Terraformcloud~5 mins

AMI lookup data source example in Terraform - Commands & Configuration

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

When you want to launch a virtual machine in the cloud, you need an image to start from. This image is called an AMI in AWS. The AMI lookup data source helps you find the right image automatically, so you don't have to type its ID manually.

When you want to launch an EC2 instance with the latest Amazon Linux image without hardcoding the AMI ID.

When you need to find an AMI by name or owner to ensure you use a trusted image.

When you want your Terraform code to work in different AWS regions without changing AMI IDs manually.

When you want to automate updates to your infrastructure using the newest available AMI.

When you want to avoid errors caused by using outdated or incorrect AMI IDs.

Config File - main.tf

main.tf

provider "aws" {
  region = "us-east-1"
}

data "aws_ami" "amazon_linux" {
  most_recent = true
  owners      = ["amazon"]
  filter {
    name   = "name"
    values = ["amzn2-ami-hvm-*-x86_64-gp2"]
  }
}

resource "aws_instance" "example" {
  ami           = data.aws_ami.amazon_linux.id
  instance_type = "t2.micro"
  tags = {
    Name = "example-instance"
  }
}

This Terraform file does three main things:

Provider block: Sets AWS region to us-east-1.
Data source aws_ami: Looks up the most recent Amazon Linux 2 AMI owned by Amazon, filtering by name pattern.
Resource aws_instance: Creates an EC2 instance using the AMI found by the data source and sets instance type and tags.

Commands

This command sets up Terraform in the current folder by downloading the AWS provider plugin and preparing the environment.

Terminal

terraform init

Expected OutputExpected

Initializing the backend... Initializing provider plugins... - Finding latest version of hashicorp/aws... - Installing hashicorp/aws v4.60.0... - Installed hashicorp/aws v4.60.0 (signed by HashiCorp) Terraform has been successfully initialized! You may now begin working with Terraform. Try running "terraform plan" to see any changes that are required for your infrastructure.

This command shows what Terraform will do. It looks up the AMI and plans to create an EC2 instance using it.

Terminal

terraform plan

Expected OutputExpected

Refreshing Terraform state in-memory prior to plan... Data sources: + data.aws_ami.amazon_linux Terraform will perform the following actions: # aws_instance.example will be created + resource "aws_instance" "example" { + ami = "ami-0abcdef1234567890" + arn = (known after apply) + instance_type = "t2.micro" + tags = { + "Name" = "example-instance" } } Plan: 1 to add, 0 to change, 0 to destroy.

This command applies the plan and creates the EC2 instance using the AMI found by the lookup.

Terminal

terraform apply -auto-approve

Expected OutputExpected

aws_instance.example: Creating... aws_instance.example: Still creating... [10s elapsed] aws_instance.example: Creation complete after 20s [id=i-0123456789abcdef0] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

→

-auto-approve - Automatically approves the apply step without asking for confirmation.

This command removes the EC2 instance created by Terraform to clean up resources.

Terminal

terraform destroy -auto-approve

Expected OutputExpected

aws_instance.example: Destroying... aws_instance.example: Still destroying... [10s elapsed] aws_instance.example: Destruction complete after 15s Destroy complete! Resources: 1 destroyed.

→

-auto-approve - Automatically approves the destroy step without asking for confirmation.

Key Concept

If you remember nothing else from this pattern, remember: use the AMI lookup data source to find the latest image automatically instead of hardcoding AMI IDs.

Common Mistakes

Hardcoding the AMI ID directly in the resource instead of using the data source.

AMI IDs change over time and differ by region, so hardcoding causes errors or outdated images.

Use the aws_ami data source with filters to find the correct AMI dynamically.

Not specifying the owner in the data source filter.

Without the owner filter, Terraform might find an untrusted or incorrect AMI.

Always specify the owner (like "amazon") to ensure trusted images.

Using a name filter that does not match any AMI.

Terraform will fail to find an AMI and the plan/apply will error out.

Use a correct and existing name pattern like "amzn2-ami-hvm-*-x86_64-gp2".

Summary

Initialize Terraform with 'terraform init' to prepare the environment.

Use 'terraform plan' to see the AMI lookup and planned EC2 instance creation.

Apply the plan with 'terraform apply' to create the instance using the latest AMI.

Clean up resources with 'terraform destroy' when done.