Verify whether an Amazon EC2 instance is enabled for UEFI Secure Boot - Amazon Elastic Compute Cloud
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Verify whether an Amazon EC2 instance is enabled for UEFI Secure Boot

You can use the following procedures to determine whether an Amazon EC2 is enabled for UEFI Secure Boot.

You can use the mokutil utility to verify whether a Linux instance is enabled for UEFI Secure Boot. If mokutil is not installed on your instance, you must install it. For the installation instructions for Amazon Linux 2, see Find and install software packages on an Amazon Linux 2 instance. For other Linux distributions, see their specific documentation.

To verify whether a Linux instance is enabled for UEFI Secure Boot

Connect to your instance and run the following command as root in a terminal window.

mokutil --sb-state

The following is example output.

  • If UEFI Secure Boot is enabled, the output contains SecureBoot enabled.

  • If UEFI Secure Boot is not enabled, the output contains SecureBoot disabled or Failed to read SecureBoot.