AWS Artifact
💡 Definition
AWS Artifact is your go-to, central resource for compliance-related information that matters to you. It provides on-demand access to AWS's security and compliance reports and select online agreements.
🔑 Key Concepts
- Compliance Reports: Access security and compliance documents such as ISO certifications, PCI reports, and SOC reports (SOC 1, SOC 2, SOC 3).
- Online Agreements: Review, accept, and manage agreements (e.g., Business Associate Addendum (BAA) for HIPAA compliance).
- Self-Service: Provides a self-service portal to download these documents, which is crucial for internal audits or external auditors.
⚙️ How it Works
You log into the AWS Artifact console, browse the available reports and agreements, and download them as needed for your compliance and auditing purposes.
🎯 Use Cases
- Compliance Audits: Providing auditors with evidence of AWS's compliance with various standards.
- Regulatory Requirements: Meeting requirements for data handling (e.g., HIPAA, GDPR).
- Due Diligence: Understanding AWS's security posture and certifications.
💰 Pricing Model
- Free: AWS Artifact is a free service.
📝 Exam Tips (CLF-C02)
- Remind that AWS is responsible for security of the cloud, and AWS Artifact helps demonstrate this via compliance reports.
- The service provides access to AWS's compliance documents, not your application's compliance.
- Key for understanding AWS's role in the Shared Responsibility Model from a compliance perspective.
See Also: * Shared Responsibility Model * Compliance