Introduction
The FIPS 140-2 publication prescribes a set of requirements that need to be satisfied by cryptographic modules both software and hardware components. FIPS 140-2 establishes the Cryptographic Module Validation Program (CMVP), and the Automated Cryptographic Validation Testing (ACVT) program, which are accreditation programs used to certify that cryptographic modules do in fact correctly implement encryption as prescribed.
Compliance to the FIPS 140 standard is required for several US-government regulated sectors and an increasing number of international standards refer to it for encryption related requirements.
Kurian offers FIPS 140-2 compliant AMIs for the following platforms:
- FIPS 140-2 compliant AMI for CentOS 7
- FIPS 140-2 compliant AMI for CentOS 8
- FIPS 140-2 compliant AMI for Red Hat Enterprise Linux 7
- FIPS 140-2 compliant AMI for Red Hat Enterprise Linux 8
- FIPS 140-2 compliant AMI for Amazon Linux 2
Configuration
There is no specific configuration needed. Check if FIPS mode is enabled on the EC2 node as follows:
$ sudo sysctl crypto.fips_enabled
crypto.fips_enabled = 1
