Compliance products for your Image Builder images - EC2 Image Builder
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Compliance products for your Image Builder images

With constantly evolving security standards, it can be a challenge to maintain compliance and safeguard your organization from cyber threats. To help ensure that your custom images are compliant, and stay that way through automatic updates when publishers release new versions, Image Builder integrates with Amazon Web Services Marketplace compliance products and EC2 TOE components.

Image Builder integrates with the following compliance products:

  • Security Technical Implementation Guides (STIG)

    For STIG compliance, use can use Amazon-managed EC2 Task Orchestrator and Executor (EC2 TOE) STIG components in your Image Builder recipes. STIG components scan your build instance for misconfigurations and run a remediation script to correct issues that they find. We can't guarantee STIG compliance for the images that you build with Image Builder. You must work with your organization's compliance team to verify that your final image is compliant. For a complete list of EC2 TOE STIG components that you can use in your Image Builder recipes, see Amazon managed STIG hardening components for EC2 Image Builder.