AWS marketplace documentation change
Summary
Strengthened recommendation for runtime AMI verification and removed optional instance metadata checks
Security assessment
The change elevates AMI verification from a suggestion to a strong recommendation, promoting a security best practice to prevent unauthorized software execution. However, it does not address a specific disclosed vulnerability.
Diff
diff --git a/marketplace/latest/userguide/best-practices-for-building-your-amis.md b/marketplace/latest/userguide/best-practices-for-building-your-amis.md index f1ab35ab0..d074da44a 100644 --- a//marketplace/latest/userguide/best-practices-for-building-your-amis.md +++ b//marketplace/latest/userguide/best-practices-for-building-your-amis.md @@ -160 +160 @@ To learn about giving AWS Marketplace access to your AMI, see [Giving AWS Market -You may wish to have your software verify at runtime that it is running on an Amazon EC2 instance created from your AMI product. +We strongly recommend that your software verify at runtime that it is running on an Amazon EC2 instance created from your AMI product. @@ -228,2 +227,0 @@ If the product code matches the one for your AMI product, then the instance was -You may also wish to verify other information from the instance identity document, such as the `instanceId` and the instance `privateIp`. -