We are pleased to announce that Oracle Container Engine for Kubernetes (OKE) and Oracle Cloud Infrastructure Registry (OCIR) have been added to the FedRAMP high authorized Oracle Cloud Infrastructure (OCI) Government data regions. These services have received US Federal Risk and Authorization Management Program (FedRAMP) provisional authority to operate (P-ATOs) and authority to operate (ATOs) as defined by FedRAMP.
FedRAMP is a US government-wide program that provides a standard approach to the security assessment, authorization, and continuous monitoring of cloud products and services. FedRAMP has three impact levels of authorization: low, medium, and high. Customers who subscribe to these government regions can now run regulated containerized workloads that require FedRAMP high accreditation on managed Kubernetes clusters. This authorization can also be used as a security benchmark for other regulated customers, such as financial institutions, health, and manufacturing. For more information, refer to Oracle’s Federal Risk and Authorization Management Program page.
Oracle Container Engine for Kubernetes is an Oracle-managed container orchestration service based on open source Kubernetes that can reduce the time and cost to build modern cloud native applications. This service includes the ability to automate the deployment, scaling, and management of containerized applications. OCI Container Registry is an open standards-based, Oracle-managed Docker registry service for securely storing and sharing container images. Developers and IT teams can use these services together to support containerized application lifecycles.
FedRAMP high accreditation for Oracle Container Engine for Kubernetes and OCI Container Registry provides assurances that physical and virtual security, maintenance, tools, people, and processes meet both current and ongoing compliance standards. Public Sector customers and other regulated customers who subscribe to OCI Government Data Regions can now push and pull Docker images from their own managed image registry and securely deploy those images to a Kubernetes cluster.
To learn more about Oracle Cloud Infrastructure authorization and compliance, visit Oracle Cloud Compliance.