feat(codebuild): add custom instance type and VPC to Fleets #34572
Conversation
github-actions
bot
added
p2
repeat-contributor
| @@ -38,6 +89,7 @@ class FleetStack extends cdk.Stack { | |||
| }), | |||
| environment: { | |||
| buildImage: codebuild.LinuxBuildImage.STANDARD_7_0, | |||
| fleet: this.fleet, | |||
There was a problem hiding this comment.
@badmintoncryer when you added this integration test earlier this year, you weren't actually using the fleet in the test 🥲. It works now!
There was a problem hiding this comment.
Thanks @isker
I had no idea that the configuration was wrong...
| However, when a build runs on a Fleet reserved instance, any VPC configuration | ||
| on the Project is not used - only the VPC configured on the Fleet has an effect. |
There was a problem hiding this comment.
The docs are not very clear about this, but this is my understanding. I am trying to verify this experimentally but my CodeBuild access got suspended 🥲, I guess because I was creating and destroying so many Fleets without really using them. I am waiting for support to restore access... (case 174848040600299)
I am similarly trying to verify what the Fleet Role is used for. It's not clear whether it's used during builds instead of the Role on the Project, or whether it's just used by CodeBuild to attach network interfaces... if it's only the latter, maybe there's no point in exposing it from Fleet?
| // Incredibly, if you pass a SubnetSelection that produces more than 1 | ||
| // subnet, you currently get this error: | ||
| // > Resource handler returned message: "Invalid vpc config: the maximum number of subnets is 1 | ||
| // This seems like a terrible limitation from the CodeBuild team. | ||
| // maxAzs: 2, |
There was a problem hiding this comment.
This is bad. If anyone at AWS can talk to the CodeBuild team... I've never seen another service that demands a single subnet like this. The CloudFormation types claim you can use "up to 16" but anything more than 1 fails at deploy time.
https://aws.amazon.com/about-aws/whats-new/2025/04/aws-codebuild-ec2-instance-type-configurable-storage-size/ CodeBuild now supports specifying specific EC2 instance types to serve as fleet compute. Add this support to the Fleet construct by way of adding CUSTOM_INSTANCE_TYPE to the FleetComputeType enum, and `instanceType` to `ComputeConfiguration`. Also, add VPC support to Fleet. This mirrors the VPC support in Project. When using Fleets, the VPC configured on the Project does nothing. Only the VPC on the Fleet applies. This required adding a Role to the Fleet to handle provisioning EC2 network interfaces in the configured VPC.
isker
force-pushed
the
codebuild-fleet-custom-instance-type-vpc
branch
from
28828ff to
d7ab2f0
Compare
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
aws-cdk-automation
added
the
pr/needs-community-review
https://aws.amazon.com/about-aws/whats-new/2025/04/aws-codebuild-ec2-instance-type-configurable-storage-size/
CodeBuild now supports specifying specific EC2 instance types to serve as fleet compute.
Add this support to the Fleet construct by way of adding CUSTOM_INSTANCE_TYPE to the FleetComputeType enum, and
instanceTypetoComputeConfiguration.Also, add VPC support to Fleet. This mirrors the VPC support in Project. When using Fleets, the VPC configured on the Project does nothing. Only the VPC on the Fleet applies. This required adding a Role to the Fleet to handle provisioning EC2 network interfaces in the configured VPC.
Describe any new or updated permissions being added
When configuring a VPC on a Fleet, IAM permissions are granted to a CodeBuild Role as described here.
Description of how you validated changes
Unit and integration tests.
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license