TerraformPilot

DevOps

Amazon Linux 2 End of Life 2026: What AWS Users Need to Do

Amazon Linux 2 reaches end of life June 30, 2026. Migrate EC2 instances, Lambda runtimes, and ECS containers to Amazon Linux 2023 before the deadline using

LLuca Berton2 min read

Amazon Linux 2 reaches end of life on June 30, 2026. After that date, AWS stops providing security patches, bug fixes, and updates. If you're running AL2 on EC2, in ECS containers, or using Lambda runtimes tied to AL2 — you need to migrate before the deadline.

Timeline

#
DateEvent
June 2018Amazon Linux 2 launched
March 2023Amazon Linux 2023 launched
June 30, 2025AL2 standard support ends
June 30, 2026AL2 extended support ends (EOL)
After June 2026No more security patches for AL2

What's Affected

#

EC2 Instances

#

Any instance using an AL2 AMI:

# Check which AMI your instances use
aws ec2 describe-instances \
  --query 'Reservations[].Instances[].{ID:InstanceId,AMI:ImageId,Name:Tags[?Key==`Name`].Value|[0]}' \
  --output table
 
# Check if AMI is Amazon Linux 2
aws ec2 describe-images --image-ids ami-xxx \
  --query 'Images[0].Name'
# "amzn2-ami-hvm-2.0.20240306-x86_64-gp2" ← This is AL2

Lambda Functions

#

Runtimes tied to AL2:

RuntimeOSStatus
python3.8AL2Deprecated
python3.9AL2Migrating to AL2023
nodejs16.xAL2Deprecated
java11AL2Deprecation planned
python3.12AL2023✅ Current
python3.13AL2023✅ Current
nodejs20.xAL2023✅ Current
nodejs22.xAL2023✅ Current

ECS/Docker Containers

#

Containers built FROM amazonlinux:2:

# ❌ AL2 — EOL June 2026
FROM amazonlinux:2
 
# ✅ AL2023
FROM amazonlinux:2023

EKS Node Groups

#

EKS nodes using AL2 AMIs need migration to AL2023 AMIs.

Terraform: Migrate EC2 to AL2023

#

Find the Latest AL2023 AMI

# 
data "aws_ami" "al2023" {
  most_recent = true
  owners      = ["amazon"]
 
  filter {
    name   = "name"
    values = ["al2023-ami-*-x86_64"]
  }
 
  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }
}
 
# For ARM/Graviton instances
data "aws_ami" "al2023_arm" {
  most_recent = true
  owners      = ["amazon"]
 
  filter {
    name   = "name"
    values = ["al2023-ami-*-arm64"]
  }
}

Update EC2 Instances

# 
resource "aws_instance" "web" {
  # Before
  # ami = "ami-0abcdef1234567890"  # AL2 AMI
 
  # After
  ami           = data.aws_ami.al2023.id  # AL2023
  instance_type = "t3.micro"
 
  # User data may need updates for AL2023 differences
  user_data = base64encode(templatefile("${path.module}/scripts/setup-al2023.sh", {
    app_version = var.app_version
  }))
}

Key Differences in User Data Scripts

# 
#!/bin/bash
# AL2 → AL2023 package manager differences
 
# AL2 used amazon-linux-extras
# ❌ amazon-linux-extras install nginx1
# ✅ AL2023 uses dnf directly
dnf install -y nginx
 
# AL2 used yum
# ❌ yum install -y httpd
# ✅ AL2023 uses dnf (yum still works as alias)
dnf install -y httpd
 
# Python
# ❌ AL2: python3 was 3.7
# ✅ AL2023: python3 is 3.9+
python3 --version
 
# SystemD is the same
systemctl enable nginx
systemctl start nginx

Terraform: Update Lambda Runtimes

# 
resource "aws_lambda_function" "api" {
  function_name = "api-handler"
 
  # Before
  # runtime = "python3.9"    # AL2-based
 
  # After
  runtime = "python3.12"     # AL2023-based
 
  handler  = "handler.main"
  filename = "lambda.zip"
  role     = aws_iam_role.lambda.arn
 
  # Test thoroughly — AL2023 has newer system libraries
}

Bulk Update Lambda Runtimes

# 
# Find all Lambda functions using old runtimes
aws lambda list-functions \
  --query 'Functions[?Runtime==`python3.8` || Runtime==`python3.9` || Runtime==`nodejs16.x`].{Name:FunctionName,Runtime:Runtime}' \
  --output table
# Terraform — update all functions
variable "lambda_functions" {
  default = {
    api      = { handler = "api.main" }
    worker   = { handler = "worker.main" }
    notifier = { handler = "notifier.main" }
  }
}
 
resource "aws_lambda_function" "functions" {
  for_each = var.lambda_functions
 
  function_name = each.key
  runtime       = "python3.12"    # AL2023 for all
  handler       = each.value.handler
  # ...
}

Terraform: Update EKS Node Groups

# 
resource "aws_eks_node_group" "workers" {
  cluster_name    = aws_eks_cluster.main.name
  node_group_name = "workers"
 
  # Before: AL2 AMI type
  # ami_type = "AL2_x86_64"
 
  # After: AL2023 AMI type
  ami_type       = "AL2023_x86_64_STANDARD"
  instance_types = ["m5.large"]
 
  scaling_config {
    desired_size = 3
    max_size     = 6
    min_size     = 1
  }
 
  # Rolling update — replace nodes gradually
  update_config {
    max_unavailable = 1
  }
}

Migration Checklist

#
  • Audit: Find all AL2 instances, Lambda functions, containers, and EKS nodes
  • Test: Build and test AL2023 images in dev/staging
  • Update scripts: Replace yum commands, amazon-linux-extras, and Python version assumptions
  • Update Terraform: Change AMI data sources and Lambda runtimes
  • Roll out: Deploy to staging, then production with rolling updates
  • Verify: Run integration tests after migration
  • Clean up: Remove old AL2 AMIs from launch templates

Hands-On Courses

#

Conclusion

#

Amazon Linux 2 EOL is June 30, 2026 — less than 3 months away. Audit your EC2 instances, Lambda functions, ECS containers, and EKS nodes. Migrate to Amazon Linux 2023 using Terraform's AMI data sources and Lambda runtime updates. The biggest gotchas are user data scripts that use amazon-linux-extras (removed in AL2023) and Lambda functions that depend on AL2's older system libraries. Start with staging, test thoroughly, and roll out to production well before the deadline.

#Terraform#AWS#Amazon Linux#Migration#DevOps

Share this article

Related articles