3

I'd like to get the default username for an AMI on AWS. For example, I need to obtain the username shown in the box in this image, via API or CLI.

Any thoughts?enter image description here

MT.
  • 321
  • 2
  • 8

2 Answers2

3

The AWS infrastructure doesn't know the default username for an AMI. It's commonly ec2-user, or ubuntu, or whatever the AMI author decided it should be. Even the message on the console explains that this value is essentially just a guess.

Additionally, depending on the source of the AMI, it can be withdrawn -- deleted -- and any instances built from it will still function, but it's attributes can't be fetched, because it no longer exists.

Beyond that, once you have created an instance from an AMI, you have full control, and if you change that default username -- or the default SSH key to the instance, for that matter -- the AWS platform has no idea that you've changed it.

Michael - sqlbot
  • 22,658
  • 2
  • 63
  • 86
  • Michael - I do understand that, however it guesses correctly for most standard image types, most of the time. It's this guess I'm trying to retrieve via cli/api. – MT. Sep 13 '17 at 06:38
  • The majority of behavior in the console is accessible via APIs, but not all of it. There are a few features provided only by the console. If this is an accessible capability, I don't recall ever seeing it. Someone may come along to point out what I have overlooked. – Michael - sqlbot Sep 13 '17 at 09:41
  • Yeah - agree, I've dug pretty deep and didn't find anything. I'm just throwing a hail mary with this question. Thanks for looking into it! – MT. Sep 13 '17 at 16:29
1

AWS have lots of controls in place that prevent them from actually looking on your instance. That said, if it's an amazon ami, then the default username is ec2-user. If the ami is from Canonical, then the default username is ubuntu. In addition, if you're looking for AMIs from Canonical, look for owner 099720109477, eg. aws ec2 describe-images | grep 099720109477 and see what that lands you. You might be able to find or create a list of owner ids that you can use to tailor your searches.

Check out this page also which lists a number of default usernames. As Eric Hammond states there: "Each AMI publisher on EC2 decides what user (or users) should have ssh access enabled by default...". Amazon AWS have no control over what the creators choose and no way of providing through the api, as has been pointed out in the comments.

LHWizard
  • 556
  • 4
  • 11