FIPS compliance by GitHub Enterprise 3.11.3

[rakeshl-HPE]

I am planning to setup Github Enterprise 3.11.3 on VMWare. I have a hard requirement of ensuring the deployed instance is FIPS 140-2 compliant. How do I enable/ensure that it is FIPS compliant.

[rakeshl-HPE]

Can somebody help me with this?

[sjethvani]

I wanted to setup GHES (Github Enterprise server) self hosted one in AWS for fedramp requirement (as per my knowledge Fedramp requires all tools dealing with some data/configuration to be within some private boundry & hence want to setup GHES in our aws acc under private vpc) .
Checking AMI (for aws) which we can download from https://enterprise.github.com/releases (for-ex https://enterprise.github.com/releases/3.12.0/download for 3.12.0 version , after selecting aws as your platform , it shows AMI , which you can use to launch ec2 instance & all) . So yeah when launching ec2 instance with given AMI, found it uses Ubuntu 20.04.6 LTS as base os & doesn't have FIPS mode enabled . Moreover as per https://manpages.ubuntu.com/manpages/focal/en/man8/fips-mode-setup.8.html , https://canonical.com/blog/fips-certification-ubuntu-20-04-lts says FIPS-certified modules for Ubuntu 20.04 LTS are available through Ubuntu Advantage subscription and Ubuntu Pro (Paid versions) only & since GHES AMI's base os is not Ubuntu Pro , we can't have FIPS mode enabled

All in all , it seems GHES doesn't provide FIPS mode enabled AMI for hosting it on aws.

PS : Not sure how other fedramp companies hosts GHES in their aws acc since AMI itself is not FIPS compliant.