Posted On: May 25, 2023
You can now share your Amazon Machine Images (AMIs) with Amazon Organizations and Organizational Units (OUs). Previously, you could share AMIs only with specific Amazon Web Services account IDs. To share AMIs with Amazon Organizations, you had to explicitly manage sharing of AMIs with Amazon Web Services accounts that were added to or removed from Amazon Organizations. With this new feature, you no longer have to update your AMI permissions because of organizational changes. AMI sharing will be automatically synced when organizational changes occur. This feature helps you centrally manage and govern your AMIs as you grow and scale your Amazon Web Services accounts.
You can share AMIs with Amazon Organizations and Organizational Units the same way as you share AMIs with specific accounts, allowing any account in that organization or organizational unit to describe and launch the AMI. To share the AMI, simply add the Org ID or OU ID in launch permissions of EC2 ModifyImageAttribute API.
This capability is available through the Amazon Command Line Interface (CLI), Management Console, and Software Development Kit (Amazon SDK) in the Amazon Web Services China (Beijing) Region, operated by Sinnet, and the Amazon Web Services China (Ningxia) Region, operated by NWCD. To learn more about sharing AMIs with organizations, please refer to the documentation here.