Automation Assets FIPS compliance

Automation assets can be implemented in a FIPS-compliant manner, with the following requirements and exceptions.

Requirements

For requirements related to cluster setup and other considerations, see Configuring FIPS support on OpenShift.

Limitations

For a FIPS compliant deployment of Automation assets, consider the following:

  • Automation assets allows custom image overrides. If custom images are used as part of a deployment, FIPS compliance is the responsibility of the creator of the images.

  • Confirm FIPS compliance for outgoing calls to Git remotes.

  • Confirm FIPS compliance for outgoing calls to Keycloak identity and access management.