Getting started with AWS Artifact

AWS Artifact provides a central resource for AWS security and compliance reports. The artifacts available in AWS Artifact include Service Organization Control (SOC) reports, Payment Card Industry (PCI) reports, and certifications from accreditation bodies that validate the implementation and operating effectiveness of AWS security controls. Additionally, AWS Artifact provides on-demand access to the security and compliance documents such as ISO certifications, and Service Organization Control (SOC) reports of the Independent Software Vendors (ISVs) who sell their products on AWS Marketplace. For more information, see AWS Marketplace Vendor Insights.

AWS Artifact enables you to accept and manage legal agreements such as the Business Associate Addendum (BAA). If you use AWS Organizations, you can accept agreements on behalf of all accounts within your organization. When accepted, all existing and subsequent member accounts are automatically covered by the agreement.

Step 1: Sign up for AWS

If you do not have an AWS account, complete the following steps to create one.

To sign up for an AWS account

1. Open https://portal.aws.amazon.com/billing/signup.

2. Follow the online instructions.

   Part of the sign-up procedure involves receiving a phone call and entering a verification code on the phone keypad.

   When you sign up for an AWS account, an AWS account root user is created. The root user has access to all AWS services and resources in the account. As a security best practice, assign administrative access to an administrative user, and use only the root user to perform tasks that require root user access.

Step 2: Download a report

You can download reports using Adobe Acrobat Reader. Other PDF readers are not supported. For more information, see Downloading reports.

To download a report

1. Open the AWS Artifact console at https://console.aws.amazon.com/artifact/.

2. On the AWS Artifact home page, choose View reports.

3. On the Reports page, use the AWS reports tab to access an AWS report and navigate to the Third-party reports tab to access the reports of the Independent Software Vendors (ISVs) who sell their products on AWS Marketplace.

4. (Optional) Enter a keyword in the search field to locate a report.

5. Select a report, and then choose Download report.

6. (Optional) On the Third-party reports tab, you can access the details page of an ISV report by clicking on the Report title to learn more about the report.

7. You might be asked to accept Terms and conditions that apply to the specific report you are downloading. We recommend that you read them closely. When you are finished, select I have read and agree to all the terms and then choose Accept terms and download.

8. Open the downloaded file using Adobe Acrobat Reader. Read the Terms and conditions section. When you are finished, follow the instructions to view the downloaded report.

Third-party reports are accessible only for AWS customers who have onboarded to AWS Marketplace Vendor Insights. To learn more, see AWS Marketplace Vendor Insights.

Step 3: Manage agreements

Before you enter into an agreement, you must download and agree to the terms of the AWS Artifact nondisclosure agreement (NDA). Each agreement is confidential and cannot be shared with others outside of your company.

To accept an agreement with AWS

1. Open the AWS Artifact console at https://console.aws.amazon.com/artifact/.

2. On the AWS Artifact navigation pane, choose Agreements.

3. Choose Account agreements to manage agreements for your account or Organization agreements to manage agreements on behalf of your organization.

4. Expand the section of the agreement.

5. Choose Download and review.

6. Read the Terms and conditions. When you are finished, choose Accept and download.

7. Review the agreement and then select the check boxes to indicate that you agree.

8. Choose Accept to accept the agreement.

For more information, see Managing agreements.