I was wondering why I cannot tag some images in AWS and I found that some GA images in AWS have different owner.
I.e. all our images has
Owner account ID 125523088429
But e.g. ami-0e4e634d022c1a3f8 in ap-southeast-4 region has owner id 569228561889. There are more such cases, but it seems quite random.
To see this AMI in WebUI you have to switch from "AMIs owned by me" to "Public images".
Is this expected? Is this some malicious thing?
On 2/12/24 05:14, Miroslav Suchý wrote:
I was wondering why I cannot tag some images in AWS and I found that some GA images in AWS have different owner.
I.e. all our images has
Owner account ID 125523088429
But e.g. ami-0e4e634d022c1a3f8 in ap-southeast-4 region has owner id 569228561889. There are more such cases, but it seems quite random.
To see this AMI in WebUI you have to switch from "AMIs owned by me" to "Public images".
Is this expected? Is this some malicious thing?
We have a community cloud AWS account (predates the official AWS account used today) with ID 013116697141, so if you see any from that account they aren't malicious, but we should probably clean them up.
We use the community cloud AWS account for dev (occasionally) and for testing created Cloud and CoreOS images. Nothing "official" should be produced by that account.
569228561889 could be just a individual/company/org that makes copies of our images they are using as a hedge in case we ever delete the images. So it's not necessarily malicious, but not ideal. Ideally we'd get our official images into the AWS marketplace and it would be easier to tell which were official and which aren't.
On Mon, Feb 12, 2024 at 11:10:57AM -0500, Dusty Mabe wrote:
On 2/12/24 05:14, Miroslav Suchý wrote:
I was wondering why I cannot tag some images in AWS and I found that some GA images in AWS have different owner.
I.e. all our images has
Owner account ID 125523088429
But e.g. ami-0e4e634d022c1a3f8 in ap-southeast-4 region has owner id 569228561889. There are more such cases, but it seems quite random.
To see this AMI in WebUI you have to switch from "AMIs owned by me" to "Public images".
Is this expected? Is this some malicious thing?
We have a community cloud AWS account (predates the official AWS account used today) with ID 013116697141, so if you see any from that account they aren't malicious, but we should probably clean them up.
We use the community cloud AWS account for dev (occasionally) and for testing created Cloud and CoreOS images. Nothing "official" should be produced by that account.
569228561889 could be just a individual/company/org that makes copies of our images they are using as a hedge in case we ever delete the images. So it's not necessarily malicious, but not ideal. Ideally we'd get our official images into the AWS marketplace and it would be easier to tell which were official and which aren't.
Right. I think this is something we don't need to worry about?
kevin
infrastructure@lists.fedoraproject.org