Red Hat Training

A Red Hat training course is available for RHEL 8

5.3. Pushing images to AWS Cloud AMI

The ability to push the output image that you create to AWS Cloud AMI is available this time. This describes steps to push .ami images you create using Image Builder to Amazon AWS Cloud service provider.


  • You must have root or wheel group user access to the system.
  • You have opened the Image Builder interface of the RHEL 8 web console in a browser.
  • You must have an Access Key ID configured in the AWS IAM account manager.
  • You must have a writable S3 bucket prepared.


  1. Click Create blueprint to create a blueprint. See Creating an Image Builder blueprint in the web console interface.
  2. Select the components and packages that you want as part of the image you are creating.
  3. Click Commit to commit the changes you made to the blueprint.

    A small pop-up on the superior right side informs you of the saving progress and then the result of the changes you commited.

  4. Click blueprint name link on the left banner.
  5. Select the tab Images.
  6. Click Create Image to create your customized image.

    A pop-up window opens.

    1. From the "Type" drop-down menu list, select the `"Amazon Machine Image Disk (.ami)"' image.
    2. Check the "Upload to AWS" check box to upload your image to the AWS Cloud and click Next.
    3. To authenticate your access to AWS, type your "AWS access key ID" and "AWS secret access key" in the corresponding fields. Click Next.


      You can view your AWS secret access key only when you create a new Access Key ID. If you do not know your Secret Key, generate a new Access Key ID.

    4. Type the name of the image in the "Image name" field, type the Amazon bucket name in the "Amazon S3 bucket name" field and type the "AWS region" field for the bucket you are going to add your customized image to. Click Next.
    5. Review the information you provided and once you are satisfied, click Finish.

      Optionally, you can click Back to modify any incorrect detail.


      You must have the correct IAM settings for the bucket you are going to send your customized image. We are using the IAM Import and Export, so you have to setup a policy to your bucket before you are able to upload images to it. For more information, see Required Permissions for IAM Users.

  7. A small pop-up on the superior right side informs you of the saving progress. It also informs that the image creation has been initiated, the progress of this image creation and the subsequent upload to the AWS Cloud.

    Once the process is complete, you can see the "Image build complete" status.

  8. Click Service→EC2 on the menu and choose the correct region in the AWS console. The image must have the "Available" status, to indicate that it is uploaded.
  9. On the dashboard, select your image and click Launch.
  10. A new window opens. Choose an instance type according to the resources you need to launch your image. Click Review and Launch.
  11. Review your instance launch details. You can edit each section if you need to make any change. Click Launch
  12. Before you launch the instance, you must select a public key to access it.

    You can either use the key pair you already have or you can create a new key pair. Alternatively, you can use Image Builder to add a user to the image with a preset public key. See Creating a user account with SSH key for more details.

    Follow the next steps to create a new key pair in EC2 and attach it to the new instance.

    1. From the drop-down menu list, select "Create a new key pair".
    2. Enter the name to the new key pair. It generates a new key pair.
    3. Click "Download Key Pair" to save the new key pair on your local system.
  13. Then, you can click Launch Instance to launch your instance.

    You can check the status of the instance, it shows as "Initializing".

  14. Once the instance status is "running", the Connect button turns available.
  15. Click Connect. A popup window appears with instructions on how to connect using SSH.

    1. Select the preferred connection method to "A standalone SSH client" and open a terminal.
    2. In the location you store your private key, make sure that your key is publicly viewable for SSH to work. To do so, run the command:

      $ chmod 400 <your-instance-name.pem>_
    3. Connect to your instance using its Public DNS:

      $ ssh -i "<_your-instance-name.pem_"> ec2-user@<_your-instance-IP-address_>
    4. Type "yes" to confirm that you want to continue connecting.

      As a result, you are connected to your instance using SSH.

Verification steps

  1. Check if you are able to perform any action while connected to your instance using SSH.