eks-distro-build-tooling icon indicating copy to clipboard operation
eks-distro-build-tooling copied to clipboard

Published 20 hours ago verified publisher icon aws

NIST-certified crypto module for deployments that need to be FIPS compliant?

Open TerryHowe opened this issue 3 years ago • 1 comments

@TerryHowe Are there docs somewhere for how we can generate a build that uses a NIST-certified crypto module for deployments that need to be FIPS compliant?
Is GoBoring / BoringSSL being setup in some other PR, or is there an alternative solution?

Originally posted by @markmsmith in https://github.com/aws/eks-distro-build-tooling/issues/53#issuecomment-821575308

TerryHowe avatar May 05 '21 15:05 TerryHowe

Also looking for this.

According to this blog post, AWS EKS has met FedRAMP High compliance.

But that isn't true, as all of it's Go components have not been compiled with a FIPS valid library.

By comparison, GKE is FIPS validated: https://cloud.google.com/security/compliance/fips-140-2-validated/

seanorama avatar Jun 16 '22 07:06 seanorama