HIGH
Source
CloudSploit
ID
public-ami

Public AMI

Checks for publicly shared AMIs

Accidentally sharing AMIs allows any AWS user to launch an EC2 instance using the image as a base. This can potentially expose sensitive information stored on the host.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the AWS Management Console.

  2. Select the “Services” option and search for EC2. Step

  3. Scroll down the left navigation panel and choose “AMIs” under “Images”.Step

  4. Select the “AMI” that needs to be verified. Step

  5. Scroll down the page and select the “Permissions” tab from the dashboard bottom panel and check the AMI permission. If the selected AMI is publicly accessible it will show “This image is publicly available”. This can potentially expose sensitive information stored on the host.Step

  6. Repeat steps number 2 - 6 to verify other “AMIs” permissions in the region.

  7. Navigate to “AMIs” under “Images” and select the “AMI” that needs to be modified to restrict the publicly shared image to private image.Step

  8. Click on the “Permissions” tab from the dashboard bottom panel and click on the “Edit AMI permissions” button.Step

  9. In the “Edit AMI Permissions” choose “Private” and click on the “Save changes” button to make the necessary changes.Step

  10. Repeat steps number 7 - 9 to change “Public AMI” to the “Private AMI” in the selected AWS region.