Product Information

• Product Name: Red Hat Enterprise Linux 8
• OS Version: RHEL 8.4
• AMI Name: RHEL8-STIG-AUG2021
• AMI ID: ami-0c6cf25b265111787
• Date Published: August 13, 2021

Image Release Notes

• Image was built from an RHEL 8.2 base image utilizing AWS' "EC2 Image Builder". Yum/package updates were applied, bringing its version to RHEL 8.4. Image should still be updated with the latest packages upon build using the 'sudo yum -y update'.
• The 'ec2-user' account will need to be re-aged during build via User data - 'chage -M -1 -E -1 ec2-user'.
• The image does not have a separate "/boot" partition. The '/boot' directory is located on the '/' directory.

Image Builder Notes

• The image was STIGGED utilizing the Red Hat Enterprise Linux 8 STIG - Ver 1, Rel 3 STIG
• Image is FIPS 140-2 compliant.
• SELinux is enabled.
• Elastic Network Adapter (ENA) support enabled.

Launch Instructions

• Login to the AWS console AWS Console
• In the upper right-hand corner, locate your current region (first dropdown from the right of the "Support" dropdown menu).
• Select "US East (N Virginia) us east-1". You should now see "N Virginia" as your region.
• Select the "Services" dropdown.
• Locate, then select "EC2", under the "Compute" listing.
• Under "Launch Instance", click "Launch Instance --> Launch Instance".
• In the search bar, type "RGS Red Hat Linux 8 STIG".
• Click "Select".
• After ensuring the correct AMI has been selected, click "Continue".
• Select appropriate Instance Type, then click "Configure Instance Details".
• Select appropriate instance details (i.e. subnet, number of instances, etc).
• At the bottom of the page, click the "Advanced Details" dropdown.
• In the "User data" text box, type 'sudo chage -M -1 -E -1 ec2-user'. That ensures the 'ec2-user' will not expire until you explicitly set it to do so.
• Click "Add Storage".
• After adding the appropriate amount of storage, click "Add Tags".
• After adding the appropriate Tags, click "Configure Security Group".
• If there are no security groups that exist, create a new one, ensuring port 22 (Type SSH) is included.
• Click "Review and Launch".
• After reviewing the instance details, click "Launch".
• This will produce a dialogue box allowing you to create a new shared key, select a current key or proceed without a key. In the case of either creating a new key or selecting a current key, you will need to have that key located on your system in order to access the newly created instance. Proceeding without a key will prevent you from accessing the server via ssh.
• With whatever option is chosen, acknowledge your action by clicking the box just below the key pair questionnaire, then click "Launch Instances".
• This will produce a "Launch Status" page, with the instance ID (ex: i-0e86cb5b9e9eef909). Click on that Instance ID.
• You will be redirected to the status of your recently launched instance. When the instance shows a "2/2" under the "Status check" header, it is ready to be accessed.
• Once the instance shows "2/2" under the "Status check" header, click the checkmark next to the instance. This should highlight the "Connect" button.
• This will provide a dialogue box stating how to connect to the server via ssh. Highlight and copy that command (i.e ssh -i ".pem" ec2-user@ec2-34-231-110-100.compute-1.amazonaws.com).
• Via your connection utility of choice, connect to the server.