Amazon Web Services (AWS) provides some built-in parameters in the AWS Systems Manager Parameter Store service, which expose pointers to the latest version of Amazon Machine Images (AMI) for Windows Server and Amazon Linux. These special parameters are called “public parameters” in the Parameter Store services; for more information, check out the official documentation. In addition to the service documentation, there are also two blog posts that talk about the Windows Server AMI parameters and the Amazon Linux AMI parameters.
In this article, we’ll take a look at how to use the AWS PowerShell module to retrieve and filter these public parameters. PowerShell’s built-in commands, such as Where-Object
, Sort-Object
and Format-Table
can help us manipulate the data from the public parameters, harnessing it for our specific needs.
Windows AMIs
There are many different Microsoft Windows Server AMIs available, depending on the desired language. Additionally, AWS provides Windows Server AMIs that include various editions of Microsoft SQL Server installed. Having all of these extra AMIs can make it hard to find the right AMI for a vanilla installation of Windows Server.
If you’d like to filter out older versions of Windows Server, and return English-only results, you can use the command below. This command will also filter out the images that include Microsoft SQL Server pre-installed, so you can focus on the OS-only base images.
NOTE: This will only retrieve the SSM public parameters for the “current” (default) AWS Region that’s configured in your shell. Use the Set-DefaultAWSRegion
command to configure your “current” operating region, otherwise tack on the -Region
parameter to the Get-SSMParametersByPath command below.
Get-SSMParametersByPath -Path /aws/service/ami-windows-latest/ |
Where-Object -FilterScript { $PSItem.Name -match 'English' -and $PSItem.Name -notmatch '2003|2008|2012|sql' } |
Sort-Object -Property Name |
Format-Table -Property Name, Value
If you’d like to gather the AMI IDs from all AWS Regions in a single command, try the following:
Get-AWSRegion | ForEach-Object -Process {
Get-SSMParametersByPath -Path /aws/service/ami-windows-latest/ -Region $PSItem.Region |
Where-Object -FilterScript { $PSItem.Name -match 'English' -and $PSItem.Name -notmatch '2003|2008|2012|sql' } |
Add-Member -MemberType NoteProperty -Name Region -Value $PSItem.Region -PassThru
} |
Sort-Object -Property Name |
Format-Table -Property Name, Value, Region
If you receive an error message with the text “The security token included in the request is invalid“, just ignore it. You probably are seeing that because your account doesn’t have access to AWS GovCloud regions.
Once you run the command above, you should see some output similar to the following. It may take some time for the command to run, as it must query each of the AWS regions individually, before aggregating, sorting, and displaying, the results.
Name Value Region
---- ----- ------
/aws/service/ami-windows-latest/Windows_Server-1709-English-Core-Base ami-01720a00e5b591f60 us-west-2
/aws/service/ami-windows-latest/Windows_Server-1709-English-Core-Base ami-0308954f5c68838e1 ap-southeast-2
/aws/service/ami-windows-latest/Windows_Server-1709-English-Core-Base ami-08e35adb597d62a15 ap-southeast-1
/aws/service/ami-windows-latest/Windows_Server-1709-English-Core-Base ami-054c90a12eb119646 ca-central-1
/aws/service/ami-windows-latest/Windows_Server-1709-English-Core-Base ami-0c09695ebd93d4d08 eu-central-1
...
Amazon Linux AMIs
There are many fewer Amazon Linux AMIs exposed as public parameters, as of this writing. Hence, we don’t need to perform the same level of filtration to the data, to make it usable.
Get-SSMParametersByPath -Path /aws/service/ami-amazon-linux-latest |
Format-Table -Property Name, Value
You should receive some results similar to the following:
Name Value
---- -----
/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-ebs ami-0d1d9e1864d1494b6
/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-gp2 ami-07a0c6e669965bb7c
/aws/service/ami-amazon-linux-latest/amzn-ami-hvm-x86_64-s3 ami-0a5181755fb620f2c
/aws/service/ami-amazon-linux-latest/amzn-ami-minimal-hvm-x86_64-s3 ami-0148d8b4516099462
/aws/service/ami-amazon-linux-latest/amzn-ami-minimal-pv-x86_64-s3 ami-05c390c7e9936df84
...