AWS Services in Scope by Compliance Program

Information System Security Management and Assessment Program (ISMAP)

We include generally available services in the scope of our compliance efforts based on the expected use case, feedback and demand. If a service is not currently listed as in scope of the most recent assessment, it does not mean that you cannot use the service. It is part of the shared responsibility for your organization to determine the nature of the data. Based on the nature of what you are building on AWS, you should determine if the service will process or store customer data and how it will or will not impact the compliance of your customer data environment.

We encourage you to discuss your workload objectives and goals with your AWS account team; they will be able to evaluate your proposed use case and architecture, and how our security and compliance processes overlay that architecture. Need to connect with an AWS business representative?

This webpage provides a list of AWS Services in Scope of AWS assurance programs. Unless specifically excluded, generally available features of each of the services are considered in scope of the assurance programs, and are reviewed and tested at the next opportunity for assessment. Refer to the AWS Documentation for the features of an AWS service.

✓ = This service is currently in scope and is reflected in current reports. For more specific details on status, please refer to each compliance program tab below.

Click here for full list of services covered under the AWS compliance programs.

ISMAP

Last updated: April 11, 2025

SERVICES / PROGRAMS	NAMESPACES*	ISMAP
HAQM API Gateway	apigateway	✓
HAQM AppFlow	appflow	✓
HAQM AppStream 2.0	appstream	✓
HAQM Athena	athena	✓
HAQM Augmented AI [excludes Public Workforce and Vendor Workforce for all features]	sagemaker	✓
HAQM Bedrock [excludes HAQM Bedrock Marketplace]	bedrock	✓
HAQM Chime	chime	✓
HAQM Chime SDK		✓
HAQM Cloud Directory	clouddirectory	✓
HAQM CloudFront	cloudfront	✓
HAQM CloudWatch	cloudwatch	✓
HAQM CloudWatch Logs	logs	✓
HAQM Cognito	cognito-idp, cognito-identity, cognito-sync	✓
HAQM Comprehend	comprehend	✓
HAQM Comprehend Medical	comprehendmedical	✓
HAQM Connect	connect	✓
HAQM Data FireHose	firehose	✓
HAQM Detective	detective	✓
HAQM DevOps Guru	devops-guru	✓
HAQM DocumentDB (with MongoDB compatibility)	rds	✓
HAQM DynamoDB	dynamodb	✓
HAQM EC2 Auto Scaling	autoscaling	✓
HAQM Elastic Block Store (EBS)	ebs	✓
HAQM Elastic Compute Cloud (EC2)	ec2	✓
HAQM Elastic Container Registry (ECR)	ecr	✓
HAQM Elastic Container Service (ECS) [both Fargate and EC2 launch types]	ecs	✓
HAQM Elastic File System (EFS)	elasticfilesystem	✓
HAQM Elastic Kubernetes Service (EKS) [both Fargate and EC2 launch types]	eks	✓
HAQM Elastic MapReduce (EMR)	elasticmapreduce	✓
HAQM ElastiCache	elasticache	✓
HAQM EventBridge	events	✓
HAQM FinSpace	finspace	✓
HAQM Forecast	amazonforecast	✓
HAQM Fraud Detector	frauddetector	✓
HAQM FSx	fsx	✓
HAQM GuardDuty	guardduty	✓
HAQM Inspector	inspector	✓
HAQM Inspector Classic	inspector	✓
HAQM Kendra	kendra	✓
HAQM Keyspaces (for Apache Cassandra)	keyspaces	✓
HAQM Kinesis Data Streams	kinesis	✓
HAQM Kinesis Video Streams	kinesisvideo	✓
HAQM Lex	runtime.lex, models.lex	✓
HAQM Location Service	location	✓
HAQM Macie	macie	✓
HAQM Managed Service for Apache Flink	kinesisanalytics	✓
HAQM Managed Service for Prometheus	amp	✓
HAQM Managed Streaming for Apache Kafka	msk	✓
HAQM Managed Workflows for Apache Airflow	airflow	✓
HAQM MemoryDB	memorydb	✓
HAQM MQ	mq	✓
HAQM Neptune	neptune-db	✓
HAQM OpenSearch Service	opensearch	✓
HAQM Personalize	personalize	✓
HAQM Pinpoint and End User Messaging [formerly HAQM Pinpoint]	pinpoint	✓
HAQM Polly	polly	✓
HAQM Quantum Ledger Database (QLDB)	qldb	✓
HAQM QuickSight	quicksight	✓
HAQM Redshift	redshift	✓
HAQM Rekognition	rekognition	✓
HAQM Relational Database Service (RDS) [includes HAQM Aurora]	rds	✓
HAQM Route 53	route53	✓
HAQM Route 53 Resolver	route53resolver	✓
HAQM S3 Glacier	glacier	✓
HAQM SageMaker AI [formerly HAQM Sagemaker, excludes Studio Lab, Public Workforce and Vendor Workforce for all features]	sagemaker	✓
HAQM Simple Email Service (SES)	ses	✓
HAQM Simple Notification Service (SNS)	sns	✓
HAQM Simple Queue Service (SQS)	sqs	✓
HAQM Simple Storage Service (S3)	s3	✓
HAQM Simple Workflow Service (SWF)	swf	✓
HAQM SimpleDB	sbd	✓
HAQM Textract	textract	✓
HAQM Timestream	timestream	✓
HAQM Transcribe	transcribe	✓
HAQM Translate	translate	✓
HAQM Virtual Private Cloud (VPC)	ec2	✓
HAQM WorkDocs	workdocs	✓
HAQM WorkMail	workmail	✓
HAQM WorkSpaces	workspaces	✓
HAQM WorkSpaces Web	workspaces-web	✓
AWS Amplify	amplify	✓
AWS App Mesh	appmesh	✓
AWS App Runner	apprunner	✓
AWS Application Migration Service	mgn	✓
AWS AppSync	appsync	✓
AWS Artifact	artifact	✓
AWS Audit Manager	auditmanager	✓
AWS Backup	backup	✓
AWS Batch	batch	✓
AWS Certificate Manager (ACM)	acm	✓
AWS Chatbot	chatbot	✓
AWS Cloud9	cloud9	✓
AWS Cloud Map	servicediscovery	✓
AWS CloudFormation	cloudformation	✓
AWS CloudHSM	cloudhsm	✓
AWS CloudShell		✓
AWS CloudTrail	cloudtrail	✓
AWS CodeBuild	codebuild	✓
AWS CodeCommit	codecommit	✓
AWS CodeDeploy	codedeploy	✓
AWS CodePipeline	codepipeline	✓
AWS CodeStar	codestar	✓
AWS Config	config	✓
AWS Control Tower	controltower	✓
AWS Data Exchange	dataexchange	✓
AWS Database Migration Service (DMS)	dms	✓
AWS DataSync	datasync	✓
AWS Device Farm	devicefarm	✓
AWS Direct Connect	directconnect	✓
AWS Directory Service [excludes Simple AD]	ds	✓
AWS Elastic Beanstalk	elasticbeanstalk	✓
AWS Elastic Disaster Recovery	drs	✓
AWS Elemental MediaConnect	mediaconnect	✓
AWS Elemental MediaConvert	mediaconvert	✓
AWS Elemental MediaLive	medialive	✓
AWS Fault Injection Simulator	fis	✓
AWS Firewall Manager	fms	✓
AWS Global Accelerator	globalaccelerator	✓
AWS Glue (including AWS Lake Formation)	glue	✓
AWS Glue DataBrew	databrew	✓
AWS Ground Station	groundstation	✓
AWS Health Dashboard	health	✓
AWS HealthLake	healthlake	✓
AWS HealthOmics	omics	✓
AWS IAM Identity Center (successor to AWS Single Sign-On)	sso	✓
AWS Identity and Access Management (IAM)	iam	✓
AWS IoT 1-Click	iot1click	✓
AWS IoT Analytics	iotanalytics	✓
AWS IoT Core	iot-device	✓
AWS IoT Device Defender	iot-device	✓
AWS IoT Device Management	iot-device	✓
AWS IoT Events	iotevents	✓
AWS IoT Greengrass	greengrass	✓
AWS IoT SiteWise	iotsitewise	✓
AWS Key Management Service (KMS)	kms	✓
AWS Lake Formation	lakeformation	✓
AWS Lambda	lambda	✓
AWS License Manager	license-manager	✓
AWS Mainframe Modernization		✓
AWS Managed Services		✓
AWS Network Firewall	network-firewall	✓
AWS OpsWorks for CM [includes Chef Automate, Puppet Enterprise]	opsworks-cm	✓
AWS OpsWorks Stacks	opsworks	✓
AWS Organizations	organizations	✓
AWS Outposts	outpost	✓
AWS Private CA	acm-pca	✓
AWS Resource Access Manager	ram	✓
AWS Resource Groups	resource-groups	✓
AWS RoboMaker	robomaker	✓
AWS Secrets Manager	secretsmanager	✓
AWS Security Hub	securityhub	✓
AWS Server Migration Service (SMS)	sms	✓
AWS Serverless Application Repository	serverlessrepo	✓
AWS Service Catalog	servicecatalog	✓
AWS Shield	shield, DDoSProtection	✓
AWS Signer		✓
AWS Snowball	snowball	✓
AWS Snowball Edge	snowballedge	✓
AWS Snowmobile		✓
AWS Step Functions	states	✓
AWS Storage Gateway	storagegateway	✓
AWS Systems Manager	ssm	✓
AWS Transfer Family	transfer	✓
AWS Trusted Advisor	trustedadvisor	✓
AWS WAF	waf	✓
AWS Wickr		✓
AWS X-Ray	xray	✓
EC2 Image Builder	imagebuilder	✓
Elastic Load Balancing (ELB)	elasticloadbalancing	✓
RTOS	freertos	✓
VM Import/Export		✓

AWS Services in Scope by Compliance Program

Information System Security Management and Assessment Program (ISMAP)

Want More Information About Services in Scope?

Ending Support for Internet Explorer