AWS Services in Scope by Compliance Program

I'd like information about Services in Scope

We include services in the scope of our compliance efforts based on the expected use case, feedback and demand. If a service is not currently listed as in scope of the most recent assessment, it does not mean that you cannot use the service. It is part of the shared responsibility for your organization to determine the nature of the data. Based on the nature of what you are building on AWS, you should determine if the service will process or store customer data and how it will or will not impact the compliance of your customer data environment.

We encourage you to discuss your workload objectives and goals with your AWS account team; they will be able to evaluate your proposed use case and architecture, and how our security and compliance processes overlay that architecture. Need to connect with an AWS business representative?

AWS Services in Scope have been fully assessed by a third party auditor and result in a certification, attestation of compliance or ATO.

✓ = This service is currently in scope and is reflected in current reports

In Progress = This service is undergoing a full assessment by our third party assesor

Ready = This service has been fully assessed by our third party assessor and the FedRAMP Security Package is available for review by authorizing officials (AO)

SOC

SERVICES / PROGRAMS	SOC 1,2,3
Amazon CloudWatch Logs	✓
Amazon DynamoDB	✓
Amazon ElastiCache	✓
Amazon Elastic Block Store (EBS)	✓
Amazon Elastic Compute Cloud (EC2)	✓
Amazon Elastic File System (EFS)	✓
Amazon Elastic MapReduce	✓
Amazon Glacier	✓
Amazon Redshift	✓
Amazon RDS (MySQL, Oracle)	✓
Amazon RDS (Postgres)	✓
Amazon RDS (SQL Server)	✓
Amazon RDS (MariaDB)	✓
Amazon RDS Aurora (MySQL)	✓
Amazon Route 53	✓
Amazon SimpleDB	✓
Amazon Simple Email Service (SES)	✓
Amazon Simple Notification Service (SNS)	✓
Amazon Simple Queue Service (SQS)	✓
Amazon Simple Storage Service (S3)	✓
Amazon Simple Workflow Service (SWF)	✓
Amazon Virtual Private Cloud (VPC)	✓
Amazon WorkMail	✓
Amazon WorkSpaces	✓
Auto Scaling	✓
AWS CloudFormation	✓
AWS CloudHSM	✓
AWS CloudTrail	✓
AWS Database Migration Service	✓
AWS Direct Connect	✓
AWS Elastic Beanstalk	✓
AWS Identity & Access Management (IAM)	✓
AWS Key Management Service	✓
AWS Storage Gateway	✓
Elastic Load Balancing	✓
VM Import/Export	✓

PCI

SERVICES / PROGRAMS	PCI
Amazon API Gateway	✓
Amazon CloudFront	✓
Amazon CloudWatch Logs	✓
Amazon Cognito	✓
Amazon Connect	✓
Amazon DynamoDB	✓
Amazon EC2 Container Service (ECS)	✓
Amazon Elastic Block Store (EBS)	✓
Amazon Elastic Compute Cloud (EC2)	✓
Amazon Elastic MapReduce	✓
Amazon Glacier	✓
Amazon Kinesis Streams	✓
Amazon Redshift	✓
Amazon RDS (MySQL, Oracle)	✓
Amazon RDS (Postgres)	✓
Amazon RDS (SQL Server)	✓
Amazon RDS (MariaDB)	✓
Amazon RDS Aurora (MySQL)	✓
Amazon Route 53	✓
Amazon SimpleDB	✓
Amazon Simple Queue Service (SQS)	✓
Amazon Simple Storage Service (S3)	✓
Amazon Simple Workflow Service (SWF)	✓
Amazon Virtual Private Cloud (VPC)	✓
Amazon WorkDocs	✓
Amazon WorkSpaces	✓
Auto Scaling	✓
AWS CloudFormation	✓
AWS CloudHSM	✓
AWS CloudTrail	✓
AWS Config	✓
AWS Database Migration Service	✓
AWS Direct Connect	✓
AWS Directory Service (AWS Microsoft AD, Amazon Cloud Directory)	✓
AWS Elastic Beanstalk	✓
AWS Identity & Access Management (IAM)	✓
AWS Key Management Service	✓
AWS Lambda	✓
AWS Managed Services	✓
AWS OpsWorks Stacks	✓
AWS WAF	✓
Elastic Load Balancing	✓

ISO

SERVICES / PROGRAMS	ISO 9001 / 27001 / 27017 / 27018
Amazon API Gateway (excluding the use of Amazon API Gateway caching)	✓
Amazon CloudFront	✓
Amazon DynamoDB	✓
Amazon EC2 Container Service (ECS)	✓
Amazon ElastiCache	✓
Amazon Elastic Block Store (EBS)	✓
Amazon Elastic Compute Cloud (EC2)	✓
Amazon Elastic File System (EFS)	✓
Amazon Elastic MapReduce	✓
Amazon Glacier	✓
Amazon Redshift	✓
Amazon RDS (MySQL, Oracle)	✓
Amazon RDS (Postgres)	✓
Amazon RDS (SQL Server)	✓
Amazon RDS (MariaDB)	✓
Amazon RDS Aurora (MySQL)	✓
Amazon Route 53	✓
Amazon SimpleDB	✓
Amazon Simple Email Service (SES)	✓
Amazon Simple Queue Service (SQS)	✓
Amazon Simple Storage Service (S3)	✓
Amazon Simple Workflow Service (SWF)	✓
Amazon Virtual Private Cloud (VPC)	✓
Amazon WorkDocs	✓
Amazon WorkMail	✓
Amazon WorkSpaces	✓
AWS CloudFormation	✓
AWS CloudHSM	✓
AWS CloudTrail	✓
AWS Config	✓
AWS Database Migration Service	✓
AWS Direct Connect	✓
AWS Directory Service	✓
AWS Elastic Beanstalk	✓
AWS Identity & Access Management (IAM)	✓
AWS Key Management Service	✓
AWS Lambda	✓
AWS Snowball	✓
AWS Storage Gateway	✓
AWS WAF	✓
Elastic Load Balancing	✓
VM Import/Export	✓

FedRAMP

SERVICES / PROGRAMS	FedRAMP Moderate (East/West)	FedRAMP High (GovCloud)
Amazon API Gateway	In Progress	In Progress
Amazon Cloud Directory	In Progress
Amazon CloudWatch Logs	Ready	✓
Amazon Cognito	In Progress
Amazon DynamoDB	✓	✓
Amazon EC2 Systems Manager	In Progress	In Progress
Amazon ElastiCache	In Progress	In Progress
Amazon Elastic Block Store (EBS)	✓	✓
Amazon Elastic Compute Cloud (EC2)	✓	✓
Amazon Elastic MapReduce	Ready	✓
Amazon Glacier	Ready	✓
Amazon Inspector	In Progress
Amazon Kinesis Streams	Ready	✓
Amazon Macie	In Progress
Amazon QuickSight	In Progress
Amazon Redshift	✓	✓
Amazon RDS (MySQL, Oracle)	✓	✓
Amazon RDS (Postgres)	Ready	✓
Amazon RDS (SQL Server)	In Progress	In Progress
Amazon RDS (MariaDB)	In Progress	In Progress
Amazon RDS Aurora (MySQL)	Ready
Amazon RDS Aurora (Postgres)	In Progress
Amazon Route 53	In Progress
Amazon Simple Notification Service (SNS)	Ready	✓
Amazon Simple Queue Service (SQS)	Ready	✓
Amazon Simple Storage Service (S3)	✓	✓
Amazon Simple Workflow Service (SWF)	Ready	✓
Amazon Virtual Private Cloud (VPC)	✓	✓
AWS CloudFormation	Ready	✓
AWS CloudTrail	Ready	✓
AWS Config	In Progress	In Progress
AWS Database Migration Service	In Progress	In Progress
AWS Directory Service (Galaxy)	In Progress
AWS Identity & Access Management (IAM)	✓	✓
AWS Key Management Service	Ready	✓
AWS Lambda	In Progress	In Progress
AWS Shield Advanced	In Progress
AWS Snowball	In Progress	In Progress
AWS Snowball Edge	In Progress	In Progress
AWS WAF	In Progress
Elastic Load Balancing	✓	✓

DoD CC SRG

SERVICES / PROGRAMS	DoD CC SRG IL2 (East/West)	DoD CC SRG IL2 (GovCloud)	DoD CC SRG IL4 (GovCloud)	DoD CC SRG IL5 (GovCloud)
Amazon CloudWatch Logs	Ready	✓	✓
Amazon DynamoDB	✓	✓	✓
Amazon Elastic Block Store (EBS)	✓	✓	✓	✓
Amazon Elastic Compute Cloud (EC2)	✓	✓	✓	✓
Amazon Elastic MapReduce	✓	✓	✓
Amazon Glacier	Ready	✓	✓
Amazon Kinesis Streams	Ready	✓	✓
Amazon Redshift	✓	✓	✓
Amazon RDS (MySQL, Oracle)	✓	✓	✓
Amazon RDS (Postgres)	Ready	✓	✓
Amazon RDS Aurora (MySQL)	Ready
Amazon Simple Notification Service (SNS)	Ready	✓	✓
Amazon Simple Queue Service (SQS)	Ready	✓	✓
Amazon Simple Storage Service (S3)	✓	✓	✓	✓
Amazon Simple Workflow Service (SWF)	Ready	✓	✓
Amazon Virtual Private Cloud (VPC)	✓	✓	✓	✓
AWS CloudFormation	Ready	✓	✓
AWS CloudTrail	Ready	✓	✓
AWS Identity & Access Management (IAM)	✓	✓	✓	✓
AWS Key Management Service	Ready	✓	✓	✓
Elastic Load Balancing	✓	✓	✓

HIPAA BAA

SERVICES / PROGRAMS	HIPAA BAA
Amazon API Gateway (excluding the use of Amazon API Gateway caching)	✓
Amazon CloudFront (including Lamba@Edge)	✓
Amazon Cognito	✓
Amazon Connect	✓
Amazon DynamoDB	✓
Amazon EC2 Container Service (ECS)	✓
Amazon EC2 Systems Manager	✓
Amazon Elastic Block Store (EBS)	✓
Amazon Elastic Compute Cloud (EC2)	✓
Amazon Elastic MapReduce	✓
Amazon Glacier	✓
Amazon Inspector	✓
Amazon Kinesis Streams	✓
Amazon Redshift	✓
Amazon RDS (MariaDB)	✓
Amazon RDS (MySQL, Oracle)	✓
Amazon RDS (Postgres)	✓
Amazon RDS (SQL Server)	✓
Amazon RDS Aurora (MySQL)	✓
Amazon Route 53	✓
Amazon Simple Notification Service (SNS)	✓
Amazon Simple Queue Service (SQS)	✓
Amazon Simple Storage Service (S3)	✓
Amazon Virtual Private Cloud (VPC)	✓
Amazon WorkDocs	✓
Amazon WorkSpaces	✓
AWS Batch	✓
AWS CloudHSM	✓
AWS Database Migration Service	✓
AWS Direct Connect	✓
AWS Directory Service (excluding Simple AD and AD Connector)	✓
AWS Key Management Service	✓
AWS Lambda	✓
AWS Shield	✓
AWS Snowball	✓
AWS Snowball Edge	✓
AWS Snowmobile	✓
AWS Storage Gateway	✓
AWS WAF	✓
Elastic Load Balancing	✓

IRAP

SERVICES / PROGRAMS	IRAP
Amazon Elastic Block Store (EBS)	✓
Amazon Elastic Compute Cloud (EC2)	✓
Amazon Simple Storage Service (S3)	✓
Amazon Virtual Private Cloud (VPC)	✓
AWS Identity and Access Management (IAM)	✓

MTCS

SERVICES / PROGRAMS	MTCS
Amazon API Gateway	✓
Amazon CloudFront	✓
Amazon DynamoDB	✓
Amazon ElastiCache	✓
Amazon Elastic Block Store (EBS)	✓
Amazon Elastic Compute Cloud (EC2)	✓
Amazon EC2 Container Service (ECS)	✓
Amazon Elastic MapReduce	✓
Amazon Glacier	✓
Amazon Redshift	✓
Amazon RDS (MySQL, Oracle)	✓
Amazon RDS (Postgres)	✓
Amazon RDS (SQL Server)	✓
Amazon Route 53	✓
Amazon SimpleDB	✓
Amazon Simple Storage Service (S3)	✓
Amazon Simple Queue Service (SQS)	✓
Amazon Simple Workflow Service (SWF)	✓
Amazon Virtual Private Cloud (VPC)	✓
Amazon WorkDocs	✓
Amazon WorkSpaces	✓
AWS CloudFormation	✓
AWS CloudHSM	✓
AWS CloudTrail	✓
AWS Config	✓
AWS Database Migration Service	✓
AWS Direct Connect	✓
AWS Directory Service	✓
AWS Elastic Beanstalk	✓
AWS Identity & Access Management (IAM)	✓
AWS Key Management Service	✓
AWS Lambda	✓
AWS Storage Gateway	✓
AWS WAF	✓
Elastic Load Balancing	✓
VM Import/Export	✓

C5

SERVICES / PROGRAMS	C5 (Frankfurt)
Amazon DynamoDB	✓
Amazon ElastiCache	✓
Amazon Elastic Block Store (EBS)	✓
Amazon Elastic Compute Cloud (EC2)	✓
Amazon Elastic MapReduce	✓
Amazon Glacier	✓
Amazon Redshift	✓
Amazon RDS (MySQL, Oracle)	✓
Amazon RDS (Postgres)	✓
Amazon RDS (SQL Server)	✓
Amazon RDS (MariaDB)	✓
Amazon RDS Aurora (MySQL)	✓
Amazon Route 53	✓
Amazon Simple Queue Service (SQS)	✓
Amazon Simple Storage Service (S3)	✓
Amazon Simple Workflow Service (SWF)	✓
Amazon Virtual Private Cloud (VPC)	✓
AWS CloudFormation	✓
AWS CloudHSM	✓
AWS CloudTrail	✓
AWS Database Migration Service	✓
AWS Direct Connect	✓
AWS Elastic Beanstalk	✓
AWS Identity & Access Management (IAM)	✓
AWS Key Management Service	✓
AWS Storage Gateway	✓
Elastic Load Balancing	✓
VM Import/Export	✓