Continuously audit and monitor EC2 AMI configurations and enforce security compliance as code with Panther.

Amazon Machine Image (AMI) provides the information required to launch an EC2 instance. You must specify an AMI when you launch an instance. Use Panther to track real-time changes to your AMI instances to ensure configurations meet your business requirements for security and compliance.

Monitoring AMI is critical to check which AWS accounts can use AMI to launch instances. Use Panther’s built in policies for continuous monitoring of AMI instances, or write your own detections in Python to fit your internal business use cases.

Use Cases

Common security use cases for EC2 AMI with Panther include:

• Check if AWS EC2 AMI's are launched only on approved dedicated hosts

• Ensures that the EC2 instance was launched with a tenancy approved for its AMI

• Ensure that EC2 instance is running with an instance type approved for its AMI

How it Works

The integration is simple and fast:

• Connect your AWS account to Panther

• A baseline scan is performed to identify all existing AMI in your AWS account(s)

• Built-in detections identify security issues

• Alerts will be sent if non-compliant security group exists

Use Panther to search all AMI in an AWS account by name, view their compliance status, associated policies, and configured remediations. Learn more about using Panther to analyze your AWS logs for security insights.