How do I transfer an Amazon EC2 instance or AMI to a different AWS account?

Last updated: 2020-06-23

I want to transfer an Amazon Elastic Compute Cloud (Amazon EC2) instance or Amazon Machine Image (AMI) from one Amazon Web Services (AWS) account to another. How can I do this?

Short description

It's not possible to transfer existing instances or AMIs between AWS accounts. Instead, you can manually migrate an EC2 image from one AWS account to another. First, create an Amazon Machine Image (AMI) based on the original EC2 instance from the source account. Then, share the AMI with the target account, and launch a new instance based on that AMI from the target account. Finally, create your own copy of the AMI on the target account to begin using it on the different account or to use as a backup.

Resolution

Note: The following steps apply only to instances with unencrypted Amazon Elastic Block Store (Amazon EBS) volumes.

  1. Create a custom AMI from the instance that you want to use as the source account. Be sure to include all required EBS data volumes in the AMI. Be sure that the AMI does not have a static IP configuration, as this can result in connectivity issues. For instructions, see Creating a Windows AMI from a running instance or Creating a Linux AMI from an instance.
    Note: Data stored on instance store volumes isn't preserved in AMIs, and won't be on the instance store volumes of the instances that you launch from the AMI.
  2. Share the AMI with the target account using either the Amazon EC2 console or the AWS Command Line Interface (AWS CLI). For instructions, see User Guide for Windows Instances - Sharing an AMI with specific AWS accounts or User Guide for Linux Instances - Sharing an AMI with specific AWS accounts.
    Note: If you receive errors when running AWS CLI commands, make sure that you’re using the most recent version of the AWS CLI.
  3. From the target account, find the AMI using the EC2 console or the AWS CLI.
  4. Launch a new instance from the shared AMI on the target account. To import a key pair from a previous account, see Import your own public key to Amazon EC2.
    Note: For Amazon Virtual Private Cloud (Amazon VPC) instances, the private IP address will be different in the new account unless specifically set during launch.
  5. Create a custom AMI from the target account instance. It's a best practice to use this copy to avoid complications after the source account deregisters the originally shared AMI.
  6. Deregister the AMI on the source account if you don't need to run any instances from it. For information about how to terminate running instances and delete associated snapshots, see Cleaning up your Amazon EBS-backed AMI.

Note: If you share an AMI from account A to account B, and then deregister the AMI from account A, you can't launch new instances from the AMI in account B. You can opt to leave the AMI registered in account A so that you can launch new instances from it later. Or, utilize one of the following workarounds so that you can deregister the AMI and retain the capability to launch new instances:

  • Launch new instances from the shared AMI in account B before you deregister the AMI in account A. Deregistering the AMI in the original account doesn't impact instances launched from the shared AMI. If you need to launch new instances after deregistering the AMI, you can create a new AMI from one of the new instances.
  • Copy the AMI to the same Region or a different Region in account B. This allows you to preserve the original AMI and also creates a backup without using it in account B.