diff --git a/rules/aws_cloudtrail_rules/aws_ami_modified_for_public_access.py b/rules/aws_cloudtrail_rules/aws_ami_modified_for_public_access.py
index 8204d6d6f..819a87e49 100644
--- a/rules/aws_cloudtrail_rules/aws_ami_modified_for_public_access.py
+++ b/rules/aws_cloudtrail_rules/aws_ami_modified_for_public_access.py
@@ -12,7 +12,7 @@ def rule(event):
     )
 
     for item in added_perms:
-        if item.get("userId") or item.get("group") == "all":
+        if item.get("group") == "all":
             return True
 
     return False
diff --git a/rules/aws_cloudtrail_rules/aws_ami_modified_for_public_access.yml b/rules/aws_cloudtrail_rules/aws_ami_modified_for_public_access.yml
index 8e54d3c77..1f076391f 100644
--- a/rules/aws_cloudtrail_rules/aws_ami_modified_for_public_access.yml
+++ b/rules/aws_cloudtrail_rules/aws_ami_modified_for_public_access.yml
@@ -190,7 +190,7 @@ Tests:
       }
   -
     Name: AMI Added to User
-    ExpectedResult: true
+    ExpectedResult: false
     Log:
       {
           "awsRegion": "us-west-2",