FedRamp Installation

Overview

A FedRAMP Kloudfuse installation is deployed on AWS using the kfuse-fed Helm chart, designed for FIPS-compliant environments. Instead of bundled in-cluster services, it uses AWS managed services to meet FedRAMP High and Moderate baseline requirements:

Amazon RDS — managed relational database
Amazon ElastiCache — managed caching layer
Amazon MSK — managed Kafka streaming

All persistent data is encrypted at rest using AWS EBS volumes with customer-managed KMS keys (CMK), satisfying the FedRAMP SC-28 (Protection of Information at Rest) control family. EKS is used as the Kubernetes runtime.

Topics

FedRAMP Install
EBS Volume Encryption (FedRAMP)