Old or Outdated AMIs
AMIs are Machine Images that contain all the information that is needed to launch a new Amazon EC2 instance. They act as an exact copy of another EC2 instances that contains application configuration that will be needed to ensure the EC2 instance functions as it is intended to. When an AMI is created the OS is in its current state and will only have security updates up to that particular point in time. Usually (depending your OS) security updates are released once per month and critical updates can be released on a greater frequency. As time progresses so does the amount of the security updates your OS is missing. This can lead to longer boot times (if you are patching at deployment time) for your EC2 instance or worst, leave you susceptible to an exploitable vulnerability. This is why it is an AMI security best practice to ensure your AMIs are up to date. By having a full inventory of your AMIs in all regions across all accounts will allow you to easily pinpoint where you may have stale or outdated AMIs and ensure you stay compliant with the GDPR framework.