Menu
AWS GovCloud (US)
User Guide

AWS Storage Gateway

The following list details the differences for using this service in the AWS GovCloud (US) Region compared to other AWS regions:

  • A file gateway created inside AWS GovCloud (US) cannot connect to a bucket outside of this region.

  • A file gateway created outside of AWS GovCloud (US) cannot connect to a bucket inside this region.

  • Two types of endpoints: FIPS-enabled endpoint and TLS-enabled endpoint are available.

For more information about AWS Storage Gateway, see the AWS Storage Gateway documentation.

ITAR Boundary

The ITAR boundary defines where customers are allowed to store ITAR-regulated data for this service in the AWS GovCloud (US) Region. You must comply with the boundaries in order to maintain ITAR compliance. If you do not have any ITAR-regulated data in the AWS GovCloud (US) Region, this section does not apply to you. The following information identifies the ITAR boundary for this service:

ITAR-Regulated Data Permitted ITAR-Regulated Data Not Permitted
  • All data entered and stored in tapes and volumes can contain ITAR-regulated data. All data entered and stored in S3 using the file gateway can contain ITAR-regulated data, as described in Amazon S3.

AWS Storage Gateway metadata is not permitted to contain ITAR-regulated data. This metadata includes all configuration data that you enter when creating and maintaining your gateway in AWS Storage Gateway, including but not limited to:

  • Storage Gateway name.

  • Tape barcode.

  • The name of the iSCSI initiator configured for CHAP.

Do not enter ITAR-regulated data into the following console fields:

  • Resource tag: Key

  • Resource tag: Value

On this page: