You can create a copy an Amazon Machine Image (AMI) within the same Region or across Regions in the same partition. To copy an AMI to another partition, see Store and restore an AMI.
Contents
Considerations
-
Permission to copy AMIs – You can use IAM policies to grant or deny users permission to copy AMIs. Starting October 28, 2024, you can specify resource-level permissions for the
CopyImage
action on the source AMI. Resource-level permissions for the target AMI are available as before. -
Launch permissions and Amazon S3 bucket permissions – AWS does not copy launch permissions or Amazon S3 bucket permissions from the source AMI to the new AMI. After the copy operation is complete, you can apply launch permissions and Amazon S3 bucket permissions to the new AMI.
-
Tags – You can only copy user-defined AMI tags that you attached to the source AMI. System tags (prefixed with
aws:
) and user-defined tags that are attached by other AWS accounts will not be copied. When copying an AMI, you can attach new tags to the target AMI and its backing snapshots.
Costs
There are no charges for copying an AMI. However, standard storage and data transfer rates apply. If you copy an EBS-backed AMI, you will incur charges for the storage of any additional EBS snapshots.
Copy an AMI
You can copy an AMI using the following procedures.
To copy an AMI
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
. -
From the console navigation bar, select the Region that contains the AMI.
-
In the navigation pane, choose AMIs to display the list of AMIs available to you in the Region.
-
If you don't see the AMI you want to copy, choose a different filter. You can filter by AMIs Owned by me, Private images, Public images, and Disabled images.
-
Select the AMI to copy, and then choose Actions, Copy AMI.
-
On the Copy AMI page, specify the following information:
-
AMI copy name: A name for the new AMI. You can include the operating system information in the name because Amazon EC2 does not provide this information when displaying details about the AMI.
-
AMI copy description: By default, the description includes information about the source AMI so that you can distinguish a copy from its original. You can change this description as needed.
-
Destination Region: The Region in which to copy the AMI. For more information, see Cross-Region copying.
-
Copy tags: Select this checkbox to include your user-defined AMI tags when copying the AMI. System tags (prefixed with
aws:
) and user-defined tags that are attached by other AWS accounts will not be copied. -
(EBS-backed AMIs only) Encrypt EBS snapshots of AMI copy: Select this checkbox to encrypt the target snapshots, or to re-encrypt them using a different key. If encryption by default is enabled, the Encrypt EBS snapshots of AMI copy checkbox is selected and cannot be cleared. For more information, see Encryption and copying.
-
(EBS-backed AMIs only) KMS key: The KMS key to used to encrypt the target snapshots.
-
Tags: You can tag the new AMI and the new snapshots with the same tags, or you can tag them with different tags.
-
To tag the new AMI and the new snapshots with the same tags, choose Tag image and snapshots together. The same tags are applied to the new AMI and every snapshot that is created.
-
To tag the new AMI and the new snapshots with different tags, choose Tag image and snapshots separately. Different tags are applied to the new AMI and the snapshots that are created. Note, however, that all the new snapshots that are created get the same tags; you can't tag each new snapshot with a different tag.
To add a tag, choose Add tag, and enter the key and value for the tag. Repeat for each tag.
-
-
When you're ready to copy the AMI, choose Copy AMI.
The initial status of the new AMI is
Pending
. The AMI copy operation is complete when the status isAvailable
.
-
Stop a pending AMI copy operation
You can stop a pending AMI copy using the following procedures.
To stop an AMI copy operation using the console
Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/
. -
From the navigation bar, select the destination Region from the Region selector.
-
In the navigation pane, choose AMIs.
-
Select the AMI to stop copying, and then choose Actions, Deregister AMI.
-
When asked for confirmation, choose Deregister AMI.