Skip to content

[FIPS140] awss3 input panics due to md5 usage #47080

New issue
New issue
Open
Enhancement
#47105
Open
[FIPS140] awss3 input panics due to md5 usage#47080
Enhancement
#47105
Assignees
kaiyan-sheng
Labels
Team:obs-ds-hosted-servicesLabel for the Observability Hosted Services team
@ycombinator

Description

@ycombinator
ycombinator
opened on Oct 13, 2025

Version: 9.1.2 (FIPS distribution)

When a FIPS-capable distribution of Filebeat is used, the awss3 input, when fetch messages from SQS, panics due to this usage of md5.

Note that this particular md5 usage is non-cryptographic — it's only used for checksum validation — and, therefore, is permissible under FIPS-140 but until this Golang proposal is implemented, there is no way to mark it as a valid exception.

Until said proposal is implemented, we may want to offer users a configuration option on the input (and any modules that use it) to disable this checksum validation.

Metadata

Metadata

Assignees

Labels

Team:obs-ds-hosted-servicesLabel for the Observability Hosted Services team

Type

Enhancement

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions