cloud services (miniaria/ShutterStock.com)

More AWS services get FedRAMP High authorization

Amazon Web Services announced a number of services that have achieved Federal Risk and Authorization Management Program High authorizations, making them available in AWS GovCloud.  This authorization allows federal or commercial customers to process and store critical workloads with data up to the Federal Information Security Management Act's high-impact level in the AWS GovCloud (US) Region’s authorization boundary.

A Provisional Authority to Operate has been issued for the following services:

  • CloudFormation, which lets users create managed stacks of AWS resources with a library of templates.

  • Amazon DynamoDB, a NoSQL database service for applications that need consistent, single-digit-millisecond latency at any scale.

  • Amazon EMR, a managed framework for processing vast amounts of data across scalable Amazon EC2 instances.

  • Amazon Glacier, secure, durable and low-cost cloud storage for data archiving and long-term backup.

  • Key Management Service, which uses Hardware Security Modules to help users create and control the encryption keys.

  • Redshift, a fast, fully managed, petabyte-scale data warehouse.

  • Amazon Simple Notification Service, a fully managed push notification service that lets users send individual messages or “fan out” messages to large numbers of recipients.

  • Amazon Simple Queue Service, a fully-managed message queuing service for communicating among distributed software components and microservices.

  • Amazon Simple Workflow Service, which helps developers build, run and scale background jobs that have parallel or sequential steps.

AWS GovCloud is an isolated region designed to host sensitive public-sector workloads in the cloud. In addition to FedRAMP compliance, AWS GovCloud adheres to U.S. International Traffic in Arms Regulations and Criminal Justice Information Services requirements, as well as Levels 2 and 4 for Defense Department systems.

In June, the AWS GovCloud was one of three cloud environments to be granted authorization to operate at the high baseline, which allows storage and processing of personally identifiable information, sensitive patient records, financial data, law enforcement data and controlled unclassified information.

About the Author

Susan Miller is executive editor at GCN.

Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.

Miller has a BA from West Chester University and an MA in English from the University of Delaware.

Connect with Susan at smiller@gcn.com or @sjaymiller.

inside gcn

  • When cybersecurity capabilities are paid for, but untapped

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group