Compliance - Compliant Framework for Federal and DoD Workloads in AWS GovCloud (US)

Compliance

This solution is designed to meet the compliance requirements for several popular frameworks.

Defense Information Systems Agency (DISA) Cloud Computing Security Requirements Guide (CC SRG) and Secure Cloud Computing Architecture (SCCA)

The CC SRG is developed and maintained by DISA, and it outlines requirements that must be met by mission owners running DoD workloads in commercial cloud environments, such as AWS GovCloud (US). The architecture in this solution is designed to meet the controls as defined in the DISA CC SRG, together with AWS native security controls. Key components of SCCA include:

  • VDSS – Virtual Data Center Security Services

  • VDMS – Virtual Data Center Management Services

  • TCCM – Trusted Cloud Credential Manager

  • CAP – Cloud Access Point

This solution builds infrastructure to support VDSS and VDMS functionality, and can accommodate a CAP connection within the Transit account.

For more information, review the following resources:

Cybersecurity Maturity Model Certification (CMMC)

The Cybersecurity Maturity Model Certification (CMMC) is developed and maintained by the United States Department of Defense Office of the Under Secretary of Defense for Acquisition & Sustainment. It contains sets of controls and required data reports to verify and validate adherence to the defined controls. At the time of this guide’s publishing, the architecture in this solution was designed to meet these controls.

For more information, review the following resources: