EC2: Allow launch templates to use launch-time lookups of AMI functionality #24551
Comments
JimNero009
added
feature-request
github-actions
bot
added
the
@aws-cdk/aws-ec2
|
Thanks for your feedback @JimNero009 . We actually have a MachineImage.fromSSMParameter() that allows you to pass SSM parameter for dynamic reference like that. Is this something you are looking for? And please note we have two similar methods with slight difference. You will want to use fromSsmParameter() in this case as the other one has been deprecated. Let me know if you need further help. |
khushail
added
response-requested
|
Hi @khushail -- thanks for getting back to me! Unless I'm grossly misunderstanding, I think the suggested methods you mention there aren't doing quite the same thing I'm after (in fact, I was using fromSSMParameter before). The difference is that these methods resolve the AMI and substitute in the value at deploy time. What an EC2 Launch Template can do is evaluate that at launch time. This requires actually passing the literal string 'resolve:ssm:someparam' to the ImageID attribute of the LaunchTemplate. As far as I can see, this is currently not possible in the API -- the LaunchTemplate only accepts objects that implement the IMachineImage interface and use this to create an SSM reference in the resultant cloudformation, that is evaluated and substituted in at deploy time. |
github-actions
bot
removed
the
response-requested
|
Oh, I see. I apologize for the confusion here. Seems like you have figured out the implementation details. So it would be great if you could submit a PR and our team would be happy to review the same when available. Here is the contributing guide to get started. Thanks. |
|
No probs! I'm a bit CDK-ed out for now but will look to give it a stab in the coming weeks. |
|
Subscribing. In need for this feature too! |
|
Subscribed, could use this feature! |
|
+1 |
|
+1 it could be nice to have this new feature |
|
Thanks everyone for your feedback, but please refrain from posting +1 comments, as they clog up the discussion. We take feedback into account through thumbs up reactions on the original issue. I think the quickest way to see this implemented is through a contribution, I wouldn't guarantee this gets put on the near term roadmap |
|
It does support! Please check out the sample below: // generate a ssm parameter to store the AMI info
const amiParameter = new ssm.CfnParameter(this, 'AmiParameter', {
name: 'myLatestAmi',
type: 'String',
dataType: 'aws:ec2:image',
value: 'ami-06ca3ca175f37dd66', // initial default AMI
});
const lt = new ec2.LaunchTemplate(this, 'LT', {
instanceType: ec2.InstanceType.of(ec2.InstanceClass.BURSTABLE3, ec2.InstanceSize.LARGE),
// specify a dummy image which will be overrided
machineImage: ec2.MachineImage.latestAmazonLinux2023(),
})
const cfnlt = lt.node.tryFindChild('Resource') as CfnLaunchTemplate;
// override the image with ssm parameter as described in
// https://docs.aws.amazon.com/autoscaling/ec2/userguide/using-systems-manager-parameters.html
cfnlt.addPropertyOverride('LaunchTemplateData.ImageId', 'resolve:ssm:myLatestAmi');
const asg = new autoscaling.AutoScalingGroup(this, 'ASG', {
launchTemplate: lt,
desiredCapacity: 1,
vpc,
});When you run Type: AWS::EC2::LaunchTemplate
Properties:
LaunchTemplateData:
ImageId: resolve:ssm:myLatestAmiLet me know if it works for you. |
pahud
added
the
response-requested
|
And yes, we probably can create an API like which simply resolve to |
|
Hi,
Ohh, it’s a CloudFormation override. Ok. Thanks, Let’s see with Alex Monday, if it was that what he was looking.
And yes, this option would be preferable
ec2.MachineImage.fromSsmResolve(parameterName);
Thanks,
Vladimir
From: Pahud Hsieh ***@***.***>
Date: Friday, 7 July 2023 at 1:14 PM
To: aws/aws-cdk ***@***.***>
Cc: Vladimir Guerreiro ***@***.***>, Manual ***@***.***>
Subject: Re: [aws/aws-cdk] EC2: Allow launch templates to use launch-time lookups of AMI functionality (Issue #24551)
And yes, we probably can create an API like
ec2.MachineImage.fromSsmResolve(parameterName);
which simply resolve to resolve:ssm:parameterName.
—
Reply to this email directly, view it on GitHub<#24551 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/A7MIZ3OYIS5TW5EFDQ7W3HDXO5PGPANCNFSM6AAAAAAVVKPCNM>.
You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>
…________________________________
This email and any attachment are confidential. If you are not the intended recipient, please notify MYOB by reply email and delete this email. Please note that you must not access or use this email or any information in it. MYOB accepts no liability for viruses in this email or in any attachment to it.
|
github-actions
bot
removed
the
response-requested
…launch time (#26273) Launch Template and EC2 instance support using SSM parameter to resolve the AMI ID at instance launch time(`resolve:ssm:parameter`) rather than the CFN deploy time(`CfnDynamicReference`). This PR introduces a new support for that. - [Using SSM Parameter with Autoscaling and Launch Template](https://docs.aws.amazon.com/autoscaling/ec2/userguide/using-systems-manager-parameters.html) - [Launch an instance using a Systems Manager parameter](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) Remove `latestAmazonLinux2022()` from the integ test as it does not return any valid al2022 images anymore as described in #26274 Closes #24551 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
|
Hi all, This issue should have been resolved with #26273 by introducing a new resolveSsmParameterAtLaunch() method. Let me know if it works for you. |
…launch time (aws#26273) Launch Template and EC2 instance support using SSM parameter to resolve the AMI ID at instance launch time(`resolve:ssm:parameter`) rather than the CFN deploy time(`CfnDynamicReference`). This PR introduces a new support for that. - [Using SSM Parameter with Autoscaling and Launch Template](https://docs.aws.amazon.com/autoscaling/ec2/userguide/using-systems-manager-parameters.html) - [Launch an instance using a Systems Manager parameter](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) Remove `latestAmazonLinux2022()` from the integ test as it does not return any valid al2022 images anymore as described in aws#26274 Closes aws#24551 ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Describe the feature
As discussed in the cloudformation docs on the resource, the ImageId here can be a directive to an SSM resolve statement. The effect of doing this is that the Launch Template, when used to launch new instances, looks up the AMI ID from a given SSM parameter and uses that. This avoids the need to re-deploy/renew a config every time you want to update an AMI.
Use Case
We want to script the build and deployment of an AMI without the need for a full redeploy of stacks, and this is a featured already offered by direct Cloudformation.
Note one can work around this by doing e.g.
Proposed Solution
Not dug into the code as a whole, but the Cloudformation 'hack' is very simple, so I'd perhaps work at it from the point of view of a new parameter, exclusive with machine image, that simply updates the image id here with a resolve:ssm directive on the passed input string.
Other Information
No response
Acknowledgements
CDK version used
2.67.0
Environment details (OS name and version, etc.)
Ubuntu Kinetic, Python 3.10.7, Node 18.14.2
The text was updated successfully, but these errors were encountered: