Recent Releases of https://github.com/awslabs/security-hardened-amis-for-eks

https://github.com/awslabs/security-hardened-amis-for-eks - v20250821

Solution has been tested considering the following dependencies versions:

  • hashicorp/aws 6.7.0
  • terraform-aws-modules/vpc/aws 6.0.1
  • terraform-aws-modules/eks/aws 21.0.7
  • aws-ia/eks-blueprints-addons/aws 1.22.0
  • Terraform v1.12.2
  • Packer v1.13.1
  • Packer hashicorp aws plugin version 1.3.9

Pattern BOTTLEROCKET:

  • EKS Version: 1.33
  • AMI Type: BOTTLEROCKETx8664
  • Source AMI name: bottlerocket-aws-k8s-1.33-x86_64-v1.45.0-2f4223e5

Pattern CIS_AL2:

  • EKS Version: 1.32

CIS Level 1:

  • Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 1 - v07
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250807

CIS Level 2:

  • Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 2 - v07
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250807

Pattern CIS_AL2023:

  • EKS Version: 1.33

CIS Level 1:

  • Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 1 - v07
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250807

CIS Level 2:

  • Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 2 - v07
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250807

Pattern EKSOptimizedAL2:

  • EKS Version: 1.32

CIS Level 1:

  • Source AMI Name: amazon-eks-node-1.32-v20250801
  • CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L1S

CIS Level 2:

  • Source AMI Name: amazon-eks-node-1.32-v20250801
  • CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L2S

Pattern EKSOptimizedAL2023:

  • EKS Version: 1.33

CIS Level 1:

  • Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250801
  • CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L1S

CIS Level 2:

  • Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250801
  • CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L2S

- HCL
Published by maiconrocha 11 months ago

https://github.com/awslabs/security-hardened-amis-for-eks - v20250714

Solution has been tested considering the following dependencies versions:

  • hashicorp/aws 5.100.0
  • terraform-aws-modules/vpc/aws 5.21.0
  • terraform-aws-modules/eks/aws 20.37.1
  • aws-ia/eks-blueprints-addons/aws 1.21.1
  • Terraform v1.12.2
  • Packer v1.13.1

Pattern BOTTLEROCKET:

  • EKS Version: 1.33
  • AMI Type: BOTTLEROCKETx8664
  • Source AMI name: bottlerocket-aws-k8s-1.33-x86_64-v1.42.0-5ed15786

Pattern CIS_AL2:

  • EKS Version: 1.32

CIS Level 1:

  • Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 1 - v06
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250627

CIS Level 2:

  • Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 2 - v06
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250627

Pattern CIS_AL2023:

  • EKS Version: 1.33

CIS Level 1:

  • Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 1 - v06
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250627

CIS Level 2:

  • Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 2 - v06
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250627

Pattern EKSOptimizedAL2:

  • EKS Version: 1.32

CIS Level 1:

  • Source AMI Name: amazon-eks-node-1.32-v20250704
  • CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L1S

CIS Level 2:

  • Source AMI Name: amazon-eks-node-1.32-v20250704
  • CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L2S

Pattern EKSOptimizedAL2023:

  • EKS Version: 1.33

CIS Level 1:

  • Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250704
  • CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L1S

CIS Level 2:

  • Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250704
  • CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L2S

- HCL
Published by towhid3427 12 months ago

https://github.com/awslabs/security-hardened-amis-for-eks - v20250603

Release Notes:

Solution has been tested considering the following dependencies versions:

  • hashicorp/aws v5.99.1
  • terraform-aws-modules/vpc/aws 5.21.0
  • terraform-aws-modules/eks/aws 20.36
  • aws-ia/eks-blueprints-addons/aws 1.21
  • Terraform v1.12.1
  • Packer v1.12.0

Pattern BOTTLEROCKET:

  • EKS Version: 1.33
  • AMI Type: BOTTLEROCKETx8664
  • Source AMI name: bottlerocket-aws-k8s-1.33-x86_64-v1.39.1-3a880b44

Pattern CIS_AL2:

  • EKS Version: 1.32

CIS Level 1:

  • Source AMI Name: CIS Amazon Linux 2 Kernel 4.14 Benchmark - Level 1 - v01
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250519

CIS Level 2:

  • Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 2 - v04
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250519

Pattern CIS_AL2023:

  • EKS Version: 1.33

CIS Level 1:

  • Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 1 - v05
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250519

CIS Level 2:

  • Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 2 - v05
  • EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250519

Pattern EKSOptimizedAL2:

  • EKS Version: 1.32

CIS Level 1:

  • Source AMI Name: amazon-eks-node-1.32-v20250519
  • CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L1S

CIS Level 2:

  • Source AMI Name: amazon-eks-node-1.32-v20250519
  • CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L2S

Pattern EKSOptimizedAL2023:

  • EKS Version: 1.33

CIS Level 1:

  • Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250519
  • CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L1S

CIS Level 2:

  • Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250519
  • CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L2S

- HCL
Published by maiconrocha about 1 year ago

https://github.com/awslabs/security-hardened-amis-for-eks - v20250501

Release Notes:

Solution has been tested considering the following dependencies versions:

  • hashicorp/aws v5.96.0
  • terraform-aws-modules/vpc/aws 5.21.0
  • terraform-aws-modules/eks/aws 20.36
  • aws-ia/eks-blueprints-addons/aws 1.21
  • EKS Version 1.32
  • Terraform v1.11.4
  • Packer v1.12.0

Pattern BOTTLEROCKET:

AMI Type: BOTTLEROCKETx8664 Source AMI name: bottlerocket-aws-k8s-1.32-x86_64-v1.37.0-e5290cd7

Pattern CIS_AL2:

CIS Level 1: - Source AMI Name: CIS Amazon Linux 2 Kernel 4.14 Benchmark - Level 1 - v01 -4c096026-c6b0-440c-bd2f-6d34904e4fc6

CIS Level 2: - Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 2 - v04 -c41d38c4-3f6a-4434-9a86-06dd331d3f9c

Pattern CIS_AL2023:

CIS Level 1: - Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 1 - v04 -prod-fvm47vekg24oc - EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250419

CIS Level 2: - Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 2 - v04 -prod-ur4aeqfdiqi3c - EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250419

Pattern EKSOptimizedAL2:

CIS Level 1: - Source AMI Name: amazon-eks-node-1.32-v20250419 - CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L1S

CIS Level 2: - Source AMI Name: amazon-eks-node-1.32-v20250419 - CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L2S

Pattern EKSOptimizedAL2023:

CIS Level 1: - Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.32-v20250419 - CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L1S

CIS Level 2: - Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.32-v20250419 - CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L2S

- HCL
Published by maiconrocha about 1 year ago