Overview

AWS.EC2.AMI cloud security scanning will be changing in Panther v1.119, scheduled for deployment the week of March 2, 2026.

Starting in v1.119, only AMI images owned by each AWS account will be scanned and AWS-owned images will no longer be scanned.

Previously, for each AWS account onboarded in Panther, we scanned both images owned by the account and used by the account (including images owned by AWS or other accounts). This could cause problems when multiple AWS accounts with shared AMIs were onboarded into the same Panther instance.

Action Required

If you have cross-account AMI images, the source account must be onboarded into Panther to continue to populate the AWS.EC2.AMI resource details. Otherwise, cross-account AWS.EC2.AMI resources will stop populating and will eventually disappear from Panther.

If you have questions, please reach out to the Panther support team.