Mengekspor Amazon Machine Image (AMI) ke file VM berguna saat Anda ingin menerapkan instance baru ke lingkungan virtualisasi yang ada di lokal. Misalnya seperti menggunakan vmware, hyperv, xen. dan kvm
Hasil image akan disimpan ke Amazon S3 sehingga Anda perlu membuat dulu bucket dan setting permission bucket
Buat bucket #
aws s3 mb s3://mybucket
Selanjutya setting permission dengan cara membuat file policy.json dan edit seperti berikut.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::mybucket/*"
}
]
}
Update policy
aws s3api put-bucket-policy --bucket mybucket --policy file://policy.json
Export image #
Service role #
Buat file bernama trust-policy.json dan edit seperti berikut
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": { "Service": "vmie.amazonaws.com" },
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals":{
"sts:Externalid": "vmimport"
}
}
}
]
}
Gunakan perintah create-role untuk membuat role bernama `vmimport
aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
Buat file bernama role-policy.json lalu edit dengan menyesuaikan nama bucket
{
"Version":"2012-10-17",
"Statement":[
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket"
],
"Resource": [
"arn:aws:s3:::mybucket",
"arn:aws:s3:::mybucket/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:PutObject",
"s3:GetBucketAcl"
],
"Resource": [
"arn:aws:s3:::mybucket",
"arn:aws:s3:::mybucket/*"
]
},
{
"Effect": "Allow",
"Action": [
"ec2:ModifySnapshotAttribute",
"ec2:CopySnapshot",
"ec2:RegisterImage",
"ec2:Describe*"
],
"Resource": "*"
}
]
}
Gunakan perintah put-role-policy untuk attach policy pada role yang dibuat sebelumya
aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json
Start an export image task #
aws ec2 export-image --image-id ami-id --disk-image-format VMDK --s3-export-location S3Bucket=mybucket,S3Prefix=exports/
disk image format dapat berupa VMDK, RAW, dan VHD
Monitor an export image task #
aws ec2 describe-export-image-tasks --export-image-task-ids export-ami-1234567890abcdef0
Output
{
"ExportImageTasks": [
{
"ExportImageTaskId": "export-ami-1234567890abcdef0"
"Progress": "21",
"S3ExportLocation": {
"S3Bucket": "mybucket",
"S3Prefix": "exports/"
},
"Status": "active",
"StatusMessage": "updating"
}
]
}
Cancel an export image task #
aws ec2 cancel-export-task --export-task-id export-ami-1234567890abcdef0