Introducing new Amazon EC2 Windows Server AMIs for DISA STIG compliance

Security Technical Implementation Guides (STIGs) are the configuration standards created by the Defense Information Systems Agency (DISA) that provide guidance on how to secure software and information systems. To make your systems STIG-compliant, you must install, configure, and test a variety of security settings. With this launch, you can use the new Windows Server AMIs that come pre-configured with over 160 required security settings, and include updated DoD certificates. These STIG-compliant AMIs are offered at no additional cost.

We are launching six new AMIs to support DISA STIG across Base and Core versions of Windows Server 2019, Windows Server 2016, and Windows Server 2012 R2. These AMIs are available in all public AWS Regions and GovCloud (US). You can launch instances from these AMIs directly from the Amazon EC2 console, and they are billed under standard Windows pricing. For more details on the STIG settings applied to each of the AMIs, check out the EC2 public documentation.