AWS recommends to delete authorized keys and and history from your instances before creating and publishing AMI. You might get below error when you submit your AMI for scanning without removing the keys. Authorized keys found Authorized key(s) found in the following location(s): /home/ec2-user/.ssh/ authorized_keys:1 /root/.ssh/authorized_keys:1 To find authorized keys : find / -name "authorized_keys" -print -exec cat {} \; To remove keys: find / -name "authorized_keys" –exec rm –f {} \; To remove history : find /root/.*history /home/*/.*history -exec rm -f {} \; For more information refer to https://aws.amazon.com/articles/0155828273219400