AWS Public Sector Blog

Automate NIST Compliance in AWS GovCloud (US) with AWS Quick Start Tools

Take the steps to deploy security-focused baseline environments on the AWS Cloud in this Quick Start demo. This Quick Start deploys a standardized environment that helps organizations with workloads that fall in scope for any of the following:

  • National Institute of Standards and Technology (NIST) SP 800-53 (Revision 4)
  • NIST SP 800-171
  • The OMB Trusted Internet Connection (TIC) Initiative – FedRAMP Overlay (pilot)
  • The DoD Cloud Computing Security Requirements Guide (SRG)

View this short demo and learn how to automate NIST and FedRAMP High compliance in just a few clicks. Let’s see how easy and quick it is to deploy a secure and compliant NIST environment.

  1. Navigate to aws.amazon.com/quickstart and scroll down to the “Security & Compliance” section. Find the NIST and the NIST-High Quick Starts and then hit “View Guide.” The guide will provide what you need to know to deploy the NIST-compliant AWS architecture and links to the security control matrix, which describes how the environment meets NIST-control baselines.
  2. Within the guide, scroll down and click on the “Launch Quick Start” if you want to launch it into a public AWS Region. Or, if you want to specifically launch it in AWS GovCloud (US), then click the link above. Within the demo, we will be launching it into a public AWS Region (AWS US-East)
  3. Once you click on the “Launch Quick Start,” it will take you to the Cloud Formation console inside your AWS account. Hit the next button and it will load the Cloud Formation template, which will prompt you to fill in some parameters to customize this for your environment (Database password, Existing SSH Keys for your Instances, and the Availability Zones). After this, hit next. Take the defaults on the next screen and then hit next again. Acknowledge that “AWS CloudFormation might create IAM resources with custom names.” Hit create
  4. At this point, an environment will be built for you in about 30 minutes. Once it is created, you will notice that all of the stacks are available to you. Then, you can go through the stacks and see how they were built and configured to your specification. To show that they are built correctly, there is a landing page that you can click within the application stack’s outputs.
  5. Congratulations! You have successfully launched the Standardized Architecture for NIST 800-53 on the AWS Cloud Quick Start. Here you will find links to the security matrix and other artifacts that will help you document the system for your own authorizations.

That’s it for the demo! Watch the full video here.


Want to continue learning? Attend this free one-day workshop on May 8, 2018 for U.S. federal government IT professionals, architects, and administrators to learn how to architect for NIST and FedRAMP High in AWS GovCloud (US). This workshop helps participants map NIST requirements to cloud architecture best practices and it provides hands-on experience with AWS NIST Quick Start tools that can help fast track the FedRAMP ATO process. Seating is limited. Please register here to reserve your seat!