After a custom image is created, you can export the image file in the Elastic Compute Service (ECS) console to an Object Storage Service (OSS) bucket and then download the image file from the bucket to your on-premises computer to analyze and back up the image. This topic describes how to export a custom image and the items that you must take note of when you export the image.
Prerequisites
- An OSS bucket is created in the region where the custom image that you want to export resides. For more information, see Create buckets.
- An Alibaba Cloud account and a Resource Access Management (RAM) user meet the requirements described in the following table for exporting custom images. For more information, see Permissions.
Background information
Requirements
Item | Description |
---|---|
Image format | Custom images that were derived from Alibaba Cloud Marketplace images cannot be exported. |
Operating system | Images that contain Windows Server operating systems cannot be exported. |
Number and capacity of data disks |
|
Usage notes
Item | Description |
---|---|
Export fee | Exported image files are stored in OSS buckets. As a result, when you export custom images, you are charged the fees of both OSS storage and traffic used to download the files from the buckets. For information about OSS billing details, see Billing overview. |
Export duration | The amount of time it takes to export a custom image depends on the size of the image file and the number of concurrent export tasks in the queue. |
Exported image file | If an exported custom image contains data disk snapshots, multiple image files are
generated and reside in the same OSS bucket.
Note Files whose names contain system are system disk snapshots. Files whose names contain data are data disk snapshots. The identifier of a data disk snapshot is the mount point
of the source data disk, such as xvdb and xvdc.
|
Other |
|
Permissions
- ECS access permissions on OSS resources
Log on to the RAM console by using an Alibaba Cloud account and authorize ECS to access OSS resources. This way, ECS assumes the
AliyunECSImageExportDefaultRole
role to obtain the permissions. - Permissions to manage OSS bucketsIf you are using a RAM user, you must contact the owner of the corresponding Alibaba Cloud account to authorize the RAM user to manage OSS buckets.
- Create custom policies for a RAM user by using an Alibaba Cloud account. For more
information, see Create a custom policy on the JSON tab.
- Grant only read permissions on OSS buckets to a RAM user
If you use an Alibaba Cloud account to create OSS buckets and want to use a RAM user to export custom images, you must grant read permissions on OSS buckets to the RAM user. Sample policy:
{ "Version": "1", "Statement": [ { "Action": [ "oss:GetObject", "oss:GetBucketLocation", "oss:GetBucketInfo" ], "Resource": "*", "Effect": "Allow" } ] }
- Grant read and write permissions on OSS buckets to a RAM user
If you want to use a RAM user to create OSS buckets and export custom images, you must grant read and write permissions on OSS buckets to the RAM user. Sample policy:
{ "Version": "1", "Statement": [ { "Action": [ "oss:GetObject", "oss:GetBucketLocation", "oss:GetBucketInfo" "oss:GetObject", "oss:PutObject", "oss:DeleteObject", "oss:GetBucketLocation", "oss:AbortMultipartUpload", "oss:ListMultipartUploads", "oss:ListParts", "oss:GetBucketInfo", "oss:GetBucketUserQos" ], "Resource": "*", "Effect": "Allow" } ] }
- Grant only read permissions on OSS buckets to a RAM user
- Attach custom policies to the RAM user by using the Alibaba Cloud account. For more information, see Grant permissions to a RAM user. For information about how to grant read and write permissions on a specified OSS bucket to a RAM user, see Tutorial: Use RAM policies to control access to OSS.
- Create custom policies for a RAM user by using an Alibaba Cloud account. For more
information, see Create a custom policy on the JSON tab.