The only pre-hardened AMI's come from CIS and cost around $133 per year to run on a t2.micro instance.
I don't want to follow a random 'How to harden your server' article on Github and the free CIS level 1 benchmark PDF would take a week to implement manually and is prone to error.
Based on an afternoon of research all the configuration management tools I've found that implement hardening based on a well know standard e.g. CIS level 1 are only targeted and priced for enterprise customers (Puppet, CIS secureSuite, lockdown enterprise etc.)
Are you aware of any solutions?