Versions Compared

Old Version 4

changes.mady.by.user Allan Cornwell

Saved on

compared with

New Version 5

changes.mady.by.user Allan Cornwell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Product Name

CIS Hardened Images®

Product Version

(all)

Date

Problem

The approach to determine the version number of a currently deployed CIS Hardened Image varies by Cloud Service Provider. This article provides the unique steps for each major vendor.

General information regarding CIS version numbering can be referenced in the following KB article:
How are new versions and updates visually represented for each CIS Hardened Images®?

Solution

Table of Content Zone
Table of Contents
minLevel3
maxLevel6
outlinefalse
stylenone
typelist
printablefalse

CIS Hardened Images on Amazon Web Services (AWS)

  • Using the AWS EC2 Dashboard, navigate to the running instance and reference the “AMI name“ or “AMI location” property fields. In the below example screenshot, the image version is 1.0.0.16:

    aws_image_version.png

  • Using the AWS CLI, run the following command, replacing MY-INSTANCE-ID with your image instance ID:

    Code Block
     aws ec2 describe-instances --instance-ids MY-INSTANCE-ID --query 'Reservations[*].Instances[*].ImageId' --output text | xargs -I {} aws ec2 describe-images --image-ids {} --query 'Images[*].Name' --output text


    The output will contain the full AMI name and version number of your CIS Hardened Image:

    aws_image_version_cloudshell.png

CIS Hardened Images on Microsoft Azure

  • Using the Azure CLI, run the following command, replacing MY-DISK-ID and MY-RESOURCE-GROUP with their respective values:

    Code Block
    az disk show --resource-group MY-RESOURCE-GROUP --name MY-DISK-ID


    The output will contain the image version under the imageReferenceid property.
    In the below example screenshot, the image version is 3.0.2:

    azure_version_cli.png
Info

Due to platform requirements, CIS Hardened Images on Azure feature three version points (ex. 3.0.2) instead of the four present on other CSPs (ex. 3.0.0.2). The last digit indicates OS-level updates, while the first two indicate changes to the CIS Benchmark on which the Hardened Image is based.

CIS Hardened Images on Google Cloud Platform (GCP)

  • Using the Compute Engine dashboard, select the CIS Hardened Image instance. The version number will be displayed under the “Storage” → “Boot Disk” section in the “Image” column.

    In the below example screenshot, the CIS Hardened Image version number is 1.0.0.11:

    gcp_storage_bootdisk.png

  • Using Google Cloud Shell, run the following command, replacing MY-INSTANCE-ID and MY-ZONE with their respective values:

    Code Block
    gcloud compute instances describe MY-INSTANCE-ID --zone=MY-ZONE --format='value(disks[0].source)' | xargs gcloud compute disks describe --format='value(sourceImage)'


    The output will contain the image version at the end of the returned URL:

    google_cloudshell.png

CIS Hardened Images on Oracle Cloud Infrastructure (OCI)

  • ??????

  • ????????????????

Keywords; hardened image version number aws gcp azure oci

Content by Label

Filter by label (Content by label)
showLabelsfalse
showSpacefalse
cqllabel = "sbp_fer"

Copyright © 2020

Center for Internet Security®

Privacy Policy

Page Properties
hiddentrue

Action

Name(s)

Date

Linked ticket

Created by

Allan Cornwell

Reviewed by

Approved by

Remove by