diff --git a/README.md b/README.md
index 24fd5300d4..d967498bdc 100644
--- a/README.md
+++ b/README.md
@@ -486,7 +486,7 @@ We welcome any improvement to the standard module to make the default as secure
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [ami\_filter](#input\_ami\_filter) | List of maps used to create the AMI filter for the action runner AMI. By default amazon linux 2 is used. | `map(list(string))` | `null` | no |
+| [ami\_filter](#input\_ami\_filter) | Map of lists used to create the AMI filter for the action runner AMI. | `map(list(string))` | {
"state": [
"available"
]
} | no |
| [ami\_id\_ssm\_parameter\_name](#input\_ami\_id\_ssm\_parameter\_name) | Externally managed SSM parameter (of data type aws:ec2:image) that contains the AMI ID to launch runner instances from. Overrides ami\_filter | `string` | `null` | no |
| [ami\_kms\_key\_arn](#input\_ami\_kms\_key\_arn) | Optional CMK Key ARN to be used to launch an instance from a shared encrypted AMI | `string` | `null` | no |
| [ami\_owners](#input\_ami\_owners) | The list of owners used to select the AMI of action runner instances. | `list(string)` | [
"amazon"
]
| no |
diff --git a/examples/ephemeral/main.tf b/examples/ephemeral/main.tf
index ec6b55f724..fbbc588178 100644
--- a/examples/ephemeral/main.tf
+++ b/examples/ephemeral/main.tf
@@ -71,7 +71,7 @@ module "runners" {
# configure your pre-built AMI
# enable_userdata = false
- # ami_filter = { name = ["github-runner-amzn2-x86_64-*"] }
+ # ami_filter = { name = ["github-runner-amzn2-x86_64-*"], state = ["available"] }
# data "aws_caller_identity" "current" {}
# ami_owners = [data.aws_caller_identity.current.account_id]
diff --git a/examples/multi-runner/templates/runner-configs/linux-x64-ubuntu.yaml b/examples/multi-runner/templates/runner-configs/linux-x64-ubuntu.yaml
index b864c1cb91..0393514d2e 100644
--- a/examples/multi-runner/templates/runner-configs/linux-x64-ubuntu.yaml
+++ b/examples/multi-runner/templates/runner-configs/linux-x64-ubuntu.yaml
@@ -1,8 +1,8 @@
matcherConfig:
exactMatch: true
labelMatchers:
- - [ self-hosted, linux, x64, ubuntu-latest ]
- - [ self-hosted, linux, x64, ubuntu-2204 ]
+ - [self-hosted, linux, x64, ubuntu-latest]
+ - [self-hosted, linux, x64, ubuntu-2204]
fifo: true
delay_webhook_event: 0
redrive_build_queue:
@@ -26,6 +26,8 @@ runner_config:
ami_filter:
name:
- ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*
+ state:
+ - available
block_device_mappings:
- device_name: /dev/sda1
delete_on_termination: true
@@ -48,4 +50,4 @@ runner_config:
- log_group_name: runner
prefix_log_group: true
file_path: /opt/actions-runner/_diag/Runner_**.log
- log_stream_name: "{instance_id}/runner"
\ No newline at end of file
+ log_stream_name: "{instance_id}/runner"
diff --git a/examples/multi-runner/templates/runner-configs/windows-x64.yaml b/examples/multi-runner/templates/runner-configs/windows-x64.yaml
index d9936c35aa..64f2a3d23f 100644
--- a/examples/multi-runner/templates/runner-configs/windows-x64.yaml
+++ b/examples/multi-runner/templates/runner-configs/windows-x64.yaml
@@ -18,4 +18,6 @@ runner_config:
runner_boot_time_in_minutes: 20
ami_filter:
name:
- - Windows_Server-2022-English-Core-ContainersLatest-*
\ No newline at end of file
+ - Windows_Server-2022-English-Core-ContainersLatest-*
+ state:
+ - available
diff --git a/examples/prebuilt/README.md b/examples/prebuilt/README.md
index f7e57843c9..4b3e1a503c 100644
--- a/examples/prebuilt/README.md
+++ b/examples/prebuilt/README.md
@@ -58,7 +58,7 @@ Assuming you have built the `linux-amzn2` image which has a pre-defined AMI name
module "runners" {
...
# set the name of the ami to use
- ami_filter = { name = ["github-runner-amzn2-x86_64-2021*"] }
+ ami_filter = { name = ["github-runner-amzn2-x86_64-2021*"], state = ["available"] }
# provide the owner id of
ami_owners = [""]
@@ -139,4 +139,4 @@ Be-aware some shells will print some end of line character `%`.
|------|-------------|
| [webhook\_endpoint](#output\_webhook\_endpoint) | n/a |
| [webhook\_secret](#output\_webhook\_secret) | n/a |
-
\ No newline at end of file
+
diff --git a/examples/prebuilt/main.tf b/examples/prebuilt/main.tf
index 769921571a..80804cc70f 100644
--- a/examples/prebuilt/main.tf
+++ b/examples/prebuilt/main.tf
@@ -42,7 +42,7 @@ module "runners" {
# configure your pre-built AMI
enable_userdata = false
- ami_filter = { name = [var.ami_name_filter] }
+ ami_filter = { name = [var.ami_name_filter], state = ["available"] }
ami_owners = [data.aws_caller_identity.current.account_id]
# Look up runner AMI ID from an AWS SSM parameter (overrides ami_filter at instance launch time)
diff --git a/examples/ubuntu/main.tf b/examples/ubuntu/main.tf
index 651203f561..83ff366c9f 100644
--- a/examples/ubuntu/main.tf
+++ b/examples/ubuntu/main.tf
@@ -51,13 +51,14 @@ module "runners" {
ami_owners = ["099720109477"] # Canonical's Amazon account ID
ami_filter = {
- name = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"]
+ name = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"],
+ state = ["available"]
}
# Custom build AMI, no custom userdata needed.
# option 2: Build custom AMI see ../../images/ubuntu-focal
# disable lines above (option 1) and enable the ones below
- # ami_filter = { name = ["github-runner-ubuntu-focal-amd64-*"] }
+ # ami_filter = { name = ["github-runner-ubuntu-focal-amd64-*"], state = ["available"] }
# data "aws_caller_identity" "current" {}
# ami_owners = [data.aws_caller_identity.current.account_id]
diff --git a/modules/runners/README.md b/modules/runners/README.md
index 5425a7aee8..4f21a58573 100644
--- a/modules/runners/README.md
+++ b/modules/runners/README.md
@@ -123,7 +123,7 @@ yarn run dist
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
-| [ami\_filter](#input\_ami\_filter) | Map of lists used to create the AMI filter for the action runner AMI. | `map(list(string))` | `null` | no |
+| [ami\_filter](#input\_ami\_filter) | Map of lists used to create the AMI filter for the action runner AMI. | `map(list(string))` | {
"state": [
"available"
]
} | no |
| [ami\_id\_ssm\_parameter\_name](#input\_ami\_id\_ssm\_parameter\_name) | Externally managed SSM parameter (of data type aws:ec2:image) that contains the AMI ID to launch runner instances from. Overrides ami\_filter | `string` | `null` | no |
| [ami\_kms\_key\_arn](#input\_ami\_kms\_key\_arn) | Optional CMK Key ARN to be used to launch an instance from a shared encrypted AMI | `string` | `null` | no |
| [ami\_owners](#input\_ami\_owners) | The list of owners used to select the AMI of action runner instances. | `list(string)` | [
"amazon"
]
| no |
diff --git a/modules/runners/variables.tf b/modules/runners/variables.tf
index 85b869943d..7166403016 100644
--- a/modules/runners/variables.tf
+++ b/modules/runners/variables.tf
@@ -127,7 +127,12 @@ variable "instance_types" {
variable "ami_filter" {
description = "Map of lists used to create the AMI filter for the action runner AMI."
type = map(list(string))
- default = null
+ default = { state = ["available"] }
+ validation {
+ // check the availability of the AMI
+ condition = contains(keys(var.ami_filter), "state")
+ error_message = "The \"ami_filter\" variable must contain the \"state\" key with the value \"available\"."
+ }
}
variable "ami_owners" {
diff --git a/variables.tf b/variables.tf
index 2ec1a73224..bafa26f5f6 100644
--- a/variables.tf
+++ b/variables.tf
@@ -296,9 +296,14 @@ variable "block_device_mappings" {
}
variable "ami_filter" {
- description = "List of maps used to create the AMI filter for the action runner AMI. By default amazon linux 2 is used."
+ description = "Map of lists used to create the AMI filter for the action runner AMI."
type = map(list(string))
- default = null
+ default = { state = ["available"] }
+ validation {
+ // check the availability of the AMI
+ condition = contains(keys(var.ami_filter), "state")
+ error_message = "The \"ami_filter\" variable must contain the \"state\" key with the value \"available\"."
+ }
}
variable "ami_owners" {