Amazon Elastic Compute Cloud
User Guide (API Version 2012-04-01)
AWS Documentation » Amazon EC2 » User Guide » Using Amazon EC2 » Using Instances » Launching and Using Instances » Using Instance Metadata
Print this pageEmail this pageGo to the ForumsView the PDFShare this page on TwitterShare this page on FacebookBookmark this page on DeliciousSubmit this page to RedditSubmit this page to DiggDid this page help you?  Yes  No   Tell us about it...

Using Instance Metadata

Topics

Amazon EC2 instances can access instance-specific metadata as well as data supplied when launching the instances. This data can be used to build more generic AMIs that can be modified by configuration files supplied at launch time.

For example, if you run web servers for various small businesses, they can all use the same AMI and retrieve their content from the Amazon S3 bucket you specify at launch. To add a new customer at any time, simply create a bucket for the customer, add their content, and launch your AMI.

Metadata is divided into categories. For a list of the categories, see Appendix B: Metadata Categories.

Data Retrieval

An instance retrieves the data by querying a web server using a Query API. The base URI of all requests is http://169.254.169.254/latest/.

Security of Launch Data

Although only your specific instance can access launch data, the data is not protected by cryptographic methods. You should take suitable precautions to protect sensitive data (such as long lived encryption keys).

[Note]Note

You are not billed for HTTP requests used to retrieve metadata and user-supplied data.

Metadata Retrieval

Requests for a specific metadata resource returns the appropriate value or a 404 HTTP error code if the resource is not available. All metadata is returned as text (content type text/plain).

Requests for a general metadata resource (i.e. an URI ending with a /) return a list of available resources or a 404 HTTP error code if there is no such resource. The list items are on separate lines terminated by line feeds (ASCII 10).

Examples

The following examples list HTTP GET requests and responses. You can use a tool such as curl or wget to make these types of requests.

This example gets the available versions of the metadata. These versions do not necessarily correlate with an EC2 API version.

GET http://169.254.169.254/
1.0
2007-01-19
2007-03-01
2007-08-29
2007-10-10
2007-12-15
2008-02-01
2008-09-01
2009-04-04
2011-01-01
...

This example gets the top-level metadata items. Some of these items are available only for instances in a VPC. For more information about each of these items, see Appendix B: Metadata Categories.

GET http://169.254.169.254/latest/meta-data/
amiid
ami-launch-index
ami-manifest-path
block-device-mapping/
hostname
instance-action
instance-id
instance-type
kernel-id
local-hostname
local-ipv4
mac
network/
placement/
public-hostname
public-ipv4
public-keys/
reservation-id
security-groups

This example gets the value of some of the metadata items from the preceding example.

GET http://169.254.169.254/latest/meta-data/ami-manifest-path
my-amis/spamd-image.manifest.xml
GET http://169.254.169.254/latest/meta-data/ami-id
ami-2bb65342
GET http://169.254.169.254/latest/meta-data/reservation-id
r-fea54097
GET http://169.254.169.254/latest/meta-data/hostname
ec2-67-202-51-223.compute-1.amazonaws.com

This example gets the list of available public keys.

GET http://169.254.169.254/latest/meta-data/public-keys/
0=my-public-key

This example shows the formats in which public key 0 is available. 

GET http://169.254.169.254/latest/meta-data/public-keys/0/
openssh-key

This example gets public key 0 (in the OpenSSH key format).

GET http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
ssh-rsa AAAA.....wZEf my-public-key

This example gets the product code.

GET http://169.254.169.254/latest/meta-data/product-codes
774F4FF8

This example gets an instance's Media Access Control (MAC) address.

GET http://169.254.169.254/latest/meta-data/mac
02:29:96:8f:6a:2d

This example shows the network information available for a VPC instance.

GET http://169.254.169.254/latest/meta-data/network/interfaces/macs/02:29:96:8f:6a:2d/
local-hostname
local-ipv4s
mac
public-ipv4s
security-group-ids
subnet-id
subnet-ipv4-cidr-block
vpc-id
vpc-ipv4-cidr-block

This example gets a VPC instance's subnet ID.

GET http://169.254.169.254/latest/meta-data/network/interfaces/macs/02:29:96:8f:6a:2d/subnet-id
subnet-be9b61d7

This example shows the network information available for an EC2 instance (one not running in a VPC). 

GET http://169.254.169.254/latest/meta-data/network/interfaces/macs/03:15:28:7g:5b:8a/
local-hostname
local-ipv4s
mac
public-ipv4s
public-hostname

User Data Retrieval

When you launch an instance, you can specify user data, which is available for all instances in the reservation to retrieve. You can also add (or modify) user data to Amazon EBS-backed instances when they're stopped. Requests for the user data returns the data as-is (content type application/x-octetstream). Many people use user data to configure an instance during launch or even run a configuration script.

[Note]Note

All user-supplied data is treated as opaque data; what you give us is what you get back. It is the responsibility of the instance to interpret this data appropriately.

Example

This shows an example of returning comma-separated user-supplied data.

GET http://169.254.169.254/latest/user-data
1234,fred,reboot,true | 4512,jimbo, | 173,,,

This shows an example of returning line-separated user-supplied data.

GET http://169.254.169.254/latest/user-data
[general]
instances: 4

[instance-0]
s3-bucket: <user_name>

[instance-1]
reboot-on-error: yes

You can modify the user data for an Amazon EBS-backed instance while the instance is stopped. For more information, see Modifying Attributes of a Stopped Instance.

Use Case: AMI Launch Index Value

In this example, Alice wants to launch four instances of her favorite database AMI with the first acting as master and the remainder acting as replicas.

The master database configuration specifies various database parameters (e.g., the size of store) while the replicas' configuration specifies different parameters, such as the replication strategy. Alice decides to provide this data as an ASCII string with a pipe symbol (|) delimiting the data for the various instances: 

store-size=123PB backup-every=5min | replicate-every=1min | replicate-every=2min | replicate-every=10min | replicate-every=20min

The store-size=123PB backup-every=5min defines the master database configuration, replicate-every=1min defines the first replicant's configuration, replicate-every=2min defines the second replicant's configuration, and so on.

Alice launches four instances. 

PROMPT> ec2-run-instances ami-2bb65342 -n 4 -d "store-size=123PB backup-every=5min | replicate-every=1min | replicate-every=2min | replicate-every=10min | replicate-every=20min"

RESERVATION     r-fea54097      598916040194    default
INSTANCE	i-3ea74257	ami-2bb65342	pending	0	m1.small	2010-03-19T13:59:03+0000	us-east-1a	aki-94c527fd	ari-96c527ff	monitoring-disabled		ebs
INSTANCE	i-31a74258	ami-2bb65342	pending	0	m1.small	2010-03-19T13:59:03+0000	us-east-1a	aki-94c527fd	ari-96c527ff	monitoring-disabled		ebs
INSTANCE	i-31a74259	ami-2bb65342	pending	0	m1.small	2010-03-19T13:59:03+0000	us-east-1a	aki-94c527fd	ari-96c527ff	monitoring-disabled		ebs
INSTANCE	i-31a7425a	ami-2bb65342	pending	0	m1.small	2010-03-19T13:59:03+0000	us-east-1a	aki-94c527fd	ari-96c527ff	monitoring-disabled		ebs

After they're launched, all instances have a copy of the user data and the common metadata shown here:

  • AMI id: ami-2bb65342

  • Reservation ID: r-fea54097

  • Public keys: none

  • Security group names: default

  • Instance type: m1.small

However, each instance has certain unique metadata.

Instance 1

MetadataValue
instance-idi-3ea74257
ami-launch-index0
public-hostnameec2-67-202-51-223.compute-1.amazonaws.com
public-ipv467.202.51.223
local-hostnameip-10-251-50-35.ec2.internal
local-ipv410.251.50.35

Instance 2

MetadataValue
instance-idi-31a74258
ami-launch-index1
public-hostnameec2-67-202-51-224.compute-1.amazonaws.com
public-ipv467.202.51.224
local-hostnameip-10-251-50-36.ec2.internal
local-ipv410.251.50.36

Instance 3

MetadataValue
instance-idi-31a74259
ami-launch-index2
public-hostnameec2-67-202-51-225.compute-1.amazonaws.com
public-ipv467.202.51.225
local-hostnameip-10-251-50-37.ec2.internal
local-ipv410.251.50.37

Instance 4

MetadataValue
instance-idi-31a7425a
ami-launch-index3
public-hostnameec2-67-202-51-226.compute-1.amazonaws.com
public-ipv467.202.51.226
local-hostnameip-10-251-50-38.ec2.internal
local-ipv410.251.50.38

Therefore, an instance can determine its portion of the user-supplied data through the following process.

Metadata Discovery Process

1

Determine the index in the launch group.

GET http://169.254.169.254/latest/meta-data/ami-launch-index
1

2

Retrieve the user data.

GET http://169.254.169.254/latest/user-data
store-size=123PB backup-every=5min | replicate-every=1min | replicate-every=2min | replicate-every=10min | replicate-every=20min

3

Extract the appropriate part of the user data.

user_data.split('|')[ami_launch_index]

Document Conventions
Terms of Use		Did this page help you?  Yes  No   Tell us about it...