ferricoxideSep 25
One of the things that my cloud infrastructure team does is publish a set of semi-hardened Amazon Machine Images (#AMIs) each month. Many of our customers use #AWS and use RPM-based distributions that have specific hardening-requirements that need to be in place "from birth". So, we publish images for Red Hat, @almalinux, @rockylinux 8 and 9 as well as a semi-hardened version of #AmazonLinux2023.

At any rate, something happened to the #AL2023 images we bootstrap from between AWS's August-published images and their September-published images that causes the (chroot'ed) installation of the grub2-common RPM to fail. That RPM attempts to do a boot-loader installation for a couple platform-types. However, since the September-published image, it fails when doing the i386pc part. The backrev version of the RPM in question is only available in the AL2023 images published before April 7th of this year.

…So, now I'm back and forth with AWS support on the problem. Had to explain to them how to reproduce the problem, because they couldn't figure out how to do so. Bonus points: the issue isn't easily reproducible with any of the AMIs that are available, as AWS deprecates any AL2023 images older than " minus 2".
🧿🪬🍄🌈🎮💻🚲🥓🎃💀🏴🛻🇺🇸Jul 26, 2025

I've been doing #webDev for #AWS for a long time using Ubuntu in #WSL and it just occurred to me I could be using #Amazon #Linux 2023 instead. Any #windows #developers out there doing this?

#al2023 #AmazonLinux2023 #CentOS

ferricoxideJul 14, 2025

Customer: "We'd like to save some money on licensing costs and switch from #RHEL to #AL2023"
Me: "Cool. Lemme check some things…"
Me: (Looks at Compliance as Code project) "Looks like Amazon isn't participating in that project, so, all our ready-to-go automation that leverages that won't work. Don't worry, it's not necessarily fatal, their distro has oscap content, so, I'll check that…"
Me: (fires up and al2023 #EC2 and sees what Amazon makes available) "Looks like Amazon only makes available one hardening profile:

Title: Standard System Security Profile for Amazon Linux 2023I have no freaking clue what that maps to, as far as common frameworks. Normally, for your needs, I'd recommend STIG or CIS, possibly even PCI/DSS or HIPAA. However, neither Amazon's tooling nor the Compliance as Code project seems to have those for AL2023. By point of comparison, I've checked not just the RHEL distro — that you wanted to avoid licensing costs on — but all the license-cost free ones that I know of — Oracle Enterprise Linus, CentOS Stream, Alma Linux and Rocky Linux and they all support STIG, CIS, PCI/DSS, HIPAA and others (all the same "others" that Red Hat does). I can't promise you that your accreditors are going to accept whatever the hell Amazon's "standard" hardening is, nor can I guarantee that your third-party scanning tools are going to be happy. All I can sorta guarantee is that if you use _Amazon's_ tools to verify _Amazon's_ profiles, that you'll probably get all greens if you stay up to date on patches. But you've also told me that you want to be multi-cloud by the end of next year: even ignoring your auditors and your thirde-party scanning tools, I'm not sure how helpful that's going to be to you.

Nicolas Ward Nov 17, 2024
And now for a boring technical post: installing #php ImageMagick on #AL2023 https://blog.ultranurd.net/2024/11/17/installing-php-imagemagick-on-amazon-linux-2023/
Installing PHP ImageMagick on Amazon Linux 2023

WordPress has been yelling at me for a while that I don’t have the PHP module imagick installed. When I moved to an updated server running AL2023 and PHP 8, I lost it. As it turns out the rea…

UltraNurdage
Mx Autumn Aug 15, 2024

After having spent several hours today trying to get certain dependencies installed into Amazon Linux 2023 from the #Fedora package repository I finally attempted to install the GPG keys from fedora-gpg-keys-38-1.noarch.rpm and then create a modified /etc/yum.repos.d/fedora.repo from the one in fedora-repos-38-1.noarch.rpm and it works!

 have been writing up my notes into a new blog post. HURRAH!

#AL2023

Show threadMx Autumn Aug 15, 2024

Thanks to this article written in Japanese I was able to get libglpk installing on #AL2023 https://www.gclue.jp/2022/07/amazon-linux-2022-epl-rpmfusion.html

However, the steps used dont seem to work when replicated within the lambda/nodejs:20 docker image.

Amazon Linux 2023へEPEL・RPM Fusionレポジトリを追加する

アプリ, クラウド, AI, IOT, RoboticsでDX化を加速

Mx Autumn Aug 15, 2024

I have once again been forced to tinker with #AL2023 today.

I'm trying to get the VROOM routing engine running within Amazon Linux 2023 however it requires the shared library libglpk.so and of course aws don't provide the glpk-devel package.

After trying some shared solutions on using the #Fedora package repo I now get failed GPG checks.

Anyone know where I have gone wrong?

InfoQNov 20, 2023

🚀 Meet #AmazonLinux 2023 - a managed runtime & container base image for its Lambda service.

The runtime provides an OS-only environment for developers to run Lambda functions.

More details on #InfoQ: https://bit.ly/49KvQZF

#AWS #Lambda #AL2023

#CloudComputing

AWS Introduces Amazon Linux 2023 Runtime for Lambda

AWS recently introduced Amazon Linux 2023 (AL2023) as a managed runtime and container base image for its Lambda service. The runtime provides an OS-only environment for developers to run Lambda functions.

InfoQ
Kevin GlowaczOct 28, 2023

Success! I wonder if I'm the first person to get a #Ruby 3.2 app running on #ElasticBeanstalk Amazon Linux 2023? Surely not, right?

The biggest difference for me was that AL2023 seems to no longer user rbenv for Ruby, the platform just has it installed. I had modify my platform hook that copies the Amazon .rbenv version into my app’s root dir to only do it if the file exists (so I could get that app version deployed on a Ruby 3.0 instance before doing the instance upgrade)

#AL2023 #RubyOnRails

Matthew MartinSep 27, 2023

"Amazon Linux End of Life is 2025-06-30". But #AL2023 is like alpine.

Not happy about this.