Standardized Architecture for PCI DSS on the AWS Cloud
Deployment Guide
AWS Envision Engineering, AWS Professional Services, and AWS Quick Start Reference Team
May 2016 (last update: January 2020)
This Quick Start reference deployment guide discusses architectural considerations
and steps for
deploying security-focused baseline environments on the Amazon Web Services (AWS)
cloud.
Specifically, this Quick Start deploys a standardized environment that helps organizations
with workloads that fall in scope for
Payment Card Industry (PCI) Data Security Standard (DSS) compliance. The template
relies on the requirements of PCI DSS version 3.2.1.
The deployment guide includes links for viewing and launching
AWS CloudFormation
This Quick Start is part of a set of AWS compliance offerings,
which provide security-focused, standardized architecture solutions to help Managed
Service Providers (MSPs),
cloud-provisioning teams, developers, integrators, and information security teams
adhere to strict security, compliance, and risk management controls. For additional
Quick Starts in this category, see the Quick Start catalog
Quick Links
If you have an AWS account that already meets the technical requirements for the PCI deployment, you can launch the Quick Start
The main template deployment takes approximately 8 minutes. If you’re new to AWS or to PCI-compliant architectures on AWS, please read the overview and follow the detailed pre-deployment and deployment steps described in this guide.
In addition to the main template, which provides a basic networking infrastructure, you can deploy three more templates on top of the main template, or individually. The three templates are for centralized logging, database, and web application.
If you want to take a look under the covers, you can
view the main template
To see how PCI DSS controls map to Quick Start architecture decisions, components,
and configuration, view the
security controls reference
Figure 1: Excerpt from the PCI DSS security controls reference
After you deploy this Quick Start, please take a few minutes to fill out our
survey
Quick Starts