Security features - Amazon Linux 2022

Amazon Linux 2022 is in preview release and is subject to change.

Security features

SELinux as a default

By default, Amazon Linux 2022 has SELinux enabled and is in Enforcing mode. SELinux is a security module that provides access control policies and is now the standard in the RPM based distributions such as Fedora, RHEL, and CentOS. It's widely used in the industry to lock down Linux servers and to help protect against malicious activity. We enforce this by default because it raises the security bar for our service. By running SELinux in Permissive mode rather than Enforcing mode, you can develop a SELinux policy for your application. We're providing a toggle to disable the conīŦguration if you don't want to enforce SELinux.

Turning off SELinux configuration

You can change SELinux settings to permissive mode using the following command.

# setenforce 0

You can also change SELinux configuration using cloud-init.