AWS Security Blog
AWS achieves FedRAMP JAB High and Moderate Provisional Authorization across 26 services in the AWS US East/West and AWS GovCloud (US) Regions
September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details.
AWS continues to expand the number of services that customers can use to run sensitive and highly regulated workloads in the federal government space. Today, I’m pleased to announce another expansion of our FedRAMP program, marking a 36.2% increase in our number of FedRAMP authorizations. We’ve achieved authorizations for 26 additional services, 7 of which have been authorized for both the AWS US East/West and AWS GovCloud (US) Regions.
We’ve achieved FedRAMP authorizations for the following 22 services in our AWS US East/West Regions:
- Amazon Athena
- Amazon CloudWatch
- Amazon CloudWatch Events
- Amazon Elastic Container Registry (ECR)
- Amazon Elastic Container Service (ECS)
- Amazon Elastic File System (EFS)
- Amazon Elasticsearch, now Amazon OpenSearch Service
- Amazon GuardDuty
- Amazon Kinesis Data Firehose
- Amazon Rekognition
- AWS CodeBuild
- AWS CodeCommit
- AWS CodeDeploy
- AWS Elastic Beanstalk
- AWS Glue
- AWS IoT Core
- AWS IoT Device Management
- AWS IoT Greengrass
- AWS Managed Service
- AWS Organizations
- AWS Server Migration Service (SMS)
- AWS Step Functions
We also received 11 service authorizations in our AWS GovCloud (US) Regions:
- Amazon Athena
- Amazon Aurora (MySQL)
- Amazon Aurora (Postgres)
- Amazon GuardDuty
- Amazon Rekognition
- Amazon WorkSpaces
- AWS Directory Service
- AWS Glue
- AWS IoT Core
- AWS IoT Device Management
- AWS Server Migration Service (SMS)
In total, we now offer 70 AWS services authorized in the AWS US East/West Regions under FedRAMP Moderate and 54 services authorized in the AWS GovCloud (US) Regions under FedRamp High. You can see our full, updated list of authorizations on the FedRAMP Marketplace. We also list all of our services in scope by compliance program on our Services in Scope page.
Our FedRAMP assessment was completed with a third-party assessment partner to ensure an independent validation of our technical, management, and operational security controls against the FedRAMP baselines.
We care deeply about our customers’ needs, and compliance is my team’s priority. We want to continue to onboard services into the compliance programs our customers are using, such as FedRAMP.
To learn what other public sector customers are doing on AWS, see our Government, Education, and Nonprofits Case Studies and Customer Success Stories. Stay tuned for future updates on our Services in Scope by Compliance Program page. If you have feedback about this blog post, let us know in the Comments section below.
Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.