© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Keith Brooks, Sr. Business Development Manager, AWS

An Introduction to AWS GovCloud (US)

June 20, 2016

AWS Cloud adoption in the Public Sector

Government Agencies Education Institutions Nonprofit Organizations

2,300 7,000 22,000

AWS global infrastructure

12 Regions

33AvailabilityZones

56EdgeLocations

AWS GovCloud (US) is an isolated AWS region

Intended for customers with strict regulatory and compliance requirements and sensitive data or workloads

August 2011Available to qualified customers

ComplianceSafeguard sensitive data/systems

Addresses multiple US Government regulations and security requirements

AWS GovCloud (US) distinguishing features

Separate IAM (unique credentials)

Data, network, and machine isolation from other regions

Dedicated GovCloud Management Console

AWS GovCloud (US) distinguishing features

“Community Cloud” with vetted account holders

Managed by US Persons on US soil

Requirements for access to AWS GovCloud (US)

Account holder must be a US Person (defined as a US citizen or a Green Card holder)

US entity incorporated to do business in the United States and is based on US soil

Can handle export control data

Learn more: https://aws.amazon.com/govcloud-us/getting-started/

GovCloud is all about “compliance in the cloud”

SP 800-53 (rev 4) and SP 800-171

Fit for Controlled Unclassified Information (CUI)

Agriculture Copyright Critical infrastructure

Export control Financial Immigration

Intelligence Law enforcement Legal

Nuclear Patent Privacy (PII)

Proprietary (IP) Statistical (census) Tax

Transportation

Many customers use GovCloud for all categories of CUI

Evolution of AWS GovCloud (US) 2011-2014

Amazon VPC

Amazon EC2

Amazon EBS

2011 2012 2013 2014

Amazon IAM

Amazon S3

Evolution of AWS GovCloud (US) 2011-2014

Amazon VPC

Amazon EC2

Amazon EBS

Amazon CloudWatch

Elastic Load Balancing

Command Line

Interface

2011 2012 2013 2014

Auto Scaling

Amazon RDS

Amazon SQS

Amazon SNS

Amazon IAM

Amazon S3

Evolution of AWS GovCloud (US) 2011-2014

Amazon VPC

Amazon EC2

Amazon EBS

Amazon CloudWatch

Elastic Load Balancing

Command Line

Interface

AWS Elastic MapReduce

AWS Management

Console

2011 2012 2013 2014

Auto Scaling

Amazon RDS

Amazon SQS

Amazon SNS

Amazon IAM

Amazon S3Amazon SWF

Amazon DynamoDB

Evolution of AWS GovCloud (US) 2011-2014

Amazon VPC

Amazon EC2

Amazon EBS

Amazon CloudWatch

Elastic Load Balancing

Command Line

Interface

AWS Elastic MapReduce

AWS Management

Console

Second Generation

Instance Families

Amazon Glacier

Amazon EC2 VM Import

Service Health Dashboard

2011 2012 2013 2014

Auto Scaling

Amazon RDS

Amazon SQS

Amazon SNS

Amazon IAM

Amazon S3Amazon SWF

Amazon DynamoDB

Amazon Redshift

AWS CloudTrail

Amazon VPC Peering

Accelerated pace of service launches in 2015/16

Q1 2015 Q2 2015 Q3 2015 Q4 2015

RDS Integration with CloudTrail

Trusted Advisor

EMR Support for C3,

R3, and I2

Key Management

Service

KMS encryption

integration

CloudWatch

Actions

Direct Connect

VPC Endpoints for S3

Glacier: Vault Lock,

Tagging, Access Policies

D2 Instance Type

S3 Lifecycle

Management

CloudTrail Lookup

ElastiCache

EC2 VM Export

CloudHSM

Mobile SDK

CloudWatch Logs

VPC Flow Logs

CloudTrail integration

with CloudWatch Logs

GovCloud Auto Sign-Up

10+ significant services and features launched 2016 YTD

AWS GovCloud (US) Adoption: 2011-2015

221% YoY growth since launch(Q4 2011 to Q4 2015)

2011 2012 2013 2014 2015

Various types of enterprises use GovCloud

US GovernmentFederal, state, and local

Consulting firms and systems integrators

Technology firms and ISVs

Education institutions

Researchorganizations

Regulated industries(Aerospace, Defense, Energy,

Manufacturing, Healthcare)

Nonprofit organizations

Managed service providers

GovCloud users share common characteristics

Sensitive data and applications

Strict regulatory and compliance requirements

Restricted, community cloud preference

AWS Cloud platform

A robust and growing AWS partner ecosystem

Consulting/SI Technology

Announced today: AWS GovCloud (US) Skill Program

Example workloads customers run on GovCloud

Web applicationsand websites

Backup and recovery

Archiving Disaster recovery Development and test

Big data High-performance computing

Business applications Enterprise IT Mobile

Learn more about customer use cases today

3:45 PMMigrating a US Army Application to AWS GovCloud (US)

4:45 PMCSRA’s Migration to AWS GovCloud (US): An All-In Case Study

How to get started with AWS GovCloud (US)

Best practice: Create a new AWS account for GovCloud use

1. Sign in to the standard AWS Management Console as root user2. Navigate to the Account Settings page3. Choose the Sign up for AWS GovCloud (US) button and then follow the

instructions that appear.

Resellers contact your AWS business representative to get started

Important things to remember

AWS GovCloud (US) is physically and logically isolatedSeparate AZs, Management Console, IAM stack, and service endpoints

AWS GovCloud (US) is not just for the US GovernmentAvailable to qualified contractors and organizations in regulated industries

Remember the AWS Shared Responsibility ModelLeverage services like VPC, IAM, KMS and CloudHSM to secure sensitive workloads and manage access to sensitive data

Learn more about AWS GovCloud (US)

AWS GovCloud (US) webpagehttps://aws.amazon.com/govcloud-us/

AWS GovCloud (US) User Guidehttp://docs.aws.amazon.com/govcloud-us/latest/UserGuide/welcome.html

Keith BrooksAWS GovCloud (US)

Sr. Business Development Managerbrookskl@amazon.com

Thank You