Public Preview: FIPS mutability support in AKS

The Federal Information Processing Standard (FIPS) 140-2 is a US government standard that defines minimum security requirements for cryptographic modules in information technology products and systems. Azure Kubernetes Service (AKS) allows you to create Linux and Windows node pools with FIPS 140-2 enabled. Deployments running on FIPS-enabled node pools can use those cryptographic modules to provide increased security and help meet security controls as part of FedRAMP compliance. For more information on FIPS 140-2, see Federal Information Processing Standard (FIPS) 140.

With FIPS mutability, you can now enable or disable FIPS on an existing node pool. When you update an existing node pool, the node image will change from the current image to the recommended FIPS image of the same OS SKU. This will immediately trigger a reimage. When migrating your application to FIPS, first validate that your application is working properly in a test environment before migrating it to a production environment.

Learn more.