AWS GovCloud (US) is a gated community cloud designed to support the compliance needs of customer workloads with direct or indirect ties to U.S. Government functions, services, or regulations. The AWS GovCloud (US) framework adheres to U.S. International Traffic in Arms Regulations (ITAR) requirements. Workloads that are appropriate for the AWS GovCloud (US) region include all categories of Controlled Unclassified Information (CUI), including ITAR, as well as Government oriented publicly available data. The customer community utilizing AWS GovCloud (US) includes U.S. Federal, State, and Local Government organizations as well as U.S. Corporate and Educational entities.
Today we are adding a number of important new features to AWS GovCloud (US) in order to open it up to even more types of workloads. Here's what's new:
- High Performance Computing - Support for EC2's Cluster Compute Eight Extra Large Instances (60.5 GB of RAM).
- Elastic Load Balancing - Automatically distribute traffic across multiple EC2 instances.
- Auto Scaling - Automatically scale EC2 capacity up or down based on user-defined conditions.
- CloudWatch Alarms - Receive notification when a CloudWatch metric falls beyond a configurable threshold.
- Simple Notification Service (SNS) - Cloud-based notifications using a topic-centric publish and subscribe model.
- Simple Queue Service (SQS) - Reliable, highly scalable hosted queues for building distributed applications.
The combination of Elastic Load Balancing, Auto Scaling, and CloudWatch alarms means that applications running in the AWS GovCloud can now meet stringent requirements for scalability and availability.
In general, GovCloud is functionally the same as our standard commercial regions, and customers used to AWS will feel right at home. The services in GovCloud have the same APIs and semantics, with very few exceptions. There are some important differences, however:
- GovCloud is the only region where customers are vetted by personal interaction with our sales organization before gaining access.
- For EC2 customers, GovCloud is a VPC-only region; traditional EC2 NAT networking is not available.
- GovCloud has a separate identity and access system; identities and credentials are not shared between GovCloud and other regions.
- There are a few technical enhancements for customers in the government ecosystem, specifically, the presence of FIPS 140-2 certified SSL termination endpoints for AWS APIs and for S3.
- There is as yet no web-based graphical console for GovCloud; that is coming soon, but in the meantime we have supported the creation of the ElasticWolf client-side application. ElasticWolf
runs on both Windows and Mac and supports all of the new features
listed above. It works with all of the AWS regions including GovCloud
(US) and includes extensive VPC support. Of course our command-line tools and APIs work as usual. Here's a screen shot of the most recent version of ElasticWolf: