Base Image Used and is only N days old
Base images can provide a wealth of security benefits, but are also point-in-time snapshots that become stale. Ensure that the base image used for any new image creation is sufficiently fresh.
Summary
The standardization benefits of using base images only apply if the software and customizations within those base images are up to date. As new base images are created, subsequent AMI bakes should switch over to those new images with minimal delay. Periodic, automated cleanup of base images can help avoid accidental usage of old + undesirable base images.
Applicable To
Always
Resources
EC2
Maturity
Medium
Functions
CSPS
AWS
Author
Nick Siow
Additional Links
