AWS GovCloud (US)
User Guide

AWS CloudFormation

The following list details the differences for using this service in the AWS GovCloud (US) Region compared to other AWS regions:

  • Use SSL (HTTPS) when you make calls to the service in the AWS GovCloud (US) Region. In other regions, you can use HTTP or HTTPS.

For more information about AWS CloudFormation, see the AWS CloudFormation documentation.

ITAR Boundary

The ITAR boundary defines where customers are allowed to store ITAR-regulated data for this service in the AWS GovCloud (US) Region. You must comply with the boundaries in order to maintain ITAR compliance. If you do not have any ITAR-regulated data in the AWS GovCloud (US) Region, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted

ITAR-Regulated Data Not Permitted

  • The user data section of AWS CloudFormation templates can refer to scripts containing ITAR-regulated. The scripts containing ITAR-regulated data must be stored in an AWS GovCloud (US) Amazon S3 bucket.

  • ITAR-regulated data may be stored and processed on the instances launched using AWS CloudFormation.

  • No ITAR-regulated data may be entered, stored, or processed by AWS CloudFormation. For example, AWS CloudFormation metadata is not permitted to contain ITAR-regulated data. This metadata includes all the configuration data that you enter when creating and maintaining your AWS CloudFormation templates.

On this page: