Posted On: Jun 28, 2023

Today we are announcing the support for UEFI Secure Boot on Amazon Linux instances. Starting with AL2023.1, customers can now use Secure Boot on Amazon Linux instances to verify the digital signature of all boot components.

Secure Boot is a feature of UEFI that builds on EC2’s long-standing secure boot process, and provides additional defense-in-depth that helps customers secure software from threats that persist across reboots. It ensures that EC2 instances run authentic software by verifying the digital signature of all boot components, and halts the boot process if signature verification fails. Starting today, customers who want to use this capability on EC2, can use this capability on Amazon Linux instances. 

Secure boot is supported on all AWS Nitro based AL2023 instances with UEFI capability. To get started with secure boot on AL2023 instances see documentation. To learn more about other features and capabilities in AL 2023.1 see documentation.