Containers-roadmap: [EKS] FedRAMP Compliance
My company requires that all of our managed services are FedRAMP compliant because we work with government agencies. We're trying to decide if we should consider EKS or roll-our-own k8s solution.
I've seen the Services in Scope by Compliance Program document but it does not mention EKS.
Are there plans to have EKS become FedRAMP certified? I saw another issue for FIPS compliance for GovCloud, which seems to be related though it does not address FedRAMP specifically.
Thanks!
geekdave
All 18 comments
Really want to +1 this question!
ECS isn't FedRamp-approved yet, either, since it's still under assessment, but it has gotten limited approval within some of the government groups that I work with so folks can start building on it, in the meantime.
That said, a lot of the folks I work with who are currently moving to ECS would probably rather just use EKS if given the opportunity, but there's not much if any visibility on the timescale at which that may happen.
k4y3ff
on 22 Jan 2019
Hey @geekdave - have you checked out https://github.com/gravitational/gravity? Would love to learn more about your specific requirements if you feel like sharing.
bardiashahali
on 14 Feb 2019
We have some customers that we're working with that want to deploy our product into their VPC as part of a Fedramp initiation. We install on top of K8s but EKS isn't FIPS compliant so it's blocking the installation. Any updates here?
KnoxAnderson
on 21 May 2020
@KnoxAnderson Did you see https://github.com/aws/containers-roadmap/issues/253#event-3334158874 and https://github.com/aws/containers-roadmap/issues/375#event-3334158507 were recently closed? I'm not sure if that handles your use case. Interested to hear your thoughts.
weisjohn
on 22 May 2020
@geekdave Did you see https://github.com/aws/containers-roadmap/issues/253#event-3334158874 and https://github.com/aws/containers-roadmap/issues/375#event-3334158507 were recently closed? Does that close this issue?
weisjohn
on 22 May 2020
@weisjohn While EKS is available in GovCloud East and West, it has not yet been FedRAMP certified.
The certification status is tracked on https://aws.amazon.com/compliance/services-in-scope/
babilen5
on 22 May 2020
@babilen5 thanks, that's helpful info for me.
weisjohn
on 23 May 2020
FedRAMP Moderate for Amazon EKS in our US Standard regions has moved to JAB Review
FedRAMP High from Amazon EKS in our AWS GovCloud (US) regions has moved to 3PAO Assessment
The full details can be found on our Services in Scope page, under the FedRAMP tab.
arhea
on 22 Jun 2020
~@arhea that's great to hear, but I see no mention of AWS EKS on the FedRAMP tab Services-in-Scope page. Are you perhaps seeing an updated version that's not visible to us?~
mogul
on 22 Jun 2020
Never mind, I was searching the page for EKS and didn't see it listed as "Elastic Kubernetes Service". 😊
mogul
on 22 Jun 2020
@arhea Thanks for the update! I initially had the same problem as @mogul above. It is confusing that on the Services-in-Scope page that most other services like ECR, EC2, etc have their acronym displayed on the page, but EKS does not. Would be a great UX improvement to add it!
geekdave
on 22 Jun 2020
@geekdave / @mogul - thanks for the feedback! I will pass that along to the team :)
arhea
on 22 Jun 2020
@geekdave / @mogul - "EKS" has been added to the end of "Amazon Elastic Kubernetes Service" so it should be easier to find!
arhea
on 23 Jun 2020
@arhea Thanks for your help! My lazy fingers are grateful for fewer keystrokes to type.
geekdave
on 23 Jun 2020
Hey @arhea , I have several large scale projects in motion that require EKS in GovCloud High. Is it possible to sync with someone who is able to discuss ETA so I can gauge risk to project timelines? I know JAB is under no SLA to deliver, but there are some questions that the answer to would help me mitigate risk.
brianThompsonSFDC
on 5 Oct 2020
Amazon EKS is now FedRAMP Moderate in the US Standard Regions (us-east-1, us-east-2, us-west-1, and us-west-2)! Documentation pages are in the process of being updated.
arhea
on 16 Oct 2020
Fantastic news!!!!!
On Fri, Oct 16, 2020 at 8:57 AM Alex Rhea notifications@github.com wrote:
Amazon EKS is now FedRAMP Moderate in the US Standard Regions (us-east-1,
us-east-2, us-west-1, and us-west-2)! Documentation pages are in the
process of being updated.—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
https://github.com/aws/containers-roadmap/issues/111#issuecomment-710028884,
or unsubscribe
https://github.com/notifications/unsubscribe-auth/AJBVG2CQY55F5D2LRRIC533SLA7M5ANCNFSM4GP7VYCA
.>
Brian Thompson
Public Sector Product Enablement | M&A | Salesforce.mil
Mobile: 202-430-4047
brianThompsonSFDC
on 16 Oct 2020
We're excited to announce that EKS is now FedRAMP Moderate compliant. You can learn more here:
We're also pleased to announce that EKS is under JAB review for the FedRAMP High baseline and will update this thread when we have our final approval.
tabern
on 23 Oct 2020
Related issues
chungath
·
3Comments
jeremietharaud
·
3Comments
sarath9985
·
3Comments
miztch
·
3Comments
yinshiua
·
3Comments
Most helpful comment
We're excited to announce that EKS is now FedRAMP Moderate compliant. You can learn more here:
We're also pleased to announce that EKS is under JAB review for the FedRAMP High baseline and will update this thread when we have our final approval.