About AE hosted runners

GitHub AE offers customizable and security hardened hosted virtual machines to run GitHub Actions workflows. You can select the hardware, bring your own machine image, and enable an IP address for networking with your AE hosted runner.

GitHub Actions is available with GitHub Free, GitHub Pro, GitHub Free for organizations, GitHub Team, GitHub Enterprise Cloud, GitHub Enterprise Server, and GitHub AE. GitHub Actions is not available for private repositories owned by accounts using legacy per-repository plans.

Note: GitHub Actions is currently in beta for GitHub AE.

About AE hosted runners

An AE hosted runner is a virtual machine hosted by GitHub with the GitHub Actions runner service installed.

GitHub AE lets you create and customize AE hosted runners using Ubuntu or Windows images; you can select the size of machine you want and configure security hardened networking for them. AE hosted runners are fully managed and auto-scaled by GitHub.

Each workflow job is executed in a fresh instance of the AE hosted runner, and you can run workflows directly on the virtual machine or in a Docker container. All steps in the job execute in the same instance, allowing the actions in that job to share information using the AE hosted runner's filesystem.

AE hosted runners are the only runners available for GitHub AE, and self-hosted runners are not available.

To add AE hosted runners to your organization or enterprise, see "Adding AE hosted runners."

Pool assignments for AE hosted runners

Your AE hosted runners are allocated to the same pool as your GitHub AE instance. No other customers have access to this pool, and as a result, AE hosted runners are not shared with any other customers.

Managing your AE hosted runners

During the AE hosted runner beta, you can manage your AE hosted runners by contacting GitHub support. For example, GitHub support can assist you with adding a new AE hosted runner, assigning labels, or moving a AE hosted runner to a different group.


GitHub Actions is currently in beta for GitHub AE. During this beta period, AE hosted runners are not billed, and can be used for free.

Once the beta ends, billed usage will include the full uptime of active instances in your AE hosted runner sets. This includes:

  • Job time - minutes spent running Actions job.
  • Management - minutes spent re-imaging machines and any idle time created as a result of desired auto-scale behavior.

Pricing will scale linearly with cores. For example, 4 cores will be twice the price of 2 cores. Windows VMs will be priced higher than Linux VMs.

Hardware specifications

AE hosted runners are available on a range of virtual machines hosted in Microsoft Azure. Depending on regional availability, you can choose from Standard_Das_v4, Standard_DS_v2, Standard_Fs_v2 series. Certain regions also include GPU runners based on Standard_NCs_v3.

For more information about these Azure machine resources, see "Sizes for virtual machines in Azure" in the Microsoft Azure documentation.

To determine which runner executed a job, you can review the workflow logs. For more information, see "Viewing workflow run history."

Software specifications

You can use AE hosted runners with standard operating system images, or you can add images that you've created.

Default operating system images

These images only include the standard operating system tools:

  • Ubuntu 18.04 LTS (Canonical)
  • Ubuntu 16.04 LTS (Canonical)
  • Windows Server 2019 (Microsoft)
  • Windows Server 2016 (Microsoft)

Custom operating system images

You can create your own OS images in Azure and have them added to GitHub AE as AE hosted runners. For more information, see "Adding an AE hosted runner with a custom image".

Network specifications

You can optionally enable a fixed static public IP address for your AE hosted runners. If enabled, all AE hosted runners in your instance will share a range of 2 to 4 IP addresses, and will communicate using ports on those addresses.

If you don't enable static public IP addresses, then your AE hosted runners will subsequently have the same IP address ranges as the Azure datacenters. Inbound ICMP packets are blocked, so ping or traceroute commands are not expected to work.

To get a list of IP address ranges that GitHub Actions uses for AE hosted runners, you can use the GitHub REST API . For more information, see the actions key in the response of the "Get GitHub meta information" endpoint. You can use this list of IP addresses if you require an allow-list to prevent unauthorized access to your internal resources.

The list of GitHub Actions IP addresses returned by the API is updated once a week.

Administrative privileges for AE hosted runners

The Linux virtual machines run using passwordless sudo. When you need to execute commands or install tools that require more privileges than the current user, you can use sudo without needing to provide a password. For more information, see the "Sudo Manual."

Windows virtual machines are configured to run as administrators with User Account Control (UAC) disabled. For more information, see "How User Account Control works" in the Windows documentation.

File systems

GitHub executes actions and shell commands in specific directories on the virtual machine. The file paths on virtual machines are not static. Use the environment variables GitHub provides to construct file paths for the home, workspace, and workflow directories.

DirectoryEnvironment variableDescription
homeHOMEContains user-related data. For example, this directory could contain credentials from a login attempt.
workspaceGITHUB_WORKSPACEActions and shell commands execute in this directory. An action can modify the contents of this directory, which subsequent actions can access.
workflow/event.jsonGITHUB_EVENT_PATHThe POST payload of the webhook event that triggered the workflow. GitHub rewrites this each time an action executes to isolate file content between actions.

For a list of the environment variables GitHub creates for each workflow, see "Using environment variables."

Docker container filesystem

Actions that run in Docker containers have static directories under the /github path. However, we strongly recommend using the default environment variables to construct file paths in Docker containers.

GitHub reserves the /github path prefix and creates three directories for actions.

  • /github/home
  • /github/workspace - Note: GitHub Actions must be run by the default Docker user (root). Ensure your Dockerfile does not set the USER instruction, otherwise you will not be able to access GITHUB_WORKSPACE.
  • /github/workflow

Did this doc help you?Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.