AWS Security Blog
New IRAP reports for Australian customers are now available in AWS Artifact
Following our Information Security Registered Assessors Program (IRAP) assessment in December 2019, we are excited to announce that we have additional new IRAP documents now available in AWS Artifact as a result of the recent IRAP assessment at the PROTECTED level that was finished in June 2020. This includes an IRAP compliance report for 33 additional services, plus 1 separate report for AWS Outposts. Also included are 3 features of services that were already assessed in 2019: Amazon EventBridge for Amazon CloudWatch, AWS Transit Gateway for Amazon Virtual Private Cloud (Amazon VPC), and AWS Lake Formation for AWS Glue. The IRAP documentation pack continues to provide the ability to plan, architect, and self-assess Amazon Web Services (AWS) Cloud services in accordance with the Secure Cloud Strategy of the Australian government’s Digital Transformation Agency.
The list of new services includes Amazon Chime and Amazon AppStream 2.0, which are important services for remote working scenarios.
With the additional 34 services in scope of this cycle, we now have a total of 92 services assessed at the PROTECTED level. For the full list of those services, see the AWS Services in Scope page (select the IRAP tab).
The services in scope of this assessment are:
- Amazon AppStream 2.0
- Amazon Chime
- Amazon Cloud Directory
- Amazon CloudWatch (assessed in 2019) [including EventBridge]
- Amazon Comprehend
- Amazon Comprehend Medical
- Amazon Connect
- Amazon Elastic File System (Amazon EFS)
- Amazon Elastic Kubernetes Service (Amazon EKS) [including EC2 and Fargate launch types]
- Amazon FSx for Lustre
- Amazon FSx for Windows File Server
- Amazon MQ
- Amazon Pinpoint
- Amazon QuickSight
- Amazon Rekognition
- Amazon Transcribe
- Amazon Translate
- Amazon Virtual Private Cloud (Amazon VPC) (assessed in 2019) [including AWS Transit Gateway]
- AWS Batch
- AWS Certificate Manager (ACM)
- AWS CodeBuild
- AWS CodeCommit
- AWS DataSync
- AWS Elemental MediaConvert
- AWS Firewall Manager
- AWS Glue (assessed in 2019) [including AWS Lake Formation]
- AWS IoT Device Management
- AWS IoT Greengrass
- AWS License Manager
- AWS Outposts
- AWS Secrets Manager
- AWS Security Hub
- AWS Server Migration Service (AWS SMS)
- AWS Serverless Application Repository
- AWS Service Catalog
- AWS Storage Gateway
- AWS Transfer Family [including SFTP, FTPS, and FTP]
This brings a raft of services and capabilities to our customers for workloads at the PROTECTED level across contact centers, development pipelines, artificial intelligence and machine learning (AI/ML) services, media services, containers, storage, migration and transfer, networking, analytics, security, application integration, video conferencing, and Internet of Things (IoT), and also enables the ability to run AWS infrastructure and services on premises for a consistent hybrid experience using Outposts. All services in scope are available for you now in the Asia Pacific (Sydney) Region.
Because we care deeply about our customers’ needs, we strive to bring more services into the scope of the IRAP PROTECTED level, based on your requirements. Please reach out to your AWS representatives to let us know what additional services you would like to see in scope for coming IRAP assessments.
If you have feedback about this post, submit comments in the Comments section below. If you have questions about this post, start a new thread on the AWS Artifact forum.
Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.