I’m pleased to announce that the Defense Information Systems Agency (DISA) has authorized 17 additional Amazon Web Services (AWS) services and features in the AWS GovCloud (US) Regions, bringing the total to 105 services and major features that are authorized for use by the U.S. Department of Defense (DoD). AWS now offers additional services to DoD mission owners in these categories: business applications; computing; containers; cost management; developer tools; management and governance; media services; security, identity, and compliance; and storage.
Why does authorization matter?
DISA authorization of 17 new cloud services enables mission owners to build secure innovative solutions to include systems that process unclassified national security data (for example, Impact Level 5). DISA’s authorization demonstrates that AWS effectively implemented more than 421 security controls by using applicable criteria from NIST SP 800-53 Revision 4, the US General Services Administration’s FedRAMP High baseline, and the DoD Cloud Computing Security Requirements Guide.
Recently authorized AWS services at DoD Impact Levels (IL) 4 and 5 include the following:
- Amazon Simple Email Service (Amazon SES) – Inbound and outbound cloud email
- Amazon Pinpoint – Multichannel marketing communication
- AWS Marketplace – A digital catalog with thousands of software listings from independent software vendors that you can use to find, test, buy, and deploy software that runs on AWS
- AWS Fargate (a feature of Amazon Elastic Container Service (Amazon ECS) and Amazon Elastic Kubernetes Service (Amazon EKS)) – A serverless compute engine for containers
- Amazon Elastic Kubernetes Service (Amazon EKS) – A trusted way to run Kubernetes
- AWS Budgets – Set custom budgets to track your cost and usage, from the simplest to the most complex use cases
- AWS Cost Explorer – An interface that lets you visualize, understand, and manage your AWS costs and usage over time
- AWS Cost & Usage Report – Itemize usage at the account or organization level by product code, usage type, and operation
- AWS CodePipeline – Automate continuous delivery pipelines for fast and reliable updates
- AWS X-Ray – Analyze and debug production and distributed applications, such as those built using a microservices architecture
Management & Governance
- AWS License Manager – Manage your software licenses from vendors
- AWS Personal Health Dashboard – Provide alerts and guidance for AWS events that might affect your environment
- AWS Systems Manager – An operations hub for AWS
- Amazon Textract – Extract printed text, handwriting, and data from virtually any document
Security, Identity & Compliance
- Amazon Cognito – Secure user sign-up, sign-in, and access control
- AWS Security Hub – Centrally view and manage security alerts and automate security checks
- AWS Backup – Centrally manage and automate backups across AWS services
Figure 1 shows the IL 4 and IL 5 AWS services that are now authorized for DoD workloads, broken out into functional categories.
To learn more about AWS solutions for the DoD, see our AWS solution offerings. Follow the AWS Security Blog for updates on our Services in Scope by Compliance Program. If you have feedback about this blog post, let us know in the Comments section below.
Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.