CIS Hardened Images on Amazon Web Services (AWS)
CIS Hardened Images on AWS
All of these images are available on AWS Marketplace and AWS GovCloud (US) region. Those also available on the AWS Intelligence Community are noted below, excluding containers for AWS GovCloud US region.Red Hat Enterprise Linux
CIS Red Hat Enterprise Linux 8 Benchmark Launch (Also AIC)
CIS Red Hat Enterprise Linux 8 Benchmark Level 2 Launch (Also AIC)
CIS Red Hat Enterprise Linux 7 STIG Benchmark Launch
CIS Red Hat Enterprise Linux 7 Benchmark Launch (Also AIC)
CIS Red Hat Enterprise Linux 7 Benchmark Level 2 Launch (Also AIC)
Microsoft Windows Server
CIS Microsoft Windows Server 2019 STIG Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2019 Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2019 Benchmark Level 2 Launch (Also AIC)
CIS Microsoft Windows Server 2016 STIG Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2016 Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2016 Benchmark Level 2 Launch (Also AIC)
CIS Microsoft Windows Server 2012 Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2012 Benchmark Level 2 Launch (Also AIC)
CIS Microsoft Windows Server 2012 R2 Benchmark Launch (Also AIC)
CIS Microsoft Windows Server 2012 R2 Benchmark Level 2 Launch (Also AIC)
CIS and AWS Work Together
CIS AWS Foundations Benchmark
AWS joined the CIS community consensus process that created the CIS AWS Foundations Benchmark. The purpose of this CIS Benchmark is to provide prescriptive guidance for your AWS account. It provides configuration recommendations for identity and access management, monitoring and logging, and networking.Meet your Shared Responsibility on AWS with CIS
Depending on what your organization’s cloud infrastructure looks like, the responsibility of security actions varies between the cloud user and Amazon Web Services. Simply put, the AWS Shared Responsibility Model outlines what security actions an organization is responsible for and what security actions AWS manages. CIS offers globally-recognized cybersecurity resources, including the CIS Hardened Images, that can help cloud consumers meet the expectations of the shared responsibility model. Learn more in our guide, Cloud Security and the AWS Shared Responsibility Model with CIS .Security Automation & Orchestration (SAO)
CIS Benchmarks and CIS Hardened Images are part of the AWS SAO methodology. AWS SAO enables AWS customers to constrain, track, and publish continuous risk treatments, configurations, and assimilate DevOps routines into a “Type Accredited” secure AWS architecture. This architecture is configured to converge common security frameworks (e.g. FedRAMP, DoD CC SRG, PCI-DSS, IRS 1075, etc.) through the use of security as code practices. Learn More
Request more information
AWS Resources
CIS Cloud Services Guide
Some public cloud services require extensive guidance, like Kubernetes. Access free guidelines for EKS.
Download the CIS EKS BenchmarkCIS Product Benchmarks
Using other AWS cloud services? CIS provides free guidance for services grouped by cloud product. Access the first release of CIS Cloud Product Benchmarks.
Download CIS AWS End User Compute Services BenchmarkWhat People are Saying:
"Based on the value, time and costs saving, I would not consider spinning up a AWS server without adding the CIS security to it for any production-level instance."
- V.P. Application Lifecycle Management CorTechs, Inc.
