Sold by: Lynxroute
Deployed on AWS
Free Trial
This product has charges associated with it for hardening, security configuration, and support.
SuiteCRM is a self-hosted Customer Relationship Management platform delivered as a PHP 8.3 + MySQL 8.0 + Nginx stack - accounts, contacts, leads, opportunities, cases, campaigns, and a REST API. A SugarCRM Community Edition successor, it fits migrations off legacy Sugar. This AMI ships the AGPL-3.0 edition, fully functional out of the box - no external account, subscription, or license key required. Unlike bare community AMIs that ship the install wizard on the public internet, no admin password, and the web UI on plain HTTP, this Lynxroute build is ready immediately: per-instance admin password generated on first launch, install locked after setup, self-signed TLS on TCP 443, MySQL bound to 127.0.0.1, UFW firewall pre-configured, on a CIS Level 1 hardened Ubuntu 24.04 LTS base.
AGPL-3.0 license - fully auditable, no vendor lock-in.
Overview
This is a repackaged software product wherein additional charges apply for hardening, security configuration, and support.
WHAT IS SUITECRM
SuiteCRM is a self-hosted Customer Relationship Management platform implemented in PHP 8.3, served by Nginx with PHP-FPM over MySQL 8.0. A community-driven successor to SugarCRM Community Edition, it covers the full revenue pipeline - accounts, contacts, leads, opportunities, cases, campaigns, quotes, calendar, projects, reports, and dashboards - with role-based access control, security groups, multi-currency support, custom modules and fields via Studio, workflow automation, a built-in scheduler for background jobs, and email-to-record handling. SuiteCRM connects to any standard SMTP relay (Amazon SES, SendGrid, Postmark, Mailgun, or self-hosted Postfix), reads inbound mail over IMAP, supports SSO via OAuth2 and LDAP, and exposes a V8 REST API for integrations. This AMI ships the AGPL-3.0 edition and runs entirely on the EC2 instance you launch - no external account, subscription, license key, or activation handshake is required. All data stays inside your own AWS account.
WHAT THIS AMI ADDS
Security hardening:
- Per-instance SuiteCRM admin password generated on first launch and written to /root/suitecrm-credentials.txt (mode 0600) - never baked into the AMI
- Silent install runs once on first launch and is then disabled - no setup wizard exposed on the public internet
- MySQL 8.0 listens on 127.0.0.1 only; the database user password is generated per instance
- PHP-FPM workers and MySQL InnoDB buffer pool auto-sized to the instance RAM at launch
- Background scheduler runs automatically as a managed system service - no manual cron setup
- Session handling tuned for cloud networking, so users are not logged out behind proxies or changing client IP addresses
- Self-signed TLS certificate generated during the AMI build - HTTPS on TCP 443 from launch, HTTP on TCP 80 redirects to HTTPS
- UFW firewall pre-configured - only TCP 22 and 443 are exposed
- fail2ban with default SSH jail; AppArmor with default Ubuntu profiles
- CVE scan - every image is scanned for vulnerabilities before release
OS hardening (CIS Level 1):
- CIS Ubuntu 24.04 LTS Level 1 benchmark applied via ansible-lockdown
- auditd, SSH hardening, kernel hardening, IMDSv2 enforced
Compliance artifacts:
- SBOM - CycloneDX 1.6 at /etc/lynxroute/sbom.json
- CIS Conformance Report at /etc/lynxroute/cis-report.html
- CIS Tailored Profile at /usr/share/doc/lynxroute/CIS_TAILORED_PROFILE.md
Highlights
- SuiteCRM security baked in: per-instance admin password generated on first launch, install locked after setup, self-signed TLS on TCP 443 with HTTP-to-HTTPS redirect, MySQL bound to 127.0.0.1 only - unlike bare SuiteCRM AMIs that ship the install wizard reachable on the public internet, no default admin password, and the web UI on plain HTTP.
- CIS Level 1 hardened Ubuntu 24.04 LTS: auditd, fail2ban, AppArmor, SSH key-only, IMDSv2 enforced. CVE-scanned before every release. SBOM (CycloneDX) and CIS Conformance Report included.
- Full self-hosted CRM and a SugarCRM Community Edition successor: accounts, contacts, leads, opportunities, cases, campaigns, quotes, calendar, V8 REST API, workflow automation, role-based access control, custom modules via Studio. AGPL-3.0 edition - the AMI is fully functional out of the box, no external account or license key required.
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 5 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
t3.large Recommended | $0.03 |
t3.medium | $0.02 |
m6i.xlarge | $0.05 |
m6i.large | $0.03 |
Vendor refund policy
We do not offer refunds for this product. AWS infrastructure charges (EC2, EBS, data transfer) are billed separately by AWS and are not refundable by us.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
SuiteCRM 7.15.1 - Initial release (June 2026)
- SuiteCRM 7.15.1 on Ubuntu 24.04 LTS
- CIS Level 1 hardening applied (ansible-lockdown/UBUNTU24-CIS)
- CVE-scanned before every release
- Per-instance SuiteCRM admin password generated on first launch
- Silent install runs once on first launch and is then disabled
- MySQL 8.0 listening on 127.0.0.1 only, with per-instance database password
- PHP-FPM workers and MySQL InnoDB buffer pool auto-sized to instance RAM at launch
- Background scheduler runs automatically as a managed system service
- Session handling tuned for cloud networking (no spurious logouts behind proxies / changing client IPs)
- Self-signed TLS certificate generated during the AMI build; HTTP on TCP 80 redirects to HTTPS on TCP 443
- UFW firewall pre-configured (TCP 22 and 443 only)
- fail2ban, auditd, AppArmor pre-configured
- SBOM (CycloneDX 1.6) at /etc/lynxroute/sbom.json
- CIS Conformance Report (OpenSCAP) at /etc/lynxroute/cis-report.html
- IMDSv2 enforced
Additional details
Usage instructions
- Launch instance (t3.large recommended)
- Open Security Group - allow TCP 443 from your IP first; open to 0.0.0.0/0 after you have logged in and changed the admin password (anyone reaching the URL before you can also log in with the generated password)
- SSH: ssh -i key.pem ubuntu@<PUBLIC_IP>
- Wait on first launch - the URL shows a "Starting up" splash for 3-6 minutes while the database schema and admin user are created. This first-boot provisioning runs once; later boots are fast.
- Read credentials: sudo cat /root/suitecrm-credentials.txt
- Open https://<PUBLIC_IP>/ in your browser - accept the self-signed certificate warning
- Log in as admin with the password from the credentials file
- Change the admin password immediately (admin profile -> Edit -> Password) and add your real users (Admin -> User Management)
Credentials are saved to /root/suitecrm-credentials.txt at first launch. The background scheduler that drives SuiteCRM jobs (workflows, scheduled reports, inbound email) runs automatically - no crontab setup needed. Replace the self-signed TLS certificate with a CA-signed certificate for production use. The firewall exposes TCP 22 and 443 only; to use the Let's Encrypt HTTP-01 challenge, open TCP 80 in both the Security Group and UFW first: sudo ufw allow 80/tcp sudo apt install certbot python3-certbot-nginx -y sudo certbot --nginx -d your.domain.com
Resources
Vendor resources
Support
Vendor support
Visit us online https://lynxroute.com/
SuiteCRM documentation:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Up-to-date, customizable, and secure. SuiteCRM is a completely open source, enterprise-grade Customer Relationship Management (CRM) application. SuiteCRM is a fork of the popular SugarCRM application.
This product has charges associated with it for seller support and pre-configured stack (phpMyAdmin and Webmin) in it. Intuz SuiteCRM is a pre-configured, ready to run image for running SuiteCRM on Amazon EC2 and has Apache2, MySQL, PHP, phpMyAdmin, Webmin, SuiteCRM and Scripts which make it easy for you to use SuiteCRM.
This product has charges associated with it for Websoft9 support. Pre-configured, web-based, cloud-native, secure, one-click to deploy SuiteCRM with Websoft9 Applications Hosting Platform on AWS. SuiteCRM is An open source Customer Relationship Management, used for CRM & Distribution & Order.
SuiteCRM is a comprehensive, open-source customer relationship management (CRM) solution designed to streamline business processes and enhance customer engagement. This pre-configured and hardened AMI image on on AlmaLinux 9 is created by Elyxia Global Limited to provide a seamless deployment experience, along with any additional charges clearly specified in the pricing information section.
This product has charges associated with it for automated deployment, security hardening, first-boot credential generation, system optimization, and support services provided by ORHAKSS LLC.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.