Best practices working with self-hosted GitHub Action runners at scale on AWS
DevOps & Developer Productivity Blog
This article provides best practices for working with self-hosted GitHub Action runners at scale on AWS.
Specifically, the article covers:
- Understanding security responsibilities when integrating GitHub and AWS environments
- Using short-lived AWS credentials via OIDC and IAM roles for least privilege access
- Using ephemeral runners for build isolation and auto-scaling
- Isolating runners using runner groups and separate AWS accounts
- Optimizing runner startup time with EC2 warm pools
- Using optimized AMIs for consistent and faster runner launches
- Reducing costs with Spot instances
- Recording runner metrics and logs in Amazon CloudWatch for observability
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Jun 7
2024
2024
AWS CodeBuild Managed Self-Hosted GitHub Action Runners
Mar 12
2025
2025
AWS CodeBuild now supports organization and enterprise level GitHub self-hosted runners
Mar 14
2025
2025
Building multi-arch containers with GitHub Actions in AWS
Feb 26
2025
2025
AWS CodeBuild adds support for managed runners for GitLab Self-Managed
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.