Skip to main content
Requires Enterprise plan. Contact sales for access.
Use AWS runners when your team wants Ona to execute inside your AWS environment instead of on Ona-managed infrastructure. This is the right fit when you need:
  • source code and execution to stay in your AWS network
  • tighter control over networking, IAM, and regional placement
  • integration with existing platform, compliance, or network controls
If you want the fastest path to a working setup, start with Ona Cloud instead. AWS runner architecture

What the runner includes

An AWS runner gives Ona an execution layer inside your VPC. The deployment includes:
  • a runner orchestrator running on AWS-managed infrastructure you control
  • environment provisioning for development environments and agent runs
  • repository access and secret handling inside your AWS boundary
  • network and IAM integration with the rest of your AWS estate

Plan before you deploy

Before setup, confirm these prerequisites:
  1. AWS account permissions for deploying the CloudFormation stacks and related IAM resources
  2. Capacity planning for the environment sizes and concurrency your team needs
  3. AMI allowlisting if your organization restricts AMI usage
  4. A domain and certificate for the runner endpoints
  5. A network posture for public access, private access, or private endpoints
AMI NameOwner Account IDPurpose
bottlerocket-aws-ecs-1-x86_64149721548608Runner service
gitpod/images/gitpod-next/ec2-runner-ami-*995913728426Environments

Common rollout path

Teams usually follow this sequence:
  1. review capacity planning
  2. work through setup
  3. configure repository access
  4. review detailed access requirements and VPC endpoints if the network posture is strict
  5. configure environment classes and monitoring