service Developer Guide.
image
Type: STRING
Provider name: image
Description: Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with repository-url/image:tag . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run. Docker image architecture must match the processor architecture of the compute resources that they’re scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources.
- Images in Amazon ECR Public repositories use the full registry/repository[:tag] or registry/repository[@digest] naming conventions. For example, public.ecr.aws/registry_alias/my-web-app:latest .
- Images in Amazon ECR repositories use the full registry and repository URI (for example, 123456789012.dkr.ecr.<region-name>.amazonaws.com/<repository-name>).
- Images in official repositories on Docker Hub use a single name (for example, ubuntu or mongo).
- Images in other repositories on Docker Hub are qualified with an organization name (for example, amazon/amazon-ecs-agent).
- Images in other online repositories are qualified further by a domain name (for example, quay.io/assemblyline/ubuntu).
instance_type
Type: STRING
Provider name: instanceType
Description: The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type. This parameter isn’t applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn’t be provided.
job_role_arn
Type: STRING
Provider name: jobRoleArn
Description: The Amazon Resource Name (ARN) of the IAM role that the container can assume for Amazon Web Services permissions. For more information, see IAM roles for tasks in the Amazon Elastic Container Service Developer Guide.
linux_parameters
Type: STRUCT
Provider name: linuxParameters
Description: Linux-specific modifications that are applied to the container, such as details for device mappings.
- devices
  Type: UNORDERED_LIST_STRUCT
  Provider name: devices
  Description: Any of the host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the –device option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
  - container_path
    Type: STRING
    Provider name: containerPath
    Description: The path inside the container that’s used to expose the host device. By default, the hostPath value is used.
  - host_path
    Type: STRING
    Provider name: hostPath
    Description: The path for the device on the host container instance.
  - permissions
    Type: UNORDERED_LIST_STRING
    Provider name: permissions
    Description: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.
- init_process_enabled
  Type: BOOLEAN
  Provider name: initProcessEnabled
  Description: If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the –init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
- max_swap
  Type: INT32
  Provider name: maxSwap
  Description: The total amount of swap memory (in MiB) a container can use. This parameter is translated to the –memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see –memory-swap details in the Docker documentation. If a maxSwap value of 0 is specified, the container doesn’t use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn’t use the swap configuration for the container instance that it’s running on. A maxSwap value must be set for the swappiness parameter to be used. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
- shared_memory_size
  Type: INT32
  Provider name: sharedMemorySize
  Description: The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the –shm-size option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
- swappiness
  Type: INT32
  Provider name: swappiness
  Description: You can use this parameter to tune a container’s memory swappiness behavior. A swappiness value of 0 causes swapping to not occur unless absolutely necessary. A swappiness value of 100 causes pages to be swapped aggressively. Valid values are whole numbers between 0 and 100. If the swappiness parameter isn’t specified, a default value of 60 is used. If a value isn’t specified for maxSwap, then this parameter is ignored. If maxSwap is set to 0, the container doesn’t use swap. This parameter maps to the –memory-swappiness option to docker run. Consider the following when you use a per-container swap configuration.
  - Swap space must be enabled and allocated on the container instance for the containers to use. By default, the Amazon ECS optimized AMIs don’t have swap enabled. You must enable swap on the instance to use this feature. For more information, see Instance store swap volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
  - The swap space parameters are only supported for job definitions using EC2 resources.
  - If the maxSwap and swappiness parameters are omitted from a job definition, each container has a default swappiness value of 60. Moreover, the total swap usage is limited to two times the memory reservation of the container.
  This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
- tmpfs
  Type: UNORDERED_LIST_STRUCT
  Provider name: tmpfs
  Description: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the –tmpfs option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide this parameter for this resource type.
  - container_path
    Type: STRING
    Provider name: containerPath
    Description: The absolute file path in the container where the tmpfs volume is mounted.
  - mount_options
    Type: UNORDERED_LIST_STRING
    Provider name: mountOptions
    Description: The list of tmpfs volume mount options. Valid values: “defaults” | “ro” | “rw” | “suid” | “nosuid” | “dev” | “nodev” | “exec” | “noexec” | “sync” | “async” | “dirsync” | “remount” | “mand” | “nomand” | “atime” | “noatime” | “diratime” | “nodiratime” | “bind” | “rbind” | “unbindable” | “runbindable” | “private” | “rprivate” | “shared” | “rshared” | “slave” | “rslave” | “relatime” | “norelatime” | “strictatime” | “nostrictatime” | “mode” | “uid” | “gid” | “nr_inodes” | “nr_blocks” | “mpol"
  - size
    Type: INT32
    Provider name: size
    Description: The size (in MiB) of the tmpfs volume.
log_configuration
Type: STRUCT
Provider name: logConfiguration
Description: The log configuration specification for the container. This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the –log-driver option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers in the Docker documentation. Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type). This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version” The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS container agent configuration in the Amazon Elastic Container Service Developer Guide.
- log_driver
  Type: STRING
  Provider name: logDriver
  Description: The log driver to use for the container. The valid values that are listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default. The supported log drivers are awslogs, fluentd, gelf, json-file, journald, logentries, syslog, and splunk. Jobs that are running on Fargate resources are restricted to the awslogs and splunk log drivers.
  awslogs
  Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs log driver in the Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
  fluentd
  Specifies the Fluentd logging driver. For more information including usage and options, see Fluentd logging driver in the Docker documentation.
  gelf
  Specifies the Graylog Extended Format (GELF) logging driver. For more information including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
  journald
  Specifies the journald logging driver. For more information including usage and options, see Journald logging driver in the Docker documentation.
  json-file
  Specifies the JSON file logging driver. For more information including usage and options, see JSON File logging driver in the Docker documentation.
  splunk
  Specifies the Splunk logging driver. For more information including usage and options, see Splunk logging driver in the Docker documentation.
  syslog
  Specifies the syslog logging driver. For more information including usage and options, see Syslog logging driver in the Docker documentation.
  If you have a custom driver that’s not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that’s available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn’t currently support running modified copies of this software. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
- options
  Type: MAP_STRING_STRING
  Provider name: options
  Description: The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
- secret_options
  Type: UNORDERED_LIST_STRUCT
  Provider name: secretOptions
  Description: The secrets to pass to the log configuration. For more information, see Specifying sensitive data in the Batch User Guide.
  - name
    Type: STRING
    Provider name: name
    Description: The name of the secret.
  - value_from
    Type: STRING
    Provider name: valueFrom
    Description: The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store. If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Region as the job you’re launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
memory
Type: INT32
Provider name: memory
Description: This parameter is deprecated, use resourceRequirements to specify the memory requirements for the job definition. It’s not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it’s terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.
mount_points
Type: UNORDERED_LIST_STRUCT
Provider name: mountPoints
Description: The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the –volume option to docker run.
- container_path
  Type: STRING
  Provider name: containerPath
  Description: The path on the container where the host volume is mounted.
- read_only
  Type: BOOLEAN
  Provider name: readOnly
  Description: If this value is true, the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false.
- source_volume
  Type: STRING
  Provider name: sourceVolume
  Description: The name of the volume to mount.
network_configuration
Type: STRUCT
Provider name: networkConfiguration
Description: The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter.
- assign_public_ip
  Type: STRING
  Provider name: assignPublicIp
  Description: Indicates whether the job has a public IP address. For a job that’s running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking in the Amazon Elastic Container Service Developer Guide. The default value is “DISABLED”.
privileged
Type: BOOLEAN
Provider name: privileged
Description: When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the –privileged option to docker run. The default value is false. This parameter isn’t applicable to jobs that are running on Fargate resources and shouldn’t be provided, or specified as false.
readonly_root_filesystem
Type: BOOLEAN
Provider name: readonlyRootFilesystem
Description: When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the –read-only option to docker run.
repository_credentials
Type: STRUCT
Provider name: repositoryCredentials
Description: The private repository authentication credentials to use.
- credentials_parameter
  Type: STRING
  Provider name: credentialsParameter
  Description: The Amazon Resource Name (ARN) of the secret containing the private repository credentials.
resource_requirements
Type: UNORDERED_LIST_STRUCT
Provider name: resourceRequirements
Description: The type and amount of resources to assign to a container. The supported resources include GPU, MEMORY, and VCPU.
- type
  Type: STRING
  Provider name: type
  Description: The type of resource to assign to a container. The supported resources include GPU, MEMORY, and VCPU.
- value
  Type: STRING
  Provider name: value
  Description: The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
  type=“GPU”
  The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn’t exceed the number of available GPUs on the compute resource that the job is launched on. GPUs aren’t available for jobs that are running on Fargate resources.
  type=“MEMORY”
  The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on Amazon EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the –memory option to docker run. You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the –memory option to docker run. If you’re trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory management in the Batch User Guide. For jobs that are running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
  value = 512
  VCPU = 0.25
  value = 1024
  VCPU = 0.25 or 0.5
  value = 2048
  VCPU = 0.25, 0.5, or 1
  value = 3072
  VCPU = 0.5, or 1
  value = 4096
  VCPU = 0.5, 1, or 2
  value = 5120, 6144, or 7168
  VCPU = 1 or 2
  value = 8192
  VCPU = 1, 2, or 4
  value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360
  VCPU = 2 or 4
  value = 16384
  VCPU = 2, 4, or 8
  value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720
  VCPU = 4
  value = 20480, 24576, or 28672
  VCPU = 4 or 8
  value = 36864, 45056, 53248, or 61440
  VCPU = 8
  value = 32768, 40960, 49152, or 57344
  VCPU = 8 or 16
  value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880
  VCPU = 16
  type=“VCPU”
  The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the –cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares. For Amazon EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once. The default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see Fargate quotas in the Amazon Web Services General Reference. For jobs that are running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16
  value = 0.25
  MEMORY = 512, 1024, or 2048
  value = 0.5
  MEMORY = 1024, 2048, 3072, or 4096
  value = 1
  MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
  value = 2
  MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
  value = 4
  MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
  value = 8
  MEMORY = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440
  value = 16
  MEMORY = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880
runtime_platform
Type: STRUCT
Provider name: runtimePlatform
Description: An object that represents the compute environment architecture for Batch jobs on Fargate.
- cpu_architecture
  Type: STRING
  Provider name: cpuArchitecture
  Description: The vCPU architecture. The default value is X86_64. Valid values are X86_64 and ARM64. This parameter must be set to X86_64 for Windows containers. Fargate Spot is not supported for ARM64 and Windows-based containers on Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both FARGATE and FARGATE_SPOT compute environments to the same job queue.
- operating_system_family
  Type: STRING
  Provider name: operatingSystemFamily
  Description: The operating system for the compute environment. Valid values are: LINUX (default), WINDOWS_SERVER_2019_CORE, WINDOWS_SERVER_2019_FULL, WINDOWS_SERVER_2022_CORE, and WINDOWS_SERVER_2022_FULL. The following parameters can’t be set for Windows containers: linuxParameters, privileged, user, ulimits, readonlyRootFilesystem, and efsVolumeConfiguration. The Batch Scheduler checks the compute environments that are attached to the job queue before registering a task definition with Fargate. In this scenario, the job queue is where the job is submitted. If the job requires a Windows container and the first compute environment is LINUX, the compute environment is skipped and the next compute environment is checked until a Windows-based compute environment is found. Fargate Spot is not supported for ARM64 and Windows-based containers on Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both FARGATE and FARGATE_SPOT compute environments to the same job queue.
secrets
Type: UNORDERED_LIST_STRUCT
Provider name: secrets
Description: The secrets for the container. For more information, see Specifying sensitive data in the Batch User Guide.
- name
  Type: STRING
  Provider name: name
  Description: The name of the secret.
- value_from
  Type: STRING
  Provider name: valueFrom
  Description: The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store. If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Region as the job you’re launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
ulimits
Type: UNORDERED_LIST_STRUCT
Provider name: ulimits
Description: A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the –ulimit option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources and shouldn’t be provided.
- hard_limit
  Type: INT32
  Provider name: hardLimit
  Description: The hard limit for the ulimit type.
- name
  Type: STRING
  Provider name: name
  Description: The type of the ulimit. Valid values are: core | cpu | data | fsize | locks | memlock | msgqueue | nice | nofile | nproc | rss | rtprio | rttime | sigpending | stack.
- soft_limit
  Type: INT32
  Provider name: softLimit
  Description: The soft limit for the ulimit type.
user
Type: STRING
Provider name: user
Description: The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the –user option to docker run.
vcpus
Type: INT32
Provider name: vcpus
Description: This parameter is deprecated, use resourceRequirements to specify the vCPU requirements for the job definition. It’s not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job. Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the –cpu-shares option to docker run. The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node.
volumes
Type: UNORDERED_LIST_STRUCT
Provider name: volumes
Description: A list of data volumes used in a job.
- efs_volume_configuration
  Type: STRUCT
  Provider name: efsVolumeConfiguration
  Description: This parameter is specified when you’re using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a platformVersion of at least 1.4.0.
  - authorization_config
    Type: STRUCT
    Provider name: authorizationConfig
    Description: The authorization configuration details for the Amazon EFS file system.
    - access_point_id
      Type: STRING
      Provider name: accessPointId
      Description: The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration. For more information, see Working with Amazon EFS access points in the Amazon Elastic File System User Guide.
    - iam
      Type: STRING
      Provider name: iam
      Description: Whether or not to use the Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration. If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS access points in the Batch User Guide. EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
  - file_system_id
    Type: STRING
    Provider name: fileSystemId
    Description: The Amazon EFS file system ID to use.
  - root_directory
    Type: STRING
    Provider name: rootDirectory
    Description: The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying / has the same effect as omitting this parameter. The maximum length is 4,096 characters. If an EFS access point is specified in the authorizationConfig, the root directory parameter must either be omitted or set to /, which enforces the path set on the Amazon EFS access point.
  - transit_encryption
    Type: STRING
    Provider name: transitEncryption
    Description: Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide.
  - transit_encryption_port
    Type: INT32
    Provider name: transitEncryptionPort
    Description: The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don’t specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see EFS mount helper in the Amazon Elastic File System User Guide.
- host
  Type: STRUCT
  Provider name: host
  Description: The contents of the host parameter determine whether your data volume persists on the host container instance and where it’s stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn’t guaranteed to persist after the containers that are associated with it stop running. This parameter isn’t applicable to jobs that are running on Fargate resources and shouldn’t be provided.
  - source_path
    Type: STRING
    Provider name: sourcePath
    Description: The path on the host container instance that’s presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn’t exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. This parameter isn’t applicable to jobs that run on Fargate resources. Don’t provide this for these jobs.
- name
  Type: STRING
  Provider name: name
  Description: The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the sourceVolume parameter of container definition mountPoints.

`ecs_properties`

Type: STRUCT
Provider name: ecsProperties
Description: An object that contains the properties for the Amazon ECS resources of a job.When ecsProperties is used in the job definition, it can’t be used in addition to containerProperties, eksProperties, or nodeProperties.

task_properties
Type: UNORDERED_LIST_STRUCT
Provider name: taskProperties
Description: An object that contains the properties for the Amazon ECS task definition of a job. This object is currently limited to one task element. However, the task element can run up to 10 containers.
- containers
  Type: UNORDERED_LIST_STRUCT
  Provider name: containers
  Description: This object is a list of containers.
  - command
    Type: UNORDERED_LIST_STRING
    Provider name: command
    Description: The command that’s passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see Dockerfile reference: CMD.
  - depends_on
    Type: UNORDERED_LIST_STRUCT
    Provider name: dependsOn
    Description: A list of containers that this container depends on.
    - condition
      Type: STRING
      Provider name: condition
      Description: The dependency condition of the container. The following are the available conditions and their behavior:
      - START - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.
      - COMPLETE - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can’t be set on an essential container.
      - SUCCESS - This condition is the same as COMPLETE, but it also requires that the container exits with a zero status. This condition can’t be set on an essential container.
    - container_name
      Type: STRING
      Provider name: containerName
      Description: A unique identifier for the container.
  - environment
    Type: UNORDERED_LIST_STRUCT
    Provider name: environment
    Description: The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the –env parameter to docker run. We don’t recommend using plaintext environment variables for sensitive information, such as credential data. Environment variables cannot start with AWS_BATCH. This naming convention is reserved for variables that Batch sets.
    - name
      Type: STRING
      Provider name: name
      Description: The name of the key-value pair. For environment variables, this is the name of the environment variable.
    - value
      Type: STRING
      Provider name: value
      Description: The value of the key-value pair. For environment variables, this is the value of the environment variable.
  - essential
    Type: BOOLEAN
    Provider name: essential
    Description: If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the essential parameter of a container is marked as false, its failure doesn’t affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential. All jobs must have at least one essential container. If you have an application that’s composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see Application Architecture in the Amazon Elastic Container Service Developer Guide.
  - image
    Type: STRING
    Provider name: image
    Description: The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either repository-url/image:tag or repository-url/image@digest. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of the docker run .
  - linux_parameters
    Type: STRUCT
    Provider name: linuxParameters
    Description: Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information, see KernelCapabilities.
    - devices
      Type: UNORDERED_LIST_STRUCT
      Provider name: devices
      Description: Any of the host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the –device option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
      - container_path
        Type: STRING
        Provider name: containerPath
        Description: The path inside the container that’s used to expose the host device. By default, the hostPath value is used.
      - host_path
        Type: STRING
        Provider name: hostPath
        Description: The path for the device on the host container instance.
      - permissions
        Type: UNORDERED_LIST_STRING
        Provider name: permissions
        Description: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.
    - init_process_enabled
      Type: BOOLEAN
      Provider name: initProcessEnabled
      Description: If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the –init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
    - max_swap
      Type: INT32
      Provider name: maxSwap
      Description: The total amount of swap memory (in MiB) a container can use. This parameter is translated to the –memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see –memory-swap details in the Docker documentation. If a maxSwap value of 0 is specified, the container doesn’t use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn’t use the swap configuration for the container instance that it’s running on. A maxSwap value must be set for the swappiness parameter to be used. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
    - shared_memory_size
      Type: INT32
      Provider name: sharedMemorySize
      Description: The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the –shm-size option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
    - swappiness
      Type: INT32
      Provider name: swappiness
      Description: You can use this parameter to tune a container’s memory swappiness behavior. A swappiness value of 0 causes swapping to not occur unless absolutely necessary. A swappiness value of 100 causes pages to be swapped aggressively. Valid values are whole numbers between 0 and 100. If the swappiness parameter isn’t specified, a default value of 60 is used. If a value isn’t specified for maxSwap, then this parameter is ignored. If maxSwap is set to 0, the container doesn’t use swap. This parameter maps to the –memory-swappiness option to docker run. Consider the following when you use a per-container swap configuration.
      - Swap space must be enabled and allocated on the container instance for the containers to use. By default, the Amazon ECS optimized AMIs don’t have swap enabled. You must enable swap on the instance to use this feature. For more information, see Instance store swap volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
      - The swap space parameters are only supported for job definitions using EC2 resources.
      - If the maxSwap and swappiness parameters are omitted from a job definition, each container has a default swappiness value of 60. Moreover, the total swap usage is limited to two times the memory reservation of the container.
      This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
    - tmpfs
      Type: UNORDERED_LIST_STRUCT
      Provider name: tmpfs
      Description: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the –tmpfs option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide this parameter for this resource type.
      - container_path
        Type: STRING
        Provider name: containerPath
        Description: The absolute file path in the container where the tmpfs volume is mounted.
      - mount_options
        Type: UNORDERED_LIST_STRING
        Provider name: mountOptions
        Description: The list of tmpfs volume mount options. Valid values: “defaults” | “ro” | “rw” | “suid” | “nosuid” | “dev” | “nodev” | “exec” | “noexec” | “sync” | “async” | “dirsync” | “remount” | “mand” | “nomand” | “atime” | “noatime” | “diratime” | “nodiratime” | “bind” | “rbind” | “unbindable” | “runbindable” | “private” | “rprivate” | “shared” | “rshared” | “slave” | “rslave” | “relatime” | “norelatime” | “strictatime” | “nostrictatime” | “mode” | “uid” | “gid” | “nr_inodes” | “nr_blocks” | “mpol"
      - size
        Type: INT32
        Provider name: size
        Description: The size (in MiB) of the tmpfs volume.
  - log_configuration
    Type: STRUCT
    Provider name: logConfiguration
    Description: The log configuration specification for the container. This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the –log-driver option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However the container can use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information about the options for different supported log drivers, see Configure logging drivers in the Docker documentation. Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version –format ‘{{.Server.APIVersion}}’ The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS container agent configuration in the Amazon Elastic Container Service Developer Guide.
    - log_driver
      Type: STRING
      Provider name: logDriver
      Description: The log driver to use for the container. The valid values that are listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default. The supported log drivers are awslogs, fluentd, gelf, json-file, journald, logentries, syslog, and splunk. Jobs that are running on Fargate resources are restricted to the awslogs and splunk log drivers.
      awslogs
      Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs log driver in the Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
      fluentd
      Specifies the Fluentd logging driver. For more information including usage and options, see Fluentd logging driver in the Docker documentation.
      gelf
      Specifies the Graylog Extended Format (GELF) logging driver. For more information including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
      journald
      Specifies the journald logging driver. For more information including usage and options, see Journald logging driver in the Docker documentation.
      json-file
      Specifies the JSON file logging driver. For more information including usage and options, see JSON File logging driver in the Docker documentation.
      splunk
      Specifies the Splunk logging driver. For more information including usage and options, see Splunk logging driver in the Docker documentation.
      syslog
      Specifies the syslog logging driver. For more information including usage and options, see Syslog logging driver in the Docker documentation.
      If you have a custom driver that’s not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that’s available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn’t currently support running modified copies of this software. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
    - options
      Type: MAP_STRING_STRING
      Provider name: options
      Description: The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
    - secret_options
      Type: UNORDERED_LIST_STRUCT
      Provider name: secretOptions
      Description: The secrets to pass to the log configuration. For more information, see Specifying sensitive data in the Batch User Guide.
      - name
        Type: STRING
        Provider name: name
        Description: The name of the secret.
      - value_from
        Type: STRING
        Provider name: valueFrom
        Description: The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store. If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Region as the job you’re launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
  - mount_points
    Type: UNORDERED_LIST_STRUCT
    Provider name: mountPoints
    Description: The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the –volume option to docker run. Windows containers can mount whole directories on the same drive as $env:ProgramData. Windows containers can’t mount directories on a different drive, and mount point can’t be across drives.
    - container_path
      Type: STRING
      Provider name: containerPath
      Description: The path on the container where the host volume is mounted.
    - read_only
      Type: BOOLEAN
      Provider name: readOnly
      Description: If this value is true, the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false.
    - source_volume
      Type: STRING
      Provider name: sourceVolume
      Description: The name of the volume to mount.
  - name
    Type: STRING
    Provider name: name
    Description: The name of a container. The name can be used as a unique identifier to target your dependsOn and Overrides objects.
  - privileged
    Type: BOOLEAN
    Provider name: privileged
    Description: When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the –privileged option to docker run. This parameter is not supported for Windows containers or tasks run on Fargate.
  - readonly_root_filesystem
    Type: BOOLEAN
    Provider name: readonlyRootFilesystem
    Description: When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the –read-only option to docker run. This parameter is not supported for Windows containers.
  - repository_credentials
    Type: STRUCT
    Provider name: repositoryCredentials
    Description: The private repository authentication credentials to use.
    - credentials_parameter
      Type: STRING
      Provider name: credentialsParameter
      Description: The Amazon Resource Name (ARN) of the secret containing the private repository credentials.
  - resource_requirements
    Type: UNORDERED_LIST_STRUCT
    Provider name: resourceRequirements
    Description: The type and amount of a resource to assign to a container. The only supported resource is a GPU.
    - type
      Type: STRING
      Provider name: type
      Description: The type of resource to assign to a container. The supported resources include GPU, MEMORY, and VCPU.
    - value
      Type: STRING
      Provider name: value
      Description: The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
      type=“GPU”
      The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn’t exceed the number of available GPUs on the compute resource that the job is launched on. GPUs aren’t available for jobs that are running on Fargate resources.
      type=“MEMORY”
      The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on Amazon EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the –memory option to docker run. You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the –memory option to docker run. If you’re trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory management in the Batch User Guide. For jobs that are running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
      value = 512
      VCPU = 0.25
      value = 1024
      VCPU = 0.25 or 0.5
      value = 2048
      VCPU = 0.25, 0.5, or 1
      value = 3072
      VCPU = 0.5, or 1
      value = 4096
      VCPU = 0.5, 1, or 2
      value = 5120, 6144, or 7168
      VCPU = 1 or 2
      value = 8192
      VCPU = 1, 2, or 4
      value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360
      VCPU = 2 or 4
      value = 16384
      VCPU = 2, 4, or 8
      value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720
      VCPU = 4
      value = 20480, 24576, or 28672
      VCPU = 4 or 8
      value = 36864, 45056, 53248, or 61440
      VCPU = 8
      value = 32768, 40960, 49152, or 57344
      VCPU = 8 or 16
      value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880
      VCPU = 16
      type=“VCPU”
      The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the –cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares. For Amazon EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once. The default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see Fargate quotas in the Amazon Web Services General Reference. For jobs that are running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16
      value = 0.25
      MEMORY = 512, 1024, or 2048
      value = 0.5
      MEMORY = 1024, 2048, 3072, or 4096
      value = 1
      MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
      value = 2
      MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
      value = 4
      MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
      value = 8
      MEMORY = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440
      value = 16
      MEMORY = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880
  - secrets
    Type: UNORDERED_LIST_STRUCT
    Provider name: secrets
    Description: The secrets to pass to the container. For more information, see Specifying Sensitive Data in the Amazon Elastic Container Service Developer Guide.
    - name
      Type: STRING
      Provider name: name
      Description: The name of the secret.
    - value_from
      Type: STRING
      Provider name: valueFrom
      Description: The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store. If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Region as the job you’re launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
  - ulimits
    Type: UNORDERED_LIST_STRUCT
    Provider name: ulimits
    Description: A list of ulimits to set in the container. If a ulimit value is specified in a task definition, it overrides the default values set by Docker. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the –ulimit option to docker run. Amazon ECS tasks hosted on Fargate use the default resource limit values set by the operating system with the exception of the nofile resource limit parameter which Fargate overrides. The nofile resource limit sets a restriction on the number of open files that a container can use. The default nofile soft limit is 1024 and the default hard limit is 65535. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version –format ‘{{.Server.APIVersion}}’ This parameter is not supported for Windows containers.
    - hard_limit
      Type: INT32
      Provider name: hardLimit
      Description: The hard limit for the ulimit type.
    - name
      Type: STRING
      Provider name: name
      Description: The type of the ulimit. Valid values are: core | cpu | data | fsize | locks | memlock | msgqueue | nice | nofile | nproc | rss | rtprio | rttime | sigpending | stack.
    - soft_limit
      Type: INT32
      Provider name: softLimit
      Description: The soft limit for the ulimit type.
  - user
    Type: STRING
    Provider name: user
    Description: The user to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the –user option to docker run. When running tasks using the host network mode, don’t run containers using the root user (UID 0). We recommend using a non-root user for better security. You can specify the user using the following formats. If specifying a UID or GID, you must specify it as a positive integer.
    - user
    - user:group
    - uid
    - uid:gid
    - user:gi
    - uid:group
    This parameter is not supported for Windows containers.
- ephemeral_storage
  Type: STRUCT
  Provider name: ephemeralStorage
  Description: The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on Fargate.
  - size_in_gib
    Type: INT32
    Provider name: sizeInGiB
    Description: The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is 21 GiB and the maximum supported value is 200 GiB.
- execution_role_arn
  Type: STRING
  Provider name: executionRoleArn
  Description: The Amazon Resource Name (ARN) of the execution role that Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see Batch execution IAM role in the Batch User Guide.
- ipc_mode
  Type: STRING
  Provider name: ipcMode
  Description: The IPC resource namespace to use for the containers in the task. The valid values are host, task, or none. If host is specified, all containers within the tasks that specified the host IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If task is specified, all containers within the specified task share the same IPC resources. If none is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see IPC settings in the Docker run reference.
- network_configuration
  Type: STRUCT
  Provider name: networkConfiguration
  Description: The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter.
  - assign_public_ip
    Type: STRING
    Provider name: assignPublicIp
    Description: Indicates whether the job has a public IP address. For a job that’s running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking in the Amazon Elastic Container Service Developer Guide. The default value is “DISABLED”.
- pid_mode
  Type: STRING
  Provider name: pidMode
  Description: The process namespace to use for the containers in the task. The valid values are host or task. For example, monitoring sidecars might need pidMode to access information about other containers running in the same task. If host is specified, all containers within the tasks that specified the host PID mode on the same container instance share the process namespace with the host Amazon EC2 instance. If task is specified, all containers within the specified task share the same process namespace. If no value is specified, the default is a private namespace for each container. For more information, see PID settings in the Docker run reference.
- platform_version
  Type: STRING
  Provider name: platformVersion
  Description: The Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources. If one isn’t specified, the LATEST platform version is used by default. This uses a recent, approved version of the Fargate platform for compute resources. For more information, see Fargate platform versions in the Amazon Elastic Container Service Developer Guide.
- runtime_platform
  Type: STRUCT
  Provider name: runtimePlatform
  Description: An object that represents the compute environment architecture for Batch jobs on Fargate.
  - cpu_architecture
    Type: STRING
    Provider name: cpuArchitecture
    Description: The vCPU architecture. The default value is X86_64. Valid values are X86_64 and ARM64. This parameter must be set to X86_64 for Windows containers. Fargate Spot is not supported for ARM64 and Windows-based containers on Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both FARGATE and FARGATE_SPOT compute environments to the same job queue.
  - operating_system_family
    Type: STRING
    Provider name: operatingSystemFamily
    Description: The operating system for the compute environment. Valid values are: LINUX (default), WINDOWS_SERVER_2019_CORE, WINDOWS_SERVER_2019_FULL, WINDOWS_SERVER_2022_CORE, and WINDOWS_SERVER_2022_FULL. The following parameters can’t be set for Windows containers: linuxParameters, privileged, user, ulimits, readonlyRootFilesystem, and efsVolumeConfiguration. The Batch Scheduler checks the compute environments that are attached to the job queue before registering a task definition with Fargate. In this scenario, the job queue is where the job is submitted. If the job requires a Windows container and the first compute environment is LINUX, the compute environment is skipped and the next compute environment is checked until a Windows-based compute environment is found. Fargate Spot is not supported for ARM64 and Windows-based containers on Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both FARGATE and FARGATE_SPOT compute environments to the same job queue.
- task_role_arn
  Type: STRING
  Provider name: taskRoleArn
  Description: The Amazon Resource Name (ARN) that’s associated with the Amazon ECS task. This is object is comparable to ContainerProperties:jobRoleArn.
- volumes
  Type: UNORDERED_LIST_STRUCT
  Provider name: volumes
  Description: A list of volumes that are associated with the job.
  - efs_volume_configuration
    Type: STRUCT
    Provider name: efsVolumeConfiguration
    Description: This parameter is specified when you’re using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a platformVersion of at least 1.4.0.
    - authorization_config
      Type: STRUCT
      Provider name: authorizationConfig
      Description: The authorization configuration details for the Amazon EFS file system.
      - access_point_id
        Type: STRING
        Provider name: accessPointId
        Description: The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration. For more information, see Working with Amazon EFS access points in the Amazon Elastic File System User Guide.
      - iam
        Type: STRING
        Provider name: iam
        Description: Whether or not to use the Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration. If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS access points in the Batch User Guide. EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
    - file_system_id
      Type: STRING
      Provider name: fileSystemId
      Description: The Amazon EFS file system ID to use.
    - root_directory
      Type: STRING
      Provider name: rootDirectory
      Description: The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying / has the same effect as omitting this parameter. The maximum length is 4,096 characters. If an EFS access point is specified in the authorizationConfig, the root directory parameter must either be omitted or set to /, which enforces the path set on the Amazon EFS access point.
    - transit_encryption
      Type: STRING
      Provider name: transitEncryption
      Description: Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide.
    - transit_encryption_port
      Type: INT32
      Provider name: transitEncryptionPort
      Description: The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don’t specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see EFS mount helper in the Amazon Elastic File System User Guide.
  - host
    Type: STRUCT
    Provider name: host
    Description: The contents of the host parameter determine whether your data volume persists on the host container instance and where it’s stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn’t guaranteed to persist after the containers that are associated with it stop running. This parameter isn’t applicable to jobs that are running on Fargate resources and shouldn’t be provided.
    - source_path
      Type: STRING
      Provider name: sourcePath
      Description: The path on the host container instance that’s presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn’t exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. This parameter isn’t applicable to jobs that run on Fargate resources. Don’t provide this for these jobs.
  - name
    Type: STRING
    Provider name: name
    Description: The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the sourceVolume parameter of container definition mountPoints.

`eks_properties`

Type: STRUCT
Provider name: eksProperties
Description: An object with properties that are specific to Amazon EKS-based jobs. When eksProperties is used in the job definition, it can’t be used in addition to containerProperties, ecsProperties, or nodeProperties.

pod_properties
Type: STRUCT
Provider name: podProperties
Description: The properties for the Kubernetes pod resources of a job.
- containers
  Type: UNORDERED_LIST_STRUCT
  Provider name: containers
  Description: The properties of the container that’s used on the Amazon EKS pod. This object is limited to 10 elements.
  - args
    Type: UNORDERED_LIST_STRING
    Provider name: args
    Description: An array of arguments to the entrypoint. If this isn’t specified, the CMD of the container image is used. This corresponds to the args member in the Entrypoint portion of the Pod in Kubernetes. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to “$(NAME1)” and the NAME1 environment variable doesn’t exist, the command string will remain “$(NAME1).” $$ is replaced with $, and the resulting string isn’t expanded. For example, $$(VAR_NAME) is passed as $(VAR_NAME) whether or not the VAR_NAME environment variable exists. For more information, see Dockerfile reference: CMD and Define a command and arguments for a pod in the Kubernetes documentation.
  - command
    Type: UNORDERED_LIST_STRING
    Provider name: command
    Description: The entrypoint for the container. This isn’t run within a shell. If this isn’t specified, the ENTRYPOINT of the container image is used. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to “$(NAME1)” and the NAME1 environment variable doesn’t exist, the command string will remain “$(NAME1).” $$ is replaced with $ and the resulting string isn’t expanded. For example, $$(VAR_NAME) will be passed as $(VAR_NAME) whether or not the VAR_NAME environment variable exists. The entrypoint can’t be updated. For more information, see ENTRYPOINT in the Dockerfile reference and Define a command and arguments for a container and Entrypoint in the Kubernetes documentation.
  - env
    Type: UNORDERED_LIST_STRUCT
    Provider name: env
    Description: The environment variables to pass to a container. Environment variables cannot start with “AWS_BATCH”. This naming convention is reserved for variables that Batch sets.
    - name
      Type: STRING
      Provider name: name
      Description: The name of the environment variable.
    - value
      Type: STRING
      Provider name: value
      Description: The value of the environment variable.
  - image
    Type: STRING
    Provider name: image
    Description: The Docker image used to start the container.
  - image_pull_policy
    Type: STRING
    Provider name: imagePullPolicy
    Description: The image pull policy for the container. Supported values are Always, IfNotPresent, and Never. This parameter defaults to IfNotPresent. However, if the :latest tag is specified, it defaults to Always. For more information, see Updating images in the Kubernetes documentation.
  - name
    Type: STRING
    Provider name: name
    Description: The name of the container. If the name isn’t specified, the default name “Default” is used. Each container in a pod must have a unique name.
  - resources
    Type: STRUCT
    Provider name: resources
    Description: The type and amount of resources to assign to a container. The supported resources include memory, cpu, and nvidia.com/gpu. For more information, see Resource management for pods and containers in the Kubernetes documentation.
    - limits
      Type: MAP_STRING_STRING
      Provider name: limits
      Description: The type and quantity of the resources to reserve for the container. The values vary based on the name that’s specified. Resources can be requested using either the limits or the requests objects.
      memory
      The memory hard limit (in MiB) for the container, using whole integers, with a “Mi” suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. memory can be specified in limits, requests, or both. If memory is specified in both places, then the value that’s specified in limits must be equal to the value that’s specified in requests. To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see Memory management in the Batch User Guide.
      cpu
      The number of CPUs that’s reserved for the container. Values must be an even multiple of 0.25. cpu can be specified in limits, requests, or both. If cpu is specified in both places, then the value that’s specified in limits must be at least as large as the value that’s specified in requests.
      nvidia.com/gpu
      The number of GPUs that’s reserved for the container. Values must be a whole integer. memory can be specified in limits, requests, or both. If memory is specified in both places, then the value that’s specified in limits must be equal to the value that’s specified in requests.
    - requests
      Type: MAP_STRING_STRING
      Provider name: requests
      Description: The type and quantity of the resources to request for the container. The values vary based on the name that’s specified. Resources can be requested by using either the limits or the requests objects.
      memory
      The memory hard limit (in MiB) for the container, using whole integers, with a “Mi” suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. memory can be specified in limits, requests, or both. If memory is specified in both, then the value that’s specified in limits must be equal to the value that’s specified in requests. If you’re trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory management in the Batch User Guide.
      cpu
      The number of CPUs that are reserved for the container. Values must be an even multiple of 0.25. cpu can be specified in limits, requests, or both. If cpu is specified in both, then the value that’s specified in limits must be at least as large as the value that’s specified in requests.
      nvidia.com/gpu
      The number of GPUs that are reserved for the container. Values must be a whole integer. nvidia.com/gpu can be specified in limits, requests, or both. If nvidia.com/gpu is specified in both, then the value that’s specified in limits must be equal to the value that’s specified in requests.
  - security_context
    Type: STRUCT
    Provider name: securityContext
    Description: The security context for a job. For more information, see Configure a security context for a pod or container in the Kubernetes documentation.
    - allow_privilege_escalation
      Type: BOOLEAN
      Provider name: allowPrivilegeEscalation
      Description: Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is false.
    - privileged
      Type: BOOLEAN
      Provider name: privileged
      Description: When this parameter is true, the container is given elevated permissions on the host container instance. The level of permissions are similar to the root user permissions. The default value is false. This parameter maps to privileged policy in the Privileged pod security policies in the Kubernetes documentation.
    - read_only_root_filesystem
      Type: BOOLEAN
      Provider name: readOnlyRootFilesystem
      Description: When this parameter is true, the container is given read-only access to its root file system. The default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and file systems pod security policies in the Kubernetes documentation.
    - run_as_group
      Type: INT64
      Provider name: runAsGroup
      Description: When this parameter is specified, the container is run as the specified group ID (gid). If this parameter isn’t specified, the default is the group that’s specified in the image metadata. This parameter maps to RunAsGroup and MustRunAs policy in the Users and groups pod security policies in the Kubernetes documentation.
    - run_as_non_root
      Type: BOOLEAN
      Provider name: runAsNonRoot
      Description: When this parameter is specified, the container is run as a user with a uid other than 0. If this parameter isn’t specified, so such rule is enforced. This parameter maps to RunAsUser and MustRunAsNonRoot policy in the Users and groups pod security policies in the Kubernetes documentation.
    - run_as_user
      Type: INT64
      Provider name: runAsUser
      Description: When this parameter is specified, the container is run as the specified user ID (uid). If this parameter isn’t specified, the default is the user that’s specified in the image metadata. This parameter maps to RunAsUser and MustRanAs policy in the Users and groups pod security policies in the Kubernetes documentation.
  - volume_mounts
    Type: UNORDERED_LIST_STRUCT
    Provider name: volumeMounts
    Description: The volume mounts for the container. Batch supports emptyDir, hostPath, and secret volume types. For more information about volumes and volume mounts in Kubernetes, see Volumes in the Kubernetes documentation.
    - mount_path
      Type: STRING
      Provider name: mountPath
      Description: The path on the container where the volume is mounted.
    - name
      Type: STRING
      Provider name: name
      Description: The name the volume mount. This must match the name of one of the volumes in the pod.
    - read_only
      Type: BOOLEAN
      Provider name: readOnly
      Description: If this value is true, the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false.
    - sub_path
      Type: STRING
      Provider name: subPath
      Description: A sub-path inside the referenced volume instead of its root.
- dns_policy
  Type: STRING
  Provider name: dnsPolicy
  Description: The DNS policy for the pod. The default value is ClusterFirst. If the hostNetwork parameter is not specified, the default is ClusterFirstWithHostNet. ClusterFirst indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see Pod’s DNS policy in the Kubernetes documentation. Valid values: Default | ClusterFirst | ClusterFirstWithHostNet
- host_network
  Type: BOOLEAN
  Provider name: hostNetwork
  Description: Indicates if the pod uses the hosts’ network IP address. The default value is true. Setting this to false enables the Kubernetes pod networking model. Most Batch workloads are egress-only and don’t require the overhead of IP allocation for each pod for incoming connections. For more information, see Host namespaces and Pod networking in the Kubernetes documentation.
- image_pull_secrets
  Type: UNORDERED_LIST_STRUCT
  Provider name: imagePullSecrets
  Description: References a Kubernetes secret resource. It holds a list of secrets. These secrets help to gain access to pull an images from a private registry. ImagePullSecret$name is required when this object is used.
  - name
    Type: STRING
    Provider name: name
    Description: Provides a unique identifier for the ImagePullSecret. This object is required when EksPodProperties$imagePullSecrets is used.
- init_containers
  Type: UNORDERED_LIST_STRUCT
  Provider name: initContainers
  Description: These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see Init Containers in the Kubernetes documentation. This object is limited to 10 elements.
  - args
    Type: UNORDERED_LIST_STRING
    Provider name: args
    Description: An array of arguments to the entrypoint. If this isn’t specified, the CMD of the container image is used. This corresponds to the args member in the Entrypoint portion of the Pod in Kubernetes. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to “$(NAME1)” and the NAME1 environment variable doesn’t exist, the command string will remain “$(NAME1).” $$ is replaced with $, and the resulting string isn’t expanded. For example, $$(VAR_NAME) is passed as $(VAR_NAME) whether or not the VAR_NAME environment variable exists. For more information, see Dockerfile reference: CMD and Define a command and arguments for a pod in the Kubernetes documentation.
  - command
    Type: UNORDERED_LIST_STRING
    Provider name: command
    Description: The entrypoint for the container. This isn’t run within a shell. If this isn’t specified, the ENTRYPOINT of the container image is used. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to “$(NAME1)” and the NAME1 environment variable doesn’t exist, the command string will remain “$(NAME1).” $$ is replaced with $ and the resulting string isn’t expanded. For example, $$(VAR_NAME) will be passed as $(VAR_NAME) whether or not the VAR_NAME environment variable exists. The entrypoint can’t be updated. For more information, see ENTRYPOINT in the Dockerfile reference and Define a command and arguments for a container and Entrypoint in the Kubernetes documentation.
  - env
    Type: UNORDERED_LIST_STRUCT
    Provider name: env
    Description: The environment variables to pass to a container. Environment variables cannot start with “AWS_BATCH”. This naming convention is reserved for variables that Batch sets.
    - name
      Type: STRING
      Provider name: name
      Description: The name of the environment variable.
    - value
      Type: STRING
      Provider name: value
      Description: The value of the environment variable.
  - image
    Type: STRING
    Provider name: image
    Description: The Docker image used to start the container.
  - image_pull_policy
    Type: STRING
    Provider name: imagePullPolicy
    Description: The image pull policy for the container. Supported values are Always, IfNotPresent, and Never. This parameter defaults to IfNotPresent. However, if the :latest tag is specified, it defaults to Always. For more information, see Updating images in the Kubernetes documentation.
  - name
    Type: STRING
    Provider name: name
    Description: The name of the container. If the name isn’t specified, the default name “Default” is used. Each container in a pod must have a unique name.
  - resources
    Type: STRUCT
    Provider name: resources
    Description: The type and amount of resources to assign to a container. The supported resources include memory, cpu, and nvidia.com/gpu. For more information, see Resource management for pods and containers in the Kubernetes documentation.
    - limits
      Type: MAP_STRING_STRING
      Provider name: limits
      Description: The type and quantity of the resources to reserve for the container. The values vary based on the name that’s specified. Resources can be requested using either the limits or the requests objects.
      memory
      The memory hard limit (in MiB) for the container, using whole integers, with a “Mi” suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. memory can be specified in limits, requests, or both. If memory is specified in both places, then the value that’s specified in limits must be equal to the value that’s specified in requests. To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see Memory management in the Batch User Guide.
      cpu
      The number of CPUs that’s reserved for the container. Values must be an even multiple of 0.25. cpu can be specified in limits, requests, or both. If cpu is specified in both places, then the value that’s specified in limits must be at least as large as the value that’s specified in requests.
      nvidia.com/gpu
      The number of GPUs that’s reserved for the container. Values must be a whole integer. memory can be specified in limits, requests, or both. If memory is specified in both places, then the value that’s specified in limits must be equal to the value that’s specified in requests.
    - requests
      Type: MAP_STRING_STRING
      Provider name: requests
      Description: The type and quantity of the resources to request for the container. The values vary based on the name that’s specified. Resources can be requested by using either the limits or the requests objects.
      memory
      The memory hard limit (in MiB) for the container, using whole integers, with a “Mi” suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. memory can be specified in limits, requests, or both. If memory is specified in both, then the value that’s specified in limits must be equal to the value that’s specified in requests. If you’re trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory management in the Batch User Guide.
      cpu
      The number of CPUs that are reserved for the container. Values must be an even multiple of 0.25. cpu can be specified in limits, requests, or both. If cpu is specified in both, then the value that’s specified in limits must be at least as large as the value that’s specified in requests.
      nvidia.com/gpu
      The number of GPUs that are reserved for the container. Values must be a whole integer. nvidia.com/gpu can be specified in limits, requests, or both. If nvidia.com/gpu is specified in both, then the value that’s specified in limits must be equal to the value that’s specified in requests.
  - security_context
    Type: STRUCT
    Provider name: securityContext
    Description: The security context for a job. For more information, see Configure a security context for a pod or container in the Kubernetes documentation.
    - allow_privilege_escalation
      Type: BOOLEAN
      Provider name: allowPrivilegeEscalation
      Description: Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is false.
    - privileged
      Type: BOOLEAN
      Provider name: privileged
      Description: When this parameter is true, the container is given elevated permissions on the host container instance. The level of permissions are similar to the root user permissions. The default value is false. This parameter maps to privileged policy in the Privileged pod security policies in the Kubernetes documentation.
    - read_only_root_filesystem
      Type: BOOLEAN
      Provider name: readOnlyRootFilesystem
      Description: When this parameter is true, the container is given read-only access to its root file system. The default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and file systems pod security policies in the Kubernetes documentation.
    - run_as_group
      Type: INT64
      Provider name: runAsGroup
      Description: When this parameter is specified, the container is run as the specified group ID (gid). If this parameter isn’t specified, the default is the group that’s specified in the image metadata. This parameter maps to RunAsGroup and MustRunAs policy in the Users and groups pod security policies in the Kubernetes documentation.
    - run_as_non_root
      Type: BOOLEAN
      Provider name: runAsNonRoot
      Description: When this parameter is specified, the container is run as a user with a uid other than 0. If this parameter isn’t specified, so such rule is enforced. This parameter maps to RunAsUser and MustRunAsNonRoot policy in the Users and groups pod security policies in the Kubernetes documentation.
    - run_as_user
      Type: INT64
      Provider name: runAsUser
      Description: When this parameter is specified, the container is run as the specified user ID (uid). If this parameter isn’t specified, the default is the user that’s specified in the image metadata. This parameter maps to RunAsUser and MustRanAs policy in the Users and groups pod security policies in the Kubernetes documentation.
  - volume_mounts
    Type: UNORDERED_LIST_STRUCT
    Provider name: volumeMounts
    Description: The volume mounts for the container. Batch supports emptyDir, hostPath, and secret volume types. For more information about volumes and volume mounts in Kubernetes, see Volumes in the Kubernetes documentation.
    - mount_path
      Type: STRING
      Provider name: mountPath
      Description: The path on the container where the volume is mounted.
    - name
      Type: STRING
      Provider name: name
      Description: The name the volume mount. This must match the name of one of the volumes in the pod.
    - read_only
      Type: BOOLEAN
      Provider name: readOnly
      Description: If this value is true, the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false.
    - sub_path
      Type: STRING
      Provider name: subPath
      Description: A sub-path inside the referenced volume instead of its root.
- metadata
  Type: STRUCT
  Provider name: metadata
  Description: Metadata about the Kubernetes pod. For more information, see Understanding Kubernetes Objects in the Kubernetes documentation.
  - annotations
    Type: MAP_STRING_STRING
    Provider name: annotations
    Description: Key-value pairs used to attach arbitrary, non-identifying metadata to Kubernetes objects. Valid annotation keys have two segments: an optional prefix and a name, separated by a slash (/).
    - The prefix is optional and must be 253 characters or less. If specified, the prefix must be a DNS subdomain− a series of DNS labels separated by dots (.), and it must end with a slash (/).
    - The name segment is required and must be 63 characters or less. It can include alphanumeric characters ([a-z0-9A-Z]), dashes (-), underscores (_), and dots (.), but must begin and end with an alphanumeric character.
    Annotation values must be 255 characters or less. Annotations can be added or modified at any time. Each resource can have multiple annotations.
  - labels
    Type: MAP_STRING_STRING
    Provider name: labels
    Description: Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object.
  - namespace
    Type: STRING
    Provider name: namespace
    Description: The namespace of the Amazon EKS cluster. In Kubernetes, namespaces provide a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. Batch places Batch Job pods in this namespace. If this field is provided, the value can’t be empty or null. It must meet the following requirements:
    - 1-63 characters long
    - Can’t be set to default
    - Can’t start with kube
    - Must match the following regular expression: ^a-z0-9?$
    For more information, see Namespaces in the Kubernetes documentation. This namespace can be different from the kubernetesNamespace set in the compute environment’s EksConfiguration, but must have identical role-based access control (RBAC) roles as the compute environment’s kubernetesNamespace. For multi-node parallel jobs, the same value must be provided across all the node ranges.
- service_account_name
  Type: STRING
  Provider name: serviceAccountName
  Description: The name of the service account that’s used to run the pod. For more information, see Kubernetes service accounts and Configure a Kubernetes service account to assume an IAM role in the Amazon EKS User Guide and Configure service accounts for pods in the Kubernetes documentation.
- share_process_namespace
  Type: BOOLEAN
  Provider name: shareProcessNamespace
  Description: Indicates if the processes in a container are shared, or visible, to other containers in the same pod. For more information, see Share Process Namespace between Containers in a Pod.
- volumes
  Type: UNORDERED_LIST_STRUCT
  Provider name: volumes
  Description: Specifies the volumes for a job definition that uses Amazon EKS resources.
  - empty_dir
    Type: STRUCT
    Provider name: emptyDir
    Description: Specifies the configuration of a Kubernetes emptyDir volume. For more information, see emptyDir in the Kubernetes documentation.
    - medium
      Type: STRING
      Provider name: medium
      Description: The medium to store the volume. The default value is an empty string, which uses the storage of the node.
      ”"
      (Default) Use the disk storage of the node.
      “Memory”
      Use the tmpfs volume that’s backed by the RAM of the node. Contents of the volume are lost when the node reboots, and any storage on the volume counts against the container’s memory limit.
    - size_limit
      Type: STRING
      Provider name: sizeLimit
      Description: The maximum size of the volume. By default, there’s no maximum size defined.
  - host_path
    Type: STRUCT
    Provider name: hostPath
    Description: Specifies the configuration of a Kubernetes hostPath volume. For more information, see hostPath in the Kubernetes documentation.
    - path
      Type: STRING
      Provider name: path
      Description: The path of the file or directory on the host to mount into containers on the pod.
  - name
    Type: STRING
    Provider name: name
    Description: The name of the volume. The name must be allowed as a DNS subdomain name. For more information, see DNS subdomain names in the Kubernetes documentation.
  - persistent_volume_claim
    Type: STRUCT
    Provider name: persistentVolumeClaim
    Description: Specifies the configuration of a Kubernetes persistentVolumeClaim bounded to a persistentVolume. For more information, see Persistent Volume Claims in the Kubernetes documentation.
    - claim_name
      Type: STRING
      Provider name: claimName
      Description: The name of the persistentVolumeClaim bounded to a persistentVolume. For more information, see Persistent Volume Claims in the Kubernetes documentation.
    - read_only
      Type: BOOLEAN
      Provider name: readOnly
      Description: An optional boolean value indicating if the mount is read only. Default is false. For more information, see Read Only Mounts in the Kubernetes documentation.
  - secret
    Type: STRUCT
    Provider name: secret
    Description: Specifies the configuration of a Kubernetes secret volume. For more information, see secret in the Kubernetes documentation.
    - optional
      Type: BOOLEAN
      Provider name: optional
      Description: Specifies whether the secret or the secret’s keys must be defined.
    - secret_name
      Type: STRING
      Provider name: secretName
      Description: The name of the secret. The name must be allowed as a DNS subdomain name. For more information, see DNS subdomain names in the Kubernetes documentation.

`job_definition_arn`

Type: STRING
Provider name: jobDefinitionArn
Description: The Amazon Resource Name (ARN) for the job definition.

`job_definition_name`

Type: STRING
Provider name: jobDefinitionName
Description: The name of the job definition.

`node_properties`

Type: STRUCT
Provider name: nodeProperties
Description: An object with properties that are specific to multi-node parallel jobs. When nodeProperties is used in the job definition, it can’t be used in addition to containerProperties, ecsProperties, or eksProperties. If the job runs on Fargate resources, don’t specify nodeProperties. Use containerProperties instead.

main_node
Type: INT32
Provider name: mainNode
Description: Specifies the node index for the main node of a multi-node parallel job. This node index value must be fewer than the number of nodes.
node_range_properties
Type: UNORDERED_LIST_STRUCT
Provider name: nodeRangeProperties
Description: A list of node ranges and their properties that are associated with a multi-node parallel job.
- consumable_resource_properties
  Type: STRUCT
  Provider name: consumableResourceProperties
  Description: Contains a list of consumable resources required by a job.
  - consumable_resource_list
    Type: UNORDERED_LIST_STRUCT
    Provider name: consumableResourceList
    Description: The list of consumable resources required by a job.
    - consumable_resource
      Type: STRING
      Provider name: consumableResource
      Description: The name or ARN of the consumable resource.
    - quantity
      Type: INT64
      Provider name: quantity
      Description: The quantity of the consumable resource that is needed.
- container
  Type: STRUCT
  Provider name: container
  Description: The container details for the node range.
  - command
    Type: UNORDERED_LIST_STRING
    Provider name: command
    Description: The command that’s passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see https://docs.docker.com/engine/reference/builder/#cmd.
  - environment
    Type: UNORDERED_LIST_STRUCT
    Provider name: environment
    Description: The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the –env option to docker run. We don’t recommend using plaintext environment variables for sensitive information, such as credential data. Environment variables cannot start with “AWS_BATCH”. This naming convention is reserved for variables that Batch sets.
    - name
      Type: STRING
      Provider name: name
      Description: The name of the key-value pair. For environment variables, this is the name of the environment variable.
    - value
      Type: STRING
      Provider name: value
      Description: The value of the key-value pair. For environment variables, this is the value of the environment variable.
  - ephemeral_storage
    Type: STRUCT
    Provider name: ephemeralStorage
    Description: The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on Fargate.
    - size_in_gib
      Type: INT32
      Provider name: sizeInGiB
      Description: The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is 21 GiB and the maximum supported value is 200 GiB.
  - execution_role_arn
    Type: STRING
    Provider name: executionRoleArn
    Description: The Amazon Resource Name (ARN) of the execution role that Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see Batch execution IAM role in the Batch User Guide.
  - fargate_platform_configuration
    Type: STRUCT
    Provider name: fargatePlatformConfiguration
    Description: The platform configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter.
    - platform_version
      Type: STRING
      Provider name: platformVersion
      Description: The Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources. If one isn’t specified, the LATEST platform version is used by default. This uses a recent, approved version of the Fargate platform for compute resources. For more information, see Fargate platform versions in the Amazon Elastic Container Service Developer Guide.
  - image
    Type: STRING
    Provider name: image
    Description: Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with repository-url/image:tag . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of docker run. Docker image architecture must match the processor architecture of the compute resources that they’re scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources.
    - Images in Amazon ECR Public repositories use the full registry/repository[:tag] or registry/repository[@digest] naming conventions. For example, public.ecr.aws/registry_alias/my-web-app:latest .
    - Images in Amazon ECR repositories use the full registry and repository URI (for example, 123456789012.dkr.ecr.<region-name>.amazonaws.com/<repository-name>).
    - Images in official repositories on Docker Hub use a single name (for example, ubuntu or mongo).
    - Images in other repositories on Docker Hub are qualified with an organization name (for example, amazon/amazon-ecs-agent).
    - Images in other online repositories are qualified further by a domain name (for example, quay.io/assemblyline/ubuntu).
  - instance_type
    Type: STRING
    Provider name: instanceType
    Description: The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type. This parameter isn’t applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn’t be provided.
  - job_role_arn
    Type: STRING
    Provider name: jobRoleArn
    Description: The Amazon Resource Name (ARN) of the IAM role that the container can assume for Amazon Web Services permissions. For more information, see IAM roles for tasks in the Amazon Elastic Container Service Developer Guide.
  - linux_parameters
    Type: STRUCT
    Provider name: linuxParameters
    Description: Linux-specific modifications that are applied to the container, such as details for device mappings.
    - devices
      Type: UNORDERED_LIST_STRUCT
      Provider name: devices
      Description: Any of the host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the –device option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
      - container_path
        Type: STRING
        Provider name: containerPath
        Description: The path inside the container that’s used to expose the host device. By default, the hostPath value is used.
      - host_path
        Type: STRING
        Provider name: hostPath
        Description: The path for the device on the host container instance.
      - permissions
        Type: UNORDERED_LIST_STRING
        Provider name: permissions
        Description: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.
    - init_process_enabled
      Type: BOOLEAN
      Provider name: initProcessEnabled
      Description: If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the –init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
    - max_swap
      Type: INT32
      Provider name: maxSwap
      Description: The total amount of swap memory (in MiB) a container can use. This parameter is translated to the –memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see –memory-swap details in the Docker documentation. If a maxSwap value of 0 is specified, the container doesn’t use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn’t use the swap configuration for the container instance that it’s running on. A maxSwap value must be set for the swappiness parameter to be used. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
    - shared_memory_size
      Type: INT32
      Provider name: sharedMemorySize
      Description: The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the –shm-size option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
    - swappiness
      Type: INT32
      Provider name: swappiness
      Description: You can use this parameter to tune a container’s memory swappiness behavior. A swappiness value of 0 causes swapping to not occur unless absolutely necessary. A swappiness value of 100 causes pages to be swapped aggressively. Valid values are whole numbers between 0 and 100. If the swappiness parameter isn’t specified, a default value of 60 is used. If a value isn’t specified for maxSwap, then this parameter is ignored. If maxSwap is set to 0, the container doesn’t use swap. This parameter maps to the –memory-swappiness option to docker run. Consider the following when you use a per-container swap configuration.
      - Swap space must be enabled and allocated on the container instance for the containers to use. By default, the Amazon ECS optimized AMIs don’t have swap enabled. You must enable swap on the instance to use this feature. For more information, see Instance store swap volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
      - The swap space parameters are only supported for job definitions using EC2 resources.
      - If the maxSwap and swappiness parameters are omitted from a job definition, each container has a default swappiness value of 60. Moreover, the total swap usage is limited to two times the memory reservation of the container.
      This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
    - tmpfs
      Type: UNORDERED_LIST_STRUCT
      Provider name: tmpfs
      Description: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the –tmpfs option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide this parameter for this resource type.
      - container_path
        Type: STRING
        Provider name: containerPath
        Description: The absolute file path in the container where the tmpfs volume is mounted.
      - mount_options
        Type: UNORDERED_LIST_STRING
        Provider name: mountOptions
        Description: The list of tmpfs volume mount options. Valid values: “defaults” | “ro” | “rw” | “suid” | “nosuid” | “dev” | “nodev” | “exec” | “noexec” | “sync” | “async” | “dirsync” | “remount” | “mand” | “nomand” | “atime” | “noatime” | “diratime” | “nodiratime” | “bind” | “rbind” | “unbindable” | “runbindable” | “private” | “rprivate” | “shared” | “rshared” | “slave” | “rslave” | “relatime” | “norelatime” | “strictatime” | “nostrictatime” | “mode” | “uid” | “gid” | “nr_inodes” | “nr_blocks” | “mpol"
      - size
        Type: INT32
        Provider name: size
        Description: The size (in MiB) of the tmpfs volume.
  - log_configuration
    Type: STRUCT
    Provider name: logConfiguration
    Description: The log configuration specification for the container. This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the –log-driver option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see Configure logging drivers in the Docker documentation. Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type). This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version” The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS container agent configuration in the Amazon Elastic Container Service Developer Guide.
    - log_driver
      Type: STRING
      Provider name: logDriver
      Description: The log driver to use for the container. The valid values that are listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default. The supported log drivers are awslogs, fluentd, gelf, json-file, journald, logentries, syslog, and splunk. Jobs that are running on Fargate resources are restricted to the awslogs and splunk log drivers.
      awslogs
      Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs log driver in the Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
      fluentd
      Specifies the Fluentd logging driver. For more information including usage and options, see Fluentd logging driver in the Docker documentation.
      gelf
      Specifies the Graylog Extended Format (GELF) logging driver. For more information including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
      journald
      Specifies the journald logging driver. For more information including usage and options, see Journald logging driver in the Docker documentation.
      json-file
      Specifies the JSON file logging driver. For more information including usage and options, see JSON File logging driver in the Docker documentation.
      splunk
      Specifies the Splunk logging driver. For more information including usage and options, see Splunk logging driver in the Docker documentation.
      syslog
      Specifies the syslog logging driver. For more information including usage and options, see Syslog logging driver in the Docker documentation.
      If you have a custom driver that’s not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that’s available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn’t currently support running modified copies of this software. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
    - options
      Type: MAP_STRING_STRING
      Provider name: options
      Description: The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
    - secret_options
      Type: UNORDERED_LIST_STRUCT
      Provider name: secretOptions
      Description: The secrets to pass to the log configuration. For more information, see Specifying sensitive data in the Batch User Guide.
      - name
        Type: STRING
        Provider name: name
        Description: The name of the secret.
      - value_from
        Type: STRING
        Provider name: valueFrom
        Description: The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store. If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Region as the job you’re launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
  - memory
    Type: INT32
    Provider name: memory
    Description: This parameter is deprecated, use resourceRequirements to specify the memory requirements for the job definition. It’s not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it’s terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once.
  - mount_points
    Type: UNORDERED_LIST_STRUCT
    Provider name: mountPoints
    Description: The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the –volume option to docker run.
    - container_path
      Type: STRING
      Provider name: containerPath
      Description: The path on the container where the host volume is mounted.
    - read_only
      Type: BOOLEAN
      Provider name: readOnly
      Description: If this value is true, the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false.
    - source_volume
      Type: STRING
      Provider name: sourceVolume
      Description: The name of the volume to mount.
  - network_configuration
    Type: STRUCT
    Provider name: networkConfiguration
    Description: The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter.
    - assign_public_ip
      Type: STRING
      Provider name: assignPublicIp
      Description: Indicates whether the job has a public IP address. For a job that’s running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking in the Amazon Elastic Container Service Developer Guide. The default value is “DISABLED”.
  - privileged
    Type: BOOLEAN
    Provider name: privileged
    Description: When this parameter is true, the container is given elevated permissions on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the –privileged option to docker run. The default value is false. This parameter isn’t applicable to jobs that are running on Fargate resources and shouldn’t be provided, or specified as false.
  - readonly_root_filesystem
    Type: BOOLEAN
    Provider name: readonlyRootFilesystem
    Description: When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the –read-only option to docker run.
  - repository_credentials
    Type: STRUCT
    Provider name: repositoryCredentials
    Description: The private repository authentication credentials to use.
    - credentials_parameter
      Type: STRING
      Provider name: credentialsParameter
      Description: The Amazon Resource Name (ARN) of the secret containing the private repository credentials.
  - resource_requirements
    Type: UNORDERED_LIST_STRUCT
    Provider name: resourceRequirements
    Description: The type and amount of resources to assign to a container. The supported resources include GPU, MEMORY, and VCPU.
    - type
      Type: STRING
      Provider name: type
      Description: The type of resource to assign to a container. The supported resources include GPU, MEMORY, and VCPU.
    - value
      Type: STRING
      Provider name: value
      Description: The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
      type=“GPU”
      The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn’t exceed the number of available GPUs on the compute resource that the job is launched on. GPUs aren’t available for jobs that are running on Fargate resources.
      type=“MEMORY”
      The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on Amazon EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the –memory option to docker run. You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the –memory option to docker run. If you’re trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory management in the Batch User Guide. For jobs that are running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
      value = 512
      VCPU = 0.25
      value = 1024
      VCPU = 0.25 or 0.5
      value = 2048
      VCPU = 0.25, 0.5, or 1
      value = 3072
      VCPU = 0.5, or 1
      value = 4096
      VCPU = 0.5, 1, or 2
      value = 5120, 6144, or 7168
      VCPU = 1 or 2
      value = 8192
      VCPU = 1, 2, or 4
      value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360
      VCPU = 2 or 4
      value = 16384
      VCPU = 2, 4, or 8
      value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720
      VCPU = 4
      value = 20480, 24576, or 28672
      VCPU = 4 or 8
      value = 36864, 45056, 53248, or 61440
      VCPU = 8
      value = 32768, 40960, 49152, or 57344
      VCPU = 8 or 16
      value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880
      VCPU = 16
      type=“VCPU”
      The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the –cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares. For Amazon EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once. The default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see Fargate quotas in the Amazon Web Services General Reference. For jobs that are running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16
      value = 0.25
      MEMORY = 512, 1024, or 2048
      value = 0.5
      MEMORY = 1024, 2048, 3072, or 4096
      value = 1
      MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
      value = 2
      MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
      value = 4
      MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
      value = 8
      MEMORY = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440
      value = 16
      MEMORY = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880
  - runtime_platform
    Type: STRUCT
    Provider name: runtimePlatform
    Description: An object that represents the compute environment architecture for Batch jobs on Fargate.
    - cpu_architecture
      Type: STRING
      Provider name: cpuArchitecture
      Description: The vCPU architecture. The default value is X86_64. Valid values are X86_64 and ARM64. This parameter must be set to X86_64 for Windows containers. Fargate Spot is not supported for ARM64 and Windows-based containers on Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both FARGATE and FARGATE_SPOT compute environments to the same job queue.
    - operating_system_family
      Type: STRING
      Provider name: operatingSystemFamily
      Description: The operating system for the compute environment. Valid values are: LINUX (default), WINDOWS_SERVER_2019_CORE, WINDOWS_SERVER_2019_FULL, WINDOWS_SERVER_2022_CORE, and WINDOWS_SERVER_2022_FULL. The following parameters can’t be set for Windows containers: linuxParameters, privileged, user, ulimits, readonlyRootFilesystem, and efsVolumeConfiguration. The Batch Scheduler checks the compute environments that are attached to the job queue before registering a task definition with Fargate. In this scenario, the job queue is where the job is submitted. If the job requires a Windows container and the first compute environment is LINUX, the compute environment is skipped and the next compute environment is checked until a Windows-based compute environment is found. Fargate Spot is not supported for ARM64 and Windows-based containers on Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both FARGATE and FARGATE_SPOT compute environments to the same job queue.
  - secrets
    Type: UNORDERED_LIST_STRUCT
    Provider name: secrets
    Description: The secrets for the container. For more information, see Specifying sensitive data in the Batch User Guide.
    - name
      Type: STRING
      Provider name: name
      Description: The name of the secret.
    - value_from
      Type: STRING
      Provider name: valueFrom
      Description: The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store. If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Region as the job you’re launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
  - ulimits
    Type: UNORDERED_LIST_STRUCT
    Provider name: ulimits
    Description: A list of ulimits to set in the container. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the –ulimit option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources and shouldn’t be provided.
    - hard_limit
      Type: INT32
      Provider name: hardLimit
      Description: The hard limit for the ulimit type.
    - name
      Type: STRING
      Provider name: name
      Description: The type of the ulimit. Valid values are: core | cpu | data | fsize | locks | memlock | msgqueue | nice | nofile | nproc | rss | rtprio | rttime | sigpending | stack.
    - soft_limit
      Type: INT32
      Provider name: softLimit
      Description: The soft limit for the ulimit type.
  - user
    Type: STRING
    Provider name: user
    Description: The user name to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the –user option to docker run.
  - vcpus
    Type: INT32
    Provider name: vcpus
    Description: This parameter is deprecated, use resourceRequirements to specify the vCPU requirements for the job definition. It’s not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job. Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the –cpu-shares option to docker run. The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node.
  - volumes
    Type: UNORDERED_LIST_STRUCT
    Provider name: volumes
    Description: A list of data volumes used in a job.
    - efs_volume_configuration
      Type: STRUCT
      Provider name: efsVolumeConfiguration
      Description: This parameter is specified when you’re using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a platformVersion of at least 1.4.0.
      - authorization_config
        Type: STRUCT
        Provider name: authorizationConfig
        Description: The authorization configuration details for the Amazon EFS file system.
        access_point_id
        Type: STRING
        Provider name: accessPointId
        Description: The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration. For more information, see Working with Amazon EFS access points in the Amazon Elastic File System User Guide.
        iam
        Type: STRING
        Provider name: iam
        Description: Whether or not to use the Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration. If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS access points in the Batch User Guide. EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
      - file_system_id
        Type: STRING
        Provider name: fileSystemId
        Description: The Amazon EFS file system ID to use.
      - root_directory
        Type: STRING
        Provider name: rootDirectory
        Description: The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying / has the same effect as omitting this parameter. The maximum length is 4,096 characters. If an EFS access point is specified in the authorizationConfig, the root directory parameter must either be omitted or set to /, which enforces the path set on the Amazon EFS access point.
      - transit_encryption
        Type: STRING
        Provider name: transitEncryption
        Description: Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide.
      - transit_encryption_port
        Type: INT32
        Provider name: transitEncryptionPort
        Description: The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don’t specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see EFS mount helper in the Amazon Elastic File System User Guide.
    - host
      Type: STRUCT
      Provider name: host
      Description: The contents of the host parameter determine whether your data volume persists on the host container instance and where it’s stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn’t guaranteed to persist after the containers that are associated with it stop running. This parameter isn’t applicable to jobs that are running on Fargate resources and shouldn’t be provided.
      - source_path
        Type: STRING
        Provider name: sourcePath
        Description: The path on the host container instance that’s presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn’t exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. This parameter isn’t applicable to jobs that run on Fargate resources. Don’t provide this for these jobs.
    - name
      Type: STRING
      Provider name: name
      Description: The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the sourceVolume parameter of container definition mountPoints.
- ecs_properties
  Type: STRUCT
  Provider name: ecsProperties
  Description: This is an object that represents the properties of the node range for a multi-node parallel job.
  - task_properties
    Type: UNORDERED_LIST_STRUCT
    Provider name: taskProperties
    Description: An object that contains the properties for the Amazon ECS task definition of a job. This object is currently limited to one task element. However, the task element can run up to 10 containers.
    - containers
      Type: UNORDERED_LIST_STRUCT
      Provider name: containers
      Description: This object is a list of containers.
      - command
        Type: UNORDERED_LIST_STRING
        Provider name: command
        Description: The command that’s passed to the container. This parameter maps to Cmd in the Create a container section of the Docker Remote API and the COMMAND parameter to docker run. For more information, see Dockerfile reference: CMD.
      - depends_on
        Type: UNORDERED_LIST_STRUCT
        Provider name: dependsOn
        Description: A list of containers that this container depends on.
        condition
        Type: STRING
        Provider name: condition
        Description: The dependency condition of the container. The following are the available conditions and their behavior:
        START - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start.
        COMPLETE - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can’t be set on an essential container.
        SUCCESS - This condition is the same as COMPLETE, but it also requires that the container exits with a zero status. This condition can’t be set on an essential container.
        container_name
        Type: STRING
        Provider name: containerName
        Description: A unique identifier for the container.
      - environment
        Type: UNORDERED_LIST_STRUCT
        Provider name: environment
        Description: The environment variables to pass to a container. This parameter maps to Env in the Create a container section of the Docker Remote API and the –env parameter to docker run. We don’t recommend using plaintext environment variables for sensitive information, such as credential data. Environment variables cannot start with AWS_BATCH. This naming convention is reserved for variables that Batch sets.
        name
        Type: STRING
        Provider name: name
        Description: The name of the key-value pair. For environment variables, this is the name of the environment variable.
        value
        Type: STRING
        Provider name: value
        Description: The value of the key-value pair. For environment variables, this is the value of the environment variable.
      - essential
        Type: BOOLEAN
        Provider name: essential
        Description: If the essential parameter of a container is marked as true, and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the essential parameter of a container is marked as false, its failure doesn’t affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential. All jobs must have at least one essential container. If you have an application that’s composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see Application Architecture in the Amazon Elastic Container Service Developer Guide.
      - image
        Type: STRING
        Provider name: image
        Description: The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either repository-url/image:tag or repository-url/image@digest. Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to Image in the Create a container section of the Docker Remote API and the IMAGE parameter of the docker run .
      - linux_parameters
        Type: STRUCT
        Provider name: linuxParameters
        Description: Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information, see KernelCapabilities.
        devices
        Type: UNORDERED_LIST_STRUCT
        Provider name: devices
        Description: Any of the host devices to expose to the container. This parameter maps to Devices in the Create a container section of the Docker Remote API and the –device option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
        container_path
        Type: STRING
        Provider name: containerPath
        Description: The path inside the container that’s used to expose the host device. By default, the hostPath value is used.
        host_path
        Type: STRING
        Provider name: hostPath
        Description: The path for the device on the host container instance.
        permissions
        Type: UNORDERED_LIST_STRING
        Provider name: permissions
        Description: The explicit permissions to provide to the container for the device. By default, the container has permissions for read, write, and mknod for the device.
        init_process_enabled
        Type: BOOLEAN
        Provider name: initProcessEnabled
        Description: If true, run an init process inside the container that forwards signals and reaps processes. This parameter maps to the –init option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
        max_swap
        Type: INT32
        Provider name: maxSwap
        Description: The total amount of swap memory (in MiB) a container can use. This parameter is translated to the –memory-swap option to docker run where the value is the sum of the container memory plus the maxSwap value. For more information, see –memory-swap details in the Docker documentation. If a maxSwap value of 0 is specified, the container doesn’t use swap. Accepted values are 0 or any positive integer. If the maxSwap parameter is omitted, the container doesn’t use the swap configuration for the container instance that it’s running on. A maxSwap value must be set for the swappiness parameter to be used. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
        shared_memory_size
        Type: INT32
        Provider name: sharedMemorySize
        Description: The value for the size (in MiB) of the /dev/shm volume. This parameter maps to the –shm-size option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
        swappiness
        Type: INT32
        Provider name: swappiness
        Description: You can use this parameter to tune a container’s memory swappiness behavior. A swappiness value of 0 causes swapping to not occur unless absolutely necessary. A swappiness value of 100 causes pages to be swapped aggressively. Valid values are whole numbers between 0 and 100. If the swappiness parameter isn’t specified, a default value of 60 is used. If a value isn’t specified for maxSwap, then this parameter is ignored. If maxSwap is set to 0, the container doesn’t use swap. This parameter maps to the –memory-swappiness option to docker run. Consider the following when you use a per-container swap configuration.
        Swap space must be enabled and allocated on the container instance for the containers to use. By default, the Amazon ECS optimized AMIs don’t have swap enabled. You must enable swap on the instance to use this feature. For more information, see Instance store swap volumes in the Amazon EC2 User Guide for Linux Instances or How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?
        The swap space parameters are only supported for job definitions using EC2 resources.
        If the maxSwap and swappiness parameters are omitted from a job definition, each container has a default swappiness value of 60. Moreover, the total swap usage is limited to two times the memory reservation of the container.
        This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide it for these jobs.
        tmpfs
        Type: UNORDERED_LIST_STRUCT
        Provider name: tmpfs
        Description: The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the –tmpfs option to docker run. This parameter isn’t applicable to jobs that are running on Fargate resources. Don’t provide this parameter for this resource type.
        container_path
        Type: STRING
        Provider name: containerPath
        Description: The absolute file path in the container where the tmpfs volume is mounted.
        mount_options
        Type: UNORDERED_LIST_STRING
        Provider name: mountOptions
        Description: The list of tmpfs volume mount options. Valid values: “defaults” | “ro” | “rw” | “suid” | “nosuid” | “dev” | “nodev” | “exec” | “noexec” | “sync” | “async” | “dirsync” | “remount” | “mand” | “nomand” | “atime” | “noatime” | “diratime” | “nodiratime” | “bind” | “rbind” | “unbindable” | “runbindable” | “private” | “rprivate” | “shared” | “rshared” | “slave” | “rslave” | “relatime” | “norelatime” | “strictatime” | “nostrictatime” | “mode” | “uid” | “gid” | “nr_inodes” | “nr_blocks” | “mpol"
        size
        Type: INT32
        Provider name: size
        Description: The size (in MiB) of the tmpfs volume.
      - log_configuration
        Type: STRUCT
        Provider name: logConfiguration
        Description: The log configuration specification for the container. This parameter maps to LogConfig in the Create a container section of the Docker Remote API and the –log-driver option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However the container can use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information about the options for different supported log drivers, see Configure logging drivers in the Docker documentation. Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the LogConfiguration data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version –format ‘{{.Server.APIVersion}}’ The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ECS_AVAILABLE_LOGGING_DRIVERS environment variable before containers placed on that instance can use these log configuration options. For more information, see Amazon ECS container agent configuration in the Amazon Elastic Container Service Developer Guide.
        log_driver
        Type: STRING
        Provider name: logDriver
        Description: The log driver to use for the container. The valid values that are listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default. The supported log drivers are awslogs, fluentd, gelf, json-file, journald, logentries, syslog, and splunk. Jobs that are running on Fargate resources are restricted to the awslogs and splunk log drivers.
        awslogs
        Specifies the Amazon CloudWatch Logs logging driver. For more information, see Using the awslogs log driver in the Batch User Guide and Amazon CloudWatch Logs logging driver in the Docker documentation.
        fluentd
        Specifies the Fluentd logging driver. For more information including usage and options, see Fluentd logging driver in the Docker documentation.
        gelf
        Specifies the Graylog Extended Format (GELF) logging driver. For more information including usage and options, see Graylog Extended Format logging driver in the Docker documentation.
        journald
        Specifies the journald logging driver. For more information including usage and options, see Journald logging driver in the Docker documentation.
        json-file
        Specifies the JSON file logging driver. For more information including usage and options, see JSON File logging driver in the Docker documentation.
        splunk
        Specifies the Splunk logging driver. For more information including usage and options, see Splunk logging driver in the Docker documentation.
        syslog
        Specifies the syslog logging driver. For more information including usage and options, see Syslog logging driver in the Docker documentation.
        If you have a custom driver that’s not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that’s available on GitHub and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn’t currently support running modified copies of this software. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
        options
        Type: MAP_STRING_STRING
        Provider name: options
        Description: The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version | grep “Server API version”
        secret_options
        Type: UNORDERED_LIST_STRUCT
        Provider name: secretOptions
        Description: The secrets to pass to the log configuration. For more information, see Specifying sensitive data in the Batch User Guide.
        name
        Type: STRING
        Provider name: name
        Description: The name of the secret.
        value_from
        Type: STRING
        Provider name: valueFrom
        Description: The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store. If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Region as the job you’re launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
      - mount_points
        Type: UNORDERED_LIST_STRUCT
        Provider name: mountPoints
        Description: The mount points for data volumes in your container. This parameter maps to Volumes in the Create a container section of the Docker Remote API and the –volume option to docker run. Windows containers can mount whole directories on the same drive as $env:ProgramData. Windows containers can’t mount directories on a different drive, and mount point can’t be across drives.
        container_path
        Type: STRING
        Provider name: containerPath
        Description: The path on the container where the host volume is mounted.
        read_only
        Type: BOOLEAN
        Provider name: readOnly
        Description: If this value is true, the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false.
        source_volume
        Type: STRING
        Provider name: sourceVolume
        Description: The name of the volume to mount.
      - name
        Type: STRING
        Provider name: name
        Description: The name of a container. The name can be used as a unique identifier to target your dependsOn and Overrides objects.
      - privileged
        Type: BOOLEAN
        Provider name: privileged
        Description: When this parameter is true, the container is given elevated privileges on the host container instance (similar to the root user). This parameter maps to Privileged in the Create a container section of the Docker Remote API and the –privileged option to docker run. This parameter is not supported for Windows containers or tasks run on Fargate.
      - readonly_root_filesystem
        Type: BOOLEAN
        Provider name: readonlyRootFilesystem
        Description: When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ReadonlyRootfs in the Create a container section of the Docker Remote API and the –read-only option to docker run. This parameter is not supported for Windows containers.
      - repository_credentials
        Type: STRUCT
        Provider name: repositoryCredentials
        Description: The private repository authentication credentials to use.
        credentials_parameter
        Type: STRING
        Provider name: credentialsParameter
        Description: The Amazon Resource Name (ARN) of the secret containing the private repository credentials.
      - resource_requirements
        Type: UNORDERED_LIST_STRUCT
        Provider name: resourceRequirements
        Description: The type and amount of a resource to assign to a container. The only supported resource is a GPU.
        type
        Type: STRING
        Provider name: type
        Description: The type of resource to assign to a container. The supported resources include GPU, MEMORY, and VCPU.
        value
        Type: STRING
        Provider name: value
        Description: The quantity of the specified resource to reserve for the container. The values vary based on the type specified.
        type=“GPU”
        The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn’t exceed the number of available GPUs on the compute resource that the job is launched on. GPUs aren’t available for jobs that are running on Fargate resources.
        type=“MEMORY”
        The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on Amazon EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to Memory in the Create a container section of the Docker Remote API and the –memory option to docker run. You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to Memory in the Create a container section of the Docker Remote API and the –memory option to docker run. If you’re trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory management in the Batch User Guide. For jobs that are running on Fargate resources, then value is the hard limit (in MiB), and must match one of the supported values and the VCPU values must be one of the values supported for that memory value.
        value = 512
        VCPU = 0.25
        value = 1024
        VCPU = 0.25 or 0.5
        value = 2048
        VCPU = 0.25, 0.5, or 1
        value = 3072
        VCPU = 0.5, or 1
        value = 4096
        VCPU = 0.5, 1, or 2
        value = 5120, 6144, or 7168
        VCPU = 1 or 2
        value = 8192
        VCPU = 1, 2, or 4
        value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360
        VCPU = 2 or 4
        value = 16384
        VCPU = 2, 4, or 8
        value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720
        VCPU = 4
        value = 20480, 24576, or 28672
        VCPU = 4 or 8
        value = 36864, 45056, 53248, or 61440
        VCPU = 8
        value = 32768, 40960, 49152, or 57344
        VCPU = 8 or 16
        value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880
        VCPU = 16
        type=“VCPU”
        The number of vCPUs reserved for the container. This parameter maps to CpuShares in the Create a container section of the Docker Remote API and the –cpu-shares option to docker run. Each vCPU is equivalent to 1,024 CPU shares. For Amazon EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once. The default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see Fargate quotas in the Amazon Web Services General Reference. For jobs that are running on Fargate resources, then value must match one of the supported values and the MEMORY values must be one of the values supported for that VCPU value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16
        value = 0.25
        MEMORY = 512, 1024, or 2048
        value = 0.5
        MEMORY = 1024, 2048, 3072, or 4096
        value = 1
        MEMORY = 2048, 3072, 4096, 5120, 6144, 7168, or 8192
        value = 2
        MEMORY = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384
        value = 4
        MEMORY = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720
        value = 8
        MEMORY = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440
        value = 16
        MEMORY = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880
      - secrets
        Type: UNORDERED_LIST_STRUCT
        Provider name: secrets
        Description: The secrets to pass to the container. For more information, see Specifying Sensitive Data in the Amazon Elastic Container Service Developer Guide.
        name
        Type: STRING
        Provider name: name
        Description: The name of the secret.
        value_from
        Type: STRING
        Provider name: valueFrom
        Description: The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store. If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Region as the job you’re launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified.
      - ulimits
        Type: UNORDERED_LIST_STRUCT
        Provider name: ulimits
        Description: A list of ulimits to set in the container. If a ulimit value is specified in a task definition, it overrides the default values set by Docker. This parameter maps to Ulimits in the Create a container section of the Docker Remote API and the –ulimit option to docker run. Amazon ECS tasks hosted on Fargate use the default resource limit values set by the operating system with the exception of the nofile resource limit parameter which Fargate overrides. The nofile resource limit sets a restriction on the number of open files that a container can use. The default nofile soft limit is 1024 and the default hard limit is 65535. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version –format ‘{{.Server.APIVersion}}’ This parameter is not supported for Windows containers.
        hard_limit
        Type: INT32
        Provider name: hardLimit
        Description: The hard limit for the ulimit type.
        name
        Type: STRING
        Provider name: name
        Description: The type of the ulimit. Valid values are: core | cpu | data | fsize | locks | memlock | msgqueue | nice | nofile | nproc | rss | rtprio | rttime | sigpending | stack.
        soft_limit
        Type: INT32
        Provider name: softLimit
        Description: The soft limit for the ulimit type.
      - user
        Type: STRING
        Provider name: user
        Description: The user to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the –user option to docker run. When running tasks using the host network mode, don’t run containers using the root user (UID 0). We recommend using a non-root user for better security. You can specify the user using the following formats. If specifying a UID or GID, you must specify it as a positive integer.
        user
        user:group
        uid
        uid:gid
        user:gi
        uid:group
        This parameter is not supported for Windows containers.
    - ephemeral_storage
      Type: STRUCT
      Provider name: ephemeralStorage
      Description: The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on Fargate.
      - size_in_gib
        Type: INT32
        Provider name: sizeInGiB
        Description: The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is 21 GiB and the maximum supported value is 200 GiB.
    - execution_role_arn
      Type: STRING
      Provider name: executionRoleArn
      Description: The Amazon Resource Name (ARN) of the execution role that Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see Batch execution IAM role in the Batch User Guide.
    - ipc_mode
      Type: STRING
      Provider name: ipcMode
      Description: The IPC resource namespace to use for the containers in the task. The valid values are host, task, or none. If host is specified, all containers within the tasks that specified the host IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. If task is specified, all containers within the specified task share the same IPC resources. If none is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance. If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see IPC settings in the Docker run reference.
    - network_configuration
      Type: STRUCT
      Provider name: networkConfiguration
      Description: The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter.
      - assign_public_ip
        Type: STRING
        Provider name: assignPublicIp
        Description: Indicates whether the job has a public IP address. For a job that’s running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see Amazon ECS task networking in the Amazon Elastic Container Service Developer Guide. The default value is “DISABLED”.
    - pid_mode
      Type: STRING
      Provider name: pidMode
      Description: The process namespace to use for the containers in the task. The valid values are host or task. For example, monitoring sidecars might need pidMode to access information about other containers running in the same task. If host is specified, all containers within the tasks that specified the host PID mode on the same container instance share the process namespace with the host Amazon EC2 instance. If task is specified, all containers within the specified task share the same process namespace. If no value is specified, the default is a private namespace for each container. For more information, see PID settings in the Docker run reference.
    - platform_version
      Type: STRING
      Provider name: platformVersion
      Description: The Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources. If one isn’t specified, the LATEST platform version is used by default. This uses a recent, approved version of the Fargate platform for compute resources. For more information, see Fargate platform versions in the Amazon Elastic Container Service Developer Guide.
    - runtime_platform
      Type: STRUCT
      Provider name: runtimePlatform
      Description: An object that represents the compute environment architecture for Batch jobs on Fargate.
      - cpu_architecture
        Type: STRING
        Provider name: cpuArchitecture
        Description: The vCPU architecture. The default value is X86_64. Valid values are X86_64 and ARM64. This parameter must be set to X86_64 for Windows containers. Fargate Spot is not supported for ARM64 and Windows-based containers on Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both FARGATE and FARGATE_SPOT compute environments to the same job queue.
      - operating_system_family
        Type: STRING
        Provider name: operatingSystemFamily
        Description: The operating system for the compute environment. Valid values are: LINUX (default), WINDOWS_SERVER_2019_CORE, WINDOWS_SERVER_2019_FULL, WINDOWS_SERVER_2022_CORE, and WINDOWS_SERVER_2022_FULL. The following parameters can’t be set for Windows containers: linuxParameters, privileged, user, ulimits, readonlyRootFilesystem, and efsVolumeConfiguration. The Batch Scheduler checks the compute environments that are attached to the job queue before registering a task definition with Fargate. In this scenario, the job queue is where the job is submitted. If the job requires a Windows container and the first compute environment is LINUX, the compute environment is skipped and the next compute environment is checked until a Windows-based compute environment is found. Fargate Spot is not supported for ARM64 and Windows-based containers on Fargate. A job queue will be blocked if a Fargate ARM64 or Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both FARGATE and FARGATE_SPOT compute environments to the same job queue.
    - task_role_arn
      Type: STRING
      Provider name: taskRoleArn
      Description: The Amazon Resource Name (ARN) that’s associated with the Amazon ECS task. This is object is comparable to ContainerProperties:jobRoleArn.
    - volumes
      Type: UNORDERED_LIST_STRUCT
      Provider name: volumes
      Description: A list of volumes that are associated with the job.
      - efs_volume_configuration
        Type: STRUCT
        Provider name: efsVolumeConfiguration
        Description: This parameter is specified when you’re using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a platformVersion of at least 1.4.0.
        authorization_config
        Type: STRUCT
        Provider name: authorizationConfig
        Description: The authorization configuration details for the Amazon EFS file system.
        access_point_id
        Type: STRING
        Provider name: accessPointId
        Description: The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the EFSVolumeConfiguration must either be omitted or set to / which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the EFSVolumeConfiguration. For more information, see Working with Amazon EFS access points in the Amazon Elastic File System User Guide.
        iam
        Type: STRING
        Provider name: iam
        Description: Whether or not to use the Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the EFSVolumeConfiguration. If this parameter is omitted, the default value of DISABLED is used. For more information, see Using Amazon EFS access points in the Batch User Guide. EFS IAM authorization requires that TransitEncryption be ENABLED and that a JobRoleArn is specified.
        file_system_id
        Type: STRING
        Provider name: fileSystemId
        Description: The Amazon EFS file system ID to use.
        root_directory
        Type: STRING
        Provider name: rootDirectory
        Description: The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying / has the same effect as omitting this parameter. The maximum length is 4,096 characters. If an EFS access point is specified in the authorizationConfig, the root directory parameter must either be omitted or set to /, which enforces the path set on the Amazon EFS access point.
        transit_encryption
        Type: STRING
        Provider name: transitEncryption
        Description: Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of DISABLED is used. For more information, see Encrypting data in transit in the Amazon Elastic File System User Guide.
        transit_encryption_port
        Type: INT32
        Provider name: transitEncryptionPort
        Description: The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don’t specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see EFS mount helper in the Amazon Elastic File System User Guide.
      - host
        Type: STRUCT
        Provider name: host
        Description: The contents of the host parameter determine whether your data volume persists on the host container instance and where it’s stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn’t guaranteed to persist after the containers that are associated with it stop running. This parameter isn’t applicable to jobs that are running on Fargate resources and shouldn’t be provided.
        source_path
        Type: STRING
        Provider name: sourcePath
        Description: The path on the host container instance that’s presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn’t exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. This parameter isn’t applicable to jobs that run on Fargate resources. Don’t provide this for these jobs.
      - name
        Type: STRING
        Provider name: name
        Description: The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the sourceVolume parameter of container definition mountPoints.
- eks_properties
  Type: STRUCT
  Provider name: eksProperties
  Description: This is an object that represents the properties of the node range for a multi-node parallel job.
  - pod_properties
    Type: STRUCT
    Provider name: podProperties
    Description: The properties for the Kubernetes pod resources of a job.
    - containers
      Type: UNORDERED_LIST_STRUCT
      Provider name: containers
      Description: The properties of the container that’s used on the Amazon EKS pod. This object is limited to 10 elements.
      - args
        Type: UNORDERED_LIST_STRING
        Provider name: args
        Description: An array of arguments to the entrypoint. If this isn’t specified, the CMD of the container image is used. This corresponds to the args member in the Entrypoint portion of the Pod in Kubernetes. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to “$(NAME1)” and the NAME1 environment variable doesn’t exist, the command string will remain “$(NAME1).” $$ is replaced with $, and the resulting string isn’t expanded. For example, $$(VAR_NAME) is passed as $(VAR_NAME) whether or not the VAR_NAME environment variable exists. For more information, see Dockerfile reference: CMD and Define a command and arguments for a pod in the Kubernetes documentation.
      - command
        Type: UNORDERED_LIST_STRING
        Provider name: command
        Description: The entrypoint for the container. This isn’t run within a shell. If this isn’t specified, the ENTRYPOINT of the container image is used. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to “$(NAME1)” and the NAME1 environment variable doesn’t exist, the command string will remain “$(NAME1).” $$ is replaced with $ and the resulting string isn’t expanded. For example, $$(VAR_NAME) will be passed as $(VAR_NAME) whether or not the VAR_NAME environment variable exists. The entrypoint can’t be updated. For more information, see ENTRYPOINT in the Dockerfile reference and Define a command and arguments for a container and Entrypoint in the Kubernetes documentation.
      - env
        Type: UNORDERED_LIST_STRUCT
        Provider name: env
        Description: The environment variables to pass to a container. Environment variables cannot start with “AWS_BATCH”. This naming convention is reserved for variables that Batch sets.
        name
        Type: STRING
        Provider name: name
        Description: The name of the environment variable.
        value
        Type: STRING
        Provider name: value
        Description: The value of the environment variable.
      - image
        Type: STRING
        Provider name: image
        Description: The Docker image used to start the container.
      - image_pull_policy
        Type: STRING
        Provider name: imagePullPolicy
        Description: The image pull policy for the container. Supported values are Always, IfNotPresent, and Never. This parameter defaults to IfNotPresent. However, if the :latest tag is specified, it defaults to Always. For more information, see Updating images in the Kubernetes documentation.
      - name
        Type: STRING
        Provider name: name
        Description: The name of the container. If the name isn’t specified, the default name “Default” is used. Each container in a pod must have a unique name.
      - resources
        Type: STRUCT
        Provider name: resources
        Description: The type and amount of resources to assign to a container. The supported resources include memory, cpu, and nvidia.com/gpu. For more information, see Resource management for pods and containers in the Kubernetes documentation.
        limits
        Type: MAP_STRING_STRING
        Provider name: limits
        Description: The type and quantity of the resources to reserve for the container. The values vary based on the name that’s specified. Resources can be requested using either the limits or the requests objects.
        memory
        The memory hard limit (in MiB) for the container, using whole integers, with a “Mi” suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. memory can be specified in limits, requests, or both. If memory is specified in both places, then the value that’s specified in limits must be equal to the value that’s specified in requests. To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see Memory management in the Batch User Guide.
        cpu
        The number of CPUs that’s reserved for the container. Values must be an even multiple of 0.25. cpu can be specified in limits, requests, or both. If cpu is specified in both places, then the value that’s specified in limits must be at least as large as the value that’s specified in requests.
        nvidia.com/gpu
        The number of GPUs that’s reserved for the container. Values must be a whole integer. memory can be specified in limits, requests, or both. If memory is specified in both places, then the value that’s specified in limits must be equal to the value that’s specified in requests.
        
        requests
        Type: MAP_STRING_STRING
        Provider name: requests
        Description: The type and quantity of the resources to request for the container. The values vary based on the name that’s specified. Resources can be requested by using either the limits or the requests objects.
        memory
        The memory hard limit (in MiB) for the container, using whole integers, with a “Mi” suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. memory can be specified in limits, requests, or both. If memory is specified in both, then the value that’s specified in limits must be equal to the value that’s specified in requests. If you’re trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory management in the Batch User Guide.
        cpu
        The number of CPUs that are reserved for the container. Values must be an even multiple of 0.25. cpu can be specified in limits, requests, or both. If cpu is specified in both, then the value that’s specified in limits must be at least as large as the value that’s specified in requests.
        nvidia.com/gpu
        The number of GPUs that are reserved for the container. Values must be a whole integer. nvidia.com/gpu can be specified in limits, requests, or both. If nvidia.com/gpu is specified in both, then the value that’s specified in limits must be equal to the value that’s specified in requests.
      - security_context
        Type: STRUCT
        Provider name: securityContext
        Description: The security context for a job. For more information, see Configure a security context for a pod or container in the Kubernetes documentation.
        allow_privilege_escalation
        Type: BOOLEAN
        Provider name: allowPrivilegeEscalation
        Description: Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is false.
        privileged
        Type: BOOLEAN
        Provider name: privileged
        Description: When this parameter is true, the container is given elevated permissions on the host container instance. The level of permissions are similar to the root user permissions. The default value is false. This parameter maps to privileged policy in the Privileged pod security policies in the Kubernetes documentation.
        read_only_root_filesystem
        Type: BOOLEAN
        Provider name: readOnlyRootFilesystem
        Description: When this parameter is true, the container is given read-only access to its root file system. The default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and file systems pod security policies in the Kubernetes documentation.
        run_as_group
        Type: INT64
        Provider name: runAsGroup
        Description: When this parameter is specified, the container is run as the specified group ID (gid). If this parameter isn’t specified, the default is the group that’s specified in the image metadata. This parameter maps to RunAsGroup and MustRunAs policy in the Users and groups pod security policies in the Kubernetes documentation.
        run_as_non_root
        Type: BOOLEAN
        Provider name: runAsNonRoot
        Description: When this parameter is specified, the container is run as a user with a uid other than 0. If this parameter isn’t specified, so such rule is enforced. This parameter maps to RunAsUser and MustRunAsNonRoot policy in the Users and groups pod security policies in the Kubernetes documentation.
        run_as_user
        Type: INT64
        Provider name: runAsUser
        Description: When this parameter is specified, the container is run as the specified user ID (uid). If this parameter isn’t specified, the default is the user that’s specified in the image metadata. This parameter maps to RunAsUser and MustRanAs policy in the Users and groups pod security policies in the Kubernetes documentation.
      - volume_mounts
        Type: UNORDERED_LIST_STRUCT
        Provider name: volumeMounts
        Description: The volume mounts for the container. Batch supports emptyDir, hostPath, and secret volume types. For more information about volumes and volume mounts in Kubernetes, see Volumes in the Kubernetes documentation.
        mount_path
        Type: STRING
        Provider name: mountPath
        Description: The path on the container where the volume is mounted.
        name
        Type: STRING
        Provider name: name
        Description: The name the volume mount. This must match the name of one of the volumes in the pod.
        read_only
        Type: BOOLEAN
        Provider name: readOnly
        Description: If this value is true, the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false.
        sub_path
        Type: STRING
        Provider name: subPath
        Description: A sub-path inside the referenced volume instead of its root.
    - dns_policy
      Type: STRING
      Provider name: dnsPolicy
      Description: The DNS policy for the pod. The default value is ClusterFirst. If the hostNetwork parameter is not specified, the default is ClusterFirstWithHostNet. ClusterFirst indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see Pod’s DNS policy in the Kubernetes documentation. Valid values: Default | ClusterFirst | ClusterFirstWithHostNet
    - host_network
      Type: BOOLEAN
      Provider name: hostNetwork
      Description: Indicates if the pod uses the hosts’ network IP address. The default value is true. Setting this to false enables the Kubernetes pod networking model. Most Batch workloads are egress-only and don’t require the overhead of IP allocation for each pod for incoming connections. For more information, see Host namespaces and Pod networking in the Kubernetes documentation.
    - image_pull_secrets
      Type: UNORDERED_LIST_STRUCT
      Provider name: imagePullSecrets
      Description: References a Kubernetes secret resource. It holds a list of secrets. These secrets help to gain access to pull an images from a private registry. ImagePullSecret$name is required when this object is used.
      - name
        Type: STRING
        Provider name: name
        Description: Provides a unique identifier for the ImagePullSecret. This object is required when EksPodProperties$imagePullSecrets is used.
    - init_containers
      Type: UNORDERED_LIST_STRUCT
      Provider name: initContainers
      Description: These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see Init Containers in the Kubernetes documentation. This object is limited to 10 elements.
      - args
        Type: UNORDERED_LIST_STRING
        Provider name: args
        Description: An array of arguments to the entrypoint. If this isn’t specified, the CMD of the container image is used. This corresponds to the args member in the Entrypoint portion of the Pod in Kubernetes. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to “$(NAME1)” and the NAME1 environment variable doesn’t exist, the command string will remain “$(NAME1).” $$ is replaced with $, and the resulting string isn’t expanded. For example, $$(VAR_NAME) is passed as $(VAR_NAME) whether or not the VAR_NAME environment variable exists. For more information, see Dockerfile reference: CMD and Define a command and arguments for a pod in the Kubernetes documentation.
      - command
        Type: UNORDERED_LIST_STRING
        Provider name: command
        Description: The entrypoint for the container. This isn’t run within a shell. If this isn’t specified, the ENTRYPOINT of the container image is used. Environment variable references are expanded using the container’s environment. If the referenced environment variable doesn’t exist, the reference in the command isn’t changed. For example, if the reference is to “$(NAME1)” and the NAME1 environment variable doesn’t exist, the command string will remain “$(NAME1).” $$ is replaced with $ and the resulting string isn’t expanded. For example, $$(VAR_NAME) will be passed as $(VAR_NAME) whether or not the VAR_NAME environment variable exists. The entrypoint can’t be updated. For more information, see ENTRYPOINT in the Dockerfile reference and Define a command and arguments for a container and Entrypoint in the Kubernetes documentation.
      - env
        Type: UNORDERED_LIST_STRUCT
        Provider name: env
        Description: The environment variables to pass to a container. Environment variables cannot start with “AWS_BATCH”. This naming convention is reserved for variables that Batch sets.
        name
        Type: STRING
        Provider name: name
        Description: The name of the environment variable.
        value
        Type: STRING
        Provider name: value
        Description: The value of the environment variable.
      - image
        Type: STRING
        Provider name: image
        Description: The Docker image used to start the container.
      - image_pull_policy
        Type: STRING
        Provider name: imagePullPolicy
        Description: The image pull policy for the container. Supported values are Always, IfNotPresent, and Never. This parameter defaults to IfNotPresent. However, if the :latest tag is specified, it defaults to Always. For more information, see Updating images in the Kubernetes documentation.
      - name
        Type: STRING
        Provider name: name
        Description: The name of the container. If the name isn’t specified, the default name “Default” is used. Each container in a pod must have a unique name.
      - resources
        Type: STRUCT
        Provider name: resources
        Description: The type and amount of resources to assign to a container. The supported resources include memory, cpu, and nvidia.com/gpu. For more information, see Resource management for pods and containers in the Kubernetes documentation.
        limits
        Type: MAP_STRING_STRING
        Provider name: limits
        Description: The type and quantity of the resources to reserve for the container. The values vary based on the name that’s specified. Resources can be requested using either the limits or the requests objects.
        memory
        The memory hard limit (in MiB) for the container, using whole integers, with a “Mi” suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. memory can be specified in limits, requests, or both. If memory is specified in both places, then the value that’s specified in limits must be equal to the value that’s specified in requests. To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see Memory management in the Batch User Guide.
        cpu
        The number of CPUs that’s reserved for the container. Values must be an even multiple of 0.25. cpu can be specified in limits, requests, or both. If cpu is specified in both places, then the value that’s specified in limits must be at least as large as the value that’s specified in requests.
        nvidia.com/gpu
        The number of GPUs that’s reserved for the container. Values must be a whole integer. memory can be specified in limits, requests, or both. If memory is specified in both places, then the value that’s specified in limits must be equal to the value that’s specified in requests.
        
        requests
        Type: MAP_STRING_STRING
        Provider name: requests
        Description: The type and quantity of the resources to request for the container. The values vary based on the name that’s specified. Resources can be requested by using either the limits or the requests objects.
        memory
        The memory hard limit (in MiB) for the container, using whole integers, with a “Mi” suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. memory can be specified in limits, requests, or both. If memory is specified in both, then the value that’s specified in limits must be equal to the value that’s specified in requests. If you’re trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see Memory management in the Batch User Guide.
        cpu
        The number of CPUs that are reserved for the container. Values must be an even multiple of 0.25. cpu can be specified in limits, requests, or both. If cpu is specified in both, then the value that’s specified in limits must be at least as large as the value that’s specified in requests.
        nvidia.com/gpu
        The number of GPUs that are reserved for the container. Values must be a whole integer. nvidia.com/gpu can be specified in limits, requests, or both. If nvidia.com/gpu is specified in both, then the value that’s specified in limits must be equal to the value that’s specified in requests.
      - security_context
        Type: STRUCT
        Provider name: securityContext
        Description: The security context for a job. For more information, see Configure a security context for a pod or container in the Kubernetes documentation.
        allow_privilege_escalation
        Type: BOOLEAN
        Provider name: allowPrivilegeEscalation
        Description: Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is false.
        privileged
        Type: BOOLEAN
        Provider name: privileged
        Description: When this parameter is true, the container is given elevated permissions on the host container instance. The level of permissions are similar to the root user permissions. The default value is false. This parameter maps to privileged policy in the Privileged pod security policies in the Kubernetes documentation.
        read_only_root_filesystem
        Type: BOOLEAN
        Provider name: readOnlyRootFilesystem
        Description: When this parameter is true, the container is given read-only access to its root file system. The default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and file systems pod security policies in the Kubernetes documentation.
        run_as_group
        Type: INT64
        Provider name: runAsGroup
        Description: When this parameter is specified, the container is run as the specified group ID (gid). If this parameter isn’t specified, the default is the group that’s specified in the image metadata. This parameter maps to RunAsGroup and MustRunAs policy in the Users and groups pod security policies in the Kubernetes documentation.
        run_as_non_root
        Type: BOOLEAN
        Provider name: runAsNonRoot
        Description: When this parameter is specified, the container is run as a user with a uid other than 0. If this parameter isn’t specified, so such rule is enforced. This parameter maps to RunAsUser and MustRunAsNonRoot policy in the Users and groups pod security policies in the Kubernetes documentation.
        run_as_user
        Type: INT64
        Provider name: runAsUser
        Description: When this parameter is specified, the container is run as the specified user ID (uid). If this parameter isn’t specified, the default is the user that’s specified in the image metadata. This parameter maps to RunAsUser and MustRanAs policy in the Users and groups pod security policies in the Kubernetes documentation.
      - volume_mounts
        Type: UNORDERED_LIST_STRUCT
        Provider name: volumeMounts
        Description: The volume mounts for the container. Batch supports emptyDir, hostPath, and secret volume types. For more information about volumes and volume mounts in Kubernetes, see Volumes in the Kubernetes documentation.
        mount_path
        Type: STRING
        Provider name: mountPath
        Description: The path on the container where the volume is mounted.
        name
        Type: STRING
        Provider name: name
        Description: The name the volume mount. This must match the name of one of the volumes in the pod.
        read_only
        Type: BOOLEAN
        Provider name: readOnly
        Description: If this value is true, the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is false.
        sub_path
        Type: STRING
        Provider name: subPath
        Description: A sub-path inside the referenced volume instead of its root.
    - metadata
      Type: STRUCT
      Provider name: metadata
      Description: Metadata about the Kubernetes pod. For more information, see Understanding Kubernetes Objects in the Kubernetes documentation.
      - annotations
        Type: MAP_STRING_STRING
        Provider name: annotations
        Description: Key-value pairs used to attach arbitrary, non-identifying metadata to Kubernetes objects. Valid annotation keys have two segments: an optional prefix and a name, separated by a slash (/).
        The prefix is optional and must be 253 characters or less. If specified, the prefix must be a DNS subdomain− a series of DNS labels separated by dots (.), and it must end with a slash (/).
        The name segment is required and must be 63 characters or less. It can include alphanumeric characters ([a-z0-9A-Z]), dashes (-), underscores (_), and dots (.), but must begin and end with an alphanumeric character.
        Annotation values must be 255 characters or less. Annotations can be added or modified at any time. Each resource can have multiple annotations.
      - labels
        Type: MAP_STRING_STRING
        Provider name: labels
        Description: Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object.
      - namespace
        Type: STRING
        Provider name: namespace
        Description: The namespace of the Amazon EKS cluster. In Kubernetes, namespaces provide a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. Batch places Batch Job pods in this namespace. If this field is provided, the value can’t be empty or null. It must meet the following requirements:
        1-63 characters long
        Can’t be set to default
        Can’t start with kube
        Must match the following regular expression: ^a-z0-9?$
        For more information, see Namespaces in the Kubernetes documentation. This namespace can be different from the kubernetesNamespace set in the compute environment’s EksConfiguration, but must have identical role-based access control (RBAC) roles as the compute environment’s kubernetesNamespace. For multi-node parallel jobs, the same value must be provided across all the node ranges.
    - service_account_name
      Type: STRING
      Provider name: serviceAccountName
      Description: The name of the service account that’s used to run the pod. For more information, see Kubernetes service accounts and Configure a Kubernetes service account to assume an IAM role in the Amazon EKS User Guide and Configure service accounts for pods in the Kubernetes documentation.
    - share_process_namespace
      Type: BOOLEAN
      Provider name: shareProcessNamespace
      Description: Indicates if the processes in a container are shared, or visible, to other containers in the same pod. For more information, see Share Process Namespace between Containers in a Pod.
    - volumes
      Type: UNORDERED_LIST_STRUCT
      Provider name: volumes
      Description: Specifies the volumes for a job definition that uses Amazon EKS resources.
      - empty_dir
        Type: STRUCT
        Provider name: emptyDir
        Description: Specifies the configuration of a Kubernetes emptyDir volume. For more information, see emptyDir in the Kubernetes documentation.
        medium
        Type: STRING
        Provider name: medium
        Description: The medium to store the volume. The default value is an empty string, which uses the storage of the node.
        ”"
        (Default) Use the disk storage of the node.
        “Memory”
        Use the tmpfs volume that’s backed by the RAM of the node. Contents of the volume are lost when the node reboots, and any storage on the volume counts against the container’s memory limit.
        
        size_limit
        Type: STRING
        Provider name: sizeLimit
        Description: The maximum size of the volume. By default, there’s no maximum size defined.
      - host_path
        Type: STRUCT
        Provider name: hostPath
        Description: Specifies the configuration of a Kubernetes hostPath volume. For more information, see hostPath in the Kubernetes documentation.
        path
        Type: STRING
        Provider name: path
        Description: The path of the file or directory on the host to mount into containers on the pod.
      - name
        Type: STRING
        Provider name: name
        Description: The name of the volume. The name must be allowed as a DNS subdomain name. For more information, see DNS subdomain names in the Kubernetes documentation.
      - persistent_volume_claim
        Type: STRUCT
        Provider name: persistentVolumeClaim
        Description: Specifies the configuration of a Kubernetes persistentVolumeClaim bounded to a persistentVolume. For more information, see Persistent Volume Claims in the Kubernetes documentation.
        claim_name
        Type: STRING
        Provider name: claimName
        Description: The name of the persistentVolumeClaim bounded to a persistentVolume. For more information, see Persistent Volume Claims in the Kubernetes documentation.
        read_only
        Type: BOOLEAN
        Provider name: readOnly
        Description: An optional boolean value indicating if the mount is read only. Default is false. For more information, see Read Only Mounts in the Kubernetes documentation.
      - secret
        Type: STRUCT
        Provider name: secret
        Description: Specifies the configuration of a Kubernetes secret volume. For more information, see secret in the Kubernetes documentation.
        optional
        Type: BOOLEAN
        Provider name: optional
        Description: Specifies whether the secret or the secret’s keys must be defined.
        secret_name
        Type: STRING
        Provider name: secretName
        Description: The name of the secret. The name must be allowed as a DNS subdomain name. For more information, see DNS subdomain names in the Kubernetes documentation.
- instance_types
  Type: UNORDERED_LIST_STRING
  Provider name: instanceTypes
  Description: The instance types of the underlying host infrastructure of a multi-node parallel job. This parameter isn’t applicable to jobs that are running on Fargate resources. In addition, this list object is currently limited to one element.
- target_nodes
  Type: STRING
  Provider name: targetNodes
  Description: The range of nodes, using node index values. A range of 0:3 indicates nodes with index values of 0 through 3. If the starting range value is omitted (:n), then 0 is used to start the range. If the ending range value is omitted (n:), then the highest possible node index is used to end the range. Your accumulative node ranges must account for all nodes (0:n). You can nest node ranges (for example, 0:10 and 4:5). In this case, the 4:5 range properties override the 0:10 properties.
num_nodes
Type: INT32
Provider name: numNodes
Description: The number of nodes that are associated with a multi-node parallel job.

`parameters`

Type: MAP_STRING_STRING
Provider name: parameters
Description: Default parameters or parameter substitution placeholders that are set in the job definition. Parameters are specified as a key-value pair mapping. Parameters in a SubmitJob request override any corresponding parameter defaults from the job definition. For more information about specifying parameters, see Job definition parameters in the Batch User Guide.

`platform_capabilities`

Type: UNORDERED_LIST_STRING
Provider name: platformCapabilities
Description: The platform capabilities required by the job definition. If no value is specified, it defaults to EC2. Jobs run on Fargate resources specify FARGATE.

`propagate_tags`

Type: BOOLEAN
Provider name: propagateTags
Description: Specifies whether to propagate the tags from the job or job definition to the corresponding Amazon ECS task. If no value is specified, the tags aren’t propagated. Tags can only be propagated to the tasks when the tasks are created. For tags with the same name, job tags are given priority over job definitions tags. If the total number of combined tags from the job and job definition is over 50, the job is moved to the FAILED state.

`retry_strategy`

Type: STRUCT
Provider name: retryStrategy
Description: The retry strategy to use for failed jobs that are submitted with this job definition.

attempts
Type: INT32
Provider name: attempts
Description: The number of times to move a job to the RUNNABLE status. You can specify between 1 and 10 attempts. If the value of attempts is greater than one, the job is retried on failure the same number of attempts as the value.
evaluate_on_exit
Type: UNORDERED_LIST_STRUCT
Provider name: evaluateOnExit
Description: Array of up to 5 objects that specify the conditions where jobs are retried or failed. If this parameter is specified, then the attempts parameter must also be specified. If none of the listed conditions match, then the job is retried.
- action
  Type: STRING
  Provider name: action
  Description: Specifies the action to take if all of the specified conditions (onStatusReason, onReason, and onExitCode) are met. The values aren’t case sensitive.
- on_exit_code
  Type: STRING
  Provider name: onExitCode
  Description: Contains a glob pattern to match against the decimal representation of the ExitCode returned for a job. The pattern can be up to 512 characters long. It can contain only numbers, and can end with an asterisk (*) so that only the start of the string needs to be an exact match. The string can contain up to 512 characters.
- on_reason
  Type: STRING
  Provider name: onReason
  Description: Contains a glob pattern to match against the Reason returned for a job. The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.), colons (:), and white space (including spaces and tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.
- on_status_reason
  Type: STRING
  Provider name: onStatusReason
  Description: Contains a glob pattern to match against the StatusReason returned for a job. The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.), colons (:), and white spaces (including spaces or tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match.

`revision`

Type: INT32
Provider name: revision
Description: The revision of the job definition.

`scheduling_priority`

Type: INT32
Provider name: schedulingPriority
Description: The scheduling priority of the job definition. This only affects jobs in job queues with a fair share policy. Jobs with a higher scheduling priority are scheduled before jobs with a lower scheduling priority.

`status`

Type: STRING
Provider name: status
Description: The status of the job definition.

`tags`

Type: UNORDERED_LIST_STRING

`timeout`

Type: STRUCT
Provider name: timeout
Description: The timeout time for jobs that are submitted with this job definition. After the amount of time you specify passes, Batch terminates your jobs if they aren’t finished.

attempt_duration_seconds
Type: INT32
Provider name: attemptDurationSeconds
Description: The job timeout time (in seconds) that’s measured from the job attempt’s startedAt timestamp. After this time passes, Batch terminates your jobs if they aren’t finished. The minimum value for the timeout is 60 seconds. For array jobs, the timeout applies to the child jobs, not to the parent array job. For multi-node parallel (MNP) jobs, the timeout applies to the whole job, not to the individual nodes.

`type`

Type: STRING
Provider name: type
Description: The type of job definition. It’s either container or multinode. If the job is run on Fargate resources, then multinode isn’t supported. For more information about multi-node parallel jobs, see Creating a multi-node parallel job definition in the Batch User Guide.