Use Amazon Systems Manager parameters instead of AMI IDs in launch templates
This section shows you how to create a launch template that specifies an Amazon Systems Manager parameter that references an Amazon Machine Image (AMI) ID. You can use a parameter stored in your same Amazon Web Services account, a parameter shared from another Amazon Web Services account, or a public parameter for a public AMI maintained by Amazon.
With Systems Manager parameters, you can update your Auto Scaling groups to use new AMI IDs without needing to create new launch templates or new versions of launch templates each time an AMI ID changes. These IDs can change regularly, such as when an AMI is updated with the latest operating system or software updates.
You can create, update, or delete your own Systems Manager parameters using the Parameter Store, a capability of Amazon Systems Manager. You must create a Systems Manager
parameter before you can use it in a launch template. To get started, create a parameter
with the data type aws:ec2:image
, and for its value, enter the ID of an
AMI. The AMI ID has the form
ami-
, for example,
<identifier>
ami-123example456
. The correct AMI ID depends on the instance type and
Amazon Web Services Region that you're launching your Auto Scaling group in.
For more information about creating a valid parameter for an AMI ID, see Creating Systems Manager parameters.
Create a launch template that specifies a parameter for the AMI
To create a launch template that specifies a parameter for the AMI, use one of the following methods:
To specify a parameter from the Parameter Store in a launch template, you must
have the ssm:GetParameters
permission for the specified parameter.
Anyone who uses the launch template also needs the ssm:GetParameters
permission in order for the parameter value to be validated. For more information,
see Restricting
access to Systems Manager parameters using IAM policies in the
Amazon Systems Manager User Guide.
Verify a launch template gets the correct AMI ID
Use the describe-launch-template-versions command and include the
--resolve-alias
option to resolve the parameter to the actual AMI
ID.
aws ec2 describe-launch-template-versions --launch-template-name
my-template-for-auto-scaling
\ --versions$Default
--resolve-alias
The example returns the AMI ID for ImageId
. When an instance is
launched using this launch template, the AMI ID resolves to
ami-0ac394d6a3example
.
{
"LaunchTemplateVersions": [
{
"LaunchTemplateId": "lt-089c023a30example",
"LaunchTemplateName": "my-template-for-auto-scaling",
"VersionNumber": 1,
"CreateTime": "2022-12-28T19:52:27.000Z",
"CreatedBy": "arn:aws-cn:iam::123456789012:user/Bob",
"DefaultVersion": true,
"LaunchTemplateData": {
"ImageId": "ami-0ac394d6a3example",
"InstanceType": "t2.micro",
}
}
]
}
Related resources
For more details about specifying a Systems Manager parameter in your launch template, see Use a Systems Manager parameter instead of an AMI ID in the Amazon EC2 User Guide.
For more information about working with Systems Manager parameters, see the following reference materials in the Systems Manager documentation.
-
To create parameter versions and labels, see Working with parameter versions and Working with parameter labels.
-
For information about how to look up the AMI public parameters supported by Amazon EC2, see Calling AMI public parameters.
-
For information about sharing parameters with other Amazon accounts or through Amazon Organizations, see Working with shared parameters.
-
For information about monitoring whether your parameters are created successfully, see Native parameter support for Amazon Machine Image IDs.
Limitations
When working with Systems Manager parameters, note the following limitations:
-
Amazon EC2 Auto Scaling only supports specifying AMI IDs as parameters.
-
Creating or updating mixed instances groups with attribute-based instance type selection using a launch template that specifies a Systems Manager parameter is not supported.
-
If your Auto Scaling group uses a launch template that specifies a Systems Manager parameter, you will not be able to start an instance refresh with a desired configuration or using skip matching.
-
On each call to create or update your Auto Scaling group, Amazon EC2 Auto Scaling will resolve the Systems Manager parameter in the launch template. If you are using advanced parameters or higher throughput limits, the frequent calls to the Parameter Store (that is, the
GetParameters
operation) can increase your costs for Systems Manager because charges are incurred per Parameter Store API interaction. For more information, see Amazon Systems Manager pricing.