AWS Compliance
AWS Tutorial: AWS Compliance & Artifact
Welcome to the AWS Compliance lesson. Before a major hospital or bank moves to AWS, they must legally prove to government regulators that AWS data centers are physically and digitally secure.
Why Learn AWS Compliance?
Understanding how AWS handles global compliance regimes (like HIPAA, PCI-DSS, and SOC) allows you to securely architect applications in highly regulated industries.
Tutorial Overview
In this tutorial, you will learn:
- How AWS maintains global compliance.
- AWS Artifact: The portal for downloading compliance reports.
Managing Compliance in the Cloud
AWS regularly undergoes independent third-party audits to confirm that its data centers are highly secure. They hold compliance certifications for nearly every major regulatory standard globally, including HIPAA (healthcare), PCI-DSS (credit cards), and GDPR (European data privacy).
AWS Artifact
AWS Artifact is a central resource for compliance-related information. It provides on-demand access to AWS's security and compliance reports, as well as select online agreements. If an external auditor asks you to prove that the AWS data center holding your database is secure, you simply log into AWS Artifact, download the official ISO or SOC report, and hand it to them.
Exercise
?Which AWS service provides on-demand access to AWS compliance reports and security documents (like PCI and SOC reports)?