Home icon

Automating AL2023 custom hardened AMI updates for Amazon EKS managed nodes

Containers Blog

This article discusses an automated solution for updating Amazon EKS managed node groups with custom, hardened Amazon Linux 2023 AMIs that meet CIS Benchmark Level 2 security standards.

  • Addresses the need for regulatory compliance in industries like financial services, healthcare, and government
  • Provides an automated pipeline to build, deploy, and validate custom AMIs
  • Reduces AMI update process from 3-4 days to approximately 50 minutes
  • Uses AWS services like EventBridge, Lambda, EC2 Image Builder, and CodeBuild
  • Implements an automated workflow that: - Checks for new AMI releases - Creates custom hardened AMIs - Updates staging and production EKS clusters - Tests applications after updates - Sends notifications about the update process

The solution helps organizations improve security, reduce operational overhead, and maintain compliance with minimal manual intervention.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Related articles

Jan 27
2025
Amazon EKS managed node groups introduces new update strategies
Jun 14
2024
How to create a pipeline for hardening Amazon EKS nodes and automate updates
Dec 16
2024
Announcing Node Health Monitoring and Auto-Repair for Amazon EKS
Apr 29
2025
Streamlining EC2 Updates by Automating AMI Swaps

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.