3

I have a Cloudformation Yaml file where it creates a lot of resources, one of them is an EC2 with Windows. My problem is I need to have this automated selection of the latest AMI, I made a Lambda function where it retrieves newest AMI ID and stores in an SSM parameter, then using the Cloudformation with YAML template I can access to ssm using the following command

{{resolve:ssm:parameter_name:version_number_int}}

but my problem is that it's not always the same version number, it will be changed everytime when there will be a new AMI, is there any method where I can write to get always the latest version? or to stop versioning or anything?

Thanks.

virusivv
  • 337
  • 2
  • 5
  • 17
  • Related feature request: https://github.com/aws-cloudformation/aws-cloudformation-coverage-roadmap/issues/75 – Pat Myron Dec 20 '19 at 21:59
  • 1
    thanks for commenting, the best result for this task is the answer I choose, it doesn't depend on creating lambda or any other scripts to update custom SSM parameter for the latest AMI ID of windows when there is already a pre defined public SSM parameter! – virusivv Dec 23 '19 at 15:57

1 Answers1

1

SSM Parameter Store provides public parameters to retrieve latest AMIs.

# Use public Systems Manager Parameter
Parameters:
  LatestAmiId:
    Type: 'AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>'
    Default: '/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base'

Resources:
 Instance:
    Type: 'AWS::EC2::Instance'
    Properties:
      ImageId: !Ref LatestAmiId
Jimson James
  • 2,937
  • 6
  • 43
  • 78
Vikyol
  • 5,051
  • 23
  • 24
  • Thanks for this info, can you please help me what kind of permissions I would need? The response is: Unable to fetch parameters [aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base] from parameter store for this account. – virusivv Dec 20 '19 at 12:25
  • Does this command work for you? `aws ssm get-parameters --names /aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base` – Vikyol Dec 20 '19 at 13:12
  • the problem was missing "/" on the default value of the parameter before aws! I just uploaded on the cloudformation stack will have to wait to finish and see if it's working, thanks :D – virusivv Dec 20 '19 at 13:14
  • 1
    thanks, the answer is just like you wrote, but for further notice to anyone using, don't forget to add a / before the "aws" in Default Value of the parameter. Thanks Vikyol – virusivv Dec 20 '19 at 13:44
  • 3
    The question is totally different. I summarize it here: how do you RESOLVE an SSM parameter to its latest version? – EnzoR Apr 23 '20 at 17:32