Solved: Share AMI with other AWS accounts

At times you may have to safely share an AMI(Amazon machine Image) with another AWS account. You can do it without making the AMI Public.
Here we will show you how you can do it easily.
  1. Login to your EC2 console by this link . EC2 Console
  2. In the left navigation panel choose AMIs in Image section.
  3. Select the AMI you want to share.
  4. Click on Actions > Modify Image Permissions
  5. In the Modify Image Permissions box do the following :-

    a) This image is currently “Private”
    b) Enter the AWS account number with which you want to share the AMI. Click Add Permissions.
    c) Check the box with Add “create volume” permissions to the following associated snapshots when creating permissions.
  6. Finally click on Save .
Once above steps are done in the source account you have to go in the destination account AMIs section in EC2 Console and in the filter select Private images. You should now be able to see the image you shared earlier.

If you want to do the same with AWS CLI, Use these two commands:-

Here we are granting launch permission to a specific AMI(ami-a2n4b68kl) for a specific AWS account number (123456789) .
aws ec2 modify-image-attribute --image-id ami-a2n4b68kl --launch-permission "{\"Add\":[{\"UserId\":\"123456789\"}]}"
Below command will grant create volume permission for snapshot(snap-try657hvndh909) as we did in Step 5(c)
aws ec2 modify-snapshot-attribute --snapshot-id snap-try657hvndh909 \
--attribute createVolumePermission --operation-type add --user-ids 123456789
After doing this the AMI should be visible in AMIs of the new account.

No comments:

Post a Comment