Debian Wheezy (7.x) on AWS EC2

You may wish to use the CloudFormation template and launch your instance with some smart UserData scripts. For some releases you are free to choose the AWS Marketplace AMI, or the AMI that exists in the Debian AMI Account (account number 379101102735). All AMIs shared from the Debian AWS Account and their corresponding EBS snapshots are marked as public so can be inspected by any other AWS user.

SSH username

In line with the security of most Linux distributions on Amazon Web Services, remote root SSH is disabled (as is password authentication). You will need to connect to instances from this AMI as the user admin using your SSH key, and then sudo -i to gain root access.

Please note that a Marketplace image volume cannot be attached to another running instance (For example, to repair a broken /etc/fstab, or /etc/network/interfaces). This is a limitation of all Marketplace images, as described here: Official AWS documentation


7.7

Region

hvm x86_64 ebs

paravirtual i386 ebs

paravirtual x86_64 ebs

paravirtual x86_64 instance-store

ap-northeast-1

ami-97f1c096

ami-970b3a96

ami-0f0f3e0e

ami-21f6c720

ap-southeast-1

ami-d822038a

ami-4e20011c

ami-70220322

ami-24240576

ap-southeast-2

ami-ed87ead7

ami-0185e83b

ami-bd87ea87

ami-e386ebd9

eu-west-1

ami-e261ce95

ami-c664cbb1

ami-9c62cdeb

ami-187fd06f

eu-central-1

ami-482a1c55

ami-522a1c4f

ami-4c2a1c51

ami-4a2a1c57

sa-east-1

ami-fd7dc9e0

ami-3f7dc922

ami-a97dc9b4

ami-417eca5c

us-east-1

ami-a458e2cc

ami-0258e26a

ami-2058e248

ami-bc4af0d4

us-west-1

ami-6f3f2a2a

ami-c53d2880

ami-893c29cc

ami-4b3e2b0e

us-west-2

ami-af7b349f

ami-677e3157

ami-df7c33ef

ami-ff7a35cf

us-gov-west-1

ami-010e6822

ami-030e6820

ami-3d0e681e

-

cn-north-1

ami-e64ad8df

-

ami-e44ad8dd

-

To get started with Wheezy 7.7 using Amazon Cloud Formation have a look at this CloudFormation example


7.6.aws.2

These images are deprecated and will be removed 21st November 2014. Please use the latest point release.

This release for EC2 was to build a base image with fixes for the Shellshock Bash vulnerability/ies.

Region

hvm x86_64 ebs

paravirtual i386 ebs

paravirtual x86_64 ebs

paravirtual x86_64 instance-store

ap-northeast-1

ami-c3577fc2

ami-15577f14

ami-25557d24

ami-57605756

ap-southeast-1

ami-fe2304ac

ami-d823048a

ami-4e23041c

ami-a4f6d0f6

ap-southeast-2

ami-0d244637

ami-3d244607

ami-7727454d

ami-13345929

eu-west-1

ami-1050f167

ami-8c51f0fb

ami-3051f047

ami-1463ce63

sa-east-1

ami-67f7427a

ami-6bf74276

ami-4ff74252

ami-55f24648

us-east-1

ami-ee44f086

ami-3e45f156

ami-9844f0f0

ami-48ab1520

us-west-1

ami-dfaca49a

ami-2faca46a

ami-5faca41a

ami-efd8d2aa

us-west-2

ami-d30042e3

ami-bb00428b

ami-d70341e7

ami-ad4a069d

cn-north-1

ami-545ecc6d

ami-6c5ecc55

us-gov-west-1

ami-c52640e6

ami-61274142

ami-c32640e0


7.6

These images are deprecated and will be removed 31st October 2014. Please use the latest point release.


7.5

These images are deprecated and will be removed 31st October 2014. Please use the latest point release.


Upgrading from previous 6.x.y releases

As is standard with Debian, a simple apt-get update && apt-get dist-upgrade should bring all packages up to date. There is no need to reinstall, but any ?CloudFormation templates and ?AutoScale Launch Configurations should be tested with and then updated to use the current AMI. It is recommended not to use older point releases.

CloudFormation Template

CloudFormation is a templating system for defining AWS resources - see http://aws.amazon.com/cloudformation/

{
        "Parameters" : {
                "KeyName" : {
                        "Description" : "SSH Key Name",
                        "Type" : "String",
                        "Default" : "My-Key"
                },
                "MyInstanceSize": {
                        "Description": "Instance size (m1.small, etc.)",
                        "Type": "String",
                        "Default" : "t1.micro",
                        "AllowedValues": ["t1.micro", "m1.small", "m1.medium", "m1.large", "m1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge", "c1.xlarge", "cc1.4xlarge", "m3.xlarge", "m3.2xlarge"]
                },
                "MyInstanceName": {
                        "Description": "Instance name",
                        "Type": "String"
                },
                "InstanceBits": {
                        "Description": "32 or 64 bits",
                        "Type": "String",
                        "Default": "64",
                        "AllowedValues": [ "32", "64" ]
                },
                "RootVolType": {
                        "Description": "Root volume type (EBS or Instance)",
                        "Type": "String",
                        "Default": "EBS",
                        "AllowedValues": [ "EBS", "Instance" ]
                }
        },
        "Mappings" : {
            "Debian7.3-EBS-PVM" : { 
                "us-east-1" :      { "32" : "ami-33a68f5a", "64" : "ami-0da18864"},
                "us-west-1" :      { "32" : "ami-8ebd8dcb", "64" : "ami-96bd8dd3"},
                "us-west-2" :      { "32" : "ami-6a98fc5a", "64" : "ami-7298fc42"},
                "us-gov-west-1" :  { "32" : "ami-", "64" : "ami-"},
                "eu-west-1" :      { "32" : "ami-66836b11", "64" : "ami-8e826af9"},
                "ap-southeast-1" : { "32" : "ami-28efbb7a", "64" : "ami-20efbb72"},
                "ap-southeast-2" : { "32" : "ami-7774eb4d", "64" : "ami-7b74eb41"},
                "ap-northeast-1" : { "32" : "ami-53a0c252", "64" : "ami-17a0c216"},
                "sa-east-1" :      { "32" : "ami-8f4fee92", "64" : "ami-954fee88"}
            },
            "release" : {
                "stable" : { "wheezy" : "Debian7.3-EBS-PVM" }
            }
        },
        "Resources" : {
                "MyInstance" : {
                        "Type" : "AWS::EC2::Instance",
                        "Properties" : {
                                "SecurityGroups" : [ { "Ref" : "MySecurityGroup" } ],
                                "KeyName" : { "Ref": "KeyName" },
                                "Tags" : [{"Key": "Name", "Value": {"Ref" : "MyInstanceName"} } ],
                                "ImageId" : { "Fn::FindInMap" : [ "Debian7.3-EBS-PVM",  { "Ref" : "AWS::Region" }, { "Ref" : "InstanceBits" }  ]},
                                "InstanceType" : { "Ref" : "MyInstanceSize" },
                                "UserData" : { "Fn::Base64" : "" }
                        }
                },
                "MySecurityGroup" : {
                        "Type" : "AWS::EC2::SecurityGroup",
                        "Properties" : {
                                "GroupDescription" : "Permit inbound SSH",
                                "SecurityGroupIngress" : [ 
                                    {
                                        "IpProtocol" : "tcp",
                                        "FromPort" : "22",
                                        "ToPort" : "22",
                                        "CidrIp" : "0.0.0.0/0"
                                    }
                                ]
                        }
                }
        }
}

Suggested UserData scripts

As of the 7.3 release, the official Debian !AMIs now support cloud-init. This means you have much more flexability (and power) in what you cna put in your UserData to get your instance to configure. For example, a simple shell script that starts with #!/bin/sh will be executed as previously - so you can chose to enable auto update with the following UserData scripts:

   1 #!/bin/sh
   2 apt-get update && apt-get upgrade -y && apt-get install -y unattended-upgrades python-pip

The unattended-upgrades package is described on UnattendedUpgrades.

Some feature bugs may persist in Cloud-init in Debian 7.3 AMIs; no functionality has been lost, but it appears not all cloud-init directives can be used. Eg: packages, ssh-import-id, apt_update, apt-upgrade.


See also Cloud and Teams/Cloud.