This is a cache of https://docs.openshift.com/container-platform/4.12/security/container_security/security-compliance.html. It is a snapshot of the page at 2024-11-22T11:25:29.847+0000.
Understanding compliance - Container security | Security and compliance | OpenShift Container Platform 4.12
×

For many OpenShift Container Platform customers, regulatory readiness, or compliance, on some level is required before any systems can be put into production. That regulatory readiness can be imposed by national standards, industry standards or the organization’s corporate governance framework.

Understanding compliance and risk management

fips compliance is one of the most critical components required in highly secure environments, to ensure that only supported cryptographic technologies are allowed on nodes.

To enable fips mode for your cluster, you must run the installation program from a Red Hat Enterprise Linux (RHEL) computer configured to operate in fips mode. For more information about configuring fips mode on RHEL, see Installing the system in fips mode. The use of fips validated or Modules In Process cryptographic libraries is only supported on OpenShift Container Platform deployments on the x86_64, ppc64le, and s390x architectures.

To understand Red Hat’s view of OpenShift Container Platform compliance frameworks, refer to the Risk Management and Regulatory Readiness chapter of the OpenShift Security Guide Book.

Additional resources