Sold by: Center for Internet Security
Deployed on AWS
AWS Free Tier
This product has charges associated with the pre-built hardening to the CIS Benchmarks™ and recurring maintenance. The CIS Hardened Images® are hardened in accordance with the associated CIS Benchmarks, an industry best practice for secure configuration. Reduce cost, time, and risk by building your AWS solution with CIS AMIs.
4.4
Overview
The CIS Hardened STIG Image on Amazon Linux 2 is a pre-configured image built by the Center for Internet Security (CIS®) for use on Amazon Elastic Compute Cloud (Amazon EC2). It is a pre-configured, security-hardened image that aligns with the robust security recommendations, the CIS Benchmarks, making it easier for organizations to meet regulatory requirements. Not only is this image pre-hardened to the CIS Benchmarks guidance, but it is also patched monthly in alignment with the updates from the software vendor. Key Benefits
Highlights
- Hardened according to a Level 2 CIS Benchmark that is developed in a consensus-based process and that is accepted by government, business, industry, and academia.
- Helps with compliance to PCI DSS, FedRAMP, DoD Cloud Computing SRG, FISMA, select NIST publications, and more.
- Pre-configured to align with industry best practices that are developed and supported by CIS, this image has hardened account and local policies, firewall configuration, and computer-based and user-based administrative templates.
Details
Sold by
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
AmazonLinux 2
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.
Dimension | Cost/hour |
|---|---|
t3.medium Recommended | $0.022 |
t2.micro | $0.02 |
t3.micro | $0.022 |
dl1.24xlarge | $0.06 |
u-3tb1.56xlarge | $0.06 |
r5.2xlarge | $0.026 |
g3.16xlarge | $0.06 |
x1e.16xlarge | $0.06 |
p3.2xlarge | $0.026 |
r6in.24xlarge | $0.06 |
Vendor refund policy
Refunds through AWS are not available at this time. You will only be billed for actual time of instance use. As with all CIS security products, our aim is always 100 percent customer/member satisfaction.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
NA
Additional details
Usage instructions
Once the instance is running, connect using SSH. Use "ec2-user" as the username. Immediately apply latest security updates after launching the instance.
Support
Vendor support
Questions, feedback, and support accessing CIS-developed AMIs is provided by contacting
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Center for Internet Security
By Canonical Group Limited
By Arara Solutions
Top
10
In Collaboration & Productivity
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Security Hardening Standard
Pre-configured image aligned with CIS Benchmarks Level 2 security recommendations and configuration guidance
Compliance Validation
Includes CIS Configuration Assessment Tool (CIS-CAT Pro) reports for demonstrating security conformance
Security Configuration
Hardened account and local policies, firewall configuration, and administrative templates with consensus-based security controls
Patch Management
Monthly software updates aligned with vendor patch release cycles to maintain security standards
Reporting Mechanism
Comprehensive HTML and text reports documenting system configuration before and after hardening process
Cryptographic Compliance
FIPS 140-2 certified kernel and cryptographic modules with out-of-the-box compliance
Security Patch Coverage
Comprehensive security updates for over 23,000 open source packages across Ubuntu Universe repository
Compliance Hardening
Integrated hardening profiles from CIS and DISA-STIG security implementation guidelines
Kernel Security
FIPS-certified kernel with ongoing security updates for cryptographic components
Security Tooling
Ubuntu Security Guide (USG) for automated compliance and security configuration management
Security Hardening
"Configured with Security Technical Implementation Guides (STIG) Benchmark High to enhance system security posture"
Operating System Compatibility
"Optimized Amazon Linux 2 distribution configured for compatibility with Amazon Elastic MapReduce (EMR)"
Compliance Standard
"Meets Defense Information System Agency (DISA) configuration standards for system hardening"
Security Configuration
"Implements advanced security settings to improve overall system protection"
Platform Optimization
"Pre-configured Linux image with specialized security and performance configurations"
Standard contract
No
No
Customer reviews
Tim Robles
Django and Next.js projects have been deployed faster and run reliably for complex web platforms
Reviewed on Jan 15, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Amazon Linux is deploying Django websites, apps, and APIs with Next.js. I handle deployment using Nginx and manage the complete setup for deploying full projects.
A specific example is the Django API backend with a Next.js frontend for the web dashboard at 71lbs.com, where users must log in. The entire project is deployed on Amazon Linux . I manage the integration of new deployments and created a setup using Nginx and the supervisor provided by Amazon Linux.
What is most valuable?
Amazon Linux and Ubuntu are similar but differ in implementation and setup. Both have similar functions and run very well, making Amazon Linux a good option alongside Ubuntu .
These features work well for me, though I am more accustomed to working with Ubuntu. My company uses Amazon Linux because of the initial setup they established. It is working very well and operates very fast with queries and everything on that server, so there are no current problems.
Since using Amazon Linux, I have performed long queries and updated information for the web system. I find that it works very fast and handles large queries for substantial amounts of information effectively.
What needs improvement?
Amazon Linux could be improved by including libraries for supervisor. On Ubuntu, supervisor runs Django services in the background, while Amazon Linux does not have this built-in and requires a different supervisor approach. Documentation or PDF files about well-known solutions for this would be beneficial.
Since Amazon Linux is based on Ubuntu, documentation explaining the differences between Ubuntu and Amazon Linux would be valuable. When I am accustomed to working with Ubuntu and want to use the same functions on Amazon Linux, I would prefer to understand the differences and how to implement features that exist on Ubuntu so I do not become lost in the process or have to search extensively for information.
For how long have I used the solution?
I have been using Amazon Linux for two years.
What do I think about the stability of the solution?
Amazon Linux is stable.
What do I think about the scalability of the solution?
Amazon Linux has good scalability. I remember when we upgraded one server to a different tier, the service upgrade was quick and very effective.
How are customer service and support?
Customer support for Amazon Linux is very good. We experienced an upgrade that took only a few minutes to complete.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I used a different solution with a VPS running Ubuntu before, primarily because I had that available and possessed more knowledge about using it, as well as due to cost considerations, since I was not aware of AWS at that time.
How was the initial setup?
I am not certain whether my company purchased Amazon Linux through the AWS Marketplace , as the server is managed by the company, but I believe they are using it from the AWS Marketplace .
I have heard about pricing and consider it good. The setup was somewhat difficult because of a lack of knowledge. I am not certain about the cost and licensing because I was not involved in that part of the process.
What was our ROI?
I do not have information on whether I have seen a return on investment.
Which other solutions did I evaluate?
Before choosing Amazon Linux, I evaluated Google Cloud Platform. My company selected Amazon Linux because they have all their services already working on AWS .
What other advice do I have?
My advice to others looking into using Amazon Linux would be to be conscious about the differences between Amazon Linux and Ubuntu, as they look similar and have similar properties, but they need to have more knowledge for the initial setup, especially for downloading packages and dependencies. I would recommend obtaining more information on that topic.
Before concluding, I would suggest that your platform could provide examples of pricing and examples of which companies work with AWS and which languages they use. Perhaps you could create a list of websites using Django and Next.js as well as those using JavaScript. When I have a new project, I could check if my project will fit on AWS and how the pricing will be structured, because whether I run microservices or a VPS or EC2 server, it would be helpful to know the pricing, features, and everything before purchasing and discovering everything after the project is developed and deployed, with no way to roll back. I give this product a rating of eight out of ten.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Karthikeyan Janakiraman
Robust security and data science environments have supported reliable banking analytics
Reviewed on Jan 13, 2026
Review from a verified AWS customer
What is our primary use case?
We run EC2 instances on Amazon Linux , and we use Amazon Linux-based Docker images as well, which serve as a container for our data science users. On top of Amazon Linux , we have installed all data science-supported software that they use, including Jupyter Notebook and R.
We also run APIs on top of Amazon Linux. We run Fargate containers which are again based on Amazon Linux. We run FastAPI, and then we host our APIs on top of it, allowing our UIs to connect to this API in the backend.
There are multiple use cases for Amazon Linux. The first thing is installing R and R packages. It is not easy because for R to be installed, you need to solve many dependencies. Most of those dependencies are already available in Amazon Linux. Our organization also does a lot of security settings, given that it is a banking domain, and all those settings are straightforward. There is nothing we cannot do on Amazon Linux. It is easily customizable, and there are many packages available that can be installed on it. The very good thing is the AWS support we get; if there are any issues, we can reach out to the support team, and they will troubleshoot and help us, through which we learn and can resolve issues ourselves next time.
What is most valuable?
It is all about patching for security settings on Amazon Linux. When there is a vulnerability at a given patch level, the patches are readily available, and we can install them on top of what we already have. Regarding the Docker settings, there was a vulnerability recently for which there are already configuration files that we can change to secure it.
Amazon Linux has definitely reduced our costs. If we wanted to run Red Hat, which is very similar to Amazon Linux, we would have to pay more. A lot of products supported on Red Hat are also supported on Amazon Linux, which has been great for us since we were running things on Red Hat in the past both in an on-premise environment and when we migrated to AWS . After Amazon Linux was available, we started using it, and everything is working fine. With respect to efficiency, performance is good; we have not found any performance issues that hinder or impact our applications. Additionally, it gets supported very well on all available AWS services, such as EC2 instances and Fargate, which is very compatible. Given that we are in banking, security is vital for us, and whenever there is a vulnerability, we immediately see patches available to remediate it, which works great for us.
What needs improvement?
Things are working fine overall; there is not anything I could advise as an improvement for Amazon Linux.
If we had to do customization for RStudio , that would be good. Many data science users from other companies might be using RStudio and R, so if there were an AMI out there that had all these packages and products installed by default, that would be beneficial. However, I am not sure how that would work since we pay for RStudio licensing, and I do not know if that could come by default in Amazon Linux.
I choose nine out of ten because it could use a bit more options. For example, an Amazon Linux Docker image that is pre-built with Jupyter Notebook or RStudio would mean less work for us as customers, enabling us to download and get it installed and running as soon as possible.
For how long have I used the solution?
I have been using Amazon Linux since 2019.
What do I think about the stability of the solution?
We evaluated Amazon Linux, and it is very stable. We have been running it since 2019 without complaints.
What do I think about the scalability of the solution?
The scalability of Amazon Linux is very good; we run it on top of scalable EC2 instances, and we do not find any issues there.
How are customer service and support?
Customer support for Amazon Linux is excellent. When we reach out to customer support for any issues, they resolve them promptly. If there is a case pending for a long time, we at least receive an update from support so we know how to proceed.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We were using Red Hat and CentOS , which was open-source. We switched from Red Hat to CentOS because CentOS was more cost-efficient than Red Hat, but after switching to CentOS, we lacked support; patch availability was slow, and we did not have help with any issues. We switched from CentOS to Amazon Linux, and we got a lot of support, and the patch availability is fast.
What other advice do I have?
The product itself is very good; even if I switch organizations and they are not using Amazon Linux, I will share my experience that Amazon Linux has worked great for us in these use cases. I do not see any issues with the product; it is all good. I rate this product nine out of ten.
Alfredo Barba
Reliable platform has supported automated migrations and streamlined workflows for diverse workloads
Reviewed on Dec 23, 2025
Review from a verified AWS customer
What is our primary use case?
The use cases for this in our company is that we have a customer that internally uses it for several applications, and they are a telecommunications company that has virtual machines and Linux machines for several purposes.
What is most valuable?
In my opinion, the best features of Amazon Linux include the stability and its standard Linux distribution, which in some cases is easier to deploy and manage than the Ubuntu distribution, but I feel comfortable with Ubuntu too.
The rich documentation with Amazon Linux is beneficial for my migration processes; I think that one of the strongest parts is the documentation. AWS has a lot of documents and official documentation, which is pretty good in most cases, even though in some instances, you have to use the documentation for third parties.
It helps with workflow by being pretty useful for automation tasks.
What needs improvement?
Right now, I don't think there are any specific areas to improve in Amazon Linux.
What do I think about the stability of the solution?
I say it's stable because I'm a pretty big fan of the Linux platform in general, so for me, it is the most stable distribution and the most stable operating system, especially since I know that they use the latest kernel.
What do I think about the scalability of the solution?
I say it is also scalable because when AWS starts a project that works with something, they do things in a very good manner; AWS is a very stable distribution.
How are customer service and support?
I rate the support or customer service of Amazon as very good because our customer has a support contract, so they pay a lot of money for access; my team can reach AWS engineers 24/7. It's really good support.
I haven't used a lot of support in the case specifically for Amazon Linux, but the few times I have to request support for that platform, the engineers have been very proficient and they have a lot of knowledge in the platform.
How would you rate customer service and support?
How was the initial setup?
For me, the initial setup is complex, but I don't have sufficient elements to emit a concept in that part.
What other advice do I have?
I use AWS, Azure , and I'm starting to use GCP, Google Cloud Platform.
I have also used ZoomInfo . I have been using the product since its creation. I have not used the ZoomInfo product.
With Amazon, I use AWS in infrastructure, EC2 , S3 , RDS , etcetera. Mostly infrastructure products, and in Azure , I use virtual machines, VNETs, and SQL Azure, etcetera.
I have used Amazon Linux machines, but in some cases, I deliver Ubuntu servers, but I have used Amazon Linux machines as well.
I use that feature in Amazon Linux, absolutely.
I don't remember if I use the optimized kernel in Amazon Linux because I have used the Linux functions and the Linux functionality per se, but I'm not used to that functionality in AWS.
I don't have so much experience regarding the pricing and licensing of Amazon Linux.
We are partners with Amazon, we are registered partners, and we have several people certified in AWS, but we need to get much more business and pay the subscription to go to the next step in our level of partnership.
I rate this review with an overall rating of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Steven Alila
Rich ecosystem has supported AI development and secure migrations but still needs clearer examples
Reviewed on Dec 08, 2025
Review from a verified AWS customer
What is our primary use case?
I have experience with the product. AWS Lambda functions and the S3 bucket are the Amazon products I deal with mostly.
What is most valuable?
I am generally satisfied with Amazon Linux ; I appreciate the EC2 instances as well.
The ecosystem of software packages in Amazon Linux has helped us keep up to date with the artificial intelligence trend, where people are using ChatGPT to code, and they are also using Amazon Developer Q to program applications much faster, and then also to meet requirements with the Google Play Store and Apple Store.
The rich documentation of Amazon Linux is beneficial for my migration processes; it is very helpful.
Amazon Linux's security updates have been helpful in general because I have had to be more specific in using the Identity Access Management (IAM ) service so that we can have role-based permissions in preference to just keeping it open.
What needs improvement?
Amazon Linux can be improved by having the documentation contain more examples of use cases.
For how long have I used the solution?
I have been working with Amazon Linux for at least five years.
How was the initial setup?
The initial setup was very friendly for me; it was very friendly on Mac. I did not have any severe challenges installing or updating.
What other advice do I have?
I do not use the optimized kernel in Amazon Linux.
I tried a little bit with Alexa services, but considering, it has been a while since I updated the integrated AWS CLI feature in Amazon Linux.
I find the pricing friendly because it is per hour; I use the pay-as-you-go option so that if the application does not have a lot of users, it is cheap. However, when there are many users, the users then pay for the expenses of the application.
There is a need for features including integration with other marketplaces; when you build, launch once, and deploy everywhere, it would be easy to just deploy once if there was that integration. That would be a nice feature to have.
I would recommend Amazon Linux to others. I give this review a rating of 7.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Jagadeesh J
Modern cloud services have improved auto-scaling, reduced costs, and support secure deployment of container-based applications
Reviewed on Nov 28, 2025
Review from a verified AWS customer
What is our primary use case?
I switched to a different organization where I am using AWS . We are dealing with EKS and ECS. I work with API Gateways, Amazon Linux , Lambda functions, and S3 storage buckets, among other services. Currently, I am building my own product, which is deployed in AWS services using ECS.
What is most valuable?
ECS is an excellent service because it has auto-scaling and is easy to manage. Since those are Fargate services, the cost is also lower compared to other options.
AWS has a CloudFront service that functions as an API to deploy all the services, which is the main feature I use. Handling services with Terraform is also effective, and AWS provides an SDK to deploy and create infrastructure-level creations.
With respect to scalability, security, and reliability, these services help me significantly. The application we developed is now more stabilized with these services. In terms of service security, there are many constraint security protocols and policies that help me create our own networks, security groups, and inline policies.
AWS has a CloudFront service that functions as an API to deploy all the services, which is the main feature I use. Handling services with Terraform is also effective, and AWS provides an SDK to deploy and create infrastructure-level creations.
With respect to scalability, security, and reliability, these services help me significantly. The application we developed is now more stabilized with these services. In terms of service security, there are many constraint security protocols and policies that help me create our own networks, security groups, and inline policies.
What needs improvement?
I have not had exposure to migrations, such as from Azure to AWS or GCP to AWS.
A main concern is that security patches and versions are released continuously. For example, EKS versions increase with updates. Our applications are built on the latest versions, which affects upgrades. We need to make modifications at the system and application coding level, and some packages may become outdated. This is impacted by the need to maintain security, which is the standard they want to uphold.
Amazon stops support for older versions of EKS and other services. While they do provide some time for migration, they should provide at least basic support so that if a product does not need to migrate to new versions, that would be a better approach.
A main concern is that security patches and versions are released continuously. For example, EKS versions increase with updates. Our applications are built on the latest versions, which affects upgrades. We need to make modifications at the system and application coding level, and some packages may become outdated. This is impacted by the need to maintain security, which is the standard they want to uphold.
Amazon stops support for older versions of EKS and other services. While they do provide some time for migration, they should provide at least basic support so that if a product does not need to migrate to new versions, that would be a better approach.
For how long have I used the solution?
Overall, I have been using this for almost six years.
Which solution did I use previously and why did I switch?
Before starting my organization and building my product, I worked as a developer with multi-cloud platforms including Azure , GCP, and AWS, because my organization was building a multi-cloud platform.
What's my experience with pricing, setup cost, and licensing?
I am paying around $300 to $400 per month because I use many services.
Which other solutions did I evaluate?
Azure has more charges than GCP and AWS.
What other advice do I have?
Azure and GCP each present different scenarios. We use Terraform because it is scalable and manageable across all clouds.
I believe AWS could introduce a no-cloud approach where, as a developer and customer, I would not need to see infrastructure creations or infrastructure management. The system should be self-healing adaptively, with auto-patches that apply security patches through AI if required. I am more interested in that direction because AI is expanding and the world is moving faster with AI technology.
In terms of pricing, compared to Azure, AWS is more reasonable because both follow a pay-as-you-go model. However, I feel Amazon follows minimal standards of pricing compared to GCP and Azure.
I rate this review a 9.5 overall.
I believe AWS could introduce a no-cloud approach where, as a developer and customer, I would not need to see infrastructure creations or infrastructure management. The system should be self-healing adaptively, with auto-patches that apply security patches through AI if required. I am more interested in that direction because AI is expanding and the world is moving faster with AI technology.
In terms of pricing, compared to Azure, AWS is more reasonable because both follow a pay-as-you-go model. However, I feel Amazon follows minimal standards of pricing compared to GCP and Azure.
I rate this review a 9.5 overall.