approved-amis-by-tag
Checks if running instances are using specified Amazon Machine Images (AMIs). Specify the tags that identify the AMIs. Running instances with AMIs that don't have at least one of the specified tags are NON_COMPLIANT.
Identifier: APPROVED_AMIS_BY_TAG
Resource Types: AWS::EC2::Instance
Trigger type: Configuration changes
Amazon Web Services Region: All supported Amazon regions
Parameters:
- amisByTagKeyAndValue
- Type: StringMap
- Default: tag-key:tag-value,other-tag-key
-
The AMIs by tag (comma-separated list up to 10; for example,
tag-key:tag-value
; i.e.tag-key1
matches AMIs withtag-key1
,tag-key2:value2
matchestag-key2
having value2).
Amazon CloudFormation template
To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.