 SQLMeshCLI
SQLMeshCLI
Orchestrate a SQLMesh project from the CLI.
type: "io.kestra.plugin.sqlmesh.cli.SQLMeshCLI"Examples
Orchestrate a SQLMesh project by automatically applying the plan
id: sqlmesh_transform
namespace: company.team
tasks:
  - id: transform
    type: io.kestra.plugin.sqlmesh.cli.SQLMeshCLI
    beforeCommands:
      - sqlmesh init duckdb
    commands:
      - sqlmesh plan --auto-applyProperties
commands *Requiredarray
The commands to run in the container.
beforeCommands array
The commands to execute before the main list of commands, e.g. to initialize or prepare the environment
containerImage string
ghcr.io/kestra-io/sqlmeshThe task runner container image, only used if the task runner is container-based.
env object
Additional environment variables for the current process.
inputFiles objectstring
The files to create on the working. It can be a map or a JSON object.
Each file can be defined:
- Inline with its content
- As a URI, supported schemes are kestrafor internal storage files,filefor host local files, andnsfilefor namespace files.
namespaceFiles Non-dynamicNamespaceFiles
Inject namespace files.
Inject namespace files to this task. When enabled, it will, by default, load all namespace files into the working directory. However, you can use the include or exclude properties to limit which namespace files will be injected.
outputFiles array
The files from the local filesystem to send to Kestra's internal storage.
Must be a list of glob expressions relative to the current working directory, some examples: my-dir/**, my-dir/*/** or my-dir/my-file.txt.
Outputs
exitCode integer
0The exit code of the entire flow execution.
outputFiles object
The output files' URIs in Kestra's internal storage.
taskRunner TaskRunnerDetailResult
vars object
The value extracted from the output of the executed commands.
Definitions
io.kestra.plugin.ee.kubernetes.runner.SideCar
image string
busyboxThe image used for the file sidecar container.
io.kestra.plugin.scripts.runner.docker.Cpu
cpus numberstring
The maximum amount of CPU resources a container can use.
Make sure to set that to a numeric value e.g. cpus: "1.5" or cpus: "4" or For instance, if the host machine has two CPUs and you set cpus: "1.5", the container is guaranteed at most one and a half of the CPUs.
io.kestra.plugin.ee.kubernetes.runner.Kubernetes-Resource
cpu string
memory string
io.kestra.plugin.ee.kubernetes.runner.Kubernetes-Resources
limit Kubernetes-Resource
request Kubernetes-Resource
Credentials for a private container registry.
auth string
The registry authentication.
The auth field is a base64-encoded authentication string of username: password or a token.
identityToken string
The identity token.
password string
The registry password.
registry string
The registry URL.
If not defined, the registry will be extracted from the image name.
registryToken string
The registry token.
username string
The registry username.
io.kestra.plugin.ee.azure.batch.models.ComputeNodeIdentityReference
resourceId string
The ARM resource ID of the user assigned identity.
io.kestra.plugin.ee.gcp.runner.Batch-ComputeResource
bootDisk string
Extra boot disk size for each task.
cpu string
The milliCPU count.
Defines the amount of CPU resources per task in milliCPU units. For example, 1000 corresponds to 1 vCPU per task. If undefined, the default value is 2000.
If you also define the VM's machine type using the machineType property in InstancePolicy field or inside the instanceTemplate in the InstancePolicyOrTemplate field, make sure the CPU resources for both fields are compatible with each other and with how many tasks you want to allow to run on the same VM at the same time.
For example, if you specify the n2-standard-2 machine type, which has 2 vCPUs, you can set the cpu to no more than 2000. Alternatively, you can run two tasks on the same VM if you set the cpu to 1000 or less.
memory string
Memory in MiB.
Defines the amount of memory per task in MiB units. If undefined, the default value is 2048. If you also define the VM's machine type using the machineType in InstancePolicy field or inside the instanceTemplate in the InstancePolicyOrTemplate field, make sure the memory resources for both fields are compatible with each other and with how many tasks you want to allow to run on the same VM at the same time.
For example, if you specify the n2-standard-2 machine type, which has 8 GiB of memory, you can set the memory to no more than 8192.
io.kestra.plugin.ee.aws.runner.Batch-Resources
request *RequiredBatch-Resource
io.kestra.plugin.ee.kubernetes.models.OAuthTokenProvider
output string
task Task
io.kestra.core.models.tasks.NamespaceFiles
enabled booleanstring
trueWhether to enable namespace files to be loaded into the working directory. If explicitly set to true in a task, it will load all Namespace Files into the task's working directory. Note that this property is by default set to true so that you can specify only the include and exclude properties to filter the files to load without having to explicitly set enabled to true.
exclude array
A list of filters to exclude matching glob patterns. This allows you to exclude a subset of the Namespace Files from being downloaded at runtime. You can combine this property together with include to only inject a subset of files that you need into the task's working directory.
folderPerNamespace booleanstring
falseWhether to mount file into the root of the working directory, or create a folder per namespace
ifExists string
OVERWRITEOVERWRITEFAILWARNIGNOREComportment of the task if a file already exist in the working directory.
include array
A list of filters to include only matching glob patterns. This allows you to only load a subset of the Namespace Files into the working directory.
namespaces array
["{{flow.namespace}}"]A list of namespaces in which searching files. The files are loaded in the namespace order, and only the latest version of a file is kept. Meaning if a file is present in the first and second namespace, only the file present on the second namespace will be loaded.
Task runner that executes a task inside a pod in a Kubernetes cluster.
type *Requiredobject
config Connection
The configuration of the target Kubernetes cluster.
containerSpec object
Additional YAML spec for the container.
delete booleanstring
trueWhether the pod should be deleted upon completion.
fileSideCarSpec object
Additional YAML spec for the sidecar container.
fileSidecar SideCar
{
  "image": "busybox"
}The configuration of the file sidecar container that handle download and upload of files.
labels object
The pod custom labels
Kestra will add default labels to the pod with execution and flow identifiers.
namespace string
defaultThe namespace where the pod will be created.
nodeSelector object
Node selector for pod scheduling
Kestra will assign the pod to the nodes you want (see Assign Pod Nodes)
podSpec object
Additional YAML spec for the pod.
pullPolicy string
ALWAYSIF_NOT_PRESENTALWAYSNEVERThe image pull policy for a container image and the tag of the image, which affect when Docker attempts to pull (download) the specified image.
resources Kubernetes-Resources
The pod custom resources
resume booleanstring
trueWhether to reconnect to the current pod if it already exists.
serviceAccountName string
The name of the service account.
syncWorkingDirectory booleanstring
falseversion string
\d+\.\d+\.\d+(-[a-zA-Z0-9-]+)?|([a-zA-Z0-9]+)The version of the plugin to use.
waitForLogs string
PT5SdurationThe additional duration to wait for logs to arrive after pod completion.
As logs are not retrieved in real time, we cannot guarantee that we have fetched all logs when the pod complete, therefore we wait for a fixed amount of time to fetch late logs.
waitUntilCompletion string
PT1HdurationThe maximum duration to wait for the pod completion unless the task timeout property is set which will take precedence over this property.
waitUntilRunning string
PT10MdurationThe maximum duration to wait until the pod is created.
This timeout is the maximum time that Kubernetes scheduler can take to
- schedule the pod
- pull the pod image
- and start the pod.
io.kestra.core.models.tasks.runners.TaskRunnerDetailResult
Task runner that executes a task inside a job in Azure Batch.
account *Requiredstring
The Batch account name.
endpoint *Requiredstring
The blob service endpoint.
poolId *Requiredstring
Id of the pool on which to run the job.
type *Requiredobject
accessKey string
The Batch access key.
blobStorage BlobStorageForBatch
completionCheckInterval string
PT5SdurationDetermines how often Kestra should poll the container for completion. By default, the task runner checks every 5 seconds whether the job is completed. You can set this to a lower value (e.g. PT0.1S = every 100 milliseconds) for quick jobs and to a lower threshold (e.g. PT1M = every minute) for long-running jobs. Setting this property to a lower value will reduce the number of API calls Kestra makes to the remote service — keep that in mind in case you see API rate limit errors.
delete booleanstring
trueWhether the job should be deleted upon completion.
Warning, if the job is not deleted, a retry of the task could resume an old failed attempt of the job.
registry ContainerRegistry
The private registry which contains the container image.
resume booleanstring
trueWhether to reconnect to the current job if it already exists.
streamLogs booleanstring
falseEnable log streaming during task execution.
This property is useful for capturing logs from tasks that have a timeout. If a task with a timeout is terminated, this property makes sure all logs up to that point are retrieved.
syncWorkingDirectory booleanstring
falseversion string
\d+\.\d+\.\d+(-[a-zA-Z0-9-]+)?|([a-zA-Z0-9]+)The version of the plugin to use.
waitUntilCompletion string
PT1HdurationThe maximum duration to wait for the job completion unless the task timeout property is set, which will take precedence over this property.
Azure Batch will automatically timeout the job upon reaching such duration and the task will fail.
io.kestra.plugin.ee.gcp.runner.Batch-LifecyclePolicyAction
exitCodes array
Exit codes of a task execution.
If there are more than 1 exit codes, when task executes with any of the exit code in the list, the condition is met and the action will be executed.
Task runner that executes a task inside a job in Google Cloud Run.
region *Requiredstring
The GCP region.
type *Requiredobject
bucket string
Google Cloud Storage Bucket to use to upload (inputFiles and namespaceFiles) and download (outputFiles) files.
It's mandatory to provide a bucket if you want to use such properties.
completionCheckInterval string
PT5SdurationDetermines how often Kestra should poll the container for completion. By default, the task runner checks every 5 seconds whether the job is completed. You can set this to a lower value (e.g. PT0.1S = every 100 milliseconds) for quick jobs and to a lower threshold (e.g. PT1M = every minute) for long-running jobs. Setting this property to a lower value will reduce the number of API calls Kestra makes to the remote service — keep that in mind in case you see API rate limit errors.
delete booleanstring
trueWhether the job should be deleted upon completion.
impersonatedServiceAccount string
The GCP service account to impersonate.
maxRetries integerstring
3The maximum number of retries for the Cloud Run job. By default, the task runner retries the job up to 3 times.
projectId string
The GCP project ID.
resume booleanstring
trueWhether to reconnect to the current job if it already exists.
scopes array
["https://www.googleapis.com/auth/cloud-platform"]The GCP scopes to be used.
serviceAccount string
The GCP service account key.
syncWorkingDirectory booleanstring
version string
\d+\.\d+\.\d+(-[a-zA-Z0-9-]+)?|([a-zA-Z0-9]+)The version of the plugin to use.
vpcAccessConnector string
The full resource name of the VPC Access Connector to route egress traffic through.
Example: projects/my-project/locations/europe-west1/connectors/my-connector
vpcEgress string
VPC_EGRESS_UNSPECIFIEDALL_TRAFFICPRIVATE_RANGES_ONLYUNRECOGNIZEDThe VPC egress setting for the Cloud Run job.
Must be PRIVATE_RANGES_ONLY or ALL_TRAFFIC (case-insensitive). Requires vpcAccessConnector to be set.
waitForLogInterval string
PT5SdurationAdditional time after the job ends to wait for late logs.
waitUntilCompletion string
PT1HdurationThe maximum duration to wait for the job completion unless the task timeout property is set which will take precedence over this property.
Google Cloud Run will automatically timeout the Job upon reaching such duration and the task will be failed.
io.kestra.plugin.ee.gcp.runner.Batch-LifecyclePolicy
action string
ACTION_UNSPECIFIEDRETRY_TASKFAIL_TASKUNRECOGNIZEDAction on task failures based on different conditions.
actionCondition Batch-LifecyclePolicyAction
Conditions for actions to deal with task failures.
io.kestra.plugin.ee.gcp.runner.Batch-NetworkInterface
network *Requiredstring
Network identifier with the format projects/HOST_PROJECT_ID/global/networks/NETWORK.
subnetwork string
Subnetwork identifier in the format projects/HOST_PROJECT_ID/regions/REGION/subnetworks/SUBNET
io.kestra.plugin.ee.aws.runner.Batch-Resource
cpu *Requiredstring
memory *Requiredstring
io.kestra.plugin.ee.kubernetes.models.Connection
apiVersion string
v1The API version
caCertData string
CA certificate as data
caCertFile string
CA certificate as file path
clientCertData string
Client certificate as data
clientCertFile string
Client certificate as a file path
clientKeyAlgo string
RSAClient key encryption algorithm
default is RSA
clientKeyData string
Client key as data
clientKeyFile string
Client key as a file path
clientKeyPassphrase string
Client key passphrase
disableHostnameVerification booleanstring
Disable hostname verification
keyStoreFile string
Key store file
keyStorePassphrase string
Key store passphrase
masterUrl string
https://kubernetes.default.svcThe url to the Kubernetes API
namespace string
The namespace used
oauthToken string
Oauth token
oauthTokenProvider OAuthTokenProvider
Oauth token provider
password string
Password
trustCerts booleanstring
Trust all certificates
trustStoreFile string
Truststore file
trustStorePassphrase string
Truststore passphrase
username string
Username
io.kestra.plugin.ee.azure.storage.blob.models.BlobStorageForBatch
containerName *Requiredstring
The URL of the blob container the compute node should use.
Mandatory if you want to use namespaceFiles, inputFiles or outputFiles properties.
connectionString string
Connection string of the Storage Account.
endpoint string
The blob service endpoint.
Task runner that executes a task as a subprocess on the Kestra host.
type *Requiredobject
version string
\d+\.\d+\.\d+(-[a-zA-Z0-9-]+)?|([a-zA-Z0-9]+)The version of the plugin to use.
Task runner that executes a task inside a job in Google Cloud Batch.
region *Requiredstring
The GCP region.
type *Requiredobject
bucket string
Google Cloud Storage Bucket to use to upload (inputFiles and namespaceFiles) and download (outputFiles) files.
It's mandatory to provide a bucket if you want to use such properties.
completionCheckInterval string
PT5SdurationDetermines how often Kestra should poll the container for completion. By default, the task runner checks every 5 seconds whether the job is completed. You can set this to a lower value (e.g. PT0.1S = every 100 milliseconds) for quick jobs and to a lower threshold (e.g. PT1M = every minute) for long-running jobs. Setting this property to a lower value will reduce the number of API calls Kestra makes to the remote service — keep that in mind in case you see API rate limit errors.
computeResource Batch-ComputeResource
Compute resource requirements.
ComputeResource defines the amount of resources required for each task. Make sure your tasks have enough compute resources to successfully run. If you also define the types of resources for a job to use with the InstancePolicyOrTemplate field, make sure both fields are compatible with each other.
delete booleanstring
trueWhether the job should be deleted upon completion.
Warning, if the job is not deleted, a retry of the task could resume an old failed attempt of the job.
entryPoint array
Container entrypoint to use.
impersonatedServiceAccount string
The GCP service account to impersonate.
lifecyclePolicies array
Lifecycle management schema when any task in a task group is failed.
Currently we only support one lifecycle policy. When the lifecycle policy condition is met, the action in the policy will execute. If task execution result does not meet with the defined lifecycle policy, we consider it as the default policy. Default policy means if the exit code is 0, exit task. If task ends with non-zero exit code, retry the task with max_retry_count.
machineType string
e2-mediumThe GCP machine type.
maxCreateJobRetryCount integerstring
2maxRetryCount integer
 >= 0 <= 10Maximum number of retries on failures.
The default, 0, which means never retry.
projectId string
The GCP project ID.
reservation string
Compute reservation.
resume booleanstring
trueWhether to reconnect to the current job if it already exists.
scopes array
["https://www.googleapis.com/auth/cloud-platform"]The GCP scopes to be used.
serviceAccount string
The GCP service account key.
syncWorkingDirectory booleanstring
falseversion string
\d+\.\d+\.\d+(-[a-zA-Z0-9-]+)?|([a-zA-Z0-9]+)The version of the plugin to use.
waitForLogInterval string
PT5SdurationAdditional time after the job ends to wait for late logs.
waitUntilCompletion string
PT1HdurationThe maximum duration to wait for the job completion unless the task timeout property is set which will take precedence over this property.
Google Cloud Batch will automatically timeout the job upon reaching such duration and the task will be failed.
io.kestra.plugin.scripts.runner.docker.Memory
kernelMemory string
The maximum amount of kernel memory the container can use.
The minimum allowed value is 4MB. Because kernel memory cannot be swapped out, a container which is starved of kernel memory may block host machine resources, which can have side effects on the host machine and on other containers. See the kernel-memory docs for more details.
memory string
The maximum amount of memory resources the container can use.
Make sure to use the format number + unit (regardless of the case) without any spaces.
The unit can be KB (kilobytes), MB (megabytes), GB (gigabytes), etc.
Given that it's case-insensitive, the following values are equivalent:
- "512MB"
- "512Mb"
- "512mb"
- "512000KB"
- "0.5GB"
It is recommended that you allocate at least 6MB.
memoryReservation string
Allows you to specify a soft limit smaller than memory which is activated when Docker detects contention or low memory on the host machine.
If you use memoryReservation, it must be set lower than memory for it to take precedence. Because it is a soft limit, it does not guarantee that the container doesn’t exceed the limit.
memorySwap string
The total amount of memory and swap that can be used by a container.
If memory and memorySwap are set to the same value, this prevents containers from using any swap. This is because memorySwap includes both the physical memory and swap space, while memory is only the amount of physical memory that can be used.
memorySwappiness string
A setting which controls the likelihood of the kernel to swap memory pages.
By default, the host kernel can swap out a percentage of anonymous pages used by a container. You can set memorySwappiness to a value between 0 and 100 to tune this percentage.
oomKillDisable booleanstring
By default, if an out-of-memory (OOM) error occurs, the kernel kills processes in a container.
To change this behavior, use the oomKillDisable option. Only disable the OOM killer on containers where you have also set the memory option. If the memory flag is not set, the host can run out of memory, and the kernel may need to kill the host system’s processes to free the memory.
io.kestra.plugin.ee.azure.batch.models.ContainerRegistry
identityReference ComputeNodeIdentityReference
The reference to the user assigned identity to use to access the Azure Container Registry instead of username and password.
password string
The password to log into the registry server.
registryServer string
The registry server URL.
If omitted, the default is "docker.io".
userName string
The user name to log into the registry server.
io.kestra.plugin.scripts.exec.scripts.models.DockerOptions
image *Requiredstring
1Docker image to use.
config stringobject
Docker configuration file.
Docker configuration file that can set access credentials to private container registries. Usually located in ~/.docker/config.json.
cpu Cpu
Limits the CPU usage to a given maximum threshold value.
By default, each container’s access to the host machine’s CPU cycles is unlimited. You can set various constraints to limit a given container’s access to the host machine’s CPU cycles.
credentials Credentials
entryPoint array
Docker entrypoint to use.
extraHosts array
Extra hostname mappings to the container network interface configuration.
host string
Docker API URI.
memory Memory
Limits memory usage to a given maximum threshold value.
Docker can enforce hard memory limits, which allow the container to use no more than a given amount of user or system memory, or soft limits, which allow the container to use as much memory as it needs unless certain conditions are met, such as when the kernel detects low memory or contention on the host machine. Some of these options have different effects when used alone or when more than one option is set.
networkMode string
Docker network mode to use e.g. host, none, etc.
privileged booleanstring
Give extended privileges to this container.
pullPolicy string
IF_NOT_PRESENTIF_NOT_PRESENTALWAYSNEVERThe image pull policy for a container image and the tag of the image, which affect when Docker attempts to pull (download) the specified image.
shmSize string
Size of /dev/shm in bytes.
The size must be greater than 0. If omitted, the system uses 64MB.
user string
User in the Docker container.
volumes array
List of volumes to mount.
Must be a valid mount expression as string, example : /home/user:/app.
Volumes mount are disabled by default for security reasons; you must enable them on server configuration by setting kestra.tasks.scripts.docker.volume-enabled to true.
Run a task in a Docker container.
type *Requiredobject
config stringobject
Docker configuration file.
Docker configuration file that can set access credentials to private container registries. Usually located in ~/.docker/config.json.
cpu Cpu
Limits the CPU usage to a given maximum threshold value.
By default, each container’s access to the host machine’s CPU cycles is unlimited. You can set various constraints to limit a given container’s access to the host machine’s CPU cycles.
credentials Credentials
delete booleanstring
trueWhether the container should be deleted upon completion.
entryPoint array
[
  ""
]Docker entrypoint to use.
extraHosts array
Extra hostname mappings to the container network interface configuration.
fileHandlingStrategy string
VOLUMEMOUNTVOLUMEFile handling strategy.
How to handle local files (input files, output files, namespace files, ...).
By default, we create a volume and copy the file into the volume bind path.
Configuring it to MOUNT will mount the working directory instead.
host string
Docker API URI.
killGracePeriod string
PT0SdurationWhen a task is killed, this property sets the grace period before killing the container.
By default, we kill the container immediately when a task is killed. Optionally, you can configure a grace period so the container is stopped with a grace period instead.
memory Memory
Limits memory usage to a given maximum threshold value.
Docker can enforce hard memory limits, which allow the container to use no more than a given amount of user or system memory, or soft limits, which allow the container to use as much memory as it needs unless certain conditions are met, such as when the kernel detects low memory or contention on the host machine. Some of these options have different effects when used alone or when more than one option is set.
networkMode string
Docker network mode to use e.g. host, none, etc.
portBindings array
List of port bindings.
Corresponds to the --publish (-p) option of the docker run CLI command using the format ip: dockerHostPort: containerPort/protocol.
Possible example :
- 8080: 80/udp-- 127.0.0.1: 8080: 80-- 127.0.0.1: 8080: 80/udp
privileged booleanstring
Give extended privileges to this container.
pullPolicy string
IF_NOT_PRESENTIF_NOT_PRESENTALWAYSNEVERThe pull policy for a container image.
Use the IF_NOT_PRESENT pull policy to avoid pulling already existing images.
Use the ALWAYS pull policy to pull the latest version of an image
even if an image with the same tag already exists.
shmSize string
Size of /dev/shm in bytes.
The size must be greater than 0. If omitted, the system uses 64MB.
user string
User in the Docker container.
version string
\d+\.\d+\.\d+(-[a-zA-Z0-9-]+)?|([a-zA-Z0-9]+)The version of the plugin to use.
volumes array
List of volumes to mount.
Make sure to provide a map of a local path to a container path in the format: /home/local/path:/app/container/path.
Volume mounts are disabled by default for security reasons — if you are sure you want to use them,
enable that feature in the plugin configuration
by setting volume-enabled to true.
Here is how you can add that setting to your kestra configuration:
kestra: 
  plugins: 
    configurations: 
      - type: io.kestra.plugin.scripts.runner.docker.Docker
        values: 
          volume-enabled: true
wait booleanstring
trueWhether to wait for the container to exit.
A request for devices to be sent to device drivers.
capabilities array
A list of capabilities; an OR list of AND lists of capabilities.
count integerstring
deviceIds array
driver string
options object
Driver-specific options, specified as key/value pairs.
These options are passed directly to the driver.
Task runner that executes a task inside a job in AWS Batch.
computeEnvironmentArn *Requiredstring
Compute environment in which to run the job.
region *Requiredstring
AWS region with which the SDK should communicate.
type *Requiredobject
accessKeyId string
Access Key Id in order to connect to AWS.
If no credentials are defined, we will use the default credentials provider chain to fetch credentials.
bucket string
S3 Bucket to upload (inputFiles and namespaceFiles) and download (outputFiles) files.
It's mandatory to provide a bucket if you want to use such properties.
completionCheckInterval string
PT5SdurationDetermines how often Kestra should poll the container for completion. By default, the task runner checks every 5 seconds whether the job is completed. You can set this to a lower value (e.g. PT0.1S = every 100 milliseconds) for quick jobs and to a lower threshold (e.g. PT1M = every minute) for long-running jobs. Setting this property to a lower value will reduce the number of API calls Kestra makes to the remote service — keep that in mind in case you see API rate limit errors.
delete booleanstring
trueWhether the job should be deleted upon completion.
Warning, if the job is not deleted, a retry of the task could resume an old failed attempt of the job.
endpointOverride string
The endpoint with which the SDK should communicate.
This property allows you to use a different S3 compatible storage backend.
executionRoleArn string
Execution role for the AWS Batch job.
Mandatory if the compute environment is ECS Fargate. See the AWS documentation for more details.
jobQueueArn string
Job queue to use to submit jobs (ARN). If not specified, the task runner will create a job queue — keep in mind that this can lead to a longer execution.
resources Batch-Resources
{
  "request": {
    "memory": "2048",
    "cpu": "1"
  }
}Custom resources for the ECS Fargate container.
See the AWS documentation for more details.
resume booleanstring
trueWhether to reconnect to the current job if it already exists.
secretKeyId string
Secret Key Id in order to connect to AWS.
If no credentials are defined, we will use the default credentials provider chain to fetch credentials.
sessionToken string
AWS session token, retrieved from an AWS token service, used for authenticating that this user has received temporary permissions to access a given resource.
If no credentials are defined, we will use the default credentials provider chain to fetch credentials.
stsEndpointOverride string
The AWS STS endpoint with which the SDKClient should communicate.
stsRoleArn string
AWS STS Role.
The Amazon Resource Name (ARN) of the role to assume. If set the task will use the StsAssumeRoleCredentialsProvider. If no credentials are defined, we will use the default credentials provider chain to fetch credentials.
stsRoleExternalId string
AWS STS External Id.
A unique identifier that might be required when you assume a role in another account. This property is only used when an stsRoleArn is defined.
stsRoleSessionDuration string
PT15MdurationAWS STS Session duration.
The duration of the role session (default: 15 minutes, i.e., PT15M). This property is only used when an stsRoleArn is defined.
stsRoleSessionName string
AWS STS Session name.
This property is only used when an stsRoleArn is defined.
syncWorkingDirectory booleanstring
falsetaskRoleArn string
Task role to use within the container.
Needed if you want to authenticate with AWS CLI within your container.
version string
\d+\.\d+\.\d+(-[a-zA-Z0-9-]+)?|([a-zA-Z0-9]+)The version of the plugin to use.
waitUntilCompletion string
PT1HdurationThe maximum duration to wait for the job completion unless the task timeout property is set which will take precedence over this property.
AWS Batch will automatically timeout the job upon reaching that duration and the task will be marked as failed.
