We include services in the scope of our compliance efforts based on the expected use case, feedback and demand. If a service is not currently listed as in scope of the most recent assessment, it does not mean that you cannot use the service. It is part of the shared responsibility for your organization to determine the nature of the data. Based on the nature of what you are building on AWS, you should determine if the service will process or store customer data and how it will or will not impact the compliance of your customer data environment.
We encourage you to discuss your workload objectives and goals with your AWS account team; they will be able to evaluate your proposed use case and architecture, and how our security and compliance processes overlay that architecture. Need to connect with an AWS business representative?
AWS Services in Scope have been fully assessed by a third party auditor and result in a certification, attestation of compliance or ATO.
✓ = This service is currently in scope and is reflected in current reports
In Progress = This service is undergoing a full assessment by our third party assesor
Ready = This service has been fully assessed by our third party assessor and the FedRAMP Security Package is available for review by authorizing officials (AO)
-
SOC
-
PCI
-
ISO
-
FedRAMP
SERVICES / PROGRAMS FedRAMP Moderate (East/West) FedRAMP High (GovCloud) Amazon DynamoDB ✓ ✓ Amazon Elastic Block Store (EBS) ✓
✓
Amazon Elastic Compute Cloud (EC2) ✓ ✓ Amazon Elastic MapReduce Ready ✓ Amazon Glacier Ready ✓ Amazon Kinesis Streams Ready In Progress Amazon Redshift ✓
✓ Amazon RDS (MySQL, Oracle) ✓ ✓ Amazon RDS (Postgres) Ready ✓ Amazon RDS Aurora (MySQL) Ready Amazon Simple Notification Service (SNS) Ready ✓ Amazon Simple Queue Service (SQS) Ready ✓ Amazon Simple Storage Service (S3) ✓ ✓ Amazon Simple Workflow Service (SWF) Ready ✓ Amazon Virtual Private Cloud (VPC) ✓
✓
AWS CloudFormation Ready ✓ AWS CloudTrail Ready ✓ AWS CloudWatch Logs Ready ✓ AWS Identity & Access Management (IAM) ✓ ✓ AWS Key Management Service Ready ✓ Elastic Load Balancing ✓ ✓ -
DoD CC SRG
SERVICES / PROGRAMS DoD CC SRG IL2 (East/West) DoD CC SRG IL2 (GovCloud) DoD CC SRG IL4 (GovCloud) DoD CC SRG IL5 (GovCloud)
Amazon DynamoDB ✓ ✓ ✓ Amazon Elastic Block Store (EBS) ✓ ✓ ✓ In Progress Amazon Elastic Compute Cloud (EC2) ✓ ✓ ✓ In Progress Amazon Elastic MapReduce ✓ ✓ ✓ Amazon Glacier Ready ✓ ✓ Amazon Kinesis Streams Ready In Progress In Progress Amazon Redshift ✓ ✓ ✓ Amazon RDS (MySQL, Oracle) ✓ ✓ ✓ Amazon RDS (Postgres) Ready ✓ ✓ Amazon RDS Aurora (MySQL) Ready Amazon Simple Notification Service (SNS) Ready ✓ ✓ Amazon Simple Queue Service (SQS) Ready ✓ ✓ Amazon Simple Storage Service (S3) ✓ ✓ ✓ In Progress Amazon Simple Workflow Service (SWF) Ready ✓ ✓ Amazon Virtual Private Cloud (VPC) ✓ ✓ ✓ In Progress AWS CloudFormation Ready ✓ ✓ AWS CloudTrail Ready ✓ ✓ AWS CloudWatch Logs Ready ✓ ✓ AWS Identity & Access Management (IAM) ✓ ✓ ✓ In Progress AWS Key Management Service Ready ✓ ✓ In Progress Elastic Load Balancing ✓ ✓ ✓ -
HIPAA BAA
-
IRAP
-
MTCS
-
C5
