Error Could not share parivate image ami-12345678 between accounts may occur during cross-account instance recovery

Error "Could not share private image ami-12345678 between accounts" may occur during cross-account instance recovery

Error "Could not share private image ami-12345678 between accounts" may occur during cross-account instance recovery:

Error - Could not share private image ami-12345678 between accounts
Error - First step (launching instance) failed. Reason: Could not share parivate image ami-12345678 between accounts

This is a result of an AWS limitation:
  • "You can't copy an encrypted AMI that was shared with you from another account. Instead, if the underlying snapshot and encryption key were shared with you, you can copy the snapshot while re-encrypting it with a key of your own. You own the copied snapshot, and can register it as a new AMI.
  • You can't copy an AMI with an associated billingProduct code that was shared with you from another account. This includes Windows AMIs and AMIs from the AWS Marketplace. To copy a shared AMI with a billingProduct code, launch an EC2 instance in your account using the shared AMI and then create an AMI from the instance.”

When performing cross-account recovery of an instance that requires an image (i.e. Windows instance) and it is encrypted, you'll need to provide another AMI for the recovery, that already exists in the account you're recovering to.
CPM does not need the data on this AMI, it is just used as a prop for the recovery process.
If you do not have such AMI prepared, you can provide an AMI ID of a similar instance - look in the Marketplace for a similar product.
You can use AMI Assistant to find such AMI https://n2ws.com/support/documentation/9-performing-recovery#92