Posted On: Apr 10, 2023

Starting today, customers can deploy their workloads on Amazon ECS on AWS Fargate in a manner compliant with Federal Information Processing Standard (FIPS) 140-2. FIPS is a U.S. and Canadian government standard that specifies the security requirements for cryptographic modules that protect sensitive information.

Until now, customers could manage FIPS mode themselves on Amazon ECS tasks running on Amazon EC2 as they had complete control over customizing infrastructure on EC2. With today’s launch, customers can now run their workloads in FIPS compliant manner on Amazon ECS on AWS Fargate. You can use the new Amazon ECS account-level setting fargateFipsMode to define that all ECS tasks running on Fargate should be configured to be FIPS compliant. When this mode is enabled, ECS and Fargate communicate through FIPS-compliant endpoints with appropriate cryptographic modules configured. Additionally, the underlying kernel is booted in FIPS mode.

This new capability is available in the AWS GovCloud (US-West, US-East) Regions. To learn more about FIPS 140-2 at AWS, refer to: FIPS on AWS and AWS Fargate Federal Information Processing Standard (FIPS-140).