AWS Security Blog
Fall 2018 SOC reports now available with 73 services in scope
Seventy-three. That’s the number of AWS services now available to our customers under our System and Organizational Controls (SOC) 1, 2, and 3 audits, with 11 additional services included during this most recent audit cycle. The SOC reports are now available to you on demand in the AWS Management Console. The SOC 3 report can be downloaded online as a pdf.
As you can see from the list of new services added below, we’re now including services’ namespaces to our assessment documentation. We’ll be including namespaces going forward to have a standard naming convention for services across our audits. Knowing services’ namespaces also helps you identify services when creating IAM policies, working with Amazon Resource Names (ARNs), and reading AWS CloudTrail logs.
The 11 services newly added to our SOC scope:
- Amazon Kinesis Video Streams (kinesisvideo)
- Amazon MQ (mq)
- Amazon Pinpoint (mobiletargeting)
- Amazon Polly (polly)
- Amazon Rekognition (rekognition)
- Amazon SageMaker (sagemaker)
- AWS AppSync (appsync)
- AWS Certificate Manager (acm)
- AWS CodeCommit (codecommit)
- AWS Firewall Manager (fms)
- AWS Service Catalog (servicecatalog)
As always, my team strives to include services into the scope of our compliance programs based on your architectural and regulatory needs. Please reach out to your AWS representatives to let us know what additional services you would like to see in scope across any of our compliance programs. To see our current list, go to the Services in Scope page.
Want more AWS Security news? Follow us on Twitter.