More Info:

Blacklist all those AMI to prevent certain security issues to attack your application. Your EC2 Instances should not use any of the blacklisted AMIs.

Risk Level

Low

Address

Security, Operational Maturity

Compliance Standards

CBP

Triage and Remediation

Remediation

To remediate the issue of blacklisted AMIs in AWS using AWS console, follow the steps below:

  1. Log in to your AWS console.
  2. Go to the EC2 dashboard.
  3. Click on the “AMIs” option on the left-hand menu.
  4. Identify the blacklisted AMIs from the list of available AMIs.
  5. Select the blacklisted AMI that you want to remove.
  6. Click on the “Actions” button and select “Deregister” from the drop-down menu.
  7. Confirm the action by clicking on the “Deregister” button.
  8. Once the AMI is deregistered, it will no longer be available for use.
  9. Ensure that any instances using the blacklisted AMI are terminated and replaced with instances using approved AMIs.
  10. Implement a process to regularly check and update the list of approved AMIs to prevent the use of blacklisted AMIs in the future.

By following the above steps, you can remediate the issue of blacklisted AMIs in AWS using AWS console.

Additional Reading: