Enabling customers is a core part of the AWS DNA. The Customer Compliance Center is focused on security and compliance of our customers on AWS. Learn from other customer experiences and discover how your peers have solved the difficult compliance, governance, and audit challenges present in today's regulatory environment.

You can also access our industry-first cloud Auditor Learning Path. These online university learning resources are logical learning paths specifically designed for security, compliance and audit professionals, allowing you to build on the IT skills you have to move your environment to the next generation of audit and security assurance.

Looking for the latest news on Compliance in the cloud?

Visit the AWS Security Blog


Discover how your peers have solved the compliance, governance, and audit challenges present in today's regulatory environment

Time Inc. UK_360x240

A comprehensive suite of resources to help operationalize your AWS cloud governance program

PwC: Building an Efficient, Intelligent, Serverless Pipeline for the Pharma Industry

IAM Management Console
How do I allow users or roles in a separate AWS account access to my AWS account?
How Ancestry Manages Risk in Their Application Environments with Qualys on AWS

How You Can Build Trust Between Your Security and Developer Teams

New features are launched regularly, AWS has 500+ features and services focused on Security and Compliance.

  Date   Feature Update    
April 3, 2019 New Whitepaper: Securing Internet of Things (IoT) with AWS    
March 28, 2019 AWS Key Management Service Increases the Default Limits for Keys, Aliases, and Grants    
March 25, 2019 Enable Fine-Grained Permission Controls in AWS Organizations    
March 25, 2019 Use Service Control Policies to Set Permission Guardrails in Your AWS Organization    
February 8, 2019 Amazon GuardDuty Adds Three New Threat Detections    
January 31, 2019 AWS Achieves HDS Certification    
January 24, 2019 My Security Credentials Page Enables Quicker Access to Security Credentials for IAM users    
January 24, 2019 Updated Whitepaper: Aligning to the NIST Cybersecurity Framework in the AWS Cloud    
January 23, 2019 AWS Awarded PROTECTED Certification in Australia    
January 10, 2019 AWS Services Now Compliant with HIPAA, ISO, PCI, and SOC at Launch    
December 13, 2018 New SOC 2 Report Available: Privacy    
December 6, 2018 114 Services Now Validated against ISO 9001, 27001, 27017, and 27018    
December 5, 2018 93 Services now Compliant with PCI Certification    
November 28, 2018 AWS Introduces AWS Security Hub    
November 28, 2018 AWS Introduces AWS Control Tower    
November 25, 2018 AWS Announces First AWS Security Conference: AWS re:Inforce 2019    
September 5, 2018 AWS Completes TISAX High Assessment    
September 4, 2018 AWS Releases the AWS Compliance Center for Financial Services    
August 20, 2018 Four Additional AWS Services Now Offer FIPS 140-2 Compliant End Points in AWS GovCloud (US)    
August 13, 2018 AWS CloudHSM Audit Logs are Now Available in Amazon CloudWatch    
July 20, 2018 AWS Publishes Updated Cyber Essentials PLUS Certification    
July 17, 2018 Use AWS Organizations to Accept a BAA for multiple AWS Accounts    
July 3, 2018 New PCI DSS Report Now Available, Eight Services Added in Scope    
June 14, 2018 Amazon Cognito Protection for Unusual Sign-in Activity and Compromised Credentials Is Now Available    
June 12, 2018 Deploy Check Point CloudGuard on AWS with New Quick Start    
June 6, 2018 Application Load Balancer Adds New Security Policies Including Policy for Forward Secrecy    
June 5, 2018 AWS Shield Advanced Announces New Onboarding Wizard    
June 5, 2018 AWS WAF Announces Two New Features    
May 22, 2018 AWS GDPR Data Processing Addendum – Now Part of Service Terms    
May 15, 2018 AWS Publishes Argentina Personal Data Protection Law Disposition No.11/2006 Workbook    
May 10, 2018 AWS Adds 11 More Services SOC Compliance Program    
May 9, 2019 AWS Releases Physical Separation Requirement with a Logical Separation Approach Guide    
April 4, 2018
Introducing AWS Certificate Manager - Private Certificate Authority    
April 4, 2018
Amazon EFS Now Supports Encryption of Data in Transit    
April 4, 2018 AWS Introduces AWS Firewall Manager    
April 4, 2018 AWS Introduces AWS Secrets Manager    
March 26, 2018 AWS Announces that All AWS Services are GDPR ready    
March 23, 2018 AWS Receives ENS High Certification    
March 19, 2018 AWS Key Management Service Now Offers FIPS 140-2 Validated Cryptographic Modules    
March 9, 2018 AWS Releases New Quick Reference Guide: Education Edition    
February 28, 2018 Launch Amazon EC2 Instances with Additional Amazon EBS Volumes that are Encrypted Under Customer-Managed Master Key    
February 28, 2018 Amazon WorkDocs Now Offers Data Retention Capabilities    
February 22, 2018 AWS Single Sign-On Now Supports AWS Command Line Interface Access    
February 20, 2018 Amazon Inspector Now Supports Windows Server 2016    
February 20, 2018 AWS Trusted Advisor's S3 Bucket Permissions Check Is Now Free    
February 20, 2018 Inter-Region VPC Peering is Now Available in Nine Additional AWS Regions    
February 15, 2018 AWS Config Adds Support for AWS WAF Rule Groups    
February 2, 2018 AWS Releases Addressing Data Residency with AWS Whitepaper    
January 26, 2018 AWS Adds 16 More Services to Its PCI DSS Compliance Program    
January 12, 2018

AWS Announces Updated C5 Certification is Now Available with 16 Additional Services in Scope


January 10, 2018

AWS Launches Digital Data Center Tour



November 21, 2017

AWS becomes the first global cloud service provider operating in Korea to achieve K-ISMS

November 20, 2017 AWS Announces New AWS Secret Region    
November 17, 2017 AWS Achieves FedRAMP JAB Moderate Provisional Authorization for 20 Services in the AWS US East/West Region    
November 10, 2017 Updated AWS SOC Reports Are Now Available with 19 Additional Services in Scope    
November 8, 2017 AWS Releases New "Navigating GDPR Compliance on AWS" Whitepaper    
November 6, 2017 5 New Amazon S3 Encryption & Security Features    
September 28, 2017 AD Connector, Part of AWS Directory Service, Is Now Available in the AWS EU (Frankfurt) and South America (São Paulo) Regions    
September 21, 2017 Now Use AWS IAM to Delete a Service-Linked Role When You No Longer Require an AWS Service to Perform Actions on Your Behalf    
September 15, 2017 AWS IAM Policy Summaries Now Help You Identify Errors and Correct Permissions in Your IAM Policies    
September 15, 2017 Amazon Inspector Expands Security Assessment Support for RHEL 7.4    
September 14, 2017 AWS CodeBuild Now Provides Ability To Manage Secrets    
September 13, 2017 AWS Earns Department of Defense Impact Level 5 Provisional Authorization    
August 31, 2017 New – Descriptions for Security Group Rules    
August 29, 2017 Amazon Virtual Private Cloud (VPC) now allows customers to expand their existing VPCs    
August 28, 2017 Amazon EC2 Systems Manager Adds Configuration Compliance Reporting and Auto-Remediation    
May 4, 2017 AWS WAF on Application Load Balancer now Integrated with AWS CloudTrail    
April 17, 2017 AWS IAM Makes It Easier to Delegate Permissions to AWS Services with Service-Linked Roles    
March 30, 2017 Amazon Inspector announces support for Proxy environments and availability of CloudWatch Metrics.    
March 23, 2017 Policy Summaries Make Understanding IAM Policies Easier    
February 27, 2017 AWS Organizations – Policy-Based Management for Multiple AWS Accounts    
February 15, 2017 AWS Key Management Service (KMS) now supports tagging of keys    
January 26, 2017 Amazon Cloud Directory – A Cloud-Native Directory for Hierarchical Data    
May 10, 2018
AWS Adds 11 More Services SOC Compliance Program
AWS Adds 11 More Services SOC Compliance Program
New PCI DSS Report Now Available, Eight Services Added in Scope
New PCI DSS Report Now Available, Eight Services Added in Scope



Speed Up Your Migration with QuickStarts


AWS architecture that supports NIST, DoD, FedRAMP standards


AWS architecture for NIST high-impact controls, featuring Trend Micro


Standardized AWS architecture that supports PCI DSS compliance


AWS architecture that supports the UK's NCSC and CIS security controls

Fast-forward your cloud auditing skills for today's environments 

AWS customers in highly regulated industries such as financial services and healthcare tend to undergo frequent security audits. To help make these audits more productive, AWS has released the AWS Auditor Learning Path. This set of online and in-person classes provides foundational and advanced education about implementing security in the AWS Cloud and using AWS tools to gather the information necessary to audit an AWS environment. The Learning Path also includes a set of self-paced labs to help you gain hands-on experience for auditing your use of AWS services.

After completing the AWS Auditor Learning Path, you should have an understanding of how your IT department consumes AWS services and be able to more effectively engage with your compliance and security teams. The Learning Path is specifically designed for:

  • Auditing executives
  • Field auditors
  • Specialized internal auditors

Accelerate your architecture based on industry best practices 

  • View Architecture »

  • View Architecture »

AWS builds its services with industry best practices, and the architecture is in place to help us design an appropriately secure application environment.
Flexibility plus the ability to meet our security and compliance requirements made AWS the right choice for us.




Learn about the unique requirements of the "Internet of Things"

AWS IoT enables connected devices to securely interact with cloud applications as well as other devices. AWS IoT can process and route messages to AWS endpoints in a secure manner.

Tech Talk: Best Practices with IoT Security

Solutions Page Diagram_07182017