Debian Wheezy (7.x) on AWS EC2
You may wish to use the CloudFormation template and launch your instance with some smart UserData scripts. For some releases you are free to choose the AWS Marketplace AMI, or the AMI that exists in the Debian AMI Account (account number 379101102735). All AMIs shared from the Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any other AWS user.
SSH username
In line with the security of most Linux distributions on Amazon Web Services, remote root SSH is disabled (as is password authentication). You will need to connect to instances from this AMI as the user admin using your SSH key, and then sudo -i to gain root access.
Please note that a Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: Official AWS documentation
7.8.aws.1
This release addresses CVE 2015-0235 also known as the "ghost" issue with libc6; it contains the updated libc6 in the base image.
Region |
hvm x86_64 ebs |
paravirtual i386 ebs |
paravirtual x86_64 ebs |
paravirtual x86_64 instance-store |
ap-northeast-1 |
ami-b25d44b3 |
ami-c05e47c1 |
ami-e05c45e1 |
ami-745c4575 |
ap-southeast-1 |
ami-aeb49ffc |
ami-c08ba092 |
ami-008ba052 |
ami-6a8ba038 |
ap-southeast-2 |
ami-6b770351 |
ami-f17703cb |
ami-b777038d |
ami-4f770375 |
eu-central-1 |
ami-98043785 |
ami-c80437d5 |
ami-b60437ab |
ami-8a043797 |
eu-west-1 |
ami-61e56916 |
ami-1be06c6c |
ami-e7e66a90 |
ami-c9e569be |
sa-east-1 |
ami-3d8b3720 |
ami-6b8b3776 |
ami-558b3748 |
ami-2f8b3732 |
us-east-1 |
ami-e0efab88 |
ami-e6eeaa8e |
ami-baeda9d2 |
ami-74efab1c |
us-west-1 |
ami-b4869ff1 |
ami-a8b9a0ed |
ami-c0b9a085 |
ami-70b9a035 |
us-west-2 |
ami-431a4273 |
ami-051b4335 |
ami-f91a42c9 |
ami-a31a4293 |
us-gov-west-1 |
ami-d13455f2 |
ami-d53455f6 |
ami-d73455f4 |
- |
cn-north-1 |
- |
- |
- |
- |
7.8
Region |
hvm x86_64 ebs |
paravirtual i386 ebs |
paravirtual x86_64 ebs |
paravirtual x86_64 instance-store |
ap-northeast-1 |
ami-48b9a849 |
ami-58b7a659 |
ami-00b6a701 |
ami-52a3b253 |
ap-southeast-1 |
ami-bd6d45ef |
ami-c56d4597 |
ami-8d6d45df |
ami-956149c7 |
ap-southeast-2 |
ami-d3e68ce9 |
ami-6de68c57 |
ami-efe68cd5 |
ami-15e58f2f |
eu-central-1 |
ami-86a9999b |
ami-7aa99967 |
ami-64a99979 |
ami-52ab9b4f |
eu-west-1 |
ami-a345c3d4 |
ami-5d46c02a |
ami-cb47c1bc |
ami-8153d5f6 |
sa-east-1 |
ami-b90dbfa4 |
ami-dd0cbec0 |
ami-750dbf68 |
ami-4ffb4652 |
us-east-1 |
ami-f295e59a |
ami-e895e580 |
ami-3695e55e |
ami-363a495e |
us-west-1 |
ami-c7fae582 |
ami-f9fbe4bc |
ami-7ffae53a |
ami-d7f5ea92 |
us-west-2 |
ami-3d9cc00d |
ami-9f623eaf |
ami-01633f31 |
ami-2995c919 |
us-gov-west-1 |
ami-99c0a6ba |
ami-9bc0a6b8 |
ami-95c0a6b6 |
- |
cn-north-1 |
ami-3617850f |
- |
ami-3417850d |
- |
A GPG signed email of this list is in the Debian-Cloud mailing list archive for your security.
Upgrading from previous 6.x.y releases
As is standard with Debian, a simple apt-get update && apt-get dist-upgrade should bring all packages up to date. There is no need to reinstall, but any ?CloudFormation templates and ?AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases.
CloudFormation Template
CloudFormation is a templating system for defining AWS resources - see http://aws.amazon.com/cloudformation/
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Debian AMI list, generated 2014-10-27 14:31:41.085276 by James Bromberger, jeb@debian.org",
"Mappings": {
"AMImap": {
"ap-northeast-1": {
"Wheezy77basei386paravirtualebs": "ami-970b3a96",
"Wheezy77basex8664hvmebs": "ami-97f1c096",
"Wheezy77basex8664paravirtualebs": "ami-0f0f3e0e",
"Wheezy77basex8664paravirtualinstancestore": "ami-21f6c720"
},
"ap-southeast-1": {
"Wheezy77basei386paravirtualebs": "ami-4e20011c",
"Wheezy77basex8664hvmebs": "ami-d822038a",
"Wheezy77basex8664paravirtualebs": "ami-70220322",
"Wheezy77basex8664paravirtualinstancestore": "ami-24240576"
},
"ap-southeast-2": {
"Wheezy77basei386paravirtualebs": "ami-0185e83b",
"Wheezy77basex8664hvmebs": "ami-ed87ead7",
"Wheezy77basex8664paravirtualebs": "ami-bd87ea87",
"Wheezy77basex8664paravirtualinstancestore": "ami-e386ebd9"
},
"eu-west-1": {
"Wheezy77basei386paravirtualebs": "ami-c664cbb1",
"Wheezy77basex8664hvmebs": "ami-e261ce95",
"Wheezy77basex8664paravirtualebs": "ami-9c62cdeb",
"Wheezy77basex8664paravirtualinstancestore": "ami-187fd06f"
},
"sa-east-1": {
"Wheezy77basei386paravirtualebs": "ami-3f7dc922",
"Wheezy77basex8664hvmebs": "ami-fd7dc9e0",
"Wheezy77basex8664paravirtualebs": "ami-a97dc9b4",
"Wheezy77basex8664paravirtualinstancestore": "ami-417eca5c"
},
"us-east-1": {
"Wheezy77basei386paravirtualebs": "ami-0258e26a",
"Wheezy77basex8664hvmebs": "ami-a458e2cc",
"Wheezy77basex8664paravirtualebs": "ami-2058e248",
"Wheezy77basex8664paravirtualinstancestore": "ami-bc4af0d4"
},
"us-west-1": {
"Wheezy77basei386paravirtualebs": "ami-c53d2880",
"Wheezy77basex8664hvmebs": "ami-6f3f2a2a",
"Wheezy77basex8664paravirtualebs": "ami-893c29cc",
"Wheezy77basex8664paravirtualinstancestore": "ami-4b3e2b0e"
},
"us-west-2": {
"Wheezy77basei386paravirtualebs": "ami-677e3157",
"Wheezy77basex8664hvmebs": "ami-af7b349f",
"Wheezy77basex8664paravirtualebs": "ami-df7c33ef",
"Wheezy77basex8664paravirtualinstancestore": "ami-ff7a35cf"
}
}
},
"Parameters": {
"InstanceType": {
"AllowedPattern": "[a-z]+[0-9].[a-z0-9]+",
"Default": "m3.medium",
"Description": "Type of EC2 Instance",
"Type": "String"
},
"KeyName": {
"Description": "SSH Key Name",
"Type": "String"
},
"Release": {
"AllowedValues": [
"Wheezy77basei386paravirtualebs",
"Wheezy77basex8664hvmebs",
"Wheezy77basex8664paravirtualebs",
"Wheezy77basex8664paravirtualinstancestore"
],
"Default": "Wheezy75basex8664paravirtualebs",
"Description": "Release, arch and root filesystem type",
"Type": "String"
}
},
"Resources": {
"MyInstance": {
"Properties": {
"ImageId": {
"Fn::FindInMap": [
"AMImap",
{
"Ref": "AWS::Region"
},
{
"Ref": "Release"
}
]
},
"InstanceType": {
"Ref": "InstanceType"
},
"KeyName": {
"Ref": "KeyName"
},
"SecurityGroups": [
{
"Ref": "MySecurityGroup"
}
]
},
"Type": "AWS::EC2::Instance"
},
"MySecurityGroup": {
"Properties": {
"GroupDescription": "Permit inbound SSH",
"SecurityGroupIngress": [
{
"CidrIp": "0.0.0.0/0",
"FromPort": "22",
"IpProtocol": "tcp",
"ToPort": "22"
}
]
},
"Type": "AWS::EC2::SecurityGroup"
}
}
}
Suggested UserData scripts
As of the 7.3 release, the official Debian !AMIs now support cloud-init. This means you have much more flexibility (and power) in what you can put in your UserData to get your instance to configure. For example, a simple shell script that starts with #!/bin/sh will be executed as previously - so you can chose to enable auto update with the following UserData scripts:
The unattended-upgrades package is described on UnattendedUpgrades.
Some feature bugs may persist in Cloud-init in Debian 7.3 AMIs; no functionality has been lost, but it appears not all cloud-init directives can be used. Eg: packages, ssh-import-id, apt_update, apt-upgrade.
See also Cloud and Teams/Cloud.