AWS Security ChangesHomeSearch

AWS marketplace documentation change

Service: marketplace · 2025-10-25 · Documentation medium

File: marketplace/latest/userguide/best-practices-for-building-your-amis.md

Summary

Strengthened recommendation for runtime AMI verification and removed optional instance metadata checks

Security assessment

The change elevates AMI verification from a suggestion to a strong recommendation, promoting a security best practice to prevent unauthorized software execution. However, it does not address a specific disclosed vulnerability.

Diff

diff --git a/marketplace/latest/userguide/best-practices-for-building-your-amis.md b/marketplace/latest/userguide/best-practices-for-building-your-amis.md
index f1ab35ab0..d074da44a 100644
--- a//marketplace/latest/userguide/best-practices-for-building-your-amis.md
+++ b//marketplace/latest/userguide/best-practices-for-building-your-amis.md
@@ -160 +160 @@ To learn about giving AWS Marketplace access to your AMI, see [Giving AWS Market
-You may wish to have your software verify at runtime that it is running on an Amazon EC2 instance created from your AMI product.
+We strongly recommend that your software verify at runtime that it is running on an Amazon EC2 instance created from your AMI product.
@@ -228,2 +227,0 @@ If the product code matches the one for your AMI product, then the instance was
-You may also wish to verify other information from the instance identity document, such as the `instanceId` and the instance `privateIp`.
-