RHEL CIS Hardened Images Update & Support Considerations
- Allan Cornwell
- Nick Romanzo
Product Name
CIS Hardened ImagesĀ®
Product Version
Red Hat Enterprise Linux images
Date
May 11, 2023
Overview
This article describes update & support considerations for CIS Red Hat Enterprise Linux (RHEL) Hardened Images hosted on Cloud Service Providers (CSP) such as AWS (Amazon Web Services), Microsoft Azure and Google Cloud Platform (GCP).
It answers questions such as:
Is a Red Hat Support Subscription required to receive updates for our CIS RHEL Hardened Image? (no)
Can a Red Hat Support subscription be applied to our CIS RHEL Hardened Image? (yes)
Who to contact for support depending on the issue
Updates
When a CIS RHEL Hardened Image is instantiated, the system defaults to the Red Hat Update Infrastructure (RHUI) repositories maintained by the applicable CSP, which are used to retrieve system, package and security updates via yum update. An additional Red Hat Support Subscription is not required to install updates for these VMs, but one can be applied if acquiring updates and technical support through Red Hat (rather than the CSP offering) is preferred. For more details, please refer to the Red Hat Cloud Access page.
Please note that Add-On features such as High Availability or Resilient Storage repository & package access require a Red Hat Support Subscription:
https://access.redhat.com/solutions/45930
For additional information regarding Red Hat Subscription Manager, see:
RHEL Subscription Manager
Depending on the applicable cloud network configuration (such as firewall and routing settings), you may have to allow these RHUI servers and their respective addresses explicitly. Information for each provider platform can be found in the following table, and the currently used repositories can be listed via yum repolist -v.
Cloud Service Provider | RHUI Information & Addresses |
|---|---|
AWS | |
Microsoft Azure | https://learn.microsoft.com/en-us/azure/virtual-machines/workloads/redhat/redhat-rhui |
Google Cloud | https://cloud.google.com/compute/docs/images/premium/rhel-faq |
Support
Support for RHEL VM issues that fall outside of the CIS Product Support scope (see list below) is managed by each CSP through an agreement with Red Hat. In these instances, please contact the CSP support channels for assistance with application or OS issues pertaining to your image.
CIS Product Support covers a limited number of issues pertaining to RHEL Hardened Images:
Issues related to the initial start of the VM, or any default configurations / settings that do not work as expected (see: https://cisecurity.atlassian.net/servicedesk/customer/portal/15/article/2443935833 )
Questions regarding hardening modifications compared to a base RHEL image
(see: How does CIS harden the images which are available on the cloud platforms? )Updating & upgrading the Hardened Image (see Hardened Image general update and upgrade questions )
For other support and troubleshooting matters pertaining to the RHEL OS or its hosting platform, please contact the CSP directly for assistance. RHEL-specific support information for each provider platform can be found in the table below.
Cloud Service Provider | RHEL Support |
|---|---|
AWS | https://aws.amazon.com/partners/redhat/faqs/
|
Microsoft Azure | https://azure.microsoft.com/en-us/solutions/linux-on-azure/red-hat/#features
|
Google Cloud | https://cloud.google.com/compute/docs/images/premium/rhel-faq
|
Keywords; RHEL Red Hat Enterprise Linux Hardened Image
Content by Label
Ā