Recent Releases of https://github.com/awslabs/security-hardened-amis-for-eks
https://github.com/awslabs/security-hardened-amis-for-eks - v20250821
Solution has been tested considering the following dependencies versions:
- hashicorp/aws 6.7.0
- terraform-aws-modules/vpc/aws 6.0.1
- terraform-aws-modules/eks/aws 21.0.7
- aws-ia/eks-blueprints-addons/aws 1.22.0
- Terraform v1.12.2
- Packer v1.13.1
- Packer hashicorp aws plugin version 1.3.9
Pattern BOTTLEROCKET:
- EKS Version: 1.33
- AMI Type: BOTTLEROCKETx8664
- Source AMI name: bottlerocket-aws-k8s-1.33-x86_64-v1.45.0-2f4223e5
Pattern CIS_AL2:
- EKS Version: 1.32
CIS Level 1:
- Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 1 - v07
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250807
CIS Level 2:
- Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 2 - v07
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250807
Pattern CIS_AL2023:
- EKS Version: 1.33
CIS Level 1:
- Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 1 - v07
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250807
CIS Level 2:
- Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 2 - v07
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250807
Pattern EKSOptimizedAL2:
- EKS Version: 1.32
CIS Level 1:
- Source AMI Name: amazon-eks-node-1.32-v20250801
- CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L1S
CIS Level 2:
- Source AMI Name: amazon-eks-node-1.32-v20250801
- CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L2S
Pattern EKSOptimizedAL2023:
- EKS Version: 1.33
CIS Level 1:
- Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250801
- CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L1S
CIS Level 2:
- Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250801
- CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L2S
- HCL
Published by maiconrocha 11 months ago
https://github.com/awslabs/security-hardened-amis-for-eks - v20250714
Solution has been tested considering the following dependencies versions:
- hashicorp/aws 5.100.0
- terraform-aws-modules/vpc/aws 5.21.0
- terraform-aws-modules/eks/aws 20.37.1
- aws-ia/eks-blueprints-addons/aws 1.21.1
- Terraform v1.12.2
- Packer v1.13.1
Pattern BOTTLEROCKET:
- EKS Version: 1.33
- AMI Type: BOTTLEROCKETx8664
- Source AMI name: bottlerocket-aws-k8s-1.33-x86_64-v1.42.0-5ed15786
Pattern CIS_AL2:
- EKS Version: 1.32
CIS Level 1:
- Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 1 - v06
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250627
CIS Level 2:
- Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 2 - v06
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250627
Pattern CIS_AL2023:
- EKS Version: 1.33
CIS Level 1:
- Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 1 - v06
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250627
CIS Level 2:
- Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 2 - v06
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250627
Pattern EKSOptimizedAL2:
- EKS Version: 1.32
CIS Level 1:
- Source AMI Name: amazon-eks-node-1.32-v20250704
- CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L1S
CIS Level 2:
- Source AMI Name: amazon-eks-node-1.32-v20250704
- CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L2S
Pattern EKSOptimizedAL2023:
- EKS Version: 1.33
CIS Level 1:
- Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250704
- CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L1S
CIS Level 2:
- Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250704
- CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L2S
- HCL
Published by towhid3427 12 months ago
https://github.com/awslabs/security-hardened-amis-for-eks - v20250603
Release Notes:
Solution has been tested considering the following dependencies versions:
- hashicorp/aws v5.99.1
- terraform-aws-modules/vpc/aws 5.21.0
- terraform-aws-modules/eks/aws 20.36
- aws-ia/eks-blueprints-addons/aws 1.21
- Terraform v1.12.1
- Packer v1.12.0
Pattern BOTTLEROCKET:
- EKS Version: 1.33
- AMI Type: BOTTLEROCKETx8664
- Source AMI name: bottlerocket-aws-k8s-1.33-x86_64-v1.39.1-3a880b44
Pattern CIS_AL2:
- EKS Version: 1.32
CIS Level 1:
- Source AMI Name: CIS Amazon Linux 2 Kernel 4.14 Benchmark - Level 1 - v01
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250519
CIS Level 2:
- Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 2 - v04
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250519
Pattern CIS_AL2023:
- EKS Version: 1.33
CIS Level 1:
- Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 1 - v05
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250519
CIS Level 2:
- Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 2 - v05
- EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250519
Pattern EKSOptimizedAL2:
- EKS Version: 1.32
CIS Level 1:
- Source AMI Name: amazon-eks-node-1.32-v20250519
- CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L1S
CIS Level 2:
- Source AMI Name: amazon-eks-node-1.32-v20250519
- CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L2S
Pattern EKSOptimizedAL2023:
- EKS Version: 1.33
CIS Level 1:
- Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250519
- CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L1S
CIS Level 2:
- Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.33-v20250519
- CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L2S
- HCL
Published by maiconrocha about 1 year ago
https://github.com/awslabs/security-hardened-amis-for-eks - v20250501
Release Notes:
Solution has been tested considering the following dependencies versions:
- hashicorp/aws v5.96.0
- terraform-aws-modules/vpc/aws 5.21.0
- terraform-aws-modules/eks/aws 20.36
- aws-ia/eks-blueprints-addons/aws 1.21
- EKS Version 1.32
- Terraform v1.11.4
- Packer v1.12.0
Pattern BOTTLEROCKET:
AMI Type: BOTTLEROCKETx8664 Source AMI name: bottlerocket-aws-k8s-1.32-x86_64-v1.37.0-e5290cd7
Pattern CIS_AL2:
CIS Level 1: - Source AMI Name: CIS Amazon Linux 2 Kernel 4.14 Benchmark - Level 1 - v01 -4c096026-c6b0-440c-bd2f-6d34904e4fc6
CIS Level 2: - Source AMI Name: CIS Amazon Linux 2 Kernel 5.10 Benchmark - Level 2 - v04 -c41d38c4-3f6a-4434-9a86-06dd331d3f9c
Pattern CIS_AL2023:
CIS Level 1: - Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 1 - v04 -prod-fvm47vekg24oc - EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250419
CIS Level 2: - Source AMI Name: CIS Amazon Linux 2023 Benchmark - Level 2 - v04 -prod-ur4aeqfdiqi3c - EKS Scripts: https://github.com/awslabs/amazon-eks-ami/releases/tag/v20250419
Pattern EKSOptimizedAL2:
CIS Level 1: - Source AMI Name: amazon-eks-node-1.32-v20250419 - CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L1S
CIS Level 2: - Source AMI Name: amazon-eks-node-1.32-v20250419 - CIS Scripts: CIS Amazon Linux 2 Benchmark v3.0.0 Profile L2S
Pattern EKSOptimizedAL2023:
CIS Level 1: - Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.32-v20250419 - CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L1S
CIS Level 2: - Source AMI Name: amazon-eks-node-al2023-x86_64-standard-1.32-v20250419 - CIS Scripts: CIS Amazon Linux 2023 Benchmark v1.0.0 Profile L2S
- HCL
Published by maiconrocha about 1 year ago