Created
January 24, 2017 16:16
-
-
Save warp3r/ca72b00d8c4b18bd6c17b11cf6166cf1 to your computer and use it in GitHub Desktop.
Massive AMI and Snapshot sharing between accounts with AWS CLI
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# In some cases you may need to share a huge amount of AMIs between two AWS accounts. | |
# You can do it through the web interface of AWS or you can do it with the CLI. | |
# | |
# With the web interface it's slow as you need to do several clicks per AMI. | |
# With the CLI you need to know the snapshots that conform every AMI you want to share as you need | |
# to individually share them as well. | |
# | |
# AWS documentation tells you how to do it "theoretically" but no practical example | |
# (see http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-explicit.html) | |
# | |
# With JQ and the CLI you can do it only with the AMI ID's if you follow these steps: | |
# | |
# 0. Install JQ (https://stedolan.github.io/jq/ ; if you are on MacOSX get brew - brew.sh - and do "brew install jq") | |
# 1. Install AWSCLI (https://aws.amazon.com/en/cli/) | |
# 2. define some variables | |
# list of ami's separated by space | |
amis="ami-123456 ami-244566" | |
# destination account (the one that will be granted access to the AMIs and snapshots) | |
accountid="1234567" | |
# profile to use (or default) | |
awsprofile="default" | |
# 3.1: share all AMIs with $accountid | |
for i in ${amis} | |
do | |
aws ec2 modify-image-attribute --image-id ${i} --launch-permission "{\"Add\":[{\"UserId\":\"${accountid}\"}]}" --profile $awsprofile | |
done | |
# 3.2: share all snapshots with $accountid | |
for i in ${amis} | |
do | |
snaps=$(aws ec2 describe-images --profile $awsprofile --image-ids ${i} --query 'Images[*].BlockDeviceMappings[*].Ebs.SnapshotId' | jq '.[0][]' | tr -d \") | |
echo $snaps | |
for j in $snaps | |
do | |
aws ec2 modify-snapshot-attribute --snapshot-id ${j} --attribute createVolumePermission --operation-type add --user-ids ${accountid} --profile $awsprofile | |
done | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment