 | Feedback |  |
You can share an AMI with specific users without making the AMI public. All you need is the user's AWS user's account ID, which is available on the AWS Account Activity page.
To grant explicit launch permissions
Enter the following command:
PROMPT>ec2-modify-image-attribute<ami_id>-l -a<user_id>
where <ami_id> is the ID of the AMI and
<user_id> is the user's account ID, without hyphens.
To remove launch permissions for a user
Enter the following command:
PROMPT>ec2-modify-image-attribute<ami_id>-l -r<user_id>
where <ami_id> is the ID of the AMI and
<user_id> is the user's account ID, without hyphens.
To remove all launch permissions
Enter the following command to remove all public and explicit launch permissions:
PROMPT>ec2-reset-image-attribute<ami_id>-l
where <ami_id> is the ID of the AMI.
![[Note]](images/note.png) | Note |
|---|---|
The AMI owner always has rights to the AMI and will be unaffected by the ec2-reset-image-attribute command. |
Example
The following example grants launch permissions to the 495219933132 user for the ami-2bb65342 AMI:
PROMPT>ec2-modify-image-attributelaunchPermission ami-2bb65342 ADD userId 495219933132ami-2bb65342-l -a495219933132
The following example removes launch permissions from the 495219933132 user for the ami-2bb65342 AMI:
PROMPT>ec2-modify-image-attributelaunchPermission ami-2bb65342 REMOVE userId 495219933132ami-2bb65342-l -r495219933132
The following example removes all public and explicit launch permissions from the ami-2bb65342 AMI:
PROMPT>ec2-reset-image-attributelaunchPermission ami-2bb65342 RESETami-2bb65342-l
