Amazon Web Services Achieves FedRAMP High Authorization

Most stringent FedRAMP authorization recognizes AWS GovCloud (US) as a secure environment to run highly sensitive government workloads

SEATTLE--()--Amazon Web Services, Inc. (AWS), an company (NASDAQ: AMZN), today announced that the AWS GovCloud (US) Region has received a Provisional Authority to Operate (P-ATO) from the Joint Authorization Board (JAB) under the Federal Risk and Authorization Management Program (FedRAMP) High baseline, a standardized set of security requirements for cloud services. AWS’s FedRAMP High authorization, which includes over 400 security controls, gives U.S. government agencies the ability to leverage the AWS Cloud for highly sensitive workloads, including Personal Identifiable Information (PII), sensitive patient records, financial data, law enforcement data, and other Controlled Unclassified Information (CUI).

"We are pleased to have achieved the FedRAMP High baseline, giving agencies a simplified path to moving their highly sensitive workloads to AWS so they can immediately begin taking advantage of the cloud’s agility and cost savings,” said Teresa Carlson, Vice President Worldwide Public Sector, AWS. “Over 2,300 government customers across the world are using the AWS Cloud to innovate in amazing ways – from analyzing data on social media to collect information on adverse drug effects, to making genomic data publicly accessible, to collecting images from Mars. By demonstrating the security of the AWS Cloud with the FedRAMP High baseline, agencies can confidently use our services for an even broader set of critical mission applications and innovations.”

FedRAMP is a U.S. government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services, in an effort to save federal agencies time, costs, and resources. The new FedRAMP High baseline is mapped to National Institute of Standards and Technology (NIST) security controls, which classify data as “High” if a compromise would severely impact an organization’s operations, assets, or individuals.

“We’re excited to launch the FedRAMP High baseline, and to recognize AWS as having achieved the most rigorous FedRAMP level to date. The High baseline applies the same, ‘do once, use many times’ approach as the rest of the FedRAMP program in an effort to standardize cloud security controls, and reduce the burden of assessing cloud security for agencies. The FedRAMP High baseline will be important for civilian agencies, the Department of Defense (DoD), the Department of Veterans Affairs (VA), and other agencies to use the cloud for highly sensitive data,” said Matthew Goodrich, FedRAMP Director, GSA’s Office of Citizen Services and Innovative Technologies (OCSIT).

This authorization continues AWS’s leadership in attaining security and compliance certifications, and applies to the AWS GovCloud (US) Region, including Amazon Elastic Cloud Compute (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), Amazon Identity and Access Management (IAM), and Amazon Elastic Block Store (EBS). Launched in 2011, the AWS GovCloud (US) is an isolated region designed to host sensitive workloads in the cloud. In addition to FedRAMP, AWS GovCloud (US) adheres to U.S. International Traffic in Arms Regulations (ITAR), Criminal Justice Information Services (CJIS) requirements, as well as Levels 2 and 4 for DoD systems. To learn more about AWS and FedRAMP compliance, please visit

To learn more about how you can architect solutions in compliance with the FedRAMP High baseline, register for our webinar, “FedRAMP High & AWS GovCloud (US): Meet FISMA High Requirements in the Cloud” here:

About Amazon Web Services

For 10 years, Amazon Web Services has been the world’s most comprehensive and broadly adopted cloud platform. AWS offers over 70 fully featured services for compute, storage, databases, analytics, mobile, Internet of Things (IoT) and enterprise applications from 33 Availability Zones (AZs) across 12 geographic regions in the U.S., Australia, Brazil, China, Germany, Ireland, Japan, Korea, and Singapore. AWS services are trusted by more than a million active customers around the world -- including the fastest growing startups, largest enterprises, and leading government agencies -- to power their infrastructure, make them more agile, and lower costs. To learn more about AWS, visit

About Amazon opened on the World Wide Web in July 1995. The company is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Fire tablets, Fire TV, Amazon Echo, and Alexa are some of the products and services pioneered by Amazon. For more information, visit

Contacts, Inc.
Media Hotline, 206-266-7180

Release Summary

AWS announced that the AWS GovCloud (US) Region has received a P-ATO from the Joint Authorization Board under the FedRAMP High baseline.

Contacts, Inc.
Media Hotline, 206-266-7180