By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Preventing customers from copying proprietary software out of an AMI instance

0

I'm new to AWS. I have been looking into trying to set up a seller store for selling a software product that my company produces. I was able to generate a customized AMI based on an Ubuntu 22.04 base AMI. In my customized version I installed the software that I would be selling access to for customers. My current understanding is that I would sell access to this customized AMI to customers who wish to use my software. My main concern is that if I have a customer who gets access to this AMI and creates an instance from it, they would be able to simply SCP the compiled binaries of my code out of the instance and have personal access to my code. I haven't found any documentation regarding protecting IP on AMIs.

I've been trying to wrap my head around the 'proper' way to go about selling software using AWS, so I don't know if I'm thinking about this all wrong because I haven't found any documentation that explains a method for going about selling on the storefront.

1.) Can you sell access to an AMI, while also protecting any intellectual property that is on the AMI from being downloaded? 2.) What is the standard AWS method for going about selling software to customers?

Thank you, Chris

Topics
ComputeAWS Marketplace
Tags
Linux ProvisioningAmazon EC2Amazon Machine Images (AMI)AWS Marketplace - Seller
Language
English
Chris
asked 6 months ago418 views
3 Answers
0

I believe the best thing for your company to do, is implement a licensing feature into the software. This will protect the code from being used unauthorised. I dont believe there is a way to prevent the concern you are raising.

profile picture
EXPERT
Gary Mclean
answered 6 months ago
  • Chris
    6 months ago

    Thanks Gary. I had looked into that. I believe the AMI policies are such that I am not allowed to restrict a user's time-access to an AMI, which seemed like a license would go against that AWS policy. Assuming I have understood the meaning of that policy.

0

Hi,

From your description, it seems that you rather want to implement a SaaS service than a product on EC2:. This whitepaper will give you all the possible options in that direction:

https://docs.aws.amazon.com/pdfs/whitepapers/latest/saas-architecture-fundamentals/saas-architecture-fundamentals.pdf

Best,

Didier

profile pictureAWS
EXPERT
Didier_Durand
answered 6 months ago
0

Hey Chris,

Welcome to the AWS world! Protecting your intellectual property on an AMI is indeed crucial. One approach you can consider is using AWS Marketplace, which allows you to sell software securely. AWS Marketplace provides built-in licensing options and helps protect your software from unauthorized access.

To prevent customers from copying your proprietary software, you might want to explore License Manager on AWS, which lets you enforce licensing rules. It can restrict usage to specific instances or users, preventing unauthorized copying.

Also, consider using AWS Identity and Access Management (IAM) roles to control permissions tightly. Restrict the access to only necessary resources and actions.

I faced a similar challenge when launching my product on AWS, and using a combination of Marketplace, License Manager, and IAM really helped safeguard my code.

Martin
answered 5 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content