AWS Official Blog

Lots of New Features for AWS GovCloud (US)

by Jeff Barr | on | | Comments

 AWS GovCloud (US) is a gated community cloud designed to support the compliance needs of customer workloads with direct or indirect ties to U.S. Government functions, services, or regulations. The AWS GovCloud (US) framework adheres to U.S. International Traffic in Arms Regulations (ITAR) requirements.  Workloads that are appropriate for the AWS GovCloud (US) region include all categories of Controlled Unclassified Information (CUI), including ITAR, as well as Government oriented publicly available data. The customer community utilizing AWS GovCloud (US) includes U.S. Federal, State, and Local Government organizations as well as U.S. Corporate and Educational entities.

Today we are adding a number of important new features to AWS GovCloud (US) in order to open it up to even more types of workloads. Here’s what’s new:

The combination of Elastic Load Balancing, Auto Scaling, and CloudWatch alarms means that applications running in the AWS GovCloud can now meet stringent requirements for scalability and availability.

In general, GovCloud is functionally the same as our standard commercial regions, and customers used to AWS will feel right at home. The services in GovCloud have the same APIs and semantics, with very few exceptions. There are some important differences, however:

  1. GovCloud is the only region where customers are vetted by personal interaction with our sales organization before gaining access.
  2. For EC2 customers, GovCloud is a VPC-only region; traditional EC2 NAT networking is not available.
  3. GovCloud has a separate identity and access system; identities and credentials are not shared between GovCloud and other regions.
  4. There are a few technical enhancements for customers in the government ecosystem, specifically, the presence of FIPS 140-2 certified SSL termination endpoints for AWS APIs and for S3.
  5. There is as yet no web-based graphical console for GovCloud; that is coming soon, but in the meantime we have supported the creation of the ElasticWolf client-side application. ElasticWolf runs on both Windows and Mac and supports all of the new features listed above. It works with all of the AWS regions including GovCloud (US) and includes extensive VPC support. Of course our command-line tools and APIs work as usual. Here’s a screen shot of the most recent version of ElasticWolf:

— Jeff;