Sold by: Center for Internet Security
Deployed on AWS
AWS Free Tier
This product has charges associated with the pre-built hardening to the CIS Benchmarks™ and recurring maintenance. The CIS Hardened Images® are hardened in accordance with the associated CIS Benchmarks, an industry best practice for secure configuration. Reduce cost, time, and risk by building your AWS solution with CIS AMIs.
4.2
Overview
The CIS Hardened STIG Image on Amazon Linux 2 is a pre-configured image built by the Center for Internet Security (CIS®) for use on Amazon Elastic Compute Cloud (Amazon EC2). It is a pre-configured, security-hardened image that aligns with the robust security recommendations, the CIS Benchmarks, making it easier for organizations to meet regulatory requirements. Not only is this image pre-hardened to the CIS Benchmarks guidance, but it is also patched monthly in alignment with the updates from the software vendor. Key Benefits
Highlights
- Hardened according to a Level 2 CIS Benchmark that is developed in a consensus-based process and that is accepted by government, business, industry, and academia.
- Helps with compliance to PCI DSS, FedRAMP, DoD Cloud Computing SRG, FISMA, select NIST publications, and more.
- Pre-configured to align with industry best practices that are developed and supported by CIS, this image has hardened account and local policies, firewall configuration, and computer-based and user-based administrative templates.
Details
Sold by
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
AmazonLinux 2
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.
Dimension | Cost/hour |
|---|---|
t3.medium Recommended | $0.022 |
t2.micro | $0.02 |
t3.micro | $0.022 |
dl1.24xlarge | $0.06 |
u-3tb1.56xlarge | $0.06 |
r5.2xlarge | $0.026 |
g3.16xlarge | $0.06 |
x1e.16xlarge | $0.06 |
p3.2xlarge | $0.026 |
r6in.24xlarge | $0.06 |
Vendor refund policy
Refunds through AWS are not available at this time. You will only be billed for actual time of instance use. As with all CIS security products, our aim is always 100 percent customer/member satisfaction.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
NA
Additional details
Usage instructions
Once the instance is running, connect using SSH. Use "ec2-user" as the username. Immediately apply latest security updates after launching the instance.
Support
Vendor support
Questions, feedback, and support accessing CIS-developed AMIs is provided by contacting
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Center for Internet Security
By Canonical Group Limited
By Arara Solutions
Top
10
In Collaboration & Productivity
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Security Hardening Standard
Pre-configured image aligned with CIS Benchmarks Level 2 security recommendations and configuration guidance
Compliance Validation
Includes CIS Configuration Assessment Tool (CIS-CAT Pro) reports for demonstrating security conformance
Security Configuration
Hardened account and local policies, firewall configuration, and administrative templates with consensus-based security controls
Patch Management
Monthly software updates aligned with vendor patch release cycles to maintain security standards
Reporting Mechanism
Comprehensive HTML and text reports documenting system configuration before and after hardening process
Cryptographic Compliance
FIPS 140-2 certified kernel and cryptographic modules with out-of-the-box compliance
Security Patch Coverage
Comprehensive security updates for over 23,000 open source packages across Ubuntu Universe repository
Compliance Hardening
Integrated hardening profiles from CIS and DISA-STIG security implementation guidelines
Kernel Security
FIPS-certified kernel with ongoing security updates for cryptographic components
Security Tooling
Ubuntu Security Guide (USG) for automated compliance and security configuration management
Security Hardening
"Configured with Security Technical Implementation Guides (STIG) Benchmark High to enhance system security posture"
Operating System Compatibility
"Optimized Amazon Linux 2 distribution configured for compatibility with Amazon Elastic MapReduce (EMR)"
Compliance Standard
"Meets Defense Information System Agency (DISA) configuration standards for system hardening"
Security Configuration
"Implements advanced security settings to improve overall system protection"
Platform Optimization
"Pre-configured Linux image with specialized security and performance configurations"
Standard contract
No
No
Customer reviews
HemantKumar7
Seamless cloud integration has simplified operations and consistently reduced maintenance effort
Reviewed on Feb 01, 2026
Review from a verified AWS customer
What is our primary use case?
I have been using Amazon Linux for the last six years.
My main use case for Amazon Linux is that I have set up EC2 machines for our production environment, and we are using Amazon Linux where we have integration with AWS services such as SSM, ECS, and Lambda.
A specific example of how I use Amazon Linux in our production environment is that we have launched an EC2 machine containing the latest Amazon Linux image, and we don't need to purchase a license as it is fully managed by AWS . We don't need to pre-install tools such as AWS CLI, as some agents are already included within Amazon Linux.
I would add that we will directly integrate the ISIS machine over that using Amazon Linux.
What is most valuable?
One of the best features Amazon Linux offers is integration with AWS services such as ECS, Lambda, SSM, and regular security updates by AWS, along with long-term support and maintenance. We can also use package management as AWS provides update packages inside Amazon Linux, and performance, networking, and I/O patterns are also properly tuned, with no license fees for software we are using inside Amazon Linux as it is officially supported by AWS.
Out of the features I mentioned, I find myself relying most on security and updates, as package management is also available, meaning you don't need to update packages regularly, and performance-wise, there are no network issues.
Regarding the features, I have already mentioned compatibility with AWS tooling, where you don't need to install AWS CLI and some agents inside the EC2 machine since they are pre-installed and there are no fees as it is officially supported by AWS. Performance is good, with no need to focus on security and updates, as regular updates and patches are managed by AWS.
Amazon Linux has positively impacted my organization as we have set up production microservices requiring integration with Amazon Linux and AWS cloud workloads, providing us with peace of mind since we don't need to worry about security issues.
Specific outcomes showing how Amazon Linux has helped my organization include reduced costs and improved reliability, as we don't need to worry about license fees since it's fully managed by AWS. Performance-wise, there are no network issues.
What needs improvement?
I see there's less focus on general purpose in Amazon Linux, with a limited community ecosystem compared to Ubuntu or Fedora, and some third-party tools may be missing from the official repos, with Amazon Linux 1 and 2 differing.
I chose a rating of 8 out of 10 because there are times when package availability is an issue, as some third-party tools may be missing from the official repo, requiring us to enable extra repos or compile from source to update the package.
For how long have I used the solution?
I have been working in my current field for around 8 plus years.
What do I think about the stability of the solution?
Amazon Linux is stable.
What do I think about the scalability of the solution?
Amazon Linux's scalability allows it to be scaled at runtime.
How are customer service and support?
The customer support for Amazon Linux is good, as I can raise a support ticket and connect with the support team.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not previously use a different solution; we started with Amazon Linux.
How was the initial setup?
Amazon Linux is deployed in my organization on the AWS private cloud.
We use AWS as our cloud provider.
I purchased Amazon Linux through the AWS Marketplace .
What was our ROI?
We have seen a return on investment with Amazon Linux through optimization and integration with AWS services, which saves a lot of time and avoids focusing on security and patch updates as it is managed by AWS. Performance-wise, there are no network issues.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing is that we don't need to pay for licensing costs as it is fully managed by AWS, and setting up the EC2 machine containing Amazon Linux is not that costly.
Which other solutions did I evaluate?
Before choosing Amazon Linux, I did not evaluate other options since we are continuously using AWS and just set up Amazon Linux.
What other advice do I have?
My advice to others looking into using Amazon Linux is to definitely go with it, as you don't need to worry about different AWS service integrations or security patch updates, which are managed by AWS, and there are no licensing costs as it is fully supported by AWS. I gave this product a rating of 8 out of 10.
reviewer2799726
Secure, optimized environment has supported cost savings and reliable monolithic deployments
Reviewed on Jan 27, 2026
Review from a verified AWS customer
What is our primary use case?
I normally use Amazon Linux for monolithic applications or websites as a web server. Amazon Linux helps me run those monolithic applications or web servers by allowing us to install NGINX or HTTPd using the package managers, RPM. Amazon Linux provides a secure, stable, and high-performance environment that is optimized for the AWS ecosystem itself. It features deep AWS services integration, long-term support, and performance tuning for EC2 , making it a reliable choice for monolithic applications.
I normally use Amazon Linux for containerized applications as well, such as EKS. As node groups in EKS, we use Amazon Linux AMIs. Since it is reliable, secure, and gives long-term support from Amazon AWS itself, it serves our needs well.
What is most valuable?
Considering the best features Amazon Linux offers, I would say the security and reliability stand out. The operating system has been optimized by AWS itself, so it is highly optimized. There are various pre-installed AWS tools inside it. It is Graviton optimized for Arm-based workloads and has security by default with enhanced security, lifecycle, and deterministic updates. Upgrades are also good in this offering. It is cost-effective and works well with the modern toolchain.
Regarding those features, Amazon Linux benefits my day-to-day work by enhancing creativity and content generation with visuals in slides, video productions, and it is quite time-saving.
Regarding how Amazon Linux has impacted my organization positively, it helped us mostly with the costing part. Beyond that, the security posture has improved, which is always a big challenge in larger organizations.
Using Amazon Linux gives us a pay-as-you-go model, paying for fewer resources instead of a large upfront investment in hardware servers. I have seen various case studies which have helped save a lot of costs. Regarding security, I have seen very few incidents related to Amazon Linux. There are various kernel issues which we face in other operating systems, but not in Amazon Linux.
What needs improvement?
While VM images exist in other virtualization platforms, Amazon Linux is primarily designed for EC2 itself. Expanding official support for on-premise and hybrid scenarios would improve the flexibility for companies with multi-cloud setups. Additionally, expanded package repositories for third-party software would be beneficial. Compared to Ubuntu or Red Hat, Amazon Linux has smaller communities and fewer third-party repositories. Documentation examples could be improved by providing more real-world, varied use case examples rather than just command references.
Amazon Linux should be easily upgradable. From Amazon Linux 2 to Amazon Linux 2023 requires a complete migration, as there is no direct in-place upgrade path. Having an easier upgrade path for migrating from one version to another would be really helpful. Standardized Yum behaviors would also help because Amazon Linux 2023 defaults to DNF, while Amazon Linux 2 was established using Yum workflows. This creates minor compatibility hurdles. Although we can use Yum, it would be better if those behaviors were standardized. Minor improvements could also be made regarding an enhanced terminal experience.
I did not rate Amazon Linux as a perfect ten because of the upgrade path and standardizing the package behaviors. The improvements I needed in Amazon Linux included the upgrade path, standardizing the package behaviors, and support for third-party software. That is why I rated it nine instead of ten.
For how long have I used the solution?
I have been using Amazon Linux for the past seven years.
What do I think about the stability of the solution?
In my experience, Amazon Linux is stable. I have not faced any issues with stability.
What do I think about the scalability of the solution?
In my experience, Amazon Linux's scalability is not an issue. I have not faced any issues with that.
How are customer service and support?
The experience with customer support for Amazon Linux was very good. I interacted with them a couple of times and they were very helpful.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Previously, I was on a private cloud setup where we used to use Ubuntu or Red Hat as per the customer requirements. Later on, I switched to Amazon Linux because of its security and compatibility and everything else it offers.
How was the initial setup?
My experience with pricing, setup cost, and licensing was really good. The cost is comparatively less, and since there is no license involved when we are using it within AWS itself, the setup was also quite simple. Overall, it was a good experience.
What about the implementation team?
I took Amazon Linux from the Marketplace itself.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing was really good. The cost is comparatively less, and since there is no license involved when we are using it within AWS itself, the setup was also quite simple. Overall, it was a good experience.
Which other solutions did I evaluate?
I have not explored any other options because Amazon Linux itself has a lot of options and features which really helped me with my applications deployment and everything else. If I wanted to explore alternatives, I would have considered Ubuntu, which is also similarly very good.
What other advice do I have?
Most of what I would recommend relates to the security, performance, compatibilities, and support of Amazon Linux that I mentioned earlier. My advice is to not perform in-place upgrades. Try to identify the differences that exist between Amazon Linux 2 and 2023 before upgrading. I rated this product nine out of ten overall.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Sanooj Mananot
Robust cloud platform has delivered secure, high‑performance workloads with lower operating costs
Reviewed on Jan 27, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Amazon Linux is to run my production environment in a robust, scalable operating system. I have a SaaS platform where we run all our servers in Amazon, and we use Amazon Linux as the operating system that serves all our servers to our customers.
What is most valuable?
Being a SaaS platform, we need to ensure the security of the platform that we are running, and Amazon Linux provides the latest and greatest patches with all the packages included, making it easier for us to manage. The best features Amazon Linux offers include a very good package management system where we can quickly install everything, and the packages are compatible and very performant with Graviton processors. Graviton is even cheaper, but we do not have much expertise on running things on Arm processors, so we rely on the operating system, which abstracts us from the Arm processor to the application. Amazon Linux helps us do that, and the performance is so high on these servers. They are fine-tuned in such a way that it can use the best out of the hardware. Amazon Linux has positively impacted our organization. We were running on normal servers which were expensive, and we moved to Graviton servers. If we had used any other operating system, there might have been many packaging issues with the modules that we are using, the classes, the objects, and other components. Amazon Linux comes with all the packages required to run on Graviton, which helped us reduce our cost. We were able to achieve almost 30% more improvement in performance on the servers and almost 10% reduction in cost.
What needs improvement?
Amazon Linux is currently available mostly in Amazon, but I would like to see it available outside as well. Amazon last provided some security patches that were not very fast, which was one reason I did not rate it higher, along with a few things, such as some particular versions of Python that are not readily available in Amazon Linux.
For how long have I used the solution?
I have been using Amazon Linux for almost four years.
What do I think about the stability of the solution?
We have Amazon Linux servers which we have not restarted for almost three years, and the operating system is very robust. Once we received a security patch from Amazon through proactive updates, and we had to update it. Amazon Linux is stable.
What do I think about the scalability of the solution?
Amazon Linux is highly scalable.
Which solution did I use previously and why did I switch?
Previously, we were using CentOS , and we switched to Amazon Linux for better reliability and continuous support, as Amazon Linux was also a Fedora flavor.
What was our ROI?
I have seen a return on investment. As I mentioned earlier, we were able to increase the performance by at least 10 to 20% and also reduce the cost by up to 10%.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing for Amazon Linux is that it was decent, and in fact, it was good.
Which other solutions did I evaluate?
Before choosing Amazon Linux, I evaluated CentOS as an option.
What other advice do I have?
My advice to others looking into using Amazon Linux is that if you are moving to Graviton servers, Amazon Linux would be the best option, as you will get almost all the packages right away in Amazon Linux. I give this review a rating of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Vivek Nambiar
Optimized performance and tight cloud integration have delivered secure, low‑cost app deployments
Reviewed on Jan 23, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Amazon Linux is deploying Java microservice applications, Python applications, and .NET applications. I chose Amazon Linux most of the time because my platform and infrastructure are hosted in Amazon, so the compatibility is fine with Amazon Linux while using Amazon.
I deploy applications on Amazon Linux by writing scripts in the user data script and deploying the web application from there.
Amazon Linux is deployed in my organization in a private cloud where we deploy everything.
What is most valuable?
The best features Amazon Linux offers include optimized performance and tight AWS integration. SELinux is enabled on Amazon Linux and performs automatic security patching and CVE fixes. Critical vulnerability fixes and those security features have helped me significantly. The integration with AWS CLI, Cloud-init, and services such as SSM Agent and CloudWatch agent has been useful.
Amazon Linux has positively impacted my organization primarily by providing cost savings, as we do not want to spend on the OS portion.
What needs improvement?
Amazon Linux can be improved by integrating other cloud features so that other cloud providers can also use Amazon Linux. GCP and Azure could benefit from Amazon Linux compatibility as well.
For how long have I used the solution?
I have been using Amazon Linux for seven years.
What was our ROI?
I have saved approximately five percent.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing includes working on multiple other vendor licenses for the software licensing portion. The setup cost involves initial migration planning and related activities.
What other advice do I have?
Amazon Linux cost is free to use, which provides significant cost optimization benefits that we always leverage. My advice to others looking into using Amazon Linux is to use it and save your cost. I would rate this product nine out of ten.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Anastasiya Sousa
Running secure, automated workloads has reduced costs and simplifies cloud-native operations
Reviewed on Jan 22, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Amazon Linux was running production workloads, primarily using it to host backend services for the company and web applications on EC2 instances while helping DevOps with several tasks, one related to QA, as a QA Analyst and QA Engineer.
I hosted a production REST API backend on EC2 using Amazon Linux which handled user authentication and core transactions for a customer-facing web application, and it scaled reliably using AWS Auto Scaling and load balancing.
Using Amazon Linux delivered ROI in several practical ways, notably eliminating OS licensing costs, saving thousands of dollars per year compared to licensed enterprise Linux options, and reducing operational effort with an estimated 25 to 30% reduction in OS-related operational work due to AWS-native defaults and predictable updates.
What is most valuable?
Amazon Linux fit very naturally into our automation and security practices, regularly used with infrastructure as code and automated provisioning, which made it easy to spin up consistent environments across development, staging, and production, aligning closely with AWS best practices.
The strongest features of Amazon Linux are its tight AWS integration, security, and long-term stability, with one of the biggest advantages being how well it integrates with AWS services out of the box.
The tight AWS integration of Amazon Linux made my day-to-day operations much simpler and more reliable, as IAM roles work seamlessly at the OS level, eliminating the need to manage static AWS credentials on instances, which improved security and reduced configuration effort when deploying new EC2 instances or scaling automatically.
Another feature I found very useful in Amazon Linux is its predictable and well-curated package ecosystem, with stable and tested repositories for AWS environments reducing dependency issues and making system updates safer in production, along with smooth integration with automation and containerized workloads.
What needs improvement?
While Amazon Linux worked very well overall for us, there could be a few areas for improvement. For instance, the package ecosystem compared to more community-driven distributions like Ubuntu , where some packages can lag slightly behind in terms of versions, occasionally requiring extra effort when newer language runtimes or tools were needed.
For how long have I used the solution?
I have been working in my field as a manual tester and then moved into automated testing for seven years in total, performing and executing test cases on some freelance platforms.
What do I think about the stability of the solution?
Amazon Linux is very stable, especially for long-running production workloads on AWS, having been able to run it on production EC2 instances for extended periods with minimal issues.
What do I think about the scalability of the solution?
Amazon Linux scales very well, especially when used in AWS-native environments, working seamlessly with AWS Auto Scaling and load balancing to scale from a small number of instances to dozens or more during traffic spikes without needing OS-level changes.
How are customer service and support?
Amazon Linux customer support is generally good, understanding that support is structured through AWS support plans and official documentation, relying on AWS for issues directly related to Amazon Linux behavior on EC2, with timely and helpful responses for performance, updates, or AWS integration issues.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We have not used any other solution before Amazon Linux.
What was our ROI?
Using Amazon Linux delivered ROI in several practical ways, notably eliminating OS licensing costs, saving thousands of dollars per year compared to licensed enterprise Linux options, and reducing operational effort with an estimated 25 to 30% reduction in OS-related operational work due to AWS-native defaults and predictable updates.
What's my experience with pricing, setup cost, and licensing?
The pricing and licensing model of Amazon Linux is one of its biggest advantages, having no additional licensing cost and no per-core and per-instance OS fees, making cost planning straightforward by only paying for the underlying AWS infrastructure.
Which other solutions did I evaluate?
Before choosing Amazon Linux, I evaluated a few alternatives, specifically considering Ubuntu Server, Red Hat Enterprise Linux , and CentOS .
What other advice do I have?
I would advise that if you are planning to run workloads on AWS, Amazon Linux is a strong and practical choice, best suited for AWS-native, cloud-first architectures where tight integration with AWS services, security, and long-term stability matter. I would rate this product an 8 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)