EC2 Image Builder creates security-hardened virtual machine images using scripts managed by AWS and Healthcare Blocks. You can use the resulting Amazon Machine Image (AMI) as the the basis for EC2 virtual machines. Periodically the images are rebuilt when AWS or Healthcare Blocks components are updated.
Currently, the Amazon Linux 2 machine built by EC2 Image Builder includes the following components:
- Latest Linux security patches available for Amazon Linux 2
- Amazon Linux 2 kernel live patching
- AWS CloudWatch Agent (used for collecting and publishing logs and metrics to CloudWatch)
- AWS Inspector Agent (used for running weekly Inspector vulnerability scans)
- jq JSON command line tool
- AIDE (Advanced Intrusion Detection Environment)
- ClamAV antivirus software
In addition, the operating system is hardened using a combination of STIG (Security Technical Implementation Guides) and CIS (Center for Internet Security) Benchmark controls. Note: not all of the CIS specifications are implemented as individual controls can be evaluated for a specific operating environment and disabled if appropriate.
* Support for this feature was rolled out in September 2021. Contact us if you'd like to enable it in your AWS account.