Debian Wheezy (7.x) on AWS EC2

You may wish to use the CloudFormation template and launch your instance with some smart UserData scripts. For some releases you are free to choose the AWS Marketplace AMI, or the AMI that exists in the Debian AMI Account (account number 379101102735). All AMIs shared from the Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any other AWS user.

SSH username

In line with the security of most Linux distributions on Amazon Web Services, remote root SSH is disabled (as is password authentication). You will need to connect to instances from this AMI as the user admin using your SSH key, and then sudo -i to gain root access.

Please note that a Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: Official AWS documentation

7.7

Region

hvm x86_64 ebs

paravirtual i386 ebs

paravirtual x86_64 ebs

paravirtual x86_64 instance-store

ap-northeast-1

ami-97f1c096

ami-970b3a96

ami-0f0f3e0e

ami-21f6c720

ap-southeast-1

ami-d822038a

ami-4e20011c

ami-70220322

ami-24240576

ap-southeast-2

ami-ed87ead7

ami-0185e83b

ami-bd87ea87

ami-e386ebd9

eu-west-1

ami-e261ce95

ami-c664cbb1

ami-9c62cdeb

ami-187fd06f

sa-east-1

ami-fd7dc9e0

ami-3f7dc922

ami-a97dc9b4

ami-417eca5c

us-east-1

ami-a458e2cc

ami-0258e26a

ami-2058e248

ami-bc4af0d4

us-west-1

ami-6f3f2a2a

ami-c53d2880

ami-893c29cc

ami-4b3e2b0e

us-west-2

ami-af7b349f

ami-677e3157

ami-df7c33ef

ami-ff7a35cf

us-gov-west-1

ami-010e6822

ami-030e6820

ami-3d0e681e

-

cn-north-1

ami-e64ad8df

-

ami-e44ad8dd

-

7.6.aws.2

This release for EC2 was to build a base image with fixes for the Shellshock Bash vulnerability/ies.

Region

hvm x86_64 ebs

paravirtual i386 ebs

paravirtual x86_64 ebs

paravirtual x86_64 instance-store

ap-northeast-1

ami-c3577fc2

ami-15577f14

ami-25557d24

ami-57605756

ap-southeast-1

ami-fe2304ac

ami-d823048a

ami-4e23041c

ami-a4f6d0f6

ap-southeast-2

ami-0d244637

ami-3d244607

ami-7727454d

ami-13345929

eu-west-1

ami-1050f167

ami-8c51f0fb

ami-3051f047

ami-1463ce63

sa-east-1

ami-67f7427a

ami-6bf74276

ami-4ff74252

ami-55f24648

us-east-1

ami-ee44f086

ami-3e45f156

ami-9844f0f0

ami-48ab1520

us-west-1

ami-dfaca49a

ami-2faca46a

ami-5faca41a

ami-efd8d2aa

us-west-2

ami-d30042e3

ami-bb00428b

ami-d70341e7

ami-ad4a069d

cn-north-1

ami-545ecc6d

ami-6c5ecc55

us-gov-west-1

ami-c52640e6

ami-61274142

ami-c32640e0

7.6

These images are deprecated and will be removed 31st October 2014. Please use the latest point release.

Virtualisation

Para-virtualisation (PVM)

Hardware Virtualisation (HVM)

Root filesystem

EBS

Instance store

EBS

Architecture

i386

x86_64

x86_64

x86_64

US-East-1

ami-90a66af8

ami-c4ab67ac

ami-f4ad649c

ami-0632fd6e

US-West-1

ami-e5191aa0

ami-db191a9e

ami-89dd0cfe

ami-9f191ada

US-West-2

ami-f3c5bcc3

ami-f1c5bcc1

ami-476c1477

ami-c5c5bcf5

EU-West-1

ami-c130e6b6

ami-d130e6a6

ami-89dd0cfe

ami-4d31e73a

AP-Southeast-1

ami-20c09972

ami-3ec0996c

ami-e80a52ba

ami-86c099d4

AP-Southeast-2

ami-33f79009

ami-3df79007

ami-f9c9aec3

ami-99f790a3

AP-Northeast-1

ami-bddf8cbc

ami-bbdf8cba

ami-99b8ea98

ami-09dd8e08

SA-East-1

ami-51e64f4c

ami-57e64f4a

ami-f7d079ea

ami-75e64f68

US-Gov-West-1

ami-5db9de7e

ami-5fb9de7c

ami-a9b9de8a

CN-North-1

-

ami-c6a634ff

-

ami-d2a634eb

The 7.6 release of Debian was built with bootstrap-vz (formerly called build-debian-cloud), and contains the CloudInit package installed from Debian backports.

7.5

These images are deprecated and will be removed 31st October 2014. Please use the latest point release.

Virtualisation

Para-virtualisation (PVM)

Hardware Virtualisation (HVM)

Root filesystem

EBS

Instance store

EBS

Architecture

i386

x86_64

x86_64

x86_64

US-East-1

ami-90886cf8

ami-2c886c44

ami-848a6eec

ami-86896dee

US-West-1

ami-6895ad2d

ami-5c95ad19

ami-d495ad91

ami-0e95ad4b

US-West-2

ami-a0760290

ami-40760270

ami-ee7703de

ami-10770320

EU-West-1

ami-510fcb26

ami-630fcb14

ami-a70fcbd0

ami-210fcb56

AP-Southeast-1

ami-24fba876

ami-22fba870

ami-7cfaa92e

ami-dcfba88e

AP-Southeast-2

ami-24fba876

ami-edc75cd7

ami-0bc65d31

ami-33c65d09

AP-Northeast-1

ami-c7296cc6

ami-91296c90

ami-b53570b4

ami-112b6e10

SA-East-1

ami-ffb815e2

ami-c3b815de

ami-efb815f2

ami-f5b815e8

US-Gov-West-1

CN-North-1

-

ami-c6b123ff

ami-38b62401

The 7.5 release of Debian was built with bootstrap-vz (formerly called build-debian-cloud), and contains the CloudInit package installed from Debian backports.

Upgrading from previous 6.x.y releases

As is standard with Debian, a simple apt-get update && apt-get dist-upgrade should bring all packages up to date. There is no need to reinstall, but any ?CloudFormation templates and ?AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases.

CloudFormation Template

CloudFormation is a templating system for defining AWS resources - see http://aws.amazon.com/cloudformation/ 

{
        "Parameters" : {
                "KeyName" : {
                        "Description" : "SSH Key Name",
                        "Type" : "String",
                        "Default" : "My-Key"
                },
                "MyInstanceSize": {
                        "Description": "Instance size (m1.small, etc.)",
                        "Type": "String",
                        "Default" : "t1.micro",
                        "AllowedValues": ["t1.micro", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.xlarge", "cc1.4xlarge", "m3.xlarge", "m3.2xlarge"]
                },
                "MyInstanceName": {
                        "Description": "Instance name",
                        "Type": "String"
                },
                "InstanceBits": {
                        "Description": "32 or 64 bits",
                        "Type": "String",
                        "Default": "64",
                        "AllowedValues": [ "32", "64" ]
                },
                "RootVolType": {
                        "Description": "Root volume type (EBS or Instance)",
                        "Type": "String",
                        "Default": "EBS",
                        "AllowedValues": [ "EBS", "Instance" ]
                }
        },
        "Mappings" : {
            "Debian7.3-EBS-PVM" : { 
                "us-east-1" :      { "32" : "ami-33a68f5a", "64" : "ami-0da18864"},
                "us-west-1" :      { "32" : "ami-8ebd8dcb", "64" : "ami-96bd8dd3"},
                "us-west-2" :      { "32" : "ami-6a98fc5a", "64" : "ami-7298fc42"},
                "us-gov-west-1" :  { "32" : "ami-", "64" : "ami-"},
                "eu-west-1" :      { "32" : "ami-66836b11", "64" : "ami-8e826af9"},
                "ap-southeast-1" : { "32" : "ami-28efbb7a", "64" : "ami-20efbb72"},
                "ap-southeast-2" : { "32" : "ami-7774eb4d", "64" : "ami-7b74eb41"},
                "ap-northeast-1" : { "32" : "ami-53a0c252", "64" : "ami-17a0c216"},
                "sa-east-1" :      { "32" : "ami-8f4fee92", "64" : "ami-954fee88"}
            },
            "release" : {
                "stable" : { "wheezy" : "Debian7.3-EBS-PVM" }
            }
        },
        "Resources" : {
                "MyInstance" : {
                        "Type" : "AWS::EC2::Instance",
                        "Properties" : {
                                "SecurityGroups" : [ { "Ref" : "MySecurityGroup" } ],
                                "KeyName" : { "Ref": "KeyName" },
                                "Tags" : [{"Key": "Name", "Value": {"Ref" : "MyInstanceName"} } ],
                                "ImageId" : { "Fn::FindInMap" : [ "Debian7.3-EBS-PVM",  { "Ref" : "AWS::Region" }, { "Ref" : "InstanceBits" }  ]},
                                "InstanceType" : { "Ref" : "MyInstanceSize" },
                                "UserData" : { "Fn::Base64" : "" }
                        }
                },
                "MySecurityGroup" : {
                        "Type" : "AWS::EC2::SecurityGroup",
                        "Properties" : {
                                "GroupDescription" : "Permit inbound SSH",
                                "SecurityGroupIngress" : [ 
                                    {
                                        "IpProtocol" : "tcp",
                                        "FromPort" : "22",
                                        "ToPort" : "22",
                                        "CidrIp" : "0.0.0.0/0"
                                    }
                                ]
                        }
                }
        }
}

Suggested UserData scripts

As of the 7.3 release, the official Debian !AMIs now support cloud-init. This means you have much more flexability (and power) in what you cna put in your UserData to get your instance to configure. For example, a simple shell script that starts with #!/bin/sh will be executed as previously - so you can chose to enable auto update with the following UserData scripts: 

   1 #!/bin/sh
   2 apt-get update && apt-get upgrade -y && apt-get install -y unattended-upgrades python-pip

The unattended-upgrades package is described on UnattendedUpgrades.

Some feature bugs may persist in Cloud-init in Debian 7.3 AMIs; no functionality has been lost, but it appears not all cloud-init directives can be used. Eg: packages, ssh-import-id, apt_update, apt-upgrade.

See also Cloud and Teams/Cloud.