A couple of months ago I decided to spend some time playing around with importing and exporting virtual machines from Amazon’s EC2. I spent some time installing and configuring various tools and reading through documentation trying to figure out how I was going to do what I wanted to do. I eventually realized that what I wanted to do was not possible, but not due to technical limitations.

I ended up spending quite a bit of time reading through documentation, and in my opinion the restrictions preventing what I wanted to accomplish were not particularly well communicated. Ultimately I came away a bit disappointed. This is significant to me because it is the first time AWS has really let me down.

Apparently, AWS does not permit exporting an Amazon EC2 instance that was not imported. I respect Amazon’s right to define the terms of the services they offer, but I find several of the particulars of this situation rather frustrating.

First, I did not find anywhere that this is explicitly stated in the AWS documentation. The closest thing I found was the following line from Exporting Amazon EC2 Instances:

If you have previously imported an instance into Amazon EC2…

The phrasing indicates a positive qualification for some VMs, but not a disqualifying requirement for all VMs. In fact, I did not find this as an explicit requirement for all VMs anywhere in the available documentation. I found confirmations on a thread in the AWS Developer Forums and this blog post.

In fact, the poor documentation of this limitation is the primary reason for this blog post. I did not really feel that this subject warranted discussion, but I spent enough time researching this limitation that I felt like it may be beneficial to others to post about it. Since I am now on the soapbox, I may as well spend enough time up here to make the step up worth the effort.

Virtual machine portability is a fairly significant selling point for the service, and as such, this requirement should be indicated in more generalized documentation pertaining to the EC2 service. In my opinion, this requirement should also be indicated at instance creation to inform users that if a machine is created from an AMI it simply cannot be exported. The impact of this limitation is compounded by AWS not having broad support for importing Linux based VMs, allowing only the following distributions:

The limited selection of supported Linux distributions raises another point: Amazon Linux is not itself an official distribution. It simply is not available for installation outside of EC2. In other words, it is not possible to install and configure the OS on an external machine and then import it. This may seem like a minor concern, but it is actually quite significant. These and other limitations also raise the very real concern of vendor lock-in. In fact, others have gone so far as to say Do Not Use Amazon Linux.

I should point out that the limitations I have described apply to the Amazon EC2 CLI, and that it may very well be possible to export VMs from EC2 using a third party tool such as VMware vCenter Converter2. Of course, even if an Amazon Linux based VM were successfully exported the question of whether or not it could be imported would remain. Factor in the additional concerns, especially regarding maintainability, and the real question becomes “Why bother?”


1 There are also limitations on which versions of the distribution may be imported, though in my opinion this is understandable.

2 I have not used this tool for doing V2V conversions, but have had great success using it for P2V conversions in the past.

2 comments so far

Add Your Comment
  1. Nice write up! So it seems the Hotel California scenario is still in play for native AWS created VMs. To your point on third party tools, its most likely going to take non-amazon based tools sets to accomplish a successful export.

  2. Thank you. I like your use of the phrase “Hotel California scenario”, in fact it describes this situation quite well. I am actually fairly confident that AMI based VMs could be exported using third party tools, but at this point I just do not see any benefit to trying to do so.