1.7 Ensure all Customer owned Amazon Machine Images for Web Tier are not shared publicly

Information

Amazon Machine Images (AMI) are an exact duplicate of the instance they were created from and will allow anyone with access to create a complete replica of the original instance. The original instance may contain intellectual property, proprietary applications, and configuration information that can be used to exploit or compromise any running instance in the web tier.
Allowing public access to the Web Tier AMI may aid an adversary in identifying weaknesses in the application use or configuration.

Solution

Using the Amazon unified command line interface:

* For each AMI that is public remove group ALL from the launch permissions:

aws ec2 modify-image-attribute --image-id _<public_image_id>_ --launch-permission "{\"Remove\":[{\"Group\":\"all\"}]}"

See Also

https://workbench.cisecurity.org/files/260