Meeting data residency requirements on AWS
The available partitions, AWS Regions, Availability Zones, and Local Zones allow companies to choose the best location for their data and workloads based on their unique requirements:
-
A partition is a logical group of AWS Regions. AWS commercial Regions are in the
awspartition, Regions in China are in theaws-cnpartition, and AWS GovCloud (US) Regions are in theaws-us-govpartition. -
An AWS Region is a separate geographic area where AWS clusters data centers.
-
Each AWS Region has multiple, isolated locations known as Availability Zones.
-
A Local Zone is an extension of a Region that is geographically close to your users.
For more information about the currently available Regions, Availability Zones, and
Local Zones, see AWS
Global Infrastructure
A partition provides data, network, and machine isolation from Regions in other partitions. AWS partitions create logical network isolation with separate credentialed access between Regions in the different partitions. Partitions include one or more Regions, but an AWS Region exists only within one partition; an AWS Region cannot be a part of two partitions.
You can choose between partitions based on whether a United States government security
classification is required. Workloads processing unclassified
or official data can use both the AWS GovCloud (US) or standard partitions.
AWS also offers additional partitions accredited to operate workloads at the Secret
and Top-Secret US security classification levels, but these are out of scope for this
guide. For more information about operating workloads at these classification levels,
see Cloud Computing for US
Defense
We recommend deploying multi-Region workloads within a single partition to reduce any
compliance, operational, and technical challenges. However, there are limited use cases,
such as with AWS Direct Connect
