feat(batch-alpha): tag instances launched from your managed CEs

packages/@aws-cdk/aws-batch-alpha/lib/managed-compute-environment.ts

@@ -337,6 +337,14 @@ export interface IManagedEc2EcsComputeEnvironment extends IManagedComputeEnviron
  */
  readonly placementGroup?: ec2.IPlacementGroup;
 
+ /**
+ * Key-value pair tags to be applied to EC2 resources that are launched in the compute environment.
+ * These tags aren't seen when using the AWS Batch ListTagsForResource API operation.
+ *
+ * @default - no instance tags
+ */
+ readonly instanceTags: { [key: string]: string };
+
  /**
  * Add an instance type to this compute environment
  */
@@ -346,6 +354,11 @@ export interface IManagedEc2EcsComputeEnvironment extends IManagedComputeEnviron
  * Add an instance class to this compute environment
  */
  addInstanceClass(instanceClass: ec2.InstanceClass): void;
+
+ /**
+ * Add an instance tag to this compute environment
+ */
+ addInstanceTag(key: string, value: string): void;
 }
 
 /**
@@ -569,6 +582,14 @@ export interface ManagedEc2EcsComputeEnvironmentProps extends ManagedComputeEnvi
  * @default - no placement group
  */
  readonly placementGroup?: ec2.IPlacementGroup;
+
+ /**
+ * Key-value pair tags to be applied to EC2 resources that are launched in the compute environment.
+ * These tags aren't seen when using the AWS Batch ListTagsForResource API operation.
+ *
+ * @default - no instance tags
+ */
+ readonly instanceTags?: { [key: string]: string };
 }
 
 /**
@@ -592,6 +613,7 @@ export class ManagedEc2EcsComputeEnvironment extends ManagedComputeEnvironmentBa
  public readonly enabled = true;
  public readonly instanceClasses = [];
  public readonly instanceTypes = [];
+ public readonly instanceTags = {};
  public readonly maxvCpus = 1;
  public readonly connections = { } as any;
  public readonly securityGroups = [];
@@ -602,6 +624,9 @@ export class ManagedEc2EcsComputeEnvironment extends ManagedComputeEnvironmentBa
  public addInstanceType(_instanceType: ec2.InstanceType): void {
  throw new Error(`cannot add instance type to imported ComputeEnvironment '${id}'`);
  }
+ public addInstanceTag(_instanceTagKey: string, _instanceTagValue: string): void {
+ throw new Error(`cannot add instance tag to imported ComputeEnvironment '${id}'`);
+ }
  }
 
  return new Import(scope, id);
@@ -619,6 +644,7 @@ export class ManagedEc2EcsComputeEnvironment extends ManagedComputeEnvironmentBa
  public readonly launchTemplate?: ec2.ILaunchTemplate;
  public readonly minvCpus?: number;
  public readonly placementGroup?: ec2.IPlacementGroup;
+ public readonly instanceTags: { [key: string]: string };
 
  private readonly instanceProfile: iam.CfnInstanceProfile;
 
@@ -645,6 +671,7 @@ export class ManagedEc2EcsComputeEnvironment extends ManagedComputeEnvironmentBa
  this.launchTemplate = props.launchTemplate;
  this.minvCpus = props.minvCpus ?? DEFAULT_MIN_VCPUS;
  this.placementGroup = props.placementGroup;
+ this.instanceTags = props.instanceTags ?? {};
 
  validateVCpus(id, this.minvCpus, this.maxvCpus);
  validateSpotConfig(id, this.spot, this.spotBidPercentage, this.spotFleetRole);
@@ -694,6 +721,10 @@ export class ManagedEc2EcsComputeEnvironment extends ManagedComputeEnvironmentBa
  public addInstanceClass(instanceClass: ec2.InstanceClass): void {
  this.instanceClasses.push(instanceClass);
  }
+
+ public addInstanceTag(key: string, value: string): void {
+ this.instanceTags[key] = value;
+ }
 }
 
 /**
@@ -807,6 +838,14 @@ interface IManagedEc2EksComputeEnvironment extends IManagedComputeEnvironment {
  */
  readonly placementGroup?: ec2.IPlacementGroup;
 
+ /**
+ * Key-value pair tags to be applied to EC2 resources that are launched in the compute environment.
+ * These tags aren't seen when using the AWS Batch ListTagsForResource API operation.
+ *
+ * @default - no instance tags
+ */
+ readonly instanceTags?: { [key: string]: string };
+
  /**
  * Add an instance type to this compute environment
  */
@@ -816,6 +855,11 @@ interface IManagedEc2EksComputeEnvironment extends IManagedComputeEnvironment {
  * Add an instance class to this compute environment
  */
  addInstanceClass(instanceClass: ec2.InstanceClass): void;
+
+ /**
+ * Add an instance tag to this compute environment
+ */
+ addInstanceTag(key: string, value: string): void;
 }
 
 /**
@@ -942,6 +986,14 @@ export interface ManagedEc2EksComputeEnvironmentProps extends ManagedComputeEnvi
  * @default - no placement group
  */
  readonly placementGroup?: ec2.IPlacementGroup;
+
+ /**
+ * Key-value pair tags to be applied to EC2 resources that are launched in the compute environment.
+ * These tags aren't seen when using the AWS Batch ListTagsForResource API operation.
+ *
+ * @default - no instance tags
+ */
+ readonly instanceTags?: { [key: string]: string };
 }
 
 /**
@@ -965,6 +1017,7 @@ export class ManagedEc2EksComputeEnvironment extends ManagedComputeEnvironmentBa
  public readonly launchTemplate?: ec2.ILaunchTemplate;
  public readonly minvCpus?: number;
  public readonly placementGroup?: ec2.IPlacementGroup;
+ public readonly instanceTags: { [key: string]: string };
 
  private readonly instanceProfile: iam.CfnInstanceProfile;
 
@@ -990,6 +1043,7 @@ export class ManagedEc2EksComputeEnvironment extends ManagedComputeEnvironmentBa
  this.launchTemplate = props.launchTemplate;
  this.minvCpus = props.minvCpus ?? DEFAULT_MIN_VCPUS;
  this.placementGroup = props.placementGroup;
+ this.instanceTags = props.instanceTags ?? {};
 
  validateVCpus(id, this.minvCpus, this.maxvCpus);
  validateSpotConfig(id, this.spot, this.spotBidPercentage);
@@ -1040,6 +1094,10 @@ export class ManagedEc2EksComputeEnvironment extends ManagedComputeEnvironmentBa
  public addInstanceClass(instanceClass: ec2.InstanceClass): void {
  this.instanceClasses.push(instanceClass);
  }
+
+ public addInstanceTag(key: string, value: string): void {
+ this.instanceTags[key] = value;
+ }
 }
 
 /**

packages/@aws-cdk/aws-batch-alpha/test/integ.managed-compute-environment.js.snapshot/batch-stack.assets.json

@@ -1,15 +1,15 @@
 {
  "version": "31.0.0",
  "files": {
- "f47b7d60111f82dad5c04d0bef76e1b62fe75dc319951520566c9d9bce188d10": {
+ "c8c954792912d6b8c536b91ed5e20a6de81e0b06cb012c43fe79a8b782108b32": {
  "source": {
  "path": "batch-stack.template.json",
  "packaging": "file"
  },
  "destinations": {
  "current_account-current_region": {
  "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
- "objectKey": "f47b7d60111f82dad5c04d0bef76e1b62fe75dc319951520566c9d9bce188d10.json",
+ "objectKey": "c8c954792912d6b8c536b91ed5e20a6de81e0b06cb012c43fe79a8b782108b32.json",
  "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
  }
  }

packages/@aws-cdk/aws-batch-alpha/test/integ.managed-compute-environment.js.snapshot/batch-stack.template.json

@@ -882,6 +882,112 @@
  "State": "ENABLED",
  "UpdatePolicy": {}
  }
+ },
+ "taggedCESecurityGroup82CCF59F": {
+ "Type": "AWS::EC2::SecurityGroup",
+ "Properties": {
+ "GroupDescription": "batch-stack/taggedCE/SecurityGroup",
+ "SecurityGroupEgress": [
+ {
+ "CidrIp": "0.0.0.0/0",
+ "Description": "Allow all outbound traffic by default",
+ "IpProtocol": "-1"
+ }
+ ],
+ "VpcId": {
+ "Ref": "vpcA2121C38"
+ }
+ }
+ },
+ "taggedCEInstanceProfileRoleC239DAF9": {
+ "Type": "AWS::IAM::Role",
+ "Properties": {
+ "AssumeRolePolicyDocument": {
+ "Statement": [
+ {
+ "Action": "sts:AssumeRole",
+ "Effect": "Allow",
+ "Principal": {
+ "Service": "ec2.amazonaws.com"
+ }
+ }
+ ],
+ "Version": "2012-10-17"
+ },
+ "ManagedPolicyArns": [
+ {
+ "Fn::Join": [
+ "",
+ [
+ "arn:",
+ {
+ "Ref": "AWS::Partition"
+ },
+ ":iam::aws:policy/service-role/AmazonEC2ContainerServiceforEC2Role"
+ ]
+ ]
+ }
+ ]
+ }
+ },
+ "taggedCEInstanceProfileB29F2197": {
+ "Type": "AWS::IAM::InstanceProfile",
+ "Properties": {
+ "Roles": [
+ {
+ "Ref": "taggedCEInstanceProfileRoleC239DAF9"
+ }
+ ]
+ }
+ },
+ "taggedCE5029E6F8": {
+ "Type": "AWS::Batch::ComputeEnvironment",
+ "Properties": {
+ "Type": "managed",
+ "ComputeResources": {
+ "AllocationStrategy": "BEST_FIT_PROGRESSIVE",
+ "Ec2Configuration": [
+ {
+ "ImageIdOverride": {
+ "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestamznamihvmx8664gp2C96584B6F00A464EAD1953AFF4B05118Parameter"
+ },
+ "ImageType": "ECS_AL2"
+ }
+ ],
+ "InstanceRole": {
+ "Fn::GetAtt": [
+ "taggedCEInstanceProfileB29F2197",
+ "Arn"
+ ]
+ },
+ "InstanceTypes": [
+ "optimal"
+ ],
+ "MaxvCpus": 256,
+ "MinvCpus": 0,
+ "SecurityGroupIds": [
+ {
+ "Fn::GetAtt": [
+ "taggedCESecurityGroup82CCF59F",
+ "GroupId"
+ ]
+ }
+ ],
+ "Subnets": [
+ {
+ "Ref": "vpcPrivateSubnet1Subnet934893E8"
+ },
+ {
+ "Ref": "vpcPrivateSubnet2Subnet7031C2BA"
+ }
+ ],
+ "Type": "EC2",
+ "UpdateToLatestImageVersion": true
+ },
+ "ReplaceComputeEnvironment": false,
+ "State": "ENABLED",
+ "UpdatePolicy": {}
+ }
  }
  },
  "Parameters": {

packages/@aws-cdk/aws-batch-alpha/test/integ.managed-compute-environment.js.snapshot/manifest.json

@@ -17,7 +17,7 @@
  "validateOnSynth": false,
  "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
  "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
- "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/f47b7d60111f82dad5c04d0bef76e1b62fe75dc319951520566c9d9bce188d10.json",
+ "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/c8c954792912d6b8c536b91ed5e20a6de81e0b06cb012c43fe79a8b782108b32.json",
  "requiresBootstrapStackVersion": 6,
  "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
  "additionalDependencies": [
@@ -291,34 +291,40 @@
  "data": "SpotEc2A0470C83"
  }
  ],
- "/batch-stack/BootstrapVersion": [
+ "/batch-stack/taggedCE/SecurityGroup/Resource": [
  {
  "type": "aws:cdk:logicalId",
- "data": "BootstrapVersion"
+ "data": "taggedCESecurityGroup82CCF59F"
  }
  ],
- "/batch-stack/CheckBootstrapVersion": [
+ "/batch-stack/taggedCE/InstanceProfileRole/Resource": [
  {
  "type": "aws:cdk:logicalId",
- "data": "CheckBootstrapVersion"
+ "data": "taggedCEInstanceProfileRoleC239DAF9"
+ }
+ ],
+ "/batch-stack/taggedCE/InstanceProfile": [
+ {
+ "type": "aws:cdk:logicalId",
+ "data": "taggedCEInstanceProfileB29F2197"
  }
  ],
- "minimalPropsFargate8E9B9556": [
+ "/batch-stack/taggedCE/Resource": [
  {
  "type": "aws:cdk:logicalId",
- "data": "minimalPropsFargate8E9B9556",
- "trace": [
- "!!DESTRUCTIVE_CHANGES: WILL_DESTROY"
- ]
+ "data": "taggedCE5029E6F8"
  }
  ],
- "maximalPropsFargateA2E688D8": [
+ "/batch-stack/BootstrapVersion": [
+ {
+ "type": "aws:cdk:logicalId",
+ "data": "BootstrapVersion"
+ }
+ ],
+ "/batch-stack/CheckBootstrapVersion": [
  {
  "type": "aws:cdk:logicalId",
- "data": "maximalPropsFargateA2E688D8",
- "trace": [
- "!!DESTRUCTIVE_CHANGES: WILL_DESTROY"
- ]
+ "data": "CheckBootstrapVersion"
  }
  ]
  },