diff --git a/deployment/migration-assistant-solution/create-ami-map.sh b/deployment/migration-assistant-solution/create-ami-map.sh index 560053deb3..8d2ea4b034 100644 --- a/deployment/migration-assistant-solution/create-ami-map.sh +++ b/deployment/migration-assistant-solution/create-ami-map.sh @@ -1,24 +1,37 @@ #!/bin/bash -# AMI name to look up -AMI_NAME="al2023-ami-2023.6.20250218.2-kernel-6.1-x86_64" -OWNER="amazon" +# Get regions that are "not-opted-in" +NOT_OPTED_IN=$(aws ec2 describe-regions \ + --query "Regions[?OptInStatus=='not-opted-in'].RegionName" \ + --output text) + +if [ -n "$NOT_OPTED_IN" ]; then + echo "ERROR: The following regions have not been opted into, please use another aws account or opt into these regions:" + # put each region on its own line + echo "$NOT_OPTED_IN" | tr '\t' '\n' | sort + exit 1 +else + echo "All available regions have been opted into, continuing..." +fi # Get the list of all available AWS regions REGIONS=$(aws ec2 describe-regions --query "Regions[].RegionName" --output text) declare -A amiMap -echo "Looking up AMI IDs for '$AMI_NAME' owned by '$OWNER' in all regions..." +# Image name to look up +IMAGE_NAME="/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-6.1-x86_64" + +echo "Looking up AMI based on image name for '$IMAGE_NAME' in all regions..." for region in $REGIONS; do echo "Searching in region: $region" - ami_id=$(aws ec2 describe-images \ + ami_id=$(aws ssm get-parameter \ --region $region \ - --owners $OWNER \ - --filters "Name=name,Values=$AMI_NAME" \ - --query "Images[0].ImageId" \ - --output text) + --name $IMAGE_NAME \ + --query 'Parameter.Value' \ + --output text + ) if [ "$ami_id" != "None" ]; then amiMap[$region]=$ami_id @@ -31,8 +44,8 @@ done # Generate the AMI map as typescript echo "" echo "AMI Map:" -echo "const amiMap = {" -for region in "${!amiMap[@]}"; do +echo "const amiMap: Record = {" +for region in $(printf "%s\n" "${!amiMap[@]}" | sort); do echo " '$region': '${amiMap[$region]}'," done echo "};" diff --git a/deployment/migration-assistant-solution/lib/solutions-stack.ts b/deployment/migration-assistant-solution/lib/solutions-stack.ts index ea5d619de9..7c32a56e10 100644 --- a/deployment/migration-assistant-solution/lib/solutions-stack.ts +++ b/deployment/migration-assistant-solution/lib/solutions-stack.ts @@ -203,45 +203,61 @@ export class SolutionsInfrastructureStack extends Stack { }), ] - // Generated with ../create-ami-map.sh + // Generated by running `source ./create-ami-map.sh` const amiMap: Record = { - 'us-east-2': 'ami-0fc82f4dabc05670b', - 'us-east-1': 'ami-05b10e08d247fb927', - 'il-central-1': 'ami-0632d5335bb97c65e', - 'us-west-1': 'ami-094b981da55429bfc', - 'af-south-1': 'ami-071ec74a9abd8fec2', - 'us-west-2': 'ami-027951e78de46a00e', - 'me-central-1': 'ami-0c4117cd3d8aa9f9a', - 'mx-central-1': 'ami-0692398a0c98b312e', - 'ca-central-1': 'ami-05073582a4b03d785', - 'ap-south-1': 'ami-0d682f26195e9ec0f', - 'ap-south-2': 'ami-09e23b3de35f110f6', - 'ap-east-1': 'ami-0123e5d7542358c86', - 'me-south-1': 'ami-0a95ef992b0368b4c', - 'sa-east-1': 'ami-02cfee28b56653f5c', - 'eu-north-1': 'ami-016038ae9cc8d9f51', - 'ca-west-1': 'ami-05586d5f95c77b005', - 'ap-northeast-1': 'ami-072298436ce5cb0c4', - 'ap-northeast-2': 'ami-075e056c0f3d02523', - 'ap-northeast-3': 'ami-0439cd8bc5628c9e8', - 'eu-south-1': 'ami-02c8b07ea6001f11a', - 'eu-south-2': 'ami-047456c943d393211', - 'eu-central-1': 'ami-06ee6255945a96aba', - 'eu-central-2': 'ami-0a0c3a3296ccc2a29', - 'eu-west-2': 'ami-00710ab5544b60cf7', - 'eu-west-3': 'ami-0446057e5961dfab6', - 'eu-west-1': 'ami-0a89fa9a6d8c7ad98', - 'ap-southeast-7': 'ami-043f00bcf35b3eab2', - 'ap-southeast-4': 'ami-0a9b2961cf0036d29', - 'ap-southeast-5': 'ami-0e5b1229fc8235ff7', - 'ap-southeast-2': 'ami-064b71eca68aadfb8', - 'ap-southeast-3': 'ami-02a732f5ab0d7b2a4', - 'ap-southeast-1': 'ami-0b03299ddb99998e9', - }; + 'af-south-1': 'ami-056f571bb0e6f424b', + 'ap-east-1': 'ami-005362651c93532ef', + 'ap-east-2': 'ami-07bd067b2afd36c9d', + 'ap-northeast-1': 'ami-0d4aa492f133a3068', + 'ap-northeast-2': 'ami-099099dff4384719c', + 'ap-northeast-3': 'ami-0c3d48d3539dae8d5', + 'ap-south-1': 'ami-0f9708d1cd2cfee41', + 'ap-south-2': 'ami-058a677191f2d3b4b', + 'ap-southeast-1': 'ami-088d74defe9802f14', + 'ap-southeast-2': 'ami-0c462b53550d4fca8', + 'ap-southeast-3': 'ami-06ab30fd4fdb3ed9d', + 'ap-southeast-4': 'ami-0d42e9612aefb98da', + 'ap-southeast-5': 'ami-01e13e3c781810a30', + 'ap-southeast-6': 'ami-011236e3336b1fe14', + 'ap-southeast-7': 'ami-0e4f6ae724df740e7', + 'ca-central-1': 'ami-029c5475368ac7adc', + 'ca-west-1': 'ami-080ada25b460a6622', + 'eu-central-1': 'ami-08697da0e8d9f59ec', + 'eu-central-2': 'ami-06bfd82c089bb1f7a', + 'eu-north-1': 'ami-04c08fd8aa14af291', + 'eu-south-1': 'ami-0f75ff17d5b995930', + 'eu-south-2': 'ami-093f87ac3f1e31f91', + 'eu-west-1': 'ami-04f25a69b566c844b', + 'eu-west-2': 'ami-0336cdd409ab5eec4', + 'eu-west-3': 'ami-0d8c6c2b092ebb980', + 'il-central-1': 'ami-044c25ddea94bf84c', + 'me-central-1': 'ami-0f661f38a53d919c7', + 'me-south-1': 'ami-0115748e9cebc5543', + 'mx-central-1': 'ami-0e439f4aa57d84983', + 'sa-east-1': 'ami-07c0cae188e21a093', + 'us-east-1': 'ami-052064a798f08f0d3', + 'us-east-2': 'ami-077b630ef539aa0b5', + 'us-west-1': 'ami-0b967c22fe917319b', + 'us-west-2': 'ami-0caa91d6b7bee0ed0', + }; - // Manually looked up with https://us-gov-east-1.console.amazonaws-us-gov.com/ec2/home?region=us-gov-east-1#AMICatalog: - amiMap['us-gov-west-1'] = 'ami-06cf22f69c918a2c1'; - amiMap['us-gov-east-1'] = 'ami-066774057f581130f'; + // Requires a gov cloud account to execute these commands + /* + aws ssm get-parameter \ + --region us-gov-west-1 \ + --name /aws/service/ami-amazon-linux-latest/al2023-ami-kernel-6.1-x86_64 \ + --query 'Parameter.Value' \ + --output text + */ + amiMap['us-gov-west-1'] = 'ami-08f42c51760f3e3af'; + /* + aws ssm get-parameter \ + --region us-gov-east-1 \ + --name /aws/service/ami-amazon-linux-latest/al2023-ami-kernel-6.1-x86_64 \ + --query 'Parameter.Value' \ + --output text + */ + amiMap['us-gov-east-1'] = 'ami-0c16bde0528963329'; const securityGroup = new SecurityGroup(this, 'BootstrapSecurityGroup', { vpc: vpc,