osm icon indicating copy to clipboard operation
osm copied to clipboard

Published 20 hours ago verified publisher icon openservicemesh

Review OSM for FedRamp Compliancy

Open phillipgibson opened this issue 2 years ago • 1 comments

Please describe the Improvement and/or Feature Request Service meshes are an integral to many secured environments that have FedRamp compliancy. This issue will track the discovery of items under FedRamp that are specific to the OSM service mesh layer only. The output will be to create a backlog of items to complete to make OSM FedRamp compliant.

Scope (please mark with X where applicable)

  • New Functionality [X]
  • Install [ ]
  • SMI Traffic Access Policy [ ]
  • SMI Traffic Specs Policy [ ]
  • SMI Traffic Split Policy [ ]
  • Permissive Traffic Policy [ ]
  • Ingress [ ]
  • Egress [ ]
  • Envoy Control Plane [ ]
  • CLI Tool [ ]
  • Metrics [ ]
  • Certificate Management [ ]
  • Sidecar Injection [ ]
  • Logging [ ]
  • Debugging [ ]
  • Tests [ ]
  • CI System [ ]
  • Demo [ ]
  • Project Release [ ]

Possible use cases Running OSM in secured environments with FedRamp compliancy needs.

phillipgibson avatar May 10 '22 18:05 phillipgibson

It appears having a cipher suite configuration may not assist with this and a specific Envoy image may need to be used that doesn't container additional cipher suites and only those specific to FIPS compliancy.

phillipgibson avatar May 25 '22 18:05 phillipgibson

This issue will be closed due to a long period of inactivity. If you would like this issue to remain open then please comment or update.

github-actions[bot] avatar Jan 22 '23 00:01 github-actions[bot]

Issue closed due to inactivity.

github-actions[bot] avatar Jan 29 '23 00:01 github-actions[bot]