Product Name
CIS Hardened Images - AWS
Product Version
EC2 Image Builder
Date
Overview
| Info |
|---|
CIS has made adjustments to the CIS Hardened Images for CIS Red Hat Enterprise Linux 8 Benchmark Level 2 and CIS Red Hat Enterprise Linux 8 STIG Benchmark for integration with EC2 Image Builder, a managed AWS service. |
Solution
To accommodate this integration, the noted CIS Hardened Images have removed the hardening for recommendations noexec on var and var/tmp as the AWS SSM Agent executes from either of these locations. To manually configure this recommendation in compliance with the CIS Benchmark, please follow the remediation instructions in the CIS Benchmark PDF.
CIS Red Hat Enterprise Linux 8 Benchmark Level 2:
1.1.3.3 Ensure
noexecoption is set on/varpartition
This recommendation is not applied to allow integration with AWS Image Builder. To configure this recommendation in compliance with the CIS Benchmark, please follow the remediation instructions in CIS Benchmark PDF.
1.1.4.2 Ensure
noexecoption is set on/var/tmppartition
This recommendation is not applied to allow integration with AWS Image Builder. To configure this recommendation in compliance with the CIS Benchmark, please follow the remediation instruction in CIS Benchmark PDF.
CIS Red Hat Enterprise Linux 8 STIG Benchmark:
1.1.10 Ensure
noexecoption is set on/var/tmppartition
This recommendation is not applied to allow integration with EC2 Image Builder.
Keywords;
EC2 Image Builder, CIS Red Hat Enterprise Linux 8 Benchmark; Hardened Image; AWS
Content by Label
| Filter by label (Content by label) | ||||||
|---|---|---|---|---|---|---|
|
| Page Properties | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||
|