The AWS EC2 service is outstanding when it comes to hosting applications quickly and efficiently. Part of what makes EC2 so efficient is the Amazon Machine Images, or AMIs. These images allow you to spin up EC2 instances at a moment’s notice. These AMIs are great, but you have to guard them very closely if there is any sensitive information on them. If an AMI were accidentally shared to the wrong account, this information would go with it. That’s why you must remove any sensitive information from EC2 instances before creating AMIs from them. This learning activity will show you how to remove sensitive information from your EC2 instances before creating an AMI to maintain utmost security.
Successfully complete this lab by achieving the following learning objectives:
- Login to the EC2 Instance
Login to the EC2 Instance named
AMISourceusing the SSH Instant Terminal, and the credentials presented with this Hands-On Lab
- Remove Sensitive Data
Your EC2 instances likely contain sensitive informatiuon that you would want to remove before you make copies of the instance. Remove all sensitive information from the
cloud_userhome directory, including any SSH settings, private keys, and the bash command history.
- Create the new EC2 AMI
Once all sensitive data has been removed from the EC2 instance, you can safely make new copies of the machine using an AMI. Using the EC2 Console, create an AMI from the EC2 Instance we’ve been using so far.