List of Public SSM Parameters of latest Operating System EC2 Images

We are running CI/CD pipelines that take the latest EC2 Image of Windows or Red Hat then it will automatically install the required security agents and check if they are properly installed.

At first, it was a hassle since we had to always be on the lookout for the latest EC2 Image ID of our target operating system and input this manually into our pipeline. But as it turns out AWS maintains SSM Parameters that holds the latest Image IDs of various operating systems and their versions.

Sometimes I see these in CloudFormation scripts.

Here are the AWS docs for the SSM Parameters of the latest Amazon Linux 2 and Windows.

As it turns out there are other public SSM Parameters for other operating systems.

So I’m writing this blog post to list the public SSM Parameters that hold the latest EC2 AMIs since I am always trying to find them.

Below is the Python code that I used to extract the values below.

import boto3

service_path_list = [
  '/aws/service/ami-windows-latest/',
  '/aws/service/canonical/',
  '/aws/service/debian/',
  '/aws/service/freebsd/',
  '/aws/service/redhat/',
  '/aws/service/suse/',
  '/aws/service/ami-amazon-linux-latest/',
  '/aws/service/ami-macos-latest/',
]

if __name__ == "__main__":

  for service_path in service_path_list:
    print(service_path)

    ssm_client = boto3.client('ssm')

    paginator = ssm_client.get_paginator('get_parameters_by_path')
    page_iterator = paginator.paginate(
      Path=service_path,
      Recursive=True
    )

    for page in page_iterator:
      for parameter in page['Parameters']:

        print(parameter['Name'])

    print()

You can run the Python script to list all of the SSM Parameters that hold the latest EC2 Image IDs.

See below for the list of Public SSM Parameters of EC2 Images.

Windows

The results below for the SSM Parameters of Windows are filtered to only list the English versions. If you want to see the other version you can run the Python script above.

/aws/service/ami-windows-latest/Windows_Server-2012-R2_RTM-English-64Bit-Base
/aws/service/ami-windows-latest/Windows_Server-2012-R2_RTM-English-64Bit-SQL_2016_SP3_Enterprise
/aws/service/ami-windows-latest/Windows_Server-2012-R2_RTM-English-64Bit-SQL_2016_SP3_Standard
/aws/service/ami-windows-latest/Windows_Server-2016-English-Full-Base
/aws/service/ami-windows-latest/Windows_Server-2016-English-Full-Containers
/aws/service/ami-windows-latest/Windows_Server-2016-English-Full-SQL_2016_SP3_Enterprise
/aws/service/ami-windows-latest/Windows_Server-2016-English-Full-SQL_2016_SP3_Standard
/aws/service/ami-windows-latest/Windows_Server-2016-English-Full-SQL_2017_Enterprise
/aws/service/ami-windows-latest/Windows_Server-2016-English-Full-SQL_2017_Standard
/aws/service/ami-windows-latest/Windows_Server-2016-English-Full-SQL_2019_Enterprise
/aws/service/ami-windows-latest/Windows_Server-2016-English-Full-SQL_2019_Standard
/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base
/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-ContainersLatest
/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-SQL_2017_Enterprise
/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-SQL_2017_Standard
/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-SQL_2019_Enterprise
/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-SQL_2019_Standard
/aws/service/ami-windows-latest/Windows_Server-2022-English-Full-Base
/aws/service/ami-windows-latest/Windows_Server-2022-English-Full-ContainersLatest

Amazon Linux 2

Filtered to only show the list of Amazon Linux 2 since the first version of Amazon Linux has already reach end of life.

/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-arm64-gp2
/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-ebs
/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2
/aws/service/ami-amazon-linux-latest/amzn2-ami-kernel-5.10-hvm-arm64-gp2
/aws/service/ami-amazon-linux-latest/amzn2-ami-kernel-5.10-hvm-x86_64-ebs
/aws/service/ami-amazon-linux-latest/amzn2-ami-kernel-5.10-hvm-x86_64-gp2
/aws/service/ami-amazon-linux-latest/amzn2-ami-minimal-hvm-arm64-ebs
/aws/service/ami-amazon-linux-latest/amzn2-ami-minimal-hvm-x86_64-ebs2

Ubuntu

Filtered to only show the stable and current version of Ubuntu.

/aws/service/canonical/ubuntu/server-minimal/16.04/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/18.04/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/19.10/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/20.04/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/20.10/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/21.04/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/21.10/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/bionic/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/eoan/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/focal/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/groovy/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/hirsute/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/impish/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server-minimal/xenial/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/16.04/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/16.04/stable/current/amd64/hvm/instance-store/ami-id
/aws/service/canonical/ubuntu/server/16.04/stable/current/amd64/pv/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/16.04/stable/current/amd64/pv/instance-store/ami-id
/aws/service/canonical/ubuntu/server/16.04/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/18.04/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/18.04/stable/current/amd64/hvm/instance-store/ami-id
/aws/service/canonical/ubuntu/server/18.04/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/19.10/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/19.10/stable/current/amd64/hvm/instance-store/ami-id
/aws/service/canonical/ubuntu/server/19.10/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/20.04/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/20.04/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/20.10/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/20.10/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/21.04/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/21.04/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/21.10/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/21.10/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/bionic/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/bionic/stable/current/amd64/hvm/instance-store/ami-id
/aws/service/canonical/ubuntu/server/bionic/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/eoan/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/eoan/stable/current/amd64/hvm/instance-store/ami-id
/aws/service/canonical/ubuntu/server/eoan/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/focal/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/focal/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/groovy/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/groovy/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/hirsute/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/hirsute/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/impish/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/impish/stable/current/arm64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/xenial/stable/current/amd64/hvm/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/xenial/stable/current/amd64/hvm/instance-store/ami-id
/aws/service/canonical/ubuntu/server/xenial/stable/current/amd64/pv/ebs-gp2/ami-id
/aws/service/canonical/ubuntu/server/xenial/stable/current/amd64/pv/instance-store/ami-id
/aws/service/canonical/ubuntu/server/xenial/stable/current/arm64/hvm/ebs-gp2/ami-id

SUSE Linux Enterprise Server

Filtered to only show SUSE 12 sp5 and SUSE 15 sp3.

/aws/service/suse/sles/12-sp5/x86_64/latest
/aws/service/suse/sles/15-sp3/arm64/latest
/aws/service/suse/sles/15-sp3/x86_64/latest

Debian

Filtered to show the latest Debian SSM parameters.

/aws/service/debian/release/10-backports/latest/amd64
/aws/service/debian/release/10-backports/latest/arm64
/aws/service/debian/release/10/latest/amd64
/aws/service/debian/release/10/latest/arm64
/aws/service/debian/release/11/latest/amd64
/aws/service/debian/release/11/latest/arm64
/aws/service/debian/release/bullseye/latest/amd64
/aws/service/debian/release/bullseye/latest/arm64
/aws/service/debian/release/buster-backports/latest/amd64
/aws/service/debian/release/buster-backports/latest/arm64
/aws/service/debian/release/buster/latest/amd64
/aws/service/debian/release/buster/latest/arm64

FreeBSD

Filtered to only show the CURRENT or STABLE version of the SSM Parameter for FreeBSD.

/aws/service/freebsd/arm64/base/ufs/14.0/CURRENT
/aws/service/freebsd/amd64/base/ufs/14.0/CURRENT
/aws/service/freebsd/arm64/base/ufs/12.3/STABLE
/aws/service/freebsd/amd64/base/ufs/12.3/STABLE
/aws/service/freebsd/arm64/base/ufs/13.0/STABLE
/aws/service/freebsd/amd64/base/ufs/13.0/STABLE

Now that we have listed all of the Public SSM parameters for EC2 Images of their respective Operative systems. It will now be easier for me to search and use them.

I hope this helped you.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.