AWSTemplateFormatVersion: ‘2010-09-09’
Resources:
UbuntuCisHardeningLevel1Component:
Type: AWS::ImageBuilder::Component
Properties:
Name: UbuntuCisLevel1Hardening
Version: 1.0.0
Description: Component to download CIS Script and run level1 hardening.
ChangeDescription: Initial version
Platform: Linux
Data: |
description: Component to download CIS Script and run level1 hardening.
name: UbuntuCisLevel1Hardening
schemaVersion: 1.0
phases:
– name: build
steps:
– action: ExecuteBash
name: UbuntuCisLevel1Hardening
inputs:
commands:
– mkdir tmp1
– cd tmp1
– aws s3 cp s3://gfsau-imagebuilder-components/CIS-Build-kit-ubuntu-22/cis_lbk_ubuntu_linux_22.04_lts.tar.gz .
– tar -xzvf cis_lbk_ubuntu_linux_22.04_lts.tar.gz
– cd CIS-LBK/ubuntu_linux_22.04_lts/
– chmod +x cis-lbk_ubuntu_22.04_LTS-v1.0.0.sh
– echo -e “y\n1” | sudo ./cis-lbk_ubuntu_22.04_LTS-v1.0.0.sh
– sudo rm -rdf
UbuntuCisHardeningLevel2Component:
Type: AWS::ImageBuilder::Component
Properties:
Name: UbuntuCisLevel2Hardening
Version: 1.0.0
Description: Component to download CIS Script and run level2 hardening.
ChangeDescription: Initial version
Platform: Linux
Data: |
description: Component to download CIS Script and run level1 hardening.
name: UbuntuCisLevel2Hardening
schemaVersion: 1.0
phases:
– name: build
steps:
– action: ExecuteBash
name: UbuntuCisLevel2Hardening
inputs:
commands:
– mkdir tmp2
– cd tmp2
– aws s3 cp s3://gfsau-imagebuilder-components/CIS-Build-kit-ubuntu-22/cis_lbk_ubuntu_linux_22.04_lts.tar.gz .
– tar -xzvf cis_lbk_ubuntu_linux_22.04_lts.tar.gz
– cd CIS-LBK/ubuntu_linux_22.04_lts/
– chmod +x cis-lbk_ubuntu_22.04_LTS-v1.0.0.sh
– echo -e “y\n3” | sudo ./cis-lbk_ubuntu_22.04_LTS-v1.0.0.sh
– sudo rm -rdf