Not able to Access Restored Ec2 Instance from Another AWS Account

Question

So, i have a scenario like, I have enabled cross-account backup, and am successfully able to copy my Windows Ec2 backup to my another AWS Account, which is also part of the same organization. but when I am trying to restore that it launches the instance but its Instance status checks give the Instance reachability check failed error. I am not able to find  the reason, also I found that instance is getting launch without any key-pair attached.
can anyone pls help me to figure out the issue and suggest any possible resolution?

Accepted Answer

SO i have static ip for the instance which i took Snapshot of, so i change the IP allocation to DHCP and then took a snapshot and shared it to another account, and it worked.

Answer

Is any of the EBS volumes encrypted with the standard aws/ebs kms key?

This can be in issue when restoring a snapshot from a different AWS account and you generally need to re-encrypt the snapshot of the EC2 instance with a key that can be used from the destination account.

https://aws.amazon.com/blogs/security/how-to-share-encrypted-amis-across-accounts-to-launch-encrypted-ec2-instances/

Answer

Hi,

If you take a EC2 snapshot in one account and restore it in another, you will face security issues: the EC2 instance is only reachacble with the access keys of your source account that are not available in your target account. Hence the reachability issue,

The simplest way to achieve what you want is to go via AMIs that can be shared (hence restored) across accouts.

Please, follow this guidance to do achieve what you want: https://repost.aws/knowledge-center/account-transfer-ec2-instance

Best,

Didier

Not able to Access Restored Ec2 Instance from Another AWS Account

Relevanter Inhalt