Overview
Apache Tomcat landing page
The Apache Tomcat landing page, served on port 8080 on first boot with no manual setup.
Apache Tomcat landing page
Tomcat Manager application
Tomcat Host Manager
This is a repackaged open source software product wherein additional charges apply for cloudimg support services.
Apache Tomcat 11 - Production-Ready AMI with 24/7 Expert Support
Launch a fully configured Apache Tomcat 11 servlet container on EC2 and begin serving Java web applications within minutes. This AMI eliminates manual installation, credential management, and service configuration so your team can focus on deploying code rather than managing infrastructure.
Why This AMI Over a Manual Install
- Instant time-to-value: Tomcat is running as a systemd service the moment your instance boots - no package installation, no configuration editing, no service setup required.
- Unique credentials per instance: A first-boot service generates a fresh Manager administrator password, writes it to a root-only file, and locks down access. No shared or default credentials ever ship in the image.
- Expert support included: 24/7 technical assistance from cloudimg engineers covering Tomcat deployment, TLS configuration, JVM tuning, and thread-dump analysis.
Application Stack
- Apache Tomcat 11 installed under /opt/tomcat, run by a dedicated unprivileged service account
- Headless OpenJDK Java runtime
- systemd service that starts Tomcat on boot and restarts it automatically on failure
- Tomcat Manager and Host Manager web applications enabled for WAR deployment and virtual host administration
Security Posture
- Credential isolation: Each instance generates its own administrator password at first boot; no credentials are baked into the image
- Localhost-only Manager access: The Manager and Host Manager apps are restricted to localhost by default; access them securely over an SSH tunnel
- Unprivileged execution: Tomcat runs under a dedicated service account with minimal OS permissions
- TLS readiness: TLS/HTTPS is not preconfigured out of the box, but cloudimg support can assist with connector configuration and integration with AWS Certificate Manager for certificate provisioning
AWS Integration Points
- Application Load Balancer: Place this AMI behind an ALB for traffic distribution, health checks, and TLS termination at the load balancer tier
- Amazon CloudWatch: Configure Tomcat access and catalina logs to stream to CloudWatch Logs for centralized monitoring and alerting
- AWS Systems Manager: Use Session Manager for secure shell access without opening SSH ports, and Patch Manager for OS-level updates
- Amazon S3: Store WAR artifacts in S3 and pull them during deployment pipelines
- AWS Certificate Manager: Provision and manage TLS certificates for HTTPS connectors or ALB termination
Deployment Quickstart
- Launch the AMI on a t3.small or larger instance
- Open port 8080 in your security group (and port 22 for SSH access)
- SSH into the instance and retrieve your unique admin password from /root/.tomcat_admin_password
- Access the Tomcat landing page at http://your-instance-ip:8080
- Open an SSH tunnel to reach the Manager app: ssh -L 8080:localhost:8080 ec2-user@your-instance-ip
- Deploy your WAR file through the Manager interface or copy it directly to /opt/tomcat/webapps/
Use Cases
- Java API hosting for fintech and e-commerce: Serve REST APIs and web applications behind an Application Load Balancer with auto-scaling groups for variable traffic
- CI/CD staging environments: Deploy WARs automatically via the Manager API as part of a Jenkins or CodePipeline workflow, validating builds before production promotion
- Lift and shift of on-premises Java workloads: Migrate existing Tomcat-hosted applications to EC2 without re-architecting, using the same deployment model your team already knows
- Development and testing: Spin up isolated Tomcat instances for developers or QA teams with per-instance credentials and no shared state
About cloudimg
cloudimg publishes and maintains production-ready application server images across AWS Marketplace and Azure Marketplace, providing multi-cloud presence and consistent support for open-source infrastructure. Every image receives ongoing security patches and version updates backed by 24/7 engineering support.
Get Started
Subscribe to this listing and launch your first instance. For a guided deployment consultation or help planning your Tomcat architecture, contact the cloudimg support team.
All product and company names are trademarks or registered trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
Highlights
- Launch a production-ready Tomcat 11 servlet container in minutes rather than spending hours on manual installation and configuration. The AMI boots with Tomcat running as a systemd service on a headless OpenJDK runtime, with Manager and Host Manager apps pre-configured. Integrates with Application Load Balancer for traffic routing, Amazon CloudWatch for log monitoring, and AWS Systems Manager for secure access and patching.
- Every instance generates its own unique Manager administrator password at first boot and stores it in a root-only file - no shared or default credentials ever exist in the image. The Manager and Host Manager apps enforce localhost-only access by default, requiring an SSH tunnel for administration. TLS/HTTPS connector configuration is supported with assistance from cloudimg engineers and AWS Certificate Manager integration.
- 24/7 expert support from cloudimg with a one-hour average response time for critical issues. Engineers assist with Tomcat deployment, WAR troubleshooting, JVM heap and thread-dump analysis, TLS connector setup, and performance tuning - depth of support unavailable from unsupported community AMIs. cloudimg maintains production images across both AWS and Azure Marketplace.
Details
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
Pricing
Free trial
- ...
Dimension | Description | Cost/hour |
|---|---|---|
m5.large Recommended | m5.large | $0.08 |
t2.micro | t2.micro instance type | $0.04 |
t3.micro | t3.micro instance type | $0.04 |
g4dn.4xlarge | g4dn.4xlarge instance type | $0.24 |
m8azn.metal-24xl | m8azn.metal-24xl instance type | $0.24 |
c8i-flex.12xlarge | c8i-flex.12xlarge instance type | $0.24 |
c7i-flex.xlarge | c7i-flex.xlarge instance type | $0.12 |
m8a.16xlarge | m8a.16xlarge instance type | $0.24 |
i3en.24xlarge | i3en.24xlarge instance type | $0.24 |
c5d.12xlarge | c5d.12xlarge instance type | $0.24 |
Vendor refund policy
Refunds available on request.
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Initial release of Apache Tomcat 11 servlet container.
Additional details
Usage instructions
Connect via SSH on port 22 as the default login user for your operating system variant (the user guide lists it per variant). Tomcat serves on port 8080. Browse to http://<instance-public-ip>:8080/ for the landing page. The Manager and Host Manager apps are localhost only by design. Open an SSH tunnel with: ssh -L 8080:127.0.0.1:8080 <login-user>@<instance-public-ip>, then browse to http://127.0.0.1:8080/manager/html and sign in as the 'tomcatadmin' user. Retrieve the generated administrator password with: sudo cat /root/tomcat-credentials.txt.
Resources
Vendor resources
Support
Vendor support
cloudimg Support for Apache Tomcat
cloudimg provides 24/7 technical support for this product via email and live chat. Our engineers specialize in Apache Tomcat and JVM administration, helping you get from launch to production as quickly as possible.
Support Channels:
- Email: support@cloudimg.co.uk
- Live chat: available around the clock
Response Times:
- Critical issues (service down, security vulnerability): one-hour average response
- General inquiries (configuration, tuning, deployment questions): responded to within the same business day
What We Help With:
- Initial deployment and instance configuration
- WAR file deployment and application troubleshooting
- TLS/HTTPS connector setup and certificate integration
- JVM performance tuning, heap analysis, and thread-dump review
- Tomcat version upgrades and security patching guidance
- Integration with AWS services including Application Load Balancer, CloudWatch, and Systems Manager
- Troubleshooting connectivity, port configuration, and security group setup
Getting Started After Purchase:
- Launch the AMI on a t3.small or larger EC2 instance
- Open port 8080 (and port 22 for SSH) in your security group
- SSH into the instance and retrieve your admin password from /root/.tomcat_admin_password
- Access Tomcat at http://your-instance-ip:8080
- Use an SSH tunnel to reach the Manager app for WAR deployment
If you need help at any step, contact our support team and an engineer will guide you through the process. For refund requests or billing questions, email support@cloudimg.co.uk with your AWS account ID and instance details.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
