Share AmiTags in DistributionConfiguration

[taylorbartley]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Tell us about your request I would like the AmiTags attribute specified in the DistributionConfiguration resource to be shared with the distributed AMIs.

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard? My team is attempting to restrict launching EC2 instance to AMIs with a particular tag, similarly to this AWS blog post, and we would like ImageBuilder to make and share these AMIs. I've noticed that when you define AmiTags, these are added to the AMIs in the account where the AMI is built, but they don't appear for the shared AMIs in the downstream accounts. If they could be present when an AMI is distributed, that may save us quite a bit of operational overhead to manage this restriction.

Are you currently working around this issue? We've only brainstormed so far, but the potential workaround would be a lambda function to copy tags from built AMIs to their shared counterparts.

Additional context N/a.

Attachments N/a

[henrivdr01]

I guess this is not an ImageBuilder limitation itself, rather part of the code that does the AMI sharing in general, (launchPermission). @girishb-aws can you point us to where we can request the functionality in the AMI sharing code?