AWS: How to update AMI without having to recreate the launch configuration?

We built up a web server, created an AMI from it, then created a launch configuration which launches instances from this AMI, and our ASG uses this launch configuration.

We regularly install Windows updates on the web server. Every time after we do it, we create a new AMI. Then we had to recreate the launch configuration to use the new AMI, then change the ASG to use the new launch configuration.

Is there a way not having to do this?

Solution 1:

Windows Updates is one of the areas that I recommend creating new AMIs. You really need to test these updates before rolling them out to a production environment. Except for security patches, I would patch, test and release a new AMI on a fixed schedule (I create a new AMI each month). You want to make sure that the updates are not breaking anything and just waiting to see if an update is recalled is a good idea. I have been bitten by this so many times ... Take a look at Amazon's SSM for Windows patch management.

Solution 2:

If you create a new AMI, you must create a new launch configuration and update the Auto Scaling group.

The only way to avoid this is to use the same AMI. Instead of baking your updates into the AMI, pull the files on first launch of your EC2 instances.