OpenShift 3.x on Azure for Government (FedRAMP Moderate) v1 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Red Hat OpenShift Container Platform 3.10 cpe:/a:redhat:openshift_container_platform:3.10 (View CVEs)
Red Hat OpenShift Container Platform 3.11 cpe:/a:redhat:openshift_container_platform:3.11 (View CVEs)
Red Hat OpenShift Container Platform 3.5 cpe:/a:redhat:openshift_container_platform:3.5 (View CVEs)
Red Hat OpenShift Container Platform 3.6 cpe:/a:redhat:openshift_container_platform:3.6 (View CVEs)
Red Hat OpenShift Container Platform 3.7 cpe:/a:redhat:openshift_container_platform:3.7 (View CVEs)
Red Hat OpenShift Container Platform 3.8 cpe:/a:redhat:openshift_container_platform:3.8 (View CVEs)
Red Hat OpenShift Container Platform 3.9 cpe:/a:redhat:openshift_container_platform:3.9 (View CVEs)

Checklist Highlights

Checklist Name:
OpenShift 3.x on Azure for Government (FedRAMP Moderate)
Checklist ID:
865
Version:
v1
Type:
Compliance
Review Status:
Final
Authority:
Software Vendor: Red Hat
Original Publication Date:
08/17/2018

Checklist Summary:

Using the FedRAMP-provided System Security Plan for Moderate impact systems, Red Hat and Microsoft collaborated on the release of an Azure Blueprint. The document is designed to identify which controls are inherited from Azure’s FedRAMP accreditation, which are satisfied through native Red Hat OpenShift Container Platform capabilities, and which security controls are the responsibility of the system operator (procedural controls).

Checklist Role:

  • Virtualization Server

Known Issues:

Not provided.

Target Audience:

Microsoft Azure for Government and OpenShift Container Platform architects.

Target Operational Environment:

  • Standalone
  • Managed
  • Specialized Security-Limited Functionality (SSLF)
  • Legacy
  • Sector-Specific Environment

Testing Information:

The reference architecture was last revalidated on OpenShift Container Platform 3.9.

Regulatory Compliance:

This security guide was developed for FedRAMP Moderate controls.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

Inquiries of general use and support should be directed to Red Hat Customer Service (https://access.redhat.com/support/cases/#/case/new).

Point of Contact:

checklists@redhat.com for NCP inquiries

Sponsor:

Red Hat, Microsoft.

Licensing:

Not provided.

Change History:

Updated to FINAL - 9/24/18
Update broken url links
Change POC to NAPS checklist email.

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 10/26/2020