Authority to Operate on AWS
Accelerating security and compliance certifications and authorizations.
ATO on AWS
The ATO on AWS Program includes training in the AWS Security Automation and Orchestration (SAO) methodology and access to a detailed and customized action plan providing a blueprint to achieve your security and compliance goals, optimizing your cloud workloads, and improving your ability to meet your most demanding customers’ requirements.
The AWS Security Automation and Orchestration (SAO) program and methodology enables AWS customers and partners to constrain, track, and publish continuous risk treatments (CRT), configurations and assimilates DevOps routines continuous integration (CI), and continuous delivery (CD) into a secure Infrastructure as Code AWS customer architecture. These architectures are configured to converge across common security frameworks through the use of security as code practices from both AWS services and APN solutions.
Through this program, AWS Partners will be enabled to help customers, partners, and Independent Solution Vendors (ISVs).
Accelerates security & compliance authorization process
Reduces cost & time (Average 18-24 months) - FedRAMP
Provides reusable artifacts including guidance, templates, tools, and pre-built templates for APN Solutions
Builds & Optimizes
Builds and Optimizes DevOps, SecOps, Continuous Integration/Continuous Delivery (CI/CD), Continuous Risk Treatment (CRT) strategies
Develops proven Techniques using AWS Security Automation and Orchestration (SAO) methodology
Benefits of ATO on AWS
The ATO on AWS program reduces the time and cost associated with achieving compliance certifications and authorizations while enabling a capability to continuously develop, integrate, and monitor a solution throughout its lifecycle. The program is a partner-driven process which includes training, tools, pre-built CloudFormation templates, control implementation details, and pre-built policy/procedure artifacts.
Additionally, customers are able to access direct engagement and guidance from AWS compliance specialists, Solutions Architects and support from APN Consulting and Technology Partners who leverage the AWS Security Automation and Orchestration (SAO) methodology and ATO on AWS program capabilities, such as:
Joint partner programs
We will support AWS Partners in the development and delivery of programs that add value to ATO on AWS by providing more options and unique capabilities to ISVs.
Once ISVs achieve their ATO, we will jointly develop and execute a marketing plan to raise awareness and educate customers about the solution. Solutions will be published and marketed on the ATO on AWS landing page, and have the option of publication of a written or video case study/testimonial.
ATO on AWS Partners have increased visibility to AWS customers by showcasing on ATO on AWS partner pages and surfacing in the Partner Solutions Finder.
ATO on AWS Badge
Use of Authority to Operate on AWS Badge to be leveraged on AWS Partner marketing materials.
We are actively seeking more AWS Partners to continue to expand this community and the resources available to customers in regulatory markets. If you are interested in joining us, please contact ATOonAWS@amazon.com.
In order to apply for the ATO on AWS Program, AWS Partners must meet the following critiera:
Satisfy APN Tier Requirements
In order to apply for the Authority to Operate on AWS Program, AWS Partners must meet APN Select Tier requirements.
Follow the steps below to ensure your firm's Partner Scorecard is up to date and to apply for your APN Upgrade.
APN Tier (Select, Advanced or Premier): Once your Partner Scorecard is up to date, apply to upgrade your firm’s APN membership, follow the steps below:
Step #1: Log in to AWS Partner Central
Step #2: Click on "View Partner Scorecard" from left navigation
Step #3: Submit AWS Partner compliance details
Step #4: Click "Apply to Upgrade"
Meet Authority to Operate on AWS Requirements
Download Validation Checklist: Review the requirements for the Authority to Operate on AWS Program with the links below. Before you apply, make sure your firm meets all requirements listed on the Validation Checklist.
AWS Customer References: The Authority to Operate on AWS requires two (2) AWS Customer References. You will be expected to submit Customer References and project details in the application. For required public AWS Customer References, you will need to submit a public case study, whitepaper, or blog post that details your work on AWS with the customer.
Member of the AWS Public Sector Partner Program: In order to be eligible for the ATO on AWS Program, AWS Partners must be a member of the AWS Public Sector Partner Program. This program enables AWS Partners to accelerate their business growth on AWS through alignment with public sector sales, marketing, and bid teams.
Apply for ATO on AWS
You may submit your application along with required attachments through your Partner Central portal.