AWS Elastic Beanstalk
Developer Guide (API Version 2010-12-01)
AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Managed Platform Updates

Elastic Beanstalk regularly releases platform updates to provide fixes, software updates and new features. With managed platform updates, you can configure your environment to automatically upgrade to the latest version of a platform during a scheduled maintenance window. Your application remains in service during the update process with no reduction in capacity. Managed updates are available on both single-instance and load-balanced environments.

Note

This feature is not available for the .NET on Windows Server platform.

You can configure your environment to automatically apply patch version updates, or both patch and minor version updates. Managed platform updates don't support major version updates, which may introduce changes that are backwards incompatible.

When you enable managed platform updates, you can also configure AWS Elastic Beanstalk to replace all instances in your environment during the maintenance window, even if a platform update isn't available. Replacing all instances in your environment is helpful if your application encounters bugs or memory issues when running for a long period.

Use the Elastic Beanstalk environment management console to enable managed platform updates.

To enable managed platform updates

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. Choose Configuration.

  4. Choose Managed Updates.

  5. Select Enable managed updates.

  6. Choose a maintenance window and then choose Update level.

  7. (optional) Select Instance replacement to enable weekly instance replacement.

  8. Choose Apply.

Managed platform updates depend on enhanced health reporting to determine that your application is healthy enough to consider the platform update successful. See Enabling AWS Elastic Beanstalk Enhanced Health Reporting for instructions.

Permissions Required to Perform Managed Platform Updates

Elastic Beanstalk needs permission to initiate a platform update on your behalf. If you use the default service role, the console adds the required permissions when you enable managed platform updates. If you don't use the default service role or manage your environments with a different client, add the AWSElasticBeanstalkService managed profile to your service role.

Note

If you use configuration files to extend your environment to include additional resources, you might need to add additional permissions to your environment's service role. Typically you need to add additional permissions when you reference these resources by name in other sections or files.

If an update fails, you can find the reason for the failure on the Managed Updates page.

The Managed Update Maintenance Window

When AWS releases a new version of your environment's platform configuration, Elastic Beanstalk schedules a managed platform update during the next weekly maintenance window. Maintenance windows are two hours long. Elastic Beanstalk starts a scheduled update during the maintenance window, but the update might not complete until after the windows ends.

Minor and Patch Version Updates

You can enable managed platform updates to apply patch version updates only, or for both minor and patch version updates. Patch version updates provide bug fixes and performance improvements, and can include minor configuration changes to the on-instance software, scripts, and configuration options. Minor version updates provide support for new Elastic Beanstalk features. You can't apply major version updates, which might make changes that are backwards incompatible, with managed platform updates.

In a platform version number, the second number is the minor update version, and the third number is the patch version. For example, a version 2.0.7 platform version has a minor version of 0 and a patch version of 7.

Immutable Environment Updates

Managed platform updates perform immutable environment updates to upgrade your environment to a new platform version. Immutable updates update your environment without taking any instances out of service or modifying your environment, prior to confirming that instances running the new configuration pass health checks.

In an immutable update, Elastic Beanstalk deploys as many instances as are currently running with the new platform version. The new instances begin to take requests alongside those running the old version. If the new set of instances passes all health checks, Elastic Beanstalk terminates the old set of instances, leaving only instances with the new configuration.

Managed platform updates always perform immutable updates, even when you apply them outside of the maintenance window. If you change the platform configuration from the Dashboard, Elastic Beanstalk applies the update policy that you've chosen for configuration updates.

Managing Managed Updates

The Elastic Beanstalk environment management console shows detailed information about managed updates on the Managed Updates page.

To view information about managed updates (console)

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. Choose Managed Updates.

The Managed Updates Overview section provides information about scheduled and pending managed updates. The History section lists successful updates and failed attempts.

You can choose to apply a scheduled update immediately, instead of waiting until the maintenance window.

To apply a managed platform update immediately (console)

  1. Open the Elastic Beanstalk console.

  2. Navigate to the management page for your environment.

  3. Choose Managed Updates.

  4. Choose Apply now.

  5. Choose Apply.

When you apply a managed platform update outside of the maintenance window, Elastic Beanstalk performs an immutable update. If you update the environment's platform from the Dashboard, or by using a different client, Elastic Beanstalk uses the update type that you have selected for configuration changes.

If you don't have a managed update scheduled, your environment may already be running the latest version. Other reasons for not having an update scheduled include:

  • a minor version update is available, but your environment is configured to automatically apply only patch version updates.

  • your environment hasn't been scanned since the update was released. Elastic Beanstalk typically checks for updates every hour.

  • an update is pending or already in progress.

When your maintenance window starts or when you choose Apply now, scheduled updates goes into pending status prior to execution.

Managed Action Option Namespaces

You can use configuration options in the aws:elasticbeanstalk:managedactions and aws:elasticbeanstalk:managedactions:platformupdate namespaces to enable and configure managed platform updates.

The ManagedActionsEnabled option turns on managed platform updates. Set this option to true to enable managed platform updates, and use the other options to configure update behavior.

Use PreferredStartTime to configure the beginning of the weekly maintenance window in day:hour:minute format.

Set UpdateLevel to minor or patch to apply both minor and patch version updates, or just patch version updates, respectively.

When managed platform updates are enabled, you can enable instance replacement by setting the InstanceRefreshEnabled option to true. When this setting is enabled, Elastic Beanstalk runs an immutable update on your environment every week, regardless of whether there is a new platform version available.

The following example configuration file enables managed platform updates for patch version updates with a maintenance window starting at 10:00 AM UTC each Tuesday:

Example .ebextensions/managed-platform-update.config

option_settings:
  aws:elasticbeanstalk:managedactions:
    ManagedActionsEnabled: true
    PreferredStartTime: "Tue:10:00"
  aws:elasticbeanstalk:managedactions:platformupdate:
    UpdateLevel: patch
    InstanceRefreshEnabled: true