Q. What is Amazon Web Services?
Amazon Web Services (AWS) provides agencies and businesses with an infrastructure web services platform in the cloud. With AWS you can requisition compute, storage, and other services – gaining access to a suite of secure, scalable, and flexible IT infrastructure services as your agency or business demands them. With AWS, you pay only for what you use, making AWS the most cost-effective way to deliver your applications.
Q. What is AWS GovCloud (US)?
AWS GovCloud (US) is an AWS region designed to allow US government agencies at the federal, state and local level, along with contractors, educational institutions and other US customers to run sensitive workloads in the cloud by addressing their specific regulatory and compliance requirements. Beyond the assurance programs applicable to all AWS regions, the AWS GovCloud (US) region allows customers to adhere to U.S. International Traffic in Arms Regulations (ITAR) regulations, the Federal Risk and Authorization Management Program (FedRAMP) requirements and the Department of Defense (DoD) Cloud Security Model (CSM) Levels 3-5.
Q. What is the AWS GovCloud (US) network?
The AWS GovCloud (US) network consists of AWS’s internal data center facilities, servers, networking equipment, and host software systems that are within AWS’s reasonable control and are used to provide the AWS Services in the AWS GovCloud (US) Region.
Q. Where is the AWS GovCloud (US) Region located?
The AWS GovCloud (US) Region is located in the Northwestern region of the United States.
Q. Why is it not available in the East Coast, where many government agencies are located?
Many government agencies are already using AWS in the US-East Region, so offering this service on the West Coast allows government agencies the ability to leverage multiple AWS Regions for further fault tolerance and redundancy. We plan to expand AWS GovCloud to other US locations in the future.
Q. Does the AWS GovCloud (US) Region have a FedRAMP Agency ATO?
Yes. Two separate FedRAMP Agency ATOs have been issued; one encompassing the AWS GovCloud (US) Region, and the other covering the AWS US East/West regions. Visit the FedRAMP FAQs to find out more. Customers can immediately request access to the "Amazon Web Services - AWS GovCloud (US) Region" FedRAMP package by submitting a request on the Compliance Contact Us Request Form or by submitting a request through the FedRAMP Program Management Office.
Q. Does AWS GovCloud (US) offer better security than other AWS regions?
AWS GovCloud (US) offers the same high level of security as other AWS regions and supports existing AWS security controls and certifications. These controls can be found on the AWS Compliance page. The AWS GovCloud (US) Region maintains the region via U.S. persons only and provides customers with the ability to access the region through FIPS 140-2 service endpoints.
Q. What are the ITAR requirements?
ITAR is the International Traffic in Arms Regulations, which is a set of United States government regulations that control the export and import of defense-related articles and services on the United States Munitions List (USML) and related technical data. ITAR requires, in relevant part, that covered material (items listed on the USML) only be shared with U.S. persons absent special authorization or exemption. AWS manages the AWS GovCloud (US) region using U.S. persons, and enables customers to architect solutions in the AWS GovCloud (US) region involving ITAR data (with due consideration to the customer’s shared responsibility for export-control compliance).
Q. Is the AWS GovCloud (US) Region ITAR certified?
Unlike ISO 27001, there is no formal ITAR certification. However, AWS has conducted a third-party review of the AWS GovCloud (US) Region and our FedRAMP authorizations attest to the controls in place within the AWS GovCloud (US) Region to ensure AWS supports customers building ITAR compliant systems on AWS.
Q. What is a “protected article”?
A protected article under ITAR is any technical data stored in any form (e.g. a document or other digital file) that contains information related to items or services designated in the USML. ITAR compliance is focused on ensuring this technical data is not inadvertently distributed to foreign persons or foreign nations.
Q. Does ITAR apply to AWS?
As an IaaS provider, in providing services AWS is not an exporter of data as contemplated by ITAR and other export control laws. As a result, AWS is not required to maintain a comprehensive export compliance program. However, AWS facilitates customers with ITAR requirements by restricting access to the AWS GovCloud network controlled by AWS to U.S. persons. This facilitates a customer’s management of their own compliance obligations while processing and store data in the AWS GovCloud (US) region.
AWS GovCloud (US) requires a separate account ID and user access credentials in addition to those required for an associated standard AWS account. Access is restricted to customers who are US Persons, not subject to export restrictions, and who comply with US export control laws and regulations, including the International Traffic in Arms Regulations (ITAR). Qualified customers can request access to AWS GovCloud (US) from the AWS Management Console of a standard AWS account or by contacting an AWS business representative as described in Getting Started.
Q. Do all government agencies need to use AWS GovCloud (US)?
No. AWS GovCloud (US) is provided for entities that choose, or are required, to utilize a US Persons only cloud environment. Agencies that do not want to use a US Persons only environment can use our other cloud services, which provide FISMA-Moderate controls.
Q. Do agencies have to sign a contract to use AWS GovCloud (US)?
Yes. Agencies must sign a customer agreement and an agreement specific to AWS GovCloud (US) to access the AWS GovCloud (US) Region. Please contact your AWS Business Representative, or fill out the AWS GovCloud (US) Contact Us form.
Q. What are AWS GovCloud (US) use cases?
AWS GovCloud (US) can be used to power a wide variety of IT applications and workloads, including Enterprise Applications (Oracle, SAP, Microsoft Windows Server, etc.), High Performance Computing (HPC), Storage, Disaster Recovery and Web Applications workloads.
Q. What services are available in AWS GovCloud (US)?
See the AWS GovCloud (US) Product Details page for the list of available services.
Q. How do I get to the AWS Management Console for the AWS GovCloud (US) Region?
Login to the AWS Management Console for the AWS GovCloud (US) Region. To learn more about how to setup your unique login credentials for console access, please visit the AWS GovCloud (US) User's Guide.
Q. How do I set up Direct Connect for the AWS GovCloud (US) Region?
See the AWS GovCloud (US) User Guide for detailed instructions on how to set up a Direct Connect connection for the AWS GovCloud (US) Region.
Q. Is IPV6 available in AWS GovCloud (US)?
No, IPV6 is not currently available for customers running instances in VPC, and VPC is a standard security feature in AWS GovCloud (US). Please contact your AWS Business Representative, or fill out the AWS GovCloud (US) Contact Us form.
Q. What types of customer service and support are provided for the AWS GovCloud (US) Region?
Customer Service is available 24/365/7 to answer any billing or account related questions. AWS GovCloud (US) customers can choose from either Business-level or Enterprise-level technical support. Business-level support provides 24/7/365 Phone, Chat, and email support with a 1 hour response, support for 3rd party software, and architecture support. Enterprise-level support customers receive additional benefits with a 15 minute response time and are assigned a Technical Account Manager (TAM). Due to the ITAR certification requirements, Developer-level technical support is not currently offered.
The Service Health Dashboard for the AWS GovCloud (US) Region is available for all customers.
Q. How do I sign up for technical support?
Please contact your AWS Business Representative. They will assist you in enabling your master account with AWS Business or Enterprise-level support.
Q. How can I access customer service and support for the AWS GovCloud (US) Region?
Support can be obtained by navigating to the Support Center - log in using your master AWS account, create a case, and indicate that your question or issue is in regard to the AWS GovCloud (US) region.
Q. How much does AWS GovCloud (US) cost?
AWS GovCloud (US) provides customers with a choice in how they want to purchase our services. AWS GovCloud (US) costs are based on the quantity of services used and the payment model utilized to procure these services.
The on-demand and reserved pricing models available in the traditional AWS cloud are also available in the AWS GovCloud (US) Region. In addition, a new pricing model, Fixed Price Reserved, is available in the AWS GovCloud (US) Region for Amazon EC2, Amazon S3 and AWS Data Transfer services. Fixed Price Reserved pricing allow AWS GovCloud (US) customers the option to make a one-time fixed payment for each service they want to reserve. After the one-time payment, customers can utilize that service for the duration of their term with no additional payment as long as they don’t exceed the usage they have paid for.
Detailed Pricing for all services is posted on the AWS GovCloud (US) Pricing Page.
Q. How do I purchase Reserved Capacity offerings for Amazon DynamoDB in the AWS GovCloud (US) Region?
In order to purchase Reserved Capacity offerings for Amazon DynamoDB in the AWS GovCloud (US) Region, contact your AWS Business Representative, or fill out the AWS GovCloud (US) Contact Us form.