50 lines
2.4 KiB
Markdown
50 lines
2.4 KiB
Markdown
---
|
||
title: "CTP Topic 50 AMI Roadmap for AWS AMIs"
|
||
type: source
|
||
tags:
|
||
- AWS
|
||
- AMI
|
||
- Roadmap
|
||
- CTP
|
||
date: 2026-04-18
|
||
---
|
||
|
||
## Source File
|
||
- [[raw/Cloud & DevOps/Public-Cloud-Learning-Sessions/01_AWS-Landing-Zone/ctp-topic-50-ami-roadmap-for-aws-amis.md]]
|
||
|
||
## Summary
|
||
- 核心主题:AWS AMI(Amazon Machine Image)路线图与标准化 AMI 维护策略
|
||
- 问题域:企业云环境中的机器镜像治理,涵盖操作系统版本支持生命周期、新 AMI 添加流程、标准化功能集成
|
||
- 方法/机制:CCOE(Cloud Center of Excellence)每两个月发布一次加固 AMI,遵循安全标准
|
||
- 结论/价值:标准化 AMI 体系确保环境一致性、安全合规性,路线图透明化管理便于规划
|
||
|
||
## Key Claims
|
||
- CCOE 每两个月发布一次符合安全标准的加固 AMI
|
||
- 当前支持的 AMI 包括:Ubuntu(3个版本)、CentOS 7/8、Rocky 8.4 ARM、Amazon Linux 2、Windows(4个版本)
|
||
- 路线图按 ADM 需求优先级排序,如需调整需通过需求管道流程
|
||
|
||
## Key Quotes
|
||
> "The CCOE provides hardened AMIs on a bi-monthly basis aligned with security standards."
|
||
|
||
> "Any requirements to change the prioritization of the roadmap should go through the demand pipeline process."
|
||
|
||
> "The AMIs are shared with every account in the organization, including the AMI itself, EBS volumes, and KMS keys."
|
||
|
||
## Key Concepts
|
||
- **Standard AMI**:AWS 标准机器镜像,包含 OS 加固、最新安全补丁,支持域集成、SSM agent、DNS 设置
|
||
- **AMI 路线图**:按月发布计划,2022年11月 SLES 15 + RHEL 9,2023年1月 OpenSUSE 15 + Amazon Linux 2022,2023年3月 Rocky 8 + Rocky 9,2023年5月 RHEL 9.4 ARM + Ubuntu 22.04 ARM
|
||
- **EOL(End of Life)**:Windows Server 2008/2008 R2(2020.01),CentOS 8(2021.12),Windows Server 2012(2023.10),RHEL 7 + CentOS 7(2024.06)
|
||
- **Change Log**:CCOE 门户提供与上一版本的变更记录
|
||
- **AMI 添加流程**:服务集成→功能启用→构建测试
|
||
|
||
## Key Entities
|
||
- [[AWS]]:云平台,提供 EC2 和 AMI 服务
|
||
- [[CCOE]]:Cloud Center of Excellence,负责 AMI 标准制定和发布
|
||
|
||
## Connections
|
||
- [[Standard AMI]] ← depends_on ← [[AWS EC2]]
|
||
- [[CTP Topic 26 Standard AMI]] ← extends ← [[CTP Topic 50]]
|
||
- [[Gruntwork Landing Zone]] ← uses ← [[Standard AMI]]
|
||
|
||
## Contradictions
|
||
- 与非标准 AMI 对比:企业需要平衡自定义灵活性与标准化安全合规要求 |