Sold by: Center for Internet Security
Deployed on AWS
AWS Free Tier
This product has charges associated with the pre-built hardening to the CIS Benchmarks™ and recurring maintenance. The CIS Hardened Images® are hardened in accordance with the associated CIS Benchmarks, an industry best practice for secure configuration. Reduce cost, time, and risk by building your AWS solution with CIS AMIs.
4.2
Overview
*User Note: In accordance with the software vendor's end of life policy for this operating system, Amazon Linux 2 will be removed from the marketplace in July 2026. Please reference AWS documentation regarding end of life and product removal or reach out to AWS support for additional information.
The CIS Hardened Image Level 2 on Amazon Linux 2 is a pre-configured image built by the Center for Internet Security (CIS®) for use on Amazon Elastic Compute Cloud (Amazon EC2). It is a pre-configured, security-hardened image that aligns with the robust security recommendations, the CIS Benchmarks, making it easier for organizations to meet regulatory requirements.
Not only is this image pre-hardened to the CIS Benchmarks guidance, but it is also patched monthly in alignment with the updates from the software vendor.
Key Benefits
This image is hardened against the corresponding Level 2 profile which is intended for environments or use cases where security is paramount, acts as a defense in depth measure, and may negatively inhibit the utility or performance of the technology. No packages are installed on or removed from this image outside of those already present on the base image or as recommended in alignment with the corresponding CIS Benchmark recommendations.
To demonstrate conformance to the CIS Amazon Linux 2 Level 2 Benchmark, industry-recognized hardening guidance, each image includes an HTML report from CIS Configuration Assessment Tool (CIS-CAT® Pro). Each CIS Hardened Image contains the following files:
These reports are located in /home/CIS_Hardened_Reports.
For customized pricing options or private offers, reach out to us at cloudsecurity@cisecurity.org .
To learn more or access the corresponding CIS Benchmark, please visit https://www.cisecurity.org/cis-benchmarks or sign up for a free account on our community platform, CIS WorkBench, https://workbench.cisecurity.org/ .
Highlights
- Hardened according to a Level 2 CIS Benchmark that is developed in a consensus-based process and that is accepted by government, business, industry, and academia.
- Helps with compliance to PCI DSS, FedRAMP, DoD Cloud Computing SRG, FISMA, select NIST publications, and more.
- Pre-configured to align with industry best practices that are developed and supported by CIS, this image has hardened account and local policies, firewall configuration, and computer-based and user-based administrative templates.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
AmazonLinux 2
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time. Alternatively, you can pay upfront for a contract, which typically covers your anticipated usage for the contract duration. Any usage beyond contract will incur additional usage-based costs.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.
Dimension | Cost/hour |
|---|---|
t3a.small Recommended | $0.022 |
t3.micro | $0.022 |
t2.micro | $0.02 |
m5.24xlarge | $0.06 |
r5a.large | $0.022 |
m7i.metal-24xl | $0.06 |
r5a.8xlarge | $0.05 |
m6id.2xlarge | $0.026 |
m5n.xlarge | $0.024 |
c5d.metal | $0.06 |
Vendor refund policy
Refunds through AWS are not available at this time. You will only be billed for actual time of instance use. As with all CIS security products, our aim is always 100 percent customer/member satisfaction.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
NA
Additional details
Usage instructions
Once the instance is running, connect using SSH. Use "ec2-user" as the username. Immediately apply latest security updates after launching the instance.
Resources
Support
Vendor support
Questions, feedback, and support accessing CIS-developed AMIs is provided by contacting
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Center for Internet Security
By Canonical Group Limited
By Arara Solutions
Top
10
In Operating Systems
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Security Hardening Standard Compliance
Image hardened according to Level 2 CIS Benchmark developed through consensus-based process and accepted by government, business, industry, and academia.
Regulatory Compliance Support
Supports compliance with PCI DSS, FedRAMP, DoD Cloud Computing SRG, FISMA, and select NIST publications.
Pre-configured Security Controls
Includes hardened account and local policies, firewall configuration, and computer-based and user-based administrative templates aligned with industry best practices.
Monthly Security Updates
Patched monthly in alignment with software vendor updates to maintain alignment with latest security standards.
Conformance Assessment Documentation
Includes CIS-CAT Pro HTML reports, package inventory files, and exceptions documentation to demonstrate benchmark conformance and configuration changes.
FIPS Certification
FIPS 140-2 certified kernel and cryptographic modules included out of the box with ongoing security updates
Extended Security Coverage
Security patches available for over 23,000 open source packages in the Ubuntu Universe repository with 10 years of support through Expanded Security Maintenance
Compliance Hardening Profiles
CIS and DISA-STIG hardening profiles accessible through Ubuntu Security Guide tooling for guided compliance configuration
Cryptographic Module Updates
FIPS-certified cryptographic components with continuous security updates maintained throughout the support lifecycle
Long-term Support
10-year security coverage period for the operating system and included packages
Operating System Hardening
Amazon Linux 2 configured with STIG Benchmark High standard for enhanced security posture
Security Standards Compliance
Implementation of Defense Information System Agency (DISA) Security Technical Implementation Guides (STIGs) for system hardening
EMR Compatibility
Tested and compatible with Amazon Elastic MapReduce (EMR) for distributed computing workloads
Continuous Security Updates
Access to continuous security updates available through new versions of the image
Multi-Application Support
Suitable for deployment across various applications beyond EMR environments
Standard contract
No
No
Customer reviews
Harshal Jethwa
Switching has delivered secure, up-to-date servers and has reduced hosting costs
Reviewed on Apr 20, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Amazon Linux is hosting servers and applications.
What is most valuable?
The best features Amazon Linux offers include regular updates, regular patches, up-to-date software and tools, and security features.
The security features of Amazon Linux stand out for me because it provides vulnerability patches and tools and software patches. Because of that, our servers get the latest updates, which keeps them secure and provides access to the latest tools.
Amazon Linux has positively impacted my organization because we are able to host our applications, mainly Kubernetes applications, our servers, and testing environments, while also being able to get lower cost servers.
Since switching to Amazon Linux, I have noticed that we were previously using Windows Server , which was expensive. After switching to Linux, we are able to get a 30 to 40% savings.
What needs improvement?
Amazon Linux can be improved because currently it does not provide much longer session durations and sometimes it does not provide some of the tools I want to be included.
I chose 8 out of 10 because sometimes Amazon Linux does not provide a longer session and when we restart or refresh, all of the command history gets lost. Additionally, some of the tools I need are not present.
For how long have I used the solution?
I have been using Amazon Linux for six to seven months.
What do I think about the stability of the solution?
Amazon Linux is stable.
What do I think about the scalability of the solution?
Amazon Linux's scalability is good.
How are customer service and support?
I have not reached out to customer support yet, but I believe it will be good.
Which solution did I use previously and why did I switch?
Before Amazon Linux, we were using Windows, which was expensive for us due to its licensing fees. After switching to Linux, we are saving money.
What was our ROI?
I have seen a return on investment with Amazon Linux because I save both time and money.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing with Amazon Linux is that pricing is based on what we use and setup is easy. We do not need a license.
What other advice do I have?
I would advise others looking into using Amazon Linux that they can use it if they want to save money, want a low-cost solution, and want up-to-date patches. I gave this review a rating of 8 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Osvaldo Part
Using a flexible cloud OS has reduced licensing costs and has supported large-scale load testing
Reviewed on Apr 19, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Amazon Linux is as load test injectors VMs. I use Amazon Linux as a load test injector VM by spinning up a number of instances in AWS using this or using auto-scaling. For our requirement, we required RHEL-based systems and servers, which is why we are using Amazon Linux.
For a load injector, we are using a number of servers, mainly 10 to 20 servers. If we were going for RHEL , it would require a 10-server subscription. However, we are using Amazon Linux, which is freeware and does not require any subscription. Additionally, it belongs to the RHEL family and is easily integrated with all the AWS services.
What is most valuable?
The best feature of Amazon Linux is that it can easily integrate with all the services in AWS. The easy integration with AWS services helps me in my day-to-day work because if we are choosing any RHEL or Ubuntu-based server in AWS, we are required to install a service manager on that server. However, if we are using Amazon Linux, it is not required to install that type of package on it.
Amazon Linux has impacted my organization positively because, as I mentioned, we are using it as a load injector, and for this, our client required an RHEL-based OS. If we are using RHEL machines or servers, it requires an RHEL subscription. However, for Amazon Linux, no subscription is required. It is freeware, so it is cost-effective for our organization.
What needs improvement?
I have not felt any lag or any performance issues on Amazon Linux, so it does not require any improvement from my perspective. I do not have anything I wish Amazon Linux would do differently or features I would like to see added in the future.
For how long have I used the solution?
I have been using Amazon Linux for around five plus years.
What do I think about the stability of the solution?
Amazon Linux is stable.
What do I think about the scalability of the solution?
Amazon Linux's scalability is good. I have used it in an auto-scaling group for some time, and it is more scalable and more flexible and reliable.
How are customer service and support?
The customer support is awesome because it belongs to AWS, and AWS customer support is excellent.
Which solution did I use previously and why did I switch?
I have not yet used a different solution.
How was the initial setup?
I did not purchase Amazon Linux through the AWS Marketplace .
What was our ROI?
I have seen a return on investment because it saves money. As I mentioned, if we required RHEL servers, it needs some subscriptions. However, for using Amazon Linux, it is freeware, and it saves us a lot of money.
Which other solutions did I evaluate?
Before choosing Amazon Linux, I did not evaluate any other options.
What other advice do I have?
I would add that it is freeware for RHEL machines and belongs to the RHEL family. I chose 8 out of 10 for my review rating because for the RHEL family, I am using Amazon Linux, but sometimes, if we are using OpenShift or something that requires an RHEL subscription, then we are required to have an RHEL subscription or RHEL OS. Apart from that, we can easily use Amazon Linux.
I would advise that if your company and if your client is required to have an RHEL-based OS on AWS, you must go for Amazon Linux because it easily integrates with all the services and belongs to AWS, and it is freeware for RHEL.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Abhishek-Verma
Performance monitoring has improved reliability and cuts costs in my daily cloud workload
Reviewed on Apr 19, 2026
Review from a verified AWS customer
What is our primary use case?
I use Amazon Linux in my day-to-day work as a performance test engineer to monitor performance-related issues. For my cloud environment, which is AWS , most of my servers are EC2 instances, so I identify CPU utilization, memory usage on EC2 instances, and services. I am using Performance Insight, AWS CloudWatch, and RDS .
What is most valuable?
The best features Amazon Linux offers in my experience are the security of all updates and its ease of use, particularly in terms of performance.
Amazon Linux has positively impacted my organization by reducing costs, improving reliability, and saving time by scanning all AWS services and basically integrating all the services.
What needs improvement?
I think Amazon Linux can be improved, but I have no specific suggestions.
For how long have I used the solution?
I have been using Amazon Linux for four years.
What do I think about the stability of the solution?
Amazon Linux is stable.
What do I think about the scalability of the solution?
The scalability of Amazon Linux is flexible, and I basically use it for multiple load balancers.
How are customer service and support?
The customer support for Amazon Linux is good.
Which solution did I use previously and why did I switch?
I did not previously use a different solution.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing is that the setup cost is freeware, which results in no cost setup, thereby saving money.
Which other solutions did I evaluate?
Before choosing Amazon Linux, I did not evaluate other options, as I am comfortable with my choice.
What other advice do I have?
My advice to others looking into using Amazon Linux is that if you require a RHEL-based OS, you must use it. I gave this product a rating of 9.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
HarpreetSingh11
Cloud migration has boosted performance and now supports faster, flexible deployments
Reviewed on Apr 16, 2026
Review from a verified AWS customer
What is our primary use case?
I have been using Amazon Linux from my company for the last five years. We deploy Amazon Linux to most of our cloud servers, such as Apache, Nginx, and sometimes Kubernetes boxes. In a recent project, we used Terraform to deploy Amazon Linux and then used it to deploy one MySQL server. We explicitly deployed the MySQL database using Amazon Linux and then used Terraform to configure the deployment along with user data to perform post-implementation tasks, including installing packages, updating packages, and configuring user accounts. These are the general use cases we implemented.
What is most valuable?
Amazon Linux has impacted my organization very positively. Initially, we used to host on-premises servers, but now we have moved to Amazon Cloud and instead of using other distributions, we use Amazon Linux. It is very lightweight and provides all the packages needed, making it easy to customize and deploy.
Amazon Linux is a very lightweight operating system compared to others. We do not need a separate subscription to use Amazon Linux, and we have access to a good repository that provides many packages we can use in our day-to-day operations. Almost everything I need can be obtained from the packages when it comes to the lightweight nature of Amazon Linux. It uses very few resources from the operating system standpoint, and the remaining resources can technically be used for my applications.
These images are managed by Amazon, which helps us reduce the maintenance of the operating systems. Amazon Linux has good scalability. If we use different services from Amazon to provide scalable solutions, we can have multi-AZ setups or multi-region setups as well, which provides good scalability.
Customer support for Amazon Linux is really good. Whenever I need anything, I raise a support case and receive support on priority. I would rate the customer support for Amazon Linux on a scale of one to ten as nine.
What needs improvement?
Amazon Linux has almost everything, but there are some tools and libraries missing when we receive this operating system. If those tools and libraries could be installed with it, that would be much better.
For how long have I used the solution?
I have been working in my current field for more than seven to eight years.
What do I think about the stability of the solution?
Amazon Linux is stable.
What do I think about the scalability of the solution?
Amazon Linux has good scalability. If we use different services from Amazon to provide scalable solutions, we can have multi-AZ setups or multi-region setups as well, which provides good scalability.
How are customer service and support?
Customer support for Amazon Linux is really good. Whenever I need anything, I raise a support case and receive support on priority.
Which solution did I use previously and why did I switch?
I initially used different distributions like Ubuntu and CentOS . However, these AMIs are well maintained and well supported, which is why I am using Amazon Linux now.
How was the initial setup?
I purchased Amazon Linux from the Marketplace and had quite a good experience regarding pricing, setup cost, and licensing.
What about the implementation team?
I directly went and tried Amazon Linux without evaluating other options.
What was our ROI?
I am not sure about the exact number because I am from the operations side, not from the financial side. However, when it comes to performance, Amazon Linux really helped my team and my organization to deploy instances much faster compared to other operating systems. I would say it helped me save on maintenance and some cost as well.
What's my experience with pricing, setup cost, and licensing?
I purchased Amazon Linux from the Marketplace and had quite a good experience regarding pricing, setup cost, and licensing.
Which other solutions did I evaluate?
I directly went and tried Amazon Linux without evaluating other options.
What other advice do I have?
I would rate the customer support for Amazon Linux on a scale of one to ten as nine. Because there are some improvements needed which I already mentioned, I think eight would be the right rating.
Amazon Linux has almost everything. The only part is that there are some tools and libraries missing when we receive this operating system. If those tools and libraries could be installed with it, that would be much better.
I use AWS and Azure as my cloud providers. This is a good operating system to use when it comes to public cloud because it is mainly used for the Amazon platform. It provides good scalability and good performance and also helps with cost-saving aspects. My overall rating for this review is eight.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
reviewer2817555
Flexible cloud workloads have unified development, testing, and database workflows
Reviewed on Apr 16, 2026
Review from a verified AWS customer
What is our primary use case?
My use case for Amazon Linux includes web and application hosting, microservices, container, database management, and virtual desktop services.
I use Amazon Linux as a lightweight base image for Docker containers and power nodes for Amazon Elastic Kubernetes Services and Amazon Elastic Container Services. For database management, I use PostgreSQL , MariaDB , and MySQL for Jupyter Notebook and R services.
I use Amazon Linux for LQs with our IT data center. I deploy different flavors of Amazon Linux so that all applications can be deployed on that particular Amazon Linux environment. My team members use it for services use cases during the development and testing process.
I use MySQL and MariaDB services with Amazon Linux, which makes the workflow smoother for my testing and developer team.
I use Amazon Linux for testing, development, and staging environments. Different teams work in those particular fields. For the Java environment, the database environment, and the staging environment, my team is organized in a positive way.
What is most valuable?
Amazon Linux is freeware. The key benefits include integration, pre-installed tools for the AWS System Manager, EC2 instance connection directly via PuTTY, and it is lightweight and scalable. There is no additional licensing cost for Amazon Linux, so my organization sees 20% to 40% better performance when migrating from a paid distribution such as RHEL . This enhances performance and contributes to cost-cutting.
It is very reliable for me and my organization, and the licensing is beneficial for us.
Amazon Linux provides both money and time savings.
It provides native AWS integration, optimized performance, enhanced security, and is cost-effective. My advice to others is that Amazon Linux is the best way to develop business and solutions.
What needs improvement?
I believe there is no need to improve Amazon Linux. It is definitely working in a very progressive and highly scalable way.
For how long have I used the solution?
I have been working with Amazon Linux for the last three years.
What do I think about the stability of the solution?
I would rate the stability as eight out of ten and ten out of ten.
What do I think about the scalability of the solution?
Amazon Linux has long-time support provided. For security, Amazon Linux is most scalable.
What other advice do I have?
I will provide a rating of eight for Amazon Linux.
I am using a long-term support version of Amazon Linux, so there is no need for any other features.
Amazon Linux provides different types of services that can be installed for DevOps automation, high-performance computing, virtual desktops, database management, microservices, containerization, and web services hosting. For all of these capabilities, I have provided a rating of eight out of ten. My overall review rating for Amazon Linux is eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)