AMI Shared With Multiple Accounts
- Query id: ba4e0031-3e9d-4d7d-b0d6-bd8f003f8698
- Query name: AMI Shared With Multiple Accounts
- Platform: Terraform
- Severity: Medium
- Category: Access Control
- CWE: 284
- URL: Github
Description¶
Limits access to AWS AMIs by checking if more than one account is using the same image
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_ami_launch_permission" "positive1" {
image_id = "ami-1235678"
account_id = "12345600012"
}
resource "aws_ami_launch_permission" "positive2" {
image_id = "ami-1235678"
account_id = "123456789012"
}