AWS Config - AWS GovCloud (US)

AWS Config

AWS Config provides a detailed view of the resources associated with your AWS account, including how they are configured, how they are related to one another, and how the configurations and their relationships have changed over time.

AWS Config and AWS Config Rules are supported in the AWS GovCloud (US) Region.

How AWS Config Differs for AWS GovCloud (US)

This service has no differences between the AWS GovCloud (US) and the standard AWS Regions.

Documentation for AWS Config

AWS Config documentation.

ITAR Boundary

AWS GovCloud (US) has an ITAR boundary, which defines where customers are allowed to store ITAR-controlled data for this service in AWS GovCloud (US) Regions. To maintain ITAR compliance, you must place ITAR-controlled data on the applicable part of the ITAR boundary. If you do not have any ITAR-controlled data in AWS GovCloud (US) Regions, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted

ITAR-Regulated Data Not Permitted

  • AWS Config data is outside of the ITAR boundary.

  • AWS Config does not include any ITAR-regulated data.

  • AWS Config metadata is not permitted to contain ITAR-regulated data. This includes the naming and configuration data that you enter when creating and managing your AWS Config settings.

    For example, do not enter ITAR-regulated data into user input fields such as the following:

    • Annotations for rule evaluations

    • Resource identifier

    • S3 bucket name

    • SNS topic name

    • Tag key