Share a snapshot with other Alibaba Cloud accounts

You can share disk snapshots with other Alibaba Cloud accounts or within your organization by using resource directories. Other Alibaba Cloud accounts can use your shared snapshots to quickly create cloud disks based on daily O&M requirements. This topic describes how to share a snapshot, use a shared snapshot, and unshare a snapshot. This topic also describes the considerations relevant to the preceding operations.

Note

Resource Directory is a service that can be used to manage the relationships between multiple accounts and resources. Resource Directory allows you to quickly establish an organizational structure based on your business requirements and consolidate the accounts of your organization into the structure to create a hierarchy for the resources of your organization. For more information, see What is Resource Directory?

Considerations

Before you share a snapshot, take note of the considerations. The following table describes the considerations.

Consideration	Description

Consideration	Description
Fees	You can share snapshots free of charge. You are charged when you use shared snapshots to create cloud disks and copy snapshots across regions.
Quotas	You can share a snapshot with up to 64 Alibaba Cloud accounts. Each Alibaba Cloud account can share up to 1,024 snapshots.
Limits on accounts	You can share snapshots only between Alibaba Cloud accounts. You cannot share snapshots between accounts on the China site and accounts on the international site.
Limits on encrypted snapshots	You cannot share snapshots that are encrypted with service keys. When you copy a shared encrypted snapshot or use the snapshot to create cloud disks, you must specify a different encryption key for the snapshot copy or disks, instead of using the encryption key of the snapshot. Note If you want to share a snapshot that is encrypted with a service key, copy the snapshot and select a customer master key (CMK) as the encryption key for the snapshot copy. Then, you can share the snapshot copy. For more information about the encryption keys of Elastic Compute Service (ECS) resources, see the Encryption keys section of the "Encrypt cloud disks" topic.
Other limits	You cannot use shared snapshots to create custom images. The ID of a shared snapshot is different from the ID of the source snapshot. You cannot use shared snapshots to roll back cloud disks. You cannot directly delete shared snapshots. Before you can delete a shared snapshot, you must unshare the snapshot. For information about how to unshare a snapshot, see the Unshare a snapshot section of the "Share a snapshot" topic. The accounts with which snapshots are shared cannot reshare the snapshots. Note If you want to reshare a snapshot that is shared with your account, perform one of the following operations: Create a cloud disk from the snapshot, create a snapshot of the new disk, and then share the new snapshot. Copy the snapshot and share the snapshot copy. You cannot extend the retention period of snapshots that are shared with your account. Note If a source snapshot is permanently retained, the retention period of each shared snapshot is three years, which is equal to 1,095 days. If a source snapshot is retained for a user-defined period of time, each shared snapshot has the same retention period as the source snapshot.

Preparations

Before you share a snapshot, make sure that the snapshot does not contain sensitive data or files.
Make preparations based on the scenario in which you want to share a snapshot.
- If you want to share a snapshot with other Alibaba Cloud accounts, obtain the IDs of the accounts.
  To obtain the ID of an Alibaba Cloud account, log on to the Alibaba Cloud Management Console with the Alibaba Cloud account and move the pointer over the profile picture in the upper-right corner. If the account has the Main Account tag, the account ID is an Alibaba Cloud account ID.
- To share a snapshot within your organization by using resource directories, you must enable resource directories by using management accounts or members. For more information, see Enable a resource directory.

Share a snapshot

Share a snapshot in the ECS console

Share a snapshot by using SDKs

A sharer shares a snapshot

(Conditionally required) Create a Resource Access Management (RAM) role and grant permissions to the RAM role.
Before you can share a snapshot that is encrypted with a Key Management Service (KMS) key in your Alibaba Cloud account with other Alibaba Cloud accounts, you must grant the permissions to access the KMS key in your Alibaba Cloud account to the other Alibaba Cloud accounts. For more information, see the Share encrypted resources across accounts section of the "Encryption-related permissions" topic.
Open the Add to Resource Share dialog box.
1. Go to ECS console - Snapshots.
2. In the top navigation bar, select the region and resource group of the resource that you want to manage.
3. On the Disk Snapshots tab, find the snapshot that you want to share and choose > Share Snapshot in the Actions column.
In the Add to Resource Share dialog box, configure the parameters.
1. Select the resource share that you created on the Shared By Me page in the Resource Management console.
  Note
  The Resources Sharing feature of Resource Management allows you to share snapshots with other Alibaba Cloud accounts. You can create resource shares to share your resources. A resource share consists of a resource owner, principals, and shared resources. The principals are the Alibaba Cloud accounts that are invited to use the resources of the resource owner. For more information about resource shares, see What is Resource Sharing?
2. In the Add Principals section, enter the ID of the Alibaba Cloud account with which you want to share the snapshot and click Add.
3. Click OK.

A sharee uses a shared snapshot

The sharee must accept the invitation to use the shared snapshot from the sharer.

To accept the invitation to use the shared snapshot, the sharee must perform the following steps:
1. Log on to the Resource Management console.
2. In the left-side navigation pane, choose Resource Sharing > Resources Shared To Me.
3. In the upper-left corner of the top navigation bar, select the region where the shared snapshot resides.
4. On the Shared To Me page, find the resource share and click Accept in the Status column.
5. In the Accept Resource Sharing Invitation message, click Accept.
  After you accept the invitation, you can use the shared snapshot. Subsequent sharing invitations for shared resources added to the resource share are automatically accepted.
To view the shared snapshot, the sharee must perform the following steps:
1. Go to ECS console - Snapshots.
2. In the upper-left corner of the top navigation bar, select the region where the shared snapshot resides.
3. View the shared snapshot in the snapshot list on the Disk Snapshots tab.
  - Move the pointer over the icon. A tag in the following format appears: acs:ecs:sharedFrom:<UID of the account that shares the snapshot>:<Region in which the source snapshot resides>:<ID of the source snapshot>.
  - Check whether Shared Snapshot is displayed in the Creation Method column.
  - Move the pointer over the icon. Information, such as the ID of the account that shared the snapshot and the ID of the source snapshot, is displayed.
    You can also choose > View Shared Snapshot in the Actions column to view information about the shared snapshot in the Resource Management console.
Use the shared snapshot.
- If an unencrypted snapshot is shared, the sharee can perform the following operations by using the shared unencrypted snapshot:
  - Create a cloud disk from the snapshot. For more information, see Create a data disk from a snapshot
  - Copy the snapshot. For more information, see Copy a snapshot.
- If an encrypted snapshot is shared, the sharee can perform the following operations by using the shared encrypted snapshot:
  - Create a cloud disk from the snapshot and specify a different encryption key for the disk. For more information, see Create a data disk from a snapshot.
    Note
    If you use shared encrypted snapshots to create cloud disks, you can create only Enterprise SSDs (ESSDs). If you want to use a shared encrypted snapshot to create cloud disks of other categories, copy the snapshot, and then use the snapshot copy to create the disks.
  - Copy the snapshot and specify a different encryption key for the snapshot copy. For more information, see Copy a snapshot.

This section describes how to use an ECS SDK and a Resource Sharing SDK to share a snapshot across Alibaba Cloud accounts and create a cloud disk from the shared snapshot. In this example, the SDKs for Java and an open source sample project are used.

Click snapshot sharing sample project to download the snapshot sharing sample project.
The project involves the following API operations:
- CreateResourceShare: The sharer creates a resource share to share a snapshot.
- ReceiveResourceShare: The sharee accepts the snapshot sharing invitation.
- UseResourceShare: The sharee uses the shared snapshot to create a disk.
Configure the sample project.
1. Configure SDK dependencies in the pom.xml file. For more information, see Use SDK for Java.
```

<dependency>
  <groupId>com.aliyun</groupId>
  <artifactId>resourcesharing20200110</artifactId>
  <version>${lastVersion}</version>
</dependency>

<dependency>
  <groupId>com.aliyun</groupId>
  <artifactId>alibabacloud-ecs20140526</artifactId>
  <version>${lastVersion}</version>
</dependency>
```
  Note
  SDK packages are frequently updated. We recommend that you obtain the latest version of dependencies from the official GitHub website. For more information, see SDK overview.
2. Add the ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET environment variables to your on-premises environment, and replace the values of the variables with your actual AccessKey ID and AccessKey secret.
3. Replace the values of other variables in the project with actual values, such as the ID of the snapshot that you want to share, the UID of the account with which you want to share the snapshot, and the category of the disk that you want to create.
Compile and run each Java code snippet.
Check the execution results in the corresponding console.
If you are the sharer of the snapshot, log on to the Resource Management console to view the created resource share. If you are the sharee of the snapshot, log on to the ECS console to view the snapshot that is shared with your account and the disk that is created from the snapshot.

Unshare a snapshot

If you no longer want to share a snapshot with another Alibaba Cloud account, you can unshare the snapshot.

Considerations

After a sharer unshares a snapshot, the following impacts are imposed on the sharee:

The sharee can no longer view the snapshot in the ECS console or by calling an API operation.
The sharee can no longer re-initialize the cloud disks created from the shared snapshot.
The copies of the shared snapshot are not affected.

Procedure

Open the Add to Resource Share dialog box.
1. Go to ECS console - Snapshots.
2. In the top navigation bar, select the region and resource group of the resource that you want to manage.
3. On the Disk Snapshots tab, find the snapshot that you want to unshare and choose > Share Snapshot in the Actions column.
Unshare the snapshot.
1. In the Add to Resource Share dialog box, select the resource share to which the snapshot is added.
2. In the Principals section, click Edit.
3. In the Added Principals section, click Remove in the Actions column corresponding to the sharee from whom you want to unshare the snapshot.
4. Click OK.

Considerations

Preparations

Share a snapshot

A sharer shares a snapshot

A sharee uses a shared snapshot

Unshare a snapshot

Considerations

Procedure

Sales Support

Technical Support

Connect & Report Abuse

About Alibaba Cloud

Our Global Network

Quick Start

Global Offices

Olympic Games Paris 2024 New

Stade Roland Garros – Glitz from the Past New

Place de la Concorde – “Breaking” the Barriers New

Vaires-sur-Marne Nautical Stadium – Sports with Sustainability New

International Broadcast Center – Images, Sounds, and Data that Captivate Billions New

Customer Success Stories New

Trust Center

Security & Compliance Center

Cloud Compliance Resources

Security Compliance FAQs

Product & Feature Update New

Cloud Forward

Press Room

Alibaba Cloud e-Magazine New

Alibaba Cloud in Analyst Research

Notice

Go Global Service New

Go Global Alliance with Alibaba Cloud

Asia Accelerator Hot

Information Compliance

China Gateway - MLPS 2.0 Compliance New

China Gateway - Networking

China Gateway - Global Application Acceleration New

China Gateway - Security

China Gateway - Data Security New

ICP Support Hot

China Gateway - Omnichannel Data Mid-End New

China Gateway - Organizational Data Mid-End New

China Gateway - Business Mid-End New

China Gateway - AI Service for Conversational Chatbots New

China Gateway - Online Education

China Gateway - Domain Registration

Work at Alibaba Cloud

Experienced Professionals

Students and Graduates

Free Trial

Pricing

Promo Center

Price Reduction

Pay Less and Deploy More

FinOps

Elastic Compute Service (ECS)

Simple Application Server (SAS)

Elastic GPU Service

Elastic Desktop Service (EDS)

Object Storage Service (OSS)

Cloud Enterprise Network (CEN)

Web Application Firewall (WAF)

Domain Names

Container Compute Service (ACS)

Secure Access Service Edge (SASE)

Intelligent Media Services(IMS)

Edge Security Acceleration (ESA)(Original DCDN)

Intelligent Media Management

DingTalk Enterprise

YiDA

Alibaba Cloud Model Studio

Apsara Prime - For Easy Cloud Product Selection

Alibaba Cloud ECS - Cater All Your Cloud Hosting Needs

1TB CDN—Get Free 1 TB Outbound Traffic Plan Now

Security—Under Attack? Get Free Security Support

Short Message Service - Free Testing is Available

Elastic Compute Service (ECS) Hot

CloudBox

Compute Nest

Dedicated Host Hot

ECS Bare Metal Instance

Elastic GPU Service Featured

Simple Application Server (SAS) Hot

Auto Scaling

Cloud Phone Beta

Elastic Desktop Service (EDS) Featured

Batch Compute

Elastic High Performance Computing (E-HPC)

Super Computing Cluster (SCC)

Function Compute (FC)