From 0d45cee246f56b5f397331161def560102835044 Mon Sep 17 00:00:00 2001 From: Isaiah Becker-Mayer Date: Fri, 10 May 2024 17:24:03 -0500 Subject: [PATCH] add the "v" prefix in front of teleport version to correct links (#41380) --- .../compliance-frameworks/fedramp.mdx | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/pages/access-controls/compliance-frameworks/fedramp.mdx b/docs/pages/access-controls/compliance-frameworks/fedramp.mdx index 1cbd8a1b77c38..ae9df83f1acf4 100644 --- a/docs/pages/access-controls/compliance-frameworks/fedramp.mdx +++ b/docs/pages/access-controls/compliance-frameworks/fedramp.mdx @@ -3,9 +3,9 @@ title: FedRAMP Compliance for Infrastructure Access description: How to configure SSH, Kubernetes, database, and web app access to be FedRAMP compliant, including support for FIPS 140-2. --- -Teleport provides the foundation to meet FedRAMP requirements for the purposes of accessing infrastructure. +Teleport provides the foundation to meet FedRAMP requirements for the purposes of accessing infrastructure. This includes support for the Federal Information Processing Standard [FIPS 140-2](https://en.wikipedia.org/wiki/FIPS\_140-2). -This standard is the US government approved standard for cryptographic modules. This document explains how +This standard is the US government approved standard for cryptographic modules. This document explains how Teleport FIPS mode works and how it can help your company to become FedRAMP authorized. ## Obtain FedRAMP authorization with Teleport @@ -32,37 +32,37 @@ government agencies. Teleport Enterprise customers can download the custom FIPS package from their [Teleport account](https://teleport.sh). Look for `Linux 64-bit (FedRAMP/FIPS)`. -You also can follow the [Installation instructions](../../installation.mdx#linux) for -Teleport Enterprise edition to download and install the appropriate FIPS-compliant binaries for +You also can follow the [Installation instructions](../../installation.mdx#linux) for +Teleport Enterprise edition to download and install the appropriate FIPS-compliant binaries for your operating environment and package manager or from compressed archive (tarball). For example, you can download and install from the compressed archive by running the following commands: ```code -$ curl https://cdn.teleport.dev/teleport-ent-(= teleport.version =)-linux--fips-bin.tar.gz.sha256 +$ curl https://cdn.teleport.dev/teleport-ent-v(=teleport.version=)-linux--fips-bin.tar.gz.sha256 -$ curl -O https://cdn.teleport.dev/teleport-ent-(= teleport.version =)-linux--fips-bin.tar.gz +$ curl -O https://cdn.teleport.dev/teleport-ent-v(=teleport.version=)-linux--fips-bin.tar.gz # Verify that the checksums match -$ shasum -a 256 teleport-ent-(= teleport.version =)-linux--fips-bin.tar.gz +$ shasum -a 256 teleport-ent-v(=teleport.version=)-linux--fips-bin.tar.gz -$ tar -xvf teleport-ent-(= teleport.version =)-linux--fips-bin.tar.gz +$ tar -xvf teleport-ent-v(=teleport.version=)-linux--fips-bin.tar.gz $ cd teleport-ent $ sudo ./install ``` -After you download and install, all of the Teleport Enterprise binaries are +After you download and install, all of the Teleport Enterprise binaries are installed in the `/usr/local/bin` directory. You can verify you have FIPS-compliant -binaries installed by running the `teleport version` command and verifying that +binaries installed by running the `teleport version` command and verifying that the `X:boringcrypto` library is listed. For example: ```code $ teleport version -Teleport Enterprise (= teleport.version =) (= teleport.git =) (= teleport.golang =) X:boringcrypto +Teleport Enterprise (=teleport.version=) (= teleport.git =) (= teleport.golang =) X:boringcrypto ``` If your Teleport cluster runs on AWS, the cluster can run in US-East or US-West regions for services -with low or moderate impact levels. For services with a high impact level, the cluster must run +with low or moderate impact levels. For services with a high impact level, the cluster must run in a GovCloud region to support FIPS. ## Configure the Teleport Auth Service