Start preparing for your Next Exam | Use coupon – TOGETHER | Avail 30% discount

AMIs

  1. Home
  3. AWS Certified Solutions Architect Professional (SAP-C02)
  5. AMIs

An AMI

  • Expands to Amazon Machine Image
  • Is a configuration detail
  • provides information required to launch an instance.
  • Can launch multiple instances from a single AMI if multiple instances with same configuration is needed.
  • Use different AMIs to launch instances with different configurations.

An AMI includes

  • One or more EBS snapshots, or for instance-store-backed AMIs, a template for the root volume of the instance (for example, an operating system, an application server, and applications).
  • Launch permissions controlling which AWS accounts can use AMI to launch instances.
  • A block device mapping specifying volumes to attach to instance when it’s launched.

AMI Types based on characteristics:

  • Region
  • Operating system
  • Architecture (32-bit or 64-bit)
  • Launch Permissions
    • public  – The owner grants launch permissions to all AWS accounts.
    • explicit  – The owner grants launch permissions to specific AWS accounts.
    • implicit  – The owner has implicit launch permissions for an AMI.
  • Storage for the Root Device
    • Backed by Amazon EBS – root device for an instance launched from the AMI is an Amazon EBS volume created from an Amazon EBS snapshot.
  • Backed by instance store- root device for an instance launched from AMI is an instance store volume created from a template stored in Amazon S3.

Sharing AMIs

  • Shared AMI is an AMI that a developer created and made available for other developers to use.
  • Using shared AMI at own risk
  • AMIs with encrypted volumes cannot be made public
  • can share an AMI with specific AWS accounts without making the AMI public
  • Use the modify-image-attribute command (AWS CLI) to share an AMI
  • Can also create a bookmark that allows a user to access AMI and launch an instance in their own account

Sharing an AMI (Console)

  • Open the Amazon EC2 console at https://console.aws.amazon.com/ec2/.
  • In the navigation pane, choose AMIs.
  • Select AMI in the list, and then choose Actions, Modify Image Permissions.
  • Specify the AWS account number of the user with whom you want to share the AMI in the AWS Account Number field, then choose Add Permission.

AMI sharing Guidelines

  • Update the AMI Tools Before Using Them
  • Disable Password-Based Remote Logins for Root
  • Disable Local Root Access
  • Remove SSH Host Key Pairs
  • Install Public Key Credentials
  • Disabling sshd DNS Checks (Optional)

 

Menu