FIPS 140-3 Certification

This image is FIPS-validated to ensure its cryptographic operations meet the Federal Information Processing Standards (FIPS) required for secure government and regulated environments. Its core cryptographic modules are validated under the NIST Cryptographic Module Validation Program (CMVP) and comply with the FIPS 140-3 standard.

To verify that the FIPS 140-3 provider is configured and active, follow the instructions in the FIPS compliance tab.

Try It Out

Take the Minimus fluentd-kubernetes-daemonset image for a test run by running it as a Docker container that streams logs to AWS Kinesis.

Step 1

Create a Kinesis stream in AWS using the AWS Management Console or using the AWS CLI

Step 2

Create a new file named fluent.conf with the following content.

Replace <your-aws-region> with your actual AWS region (e.g., us-east-1) and <your-kinesis-stream-name> with the name of your Kinesis stream

<source>
  @type tail
  path /fluentd/log/app.log
  pos_file /fluentd/log/app.log.pos
  tag myapp.logs
  format none
</source>
<match myapp.logs>
  @type kinesis_streams
  region <your-aws-region>
  stream_name <your-kinesis-stream-name>
  auto_create_stream true
  <buffer>
    flush_interval 5s
  </buffer>
</match>

Step 3

Run the following to launch a Fluentd container that monitors a local log file (app.log) and forwards its contents to an AWS Kinesis Data Stream.

Replace the <your-aws-access-key> as well as <your-aws-secret-key> with your aws acceess key and secret and <your-aws-region> with your actual AWS region

docker run -d --name minimus-fluentd-kinesis \
-v ./app.log:/fluentd/log/app.log \
-v ./fluent.conf:/fluentd/etc/fluent.conf \
-e AWS_ACCESS_KEY_ID=<your-aws-access-key> \
-e AWS_SECRET_ACCESS_KEY=<your-aws-secret-key> \
-e AWS_REGION=<your-aws-region> \
reg.mini.dev/fluentd-kubernetes-daemonset-fips

Step 4

Finally, write a message to the app.log (command below will print the message "Hello from Minimus Fluentd to Kinesis" to app.log file every 10 seconds)

watch -n 10 'echo "Hello from Minimus Fluentd to Kinesis" >> ./app.log'

You should now see the log message appear in the AWS Kinesis stream you created.

Technical Considerations

The Fluentd-kubernetes-daemonset-FIPS image provided by Minimus is a FIPS-validated, slim, security-hardened alternative to the public image from Docker Hub. The images are largely interchangeable, with a few differences as noted below.

Terms & Info

This catalog is published by Minimus. All product names, logos, and marks, other than those belonging to Minimus, shown are owned by their respective rights holders and appear here only to identify the open source software each image contains. Minimus claims no ownership of those marks and implies no affiliation with, endorsement by, certification by, or sponsorship by any rights holder.

Images are provided "as-is" without warranty of any kind. "Hardened" refers to the security configuration applied at the time of build and does not constitute a guarantee of ongoing security or absence of vulnerabilities. The free tier is provided without support, SLA, or guaranteed patching timelines. Security updates may be applied to paid subscriptions before or instead of free tier images. By pulling or using any image you agree to our Terms of Use.