AWS Services in Scope by Compliance Program

Multi-Tier Cloud Security (MTCS)

We include generally available services in the scope of our compliance efforts based on the expected use case, feedback and demand. If a service is not currently listed as in scope of the most recent assessment, it does not mean that you cannot use the service. It is part of the shared responsibility for your organization to determine the nature of the data. Based on the nature of what you are building on AWS, you should determine if the service will process or store customer data and how it will or will not impact the compliance of your customer data environment.

We encourage you to discuss your workload objectives and goals with your AWS account team; they will be able to evaluate your proposed use case and architecture, and how our security and compliance processes overlay that architecture. Need to connect with an AWS business representative? 

This webpage provides a list of AWS Services in Scope of AWS assurance programs. Unless specifically excluded, generally available features of each of the services are considered in scope of the assurance programs, and are reviewed and tested at the next opportunity for assessment. Refer to the AWS Documentation for the features of an AWS service.

= This service is currently in scope and is reflected in current reports. For more specific details on status, please refer to each compliance program tab below.

 

Click here for full list of services covered under the AWS compliance programs.

MTCS Last updated: April 11, 2025
SERVICES / PROGRAMS US-East
(Ohio)		 US-East
(N.Virginia)		 US-West
(Oregon)		 US-West
(N.California)		 Singapore Seoul
HAQM API Gateway
HAQM AppFlow
HAQM AppStream 2.0    
HAQM Athena
HAQM Augmented AI [excludes Public Workforce and Vendor Workforce for all features]   
HAQM Bedrock [excludes HAQM Bedrock Marketplace]      
HAQM Chime
HAQM Chime SDK    
HAQM Cloud Directory
HAQM CloudFront [excludes content delivery through HAQM CloudFront Embedded Point of Presences]
HAQM CloudWatch
HAQM CloudWatch Logs
HAQM Cognito
HAQM Comprehend  
HAQM Comprehend Medical      
HAQM Connect    
HAQM Datazone  
HAQM Data Firehose
HAQM Detective
HAQM DevOps Guru
HAQM DocumentDB (with MongoDB compatibility)  
HAQM DynamoDB
HAQM EC2 Auto Scaling
HAQM Elastic Block Store (EBS)
HAQM Elastic Compute Cloud (EC2)
HAQM Elastic Container Registry (ECR)
HAQM Elastic Container Service (ECS)  [both Fargate and EC2 launch types]
HAQM Elastic Kubernetes Service (EKS) [both Fargate and EC2 launch types]
HAQM Elastic File System (EFS)
HAQM Elastic MapReduce (EMR)
HAQM ElastiCache
HAQM EventBridge
HAQM Finspace      
HAQM Forecast  
HAQM Fraud Detector    
HAQM FSx
HAQM GuardDuty
HAQM Inspector
HAQM Inspector Classic
HAQM Kendra    
HAQM Keyspaces (for Apache Cassandra)
HAQM Kinesis Data Streams
HAQM Kinesis Video Streams  
HAQM Lex    
HAQM Location Service    
HAQM Macie
HAQM Managed Grafana  
HAQM Managed Service for Apache Flink  
HAQM Managed Service for Prometheus    
HAQM Managed Streaming for Apache Kafka
HAQM Managed Workflows for Apache Airflow (HAQM MWAA)  
HAQM MemoryDB  ✓
HAQM MQ
HAQM Neptune
HAQM OpenSearch Service
HAQM Personalize  
HAQM Pinpoint and End User Messaging    
HAQM Polly
HAQM Q Business        
HAQM Quantum Ledger Database (QLDB)  
HAQM QuickSight  
HAQM Redshift
HAQM Rekognition
HAQM Relational Database Service (RDS)
HAQM Route 53
HAQM S3 Glacier
HAQM SageMaker AI [formerly HAQM Sagemaker, excludes Studio Lab, Public Workforce and Vendor Workforce for all features]
HAQM Security Lake
HAQM Simple Email Service (SES)
HAQM Simple Notification Service (SNS)
HAQM Simple Queue Service (SQS)
HAQM Simple Storage Service (S3)
HAQM Simple Workflow Service (SWF)
HAQM SimpleDB      
HAQM Textract
HAQM Timestream      
HAQM Transcribe
HAQM Translate
HAQM Virtual Private Cloud (VPC)
HAQM WorkDocs      
HAQM WorkMail        
HAQM WorkSpaces    
HAQM Workspaces Secure Browser      
HAQM WorkSpaces Thin Client    
AWS Amplify
AWS App Mesh
AWS App Runner      
AWS AppFabric          
AWS Application Migration Service
AWS AppSync
AWS Artifact
AWS Audit Manager  
AWS Backup
AWS Batch
AWS Certificate Manager (ACM)
AWS Chatbot
AWS Clean Rooms  
AWS Cloud Map
AWS Cloud9
AWS CloudFormation
AWS CloudHSM
AWS CloudShell      
AWS CloudTrail
AWS CodeBuild
AWS CodeCommit
AWS CodeDeploy
AWS CodePipeline
AWS Config
AWS Control Tower  
AWS Data Exchange
AWS Database Migration Service (DMS)
AWS DataSync
AWS Device Farm
AWS Direct Connect
AWS Directory Service [excludes Simple AD]
AWS Elastic Beanstalk
AWS Elastic Disaster Recovery
AWS Elemental MediaConnect
AWS Elemental MediaConvert
AWS Elemental MediaLive  
AWS Entity Resolution  
AWS Fault Injection Service
AWS Firewall Manager
AWS Global Accelerator
AWS Glue
AWS Glue DataBrew
AWS Ground Station    
AWS Health Dashboard
AWS HealthImaging        
AWS HealthLake      
AWS HealthOmics      
AWS IAM Identity Center    
AWS Identity and Access Management (IAM)
AWS IoT 1-Click      
AWS IoT Analytics      
AWS IoT Core
AWS IoT Device Defender
AWS IoT Device Management
AWS IoT Events  
AWS IoT Greengrass  
AWS IoT SiteWise  
AWS IoT TwinMaker    
AWS Key Management Service (KMS)
AWS Lake Formation
AWS Lambda
AWS License Manager
AWS Mainframe Modernization
AWS Managed Services
AWS Network Firewall
AWS OpsWorks for CM (includes Chef Automate, Puppet Enterprise)
AWS OpsWorks Stacks
AWS Organizations
AWS Outposts
AWS Payment Cryptography    
AWS Private Certificate Authority
AWS Resilience Hub
AWS Resource Access Manager (RAM)
AWS Resource Groups
AWS RoboMaker    
AWS Secrets Manager
AWS Security Hub
AWS Serverless Application Repository
AWS Service Catalog
AWS Shield
AWS Signer
AWS Snowball
AWS Step Functions
AWS Storage Gateway
AWS Systems Manager
AWS Transfer Family
AWS Trusted Advisor
AWS User Notifications
AWS Verified Access
AWS WAF
AWS Wickr          
AWS X-Ray
EC2 Image Builder
Elastic Load Balancing (ELB)
FreeRTOS
VM Import/Export

Want More Information About Services in Scope?

Contact Us