Amazon Linux 2023 Features
Predictable two-year major release cycle and long-term support
Starting with AL2023, a new major version of Amazon Linux releases every two years and comes with five years of long-term support, with each release consisting of standard support (2 years), and maintenance (3 years). This support commitment gives customers the stability they need to manage long project lifecycles.
Frequent and flexible updates
During the standard support phase (2 years), the release receives quarterly minor version updates to provide customers with security updates, bug fixes, and new features. Based on Fedora, this also gives customers access to a wide variety of modern software packages.
Improved security posture
AL2023 includes pre-configured security policies that make it easy for customers to implement common industry guidelines. These policies can be configured at launch time or run time, including setting the system crypto policy to FUTURE or LEGACY, locking down SELinux, and setting SELinux to enforcing or permissive mode.
Deterministic upgrades with versioned repositories
Amazon Linux 2023 gives customers control over how and when they choose updates and provides the ability to lock major and minor versions as well as specific versions of your Amazon Linux repository. This enables you to ensure consistency of package versions and updates across your environment.
Kernel hardening
Many hardening features are enabled by default. This includes secure-boot related features such as kernel module signing, and making the kernel lockdown feature available.
Kernel Live Patching
Amazon Linux 2023 includes kernel live patching functionality. This enables you to patch critical and important security vulnerabilities in the Linux kernel without reboot or downtime.
Predictable two-year major release cycle and long-term support
Starting with AL2023, a new major version of Amazon Linux releases every two years and comes with five years of long-term support, with each release consisting of standard support (2 years), and maintenance (3 years). This support commitment gives customers the stability they need to manage long project lifecycles.
Frequent and flexible updates
During the standard support phase (2 years), the release receives quarterly minor version updates to provide customers with security updates, bug fixes, and new features. Based on Fedora, this also gives customers access to a wide variety of modern software packages.
Improved security posture
AL2023 includes pre-configured security policies that make it easy for customers to implement common industry guidelines. These policies can be configured at launch time or run time, including setting the system crypto policy to FUTURE or LEGACY, locking down SELinux, and setting SELinux to enforcing or permissive mode.
Deterministic upgrades with versioned repositories
Amazon Linux 2023 gives customers control over how and when they choose updates and provides the ability to lock major and minor versions as well as specific versions of your Amazon Linux repository. This enables you to ensure consistency of package versions and updates across your environment.
Kernel hardening
Many hardening features are enabled by default. This includes secure-boot related features such as kernel module signing, and making the kernel lockdown feature available.
Kernel Live Patching
Amazon Linux 2023 includes kernel live patching functionality. This enables you to patch critical and important security vulnerabilities in the Linux kernel without reboot or downtime.
Similar Readings (5 items)
Comparing Amazon Linux 2 and Amazon Linux 2023
Hands on: I tested the latest Ubuntu Desktop release - read what I thought of this popular Linux distro
Heavy metal Linux 6.6 has arrived
Ubuntu 22.04.3 LTS Released with Updated Kernel, Graphics Drivers
Apple’s 24-inch iMac 2023 M3: price, specs, release date announced
Summary
Amazon Linux 2023: Two-year major release cycle, long-term support up to 5 years. Quarterly updates for security, bug fixes during standard support phase. Improved security posture with pre-configured policies. Deterministic upgrades via versioned repositories. Kernel hardening features enabled by