Menu Close
Settings Close

Language and Page Formatting Options

Chapter 22. Troubleshooting: Deleting copies of shared images from your AWS account

When you create a source for an AWS account to enable public cloud metering for the subscriptions service, the account is inspected to find RHEL based images and the instances for those images. For some images, a metadata inspection can find known markers for rapid identification. For other images, a file system inspection is required to find this data. When a file system inspection is required, the public cloud metering inspection process copies the image into a Red Hat AWS account and adds it into a running instance to do the inspection tasks.

However, in some cases an image cannot be copied. For example, if the image in your AWS account is owned and shared by a third party, public cloud metering is aware that the image exists, but cannot copy it. In that case, the public cloud metering function uses the IAM role and policy granted during subscriptions source creation to make a reference copy of the original image. This reference copy image is stored in your account. The reference copy is used to make another copy of the image that is stored temporarily in the Red Hat AWS account for inspection purposes.

The reference copy is needed only for a short duration, to make the inspection copy of the image. However, the IAM profile that you created for public cloud metering does not contain the Amazon EC2 DeregisterImage action that would permit public cloud metering to delete the reference copy in your AWS account. Therefore, you must do these actions manually.


You should wait at least 24 hours after adding a source that contains a known shared and copied image before completing the deregister and delete actions on the reference copy of the image in your AWS account. This wait time ensures that the image is copied to the Red Hat AWS account for for inspection.


To deregister the AMI and delete the snapshot of the reference copy of the image:

  1. Sign in to the Amazon EC2 console and follow the steps to deregister a Linux AMI.


    For more information about how you delete an image, see the Amazon EC2 User Guide for Linux Instances and review the steps to deregister a Linux AMI.

  2. When you need to provide the AMI ID in the steps to deregister the AMI and to delete the snapshot, find the AMI ID that matches the following pattern, where original_AMI_name is the AMI name from the original third-party image:

    cloudigrade reference copy (original_AMI_name)
  3. Continue with the remaining steps to deregister a Linux AMI to complete this process.