Import Your VM as an EC2/AMI Image
http://docs.aws.amazon.com/vm-import/latest/userguide/import-vm-image.html
After exporting your VM from your virtualization environment, you can import it to Amazon EC2. The import process is the same regardless of the origin of the VM.
Tasks
Prerequisites
You must provide an Amazon S3 bucket and an IAM role named vmimport
.
Amazon S3 Bucket
VM Import requires an Amazon S3 bucket to store your disk images, in the region where you want to import your VMs. You can create a bucket as follows, or use an existing bucket if you prefer.
(Optional) To create an S3 bucket
- Open the Amazon S3 console at https://console.aws.amazon.com/s3/.
- Choose Create Bucket.
- In the Create a Bucket dialog box, do the following:
- For Bucket Name, type a name for your bucket. This name must be unique across all existing bucket names in Amazon S3. In some regions, there might be additional restrictions on bucket names. For more information, see Bucket Restrictions and Limitations in the Amazon Simple Storage Service Developer Guide.
- For Region, select the region that you want for your AMI.
- Choose Create.
VM Import Service Role
VM Import requires a role to perform certain operations in your account, such as downloading disk images from an Amazon S3 bucket. You must create a role named vmimport
with a trust relationship policy document that allows VM Import to assume the role, and you must attach an IAM policy to the role.
To create the service role
- Create a file named
trust-policy.json
with the following policy:{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "vmie.amazonaws.com" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals":{ "sts:Externalid": "vmimport" } } } ] }
You can save the file anywhere on your computer. Take note of the location of the file, because you’ll specify the file in the next step.
- Use the create-role command to create a role named
vmimport
and give VM Import/Export access to it. Ensure that you specify the full path to the location of thetrust-policy.json
file.aws iam create-role --role-name vmimport --assume-role-policy-document file://trust-policy.json
- Create a file named
role-policy.json
with the following policy, wheredisk-image-file-bucket
is the bucket where the disk images are stored:{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket", "s3:GetBucketLocation" ], "Resource": [ "arn:aws:s3:::
disk-image-file-bucket
" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::disk-image-file-bucket
/*" ] }, { "Effect": "Allow", "Action":[ "ec2:ModifySnapshotAttribute", "ec2:CopySnapshot", "ec2:RegisterImage", "ec2:Describe*" ], "Resource": "*" } ] } - Use the following put-role-policy command to attach the policy to the role created above. Ensure that you specify the full path to the location of the
role-policy.json
file.aws iam put-role-policy --role-name vmimport --policy-name vmimport --policy-document file://role-policy.json
For more information about IAM roles, see IAM Roles in the IAM User Guide.
Import the VM
You can upload your VMs to your Amazon S3 bucket using the upload tool of your choice. After you upload your VM to Amazon S3, you can use the AWS CLI to import the image. These tools accept either a URL (public Amazon S3 file, a signed GET URL for private Amazon S3 files) or the Amazon S3 bucket and path to the disk file.
Use the import-image command to create an import image task.
Example 1: Import an OVA
aws ec2 import-image --description "Windows 2008 OVA
" --disk-containers file://containers.json
The following is an example containers.json
file.
[
{
"Description": "Windows 2008 OVA
",
"Format": "ova",
"UserBucket": {
"S3Bucket": "my-import-bucket
",
"S3Key": "vms/my-windows-2008-vm.ova
"
}
}]
Example 2: Import Multiple Disks
aws ec2 import-image --description "Windows 2008 VMDKs" --disk-containers file://containers.json
The following is an example containers.json
file.
[
{
"Description": "First disk
",
"Format": "vmdk
",
"UserBucket": {
"S3Bucket": "my-import-bucket
",
"S3Key": "disks/my-windows-2008-vm-disk1.vmdk
"
}
},
{
"Description": "Second disk
",
"Format": "vmdk
",
"UserBucket": {
"S3Bucket": "my-import-bucket
",
"S3Key": "disks/my-windows-2008-vm-disk2.vmdk
"
}
}
]
Check the Status of the Import Task
Use the describe-import-image-tasks command to return the status of an import task.
Status values include the following:
active
— The import task is in progress.deleting
— The import task is being canceled.deleted
— The import task is canceled.completed
— The import task is completed and the AMI is ready to use.
aws ec2 describe-import-image-tasks --import-task-ids import-ami-fgxn195v
(Optional) Cancel an Import Task
Use the cancel-import-task command to cancel an active import task.
aws ec2 cancel-import-task --import-task-id import-ami-fg4z7c9h
Next Steps
Now that you have an AMI, you can launch it as an instance or copy it to another region. For more information, see the following topics in the Amazon EC2 documentation.
Windows