Compliance validation for AWS Outposts
AWS publishes a list of specific in scope compliance certifications for AWS Outposts.
For more information, see AWS Services in Scope by Compliance
Program
Third-party auditors assess the security and compliance of AWS Outposts as part of multiple AWS compliance programs. These include ISO, PCI, HIPAA, and others.
Under the shared responsibility model
For more information about security and compliance for AWS Outposts, see AWS Outposts FAQ
AWS uses secure channels from manufacturing through installation and delivery of the Outpost equipment. When the Outpost equipment is on your site, any replacement parts are delivered through the same secure channels and are checked for tampering. No server or switch repairs occur on site.
As a customer, you are responsible for the physical security and environmental controls at the facility where the Outpost is located, and for providing networking between the Outpost and the AWS Region. Your responsibilities include the following:
-
Physical and environmental security of the Outpost, starting from the moment that the Outpost equipment arrives at your facility to the point at which the Outpost equipment is removed at the end of the term or for repairs.
-
Physical access controls around the Outpost equipment at your facility. This includes background checks and security training for facility staff.
-
Data management policies, including terminating EC2 instances and deleting data volumes before the Outpost equipment is removed at the end of the term or for repairs.
-
Configuring and maintaining a network connection between the Outpost and the AWS Region. Communication sent over this connection between the Outpost and the Region is encrypted by AWS.
-
Encrypting any traffic traveling over your network to the local gateway.