AWS Services in Scope by Compliance Program

— Department of Defense Cloud Computing Security Requirements Guide (DoD CC SRG)

We include generally available services in the scope of our compliance efforts based on the expected use case, feedback and demand. If a service is not currently listed as in scope of the most recent assessment, it does not mean that you cannot use the service. It is part of the shared responsibility for your organization to determine the nature of the data. Based on the nature of what you are building on AWS, you should determine if the service will process or store customer data and how it will or will not impact the compliance of your customer data environment.

We encourage you to discuss your workload objectives and goals with your AWS account team; they will be able to evaluate your proposed use case and architecture, and how our security and compliance processes overlay that architecture. Need to connect with an AWS business representative?

This webpage provides a list of AWS Services in Scope of AWS assurance programs. Unless specifically excluded, generally available features of each of the services are considered in scope of the assurance programs, and are reviewed and tested at the next opportunity for assessment. Refer to the AWS Documentation for the features of an AWS service.

✓ = This service is currently in scope and is reflected in current reports. For more specific details on status, please refer to each compliance program tab below.

Click here for full list of services covered under the AWS compliance programs.

Services going through DoD CC SRG assessment and authorization will have the following status:

Third-Party Assessment Organization (3PAO) Assessment: This service is currently undergoing an assessment
Defense Information Systems Agency (DISA) Review: This service is currently undergoing a DISA review

* Services not within the scope of DISA review. As such, DISA has issued neither an approval nor disapproval decision regarding this product under the DoD CC SRG. Customers are able to leverage this service by working with their AWS Sales Representative directly to seek independent Mission Owner approval.
** Denotes the service is Impact Level 6 authorized, but not Generally Available (GA) in the region.

DoD CC SRG

Last updated: October 22, 2024

SERVICES / PROGRAMS	SDKs	DoD CC SRG IL2 (East/West)	DoD CC SRG IL2 (GovCloud)	DoD CC SRG IL4 (GovCloud)	DoD CC SRG IL5 (GovCloud)	DoD CC SRG IL6 (AWS Secret Region )
Amazon AppFlow	appflow	✓
Amazon API Gateway	apigateway	✓	✓	✓	✓	✓
Amazon AppStream 2.0	appstream	✓	✓	✓	✓
Amazon Athena**	athena	✓	✓	✓	✓	✓
Amazon Aurora MySQL		✓	✓	✓	✓	✓
Amazon Aurora PostgreSQL		✓	✓	✓	✓	✓
Amazon Bedrock	bedrock	✓	✓	DISA Review	DISA Review
Amazon Chime	chime	✓
Amazon Chime SDK	chime identity-chime media-pipelines-chime messaging-chime meetings-chime voice-chime	✓	✓	✓	✓
Amazon Cloud Directory	clouddirectory	✓	✓	✓	✓
Amazon CloudFront [excludes content delivery through Amazon CloudFront Embedded Point of Presences]	cloudfront	✓
Amazon CloudWatch	cloudwatch	✓	✓	✓	✓	✓
Amazon CloudWatch Logs	logs	✓	✓	✓	✓	✓
Amazon Cognito	cognito-idp, cognito-identity, cognito-sync	✓	✓	✓	✓
Amazon Comprehend	comprehend	✓	✓	✓	✓
Amazon Comprehend Medical	comprehendmedical	✓	✓	✓	✓
Amazon Connect	connect	✓	✓	✓	✓
Amazon Data Firehose	firehose	✓	✓	✓	✓	✓
Amazon DataZone		3PAO Assessment
Amazon Detective	detective	✓	✓	✓	✓
Amazon DevOps Guru	devops-guru	✓
Amazon DocumentDB (with MongoDB compatibility)	docdb	✓	✓	DISA Review	DISA Review
Amazon DynamoDB	dynamodb	✓	✓	✓	✓	✓
Amazon EC2 Image Builder	imagebuilder	✓	✓	✓	✓	✓
Amazon Elastic Block Store (EBS)	ebs	✓	✓	✓	✓	✓
Amazon Elastic Compute Cloud (EC2)	ec2	✓	✓	✓	✓	✓
Amazon Elastic Container Registry (ECR)	ecr	✓	✓	✓	✓	✓
Amazon Elastic Container Service (ECS)	ecs	✓	✓	✓	✓	✓
Amazon Elastic File System (EFS)	efs	✓	✓	✓	✓	✓
Amazon Elastic Kubernetes Service (EKS)	eks	✓	✓	✓	✓	✓
Amazon ElastiCache	elasticache	✓	✓	✓	✓	✓
Amazon Elastic MapReduce (EMR)	emr	✓	✓	✓	✓	✓
Amazon EventBridge	events	✓	✓	✓	✓	✓
Amazon FinSpace	finspace	✓
Amazon Forecast	forecast	✓
Amazon FSx	fsx	✓	✓	✓	✓
Amazon GuardDuty	guardduty	✓	✓	✓	✓
Amazon Inspector	inspector2	✓	✓	✓	✓
Amazon Inspector Classic	inspector	✓	✓	✓	✓
Amazon Kendra	kendra	✓	✓	✓	✓
Amazon Keyspaces (for Apache Cassandra)	keyspaces	✓	✓	✓	✓
Amazon Kinesis Data Streams	kinesis	✓	✓	✓	✓	✓
Amazon Lex	runtime.lex, models.lex	✓	✓	✓	✓
Amazon Location Service			✓
Amazon Macie	macie2	✓
Amazon Managed Service for Apache Flink [formerly Amazon Kinesis Data Analytics]	kinesisanalytics	✓	✓	✓	✓
Amazon Managed Streaming for Apache Kafka (Amazon MSK)	kafka	✓	✓	✓	✓
Amazon MemoryDB	memorydb	✓
Amazon MQ	mq	✓	✓	✓	✓
Amazon Neptune	neptune-db	✓	✓	✓	✓
Amazon OpenSearch Service	opensearch	✓	✓	✓	✓	✓
Amazon Pinpoint and End User Messaging	pinpoint	✓	✓	✓	✓
Amazon Polly	polly	✓	✓	✓	✓
Amazon Quantum Ledger Database (QLDB)	qldb	✓
Amazon QuickSight	quicksight	✓	✓	✓	✓
Amazon RDS for MariaDB	rds	✓	✓	✓	✓	✓
Amazon RDS for MySQL	rds	✓	✓	✓	✓	✓
Amazon RDS for Oracle	rds	✓	✓	✓	✓	✓
Amazon RDS for Postgres	rds	✓	✓	✓	✓	✓
Amazon RDS for SQL Server	rds	✓	✓	✓	✓	✓
Amazon Redshift	redshift	✓	✓	✓	✓	✓
Amazon Rekognition	rekognition	✓	✓	✓	✓
Amazon Route 53	route53	✓	✓	✓	✓	✓
Amazon S3 Glacier	glacier	✓	✓	✓	✓	✓
Amazon SageMaker	sagemaker	✓	✓	✓	✓	✓
Amazon Security Lake		3PAO Assessment	3PAO Assessment
Amazon Simple Email Service (SES)	ses	✓	✓	✓	✓
Amazon Simple Notification Service (SNS)	sns	✓	✓	✓	✓	✓
Amazon Simple Queue Service (SQS)	sqs	✓	✓	✓	✓	✓
Amazon Simple Storage Service (S3)	s3	✓	✓	✓	✓	✓
Amazon Simple Workflow Service (SWF)	swf	✓	✓	✓	✓	✓
Amazon Textract	textract	✓	✓	✓	✓
Amazon Timestream for LiveAnalytics	timestream	✓	✓	✓	✓
Amazon Transcribe	transcribe	✓	✓	✓	✓
Amazon Translate	translate	✓	✓	✓	✓
Amazon Virtual Private Cloud (VPC)	ec2	✓	✓	✓	✓	✓
Amazon WorkDocs	workdocs	✓
Amazon WorkSpaces	workspaces	✓	✓	✓	✓	✓
Amazon WorkSpaces Secure Browser	workspaces-web	✓
AWS Application Auto Scaling	application-autoscaling		✓	✓	✓	✓
AWS Application Migration Service (MGN)	mgn	✓	✓	DISA Review	DISA Review
AWS App Mesh	appmesh	✓
AWS Artifact*	artifact	✓	✓	✓	✓
AWS Audit Manager	auditmanager	✓
AWS Backup	backup	✓	✓	✓	✓
AWS Batch	batch	✓	✓	✓	✓
AWS Billing Conductor*	billingconductor	✓	✓	✓	✓
AWS Budgets*	budgets	✓	✓	✓	✓
AWS Certificate Manager (ACM)	acm	✓	✓	✓	✓
AWS Chatbot	chatbot	✓
AWS Cloud9	cloud9	✓
AWS Cloud Map	servicediscovery	✓	✓	✓	✓
AWS CloudFormation	cloudformation	✓	✓	✓	✓	✓
AWS CloudHSM	cloudhsm	✓	✓	✓	✓
AWS CloudShell		✓	✓	✓	✓
AWS CloudTrail	cloudtrail	✓	✓	✓	✓	✓
AWS CodeBuild	codebuild	✓	✓	✓	✓
AWS CodeCommit	codecommit	✓	✓	✓	✓
AWS CodeDeploy	codedeploy	✓	✓	✓	✓	✓
AWS CodePipeline	codepipeline	✓	✓	✓	✓
AWS Compute Optimizer	compute-optimizer		✓	✓	✓
AWS Config	config	✓	✓	✓	✓	✓
AWS Control Tower	controltower	✓	✓	✓	✓
AWS Cost and Usage Reports*		✓	✓	✓	✓
AWS Cost Explorer*	ce	✓	✓	✓	✓
AWS Database Migration Service (DMS)	dms	✓	✓	✓	✓	✓
AWS DataSync	datasync	✓	✓	✓	✓	✓
AWS Diode				✓	✓	✓
AWS Direct Connect	directconnect	✓	✓	✓	✓	✓
AWS Directory Service	ds	✓	✓	✓	✓	✓
AWS Edge Hub*		✓	✓	✓	✓
AWS Elastic Beanstalk	elasticbeanstalk	✓	✓	✓	✓
AWS Elastic Disaster Recovery (DRS)	drs	✓	✓
AWS Elemental MediaConvert	mediaconvert	✓	✓	✓	✓
AWS Elemental MediaLive						✓
AWS Entity Resolution		✓
AWS Fault Injection Service	fis	✓	✓	✓	✓
AWS Firewall Manager	fms	✓	✓	✓	✓
AWS Glue	glue	✓	✓	✓	✓
AWS Glue DataBrew	databrew	✓	✓	✓	✓
AWS Ground Station	groundstation	✓
AWS Health Dashboard	health	✓	✓	✓	✓	✓
AWS HealthLake	healthlake	✓
AWS HealthOmics	omics	✓
AWS Identity and Access Management (IAM)	iam, sts	✓	✓	✓	✓	✓
AWS IAM Identity Center	sso		✓	✓	✓
AWS IoT Core	iot	✓	✓	✓	✓
AWS IoT Device Defender		✓	✓	✓	✓
AWS IoT Device Management	iot	✓	✓	✓	✓
AWS IoT Events	iotevents	✓	✓	✓	✓
AWS IoT Greengrass	greengrass	✓	✓	✓	✓
AWS IoT SiteWise	iotsitewise		✓	✓	✓
AWS IoT TwinMaker	iottwinmaker		✓	✓	✓
AWS Key Management Service (KMS)	kms	✓	✓	✓	✓	✓
AWS Lambda	lambda	✓	✓	✓	✓	✓
AWS License Manager	license-manager	✓	✓	✓	✓	✓
AWS Mainframe Modernization		✓
AWS Managed Services (AMS)		✓	✓	✓	✓
AWS Management Console*		✓	✓	✓	✓
AWS Marketplace*		✓	✓	✓	✓	✓
AWS Network Firewall	network-firewall	✓	✓	✓	✓
AWS Network Manager	networkmanager	✓	✓	DISA Review	DISA Review
AWS Outposts (Software)**	outposts	✓	✓	✓	✓	✓
AWS Organizations	organizations	✓	✓	✓	✓
AWS Private Certificate Authority		✓	✓	✓	✓
AWS Resource Access Manager (AWS RAM)	ram	✓	✓	✓	✓	✓
AWS Resilience Hub			✓
AWS Resource Groups	resource-groups	✓	✓	✓	✓
AWS Secrets Manager	secretsmanager	✓	✓	✓	✓	✓
AWS Security Hub	securityhub	✓	✓	✓	✓
AWS Serverless Application Repository	serverlessrepo	✓	✓	✓	✓
AWS Service Catalog	servicecatalog	✓	✓	✓	✓
AWS Service Quotas*	service-quotas	✓	✓	✓	✓
AWS Shield (Standard and Advanced)	shield	✓
AWS Signer	signer	✓
AWS Snowball	snowball	✓	✓	✓	✓	✓
AWS Snowball Edge		✓	✓	✓	✓	✓
AWS Step Functions	stepfunctions	✓	✓	✓	✓	✓
AWS Storage Gateway	storagegateway	✓	✓	✓	✓
AWS Systems Manager	ssm	✓	✓	✓	✓	✓
AWS Transfer Family	transfer	✓	✓	✓	✓
AWS Trusted Advisor	trustedadvisor	✓	✓	✓	✓	✓
AWS Verified Access (AVA)		3PAO Assessment	3PAO Assessment
AWS Web Application Firewall (WAF)	wafv2	✓	✓	✓	✓
AWS Web Application Firewall Classic (WAF Classic)	waf-regional	✓	✓	✓	✓
AWS Well-Architected Tool	wellarchitected	✓	✓	✓	✓
AWS Wickr	wickr	✓	✓	✓	✓
AWS X-Ray	xray	✓	✓	✓	✓

^{*Services not within the scope of JAB review. As such, the JAB team has issued neither an approval nor disapproval decision regarding this product under FedRAMP. Customers are able to leverage this service by working with their AWS Sales Representative directly to seek independent agency approval.}

AWS Services in Scope by Compliance Program

— Department of Defense Cloud Computing Security Requirements Guide (DoD CC SRG)

Want More Information About Services in Scope?

Ending Support for Internet Explorer