SQL Server administration and T-SQL development, Web Programming with ASP.NET, HTML5 and Javascript, Windows Phone 8 app development, SAP Smartforms and ABAP Programming, Windows 7, Visual Studio and MS Office software
Development resources, articles, tutorials, code samples, tools and downloads for AWS Amazon Web Services, Redshift, AWS Lambda Functions, S3 Buckets, VPC, EC2, IAM

Delete Amazon AMI Image using AWS Management Console and AWS CLI Commands

Although to create AMI or Amazon Machine Image from an existing Amazon EC2 instance is straight forward, to delete the same AMI image cloud engineers should take two steps. To delete an AMI image, first the AMI image should be un-registered using deregester action. Then the Elastic Block Store snapshots created during AMI creation should be deleted.

In this AWS tutorial, I want to show the steps with screenshots from AWS Management Console to understand the steps clearly.

Amazon Machine Images AMI
Amazon Machine Images AMIs

Launch AWS Management Console.
Then switch to Amazon EC2 service and open the Amazon EC2 Dashboard.
Be sure that you are in the AWS Region where the AMI (Amazon Machine Image) is created.
You can select the appropriate region from the upper right corner menu where all available AWS regions are listed.

On Amazon EC2 Dashboard, on the left side menu you will see Images listing AMIs menu option.

Amazon EC2 Dashboard AMI Images

Click on AMIs

A list of all Amazon Machine Images aka AMIs created on that AWS region will be listed in the screen.
You can get the list of all AMI images owned by you, list of all private AMIs or the list of all public AMIs valid in current AWS region.

list of Amazon EC2 AMI images owned by me

If you cannot see the AMI image that you want to delete, then switch to another AWS region and check AMIs list on EC2 Dashboard for that specific Amazon Machine Image.

If you see the AMI in the list, mark the checkbox next to the AMI name column.
Be sure that you copy the ID of the AMI image into a safe place because just a few steps later we will be using the AMI ID to filter related EBS snapshot among many others.
Then as the first step from Actions menu select Deregister action.

first deregister Amazon EC2 AMI Image to delete AMI

When you are requested to confirm the deregistration of the AMI image, press Continue button for next step.

deregister Amazon EC2 AMI Image

Within a few second the deregistration step will be completed and the target AMI image will be removed from the available AMIs list.

On Amazon EC2 Dashboard, on left side menu bar you will see Snapshots among Elastic Block Store menu options.
Click on Snopshots
It is possible that there are listed many EBS snapshots under your account. To find the correct snapshot, use the AMI ID in the filter bar as seen in following screenshot.

filter EBS snaphots for Amazon EC2 Image deletion

When you select the EBS snapshot you will see the Amazon AMI image id is referenced in Description and partially in the Snapshot ID

While the EBS snapshot is selected, use the Actions button and click to Delete from available actions list.

delete EBS snapshot created for AMI image

To delete the EBS snapshot which is created automatically for the Amazon AMI image, you will be requested to confirm the Delete action. Click Yes, Delete to continue.

delete Amazon EBS snapshot

The EBS (Elastic Block Store) snapshot will be deleted within seconds.

If you are using infrastructure as code approach, for example using AWS CLI "ec2-create-image" command will create an image using the EC2 instance provided as a command argument. In this scenario where we want to delete the AMI image, first we should use the AWS CLI "ec2-deregister" command to remove the AMI image from the AMIs list. Following deregisteration, the EBS snapshots can be deleted via "ec2-delete-snapshot" command. To identify the correct EBS snapshots by code, before deregistration AWS EC2 "describe-images" command can be used.

Assume that you want to delete an AMI image with AMI ID ami-0f0de60c74f5899f0
Then following AWS CLI command can be executed to get details about the Amazon AMI image like EBS snapshot id before deregister the AMI.

aws --region eu-central-1 ec2 describe-images --image-ids ami-0f0de60c74f5899f0 --no-verify-ssl
Get Amazon AMI Image details using AWS CLI command

I added the AWS region code and the no-verify-ssl options just to be on the safe side while executing AWS CLI command.

identify Amazon EBS snapshot created for EC2 AMI image using AWS CLI command

Now we can continue with deregister AMI image step. Here is the AWS CLI command

aws ec2 deregister-image --image-id ami-0f0de60c74f5899f0
AWS CLI EC2 deregister Amazon AMI Image command

You see in following screenshot, I got an error message.

SSL validation failed for https://ec2.us-east-1.amazonaws.com/ [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1076)

AWS CLI command error SSL validation failed

If I look at the error message carefully I can see that I require to use the --no-verify-ssl AWS CLI command option to get rid of "SSL: CERTIFICATE_VERIFY_FAILED" error.
I can also see that the region in the error message is different than the region where the AMI image is created.
The region in the failed AWS CLI command error is showing that my default AWS CLI configuration is for us-east-1 region which is US East (N. Virginia)

Actually because of these causes, I use the region and no-verify-ssl options while executing AWS CLI commands. Here is the modified command.

aws --region eu-central-1 ec2 deregister-image --image-id ami-0f0de60c74f5899f0 --no-verify-ssl
AWS CLI command to deregister Amazon AMI Image

AWS CLI EC2 deregister AMI image command

When the command execution is completed, if you refresh the AMIs list you won't see the Amazon Machine Image among available AMIs in that region.

Now we can delete the EBS snapshot using following AWS CLI command.

aws --region eu-central-1 ec2 delete-snapshot --snapshot-id snap-07c5b5532ede022d1 --no-verify-ssl
AWS CLI command to delete EC2 Snapshot

AWS CLI EC2 delete snapshot command

I hope this AWS tutorial will be useful for AWS Management Console users as well as AWS CLI users and programmers building IaC applications via AWS CLI commands.


Copyright © 2004 - 2021 Eralper YILMAZ. All rights reserved.