AWS govcloud-us documentation change
Summary
Updated FIPS references from 140-2 to 140-3 standard in compliance documentation
Security assessment
Change reflects updated compliance with newer FIPS 140-3 cryptographic standard but does not indicate remediation of a specific vulnerability
Diff
diff --git a/govcloud-us/latest/UserGuide/govcloud-compliance.md b/govcloud-us/latest/UserGuide/govcloud-compliance.md index 697f378d8..97a83be93 100644 --- a//govcloud-us/latest/UserGuide/govcloud-compliance.md +++ b//govcloud-us/latest/UserGuide/govcloud-compliance.md @@ -9 +9 @@ FedRAMPDoD CC SRGCMMCITARCJISIRS 1075FIPSATO on AWS -AWS GovCloud (US) gives government customers and their partners the flexibility to architect secure cloud solutions that comply with the FedRAMP High baseline; the DOJ’s Criminal Justice Information Systems (CJIS) Security Policy; U.S. International Traffic in Arms Regulations (ITAR); Export Administration Regulations (EAR); Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) for Impact Levels 2, 4 and 5; FIPS 140-2; IRS-1075; and other compliance regimes. +AWS GovCloud (US) gives government customers and their partners the flexibility to architect secure cloud solutions that comply with the FedRAMP High baseline; the DOJ’s Criminal Justice Information Systems (CJIS) Security Policy; U.S. International Traffic in Arms Regulations (ITAR); Export Administration Regulations (EAR); Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) for Impact Levels 2, 4 and 5; FIPS 140-3; IRS-1075; and other compliance regimes. @@ -37 +37 @@ Internal Revenue Service Publication 1075 (IRS Pub 1075) provides guidance for U -The Federal Information Processing Standard (FIPS) Publication 140-2 is a US and Canadian government standard that specifies the security requirements for cryptographic modules that protect sensitive information. For more information, see [https://aws.amazon.com/compliance/fips](https://aws.amazon.com/compliance/fips) +The Federal Information Processing Standard (FIPS) Publication 140-3 is a US and Canadian government standard that specifies the security requirements for cryptographic modules that protect sensitive information. For more information, see [https://aws.amazon.com/compliance/fips](https://aws.amazon.com/compliance/fips)