Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Tell us about your request
I'm looking for an ECS optimized AL2023 AMI with kernel 6.18 pre-installed. Searching through the AWS Console, however, I see only those with the 6.1 kernel listed.
Which service(s) is this request for?
ECS
Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
Mainly I'm looking for 6.18 because we've been dealing with the recent spate of zero-days in the kernel (CopyFail and DirtyFrag) and in this age of AI Agents finding zero-days quickly, I'd like to be closer to the main kernel development pathway.
I also want this because our this because the non-ECS al2023 AMIs already come in 6.1 and 6.18 variants, so I thought it would be helpful to do that for ECS AMIs so that our ECS container instances can keep closer parity with our regular EC2 instances, so that we can have a unified attack surface to worry about, at least in terms of the kernel.
I know I can install the 6.18 kernel myself and use grubby to switch to the 6.18 kernel, but that really complicates my AMI building.
Are you currently working around this issue?
We're just using the 6.1 kernel ECS optimized AMI for our container instances.
Additional context
No.
Attachments
No attachments necessary.
Community Note
Tell us about your request
I'm looking for an ECS optimized AL2023 AMI with kernel 6.18 pre-installed. Searching through the AWS Console, however, I see only those with the 6.1 kernel listed.
Which service(s) is this request for?
ECS
Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard?
Mainly I'm looking for 6.18 because we've been dealing with the recent spate of zero-days in the kernel (CopyFail and DirtyFrag) and in this age of AI Agents finding zero-days quickly, I'd like to be closer to the main kernel development pathway.
I also want this because our this because the non-ECS al2023 AMIs already come in 6.1 and 6.18 variants, so I thought it would be helpful to do that for ECS AMIs so that our ECS container instances can keep closer parity with our regular EC2 instances, so that we can have a unified attack surface to worry about, at least in terms of the kernel.
I know I can install the 6.18 kernel myself and use grubby to switch to the 6.18 kernel, but that really complicates my AMI building.
Are you currently working around this issue?
We're just using the 6.1 kernel ECS optimized AMI for our container instances.
Additional context
No.
Attachments
No attachments necessary.