Update document with "AWS_USE_FIPS_ENDPOINT" environment variable

[imbohyun1]

Summary

Please add information about the environment variables AWS_USE_FIPS_ENDPOINT on the Environment Variables section of the Readme.md file.

Description

The ECS Agent does not currently use FIPS endpoints by default when FIPS is enabled on the underlying host. This behavior requires manual configuration, but there's no documentation addressing it.

These are the required steps:

1. FIPS mode was enabled on the AL2 instance.
2. Tasks launched without additional configuration did not use FIPS endpoints for Secrets Manager.
3. Manually setting AWS_USE_FIPS_ENDPOINT=true in the ECS Agent config file resulted in the use of FIPS endpoints (refer to this).

Some customers are confused about setting up FIPS endpoints in the ECS environment. Therefore, I request adding information about the AWS_USE_FIPS_ENDPOINT environment variable to the README.md file or creating an official AWS public document explaining how to set FIPS endpoints in the ECS service.

Thanks.

[amogh09]

@imbohyun1 ECS Agent does not explicitly support AWS_USE_FIPS_ENDPOINT setting and we have not tested how interactions with AWS services work when this environment variable is present.

The isFIPSEnabled variable you linked is set automatically if the host is determined to be FIPS enabled and it is only used to make Agent interact with S3 using its FIPS endpoints. Currently ECS Agent determines that the host is FIPS-enabled by checking that /proc/sys/crypto/fips_enabled file contains "1" in it. Is that true for your host?