So as the deployment of our app we were thinking to deploy it in market place as a private ami.So we were thinking to get the docker image of the app when some one spinning up the vm with our ami.But the thing is the user who spin up the ami is the admin of the vm so he has full access.So does he has access to our code base when he ssh in to the docekr image.Is there a way to restrict user to access the code
Yes. Let them use your AWS server and don't give their account SSH access to the code.
Seriously. There isn't a trick to this one. This is the only way you can do it, short of SELinux.