Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ECR FIPS Compliance #2

Closed
abby-fuller opened this issue Nov 28, 2018 · 5 comments
Closed

ECR FIPS Compliance #2

abby-fuller opened this issue Nov 28, 2018 · 5 comments
Labels
ECR Amazon Elastic Container Registry

Comments

@abby-fuller
Copy link
Contributor

Use FIPS compliant software to terminate TLS. If we don't do this, then we should expect limited adoption in GovCloud regions.

@abby-fuller abby-fuller created this issue from a note in containers-roadmap (We're Working On It) Nov 28, 2018
@abby-fuller abby-fuller added the ECR Amazon Elastic Container Registry label Nov 28, 2018
@abby-fuller abby-fuller moved this from We're Working On It to Coming Soon in containers-roadmap Nov 28, 2018
@colmmacc
Copy link
Contributor

Just a note to say that we have FIPS support in Amazon s2n (https://github.com/awslabs/s2n).

@paavan98pm
Copy link

Does this refer to running the ECR software (used to terminate TLS) in FIPS-compliant mode? If so, the issue title could be revised. Achieving FIPS compliance for ECR, which the issue title reads as-is, could be misleading to customers as that is an extensive process (independent validation of crypto modules in use within a service) we follow for KMS and CloudHSM.

@willfarrell
Copy link

Would be awesome if this was rolled out to Canada as well.

@jtoberon
Copy link

jtoberon commented Sep 27, 2019

ecr-fips.us-east-1.amazonaws.com
ecr-fips.us-east-2.amazonaws.com
ecr-fips.us-west-1.amazonaws.com
ecr-fips.us-west-2.amazonaws.com
ecr-fips.us-gov-east-1.amazonaws.com
ecr-fips.us-gov-west-1.amazonaws.com

Docs (e.g. https://aws.amazon.com/compliance/fips/) are being updated.

We will create a separate issue to track the Canada work.

@jtoberon
Copy link

Created #501

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
ECR Amazon Elastic Container Registry
Projects
Development

No branches or pull requests

5 participants