Version 7.6.1810
August 28, 2019
This guide depicts the configuration of the CentOS 7.x AMI by Faro Source, available through the AWS Marketplace. All changes described were made to establish a functioning AMI that complies with AWS rules for AWS Marketplace. The following sections will describe in detail all of the changes that were made.
The following sections outline the baseline operating system configurations included with this distribution.
The default user account included with this AMI is ec2-user
, the required default for an AMI. As required, this account does not contain a password, has been granted sudo privileges, and has been authorized for SSH login. To make changes to this user account, please refer to Managing User Accounts on Your Linux Instance and EC2 Password Login articles on AWS.
To SSH into the instance, an SSH key is required for the specified user ( in this case, ec2-user
). The SSH key will be pre-populated by AWS during instance creation. For more information on how to define an AWS security group for managing access, refer to the article AWS: Amazon EC2 Security Groups for Linux Instances.
A password isn’t required for SSH access. For information on how to change this, see Linux: sshd_config – Linux main page.
The system was built on the GPT file partitioning format with 1Mb boot partition. Upon deployment, the file system will auto-scale the partitioning to match the allocated storage space. This is accomplished using cloud-init
, growpart
, and gfdisk
.
Information on how to make changes to these sub-systems can be found in cloud-init and growpart documentation.
SELinux is enabled by default. The SELinux Policy article, depicts the list of policies that have been enabled or disabled. To check the status of your system, refer to the usage of the sestatus -b
.
The Enabled Services article, depicts the list of services that have been enabled. To check the status of your system, refer to the usage of the systemctl list-unit-files --type=service
.
AWS manages network access through the usage of security groups. As such, the firewalld
service is disabled by default. For details, see AWS: Amazon EC2 Security Groups for Linux Instances.