AWS Documentation » AWS GovCloud » User Guide » Services in the AWS GovCloud (US) Region » AWS Storage Gateway

AWS Storage Gateway

The following list details the differences for using this service in the AWS GovCloud (US) Region compared to other AWS regions:

• A file gateway created inside AWS GovCloud (US) cannot connect to a bucket outside of this region.

• A file gateway created outside of AWS GovCloud (US) cannot connect to a bucket inside this region.

• Two types of endpoints: FIPS-enabled endpoint and TLS-enabled endpoint are available.

For more information about AWS Storage Gateway, see the AWS Storage Gateway documentation.

ITAR Boundary

The ITAR boundary defines where customers are allowed to store ITAR-regulated data for this service in the AWS GovCloud (US) Region. You must comply with the boundaries in order to maintain ITAR compliance. If you do not have any ITAR-regulated data in the AWS GovCloud (US) Region, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted

ITAR-Regulated Data Not Permitted

All data entered and stored in tapes and volumes can contain ITAR-regulated data. All data entered and stored in S3 using the file gateway can contain ITAR-regulated data, as described in Amazon S3.

AWS Storage Gateway metadata is not permitted to contain ITAR-regulated data. This metadata includes all configuration data that you enter when creating and maintaining your gateway in AWS Storage Gateway, including but not limited to: Storage Gateway name. Tape barcode. The name of the iSCSI initiator configured for CHAP. Do not enter ITAR-regulated data into the following console fields: Resource tag: Key Resource tag: Value