AWS Public Sector Blog

Category: AWS GovCloud (US)

Enabling SAML AWS SSO GovCloud

Enabling SAML 2.0 federation with AWS SSO and AWS GovCloud (US)

AWS SSO helps administrators centrally manage access to multiple AWS accounts that are members of an AWS Organization. End users can authenticate and then access all their AWS accounts from a single interface. Using AWS SSO as a SAML identity provider for your AWS accounts also has security benefits: user credentials provided via federation are temporary. AWS SSO does not automatically detect AWS GovCloud (US) accounts associated with standard AWS accounts in your AWS Organization. AWS SSO is also not currently available in AWS GovCloud (US). As a result, AWS SSO cannot be used to automatically provision access for your users into an AWS GovCloud (US) account. However, this functionality can be extended to enable federation into AWS GovCloud (US) with a “custom SAML 2.0 application” in AWS SSO.

Read More

Using AWS SSO with Microsoft Azure AD to federate to AWS GovCloud (US)

Many government customers use AWS GovCloud (US) because it provides an environment for sensitive data and regulated workloads by addressing a number of U.S. government security and compliance requirements. In many cases, customers have a number of AWS GovCloud (US) accounts and managing authentication and authorization can require a lot of work. These customers may also use Microsoft Azure Active Directory (Azure AD) for identity management, single sign-on (SSO), and multi-factor authentication (MFA). This post builds on features and functionality announced earlier by demonstrating the necessary steps to configure Azure AD, AWS SSO, and the AWS GovCloud (US)-specific identity provider centrally for ease of management.

Read More
AWS Compliance Week 2020

Accelerate cloud compliance for sensitive and regulated workloads: Register for AWS Compliance Week

If you are a technology professional looking to understand how cloud security adheres to compliance requirements, attend our AWS Compliance Week webinar series on November 2-6. You will learn how to architect compliant, multi-region cloud environments, establish agile governance for regulated workloads, and use new AWS solutions to help accelerate compliance. Hear government and industry perspectives on achieving high compliance from the General Services Administration’s FedRAMP program management office, and customers Maxar, Salesforce, and Coalfire.

Read More
IDC whitepaper: How government agencies meet security and compliance requirements with the cloud

New IDC whitepaper released: How government agencies meet security and compliance requirements with the cloud

A new IDC whitepaper, sponsored by AWS, “How Government Agencies Meet Security and Compliance Requirements in the Cloud” examines why federal agencies are moving more systems and information to the cloud as a launching point for agency-wide IT modernization. The paper shares executive, legislative, and other government-wide initiatives influencing agencies to accelerate their cloud adoption plans, risks IT leaders face by delaying cloud migrations, and how secure, compliant cloud environments help agencies achieve compliance and security for their sensitive workloads.

Read More
city skylines looking up

Helping more than 100 partners achieve FedRAMP Authority to Operate (ATO)

Government agencies have accelerated their transition to the cloud over the last few years, and COVID-19 has accelerated the urgency and pace of that move. A benefit of moving to the cloud is increased security. But to realize this, new infrastructure must be implemented and managed correctly, using best practices and the right technologies. Working with our partners, AWS has helped dozens of solutions accelerate their FedRAMP authorizations. There are more than 100 FedRAMP-authorized solutions running on AWS.

Read More
US Census online

U.S. Census brings nationwide count to the AWS Cloud

The U.S. Census Bureau has made history by inviting people to participate in its decennial count online for the first time, powered by Amazon Web Services (AWS). The decennial census is an official count of every person living in the United States and five U.S. territories, and it takes place once every ten years. To help bring the Census online, the Census Bureau moved its 2020census.gov website to AWS GovCloud (US).

Read More
Amazon S3 Glacier

Securing Amazon S3 Glacier with a customer-managed encryption key

Customer managed encryption keys are a common architecture requirement within highly regulated workloads. This post demonstrates how to satisfy this requirement within Amazon Simple Storage Service (Amazon S3), including Amazon S3 Glacier. We also clarify some common points of confusion and demonstrate how objects can be uploaded directly to Amazon S3 Glacier via Amazon S3, which can help meet regulatory requirements as well as potentially save budget.

Read More
Voting booth

Supporting elections through voter education and information access, security and scalability, and absentee voting

Even in uncertain times, election officials and political stakeholders are committed to serving a dynamic electorate in a secure, scalable, and cost-effective way. Cloud-based technologies from Amazon Web Services (AWS) and the AWS Partner Network (APN) can help elections administrators, campaigns, and civic engagement organizations with access to information, security and scalability, and absentee voting workflow solutions.

Read More
containers

Announcing Amazon Elastic Kubernetes Service (EKS) in AWS GovCloud (US)

Amazon Elastic Kubernetes Service (Amazon EKS) is now generally available in AWS GovCloud (US) Regions. Now government organizations and commercial organizations in government-regulated industries who adopt Kubernetes as their standard for orchestrating containers can use Amazon EKS to deploy a managed Kubernetes cluster on AWS. According to the 2019 Cloud Native Computing Foundation survey of their community, Amazon EKS is the leading method for deploying Kubernetes.

Read More

Customers can now connect AWS Outposts to AWS GovCloud (US) Regions

Government customers and commercial organizations in government-regulated industries can now connect their AWS Outposts to the AWS GovCloud (US) Regions. With this launch, users in AWS GovCloud (US) Regions can get a consistent AWS experience by accessing the same AWS infrastructure, services, APIs, and tools across on premises and the cloud.

Read More