Amazon Web Services (AWS) continues to expand the scope of our PCI compliance program to support our customers’ most important workloads. We are pleased to announce that six services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) compliance program. These services were validated by Coalfire, our independent Qualified Security Assessor (QSA).

The Spring 2020 PCI DSS attestation of compliance covers 124 services that you can use to securely architect your Cardholder Data Environment (CDE) in AWS. You can see the full list of services on the AWS Services in Scope by Compliance Program page. The six newly added services are:

The compliance reports, including the Spring 2020 PCI DSS report, are available on demand through AWS Artifact. The PCI DSS package available in AWS Artifact includes the DSS v. 3.2.1 Attestation of Compliance (AOC) and Shared Responsibility Guide.

You can learn more about our PCI program and other compliance and security programs on the AWS Compliance Programs page.

If you have feedback about this post, submit comments in the Comments section below.

Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.

Author

Nivetha Chandran

Nivetha is a Security Assurance Manager at Amazon Web Services on the Global Audits team, managing the PCI compliance program. Nivetha holds a Master’s degree in Information Management from the University of Washington.