Posted On: Oct 20, 2023
Amazon EC2 has enabled the Amazon Machine Image Block Public Access (AMI BPA) setting by default for all new AWS accounts and all existing AWS accounts that have not owned a public AMI since July 15, 2023. AMI BPA restricts an AWS account from accidentally sharing an AMI publicly within an AWS Region, which helps improve the security and privacy posture for customers.
Previously, AMI BPA was disabled by default for all AWS accounts. With this change, AMI BPA will be enabled by default for all new AWS accounts. Additionally, AMI BPA has also been enabled for all existing AWS accounts that have not owned a public AMI since July 15, 2023. If you need to make an AMI public, you can disable AMI BPA by using the AWS CLI, SDKs, or Console. This change will not impact existing AWS accounts with public AMIs.
This change has been made in all AWS Regions, including the AWS GovCloud (US) Regions and Amazon Web Services China Regions.
To learn more about AMI Block Public Access, visit the documentation here.