Overview
The CIS Hardened Image Level 2 on Red Hat Enterprise Linux 8 is a pre-configured image built by the Center for Internet Security (CIS®) for use on Amazon Elastic Compute Cloud (Amazon EC2). It is a pre-configured, security-hardened image that aligns with the robust security recommendations, the CIS Benchmarks, making it easier for organizations to meet regulatory requirements.
Not only is this image pre-hardened to the CIS Benchmarks guidance, but it is also patched monthly in alignment with the updates from the software vendor.
Key Benefits
This image is hardened against the corresponding Level 2 profile which is intended for environments or use cases where security is paramount, acts as a defense in depth measure, and may negatively inhibit the utility or performance of the technology. No packages are installed on or removed from this image outside of those already present on the base image or as recommended in alignment with the corresponding CIS Benchmark recommendations.
To demonstrate conformance to the CIS Red Hat Enterprise Linux 8 Level 2 Benchmark, industry-recognized hardening guidance, each image includes an HTML report from CIS Configuration Assessment Tool (CIS-CAT® Pro). Each CIS Hardened Image contains the following files:
These reports are located in /home/CIS_Hardened_Reports.
For customized pricing options or private offers, reach out to us at cloudsecurity@cisecurity.org .
To learn more or access the corresponding CIS Benchmark, please visit https://www.cisecurity.org/cis-benchmarks or sign up for a free account on our community platform, CIS WorkBench, https://workbench.cisecurity.org/ .
Highlights
- Hardened according to a Level 2 CIS Benchmark that is developed in a consensus-based process and that is accepted by government, business, industry, and academia.
- Helps with compliance to PCI DSS, FedRAMP, DoD Cloud Computing SRG, FISMA, select NIST publications, and more.
- Pre-configured to align with industry best practices that are developed and supported by CIS, this image has hardened account and local policies, firewall configuration, and computer-based and user-based administrative templates.
Details
Unlock automation with AI agent solutions

Features and programs
Buyer guide

Financing for AWS Marketplace purchases
Pricing
- ...
Dimension | Cost/hour |
---|---|
t3.medium Recommended | $0.022 |
t2.micro AWS Free Tier | $0.02 |
t3.micro AWS Free Tier | $0.022 |
m5n.12xlarge | $0.055 |
i3en.metal | $0.06 |
i3.16xlarge | $0.06 |
m7i.large | $0.022 |
m2.2xlarge | $0.026 |
r6i.xlarge | $0.024 |
m6idn.16xlarge | $0.06 |
Vendor refund policy
Refunds through AWS are not available at this time. You will only be billed for actual time of instance use. As with all CIS security products, our aim is always 100 percent customer/member satisfaction.
Custom pricing options
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
NA
Additional details
Usage instructions
Once the instance is running, connect using SSH. Use "ec2-user" as the username. Immediately apply latest security updates after launching the instance.
Resources
Vendor resources
Support
Vendor support
Questions, feedback, and support accessing CIS-developed AMIs is provided by contacting
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Standard contract
Customer reviews
Enterprise packages and security reduce configuration while free trial options need improvement
What is our primary use case?
My main use case for Red Hat Enterprise Linux (RHEL) is when I was working with another company, where we used the Ansible Automation Platform provided by Red Hat and OpenShift, primarily for any code automations and server productions.
I have additional insights about my main use case for Red Hat Enterprise Linux (RHEL) ; we've used it as a standalone server for different products, more specifically as an Ansible server and key servers, just provided by virtual machines.
What is most valuable?
The best features that Red Hat Enterprise Linux (RHEL) offers include how comprehensive the enterprise packages are, as you can get stuff included with it and the documentation that follows, which I think is good even though it is a Linux distribution that you have to pay for.
I also appreciate Red Hat Enterprise Linux (RHEL)'s built-in security features, as they require less configuration and include compliance associated with it. More specifically, regarding the documentation, if I had any specific questions about Red Hat Enterprise Linux (RHEL), I could go directly to the website and find the answers there.
Red Hat Enterprise Linux (RHEL) has positively impacted my organization by providing a lot of security to run all of the systems we had in a particular environment, especially since I worked with more government operations, where security was the top priority, which Red Hat prioritized. We didn't have to worry about security configurations within the infrastructure, saving us time, and it was easy to navigate if you had a great background in Linux, plus Red Hat support was very helpful with any specific questions on the product.
What needs improvement?
I wish that Red Hat Enterprise Linux (RHEL) had more free options available; there are similar Linux distributions, but in terms of training and certification, I think it would be beneficial if there were a better free trial, allowing users to gain better experience with the platform itself.
That's the main improvement needed for Red Hat Enterprise Linux (RHEL).
For how long have I used the solution?
I have been using Red Hat Enterprise Linux (RHEL) for about two years.
What do I think about the scalability of the solution?
Red Hat Enterprise Linux (RHEL) is stable and handles growth and changes efficiently, specifically with new AI platforms being integrated.
How are customer service and support?
I have not experienced customer support for Red Hat Enterprise Linux (RHEL).
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
I did not use a different solution before Red Hat Enterprise Linux (RHEL); it was strictly Red Hat Enterprise Linux (RHEL).
What was our ROI?
I cannot share any return on investment from using Red Hat Enterprise Linux (RHEL).
What's my experience with pricing, setup cost, and licensing?
I never dealt directly with the pricing, setup cost, and licensing for Red Hat Enterprise Linux (RHEL) since that was managed by someone above me; it was more about day-to-day use cases for me.
What other advice do I have?
My advice for others looking into using Red Hat Enterprise Linux (RHEL) is to be sure to look into the documentation and review the products because it is very customizable, and I would recommend using it for an enterprise.
I choose a rating of seven for Red Hat Enterprise Linux (RHEL) because it is not a solution I use every single day. I rate it higher because it is applicable across multiple infrastructures Azure and AWS Cloud, but it is not universally used in particular environments, especially the one where I currently work, which is not really code-dependent.
I was offered a gift card to do this interview regarding Red Hat Enterprise Linux (RHEL), but that's the only business relationship my company has with this vendor.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Support team significantly improves secure application deployment
What is our primary use case?
My main use case for Red Hat Enterprise Linux (RHEL) at work involves using the EKS Kubernetes cluster on AWS , which is hosted on managed nodes based on Red Hat Enterprise Linux (RHEL) 9.4.
On a daily basis, I manage these nodes, execute commands to check connectivity, investigate network issues, and gather metrics such as CPU and RAM usage. Red Hat Enterprise Linux (RHEL) is integral to my daily work, as I regularly log into these nodes to execute commands, check network issues, and monitor capacity.
What is most valuable?
One of the best features Red Hat Enterprise Linux (RHEL) offers is the premium support, which is particularly noteworthy in version 9.4. If we encounter an issue, we can contact the support team anytime, and a technical support representative works with us to find the root cause. The support team helps us find and solve issues quickly and effectively.
While many features in Red Hat Enterprise Linux (RHEL) are common to all Linux distributions, RHEL stands out due to its vast community and comprehensive feature set. Red Hat has the largest market share among Linux distributions, and its exceptional support distinguishes it from other distributions. Additionally, it is renowned for its stability, security, ease of use, and community engagement.
Red Hat Enterprise Linux (RHEL) has positively impacted our organization by improving our environment, enhancing security, and enabling the implementation of best practices. We chose RHEL 9.4 for its stability, security, and excellent support. When running our Kubernetes cluster on AWS , RHEL proves to be an excellent choice for deploying our applications in a secure environment.
Using Red Hat Enterprise Linux (RHEL) 9.4, we enhance our security through features such as SELinux, which significantly improves our environment's security and stability. We have used RHEL-based nodes since the inception of our organization and the My Vodafone app project in Greece, contributing to improved security, performance, and stability throughout our operations.
What needs improvement?
The primary area for improvement in Red Hat Enterprise Linux (RHEL) relates to accessibility and training resources rather than the operating system itself. Red Hat should provide more training opportunities and make learning materials more accessible to users and customers.
Specifically, the documentation should be more accessible, and Red Hat should consider offering free training or virtual machines beyond just ISO files. A free virtual machine on the cloud would be valuable for people to try and become familiar with RHEL, as installing a virtual machine from an ISO can be complex. A pre-installed RHEL virtual machine would make it easier for people to learn and experience the distribution.
I rate Red Hat Enterprise Linux (RHEL) eight out of ten because while it's an excellent score, there is room for improvement in accessibility. Unlike other distributions such as Ubuntu or Arch Linux that are readily available, Red Hat should create more opportunities for users to try their system through easily accessible virtual machines on their website or other public platforms.
For how long have I used the solution?
I have been using Red Hat Enterprise Linux (RHEL) for eight years, starting before my career as a DevOps and system admin engineer.
What do I think about the scalability of the solution?
The scalability of Red Hat Enterprise Linux (RHEL) for my organization is exceptional, and it handles growth and increased demand effectively. The support system particularly enhances its scalability capabilities.
How are customer service and support?
The customer support of Red Hat Enterprise Linux (RHEL) deserves a perfect 10 out of 10, as it is one of the most valuable aspects of the system.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I did not use a different solution before Red Hat Enterprise Linux (RHEL). We started with RHEL 7, upgraded to 8, and are now using version 9.4.
What's my experience with pricing, setup cost, and licensing?
The pricing, setup cost, and licensing process for Red Hat Enterprise Linux (RHEL) is straightforward, and I have not encountered any challenges in conducting these operations.
What other advice do I have?
My advice for others considering Red Hat Enterprise Linux (RHEL) is to strongly consider it as one of the most secure, stable, and efficient options compared to other distributions. I have always chosen RHEL as my first choice without evaluating other options. I rate this solution 8 out of 10.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Automation and reliability transform workflows with robust operating systems
What is our primary use case?
I use Red Hat Enterprise Linux (RHEL) primarily as a server. Most of our servers are running on Red Hat Enterprise Linux (RHEL) . Through Red Hat, we support all our functions and use it for automations and everything practical.
I have used Red Hat Enterprise Linux (RHEL) in the past for coordination with Red Hat OpenShift , Grafana , Prometheus and some automation tools such as SaltStack and Python scripts.
What is most valuable?
Red Hat Enterprise Linux (RHEL) brings a robust operating system that has stable and solid versions. It gives you many tools to automate things. It is a secure system, so you need patching, but not as much as other operating systems. It also has very good user and access management with lists, privileges, and SELinux.
As an automation solution, Red Hat Enterprise Linux (RHEL) solves a significant percentage of manual work, but I cannot measure it as my job position doesn't base on such measurements. I cannot give exact numbers about how much it has helped us, but it is substantial.
Automation with Red Hat Enterprise Linux (RHEL) has changed many things because manual tasks take time and can lead to mistakes. If you automate a task, the same process will run repeatedly without any mistakes. I cannot count the time we gained from automations because the position isn't responsible for keeping numbers and metrics.
What needs improvement?
I think the disk management of Red Hat Enterprise Linux (RHEL) can become better with more efficient tools. The implementation of AI was a concern, but the newest version of Red Hat Enterprise Linux (RHEL) 10 has implemented an AI feature.
Regarding the disk management of Red Hat Enterprise Linux (RHEL), physical disks, logical disks, and physical volumes could become much easier to manage.
For how long have I used the solution?
I have been using Red Hat Enterprise Linux (RHEL) for the last three to four years.
What do I think about the stability of the solution?
Red Hat Enterprise Linux (RHEL) is one of the most stable operating systems. You don't have to restart servers often and its kernel is very stable. You don't need to have many issues fixed. It doesn't give many errors that require troubleshooting if you don't interfere with it. It has been very reliable.
What do I think about the scalability of the solution?
With on-premise Red Hat Enterprise Linux (RHEL), scalability is not easy because I cannot deploy new machines. In my previous jobs, where Red Hat Enterprise Linux (RHEL) was running on virtualization, I could deploy more VMs easily.
What other advice do I have?
If organizations are looking for a strong, stable, and robust solution for their environment, they should consider Red Hat Enterprise Linux (RHEL), but keep in mind to train their team and provide them with certifications and hands-on experience because it's not an easy operating system. I rate Red Hat Enterprise Linux (RHEL) an eight out of ten.
Which deployment model are you using for this solution?
Reliable security features ensure smooth cloud deployment
What is our primary use case?
Related to stability, security, and reliability, the absolute bedrock of Red Hat Enterprise Linux (RHEL) is that it uses rigorously tested, mature software versions. While not always the latest, this ensures zero unexpected changes, which is critical for systems that must run for years without failure. The security hardening includes tools such as SELinux, FirewallD, and SCAP.
I previously used Ubuntu workloads because they were a good option for another company. When talking about Linux or Unix environments, there are many open source options such as CentOS or Ubuntu that differ from Red Hat Enterprise Linux (RHEL) .
In most cases, the workloads are running in AWS . We are natively performing and invoking the instances by auto-scaling group primarily on EC2 instances, some of Fargate, ECS, or Fargate workloads, and that is where I experiment with Red Hat Enterprise Linux (RHEL).
What is most valuable?
I am working mostly in cloud environments, but also on-premise. My work includes various DevOps and operation tasks such as provisioning, automating with Terraform and Ansible , performing patching tasks, troubleshooting web services, and other infrastructure tasks per day.
We are using Red Hat Enterprise Linux