Find an AMI that meets the requirements for your EC2 instance
An AMI includes the components and applications, such as the operating system and type of root volume, required to launch an instance. To launch an instance, you must find an AMI that meets your needs.
When selecting an AMI, consider the following requirements you might have for the instances that you want to launch:
-
The AWS Region of the AMI as AMI IDs are unique to each Region.
-
The operating system (for example, Linux or Windows).
-
The architecture (for example, 32-bit, 64-bit, or 64-bit ARM).
-
The root device type (for example, Amazon EBS or instance store).
-
The provider (for example, Amazon Web Services).
-
Additional software (for example, SQL Server).
To find an Amazon Linux 2023 AMI, see AL2023 on Amazon EC2 in the Amazon Linux 2023 User Guide.
To find an Ubuntu AMI, see Amazon EC2 AMI Locator
To find a RHEL AMI, see Red Hat
Enterprise Linux Images (AMI) Available on Amazon Web Services (AWS)
There are various ways to find an AMI that meets your needs. You can find an AMI using the Amazon EC2 console, AWS CLI, AWS Tools for Windows PowerShell, and AWS Systems Manager.
You can find AMIs using the Amazon EC2 console. You can select from the list of AMIs when you use the launch instance wizard to launch an instance, or you can search through all available AMIs using the Images page.
To find an AMI using the launch instance wizard
-
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
. -
From the navigation bar, select the Region in which to launch your instances. You can select any Region that's available to you, regardless of your location. AMI IDs are unique to each AWS Region.
-
From the console dashboard, choose Launch instance.
-
Under Application and OS Images (Amazon Machine Image), choose Quick Start, choose the operating system (OS) for your instance, and then, from Amazon Machine Image (AMI), select from one of the commonly used AMIs in the list. If you don't see the AMI that you want to use, choose Browse more AMIs to browse the full AMI catalog. For more information, see Application and OS Images (Amazon Machine Image).
To find an AMI using the AMIs page
-
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
. -
From the navigation bar, select the Region in which to launch your instances. You can select any Region that's available to you, regardless of your location. AMI IDs are unique to each AWS Region.
-
In the navigation pane, choose AMIs.
-
(Optional) Use the filter and search options to scope the list of displayed AMIs to see only the AMIs that match your criteria.
For example, to list all AMIs provided by AWS, choose Public images. Then use the search options to further scope the list of displayed AMIs. Choose the Search bar and, from the menu, choose Owner alias, then the = operator, and then the value amazon. To find AMIs that match a specific platform, for example Linux or Windows, choose the Search bar again to choose Platform, then the = operator, and then the operating system from the list provided.
-
(Optional) Choose the Preferences icon to select which image attributes to display, such as the root device type. Alternatively, you can select an AMI from the list and view its properties on the Details tab.
-
Before you select an AMI, it's important that you check whether it's backed by instance store or by Amazon EBS and that you are aware of the effects of this difference. For more information, see Root device type.
-
To launch an instance from this AMI, select it and then choose Launch instance from image. For more information about launching an instance using the console, see Launch an EC2 instance using the launch instance wizard in the console. If you're not ready to launch the instance now, make note of the AMI ID for later.
You can use the describe-images AWS CLI command to list only the AMIs that match your requirements. After locating an AMI that matches your requirements, make note of its ID so that you can use it to launch instances. For more information, see Launch your instance in the AWS Command Line Interface User Guide.
The describe-images command
supports filtering parameters. For example, use the --owners
parameter to
display public AMIs owned by Amazon.
aws ec2 describe-images --owners amazon
You can add the following filter to the previous command to display only Windows AMIs.
--filters "Name=platform,Values=windows"
You can add the following filter to the previous command to display only AMIs backed by Amazon EBS.
--filters "Name=root-device-type,Values=ebs"
Important
If you omit the --owners
parameter from the
describe-images
command, all images are returned for which you have
launch permissions, regardless of ownership.
You can use PowerShell cmdlets to list only the Windows AMIs that match your requirements. For information and examples, see Find an Amazon Machine Image Using Windows PowerShell in the AWS Tools for Windows PowerShell User Guide.
After locating an AMI that matches your requirements, make note of its ID so that you can use it to launch instances. For more information, see Launch an Amazon EC2 Instance Using Windows PowerShell in the AWS Tools for Windows PowerShell User Guide.
When you launch an instance using the EC2 launch instance wizard in the Amazon EC2 console, you can either select an AMI from the list (described in Find an AMI using the Amazon EC2 console), or you can select an AWS Systems Manager parameter that points to an AMI ID (described in this section). If you use automation code to launch your instances, you can specify the Systems Manager parameter instead of the AMI ID.
A Systems Manager parameter is a customer-defined key-value pair that you can create in Systems Manager Parameter Store. The Parameter Store provides a central store to externalize your application configuration values. For more information, see AWS Systems Manager Parameter Store in the AWS Systems Manager User Guide.
When you create a parameter that points to an AMI ID, make sure that you specify the
data type as aws:ec2:image
. Specifying this data type ensures that when the
parameter is created or modified, the parameter value is validated as an AMI ID. For
more information, see Native
parameter support for Amazon Machine Image IDs in the AWS Systems Manager User Guide.
Use cases
When you use Systems Manager parameters to point to AMI IDs, it is easier for your users to select the correct AMI when launching instances. Systems Manager parameters can also simplify the maintenance of automation code.
Easier for users
If you require instances to be launched using a specific AMI, and the AMI is regularly updated, we recommend that you require your users to select a Systems Manager parameter to find the AMI. Requiring your users to select a Systems Manager parameter ensures that the latest AMI is used to launch instances.
For example, every month in your organization you might create a new version of
your AMI that has the latest operating system and application patches. You also
require your users to launch instances using the latest version of your AMI. To
ensure that your users use the latest version, you can create a Systems Manager parameter (for
example, golden-ami
) that points to the correct AMI ID. Each time a new
version of the AMI is created, you update the AMI ID value in the parameter so that
it always points to the latest AMI. Your users don't have to know about the periodic
updates to the AMI because they continue to select the same Systems Manager parameter each
time. Using a Systems Manager parameter for your AMI makes it easier for them to select the
correct AMI for an instance launch.
Simplify automation code maintenance
If you use automation code to launch your instances, you can specify the Systems Manager parameter instead of the AMI ID. If a new version of the AMI is created, you can change the AMI ID value in the parameter so that it points to the latest AMI. The automation code that references the parameter doesn’t have to be modified each time a new version of the AMI is created. This simplifies the maintenance of the automation and helps to drive down deployment costs.
Note
Running instances are not affected when you change the AMI ID pointed to by the Systems Manager parameter.
Permissions
If you use Systems Manager parameters that point to AMI IDs in the launch instance wizard, you must add the following permissions to your IAM policy:
-
ssm:DescribeParameters
– Grants permission to view and select Systems Manager parameters. -
ssm:GetParameters
– Grants permission to retrieve the values of the Systems Manager parameters.
You can also restrict access to specific Systems Manager parameters. For more information and example IAM policies, see Example: Use the EC2 launch instance wizard.
Limitations
AMIs and Systems Manager parameters are Region specific. To use the same Systems Manager parameter
name across Regions, create a Systems Manager parameter in each Region with the same name (for
example, golden-ami
). In each Region, point the Systems Manager parameter to an
AMI in that Region.
Launch an instance using a Systems Manager parameter
You can launch an instance using the console or the AWS CLI. Instead of specifying an AMI ID, you can specify an AWS Systems Manager parameter that points to an AMI ID.
To find an AMI using a Systems Manager parameter (console)
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
. -
From the navigation bar, select the Region in which to launch your instances. You can select any Region that's available to you, regardless of your location.
-
From the console dashboard, choose Launch instance.
-
Under Application and OS Images (Amazon Machine Image), choose Browse more AMIs.
-
Choose the arrow button to the right of the search bar, and then choose Search by Systems Manager parameter.
-
For Systems Manager parameter, select a parameter. The corresponding AMI ID appears below Currently resolves to.
-
Choose Search. The AMIs that match the AMI ID appear in the list.
-
Select the AMI from the list, and choose Select.
For more information about launching an instance using the launch instance wizard, see Launch an EC2 instance using the launch instance wizard in the console.
To launch an instance using an AWS Systems Manager parameter instead of an AMI ID (AWS CLI)
The following example uses the Systems Manager parameter golden-ami
to
launch an m5.xlarge
instance. The parameter points to an AMI
ID.
To specify the parameter in the command, use the following syntax:
resolve:ssm:/
, where
parameter-name
resolve:ssm
is the standard prefix and parameter-name
is the unique parameter name. Note that the parameter name is case-sensitive.
Backslashes for the parameter name are only necessary when the parameter is part of
a hierarchy, for example, /amis/production/golden-ami
. You can omit the
backslash if the parameter is not part of a hierarchy.
In this example, the --count
and --security-group
parameters are not included. For --count
, the default is 1. If you have
a default VPC and a default security group, they are used.
aws ec2 run-instances
--image-id resolve:ssm:/golden-ami
--instance-type m5.xlarge
...
To launch an instance using a specific version of an AWS Systems Manager parameter (AWS CLI)
Systems Manager parameters have version support. Each iteration of a parameter is
assigned a unique version number. You can reference the version of the parameter
as follows
resolve:ssm:
,
where parameter-name
:version
version
is the unique version number. By default, the latest
version of the parameter is used when no version is specified.
The following example uses version 2 of the parameter.
In this example, the --count
and --security-group
parameters are not included. For --count
, the default is 1
If you have a default VPC and a default security group, they are used.
aws ec2 run-instances
--image-id resolve:ssm:/golden-ami
:2
--instance-type m5.xlarge
...
To launch an instance using a public parameter provided by AWS
Systems Manager provides public parameters for public AMIs provided by AWS. You can use the public parameters when launching instances to ensure that you're using the latest AMIs.
For more information, see Find the latest AMIs using a Systems Manager public parameter.
AWS Systems Manager provides public parameters for public AMIs maintained by AWS. You can use the
public parameters when launching instances to ensure that you're using the latest AMIs.
For example, the public parameter
/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-arm64
is available in all Regions and always points to the latest version of the
Amazon Linux 2023 AMI for arm64 architecture in a given Region.
The public parameters are available from the following paths:
-
Linux –
/aws/service/ami-amazon-linux-latest
-
Windows –
/aws/service/ami-windows-latest
To view a list of all the Linux or Windows AMIs in the current AWS Region
Use the following get-parameters-by-path AWS CLI command to view a list of all the Linux or
Windows AMIs in the current AWS Region. The value for the --path
parameter is different for Linux and Windows.
For Linux:
aws ssm get-parameters-by-path \ --path /aws/service/ami-amazon-linux-latest \ --query "Parameters[].Name"
For Windows:
aws ssm get-parameters-by-path \ --path /aws/service/ami-windows-latest \ --query "Parameters[].Name"
To launch an instance using a public parameter
The following example specifies a Systems Manager public parameter for the image ID to launch an instance using the latest Amazon Linux 2023 AMI.
To specify the parameter in the command, use the following syntax:
resolve:ssm:
, where
public-parameter
resolve:ssm
is the standard prefix and
is the path and name of
the public parameter.public-parameter
In this example, the --count
and --security-group
parameters
are not included. For --count
, the default is 1. If you have a default VPC
and a default security group, they are used.
aws ec2 run-instances \
--image-id resolve:ssm:/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64
\
--instance-type m5.xlarge
\
--key-name MyKeyPair
For more information, see Working with public parameters in the AWS Systems Manager User Guide.
For examples that use Systems Manager parameters, see Query for the latest Amazon Linux AMI IDs Using AWS Systems Manager Parameter Store