1. What is an AMI?

An Amazon Machine Image (AMI) is a template that contains the software configuration (OS, application server, applications) required to launch an EC2 instance. Think of it as a snapshot of a complete server that you can use to create identical instances.

AMI Contains

  1. Root volume template (OS, installed software)
  2. Launch permissions (who can use the AMI)
  3. Block device mapping (which EBS volumes to attach at launch)

2. AMI Types by Source

3. Creating a Custom AMI

You can create your own AMI from a running or stopped EC2 instance:

  1. Step 1: Launch an EC2 instance and configure it (install software, configure settings)
  2. Step 2: Stop the instance (recommended for data integrity, not required)
  3. Step 3: Create an AMI from the instance (Right-click → Image → Create Image)
  4. Step 4: AWS creates EBS snapshots of the instance’s volumes
  5. Step 5: The AMI is registered and can be used to launch new instances

AMI Key Facts

  1. AMIs are Region-specific — an AMI in us-east-1 cannot be used in eu-west-1 directly
  2. You can copy an AMI to another Region (for DR or multi-Region deployment)
  3. AMIs can be shared with other AWS accounts or made public
  4. AMIs are backed by EBS snapshots — you pay for snapshot storage
  5. AMIs significantly speed up boot time (no need to run User Data scripts)
Golden AMI Pattern Create a "golden AMI" with all software pre-installed, security patches applied, and configurations set. Use this as the standard image for all instances. This ensures consistency, speeds up launches, and reduces User Data complexity. Combine with EC2 Image Builder for automated updates.

4. EC2 Image Builder

EC2 Image Builder is a fully managed service that automates the creation, testing, and distribution of AMIs (and container images).


How It Works

  1. Step 1 — Define a Recipe: Specify the base image (e.g., Amazon Linux 2023) and the components to install (software, patches, configurations).
  2. Step 2 — Build: Image Builder launches a temporary EC2 instance, runs the recipe, and creates an AMI.
  3. Step 3 — Test: Runs automated tests on the image (e.g., does the web server start? Is SSH accessible?).
  4. Step 4 — Distribute: Copies the AMI to specified Regions and/or shares with specified accounts.


Key Features

  1. Fully automated — no manual EC2 management
  2. Schedule-based (e.g., weekly) or triggered by new base AMI release
  3. Can output AMIs or Docker container images
  4. Integrates with AWS Organizations for multi-account distribution
  5. Free service — you only pay for the underlying EC2, EBS, and snapshot resources
  6. Supports versioning of images


Image Builder Components

5. AMI Lifecycle


  1. Create: From an EC2 instance or via Image Builder
  2. Register: AMI is registered and available in the Region
  3. Launch: Use the AMI to launch new instances
  4. Copy: Copy across Regions for DR/multi-Region
  5. Share: Share with other accounts or make public
  6. Deprecate: Mark as deprecated (still usable but shows a warning)
  7. Deregister: Remove the AMI registration (snapshots remain until you delete them)

6. When to use AMI

  1. Launch identical instances — every instance from the same AMI is identical.
  2. Pre-bake software — install and configure everything ahead of time for fast boot.
  3. Golden image strategy — standardize OS + patches + software across the organization.
  4. Auto Scaling — launch template references an AMI for consistent fleet deployments.
  5. Disaster recovery — copy AMI cross-region for standby instances.

7. When to use EC2 Image Builder

  1. Automate AMI creation — no manual instance customization.
  2. Patch management — automatically rebuild AMIs with the latest OS patches on a schedule.
  3. Compliance — ensure all images meet security standards before distribution.
  4. Golden image pipeline — build → test → distribute standardized images across accounts and regions.
  5. Container images — build Docker images with the same pipeline approach.
Exam Tip AMI questions: "Fastest way to launch pre-configured instances" = Custom AMI (golden AMI). "Automate AMI creation and patching" = EC2 Image Builder. "Deploy the same instance in another Region" = Copy AMI to that Region. AMIs are Region-specific. Image Builder is free (you pay for EC2/EBS used during build). AMIs are backed by EBS snapshots.