Linux on AWS: The Cost of Free
AWS is the 800-pound gorilla of cloud computing. While platforms like Azure and Google Cloud Platform (GCP) are making strides, AWS is still the most popular IaaS (Infrastructure as a Service) platform today. This means there is a compelling reason for aspiring IT pros to get familiar with the platform.
Similarly, different flavors of Linux are the norm in everything from web servers to IoT to infosec. As a result, there is also a precedent for up-and-coming IT mavericks to know their way around a Linux box.
Because of the popularity of Linux and AWS, Linux on AWS can be fruitful. It provides businesses a way to run Linux workloads in the cloud. For those studying for certification exams, it provides a way to get hands-on experience at a low cost — or even free. Here, we'll look at what you can get from the AWS's Linux offering and explore the pros and cons.
Linux on AWS: The Operating Systems
The Linux on AWS offering is quite robust. Many of the major distributions can be easily deployed as AMIs (Amazon Machine Images). There are many combinations of operating systems and configurations to choose from. Here we'll help you sort through the basics.
Understanding Hardened Images
Before we dive into the different operating systems, it's useful to understand the concept of a "hardened" image. For many of the operating systems we'll mention below, you'll find hardened images available. What this means is the images have been configured to meet a certain set of criteria.
For example, the RogueWave enhanced support for CentOS – CentOS 7 Security Hardened image is a CentOS 7 image configured by Rouge Wave Software to meet Center for Internet Security (CIS) and OpenSCAP standards.
These "out-of-box" hardened images are useful if you're looking to streamline your workload. However, if you're looking for something to practice with and configure from scratch, you may want a more bare-bones minimal install.
Popular Linux Distros on AWS
You can run a wide variety of operating systems on AWS. However, some have more support and documentation than others. Additionally, there are a small handful of flavors of Linux that can generally cover a wide-variety of use cases. Let's look at those popular versions that should be fairly easy to get started with.
CentOS is effectively Red Hat Enterprise Linux (RHEL) without Red Hat support. If you're looking for a low-cost way to get familiar with Red Hat, this makes CentOS a good choice. Additionally, if you're not looking for commercial support from RedHat, CentOS may be a viable option for production use too.
Debian is a popular operating system; it has served as the launchpad for many other flavors of Linux. For example, Ubuntu, Kali, and Linux Mint are based on Debian. This operating system has a reputation for stability and user control. Debian also values the concept of free (as in freedom) software. The result is a stable, customizable operating system, but not necessarily the easiest to work with. If you're willing to accept a steeper learning curve than something like Ubuntu, consider Debian.
While AWS has their own suite of security tools, Kali Linux is effectively a must-have for infosec pros. It comes baked-in with the tools for pen-testing and security audits. If your studies are security-focused, AWS + Kali may prove to be a quick way to hit the ground running.
Plenty of enterprises trust Red Hat and run their workloads on RHEL. Under the hood, RHEL and CentOS are mostly the same, but there are a few differences here and there. If you want to get the true RHEL experience, it's possible to run RHEL on the AWS free tier.
SUSE fits into many of the same use cases as Red Hat with a few differences. One of the most notable is SUSE's use of YaST out of the box. Whether you should pick Red Hat or SUSE probably comes down to the fields you'd like to work in or cert you are studying for.
Ubuntu is a very popular distro for the LAMP (Linux Apache MySQL PHP/Perl)/LEMP (Linux Nginx MySQL PHP/Perl) stacks many apps use. If you're looking for a distro powerful enough for production use, but has a manageable learning-curve, Ubuntu may work for you.
With all the Linux distros out there, many may wonder if we need another — and what makes Amazon Linux different. From a nuts and bolts perspective, Amazon Linux AMI (and Amazon Linux 2) is basically Red Hat Enterprise Linux (RHEL) optimized to run on AWS. This idea here is simple: with Amazon Linux you get images that are performant, secure, and supported by AWS. From a business perspective, that makes Amazon Linux an attractive operating system.
Linux on AWS: Things You Can Do on the Free Tier
The AWS Free Tier gives you a lot to work with. Coupled with the "free" nature of most Linux operating systems, this means there is plenty you can build at no dollar cost. For those of you looking to get hands-on experience with Linux operating systems, the 750 monthly hours of EC2 t2.micro or t3.micro instances for 12 months is useful.
Because there are only 744 hours in 31 days, you should be able to get as much access as you need over the course of a year. Coupled with comparable free storage and database server options, you can build out a variety of projects to help sharpen your skills. Further, aspiring security pros can run Kali on the AWS free tier.
Note: To help make sure you don't exceed free-tier limits, check out AWS's How do I make sure I don't incur charges when I'm using the AWS Free Tier? FAQ.
Non-AWS Certs AWS on Linux Might Help You With
It's a no-brainer that using AWS is useful for AWS certifications. However, there are a number of situations where AWS on Linux might prove useful for other certifications too. Here are a few examples:
- CompTIA Linux+. The Linux+ XK0-004 exam objectives call out a computer that supports virtualization "OR access to a cloud service provider."
- Linux Professional Institute LPIC-1: Linux Administrator. In the past, getting CompTIA Linux+ certified would have bagged you a LPIC-1 too. However, that changed in October of last year and now the certs require completely different exams. Much like with the Linux+, local hardware may suffice, but AWS and Linux provide another avenue to practice and sharpen your skills.
- CompTIA Security+. The SY0-501 exam objectives section 3.7 deals with cloud and virtualization concepts, making general cloud familiarity a plus. Further, Kali, which you can run on AWS's Free Tier, is called out as an exploitation distribution in the "proposed hardware and software list."
Linux on AWS: What You'll Need to Pay For
Not everything on AWS is free. They didn't become a profit-generating machine by giving it all away. If you exceed free-tier usage, you'll be billed. This means you can expect to pay for things like:
- E2C instances larger than t2.micro or t3.micro
- Services not part of a free-trial or "always free" offering like Reduced Redundancy Storage (RRS)
- Exceeding your usage caps (e.g. over 750 hours of EC2, Elastic Load Balancer [ELB], or Relational Database Service use in a month or over 5GB of S3 storage)
Fortunately, for those of you simply studying and experimenting, it should be easy to stay under the caps.
Linux on AWS: What You Don't Get
AWS may be the 800-pound gorilla, but it still doesn't give you everything a Linux pro may need. The two most obvious examples of this are here:
- Hardware. Cloud computing is ubiquitous today, but there's still something to be said for hands-on hardware experience. Installing and troubleshooting RAM, SSDs, and PCIe cards are all abstracted away in the cloud. If you want hands-on experience with server hardware, you'll need to look beyond AWS.
- Other platforms. Running Linux on AWS can help you gain a lot of skills. However, it won't get you familiar with Azure, GCP, or Digital Ocean. If you're looking to specialize in AWS, this may be fine. However, if you want to have a full understanding of the current state of cloud platforms, you'll need to know about more than just Amazon's material.
Final Thoughts: Everything is a Tradeoff
There is plenty you can do for free with AWS and Linux. However, just because you can do something, doesn't mean you should. Dual-booting, Windows Subsystem for Linux (WSL), VirtualBox, and VMware WorkStation Player are just a few ways to get hands-on with Linux without looking to the cloud if Windows is your daily driver.
What works best for you will depend on your situation and needs. If you want to get familiar with cloud computing and Linux at the same time, AWS is solid. If you just want to tinker with a new operating system locally, it may make more sense to install VirtualBox. Similarly, if you want to scan local devices, you'll probably want to run Kali at home and not in the cloud. The takeaway here is simple: consider the tradeoffs and pick what works best for you.