Posted On: Aug 18, 2022

Bottlerocket, a Linux-based operating system that is purpose built to run container workloads, now has a Center for Internet Security (CIS) Benchmark. The CIS Benchmark is a catalog of security-focused configuration settings that help Bottlerocket customers configure or document any non-compliant configurations in a simple and efficient manner. The CIS Benchmark for Bottlerocket includes both Level 1 and Level 2 configuration profiles.

Customers operating in the industries with strict compliance requirements – such as financial services, healthcare, and federal government – need to show that their Bottlerocket hosts are compliant with a range of compliance certifications, one being the CIS Benchmark. Using the CIS Benchmark guidance document in the PDF format, customers can determine the configuration requirements and complete the configuration and hardening process for Bottlerocket hosts before deploying them in production.

The CIS Benchmark can be accessed free of charge for non-commercial use from the CIS website. It applies to all official releases of Bottlerocket starting with version 1.9.0.

Bottlerocket is an open-source distribution with an open development model and community participation. It’s available at no additional cost and is fully supported by Amazon Web Services. You can learn more about Bottlerocket by visiting our product page and Bottlerocket’s Github repository. For support, please contact the Bottlerocket team through your designated AWS representative or by opening a new issue in Bottlerocket GitHub.