Latest PCI DSS v4.0 compliance package available in AWS Artifact

Amazon Web Services is pleased to announce that eight additional AWS services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) v4.0 certification:

• AWS AppFabric
• Amazon Bedrock
• AWS Clean Rooms
• AWS HealthImaging
• AWS IoT Device Defender
• AWS IoT TwinMaker
• AWS Resilience Hub
• AWS User Notifications

Coalfire, a third-party Qualified Security Assessor (QSA), evaluated AWS. For the full list of services in scope, see AWS Services in Scope by Compliance Program.

Customers can access the PCI DSS package in AWS Artifact. The package includes the following:

• Attestation of Compliance (AoC) — shows that AWS has been successfully validated against the PCI DSS standard.
• AWS Responsibility Summary – provides information to help you effectively manage a PCI cardholder environment on AWS and better understand your responsibility regarding operating controls to effectively develop and operate a secure environment on AWS.

To learn more about our PCI program and other compliance and security programs, see the AWS Compliance Programs page. As always, we value your feedback and questions; reach out to the AWS Compliance team through the Contact Us page.

Want more AWS Security news? Follow us on Twitter.