AWS Security ChangesHomeSearch

AWS rosa documentation change

Service: rosa · 2026-04-10 · Documentation low

File: rosa/latest/userguide/rosa-architecture-models.md

Summary

Updated compliance certification information to specify FedRAMP High and HIPAA Qualified are available in AWS GovCloud for both classic and hosted control plane architectures, and added mention of FIPS endpoints in AWS GovCloud.

Security assessment

This change adds documentation about security compliance certifications (FedRAMP, HIPAA) and security features (FIPS endpoints). However, there is no evidence that this change addresses a specific security vulnerability or incident; it's informational clarification about existing security offerings.

Diff

diff --git a/rosa/latest/userguide/rosa-architecture-models.md b/rosa/latest/userguide/rosa-architecture-models.md
index 19620f2d3..9cc1b3e75 100644
--- a//rosa/latest/userguide/rosa-architecture-models.md
+++ b//rosa/latest/userguide/rosa-architecture-models.md
@@ -22 +22,6 @@ ROSA with HCP offers a more efficient control plane architecture that helps redu
-ROSA with hosted control planes (HCP) does offer FedRAMP High and HIPAA Qualified compliance certifications. For more information, see [Compliance](https://docs.redhat.com/en/documentation/red_hat_openshift_service_on_aws_classic_architecture/4/html/introduction_to_rosa/policies-and-service-definition#rosa-policy-compliance_rosa-policy-process-security) in the Red Hat documentation.
+  * ROSA offers FedRAMP High and HIPAA Qualified compliance certifications in AWS GovCloud on both classic and hosted control plane architectures. For more information, see [Compliance](https://docs.redhat.com/en/documentation/red_hat_openshift_service_on_aws_classic_architecture/4/html/introduction_to_rosa/policies-and-service-definition#rosa-policy-process-security) in the Red Hat documentation.
+
+  * ROSA offers Federal Information Processing Standard (FIPS) endpoints in AWS GovCloud on both classic and hosted control plane architectures.
+
+
+