EC2 Amazon Machine Images

Posted on by wpadmin

Kinds of Images

  • Amazon Quick Start – Launch images from AWS.
  • AWS Marketplace – official images created and supported by third party vendors.
  • Community – community images.
  • Private AMI – created and owned by a specific AWS account and is not publicly shared.
  • Golden AMI – standardized, pre-configured Amazon Machine Image (AMI) that is used as a baseline for deploying new EC2 instances.

Golden Images

Image typically created by an organization to ensure consistency, security, and efficiency across multiple environments. The golden image is a template that includes the necessary software, patches, settings, and configurations that an organization requires for its workloads.

Consistency: Ensures that every new instance launched from the image will have the same configuration, reducing discrepancies between instances.

Security: Since the image is pre-configured with security patches and best practices, it reduces the risk of vulnerabilities.

Efficiency: Speeds up the process of provisioning new instances, as it can be reused repeatedly.

Automation: It can be integrated with CI/CD pipelines for automated deployment and scaling.

EC2 Image Builder

Fully managed service that allows you to automate the creation, management, and maintenance of Amazon Machine Images (AMIs) for your EC2 instances. It simplifies the process of building custom AMIs with specific configurations, including software installations, security patches, and other customizations, and allows you to maintain and update those images over time.

  • Automates the process of building custom AMIs, reducing manual work and ensuring consistency. You can specify which configurations, software, and updates to include in the image.
    Pipeline-Based Workflow:
  • Uses pipelines to automate the entire image creation process. A pipeline consists of a series of steps, such as build, test, and distribute, to create and distribute your AMIs.
    Customizable Image Build:
  • Can configure the AMI build to include software installations, security patches, configuration management (e.g., using AWS Systems Manager, Chef, or Ansible), and more.

Amazon Machine Image (AMI) Launch Permission controls who can launch EC2 instances from a specific AMI. By setting launch permissions, you can manage access to your AMIs, ensuring that only authorized users or accounts can use them to launch instances.

Types of AMI Launch Permissions:

  1. Private AMI:
    • Only the owner of the AMI can launch instances from it.
    • By default, when you create an AMI, it is private, and only your account has launch permission.
  2. Public AMI:
    • The AMI is accessible to all AWS accounts.
    • You can make an AMI public if you want anyone to use it to launch instances.
  3. Shared AMI:
    • The AMI is shared with specific AWS accounts or within an AWS Organization.
    • You can share the AMI with other AWS accounts, enabling them to use the image for launching EC2 instances.