An AMI
- Expands to Amazon Machine Image
- Is a configuration detail
- provides information required to launch an instance.
- Can launch multiple instances from a single AMI if multiple instances with same configuration is needed.
- Use different AMIs to launch instances with different configurations.
An AMI includes
- Single or multiple EBS snapshots
- for instance-store-backed AMIs, template for root volume of instance is stored (like OS, application server and software applications).
- Launch permissions controlling which AWS accounts can use AMI to launch instances.
- A block device mapping specifying volumes to attach to instance when it’s launched.
AMI Types based on characteristics:
- Region
- Operating system
- Architecture (32-bit or 64-bit)
- Launch Permissions
- public – all AWS accounts has launch permissions from owner
- explicit – specific AWS accounts has launch permissions from owner
- implicit – Only owner has implicit launch permissions.
- Storage for the Root Device
- Backed by Amazon EBS – root device for an instance launched from the AMI is an Amazon EBS volume created from an Amazon EBS snapshot.
- Backed by instance store- root device for an instance launched from AMI is an instance store volume created from a template stored in Amazon S3.
Sharing AMIs
- Shared AMI is an AMI that a developer created and made available for other developers to use.
- Using shared AMI at own risk
- encrypted volumes AMIs cannot be made public
- Capability for AMI sharing with AWS accounts without making it public
- Sharing AMI by AWS CLI, can be done by modify-image-attribute command
- Can also create a bookmark that allows a user to access AMI and launch an instance in their own account.
Sharing an AMI (Console)
- Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
- In the navigation pane, choose AMIs.
- Select AMI in the list, and then choose Actions, Modify Image Permissions.
- Enlist the AWS account number to share AMI with, in AWS Account Number field, then choose Add Permission.
AMI sharing Guidelines
- Update AMI Tools Before Using Them
- Disable Password-Based Remote Logins for Root
- Disable Local Root Access
- Remove SSH Host Key Pairs
- Install Public Key Credentials
- Disabling sshd DNS Checks (Optional)
AWS Certified Developer - Associate Free Practice TestTake a Quiz