This page is only for existing customers of the S3 Glacier service using Vaults and the original REST API from 2012.
If you're looking for archival storage solutions we suggest using the S3 Glacier storage classes in Amazon S3, S3 Glacier Instant Retrieval, S3 Glacier Flexible Retrieval, and S3 Glacier Deep Archive. To learn more about these storage options, see S3 Glacier storage classes
Compliance Validation for Amazon S3 Glacier
The security and compliance of Amazon S3 Glacier (S3 Glacier) is assessed by third-party auditors as part of multiple Amazon compliance programs, including the following:
-
System and Organization Controls (SOC)
-
Payment Card Industry Data Security Standard (PCI DSS)
-
Federal Risk and Authorization Management Program (FedRAMP)
-
Health Insurance Portability and Accountability Act (HIPAA)
Amazon provides a frequently updated list of Amazon services in scope of specific compliance
programs at Amazon Services in Scope
by Compliance Program
Third-party audit reports are available for you to download using Amazon Artifact. For more information, see Downloading Reports in Amazon Artifact in the Amazon Artifact User Guide.
For more information about Amazon compliance programs, see Amazon Compliance Programs
Your compliance responsibility when using S3 Glacier is determined by the sensitivity of your data, your organization’s compliance objectives, and applicable laws and regulations. If your use of S3 Glacier is subject to compliance with standards like HIPAA, PCI, or FedRAMP, Amazon provides resources to help:
-
S3 Glacier Vault Lock allows you to easily deploy and enforce compliance controls for individual S3 Glacier vaults with a vault lock policy. You can specify controls such as “write once read many” (WORM) in a vault lock policy and lock the policy from future edits. After the policy is locked, it can no longer be changed. Vault lock policies can help you comply with regulatory frameworks such as SEC17a-4 and HIPAA.
-
Security and Compliance Quick Start Guides
discuss architectural considerations and steps for deploying security- and compliance-focused baseline environments on Amazon. -
Architecting for HIPAA Security and Compliance outlines how companies use Amazon to help them meet HIPAA requirements.
-
The Amazon Well-Architected Tool (Amazon WA Tool)
is a service in the cloud that provides a consistent process for you to review and measure your architecture using Amazon best practices. The Amazon WA Tool provides recommendations for making your workloads more reliable, secure, efficient, and cost-effective. -
Amazon Compliance Resources
provide several different workbooks and guides that might apply to your industry and location. -
Amazon Config can help you assess how well your resource configurations comply with internal practices, industry guidelines, and regulations.
-
Amazon Security Hub provides you with a comprehensive view of your security state within Amazon and helps you check your compliance with security industry standards and best practices.