Are you wanting to move your business to the cloud and have compliance needs?

The AWS GovCloud is an isolated region of Amazon Web Services, aimed at allowing federal contractors and government agencies to move their workloads to the cloud while adhering to all regulatory and compliance requirements.

This User Guide contains:

  • A full AWS GovCloud Services overview with related ITAR boundaries
  • Full user instructions for signing up and setting up GovCloud
  • Differences between standard AWS regions and GovCloud
  • A brief guide of instructions for use and troubleshooting

Want to review the full Amazon Web Services Government Cloud Solution User Guide 2018?
Enter your name and email on our contact page, and one of our team members will send it to you shortly!

Here is a brief overview of Amazon Web Services Government Cloud Solution User Guide (2018):

Advantages of Moving to the Cloud

  • Elasticity – using auto scaling and load balancing, only use resources according to your demand
  • Cost Savings – only pay for the computing power, storage and resources that you use! The AWS cloud also has no long-term contracts or up-front commitments.
  • Flexibility – you choose the system, programming language, and services that are right for your business

What is AWS GovCloud?

The AWS GovCloud is an isolated region of Amazon Web Services, aimed at allowing federal contractors and government agencies to move their workloads to the cloud while adhering to all regulatory and compliance requirements, including ITAR.

  • GovCloud is equipped to handle all categories of Controlled Unclassified Information (CUI) data and government-oriented, publicly available data.
  • GovCloud restricts physical and logical administrative access to US citizens, and run workloads that contain all categories of CUI data.
  • AWS only allows vetted US citizens with access controls to administer the GovCloud Region, and the AWS GovCloud is completely isolated from Amazon.com.
  • Even though AWS does manage access controls for GovCloud, each business is responsible for controlling their own content.

Differences than Standard AWS Accounts

Sign Up

  • Amazon ensures that all customers are US entities and follow US export and services regulations at sign up.
  • It is best practice to create a unique AWS account for GovCloud usage, to ensure that the account meets GovCloud compliance and that the opening/closing a GovCloud account does not affect other AWS workloads.
  • Determine if you are a direct customer, reseller, or reseller customer
    • Direct customers pay AWS directly for services
    • Resellers are customers that resell AWS services
    • Reseller customers pay a third party for AWS services

Services

  • AWS GovCloud currently supports a wide range of services, but some may differ from the standard AWS region offerings.
  • The User Guide contains a full list of supported services, and their corresponding ITAR compliant boundaries. This list is the majority of the length of the User Guide.
  • For a full list of supported services, you can review the full AWS GovCloud User Guide (get access from our contact page!).

Compliance

  • AWS GovCloud enables businesses to move operations to the cloud, while maintaining compliance with these protocols:
    • ITAR – each AWS service in the GovCloud region has specific ITAR restrictions and boundaries, all outlined in the full User Guide.
      • You and your business must maintain all other aspects of ITAR compliance, including: citizenship, registration, and privileges.

Endpoints

  • AWS GovCloud uses distinct endpoints that are only accessible to AWS GovCloud users, and uses FIPS 140-2 approved cryptographic modules following HTTPS protocol for all AWS API endpoints. All specific endpoints for AWS GovCloud services are listed in the full User Guide.

Credentials

  • You can only access the AWS GovCloud Region with AWS GovCloud credentials, which are isolated from the standard AWS regions. You should not share your account credentials, as they full access to your AWS GovCloud account. Users should be granted access with AWS Identity and Access Management (IAM), which allows you to control the type of access users have.

Billing and Payment

  • All AWS GovCloud activity, usage and payments are managed through a standard AWS account. You can only associate one GovCloud account to a standard AWS account. (If you want to manage your accounts separately, you can create a standard AWS account solely for GovCloud usage).

Do you think AWS GovCloud is the right move for your business, or do you want to learn more?

Click here to contact one of our experts to start the conversation today!