Enabling FIPS mode - Amazon Elastic File System
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Enabling FIPS mode

If your operating system is using Federal Information Processing Standards (FIPS) endpoints when mounting your file system, then you must enable FIPS mode in the Amazon EFS client. Enabling the FIPS mode involves modifying the efs-utils.conf file on the operating system.

Note

FIPS mode requires that the installed version of OpenSSL is compiled with FIPS. For more information on how to configure OpenSSL with FIPS see the OpenSSL FIPS README.

To enable FIPS mode in the Amazon EFS client

  1. Access the terminal for your Amazon EC2 instance through Secure Shell (SSH), and log in with the appropriate user name. For more information, see Connect to your EC2 instance in the Amazon Elastic Compute Cloud User Guide.

  2. Using your text editor of choice, open the /etc/amazon/efs/efs-utils.conf file.

  3. Find the line containing the following text: 

    "fips_mode_enabled = false"

  4. Change the text to the following:

    "fips_mode_enabled = true"

  5. Save your changes.