GovCloud (US)

Contact Us

AWS GovCloud (US) is an isolated AWS region, subject to FedRAMP High and Moderate baselines, that allows customers to host sensitive Controlled Unclassified Information (CUI) and all types of regulated workloads.

The region is operated by employees who are U.S. citizens on U.S. soil. The region is only accessible to vetted U.S. entities and root account holders, who must confirm they are U.S. Persons to gain access to this region.

AWS GovCloud (US) gives vetted government customers and their partners the flexibility to architect secure cloud solutions that comply with: the FedRAMP High baseline, the DOJ’s Criminal Justice Information Systems (CJIS) Security Policy, U.S. International Traffic in Arms Regulations (ITAR), Export Administration Regulations (EAR), Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) for Impact Levels 2, 4 and 5, FIPS 140-2, IRS-1075, and other compliance regimes.

From Personally Identifiable Information (PII), sensitive patient medical records, and financial data to law enforcement data, export controlled data and other forms of CUI, AWS GovCloud (US) can help customers address compliance at every stage of their cloud journey.

AWS GovCloud (US) is available to vetted government customers and organizations in government-regulated industries that meet AWS GovCloud (US) requirements. **Compliance requirements met only in the AWS GovCloud (US) Region.

Federal Risk and Authorization Management Program (FedRAMP) Moderate and **High. Learn more.

Federal Information Security Management Act (FISMA) Low, Moderate and **High

Department of Defense Security Requirements Guide (SRG) Impact Levels 2, **4 and **5. Learn more.

U.S. International Traffic in Arms Regulations (ITAR)

**Department of Commerce Export Administration Regulations (EAR)

**IRS-1075 Encryption Standards for Federal Tax Information (FTI) Section 6103 (p)

**Department of Justice Criminal Justice Information Service Security Policy

**National Institute of Standards and Technology (NIST) SP 800--53 (rev4) and SP 800-­171

**Federal Information Processing Standard Publication

**Defense Federal Acquisition Regulation Supplement (DFARS)

Healthcare Insurance Portability & Accountability Act Privacy Standards

Payment Card Industry Security Standards

FedRAMP Case Study: GSA 18F

SaaS Case Study: Blackboard

Video: The ITAR Boundary in the Cloud

Cloud Migration Case Study: CSRA

In the second half of 2018, AWS GovCloud (US) will include a second AWS GovCloud (US-East) Region, in addition to the currently available AWS GovCloud (US-West) Region. Learn more about our evolving capabilities below:

AWS GovCloud (US) is available to vetted government customers and organizations in government-regulated industries that meet AWS GovCloud (US) requirements.

The Department of Veterans Affairs issued a FISMA High Authority to Operate (ATO) for AWS GovCloud (US), using the region to store and protect patient data critical to America’s veterans. Learn more., built by GSA’s 18F, helps other government agencies build, buy, and share technology products, while minimizing the FedRAMP compliance work they need to execute themselves. Learn more.

The Department of Justice leverages AWS GovCloud (US) for mission-critical workloads, DevTest and delivery of advanced capabilities. Learn more.

Defense Digital Services manages the US Air Force’s Next Generation GPS Operational Control system of satellites, securely running 200+ dedicated hosts and 1,000 individual virtual machines in AWS GovCloud (US). Learn more.

NASA Jet Propulsion Laboratory innovates while improving governance, security and compliance in AWS GovCloud (US). Learn more.

Blackboard hosts its FedRAMP-accredited Blackboard Learn platform, now available to federal agencies, in AWS GovCloud (US).  Learn more.

CSRA leverages its hands-on experience with AWS GovCloud (US) to better serve government customers with strict regulatory compliance needs, including FedRAMP High requirements. Learn more.

FIGmd operates one of the largest clinical-data registries in the U.S. See how they achieve HIPAA, HITECH, ACA and FedRAMP compliance and reduce risks associated with the transmission of sensitive data. Learn more.

Lockheed Martin lowers capex and addresses its ITAR requirements by moving SAP HANA ERP suite of applications to the AWS GovCloud (US) Region. Learn more.

After acquiring a series of independent power producers (IPPs) and their IT assets, Talen Energy migrated to AWS GovCloud (US) to meet its NRC, FERC, and 10 CFR 810 requirements. Learn more.

The Cobham Advanced Electronic Solutions InfoSec team replaced its "no-cloud policy" with a cloud-first policy, improving agility, innovation, and security in the process. Learn more.

Motorola Solutions improves public safety and addresses CJIS requirements with their platform, which detects missing persons with Amazon Rekognition and AWS GovCloud (US). Learn more.

U.S. Cloud with Vetted Access: Take advantage of all of the agility, cost savings and flexibility of the AWS Cloud, while limiting risks---AWS GovCloud (US) is managed by U.S. citizens on U.S. soil, and root account access is only granted to vetted U.S. Persons (green card holder or citizen as defined by the U.S. Department of State).

Meet Compliance Mandates: AWS GovCloud (US) enables customers to adhere to ITAR regulations, the FedRAMP requirements, Defense Federal Acquisition Regulation Supplement (DFARS), DoD (SRG) Impact Levels 2 and 4 and 5, and several other security and compliance requirements.

Safeguard Sensitive Data: Protect sensitive unclassified data files with server-side encryption in Amazon S3. Store and manage security keys yourself with AWS CloudHSM or use our one-click AWS Key Management Service (KMS).

Improve Cloud Visibility: Audit access and use of sensitive data with your keys in AWS CloudTrail - our API logging service, managed and operated by U.S. citizens.

Strengthen Identity Management: Limit access to sensitive data by individual, time and location, and restrict which API calls that users are able to make with identity federation, easy key rotation, and other powerful access control testing tools that are available.

Enterprise Applications

For Oracle, SAP, and Microsoft Windows enterprise applications, reliability is critical. Organizations have traditionally provisioned applications for peak demand and disaster recovery (DR) scenarios, which often leave IT resources idle or underutilized. With AWS, you can improve reliability with cloud backups and optimize costs by paying only for the cloud resources you use.

High Performance Computing

Many agencies are amassing large data sets that hold critical insights. With AWS, you can spin up massive on-demand clusters of compute resources in minutes, pay only for compute power used, and obtain the intelligence needed to serve your mission and citizens.

Big Data

AWS gives you fast access to flexible and low cost IT resources, so you can rapidly scale virtually any big data application, including data warehousing, clickstream analytics, fraud detection, recommendation engines, event-driven ETL, serverless computing, and internet-of-things processing. Provision exactly the right type and size of resources you need to power your big data analytics applications.

Storage & Disaster Recovery

Add scalable capacity any time, and access durable and cost-effective cloud storage managed by U.S. Persons, while meeting your data security requirements. Back up, store, and recover IT systems in seconds by supporting popular DR approaches from simple backups to hot standby solutions that failover at a moment’s notice.

Get up to speed with the latest templates and tools on compliance and AWS GovCloud (US). Check out the videos, webinars, and guides below.  

Tools QuickStartDemoVideo


Contact the GovCloud Team
Contact the Compliance Team