Open mjnagel opened 10 months ago
Realized I never circled back on this. My solution for on prem images was to build our own base RHEL image by installing from ISO in FIPS mode and then use that as the base image for this packer builder in Nutanix. Probably doesn't help with AWS environments due to cloud licensing concerns, but at least for on prem systems it is a workable solution since RedHat's cloud-image builder doesn't support producing a FIPS enabled cloud image.
RedHat documentation says that a system may not be fully compliant unless the install was started in FIPS mode. This leaves us with a few options for handling FIPS on RHEL:
There may be other viable options but these are the most prominent/apparent options.