Amazon Linux 2023 (AL2023) is the newest version of Amazon Linux distribution designed to provide a secure and stable high-performance environment to run cloud and on-premises workloads. While AL2023 is intended to be used with Amazon EC2, Amazon provides release-ready KVM-compatible QCOW2 images so that you can download and install AL2023 on local virtualization environments like KVM. In this tutorial, we will walk through an install of Amazon Linux 2023 on the KVM hypervisor from downloading the image to installing and booting your virtual machine.
Requirements
Ensure your KVM host meets the following requirements:​
- Operating System: A compatible version.​AWS Documentation
- QEMU Version: 6.2 or newer.​
- Machine Type:
q35
for x86-64 architectures.
For this demo, I’ll be using an EndeavourOS KVM host.
Step 1: Download Amazon’s AL2023 QCOW2 image
For KVM virtualization, Amazon provides a QCOW2 image. Download the latest AL2023 QCOW2 image from Amazon’s download page:

Alternatively, you can pull the QCOW2 image by running the command below in your KVM host terminal:
sudo wget https://cdn.amazonlinux.com/al2023/os-images/2023.7.20250527.1/kvm/al2023-kvm-2023.7.20250527.1-kernel-6.1-x86_64.xfs.gpt.qcow2
Step 2: Resize the Image
If you need to resize the image, then you can do so using the qemu-image
command. Check the size of the image using the command below:
$ qemu-img info al2023-kvm-2023.7.20250527.1-kernel-6.1-x86_64.xfs.gpt.qcow2
image: al2023-kvm-2023.7.20250527.1-kernel-6.1-x86_64.xfs.gpt.qcow2
file format: qcow2
virtual size: 25 GiB (26843545600 bytes)
disk size: 1.59 GiB
cluster_size: 65536
Format specific information:
compat: 1.1
compression type: zlib
lazy refcounts: false
refcount bits: 16
corrupt: false
extended l2: false
Child node '/file':
filename: al2023-kvm-2023.7.20250527.1-kernel-6.1-x86_64.xfs.gpt.qcow2
protocol type: file
file length: 1.59 GiB (1710817280 bytes)
disk size: 1.59 GiB
Then resize the image to your desired size using the command below:
sudo qemu-img resize \
/var/lib/libvirt/virtual-machines/al2023-kvm-2023.7.20250527.1-kernel-6.1-x86_64.xfs.gpt.qcow2 \
40G
Step 3: Prepare cloud-init Configuration
Because KVM and VMware environments do not have Amazon EC2 Instance Meta Data Service (IMDS), we need to configure Amazon Linux 2023 using a seed.iso
image. This seed.iso
image contains the initial configuration information needed to boot your AL2023 virtual machine. i.e network configs, hostname, and user data.
To generate the seed.iso
image, you need at least two configuration files, but if you include the network configurations(optional), then it’s three files:
- meta-data: configures the hostname of the virtual machine.
- user-data: configures user accounts, their passwords, ssh key pairs, and/or access mechanisms.
- network-config: provides a network configuration for the virtual machine which will override the default one.
- The default configuration is to use DHCP on the first available network interface.
Create the seed.iso
image
Create a new folder named seedconfig then navigate to it:
sudo mkdir seedconfig
cd seedconfig
meta-data
config file:
Then create a new file named meta-data
:
sudo vim meta-data
Add the following content, replacing Amazon-Linux-2023
with the host name for the VM:
#cloud-config
local-hostname: Amazon-Linux-2023.local
Save the file and exit.
user-data
config file:
Next, create the user-data
config file:
sudo vim user-data
Add the following to the file, and make changes where necessary:
#cloud-config
#vim:syntax=yaml
users:
- name: cloudspinx
gecos: Cloudspinx Support
sudo: ALL=(ALL) NOPASSWD:ALL
plain_text_passwd: $Xcqt0689
groups: sudo, admin
shell: /bin/bash
ssh_authorized_keys:
- ssh-rsa PUBLIC-KEY
For a hashed password, you need to generate one and then use passwd:
instead of plain_text_passwd
in your user-data
config file.
To generate the hashed password, use the following and enter your password when prompted:
mkpasswd --method=SHA-512 --rounds=4096

For the SSH-KEY, copy the full content after rsa. For example:
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDanumqcAvVq9Ind+MgVsU23cbfD0MGldN2h61YZzHJpj+oLXgoI90PnuV14eL1/EKl4CYoPDdXaJxvjbfzlrehHYqG9nEZywL0KoeFtyCfft2pn3WIJMB1nsBYi2njjwS/fr9oSBVetrj10bp5Q6VHZaOoFWfOr4JT0iB/R6IFUx5FM6k+g+Ow05qrh5WBoZ/FFY5e0a1p5PaEBj/1EzigeGroQ10rznM0QBUIYgUVterL5TdDweCYjwfMnkXi2ZMjVU9+Dy2Q9BRDpcnybjnk7FkmZ4sWkBnD7U7KBNeKhM4tH0QB2joRGbSwSDiOYSYY0Jkui5YNfrC/5pwZY6e4UVbgeZXvKBSezjByk0/pPSLiimnLcDMt2vYzyr1cmvmY/lsUGRuwG9O3wOlAgh48hA/YDoIOiQPEQcnW6ascrZB39KutvX5H2fR5tpI3IjR1Eryhpn7t5Q0KQO9d1B1W8XpLTnR45uUMSxqKl/RrHgDBqWfiGNFUbyCu3+6jGCQZH5U8RMlCIpeJ5wKBNGwjmWy6q0inx+jrR9pVnQRsZFqqCpq+U9w592nMK6yKFq45Pf9gjvF9s3AJRGfkLwY+/A1W3AQrUZ9rxqbRJ7Fb/Sn+Eu+qbR2if5nX6dPZ1sxUvLW0hAL26NTuHml5R0ayUdPAPCRerhGS87vd6hanDQ== generated-on-2025-03-11
For a better understanding of how to set up cloud-init, see this page.
network-config
file(optional):
Do this step only if you want to override the default network. Create a new file named network-config
:
sudo vim network-config
And add the following:
#cloud-config
version: 2
ethernets:
enp1s0:
dhcp4: false
addresses:
- 192.168.1.182/24
gateway4: 192.168.1.1
nameservers:
addresses: [8.8.8.8, 8.8.4.4]
Save the file and exit.
Now that we have all the required config files, we can proceed to create the seed.iso
image using the mkisofs
or genisoimage
tools. While still in the seed folder, run either one of the following commands:
Using mkisofs
tool:
# Without the network-config file
mkisofs -output seed.iso -volid cidata -joliet -rock user-data meta-data
# With the network-config file
mkisofs -output seed.iso -volid cidata -joliet -rock user-data meta-data network-config
Using genisoimage
tool:
# Without the network-config file
genisoimage -output seed.iso -volid cidata -joliet -rock user-data meta-data
# With the network-config file
genisoimage -output seed.iso -volid cidata -joliet -rock user-data meta-data network-config
Either one of the above commands should be able to generate a seed.iso
image.
$ mkisofs -output seed.iso -volid cidata -joliet -rock user-data meta-data network-config
Setting input-charset to 'UTF-8' from locale.
Total translation table size: 0
Total rockridge attributes bytes: 363
Total directory bytes: 0
Path table size(bytes): 10
Max brk space used 0
183 extents written (0 MB)
The resulting seed.iso
file can now be attached to your new Amazon Linux 2023 Virtual Machine using a virtual CD-ROM drive for cloud-init
to find on first boot and apply the configuration to the system.
Step 4: Create and Configure AL2023 Virtual Machine
To create your VM, use virt-install
command. If you have cockpit or virt-manager installed, you can provision your VM using the GUI. Run the following command to create Amazon Linux 2023 using virt-install
:
sudo virt-install \
--name Amazon-Linux-2023 \
--memory 4096 \
--vcpus 2 \
--disk path=/var/lib/libvirt/virtual-machines/al2023-kvm-2023.7.20250527.1-kernel-6.1-x86_64.xfs.gpt.qcow2,format=qcow2 \
--disk path=/var/lib/libvirt/virtual-machines/seed.iso,device=cdrom \
--os-variant fedora36 \
--virt-type kvm \
--graphics vnc \
--console pty,target_type=serial \
--import
Sample Output:

Access the VM console via virt-manager or cockpit we UI. Login with the password you set, this is only possible since we specifically set lock_passwd
to false in the user-data
cloud config file.

Now, try accessing the VM using ssh:
ssh [email protected]

Detach the seed.iso
image after a successfull installation. We really hope this guide was very helpful and that you enjoyed reading it as much as we did writing it. Feel free to engage with us through the comment section.
More articles that might interest you: