Build Image with EC2 Image Builder Components Build Image with EC2 Image Builder Components

EC2 Image Builder takes the pain out of creating and maintaining custom AMIs. Instead of manually spinning up instances, installing packages, and snapshotting—you define a recipe once and let AWS handle the rest.

In this guide, I’ll walk you through building a custom AMI with NGINX pre-installed.

Step 1: Create Your Pipeline

Head to EC2 Image Builder in the AWS Console and click Create image pipeline.

Give it a name like nginx-webserver-pipeline and set the build schedule to Manual for now. You can automate it later once everything’s working.

Step 2: Configure the Recipe

This is where you define what goes into your AMI.

Image type: Choose AMI (you can also build container images, but we’ll stick with AMIs here).

Base image: Select Amazon Linux 2023. It’s got long-term support, modern packages, and you won’t be scrambling when security patches stop.

The Install Script

Here’s where the real work happens. Add this user data script to install NGINX:

#!/bin/bash
sudo dnf update -y
sudo dnf install nginx -y
sudo systemctl enable nginx
sudo systemctl start nginx

That’s it. Four lines. AL2023 has NGINX in the default repos, so no need for extra repositories or workarounds.

Step 3: Infrastructure Settings

Pick your instance type (t3.medium works fine for most builds), select an IAM role with Image Builder permissions, and configure your VPC settings.

Make sure your security group allows outbound internet access—the build instance needs to download packages.

Step 4: Run It

Once the pipeline is created, hit Run pipeline. Image Builder will:

1. Launch a temporary EC2 instance
2. Run your install script
3. Run any tests you’ve configured
4. Create the final AMI
5. Clean up the temporary instance

The whole process takes 15-30 minutes depending on what you’re installing.

Step 5: Verify

Once it’s done, you’ll find your shiny new AMI under EC2 → AMIs. Launch an instance from it and confirm NGINX is running:

sudo systemctl status nginx
curl localhost

You should see the default NGINX welcome page. Done.

AL2 vs AL2023 Quick Reference

If you’re migrating old scripts, here’s what changed:

Tips for Production

• Version your recipes so you can track what changed between AMI builds
• Add test components to validate the AMI before distributing it
• Schedule regular rebuilds (monthly at minimum) to pick up security patches
• Tag everything for cost tracking and resource management

Common Issues

“command not found” errors: You’re probably using yum or amazon-linux-extras on AL2023. Switch to dnf.

NGINX won’t start: Check that you ran systemctl enable nginx and that your security group allows traffic on port 80.

Build stuck forever: Usually a networking issue. Make sure the build instance can reach the internet for package downloads. Check CloudWatch logs for details.

That’s it. You’ve got a repeatable, automated way to build custom AMIs. No more manual snapshots, no more “it worked on my machine” problems.

Next up: set up a schedule to rebuild weekly, and you’ll always have patched, up-to-date images ready to go.