How to manage AMI deprecation

AMI Deprecation in AWS means marking an Amazon Machine Image (AMI) with a date after which it should no longer be used to launch new instances.

When you set a deprecation date for an AMI:

• After that date, the AMI becomes deprecated.
  
• A deprecated AMI cannot be used to launch new EC2 instances.
  
• Existing instances launched from that AMI will keep running normally.
  
• You can still copy or share a deprecated AMI.
  

You can remove or change the deprecation date if needed

Why use AMI Deprecation?

• To stop using old AMIs that may have bugs or security issues.
  
• To make sure people use updated and safe AMIs.
  
• To keep systems secure and follow company rules. 

Benefits

• Improves security – Stops use of outdated AMIs with vulnerabilities.
  
• Encourages updates – Forces migration to newer, patched AMIs.
  
• Helps compliance – Ensures only approved AMIs are used.
  
• Better management – Easy to control which AMIs are still in use.

Disadvantages

• No new launches – Once deprecated, the AMI can’t launch new EC2 instances.
  
• Requires planning – Teams must migrate workloads before the deprecation date.
  
• Possible downtime – If migration isn’t planned well, services might be interrupted.
  
• Extra work – Need to maintain and test new AMIs regularly.

Document link : https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-deprecate.html

1. Sign in to your AWS account and navigate to the EC2 service..

2. Then, open the AMI section in the EC2 console and select the AMI you want to deprecate.

3. Select the AMI, click the Actions button, and choose Manage AMI Deprecation.

4. Enable the option, then set the Deprecation Date — the date after which the AMI should no longer be used to launch new instances.

5. Verify that the AMI deprecation settings have been applied successfully.

 Check the AMI list — the Deprecation Date should now appear in the details

END