Introduction to Amazon EC2 > Amazon EC2 Basic > Share AMI (Optional)

Share AMI (Optional)

The share AMI function is used to share AMIs that developers have created and provided for others to use. Or you want to separate the workload across multiple EC2 - across environments located in different AWS accounts while still ensuring full data or config information is present in the instance, share AMI will help you do it quickly
Noted: you need at least 2 AWS accounts to perform this lab.
- In case, you only have one AWS account, you can create a new account through the AWS ORGANIZATION service and use the switch role function to move to the new account. Refer to the lab: Set Single Sign-On (Amazon SSO) for Organization

Get the account ID value

Log in to the second account, in the EC2 console, on the right corner of the screen, select the triangle icon.

Select the square icon to copy the account ID value which is a 12-digit sequence.

Noted: you should copy account ID to Notedpad to prepare for step 3

Select the AMI to share

Return to the 1st account
Reuse the AMI you created in lab 5.3 CREATE CUSTOM AMI
In the search box, enter ami, select AMIs

Select AMI name: Custom Windows AMI
Select Actions
Select Edit AMI permissions

Share AMI

In the AMI availability section, select Private - (current setting) (meaning, you only share this AMI with specific AWS or accounts in the Organization unit).
In the Shared accounts section, select Add account ID

Enter the account ID value you took in step 1
Select Share AMI

Check the configured information and select Save changes

Check the shared AMI

Log in to the second account, in the search box, enter ami, select AMIs

You will not see any AMI, because you are in Owned by me mode. Select the triangle character

Select Private images

Result

Congratulations, you have successfully shared the AMI via another AWS account. You can proceed to create an EC2 instance from this AMI.

Noted
- At this lab level, the snapshot that comes with the AMI has not Encryption. In fact, EBS and snapshots will be encrypted by default by the KMS service, and you can only share the AMI after sharing Customer managed keys (CMK) - to know more about CMK, you can read more on lab: AWS KEY MANAGEMENT SERVICE
- Each AMI has a sharing quota with 1000 entities including: organizations, organizational units, and accounts