Amazon Machine Images (AMIs)

An Amazon Machine Image (AMI) is a pre-configured template used to launch EC2 instances. It contains the operating system, application software, and configuration needed to boot a server. Understanding AMIs is essential for repeatable, reliable infrastructure.

---

What Is an AMI?

An AMI is a blueprint for an EC2 instance. It packages:

• Root volume snapshot — the operating system, bootloader, and any pre-installed software
• Launch permissions — who can use the AMI (public, specific accounts, or private)
• Block device mapping — which volumes to attach at launch (root volume, additional EBS volumes, instance store)

When you launch an instance, the AMI is used to create the root volume (and any additional volumes defined in the block device mapping). The instance then boots from that volume.

---

Types of AMIs

By Provider

Source	Description	Examples
AWS-provided	Maintained and updated by AWS	Amazon Linux 2023, Amazon ECS-Optimised AMI
Marketplace	Third-party vendors sell pre-configured AMIs	NGINX Plus, Fortinet FortiGate, Splunk
Community	Shared publicly by other AWS users	Various community-contributed images
Custom (My AMIs)	Created by you from your own instances	Your hardened base image, your app pre-installed

By Root Volume Type

Type	Root Device	Characteristics
EBS-backed	Amazon EBS volume	Can be stopped and restarted; root volume persists independently of instance lifecycle; supports all instance types
Instance-store-backed	Instance store	Cannot be stopped (only terminated); root volume data is lost on termination; limited to certain instance types

Best practice: Almost all modern workloads use EBS-backed AMIs. Instance-store-backed AMIs are rare today and used only for specific legacy scenarios.

By Architecture

Architecture	Description
x86_64 (amd64)	Intel and AMD processors — the traditional default
arm64	AWS Graviton processors — better price-performance for many workloads

You must select an AMI that matches the processor architecture of your chosen instance type. A Graviton instance (e.g., m7g.large) requires an arm64 AMI.

By Virtualisation Type

Type	Description
HVM (Hardware Virtual Machine)	Modern standard; uses hardware extensions for near-native performance; required for current-generation instances
PV (Paravirtual)	Legacy; software-based virtualisation; limited to older instance types

All current-generation instance types require HVM AMIs.

---

Finding AMIs

AWS Console

1. Go to EC2 → AMIs in the console.
2. Use the filter bar to search by name, owner, architecture, or platform.
3. Switch between Owned by me, Public images, and AWS Marketplace.

AWS CLI

# Find the latest Amazon Linux 2023 AMI
aws ec2 describe-images \
  --owners amazon \
  --filters \
    "Name=name,Values=al2023-ami-2023*" \
    "Name=architecture,Values=x86_64" \
    "Name=state,Values=available" \
  --query "Images | sort_by(@, &CreationDate) | [-1].{ImageId:ImageId,Name:Name,Created:CreationDate}" \
  --output table

# Find the latest Ubuntu 22.04 AMI
aws ec2 describe-images \
  --owners 099720109477 \
  --filters \
    "Name=name,Values=ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*" \
    "Name=state,Values=available" \
  --query "Images | sort_by(@, &CreationDate) | [-1].{ImageId:ImageId,Name:Name}" \
  --output table

SSM Parameter Store (Recommended)

AWS publishes the latest AMI IDs as SSM public parameters. This is the most reliable way to programmatically retrieve the current AMI ID:

# Get the latest Amazon Linux 2023 AMI ID
aws ssm get-parameters \
  --names /aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64 \
  --query "Parameters[0].Value" \
  --output text

This approach is particularly useful in Infrastructure as Code (Terraform, CloudFormation) to always use the most up-to-date AMI without hardcoding IDs.

---

Creating Custom AMIs

Custom AMIs let you capture a configured instance as a reusable template. This is the foundation of the golden image pattern.