From aa07020b6a515b84152eb16b798ea3ced546369b Mon Sep 17 00:00:00 2001 From: Fletcher Woodruff Date: Thu, 23 Oct 2025 11:06:12 -0700 Subject: [PATCH] feat: document nodeclass FIPS support Add change notification and documentation for FIPS AMI support. --- latest/ug/automode/auto-change.adoc | 4 ++++ latest/ug/automode/create-node-class.adoc | 6 +++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/latest/ug/automode/auto-change.adoc b/latest/ug/automode/auto-change.adoc index 806a857b..f0393ff5 100644 --- a/latest/ug/automode/auto-change.adoc +++ b/latest/ug/automode/auto-change.adoc @@ -14,6 +14,10 @@ To receive notifications of all source file changes to this specific documentati https://github.com/awsdocs/amazon-eks-user-guide/commits/mainline/latest/ug/automode/auto-change.adoc.atom ---- +== October 23, 2025 + +*Feature:* Users with clusters in US regions can now request to use FIPS compatible AMIs by specifying `spec.advancedSecurity.fips` in their NodeClass definition. + == October 1, 2025 *Feature:* EKS Auto Mode now supports deploying nodes to {aws} Local Zones. For more information, see <>. diff --git a/latest/ug/automode/create-node-class.adoc b/latest/ug/automode/create-node-class.adoc index 0f747812..e76177b3 100644 --- a/latest/ug/automode/create-node-class.adoc +++ b/latest/ug/automode/create-node-class.adoc @@ -199,7 +199,11 @@ spec: # Domains to exclude, put all VPC endpoints here - .internal - .eks.amazonaws.com - + + advancedSecurity: + # Optional, US regions only: Specifying `fips: true` will cause nodes in the nodeclass to run FIPS compatible AMIs. + fips: false + # Optional: Custom certificate bundles. certificateBundles: - name: "custom-cert"