CIS Hardened Images on Amazon Web Services (AWS)
CIS Hardened Images on AWS
All of these images are available on the public AWS Marketplace and AWS GovCloud (US) region. Those also available on the AWS Intelligence Community are noted below.Debian Linux
CIS Debian Linux 8 Benchmark Launch (Also AIC)
CIS Debian Linux 8 Benchmark - Level 2
CIS Debian Linux 9 Benchmark Launch
CIS Debian Linux 9 Benchmark - Level 2
Ubuntu Linux
CIS Ubuntu Linux 16.04 LTS Benchmark Launch (Also AIC)
CIS Ubuntu Linux 16.04 LTS Benchmark - Level 2
CIS Ubuntu Linux 18.04 LTS Benchmark Launch (Also AIC)
CIS Ubuntu Linux 18.04 LTS Benchmark - Level 2
Amazon Linux
CIS Amazon Linux Benchmark Launch (Also AIC)
CIS Amazon Linux Benchmark - Level 2
CIS Amazon Linux 2 Benchmark Launch (Also AIC)
CIS Amazon Linux 2 Benchmark - Level 2
CentOS Linux
CIS CentOS Linux 7 Benchmark Launch (Also AIC)
CIS CentOS Linux 7 Benchmark - Level 2
CIS CentOS Linux 6 Benchmark Launch (Also AIC)
CIS CentOS Linux 6 Benchmark - Level 2
CIS CentOS Linux 8 Benchmark
CIS CentOS Linux 8 Benchmark - Level 2
Oracle Linux
CIS Oracle Linux 7 Benchmark Launch (Also AIC)
CIS Oracle Linux 7 Benchmark - Level 2
CIS Oracle Linux 6 Benchmark Launch (Also AIC)
CIS Oracle Linux 6 Benchmark - Level 2
Red Hat Linux
CIS Red Hat Enterprise Linux 7 Benchmark Launch (Also AIC)
CIS Red Hat Enterprise Linux 7 Benchmark - Level 2 Launch (Also AIC)
CIS Red Hat Enterprise Linux 6 Benchmark Launch (Also AIC)
CIS Red Hat Enterprise Linux 6 Benchmark - Level 2
CIS Red Hat Enterprise Linux 8 Benchmark Launch (Also AIC)
CIS Red Hat Enterprise Linux 8 Benchmark - Level 2
CIS Red Hat Enterprise Linux 7 STIG Benchmark Launch
CIS Red Hat Enterprise Linux 7 STIG Benchmark - Level 2
SUSE Linux
CIS SUSE Linux Enterprise 12 Benchmark Launch
CIS SUSE Linux Enterprise 12 Benchmark - Level 2
PostgreSQL
CIS PostgreSQL 10 Benchmark
CIS PostgreSQL 10 Benchmark - Level 2
CIS PostgreSQL 11 Benchmark Launch (Also AIC)
CIS PostgreSQL 11 Benchmark - Level 2
Microsoft Windows Server
CIS Microsoft Windows Server 2008 R2 Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2008 R2 Benchmark - Level 2 Launch (Also AIC)
CIS Microsoft Windows Server 2012 R2 Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2012 R2 Benchmark - Level 2 Launch (Also AIC)
CIS Microsoft Windows Server 2012 (non-R2) Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2012 (non-R2) Benchmark - Level 2 Launch (Also AIC)
CIS Microsoft Windows Server 2016 RTM (Release 1607) Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2016 RTM (Release 1607) Benchmark - Level 2 Launch (Also AIC)
CIS Microsoft Windows Server 2019 Benchmark Launch
CIS Microsoft Windows Server 2019 Benchmark - Level 2 Launch
CIS and AWS Work Together
CIS AWS Foundations Benchmark
AWS joined the CIS community consensus process that created the CIS AWS Foundations Benchmark. The purpose of this CIS Benchmark is to provide prescriptive guidance about security configuration on AWS.CIS AWS Foundations Benchmark Quick Start
AWS created a CIS AWS Foundations Benchmark Quick Start. It helps you address security and compliance considerations by building foundational security into your account and monitoring critical resources. It can also establish a customizable governance baseline of security controls.Security Automation & Orchestration (SAO)
CIS Benchmarks and CIS Hardened Images are part of the AWS SAO methodology. AWS SAO enables AWS customers to constrain, track, and publish continuous risk treatments, configurations, and assimilate DevOps routines into a “Type Accredited” secure AWS architecture. This architecture is configured to converge common security frameworks (e.g. FedRAMP, DoD CC SRG, PCI-DSS, IRS 1075, etc.) through the use of security as code practices. Learn More
Request more information
AWS Resources
AMI version Python script
Ensure you’re always using the latest CIS Hardened Image.CIS and AWS GovCloud
Learn about CIS Hardened Images in the AWS GovCloud (US) region.What People are Saying:
"Based on the value, time and costs saving, I would not consider spinning up a AWS server without adding the CIS security to it for any production-level instance."
- V.P. Application Lifecycle Management CorTechs, Inc.
