ec2_ami - create or destroy an image in ec2

New in version 1.3.

Synopsis

  • Creates or deletes ec2 images.

Requirements (on host that executes module)

  • python >= 2.6
  • boto

Options

parameter required default choices comments
architecture
(added in 2.3)
no
The target architecture of the image to register
aws_access_key
no
AWS access key. If not set then the value of the AWS_ACCESS_KEY_ID, AWS_ACCESS_KEY or EC2_ACCESS_KEY environment variable is used.
aliases: ec2_access_key, access_key
aws_secret_key
no
AWS secret key. If not set then the value of the AWS_SECRET_ACCESS_KEY, AWS_SECRET_KEY, or EC2_SECRET_KEY environment variable is used.
aliases: ec2_secret_key, secret_key
delete_snapshot
no no
  • yes
  • no
Delete snapshots when deregistering the AMI.
description
no
Human-readable string describing the contents and purpose of the AMI.
device_mapping
(added in 2.0)
no
List of device hashes/dictionaries with custom configurations (same block-device-mapping parameters)
Valid properties include: device_name, volume_type, size (in GB), delete_on_termination (boolean), no_device (boolean), snapshot_id, iops (for io1 volume_type)
ec2_url
no
Url to use to connect to EC2 or your Eucalyptus cloud (by default the module will use EC2 endpoints). Ignored for modules where region is required. Must be specified for all other modules if region is not used. If not set then the value of the EC2_URL environment variable, if any, is used.
image_id
no
Image ID to be deregistered.
instance_id
no
Instance ID to create the AMI from.
kernel_id
(added in 2.3)
no
The target kernel id of the image to register
launch_permissions
(added in 2.0)
no
Users and groups that should be able to launch the AMI. Expects dictionary with a key of user_ids and/or group_names. user_ids should be a list of account ids. group_name should be a list of groups, "all" is the only acceptable value currently.
name
no
The name of the new AMI.
no_reboot
no
  • yes
  • no
Flag indicating that the bundling process should not attempt to shutdown the instance before bundling. If this flag is True, the responsibility of maintaining file system integrity is left to the owner of the instance.
profile
(added in 1.6)
no
Uses a boto profile. Only works with boto >= 2.24.0.
region
no
The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION environment variable, if any, is used. See http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region
aliases: aws_region, ec2_region
root_device_name
(added in 2.3)
no
The root device name of the image to register
security_token
(added in 1.6)
no
AWS STS security token. If not set then the value of the AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN environment variable is used.
aliases: access_token
state
no present
  • absent
  • present
Create or deregister/delete AMI.
tags
(added in 2.0)
no
A dictionary of tags to add to the new image; '{"key":"value"}' and '{"key":"value","key":"value"}'
validate_certs
(added in 1.5)
no yes
  • yes
  • no
When set to "no", SSL certificates will not be validated for boto versions >= 2.6.0.
virtualization_type
(added in 2.3)
no
The virtualization type of the image to register
wait
no no
  • yes
  • no
Wait for the AMI to be in state 'available' before returning.
wait_timeout
no 300
How long before wait gives up, in seconds.

Examples

# Basic AMI Creation
- ec2_ami:
    aws_access_key: xxxxxxxxxxxxxxxxxxxxxxx
    aws_secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    instance_id: i-xxxxxx
    wait: yes
    name: newtest
    tags:
      Name: newtest
      Service: TestService
  register: image

# Basic AMI Creation, without waiting
- ec2_ami:
    aws_access_key: xxxxxxxxxxxxxxxxxxxxxxx
    aws_secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    region: xxxxxx
    instance_id: i-xxxxxx
    wait: no
    name: newtest
  register: image

# AMI Registration from EBS Snapshot
- ec2_ami:
    aws_access_key: xxxxxxxxxxxxxxxxxxxxxxx
    aws_secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    region: xxxxxx
    name: newtest
    state: present
    architecture: x86_64
    virtualization_type: hvm
    root_device_name: /dev/xvda
    device_mapping:
      - device_name: /dev/xvda
        size: 8
        snapshot_id: snap-xxxxxxxx
        delete_on_termination: true
        volume_type: gp2
  register: image

# AMI Creation, with a custom root-device size and another EBS attached
- ec2_ami:
    aws_access_key: xxxxxxxxxxxxxxxxxxxxxxx
    aws_secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    instance_id: i-xxxxxx
    name: newtest
    device_mapping:
        - device_name: /dev/sda1
          size: XXX
          delete_on_termination: true
          volume_type: gp2
        - device_name: /dev/sdb
          size: YYY
          delete_on_termination: false
          volume_type: gp2
  register: image

# AMI Creation, excluding a volume attached at /dev/sdb
- ec2_ami:
    aws_access_key: xxxxxxxxxxxxxxxxxxxxxxx
    aws_secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    instance_id: i-xxxxxx
    name: newtest
    device_mapping:
        - device_name: /dev/sda1
          size: XXX
          delete_on_termination: true
          volume_type: gp2
        - device_name: /dev/sdb
          no_device: yes
  register: image

# Deregister/Delete AMI (keep associated snapshots)
- ec2_ami:
    aws_access_key: xxxxxxxxxxxxxxxxxxxxxxx
    aws_secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    region: xxxxxx
    image_id: "{{ instance.image_id }}"
    delete_snapshot: False
    state: absent

# Deregister AMI (delete associated snapshots too)
- ec2_ami:
    aws_access_key: xxxxxxxxxxxxxxxxxxxxxxx
    aws_secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    region: xxxxxx
    image_id: "{{ instance.image_id }}"
    delete_snapshot: True
    state: absent

# Update AMI Launch Permissions, making it public
- ec2_ami:
    aws_access_key: xxxxxxxxxxxxxxxxxxxxxxx
    aws_secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    region: xxxxxx
    image_id: "{{ instance.image_id }}"
    state: present
    launch_permissions:
      group_names: ['all']

# Allow AMI to be launched by another account
- ec2_ami:
    aws_access_key: xxxxxxxxxxxxxxxxxxxxxxx
    aws_secret_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    region: xxxxxx
    image_id: "{{ instance.image_id }}"
    state: present
    launch_permissions:
      user_ids: ['123456789012']

Return Values

Common return values are documented here Return Values, the following are the fields unique to this module:

name description returned type sample
architecture
architecture of image
when AMI is created or already exists string x86_64
block_device_mapping
block device mapping associated with image
when AMI is created or already exists dict {'/dev/sda1': {'encrypted': False, 'size': 10, 'delete_on_termination': True, 'volume_type': 'standard', 'snapshot_id': 'snap-1a03b80e7'}}
creationDate
creation date of image
when AMI is created or already exists string 2015-10-15T22:43:44.000Z
description
description of image
when AMI is created or already exists string nat-server
hypervisor
type of hypervisor
when AMI is created or already exists string xen
image_id
id of the image
when AMI is created or already exists string ami-1234abcd
is_public
whether image is public
when AMI is created or already exists bool False
location
location of image
when AMI is created or already exists string 315210894379/nat-server
name
ami name of image
when AMI is created or already exists string nat-server
ownerId
owner of image
when AMI is created or already exists string 435210894375
platform
platform of image
when AMI is created or already exists string None
root_device_name
root device name of image
when AMI is created or already exists string /dev/sda1
root_device_type
root device type of image
when AMI is created or already exists string ebs
snapshots_deleted
a list of snapshot ids deleted after deregistering image
after AMI is deregistered, if 'delete_snapshot' is set to 'yes' list ['snap-fbcccb8f', 'snap-cfe7cdb4']
state
state of image
when AMI is created or already exists string available
tags
a dictionary of tags assigned to image
when AMI is created or already exists dict {'Name': 'nat-server', 'Env': 'devel'}
virtualization_type
image virtualization type
when AMI is created or already exists string hvm

Notes

Note

  • If parameters are not set within the module, the following environment variables can be used in decreasing order of precedence AWS_URL or EC2_URL, AWS_ACCESS_KEY_ID or AWS_ACCESS_KEY or EC2_ACCESS_KEY, AWS_SECRET_ACCESS_KEY or AWS_SECRET_KEY or EC2_SECRET_KEY, AWS_SECURITY_TOKEN or EC2_SECURITY_TOKEN, AWS_REGION or EC2_REGION
  • Ansible uses the boto configuration file (typically ~/.boto) if no credentials are provided. See http://boto.readthedocs.org/en/latest/boto_config_tut.html
  • AWS_REGION or EC2_REGION can be typically be used to specify the AWS region, when required, but this can also be configured in the boto config file

Status

This module is flagged as stableinterface which means that the maintainers for this module guarantee that no backward incompatible interface changes will be made.

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/ec2_ami_module.html