creating-ec2-image-builder-pipeline
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- IAM Role and Infrastructure Configuration: The skill automates the creation of IAM roles and instance profiles. This is a standard requirement for EC2 Image Builder to perform builds, and the skill uses specific AWS managed policies to limit permissions to the necessary scope.
- External Software Installation: In the build component step, the skill fetches the AWS CLI installer from an official vendor domain (
awscli.amazonaws.com). This is an expected behavior for configuring a build environment with necessary tools. - Dynamic Command Execution: The skill instructs the agent to construct and execute AWS CLI commands using parameters provided by the user (such as
pipeline_name). This pattern is used to customize the deployment but requires the execution environment to handle input interpolation securely.
Audit Metadata