|
|
|
|
|
|
by InvaderFizz
676 days ago
|
|
|
> You cannot, for example, allow AWS Govcloud to handle SSL termination for ECS. Are you saying you can't terminate TLS at the ALB in FedRAMP high and instead have to terminate TLS at the node/pod level? That's the exact opposite interpretation that we have taken. Yes, TLS all the way at every layer, but we explicitly terminate at the ALB first. |
|
|
I think your approach is valid, and I would have preferred to do it that way. Whatever passes the audit, I guess.