Amazon Relational Database Service has received a Provisional Authority to Operate (P-ATO) at the FedRAMP High Baseline within the AWS GovCloud (US) region for the Amazon RDS for MySQL, Oracle and PostgreSQL services.
This enables U.S. federal agencies to host sensitive data within Amazon RDS. It adds to existing or recently announced FedRAMP compliance for AWS GovCloud (US) itself, and for the Amazon CloudTrail and Amazon CloudWatch Logs services within this region.
The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. government program established to standardize the security authorization process for Cloud Service Providers (CSPs). Authorization is issued by the Joint Authorization Board (JAB), consisting of several government agencies. The High Baseline allows U.S. government agencies to use these services to process the government’s most sensitive unclassified data.
AWS GovCloud (US) is an isolated AWS region designed to host sensitive data and regulated IT workloads in the cloud, and is operated by employees who are vetted “U.S. Persons”. Root account holders of AWS accounts must confirm they are U.S. Persons before being granted access credentials to the region.
For more information, see the AWS Security Blog.