index
Compliance with AWSβ
Compliance refers to your cloud resources and data adhering to relevant regulations, industry standards, and internal policies regarding security and data protection. AWS helps you meet compliance goals and requirements in the following ways:
Inheriting the latest security controls that AWS uses on its own infrastructure
Third-party validation for thousands of global requirements
Streamlining and automating compliance
On-demand compliance reports
AWS Artifact icon AWS Artifact
AWS Artifact is a service that provides no-cost, on-demand access to AWS security and compliance reports and select online agreements.
Benefits: AWS Artifact helps you manage at scale, save time with on-demand access to compliance reports, and deploy with more confidence.
Use cases: It can be used to manage select online agreements and assess third-party security and compliance.
AWS Artifact consists of two types:
AWS Artifact agreements and AWS Artifact reports.
To learn more about the two types, expand each of the following two categories.
AWS Artifact Agreements Suppose that your company needs to sign an agreement with AWS regarding your use of certain types of information throughout AWS services. You can do this through AWS Artifact Agreements.
In AWS Artifact Agreements, you can review, accept, and manage agreements for an individual account and for all your accounts in AWS Organizations. Different types of agreements are offered to address the needs of customers who are subject to specific regulations, such as the Health Insurance Portability and Accountability Act (HIPAA).
https://aws.amazon.com/compliance/
AWS Aritifact agreementsβ
AWS Artifact Reports Next, suppose that a member of your companyβs development team is building an application and needs more information about their responsibility for complying with certain regulatory standards. You can advise them to access this information in AWS Artifact Reports.
AWS Artifact Reports provide compliance reports from third-party auditors. These auditors have tested and verified that AWS is compliant with a variety of global, regional, and industry-specific security standards and regulations. AWS Artifact Reports remains up to date with the latest reports released. You can provide the AWS audit artifacts to your auditors or regulators as evidence of AWS security controls.
AWS Artifact reports
To learn more about AWS compliance programs, visit AWS Compliance Programs.
AWS Configβ
AWS Config is a service that you can use to assess, audit, and evaluate the configurations of your AWS resources.
Benefits: AWS Config helps evaluate configurations against a desired state, manage resource configuration changes, and simplify troubleshooting and remediation.
Use cases: It can be used to continually audit security monitoring and analysis and to streamline operational troubleshooting and change management.
AWS Audit Managerβ
img/aws/compliance/aws-audit-manager-concept.png Audit Manager is a service that continually audits your AWS usage to simplify risk and compliance assessment. It helps collect evidence and manage audit data.
Benefits: Audit Manager saves time with automated evidence collection, streamlines collaboration across teams, and helps ensure integrity of audits with read-only permissions.
Use case: It can be used to automate evidence collection, continually audit to assess compliance, and deploy internal risk assessments.