Authority to Operate on AWS
Accelerating security and compliance certifications and authorizations.
ATO on AWS
The ATO on AWS Program includes training in the AWS Security Automation and Orchestration (SAO) methodology and access to a detailed and customized action plan providing a blueprint to achieve your security and compliance goals, optimizing your cloud workloads and improving your ability to meet your most demanding customers’ requirements.
The AWS Security Automation and Orchestration (SAO) program and methodology enables AWS customers and partners to constrain, track and publish continuous risk treatments (CRT), configurations and assimilates DevOps routines continuous integration (CI) and continuous delivery (CD) into a secure Infrastructure as Code AWS customer architecture. This architectures are configured to converge across common security frameworks through the use of security as code practices from both AWS services and Amazon Partner Network (APN) solutions.
Through this program, APN Partners will be enabled to Help - Customers, Partners, Independent Solution Vendors (ISVs)
Accelerates security & compliance authorization process
Reduces cost & time (Average 18-24 months) - FedRAMP
Provides reusable artifacts including guidance, templates, tools, and pre-built templates from Amazon Partner Solutions
Builds & Optimizes
Builds and Optimizes DevOps, SecOps, Continuous Integration/Continuous Delivery (CI/CD), Continuous Risk Treatment (CRT) strategies
Develops proven Techniques using AWS Security Automation and Orchestration (SAO) methodology
Benefits of ATO on AWS
The ATO on AWS program reduces the time and cost associated with achieving compliance certifications and authorizations while enabling a capability to continuously develop, integrate, and monitor a solution throughout its lifecycle. The program is a partner-driven process which includes training, tools, pre-built CloudFormation templates, control implementation details, and pre-built policy/procedure artifacts.
Additionally, customers are able to access direct engagement and guidance from AWS compliance specialists, Solutions Architects and support from APN Consulting and Technology partners who leverage the AWS Security Automation and Orchestration (SAO) methodology and ATO on AWS program capabilities, such as:
Joint partner programs
We will be supporting our leading AWS partners in the development and delivery of programs that add value to “ATO on AWS” by providing more options to unique capabilities to ISVs.
Once ISVs achieve their ATO, we will jointly develop and execute a marketing plan to raise awareness and educate customers about the solution. Solutions will be published and marketed on the “ATO on AWS” landing page, and have the option of publication of a written or video case study/testimonial.
ATO on AWS Partners have increased visibility through being showcased on ATO on AWS Partner pages to customers and surfaced in the Partner Solutions Finder.
ATO on AWS Badge
Use of Authority to Operate on AWS Badge to be leveraged on APN Partner marketing materials.
We are actively seeking more APN Partners to continue to expand this community and the resources available to customers in regulatory markets; if you are interested in joining us, please contact ATOonAWS@amazon.com.
In order to apply for the ATO on AWS Program, APN Partners must meet the following critiera:
Satisfy APN Tier Requirements
In order to apply for the Authority to Operate on AWS Program, APN Partners must meet APN select tier requirements.
Follow the steps below to ensure your firm's Partner Scorecard is up-to-date and to apply for your APN Upgrade.
APN Tier (Select [formerly Standard], Advanced or Premier): Once your Partner Scorecard is up-to-date, apply to Upgrade your firm’s APN membership, follow the steps below:
Step #1: Log in to APN Partner Central
Step #2: Click on "View Partner Scorecard" from left navigation
Step #3: Submit APN Partner compliance details
Step #4: Click "Apply to Upgrade"
Meet Authority to Operate on AWS Requirements
Download Validation Checklist: Review the requirements for the Authority to Operate on AWS Program with the links below. Before you apply, make sure your firm meets all requirements listed on the Validation Checklist.
AWS Customer References: The Authority to Operate on AWS requires two (2) AWS Customer References. You will be expected to submit Customer References and project details in the application. For required public AWS Customer References, you will need to submit a public case study, whitepaper, or blog post that details your work on AWS with the customer.
Member of the AWS Public Sector Partner Program: In order to be eligible for the ATO on AWS Program, APN Partners must be a member of the AWS Public Sector Partner Program. This program enables APN PArtners to accelerate their business growth on AWS through alignment with public sector sales, marketing, and bid teams.
Apply for ATO on AWS