Amazon EC2 Allowed AMIs setting adds new parameters for enhanced AMI governance

AWS QuickSight Release Notes

Allowed AMIs, the Amazon EC2 account-wide setting that enables you to limit the discovery and use of Amazon Machine Images (AMIs) within your AWS accounts, adds support for four new parameters: marketplace codes, deprecation time, creation date, and AMI names.

Previously, you could specify accounts or owner aliases that you trust in your Allowed AMIs setting. Starting today, you can use the four new parameters to define additional criteria to further reduce the risk of inadvertently launching instances with non-compliant or unauthorized AMIs.

• Marketplace codes: Limit the use of Marketplace AMIs.
• Deprecation time: Limit the use of outdated AMIs.
• Creation date: Limit the use of outdated AMIs.
• AMI names: Restrict usage to AMIs with specific naming patterns.

You can also leverage Declarative Policies to configure these parameters to perform AMI governance across your organization.

These additional parameters are now supported in all AWS regions including AWS China (Beijing) Region, operated by Sinnet, and AWS China (Ningxia) Region, operated by NWCD, and AWS GovCloud (US).

What to do

• Review the new parameters and update your Allowed AMIs settings accordingly.
• Leverage Declarative Policies for better AMI governance.
• Visit the documentation for more information.

Source: AWS release notes