I’m excited to share that the Defense Information Systems Agency (DISA) has authorized 16 additional AWS services at Impact Level 4 and one service at Impact Level 5 in the AWS GovCloud (US) Regions. With these additional 16 services, AWS now offers a total of 72 services and features authorized to process data at Impact Level (IL) 4 and 56 services and features at IL 5 under the DoD’s Cloud Computing Security Requirements Guide (DoD CC SRG). DISA’s authorization demonstrates that AWS effectively implemented over 370 security controls using applicable criteria from NIST SP 800-53 Rev. 4, the US General Services Administration’s FedRAMP Moderate baseline, and DoD CC SRG for Impact Level 4.
The authorization at DoD IL 4 allows DoD Mission Owners and their contractors to process controlled unclassified information (CUI) in the AWS GovCloud (US) Regions. This authorization supplements the full range of U.S. Government data classifications supported on AWS. AWS remains the only Cloud Service Provider accredited to address the full range, including Unclassified, Secret, and Top Secret.
The newly authorized AWS services and features provide additional choices for DoD Mission Owners and their contractors to optimize and modernize their database and data analytics operations, conduct machine learning to build insights into relationships within stored text, train and deploy machine-learning models, accurately transcribe and translate large volumes of text, efficiently route traffic to Internet applications, build out and connect Internet of Things (IoT) environments, manage software licenses and IT catalogs, optimize real-time workload provisioning guidance, provide scalable workload management, and protect web applications using advanced web application firewalls.
Recently authorized AWS services and features at DoD Impact Level 4
- Amazon Cloud Directory
- Amazon Comprehend
- Amazon Kinesis Data Firehose
- Amazon Route 53
- Amazon SageMaker (also authorized at DoD IL 5)
- Amazon Transcribe
- Amazon Translate
- AWS CodeBuild
- AWS CodeCommit
- AWS DataSync
- AWS IoT Greengrass
- AWS License Manager
- AWS Organizations
- AWS Service Catalog
- AWS Trusted Advisor
- AWS Web Application Firewall (WAF)
To learn more about AWS solutions for DoD, please see our AWS solution offerings. Follow the AWS Security Blog for future updates on our Services in Scope by Compliance Program page. If you have feedback about this post, let us know in the Comments section below.
Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.