Overview
This is a repackaged open source software product wherein additional charges apply for support while launching it and connecting to the instance for the first time as well as continuous security updates available in new versions.
DESCRIPTION
Amazon Linux 2 is the next generation of Amazon Linux, a Linux server operating system from Amazon Web Services (AWS). It provides a secure, stable, and high performance execution environment to develop and run cloud and enterprise applications.
This image comes with FIPS (Federal Information Processing Standard) mode enabled. FIPS is applicable to systems that are required to be compliant with Federal Information Security Management Act (FISMA) or Federal Risk and Authorization Management Program (FedRAMP).
Details
This image has been configured primarily based on instructions provided by AWS in https://aws.amazon.com/blogs/publicsector/enabling-fips-mode-amazon-linux-2/ with some additional settings also enabled. See more in Usage Information (View usage instructions)
See also other popular images
Highlights
- FIPS mode enabled in Amazon Linux 2
Details
Typical total price
$0.031/hour
Pricing
Free trial
- ...
Instance type | Product cost/hour | EC2 cost/hour | Total/hour |
---|---|---|---|
t2.micro AWS Free Tier | $0.01 | $0.012 | $0.022 |
t2.small | $0.01 | $0.023 | $0.033 |
t2.medium | $0.01 | $0.046 | $0.056 |
t2.large | $0.01 | $0.093 | $0.103 |
t2.xlarge | $0.02 | $0.186 | $0.206 |
t2.2xlarge | $0.02 | $0.371 | $0.391 |
t3.micro AWS Free Tier | $0.01 | $0.01 | $0.02 |
t3.small Recommended | $0.01 | $0.021 | $0.031 |
t3.medium | $0.01 | $0.042 | $0.052 |
t3.large | $0.01 | $0.083 | $0.093 |
Additional AWS infrastructure costs
Type | Cost |
---|---|
EBS General Purpose SSD (gp2) volumes | $0.10/per GB/month of provisioned storage |
Vendor refund policy
Instance billed by hour of actual use, terminate at any time and it will stop incurring charges. No refunds available.
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Packaged with latest updates as of February/2023
Additional details
Usage instructions
- Launch the instance either via AWS MarketPlace wizard or EC2 console, make sure to use a 2048-bit SSH-2 RSA key pair, ED25519 keys are not supported with FIPS mode on.
SSH Access
- Configure the Security Group to open Inbound TCP port 22 from your location or 0.0.0.0/0 (open to the world)
- Use an SSH client (for example: https://www.putty.org ) to connect to the instance's IP on the port 22.
- Authenticate to the instance using the key pair selected during the instance launch. The user name is
ec2-user
.
Testing FIPS Mode
To validate FIPS mode, run the commands below:
fipscheck
Expected result: fips mode is on
cat /proc/sys/crypto/fips_enabled
Expected result: 1
sysctl crypto.fips_enabled
Expected result: crypto.fips_enabled = 1
openssl version
Expected result: OpenSSL 1.0.2k-fips 26 Jan 2017
openssl sha
Expected result:
Error setting digest sha
139648411678624:error:060800A3:digital envelope routines:EVP_DigestInit_ex:disabled for fips:digest.c:256:
ssh localhost 2>&1 | grep FIPS
Expected result: FIPS mode initialized
Additional Information
Monitoring the Health of the instance
- Navigate to your Amazon EC2 console and verify that you're in the correct region.
- Choose Instance and select your launched instance.
- Select the server to display your metadata page and choose the Status checks tab at the bottom of the page to review if your status checks passed or failed.
Data Encryption
- This image does not provide encryption by default at the Operating System or Application level, customers are encouraged to enable EBS encryption during the Instance Launch: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html
- EBS Encryption using the Default key enables key rotation - More details: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#kms-key-rotation - Using EBS encryption, the decryption is done automatically when using the instance.
- Customer data can be saved anywhere in the instance, however it is a good practice to save user data (including sensitive data) in the /home/
directory.
Resources
Support
Vendor support
Arara Solution provides limited support covering the launch and use of the instance, see details on http://arara.solutions/support-plans/ Contact us via http://arara.solutions/support/ or support@arara.solutions
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.