AWS GovCloud (US)
User Guide

AWS CloudFormation

The following list details the differences for using this service in the AWS GovCloud (US) Region compared to other AWS regions:

  • None

For more information about AWS CloudFormation, see the AWS CloudFormation documentation.

ITAR Boundary

The ITAR boundary defines where customers are allowed to store ITAR-regulated data for this service in the AWS GovCloud (US) Region. You must comply with the boundaries in order to maintain ITAR compliance. If you do not have any ITAR-regulated data in the AWS GovCloud (US) Region, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted

ITAR-Regulated Data Not Permitted

  • The user data section of AWS CloudFormation templates can refer to scripts containing ITAR-regulated. The scripts containing ITAR-regulated data must be stored in an AWS GovCloud (US) Amazon S3 bucket.

  • ITAR-regulated data may be stored and processed on the instances launched using AWS CloudFormation.

  • No ITAR-regulated data may be entered, stored, or processed by AWS CloudFormation. For example, AWS CloudFormation metadata is not permitted to contain ITAR-regulated data. This metadata includes all the configuration data that you enter when creating and maintaining your AWS CloudFormation templates.

On this page: