Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

FIPS compliance for Verified Access

PDF
RSS
Focus mode
FIPS compliance for Verified Access - AWS Verified Access
Existing environmentNew environment

Federal Information Processing Standard (FIPS) is a US and Canadian government standard that specifies security requirements for cryptographic modules that protect sensitive information. AWS Verified Access provides the option to configure your environment to adhere to FIPS Publication 140-2. FIPS compliance for Verified Access is available in the following AWS Regions:

  • US East (Ohio)

  • US East (N. Virginia)

  • US West (N. California)

  • US West (Oregon)

  • Canada (Central)

  • AWS GovCloud (US) West

  • AWS GovCloud (US) East

This page shows you how to configure a new, or an existing Verified Access environment, to be FIPS compliant.

Configure an existing Verified Access environment for FIPS compliance

If you have an existing Verified Access environment and you want to configure it to be FIPS compliant, some of the resources will need to be deleted and re-created in order to turn on FIPS compliance.

To re-configure an existing AWS Verified Access environment to be FIPS compliant, follow the steps below.

  1. Delete your original Verified Access endpoint(s), group(s), and instance. Your configured trust providers can be re-used.

  2. Create a Verified Access instance, making sure to enable Federal Information Process Standards (FIPS) during creation. Also during creation, attach the Verified Access trust provider you want to use, by selecting it from the drop down list.

  3. Create a Verified Access group. During creation of the group, you associate it with the Verified Access instance just created.

  4. Create one or more Verified Access endpoints. During the creation of your endpoint(s), you associate them with the group created in the previous step.

Configure a new Verified Access environment for FIPS compliance

To configure a new AWS Verified Access environment that is FIPS compliant, follow the steps below.

  1. Configure a trust provider. You will need to create a user identity trust provider and (optionally) a device-based trust provider, depending on your needs.

  2. Create a Verified Access instance, making sure to enable Federal Information Process Standards (FIPS) during the process. Also during creation, attach the Verified Access trust provider you created in the previous step, by selecting it from the drop down list.

  3. Create a Verified Access group. During creation of the group, you associate it with the Verified Access instance just created.

  4. Create one or more Verified Access endpoints. During the creation of your endpoint(s), you associate them with the group created in the previous step.

On this page

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.