Generally described, computing devices utilize a communication network, or a series of communication networks, to exchange data. Companies and organizations operate computer networks that interconnect a number of computing devices to support operations or provide services to third parties. The computing systems can be located in a single geographic location or located in multiple, distinct geographic locations (e.g., interconnected via private or public communication networks). Specifically, data centers or data processing centers, herein generally referred to as “data centers,” may include a number of interconnected computing systems to provide computing resources to users of the data center. The data centers may be private data centers operated on behalf of an organization or public data centers operated on behalf, or for the benefit, of the general public.
To facilitate increased utilization of data center resources, virtualization technologies allow a single physical computing device to host one or more instances of a virtual machine, which virtual machine instance appears to a user of a data center as an independent computing device. With virtualization, the host computing device can create, maintain, delete, or otherwise manage virtual machines instances in a dynamic manner. In turn, users can request computing resources from the data center, including single computing devices or a configuration of networked computing devices, and be provided with virtual machine instances that provide the requested computing resources.
An instance of a virtual machine may be configured to provide specific functionality. For example, a virtual machine instance may be associated with different combinations of software applications and operating systems or operating system configurations to enable a virtual machine to provide different desired functionalities, or to provide similar functionalities more efficiently. One or more virtual machine instance configurations are often contained within a service image, which a host computing device may execute in order to implement the desired specific functionality of the virtual machine instance.
In one embodiment, the service image, when executed by virtual machine instance, provides a network accessible service (a.k.a. Web service) corresponding to the software applications/configurations included in the service image. A network accessible service provides specific functionality to other applications and computing resources via a network through application programming interfaces (APIs), which APIs can also be considered a network accessible service or Web service. For example, a service image, when executed, may provide a network accessible database or mass storage service. Once a service image is created, it can be provided to users interested in utilizing the applications and computing resources available from a data center for specific purposes.
However, over time providers of software applications contained within service images may update the software applications to correct security issues or other bugs. Therefore, users associated with the affected service images may continue to use outdated software applications.