{"id":13998229,"url":"https://github.com/buildkite/elastic-ci-stack-for-aws","last_synced_at":"2026-04-08T11:02:15.895Z","repository":{"id":32893973,"uuid":"36488517","full_name":"buildkite/elastic-ci-stack-for-aws","owner":"buildkite","description":"An auto-scaling cluster of build agents running in your own AWS VPC","archived":false,"fork":false,"pushed_at":"2026-04-08T03:29:08.000Z","size":5245,"stargazers_count":436,"open_issues_count":60,"forks_count":292,"subscribers_count":29,"default_branch":"main","last_synced_at":"2026-04-08T05:21:40.722Z","etag":null,"topics":["aws","buildkite","buildkite-agent-orchestration","continuous-delivery","continuous-deployment","continuous-integration","docker"],"latest_commit_sha":null,"homepage":"https://buildkite.com/docs/agent/self-hosted/aws/elastic-ci-stack","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/buildkite.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":null,"code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2015-05-29T07:28:16.000Z","updated_at":"2026-04-08T03:29:15.000Z","dependencies_parsed_at":"2026-02-12T09:00:58.784Z","dependency_job_id":null,"html_url":"https://github.com/buildkite/elastic-ci-stack-for-aws","commit_stats":{"total_commits":2229,"total_committers":159,"mean_commits":"14.018867924528301","dds":0.6083445491251682,"last_synced_commit":"606723d0dbee41f153ded7e4e53ef4971ab773ca"},"previous_names":[],"tags_count":190,"template":false,"template_full_name":null,"purl":"pkg:github/buildkite/elastic-ci-stack-for-aws","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buildkite%2Felastic-ci-stack-for-aws","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buildkite%2Felastic-ci-stack-for-aws/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buildkite%2Felastic-ci-stack-for-aws/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buildkite%2Felastic-ci-stack-for-aws/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/buildkite","download_url":"https://codeload.github.com/buildkite/elastic-ci-stack-for-aws/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/buildkite%2Felastic-ci-stack-for-aws/sbom","scorecard":{"id":257730,"data":{"date":"2025-08-11","repo":{"name":"github.com/buildkite/elastic-ci-stack-for-aws","commit":"0071d9a9e390f0c75827e3fb9abd69dbc0ee7072"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6.4,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/linear_issue_open.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Security-Policy","score":10,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linear_issue_open.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/buildkite/elastic-ci-stack-for-aws/linear_issue_open.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linear_issue_open.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/buildkite/elastic-ci-stack-for-aws/linear_issue_open.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linear_issue_open.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/buildkite/elastic-ci-stack-for-aws/linear_issue_open.yml/main?enable=pin","Warn: containerImage not pinned by hash: tests/Dockerfile:2","Warn: pipCommand not pinned by hash: .buildkite/steps/cfn-lint.sh:5","Info: 0 out of 3 GitHub-owned GitHubAction dependencies pinned","Info: 0 out of 1 containerImage dependencies pinned","Info: 0 out of 1 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: Licence.md:0","Info: FSF or OSI recognized license: MIT License: Licence.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":5,"reason":"branch protection is not maximal on development and all release branches","details":["Info: 'allow deletion' disabled on branch 'main'","Info: 'force pushes' disabled on branch 'main'","Warn: 'branch protection settings apply to administrators' is disabled on branch 'main'","Warn: 'stale review dismissal' is disabled on branch 'main'","Warn: required approving review count is 1 on branch 'main'","Warn: codeowners review is not required on branch 'main'","Warn: 'last push approval' is disabled on branch 'main'","Info: status check found to merge onto on branch 'main'","Info: PRs are required in order to make changes on branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-17T10:04:23.897Z","repository_id":32893973,"created_at":"2025-08-17T10:04:23.897Z","updated_at":"2025-08-17T10:04:23.897Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31551891,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-08T10:21:54.569Z","status":"ssl_error","status_checked_at":"2026-04-08T10:21:38.171Z","response_time":54,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","buildkite","buildkite-agent-orchestration","continuous-delivery","continuous-deployment","continuous-integration","docker"],"created_at":"2024-08-09T19:01:29.407Z","updated_at":"2026-04-08T11:02:15.847Z","avatar_url":"https://github.com/buildkite.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"\u003ch1\u003e\u003cimg alt=\"Elastic CI Stack for AWS\" src=\"images/banner.png?raw=true\"\u003e\u003c/h1\u003e\n\n[![Build status](https://badge.buildkite.com/d178ab942e2f606a83e79847704648437d82a9c5fdb434b7ae.svg?branch=main)](https://buildkite.com/buildkite-aws-stack/buildkite-aws-stack/builds/latest?branch=main)\n\n## Buildkite Elastic CI Stack for AWS\n\n\u003e [!NOTE]\n\u003e Prefer Terraform? See [terraform-buildkite-elastic-ci-stack-for-aws](https://github.com/buildkite/terraform-buildkite-elastic-ci-stack-for-aws)\n\n[Buildkite](https://buildkite.com/) provides a platform for running fast, secure, and scalable continuous integration pipelines on your own infrastructure.\n\nThe Buildkite Elastic CI Stack for AWS gives you a private, autoscaling [Buildkite Agent](https://buildkite.com/docs/agent) cluster. Use it to parallelize large test suites across thousands of nodes, run tests and deployments for Linux or Windows based services and apps, or run AWS ops tasks.\n\n## Getting started\n\nLearn more about the Elastic CI Stack for AWS and how to get started with it from the Buildkite Docs:\n\n- [Elastic CI Stack for AWS overview](https://buildkite.com/docs/agent/v3/aws/elastic-ci-stack) page, for a summary of the stack's architecture and supported features.\n- [Linux and Windows setup for the Elastic CI Stack for AWS](https://buildkite.com/docs/agent/v3/aws/elastic-ci-stack/ec2-linux-and-windows/setup) page for a step-by-step guide on how to set up the Elastic CI Stack in AWS for these operating systems.\n\nA [list of recommended resources](#recommended-reading) provides links to other pages in the Buildkite Docs for more detailed information.\n\nAlternatively, jump straight in:\n\n[![Launch AWS Stack](https://cdn.rawgit.com/buildkite/cloudformation-launch-stack-button-svg/master/launch-stack.svg)](https://console.aws.amazon.com/cloudformation/home#/stacks/new?stackName=buildkite\u0026templateURL=https://s3.amazonaws.com/buildkite-aws-stack/latest/aws-stack.yml)\n\nThe current release is ![](https://img.shields.io/github/release/buildkite/elastic-ci-stack-for-aws.svg). See [Releases](https://github.com/buildkite/elastic-ci-stack-for-aws/releases) for older releases.\n\n\u003e Although the stack creates its own VPC by default, Buildkite highly recommends following best practices by setting up a separate development AWS account and using role switching and consolidated billing ā€” see the [Delegate Access Across AWS Accounts tutorial](http://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html) for more information.\n\nIf you want to use the [AWS CLI](https://aws.amazon.com/cli/), download [`config.json.example`](config.json.example), rename it to `config.json`, update it with your agent token, then run the below AWS CLI command to create the AWS CloudFormation stack:\n\n```bash\naws cloudformation create-stack \\\n --output text \\\n --stack-name buildkite \\\n --template-url \"https://s3.amazonaws.com/buildkite-aws-stack/latest/aws-stack.yml\" \\\n --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM CAPABILITY_AUTO_EXPAND \\\n --parameters \"$(cat config.json)\"\n```\n\n## Security\n\nThis repository hasn't been reviewed by security researchers. Therefore, exercise caution and careful thought with what credentials you make available to your builds.\n\nAnyone with commit access to your codebase (including third-party pull-requests if you've enabled them in Buildkite) will have access to your secrets bucket files.\n\nAlso, keep in mind the EC2 HTTP metadata server is available from within builds, which means builds act with the same IAM permissions as the instance.\n\n### Limiting CloudFormation Permissions\n\nBy default, CloudFormation will operate using the permissions granted to the identity of the credentials used to initiate a stack deployment or update.\n\nIf you want to explicitly specify which actions CloudFormation can perform on your behalf, you can either create your stack using credentials for an IAM identity with limited permissions, or provide an [AWS CloudFormation service role](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-iam-servicerole.html).\n\nšŸ§‘ā€šŸ”¬ [templates/service-role.yml](templates/service-role.yml) template contains an experimental service role and set of IAM Policies that list the IAM Actions necessary to create, update, and delete a CloudFormation Stack created with the Buildkite Elastic CI Stack template. The role created by this template is currently being tested, but it has not been tested enough to be depended on. There are likely to be missing permissions for some stack parameter permutations.\n\n```bash\naws cloudformation deploy --template-file templates/service-role.yml --stack-name buildkite-elastic-ci-stack-service-role --region us-east-1 --capabilities CAPABILITY_IAM\n```\n\n## Experimental Resource Limits\n\nThe Elastic CI Stack includes configurable systemd resource limits to prevent resource exhaustion. These limits can be configured using CloudFormation parameters:\n\n| Parameter | Description | Default |\n|------------------------------------|--------------------------------------------------------|---------|\n| `ExperimentalEnableResourceLimits` | Enable systemd resource limits for the Buildkite agent | `false` |\n| `ResourceLimitsMemoryHigh` | MemoryHigh limit (e.g., '90%' or '4G') | `90%` |\n| `ResourceLimitsMemoryMax` | MemoryMax limit (e.g., '90%' or '4G') | `90%` |\n| `ResourceLimitsMemorySwapMax` | MemorySwapMax limit (e.g., '90%' or '4G') | `90%` |\n| `ResourceLimitsCPUWeight` | CPU weight (1-10000) | `100` |\n| `ResourceLimitsCPUQuota` | CPU quota (e.g., '90%') | `90%` |\n| `ResourceLimitsIOWeight` | I/O weight (1-10000) | `80` |\n\n### Example Configuration\n\nTo enable resource limits with custom values, include these parameters in your CloudFormation template or config file:\n\n```yaml\n{\n \"Parameters\": {\n \"ExperimentalEnableResourceLimits\": \"true\",\n \"ResourceLimitsMemoryHigh\": \"80%\",\n \"ResourceLimitsMemoryMax\": \"85%\",\n \"ResourceLimitsMemorySwapMax\": \"90%\",\n \"ResourceLimitsCPUWeight\": \"100\",\n \"ResourceLimitsCPUQuota\": \"85%\",\n \"ResourceLimitsIOWeight\": \"75\"\n }\n}\n```\n\n### Notes\n- Resource limits are disabled by default\n- Values can be specified as percentages or absolute values (for memory-related parameters)\n\n## Scheduled Scaling\n\nThe Elastic CI Stack supports time-based scaling to automatically adjust the minimum number of instances based on your team's working hours. This feature helps optimize costs by scaling down during off-hours while allowing users the ability to proactively scale up capacity ahead of expected increasing capacity requirements.\n\n### Configuration Parameters\n\n| Parameter | Description | Default |\n|--------------------------|------------------------------------------------------|----------------------|\n| `EnableScheduledScaling` | Enable scheduled scaling actions | `false` |\n| `ScheduleTimezone` | Timezone for scheduled actions | `UTC` |\n| `ScaleUpSchedule` | Cron expression for scaling up | `0 8 * * MON-FRI` |\n| `ScaleUpMinSize` | MinSize when scaling up | `1` |\n| `ScaleDownSchedule` | Cron expression for scaling down | `0 18 * * MON-FRI` |\n| `ScaleDownMinSize` | MinSize when scaling down | `0` |\n\n### Example Configuration\n\nTo enable scheduled scaling that maintains a minimum of 10 ASG instances during business hours (8 AM - 6 PM, Eastern Time) and 2 ASG instances during off-hours:\n\n```json\n{\n \"Parameters\": {\n \"EnableScheduledScaling\": \"true\",\n \"ScheduleTimezone\": \"America/New_York\",\n \"ScaleUpSchedule\": \"0 8 * * MON-FRI\",\n \"ScaleUpMinSize\": \"10\",\n \"ScaleDownSchedule\": \"0 18 * * MON-FRI\",\n \"ScaleDownMinSize\": \"2\"\n }\n}\n```\n\n### Schedule Format\n\nScheduled scaling uses [AWS Auto Scaling cron expressions](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-scheduled-scaling.html#scheduled-scaling-cron) with the format:\n```\nminute hour day-of-month month day-of-week\n```\n\nCommon examples:\n- `0 8 * * MON-FRI` - 8:00 AM on weekdays\n- `0 18 * * MON-FRI` - 6:00 PM on weekdays\n- `0 9 * * SAT` - 9:00 AM on Saturdays\n- `30 7 * * 1-5` - 7:30 AM Monday through Friday (using numbers)\n\n### Timezone Support\n\nThe `ScheduleTimezone` parameter supports [IANA timezone names](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-scheduled-scaling.html#scheduled-scaling-timezone) such as:\n- `America/New_York` (Eastern Time)\n- `America/Los_Angeles` (Pacific Time)\n- `Europe/London` (Greenwich Mean Time)\n- `Asia/Tokyo` (Japan Standard Time)\n- `UTC` (Coordinated Universal Time)\n\n## Development\n\nTo get started with customizing your own stack, or contributing fixes and features:\n\n```bash\n# Checkout all submodules\ngit submodule update --init --recursive\n\n# Build all AMIs and render a cloud formation template - this requires AWS credentials (in the ENV)\n# to build an AMI with packer\nmake build\n\n# To create a new stack on AWS using the local template\nmake create-stack\n\n# You can use any of the AWS* environment variables that the aws-cli supports\nAWS_PROFILE=\"some-profile\" make create-stack\n\n# You can also use aws-vault or similar\naws-vault exec some-profile -- make create-stack\n```\n\nIf you need to build your own AMIs (because you've changed something in the\n`packer` directory), run `make packer` with AWS credentials in your shell environment.\n\nThe build process is now two steps:\n1. **Base AMI:** A base AMI is created with the latest OS updates. This image is cached and only rebuilt when the underlying OS or configuration changes.\n2. **Final AMI:** The final AMI is built on top of the base AMI, installing the Buildkite agent and other software. This makes final builds faster and more consistent.\n\nBy default, AMIs are built as private. You can control AMI visibility and build location using these variables:\n\n- `AMI_PUBLIC` - Set to `true` to make AMIs publicly accessible to all AWS users, or `false` (default) for private AMIs.\n- `AMI_USERS` - A comma-separated list of AWS account IDs that should have access to private AMIs (ignored when `AMI_PUBLIC=true`).\n- `AWS_REGION` - The AWS region where AMIs should be built (defaults to `us-east-1`).\n\n```bash\n# Build private AMIs (default - recommended for security)\nmake packer\n\n# Build public AMIs (available to all AWS users)\nmake packer AMI_PUBLIC=true\n\n# Build private AMIs with access for specific AWS accounts\nmake packer AMI_USERS=\"123456789012,987654321098,555666777888\"\n\n# Combined: private AMIs with specific account access in a different region\nmake packer AMI_PUBLIC=false AMI_USERS=\"123456789012,987654321098\" AWS_REGION=us-west-2\n```\n\nThis will create AMIs for the following platforms in your account's `us-east-1` region (or the region specified by `AWS_REGION`):\n\n- Linux (64-bit x86)\n- Linux (64-bit Arm)\n- Windows (64-bit x86)\n\nIf you only need Linux AMIs, invoke the specific targets to skip the Windows build:\n\n```bash\n# Linux amd64 (x86_64)\nmake packer-base-linux-amd64.output packer-linux-amd64.output\n\n# Linux arm64\nmake packer-base-linux-arm64.output packer-linux-arm64.output\n\n# Both Linux architectures\nmake packer-base-linux-amd64.output packer-linux-amd64.output \\\n packer-base-linux-arm64.output packer-linux-arm64.output\n```\n\n**Security Note:** Making AMIs public (`AMI_PUBLIC=true`) can expose any secrets accidentally baked into the image. The default private setting helps prevent accidental exposure of sensitive information.\n\n## Support Policy\n\nWe provide support for security and bug fixes on the current major release only.\n\nIf there are any changes in the main branch since the last tagged release, we\naim to publish a new tagged release of this template at the end of each month.\n\n### AWS Regions\n\nBuildkite:\n\n- Supports all AWS Regions, except China and US GovCloud.\n- Aims to support new regions within one month of general availability.\n\n### Operating Systems\n\nBuildkite builds and deploys the following AMIs to all our supported regions:\n\n- Amazon Linux 2023 (64-bit x86)\n- Amazon Linux 2023 (64-bit Arm)\n- Windows Server 2022 (64-bit x86)\n\n### Buildkite Agent\n\nThe Elastic CI Stack template [published from the main branch](https://s3.amazonaws.com/buildkite-aws-stack/latest/aws-stack.yml)\ntracks the latest Buildkite Agent release.\n\nYou may wish to preview any updates to your stack from this template\n[using a CloudFormation Stack Change Set](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html)\nto decide whether to apply it.\n\n## Recommended reading\n\nFollowing on from the [Getting started](#getting-started) pages above, to gain a better understanding of how Elastic CI Stack works and how to use it most effectively and securely, see the following resources:\n\n- [Buildkite Agents in AWS overview](https://buildkite.com/docs/agent/v3/aws)\n- [Template parameters](https://buildkite.com/docs/agent/v3/aws/elastic-ci-stack/ec2-linux-and-windows/template-parameters)\n- [Using AWS Secrets Manager](https://buildkite.com/docs/agent/v3/aws/elastic-ci-stack/ec2-linux-and-windows/secrets-manager)\n- [VPC design](https://buildkite.com/docs/agent/v3/aws/architecture/vpc)\n- [CloudFormation service role](https://buildkite.com/docs/agent/v3/aws/elastic-ci-stack/ec2-linux-and-windows/cloudformation-service-role)\n\n## Questions and support\n\nFeel free to drop an email to support@buildkite.com with questions. It'll also help us if you can provide the following details:\n\n```bash\n# List your stack parameters\naws cloudformation describe-stacks --stack-name MY_STACK_NAME \\\n --query 'Stacks[].Parameters[].[ParameterKey,ParameterValue]' --output table\n```\n\n### Collect logs from CloudWatch\n\nProvide Buildkite with logs from CloudWatch Logs:\n\n```bash\n/buildkite/elastic-stack/{instance-id}\n/buildkite/system/{instance-id}\n```\n\n### Collect logs via script\n\nAn alternative method to collect the logs is to use the `log-collector` script in the `utils` folder.\nThe script will collect CloudWatch logs for the Instance, Lambda function, and AutoScaling activity and package them in a\nzip archive which you can send via email to support@buildkite.com.\n\nYou can also visit our [Forum](https://forum.buildkite.community) and post a question in the [Elastic CI Stack for AWS](https://forum.buildkite.community/c/elastic-ci-stack-for-aws/) section!\n\n## Licence\n\nSee [Licence.md](Licence.md) (MIT)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbuildkite%2Felastic-ci-stack-for-aws","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbuildkite%2Felastic-ci-stack-for-aws","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbuildkite%2Felastic-ci-stack-for-aws/lists"}