What does this AWS Solutions Implementation do?
This solution enables you to quickly deploy a secure, scalable, multi-account environment in AWS GovCloud (US) based on AWS best practices. This solution is architected to follow the Defense Information Systems Agency (DISA) Cloud Computing Security Requirements Guide (CC SRG) for hosting Impact Level (IL) 4 and 5 workloads in the cloud. Using this solution, you can quickly deploy an architecture baseline that accommodates U.S. federal and Department of Defense (DoD) requirements to rapidly achieve Authority to Operate (ATO). In addition, this solution is architected to support and accelerate DoD Cybersecurity Maturity Model Certification (CMMC) readiness.
With the large number of design choices, setting up a multi-account environment can take a significant amount of time and require a deep understanding of AWS services. This solution helps you by automating the setup of an initial cloud environment, suitable for hosting these secure workloads.
It also provides the following:
- complimentary functionality, including tenant account creation and management
- identity and access management
- data security and governance
- core networking
- centralized logging
AWS Solutions Implementation overview
The diagram below presents the architecture you can automatically deploy using the solution's implementation guide and accompanying AWS CloudFormation template.
Compliant Framework for Federal and DoD Workloads in AWS GovCloud (US) Solutions Implementation architecture
The AWS CloudFormation template deploys an AWS Step Functions that runs a series of tasks that deploy the solution. These tasks are implemented as AWS Lambda functions (used to initialize AWS Organizations and create AWS GovCloud (US) accounts) and an AWS CodeBuild project that is used to orchestrate the deployment of the solution into the newly-created AWS accounts. Additionally, an Amazon Simple Notification Service (Amazon SNS) topic is created to track the deployment status of this solution. AWS CodePipeline deploys AWS CloudFormation templates that initialize the hosting environment for your workloads.
Browse our library of AWS Solutions Implementations to get answers to common architectural problems.
Find AWS certified consulting and technology partners to help you get started.
Browse our portfolio of Consulting Offers to get AWS-vetted help with solution deployment.