15 additional AWS services authorized at DoD Impact Level 6 for the AWS Secret Region

The Defense Information Systems Agency (DISA) has authorized 15 additional AWS services in the AWS Secret Region for production workloads at the Department of Defense (DoD) Impact Level (IL) 6 under the DoD’s Cloud Computing Security Requirements Guide (DoD CC SRG). The authorization at DoD IL 6 allows DoD Mission Owners to process classified and mission-critical workloads for National Security Systems in the AWS Secret Region. The AWS Secret Region was built as part of the Commercial Cloud Services (C2S) contract and is available to the DoD on the AWS GSA IT70 schedule.

The AWS services successfully completed an independent evaluation by members of the Intelligence Community (IC), which confirmed that the AWS services effectively implemented 859 security controls using applicable criteria from NIST SP 800-53 Rev 4, the DoD CC SRG, and the Committee on National Security Systems Instruction No. 1253 at the Moderate Confidentiality, Moderate Integrity, and Moderate Availability impact levels.

The 15 AWS services newly authorized by DISA at IL 6 provide additional choices for DoD Mission Owners to leverage the capabilities of the AWS Cloud in service areas such as compute, storage, database, networking, and security, bringing our total IL 6 authorizations to 26 services as listed below.

Authorized AWS services and features at DoD Impact Level 6

  1. Amazon CloudWatch
  2. Amazon DynamoDB
  3. Amazon Elastic Block Store
  4. Amazon Elastic Compute Cloud (including VM Import/Export)
  5. Amazon EC2 Auto Scaling
  6. Amazon ElastiCache
  7. Amazon Kinesis Data Streams
  8. Amazon Redshift
  9. Amazon Relational Database Service (including MariaDB, MySQL, Oracle, PostgreSQL, and SQL Server)
  10. Amazon S3 Glacier
  11. Amazon Simple Notification Service
  12. Amazon Simple Queue Service
  13. Amazon Simple Storage Service
  14. Amazon Simple Workflow
  15. Amazon Virtual Private Cloud
  16. AWS CloudFormation
  17. AWS CloudTrail
  18. AWS Config
  19. AWS Database Migration Service
  20. AWS Direct Connect
  21. AWS Identity and Access Management
  22. AWS Key Management Service
  23. AWS Snowball
  24. AWS Step Functions
  25. AWS Trusted Advisor
  26. Elastic Load Balancing (Classic and Application Load Balancer)

To learn more about AWS solutions for DoD, please see our AWS solution offerings. Follow the AWS Security Blog for future updates on our Services in Scope by Compliance Program page. If you have feedback about this blog post, let us know in the Comments section below.

Want more AWS Security how-to content, news, and feature announcements? Follow us on Twitter.

Author

Tyler Harding

Tyler Harding is the DoD Compliance Program Manager within AWS Security Assurance. He has over 20 years of experience providing information security solutions to federal civilian, DoD, and intelligence agencies.