The following command displays a list of all public AMIs.
PROMPT>ec2dim -x all
The -x all flag shows AMIs executable by all users. This
includes AMIs you own.
To show AMIs for which you have explicit launch permissions, run:
PROMPT>ec2dim -x self
The -x self flag shows AMIs you have explicit launch permissions for.
AMIs you own are excluded.
To show AMIs owned by Amazon run:
PROMPT>ec2dim -o amazon
To find AMIs owned by a particular user run:
PROMPT>ec2dim -o 495219933132
Replace 495219933132 with the AWS account id of the user
who owns the AMIs you are looking for.
AMIs are launched at the user's own risk. Amazon cannot vouch for the integrity or security of AMIs shared by other users. Therefore, you should treat shared AMIs as you would any foreign code that you might consider deploying in your own data center and perform the appropriate due diligence.
Ideally, you will get the AMI ID from a trusted source (a website, another user, etc). If you do not know the source of an AMI, we recommended that you at leaste search the forums for comments on the AMI before launching it. Conversely, if you have questions or observations about a shared AMI, feel free to use the forums to ask or comment.
Amazon's public images have an aliased owner and
will display amazon in the userId field.
This allows users to find Amazon's public images easily.
Note: | Users are not currently able to alias an AMI's owner. |
If you do choose to launch a shared AMI, there are a number of steps you should take (at a minimum) after launch to confirm the AMI is not doing anything malicious:
Check the ssh authorized keys file. The only key in the file should be the key you launched the AMI with.
Check open ports and running services.
Change the root password if is is not randomized on startup. Take a look at the section called “Disable Password Based Logins for Root” for more information on randomizing the root password on startup.
Check if ssh allows root password logins. the section called “Disable Password Based Logins for Root” contains more information on disabling root based password logins.
Check if there are any other user accounts that may allow backdoor entry to your instance. Accounts with super user privileges are paticularly dangerous.
Check that all cron jobs are legitimate.