AWS AMI cross-region replication and sharing

AWS AMI cross-region replication and sharing can be achieved using the AWS Management Console, CLI, or SDK, following official procedures for copying images and modifying permissions.

Cross-Region AMI Copy

To make an AMI available in another region, copy it explicitly since AMIs are region-specific.

• Open the EC2 console, navigate to AMIs > My AMIs, select the source AMI, and choose Actions > Copy AMI.
• Specify the destination region, name, description, and encryption options if applicable (e.g., select a KMS key for encrypted snapshots).
• AWS creates a new AMI ID in the target region; monitor progress in the console or via describe-images CLI.

CLI example:

aws ec2 copy-image --source-region us-east-1 --source-image-id ami-12345678 --name "CopiedAMI" --region us-west-2

This incurs snapshot storage and minor data transfer costs but no extra copy fee.

Sharing AMI with Specific Accounts

After copying, share the target-region AMI with other AWS accounts via launch permissions.

• In EC2 console (target region), select the AMI, choose Actions > Modify Image Permissions.
• Add the target account's 12-digit ID (e.g., 123456789012) under Launch Permissions > Specific AWS accounts.
• Save changes; the recipient sees it under AMIs > Shared with me in their console.

CLI example:

aws ec2 modify-image-attribute --image-id ami-87654321 --launch-permission "Add=[{UserId=123456789012}]"

To revoke, use Remove instead of Add. For encrypted AMIs, share the KMS key too.

Complete Workflow Example

1. Copy AMI from us-east-1 to us-west-2, note new ID.
2. In us-west-2, modify permissions to add recipient account.
3. Recipient launches instances from "Shared with me" in us-west-2; they pay usage fees.