terraform-aws-control_tower_account_factory icon indicating copy to clipboard operation
terraform-aws-control_tower_account_factory copied to clipboard

Published 20 hours ago verified publisher icon aws-ia

Add option to set AWS_USE_FIPS_ENDPOINT=true for AFT resources

Open jgearheart opened this issue 1 year ago • 1 comments

Terraform Version & Prov: all AFT Version: all

Terraform Version & Provider Versions all

Bug Description To ensure compliance with FedRAMP requirements when utilizing AFT in FedRAMP environments, it is essential to incorporate an option that mandates the use of FIPS endpoints for any resources created and managed by AFT, including Lambda functions and CodePipeline, etc. For Lambda functions and any components leveraging the AWS SDK, this can be achieved by adding an option to set the environment variable AWS_USE_FIPS_ENDPOINT=true

Expected behavior AWS FIPS endpoints used when resources within the AFT pipeline make API calls to any AWS service where FIPS endpoints are available.

jgearheart avatar Jun 14 '24 13:06 jgearheart

@jgearheart thank you for reaching out. Have you explored leveraging the Pre-API helper to set AWS_USE_FIPS_ENDPOINT=true?

snebhu3 avatar Jun 21 '24 21:06 snebhu3