Amazon Web Services on Tuesday unveiled a new AWS region designed to meet the regulatory requirements of U.S. government agencies and contractors.
AWS GovCloud (U.S.) Region, located on the West coast, supports the processing and storage of International Traffic in Arms (ITAR) controlled data. ITAR requires access to such data be limited to U.S. citizens and permanent residents. AWS GovCloud is physically and logically accessible by U.S. persons only, according to Amazon.
AWS GovCloud, like all AWS Regions, provides FISMA moderate controls and supports PCI DSS Level 1, ISO 27001 and SAS 70, Jeff Barr, AWS senior Web services evangelist, wrote in a blog post. To demonstrate that Amazon’s government cloud complies with ITAR, the company has commissioned a third-party review, he said.
All EC2 instances in AWS GovCloud must reside within a Virtual Private Cloud (VPC), he said.
Barr noted that other than restricting GovCloud to U.S. persons and requiring EC2 instances be launched within a VPC, Amazon didn’t make additional changes to its usual operations. The security of Amazon’s regions already provided the appropriate protections, but Amazon “simply put a gateway at the door,” he wrote.
More than 100 federal, state and local government agencies, including NASA’s Jet Propulsion Laboratory, are using AWS, according to Barr.
U.S. agencies that need to access the AWS GovCloud will be required to sign an enterprise agreement for the service. Amazon also plans to make the region accessible to government contractors, software integrators and service providers who demonstrate a need for access.