warp3r/massive_ami_and_snapshot_sharing_with_aws_cli.txt

## massive_ami_and_snapshot_sharing_with_aws_cli.txt
#!/bin/bash
# In some cases you may need to share a huge amount of AMIs between two AWS accounts.
# You can do it through the web interface of AWS or you can do it with the CLI.
#
# With the web interface it's slow as you need to do several clicks per AMI.
# With the CLI you need to know the snapshots that conform every AMI you want to share as you need
# to individually share them as well.
#
# AWS documentation tells you how to do it "theoretically" but no practical example
# (see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-explicit.html)
#
# With JQ and the CLI you can do it only with the AMI ID's if you follow these steps:
#
# 0. Install JQ (https://stedolan.github.io/jq/ ; if you are on MacOSX get brew - brew.sh - and do "brew install jq")
# 1. Install AWSCLI (https://aws.amazon.com/en/cli/)

# 2. define some variables

# list of ami's separated by space
amis="ami-123456 ami-244566"
# destination account (the one that will be granted access to the AMIs and snapshots)
accountid="1234567"
# profile to use (or default)
awsprofile="default"

# 3.1: share all AMIs with $accountid
for i in ${amis}
do
aws ec2 modify-image-attribute --image-id ${i} --launch-permission "{\"Add\":[{\"UserId\":\"${accountid}\"}]}" --profile $awsprofile
done

# 3.2: share all snapshots with $accountid
for i in ${amis}
do
snaps=$(aws ec2 describe-images --profile $awsprofile --image-ids ${i} --query 'Images[*].BlockDeviceMappings[*].Ebs.SnapshotId' | jq '.[0][]' | tr -d \")
echo $snaps
for j in $snaps
do
aws ec2 modify-snapshot-attribute --snapshot-id ${j} --attribute createVolumePermission --operation-type add --user-ids ${accountid} --profile $awsprofile
done
done
	#!/bin/bash
	# In some cases you may need to share a huge amount of AMIs between two AWS accounts.
	# You can do it through the web interface of AWS or you can do it with the CLI.
	#
	# With the web interface it's slow as you need to do several clicks per AMI.
	# With the CLI you need to know the snapshots that conform every AMI you want to share as you need
	# to individually share them as well.
	#
	# AWS documentation tells you how to do it "theoretically" but no practical example
	# (see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-explicit.html)
	#
	# With JQ and the CLI you can do it only with the AMI ID's if you follow these steps:
	#
	# 0. Install JQ (https://stedolan.github.io/jq/ ; if you are on MacOSX get brew - brew.sh - and do "brew install jq")
	# 1. Install AWSCLI (https://aws.amazon.com/en/cli/)

	# 2. define some variables

	# list of ami's separated by space
	amis="ami-123456 ami-244566"
	# destination account (the one that will be granted access to the AMIs and snapshots)
	accountid="1234567"
	# profile to use (or default)
	awsprofile="default"

	# 3.1: share all AMIs with $accountid
	for i in ${amis}
	do
	aws ec2 modify-image-attribute --image-id ${i} --launch-permission "{\"Add\":[{\"UserId\":\"${accountid}\"}]}" --profile $awsprofile
	done

	# 3.2: share all snapshots with $accountid
	for i in ${amis}
	do
	snaps=$(aws ec2 describe-images --profile $awsprofile --image-ids ${i} --query 'Images[].BlockDeviceMappings[].Ebs.SnapshotId' \| jq '.[0][]' \| tr -d \")
	echo $snaps
	for j in $snaps
	do
	aws ec2 modify-snapshot-attribute --snapshot-id ${j} --attribute createVolumePermission --operation-type add --user-ids ${accountid} --profile $awsprofile
	done
	done