Compliance validation resources for Image Builder
EC2 Image Builder is not in scope of any Amazon compliance programs.
For a list of Amazon Web Services services in scope of specific compliance programs, see Amazon Web Services services
in Scope by Compliance Program
You can download third-party audit reports using Amazon Artifact. For more
information, see Downloading Reports in Amazon Artifact
Your compliance responsibility when using Image Builder is determined by the sensitivity of your data, your company's compliance objectives, and applicable laws and regulations. Amazon provides the following resources to help with compliance:
-
Security and Compliance Quick Start Guides
Security and Compliance Quick Start Guides – These deployment guides discuss architectural considerations and provide steps for deploying security- and compliance-focused baseline environments on Amazon. -
Amazon Compliance Resources
– This collection of workbooks and guides might apply to your industry and location. -
Evaluating Resources with Rules in the Amazon Config Developer Guide – The Amazon Config service assesses how well your resource configurations comply with internal practices, industry guidelines, and regulations.
-
Amazon Security Hub – This Amazon service provides a comprehensive view of your security state within Amazon that helps you check your compliance with security industry standards and best practices.
You can incorporate compliance products from Amazon Web Services Marketplace or components from EC2 Task Orchestrator and Executor (EC2 TOE) into your Image Builder images to help ensure that your images are compliant. For more information, see Compliance products for your Image Builder images.