AWS Security ChangesHomeSearch

AWS imagebuilder documentation change

Service: imagebuilder · 2025-06-19 · Documentation low

File: imagebuilder/latest/userguide/create-container-recipes.md

Summary

Clarified base image sources for container recipes and emphasized security best practices regarding sensitive parameters

Security assessment

While the changes include security-conscious documentation about parameter logging and image sources, they represent general security best practices rather than addressing specific vulnerabilities. The update improves security awareness but doesn't indicate a resolved security issue.

Diff

diff --git a/imagebuilder/latest/userguide/create-container-recipes.md b/imagebuilder/latest/userguide/create-container-recipes.md
index b01011f55..b49a96f2f 100644
--- a//imagebuilder/latest/userguide/create-container-recipes.md
+++ b//imagebuilder/latest/userguide/create-container-recipes.md
@@ -37 +37 @@ Creating a new version of a container recipe is virtually the same as creating a
-To see details that are associated with your base image selection, choose the tab that matches your selection.
+For Docker container images, you can choose from public images hosted on DockerHub, existing container images in Amazon ECR, or Amazon-managed container images. To see details that are associated with your base image selection, choose the tab that matches your selection.
@@ -233 +233,7 @@ Component parameters are plain text values, and are logged in AWS CloudTrail. We
-     * parentImage (string, required) – Image that the container recipe uses as a base for your customized image. The value can be the base image ARN or an AMI ID.
+     * parentImage (string, required) – The Docker container image to use in the container recipe as a baseline for your customized image.
+
+       * Public images hosted on DockerHub
+
+       * Existing container images in Amazon ECR
+
+       * Amazon-managed container images