Data protection

Externally Exposed AMI

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

About Amazon Machine Image (AMI)

An Amazon Machine Image (AMI) is a template that includes all the information you need to spin up a new Elastic Compute Cloud (EC2) instance. An AMI can be used to launch multiple new instances, all with the same underlying configurations.

An AMI can be generic (e.g., a base Ubuntu AMI) or it can be more specific (e.g., an AMI that contains all the applications and dependencies required to run the Apache web server). There are pre-existing AMIs made available by other AWS users or you can create a custom AMI.

Customized AMIs enable you to pre-install any required packages on an instance, improve boot time (no need to provide user data at launch), implement security controls for all instances at once, and launch production-ready machines quickly when required.

AWS allows you to share your custom AMIs. You have the option of making them  public so anyone can use them or you can restrict access to specific AWS accounts.

Cloud Risk Description

A public AMI becomes a part of Community AMIs, which means that anyone with an AWS account can use it to launch an instance. Since AMIs usually contain application and data snapshots, this can potentially lead to sensitive data exposure. A malicious actor could use the sensitive data in an AMI to carry out a targeted cyberattack on your infrastructure.

How Does Orca Help?

Orca detects sensitive data at-risk across both the workload and control plane, pinpointing the exact location and providing masked samples of the data for quick remediation. In this specific case, Orca helps by looking for “externally exposed AMIs” and will alert on this type of issue as shown in the screenshot above.

Real-Life Incidents

AWS misconfigurations have been at the heart of many cyberattacks. Let’s look at a few examples:

Orca

Orca Security, the cloud security innovation leader, provides cloud-wide, workload-deep security and compliance for AWS, Azure, and GCP - without the gaps in coverage, alert fatigue, and operational costs of agents.