AWS govcloud-us documentation change
Summary
Updated FIPS validation standard reference from 140-2 to 140-3 for Go cryptography library
Security assessment
The change updates compliance documentation to reflect newer FIPS 140-3 validation requirements but does not address a specific security vulnerability. While FIPS validation is security-related, this is a version update to maintain accuracy in compliance documentation rather than fixing a security issue or introducing new security features.
Diff
diff --git a/govcloud-us/latest/UserGuide/accessing-govcloud.md b/govcloud-us/latest/UserGuide/accessing-govcloud.md index 6ed8a3fe2..1740638ee 100644 --- a//govcloud-us/latest/UserGuide/accessing-govcloud.md +++ b//govcloud-us/latest/UserGuide/accessing-govcloud.md @@ -15 +15 @@ You can use any of the following methods to access and manage resources in AWS G - * The **AWS SDK** s offer SDKs for a variety of languages. Some service operations that require computation of an md5 content hash, such as S3, may be unavailable or require additional code. The Sample Code and Libraries Catalog also provides a listing of code, SDKs, sample applications, and other tools available for use. For SDKs that leverage cryptography other than OpenSSL, such as Go, make sure you are following best practices for meeting compliance. Go leverages a built-in cryptography library that is not FIPS 140-2 validated. + * The **AWS SDK** s offer SDKs for a variety of languages. Some service operations that require computation of an md5 content hash, such as S3, may be unavailable or require additional code. The Sample Code and Libraries Catalog also provides a listing of code, SDKs, sample applications, and other tools available for use. For SDKs that leverage cryptography other than OpenSSL, such as Go, make sure you are following best practices for meeting compliance. Go leverages a built-in cryptography library that is not FIPS 140-3 validated.