Last year I told you that we were working on AWS GovCloud (US-East), an eastern US companion to the existing AWS GovCloud (US-West) Region that we launched in 2011. The new region is now open and ready to serve the needs of federal, state, and local government agencies, the IT contractors that serve them, and customers with regulated workloads. It offers added redundancy, data durability, and resiliency, and also provides additional options for disaster recovery. This is an isolated AWS region, subject to FedRAMP High and Moderate baselines, operated by US citizens on US soil. It is accessible only to vetted US entities and root account holders, who must confirm that they are US Persons (citizens or permanent residents) in order to gain access. You can read Achieve FedRAMP High Compliance in the AWS GovCloud (US) Region to learn more.
AWS GovCloud (US) gives vetted government customers and regulated industry customers and their partners the flexibility to architect secure cloud solutions that comply with: the FedRAMP High baseline, the DOJ’s Criminal Justice Information Systems (CJIS) Security Policy, U.S. International Traffic in Arms Regulations (ITAR), Export Administration Regulations (EAR), Department of Defense (DoD) Cloud Computing Security Requirements Guide (SRG) for Impact Levels 2, 4 and 5, FIPS 140-2, IRS-1075, and other compliance regimes.
Lots of Services
Applications running in this region can make use of Auto Scaling (EC2 and Application), AWS Certificate Manager (ACM), AWS CloudFormation, AWS CloudTrail, Amazon CloudWatch, CloudWatch Events, Amazon CloudWatch Logs, AWS CodeDeploy, AWS Config, AWS Database Migration Service, AWS Direct Connect, Amazon DynamoDB, AWS Elastic Beanstalk, Amazon Elastic Block Store (EBS), Amazon ElastiCache, Amazon Elastic Compute Cloud (EC2), EC2 Container Registry, Amazon ECS, Elastic Load Balancing (Application, Network, and Classic), Amazon EMR, Amazon Elasticsearch Service, Amazon Glacier, AWS Identity and Access Management (IAM) (including Access Key Last Used), Amazon Inspector, AWS Key Management Service (KMS), Amazon Kinesis Data Streams, AWS Lambda, Amazon Aurora (MySQL and PostgreSQL), Amazon Redshift, Amazon Relational Database Service (RDS), AWS Server Migration Service, Amazon Simple Notification Service (SNS), Amazon Simple Queue Service (SQS), Amazon Simple Storage Service (S3), Amazon Simple Workflow Service (SWF), Amazon EC2 Systems Manager (SSM), AWS Trusted Advisor, Amazon Virtual Private Cloud, VM Import, VPN, Amazon API Gateway, AWS Snowball, AWS Snowball Edge, AWS Server Migration Service, and AWS Step Functions.
Crossing the Regions
Many of the cool cross-regions features of AWS can be used to span AWS GovCloud (US-East) and AWS GovCloud (US-West) in order to reduce latency or to increase workload resiliency & availability for mission-critical systems. Here’s what you can do:
- EC2 – Copy AMIs.
- EBS – Copy volumes and snapshots.
- S3 – Replicate buckets.
- DynamoDB – Replicate tables using DynamoDB Streams.
- Redshift – Copy snapshots manually and automatically.
- RDS – Create cross-region read replicas for MariaDB, PostgreSQL, and MySQL. Copy snapshots.
- CloudTrail – Aggregate logs.
- CloudFormation – Use StackSets to maintain consistency across accounts and regions.
We are working to add support for DynamoDB Global Tables and Inter-Region VPC Peering.
AWS GovCloud (US) in Action
Our customers are already hosting many different types of applications in AWS GovCloud (US-West); here’s a small sample:
Enterprise Apps – Oracle, SAP, and Microsoft workloads that were traditionally provisioned for peak demand are now being run on scalable, cloud-based infrastructure.
HPC / Big Data – Organizations with large data sets are spinning up HPC clusters in the cloud in order to extract intelligence and to better serve their constituents.
Storage / DR – The ability to tap in to vast amounts of cost-effective, highly durable cloud storage managed by US Persons supports a variety of DR approaches, from simple backups to hot standby. The addition of a second region allows you to use of the cross-region features that I mentioned earlier.
To learn more, check out the AWS GovCloud (US) page. If you are looking forward to making use of AWS GovCloud (US) and need a partner to help you to make it happen, take a look at the list of AWS GovCloud (US) Partners.