I'd like information about Services in Scope

We include services in the scope of our compliance efforts based on the expected use case, feedback and demand. If a service is not currently listed as in scope of the most recent assessment, it does not mean that you cannot use the service. It is part of the shared responsibility for your organization to determine the nature of the data. Based on the nature of what you are building on AWS, you should determine if the service will process or store customer data and how it will or will not impact the compliance of your customer data environment.

We encourage you to discuss your workload objectives and goals with your AWS account team; they will be able to evaluate your proposed use case and architecture, and how our security and compliance processes overlay that architecture. Need to connect with an AWS business representative? 


AWS Services in Scope have been fully assessed by a third party auditor and result in a certification, attestation of compliance or ATO.

• = This service is currently in scope and is reflected in current reports

In Progress = This service is undergoing a full assessment by our third party assesor

Ready = This service has been fully assessed by our third party assessor and the FedRAMP Security Package is available for review by authorizing officials (AO)

SERVICES / PROGRAMS  SOC 1,2,3 PCI ISO 9001 / 
27001 27017 
27018
FedRAMP Moderate
(East/West)
FedRAMP
High
(GovCloud)
DoD CC
SRG IL4
 (GovCloud)
DoD CC SRG IL5  (GovCloud) HIPAA BAA IRAP MTCS C5 (Frankfurt)
Amazon Elastic Compute Cloud (EC2)

In Progress
Amazon Simple Storage Service (S3)

In Progress
Amazon API Gateway                  
Amazon CloudFront                  
Amazon DynamoDB      
Amazon EC2 Container Service (ECS)                  
Amazon Elastic Block Store (EBS)

In Progress
Amazon Elastic File System (EFS)                  
Amazon Elastic MapReduce (EMR) In Progress    
SERVICES / PROGRAMS  SOC 1,2,3 PCI ISO 9001 / 
27001 27017 
27018
FedRAMP Moderate
(East/West)
FedRAMP
High
(GovCloud)
DoD CC
SRG IL4
(GovCloud)
DoD CC SRG IL5  (GovCloud) HIPAA BAA IRAP MTCS C5 (Frankfurt)
Amazon ElastiCache              
Amazon Glacier Ready In Progress    
Amazon Kinesis (Streams)       Ready              
Amazon Redshift

In Progress    
Amazon RDS (MySQL, Oracle)      
Amazon RDS (Postgres) Ready In Progress    
Amazon RDS (SQL Server)            
Amazon RDS (MariaDB)              
Amazon Aurora (MySQL) Ready          
Amazon Route 53              
Amazon Simple Email Service (SES)                  
Amazon Simple Notification Service (SNS)       Ready In Progress          
Amazon Simple Queue Service (SQS) Ready In Progress        
Amazon Simple Workflow Service (SWF) Ready In Progress        
SERVICES / PROGRAMS SOC 1,2,3 PCI ISO 9001 / 
27001 27017 
27018
FedRAMP Moderate
(East/West)
FedRAMP
High
(GovCloud)
DoD CC
SRG IL4
(GovCloud)
DoD CC SRG IL5  (GovCloud) HIPAA BAA IRAP MTCS C5 (Frankfurt)
Amazon SimpleDB              
Amazon Virtual Private Cloud (VPC)

In Progress  
Amazon WorkDocs                    
Amazon WorkMail                  
Amazon WorkSpaces                  
AWS CloudFormation Ready In Progress        
AWS CloudTrail Ready In Progress        
AWS CloudWatch Logs       Ready In Progress          
AWS CloudHSM              
SERVICES / PROGRAMS SOC 1,2,3 PCI ISO 9001 / 
27001 27017 
27018
FedRAMP Moderate
(East/West)
FedRAMP
High
(GovCloud)
DoD CC
SRG IL4  (GovCloud)
DoD CC SRG IL5  (GovCloud) HIPAA BAA IRAP MTCS C5 (Frankfurt)
AWS Config                  
AWS Direct Connect          
AWS Directory Service                    
AWS Database Migration Service              
AWS Identity & Access Management (IAM) In Progress    
AWS Elastic Beanstalk              
AWS Import/Export Snowball                  
AWS Key Management Service (KMS) Ready In Progress        
AWS Lambda                    
AWS Storage Gateway              
AWS WAF (Web Application Firewall)                  
Elastic Load Balancing      
VM Import/Export              

 

Contact Us