EC2 Image Builder simplifies the creation, maintenance, validation, sharing, and deployment of Linux or Windows Server images for use with Amazon EC2 and on-premises.
Keeping server images up-to-date can be time consuming, resource intensive, and error-prone. Currently, customers either manually update and snapshot VMs or have teams that build automation scripts to maintain images.
Image Builder significantly reduces the effort of keeping images up-to-date and secure by providing a simple graphical interface, built-in automation, and Amazon Web Services-provided security settings. With Image Builder, there are no manual steps for updating an image nor do you have to build your own automation pipeline.
Image Builder is offered at no cost, other than the cost of the underlying Amazon Web Services resources used to create, store, and share the images.
Improved IT productivity
Image Builder significantly reduces the effort of keeping images up-to-date and secure by providing a simple graphical interface, built-in automation, and Amazon Web Services-provided security settings. With Image Builder, there are no manual steps for updating an image nor do you have to build your own automation pipeline. Not having to write and maintain automation code frees up resources and saves IT time.
Simpler to secure
EC2 Image Builder allows you to create images with only the essential components, reducing your exposure to security vulnerabilities. When a security patch is available, Image Builder can automatically patch your images. You can also apply Amazon Web Services-provided security policies (such as strong password enforcement, full disk encryption, enable firewall, and more) or custom security policies to your images to meet applicable internal compliance criteria.
Simple image management for both Amazon Web Services and on-premises
EC2 Image Builder, in conjunction with Amazon VM Import/Export (VMIE), allows you to create and maintain images for Amazon EC2 (AMI) as well as on-premises Microsoft Hyper-V (VHDX), VMware vSphere (VMDK), and Open Virtualization Format (OVF) virtual machines.
Built-in validation support
EC2 Image Builder allows you to easily validate your images for functionality, compatibility, and security compliance with Amazon Web Services-provided tests and your own tests before using them in production. Doing so reduces errors found in images normally caused by insufficient testing. The deployment of images into production environments can be made to depend on tests passing.
Centralized policy enforcement
EC2 Image Builder enables version control for easy revision management. Security and compliance testing also enable Information Security and IT teams to better enforce policies and compliance of images.
How it works
Image Builder provides a one-stop-shop to automate image management processes. Customers can generate an automated pipeline with an intuitive wizard in the Amazon Web Services console to produce compliant Linux and Windows Server images for use on Amazon Web Services and on-premises. When software updates become available, Image Builder automatically produces a new image and distributes it to stipulated Amazon Web Services China regions after running tests on it.
Examples of customize software installed on the image includes: 1/ Applications (build environments, business productivity tools, and databases) 2/ OS Updates 3/ Security patches.
Examples of secure image with Amazon Web Services-provided and/or custom templates includes: 1/ Ensure security patches are applied, 2/ Enforce strong passwords, 3/ Turn on full disk encryption, 4/ Close all non-essential open ports, 5/ Enable software firewall, 6/ Enable logging/audit controls.
Examples of test image with Amazon Web Services-provided test and/or your own test includes: 1/ Test that AMI can boot, 2/ Test that sample application can be run, 3/ Test specific patch has been applied, 5/ Test security policy.