Skip to content

aws.ec2-ami data source

Description

AMI looks up a single EC2 AMI with DescribeImages and selects one deterministically. The query inputs owners, executable-users, filters, image-ids, and include-deprecated reach the DescribeImages call; most-recent, name-regex, and allow-unsafe-filter act client-side and never reach AWS. The lookup errors when no image matches and, unless most-recent is set, when more than one does; with most-recent it returns the image with the newest creation-date.

Two guards run before the call. When most-recent is set and the query is not scoped by an owner or an explicit id -- owners is empty, image-ids is empty, and no filter is named image-id or owner-id -- a third party could publish a newer image that the lookup would then select, so the lookup errors unless allow-unsafe-filter is set. This is list-content logic over the filter names, not a per-field rule, so it lives in Read rather than in Constraints. The owners list, when given, must hold no empty-string element; that element check is likewise enforced in Read.

Terraform's separate best-effort GetInstanceUefiData call is declined: it is a second request per read for a niche UEFI value, it passes an image id where an instance id is expected, and nothing downstream consumes it, so uefi-data is omitted from the output.

Source: internal/service/ec2/ami_dsrc.go:42

Example usage:

imports: {
  aws: 'github.com/cloudboss/unobin-library-aws'
}

data-sources: {
  example: aws.ec2-ami {
    # Set input fields here.
  }
}

Inputs

owners

list(string)

executable-users

list(string)

filters

list(object) 
list(
  object({
    name: string
    values: list(string)
  })
)

image-ids

list(string)

include-deprecated

optional(boolean)

most-recent

optional(boolean)

name-regex

optional(string)

allow-unsafe-filter

optional(boolean)

Input Constraints

Owners rules

owners must list at least one owner when given.

Rule logic
When
input.owners != null
Require
input.owners == null
|| @core.length(input.owners) >= 1

Outputs

image-id

string

arn

string

owner-id

string

name

string

creation-date

string

architecture

string

root-device-name

string

root-device-type

string

root-snapshot-id

string

virtualization-type

string

ena-support

boolean

sriov-net-support

string

state

string