aws · simonmarty · Apr 7, 2026 · Mar 27, 2026 · Apr 2, 2026 · Apr 2, 2026
@@ -43,17 +43,6 @@ jobs:
         run: |
           which cargo-llvm-cov || cargo install cargo-llvm-cov
           which cargo-deny || cargo install cargo-deny
-      - name: Install ninja-build tool for aws-lc-fips-sys on Windows
-        if: runner.os == 'Windows'
-        uses: seanmiddleditch/gha-setup-ninja@v6
-      - name: Install NASM for aws-lc-fips-sys on Windows
-        if: runner.os == 'Windows'
-        uses: ilammy/setup-nasm@v1
-      - name: Install golang for aws-lc-fips-sys on macos
-        if: runner.os == 'MacOS'
-        uses: actions/setup-go@v6
-        with:
-          go-version: "stable"
       - name: Check licenses
         run: cargo-deny check licenses
       - name: Build

@@ -31,10 +31,15 @@ To download the source code, see [https://github\.com/aws/aws\-secretsmanager\-a
       - [\[ curl \]](#-curl--1)
       - [\[ Python \]](#-python--1)
   - [Configure the Secrets Manager Agent](#configure-the-secrets-manager-agent)
-  - [Optional features](#optional-features)
   - [Logging](#logging)
   - [Security considerations](#security-considerations)
-  - [Running Integration Tests Locally](#integration-tests-local)
+  - [Running Integration Tests Locally](#running-integration-tests-locally)
+    - [Prerequisites](#prerequisites)
+    - [Required AWS Permissions](#required-aws-permissions)
+    - [Running Tests](#running-tests)
+      - [Option 1: Using the test script](#option-1-using-the-test-script)
+      - [Option 2: Manual execution](#option-2-manual-execution)
+    - [Test Organization](#test-organization)
 
 ## Step 1: Build the Secrets Manager Agent binary<a name="secrets-manager-agent-build"></a>
 
@@ -46,10 +51,6 @@ To build the Secrets Manager Agent binary natively, you need the standard develo
 
 Example: `git clone --branch <git tag> https://github.com/aws/aws-secretsmanager-agent.git`
 
-**NOTE:** Building the agent with the `fips` feature enabled on macOS currently requires the following workaround:
-
-- Create an environment variable called `SDKROOT` which is set to the result of running `xcrun --show-sdk-path`
-
 #### [ RPM\-based systems ]
 
 1. On RPM\-based systems such as AL2023, you can install the development tools by using the Development Tools group\.
@@ -468,11 +469,6 @@ The following list shows the options you can configure for the Secrets Manager A
 + **path\_prefix** – The URI prefix used to determine if the request is a path based request\. The default is "/v1/"\.
 + **max\_conn** – The maximum number of connections from HTTP clients that the Secrets Manager Agent allows, in the range 1 to 1000\. The default is 800\.
 
-## Optional features<a name="secrets-manager-agent-features"></a>
-
-The Secrets Manager Agent can be built with optional features by passing the `--features` flag to `cargo build`. The available features are:
-* `fips`: restricts the cipher suites used by the agent to only FIPS-approved ciphers
-
 ## Logging<a name="secrets-manager-agent-log"></a>
 
 The Secrets Manager Agent logs errors locally to the file `logs/secrets_manager_agent.log` or to stdout/stderr depending on the `log_to_file` config variable\. When your application calls the Secrets Manager Agent to get a secret, those calls appear in the local log\. They do not appear in the CloudTrail logs\. 

@@ -37,6 +37,3 @@ aws-smithy-runtime = { version = "1", features = ["test-util"] }
 tokio = { version = "1", features = ["test-util", "rt-multi-thread", "net", "macros"] }
 http = "0.2.9"
 aws-smithy-types = "1"
-
-[features]
-fips = ["aws_secretsmanager_caching/fips"]
@@ -32,9 +32,6 @@ tokio-test = "0.4.4"
 criterion = { version = "0.7.0", features = ["async_tokio", "html_reports"] }
 rand = "0.9.2"
 
-[features]
-fips = ["rustls/fips"]
-
 [[bench]]
 name = "benchmark"
 harness = false