Migrate Ec2 From One Account to Another

Take snapshot of EC2 from Source Account

1. Open AWS EC2 console https://ap-south-1.console.aws.amazon.com/ec2/home
2. Click Instances in the left navigation
3. Select the required EC2 instance
4. Click Actions -> Image and templates -> Create image
5. Enter a name of the image whatever you like and optionally a description of the image for future reference
6. Note: It is preferred to keep the No reboot -> Enable unchecked so snapshot is taken by shutting down the sever, however you can check this if you want to take snapshot without bringing down the server
7. Leave the rest of the setting default (or change based on any additional requirement)
8. Click Create Image Button
9. It would take around 5-10 minutes to take the image
10. Click Images -> AMIs in the left navigation to check the status of the image

Share the snapshot to target account

1. Click Images -> AMIs in the left navigation
2. Select the image created in the previous section
3. Click Actions -> Edit AMI permissions
4. Make sure AMI availability is Private
5. Click Shared accounts -> Add account ID
6. Enter the required target account id
7. Click Save change

Setup the existing EC2 key pair in Target Account

1. Open AWS EC2 console of the target account https://console.aws.amazon.com/ec2/
2. Make sure you are in the same region where AMI snapshot shared
3. Click Network & Security -> Key Pairs in the left navigation
4. Click Actions -> Import key pair
5. Enter the name (Use to same name as in source account to avoid any confusion)
6. Select the public key or get from the pem key with the command ssh-keygen -y -f /path_to_key_pair/my-key-pair.pem
7. Click Import key pair

Create Security groups in Target account

1. Open AWS EC2 console of the target account https://console.aws.amazon.com/ec2/
2. Click Network & Security -> Security Groups
3. Create the security groups which are currently mapped to ec2 in the source account

Create EC2 instance in target account

1. Open AWS EC2 console of the target account https://console.aws.amazon.com/ec2/
2. Make sure you are in the same region where AMI snapshot shared
3. Click Images -> AMIs in the left navigation
4. Select Private Images filter
5. Select the required AMI
6. Click Launch instance from AMI
7. Enter name
8. Select the key pair (generated in the previous section)
9. Select the required security groups created in the previous section
10. Click Launch instance

Create and attach IAM role

1. Open AWS IAM console https://us-east-1.console.aws.amazon.com/iamv2/home
2. Create the IAM as in the source account
3. Open AWS EC2 console of the target account https://console.aws.amazon.com/ec2/
4. Select the ec2 instance
5. Click Actions -> Security -> Modify IAM role
6. Select the IAM role created in the previous steps
7. Click Update IAM role

In the first filter, choose Private images. All AMIs that have been shared with you are listed. To granulate your search, choose the Search bar and use the filter options provided in the menu.

Related AWS CLI commands

# Create snapshot
aws ec2 create-image --instance-id <xxx> --name <xxx>
e.g.
aws ec2 create-image --instance-id i-0ab12c3456789d012 --name my-test-ec2

# Share snapshot
aws ec2 modify-image-attribute --image-id <xxx> --launch-permission "Add=[{UserId=<xxx>}]"
e.g.
aws ec2 modify-image-attribute --image-id ami-0abcdef1234567890 --launch-permission "Add=[{UserId=123456789012}]"

# Describe images
aws ec2 describe-images --executable-users all

Ref

• https://aws.amazon.com/premiumsupport/knowledge-center/account-transfer-ec2-instance/
• https://aws.amazon.com/premiumsupport/knowledge-center/account-transfer-ec2-instance/
• https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html#cli-aws-ec2
• https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html#how-to-generate-your-own-key-and-import-it-to-aws

• ←Previous
• Next→