We are planning to offer an AMI that will be loaded onto an EC2 machine that the customers buy.
We want to ensure that our binary and data in the AMI are protected from tampering. Also protect our binary from being downloaded. How can we do this? Can we prevent root access to the EC2 machine? Can we prevent all login (SSH) access to the machine? Will the owner of the EC2 machine (the customer) be able to subvert the protection steps?
From AMI security policies - AWS Marketplace:
AMIs must allow OS-level administration capabilities to allow for compliance requirements, vulnerability updates, and log file access. Linux-based AMIs use SSH, and Windows-based AMIs use RDP.
Therefore, it appears that you are not allowed to prevent login and administrative access.
If it is important to you to prevent access to the contents, then it might be better to sell your system as a "service" rather than as an AMI.
From AWS Marketplace: SaaS - PrivateLink:
You can now discover, purchase, and provision AWS PrivateLink Enabled SaaS products through AWS Marketplace. AWS PrivateLink enables you to securely pass data directly to a SaaS application without ever leaving the AWS Network.
See: Enabling New SaaS Strategies with AWS PrivateLink | AWS Partner Network (APN) Blog