How to Share an AMI with Specific Users

Amazon Elastic Compute Cloud: 2009-07-15

previous page next page

How to Share an AMI with Specific Users

You can share an AMI with specific users without making the AMI public. All you need is the user's AWS user's account ID, which is available on the AWS Account Activity page.

To grant explicit launch permissions

  • Enter the following command:

    PROMPT> ec2-modify-image-attribute <ami_id> -l -a <user_id>

    The <ami_id> is the ID of the AMI and <user_id> is the user's account ID, without hyphens.

To remove launch permissions for a user

  • Enter the following command:

    PROMPT> ec2-modify-image-attribute <ami_id> -l -r <user_id>

    The <ami_id> is the ID of the AMI and <user_id> is the user's account ID, without hyphens.

To remove all launch permissions

  • Enter the following command to remove all public and explicit launch permissions:

    PROMPT> ec2-reset-image-attribute <ami_id> -l

    The <ami_id> is the ID of the AMI.

[Note] Note

The AMI owner always has rights to the AMI and will be unaffected by this command.

Example

The following example grants launch permissions to the AIDADH4IGTRXXKCD user for the ami-2bb65342 AMI:

PROMPT> ec2-modify-image-attribute ami-2bb65342 -l -a AIDADH4IGTRXXKCD
launchPermission        ami-2bb65342    ADD     userId  AIDADH4IGTRXXKCD

The following example removes launch permissions from the AIDADH4IGTRXXKCD user for the ami-2bb65342 AMI:

PROMPT> ec2-modify-image-attribute ami-2bb65342 -l -r AIDADH4IGTRXXKCD
launchPermission        ami-2bb65342    REMOVE  userId  AIDADH4IGTRXXKCD

The following example removes all public and explicit launch permissions from the ami-2bb65342 AMI:

PROMPT> ec2-reset-image-attribute ami-2bb65342 -l
launchPermission        ami-2bb65342    RESET
previous page start next page