Control: AWS > EC2 > AMI > Trusted Access

Manage trusted access for AWS EC2 AMIs.

AWS allows EC2 AMIs to be shared with specific AWS accounts. This control allows you to configure whether such sharing is allowed, and to which accounts.

If set to Enforce, access to non-trusted accounts will be removed.

Resource Types

This control targets the following resource types:

AWS > EC2 > AMI

Primary Policies

The following policies can be used to configure this control:

Trusted Access
Trusted Access > Accounts

In Your Workspace

Controls by Resource report
Controls by Control Type report

Developers

Control Type URI

tmod:@turbot/aws-ec2#/control/types/amiTrustedAccess

Category URI

tmod:@turbot/turbot#/control/categories/securityTrustedAccess

GraphQL

query controlType(id: "tmod:@turbot/aws-ec2#/control/types/amiTrustedAccess") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-ec2#/control/types/amiTrustedAccess'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-ec2#/control/types/amiTrustedAccess"