Are RHEL, RHEL Atomic Gold Images and UBI images hardened to CIS Benchmark standards?

Solution Verified - Updated -


We are planning our deployment of OpenShift into AWS. Our infrastructure security requires all AWS base images used by our company to be hardened using CIS benchmark scripts. Since our subscription for OpenShift includes access to the Gold images, we want to use these so that we don't get charged for a RHEL subscription indirectly by Amazon. We therefore need to know if the gold AMIs are already hardened to CIS benchmark standard? Or do we need to do this ourselves before we use them?


  • Red Hat Enterprise Linux (RHEL)
  • Red Hat Enterprise Linux Atomic Host
  • Red Hat Universal Base Image (UBI)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content