EC2 Image Builder

The CIS Hardened Images are virtual machine (VM) images that are pre-hardened to the vendor-agnostic security recommendations of the CIS Benchmarks. Your organization has unique security requirements in every cloud service it uses, including the Amazon Web Services (AWS) Cloud.

By using select CIS Hardened Images available in the AWS Marketplace, you gain access to remediation scripts against Level 1 CIS Benchmarks in Amazon Elastic Compute Cloud (EC2) Image Builder.

The CIS hardening components apply the CIS Benchmarks Level 1 guidance on CIS Hardened Images through the EC2 Image Builder pipeline. While the CIS Hardened Images are secured to the CIS Benchmarks guidance out-of-the-box, these CIS hardening components allow you to reapply the CIS Benchmarks Level 1 guidance at the end of the pipeline.

EC2 Image Builder is available for the following CIS Benchmarks:

  • CIS Amazon Linux 2 Level 1 Benchmark
  • CIS Microsoft Windows Server 2019 Level 1 Benchmark
  • CIS Microsoft Windows Server 2022 Level 1 Benchmark
  • CIS Red Hat Enterprise Linux 7 Level 1 Benchmark

 

Get Started

Building a golden image can be challenging. You start with a CIS Hardened Image that's configured to the Level 1 security recommendations of the corresponding CIS Benchmark. But when you add agents, services, and/or configuration changes that you need to meet your organization's needs, you change the state of the image. You don't know if it still conforms to the Level 1 guidelines of the CIS Benchmark, so you need a way of reapplying those security settings.

CIS hardening components help you do this by giving you more options for building a golden image. Available as Bash shell scripts for Linux and Group Policy Objects (GPOs) for Windows, our components are available directly in EC2 Image Builder, a free service which helps AWS customers easily build images and integrate services into the pipeline.

Harden across your environments

Our CIS Benchmarks take the guesswork out of hardening your operating systems regardless of whether they're on-premises or in the cloud.

Learn More

Secure configurations ready for the cloud

Pre-configured to the CIS Benchmarks, our CIS Hardened Images spare you from manually hardening your systems. We also patch our Hardened Images regularly so you don't have to.

Explore more benefits

Simplify security in the AWS Cloud

Our CIS Hardened Images for the AWS Cloud save you time and money when securing your AWS-based assets.

Spin one up now

Want more information?

Additional information about the CIS hardening components in EC2 Image Builder is available in our blog post.

Read it now