我尝试使用打包程序将自定义构建的ami从一个AWS账户复制到另一个AWS账户;但是,我能够在一个帐户内跨区域复制ami。
"builders": [{
"account_id": "12345678910",
"s3_bucket": "xyz/xqas/asd",
"x509_cert_path": "/Users/txyz/packer/certificate.pem",
"x509_key_path": "/Users/txyz/packer/private-key.pem",
"type": "amazon-instance",
"access_key": "{{user {access_key {1}} {SECRET_KEY {1}}
答案 0 :(得分:1)
使用AWS ClI并在需要转移的AMI中运行以下命令
ec2-modify-image-attribute ami-2bb65342 -l -a 111122223333
有关其他可用选项,请参阅本指南
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-explicit.html
答案 1 :(得分:0)
以下awscli命令将启动权限添加到指定的帐户ID。尽管在技术上没有将ami复制过来,但这也达到了类似的效果。
aws ec2 modify-image-attribute --image-id <image id> --launch-permission "Add=[{UserId=<account-id>}]"
答案 2 :(得分:0)
使用 Packer,您可以通过这种方式将 AMI 从一个账户共享到另一个账户。 始终参考 Packer 文档:-https://www.packer.io/docs/builders/amazon/ebs 在这里您可以找到所有信息。
在“ami_users”部分,您可以提及您需要与之共享的 AWS 账户。
"ami_users": ["{{user `REMOTE_AWS_ACCOUNT_ID`}}"]
完整代码
"builders": [
{
"type": "amazon-ebs",
"access_key": "{{ user `aws_access_key` }}",
"secret_key": "{{ user `aws_secret_key` }}",
"region": "{{ user `region` }}",
"launch_block_device_mappings" : [
{
"device_name": "/dev/sda1",
"volume_size": 60
}
],
"instance_type": "t2.large",
"ami_users": "{{ user `REMOTE_AWS_ACCOUNT_ID` }}",
"source_ami": "{{ user `source_ami` }}",
"ami_name": "xyz-ami",
"user_data_file": "./bootstrap_win.txt",
"communicator": "winrm",
"winrm_username": "Administrator",
"winrm_password": "XXXXXXXXX",
"tags": [{"Name":"testing","release":"packer"}],
"ami_regions": [
"ap-southeast-2",
"us-east-2"
]
}
],