Category: AWS GovCloud (US)

AWS IAM Identity Center helps administrators centrally manage access to multiple AWS accounts that are members of an AWS Organization. End users can authenticate and then access all their AWS accounts from a single interface. Using IAM Identity Center as a SAML identity provider for your AWS accounts also has security benefits: user credentials provided via federation are temporary. IAM Identity Center does not automatically detect AWS GovCloud (US) accounts associated with standard AWS accounts in your AWS Organization. IAM Identity Center is also not currently available in AWS GovCloud (US). As a result, IAM Identity Center cannot be used to automatically provision access for your users into an AWS GovCloud (US) account. However, this functionality can be extended to enable federation into AWS GovCloud (US) with a “custom SAML 2.0 application” in IAM Identity Center.

Many government customers use AWS GovCloud (US) because it provides an environment for sensitive data and regulated workloads by addressing a number of U.S. government security and compliance requirements. In many cases, customers have a number of AWS GovCloud (US) accounts and managing authentication and authorization can require a lot of work. These customers may also use Microsoft Azure Active Directory (Azure AD) for identity management, single sign-on (SSO), and multi-factor authentication (MFA). This post builds on features and functionality announced earlier by demonstrating the necessary steps to configure Azure AD, AWS SSO, and the AWS GovCloud (US)-specific identity provider centrally for ease of management.

If you are a technology professional looking to understand how cloud security adheres to compliance requirements, attend our AWS Compliance Week webinar series on November 2-6. You will learn how to architect compliant, multi-region cloud environments, establish agile governance for regulated workloads, and use new AWS solutions to help accelerate compliance. Hear government and industry perspectives on achieving high compliance from the General Services Administration’s FedRAMP program management office, and customers Maxar, Salesforce, and Coalfire.

A new IDC whitepaper, sponsored by AWS, “How Government Agencies Meet Security and Compliance Requirements in the Cloud” examines why federal agencies are moving more systems and information to the cloud as a launching point for agency-wide IT modernization. The paper shares executive, legislative, and other government-wide initiatives influencing agencies to accelerate their cloud adoption plans, risks IT leaders face by delaying cloud migrations, and how secure, compliant cloud environments help agencies achieve compliance and security for their sensitive workloads.

Government agencies have accelerated their transition to the cloud over the last few years, and COVID-19 has accelerated the urgency and pace of that move. A benefit of moving to the cloud is increased security. But to realize this, new infrastructure must be implemented and managed correctly, using best practices and the right technologies. Working with our partners, AWS has helped dozens of solutions accelerate their FedRAMP authorizations. There are more than 100 FedRAMP-authorized solutions running on AWS.

The U.S. Census Bureau has made history by inviting people to participate in its decennial count online for the first time, powered by Amazon Web Services (AWS). The decennial census is an official count of every person living in the United States and five U.S. territories, and it takes place once every ten years. To help bring the Census online, the Census Bureau moved its 2020census.gov website to AWS GovCloud (US).

Customer managed encryption keys are a common architecture requirement within highly regulated workloads. This post demonstrates how to satisfy this requirement within Amazon Simple Storage Service (Amazon S3), including Amazon S3 Glacier. We also clarify some common points of confusion and demonstrate how objects can be uploaded directly to Amazon S3 Glacier via Amazon S3, which can help meet regulatory requirements as well as potentially save budget.

Even in uncertain times, election officials and political stakeholders are committed to serving a dynamic electorate in a secure, scalable, and cost-effective way. Cloud-based technologies from Amazon Web Services (AWS) and the AWS Partner Network (APN) can help elections administrators, campaigns, and civic engagement organizations with access to information, security and scalability, and absentee voting workflow solutions.

Amazon Elastic Kubernetes Service (Amazon EKS) is now generally available in AWS GovCloud (US) Regions. Now government organizations and commercial organizations in government-regulated industries who adopt Kubernetes as their standard for orchestrating containers can use Amazon EKS to deploy a managed Kubernetes cluster on AWS. According to the 2019 Cloud Native Computing Foundation survey of their community, Amazon EKS is the leading method for deploying Kubernetes.

Government customers and commercial organizations in government-regulated industries can now connect their AWS Outposts to the AWS GovCloud (US) Regions. With this launch, users in AWS GovCloud (US) Regions can get a consistent AWS experience by accessing the same AWS infrastructure, services, APIs, and tools across on premises and the cloud.