Manage compliance for Amazon Managed Microsoft AD
You can use Amazon Managed Microsoft AD to support your Active Directory–aware applications, in the Amazon Cloud, that are subject to the following compliance requirements. However, your applications will not adhere to compliance requirements if you use Simple AD.
Supported compliance standards
Amazon Managed Microsoft AD has undergone auditing for the following standards and is eligible for use as part of solutions for which you need to obtain compliance certification.
![]() |
Amazon Managed Microsoft AD meets Federal Risk and Authorization Management Program (FedRAMP) security
requirements and has received a FedRAMP Joint Authorization Board (JAB) Provisional
Authority to Operate (P-ATO) at the FedRAMP Moderate and High Baseline. For more
information about FedRAMP, see FedRAMP
compliance |
![]() |
Amazon Managed Microsoft AD has an Attestation of Compliance for Payment Card Industry (PCI) Data Security Standard (DSS) version 3.2 at Service Provider Level 1. Customers who use Amazon products and services to store, process, or transmit cardholder data can use Amazon Managed Microsoft AD as they manage their own PCI DSS compliance certification. For more information about PCI DSS, including
how to request a copy of the Amazon PCI Compliance Package, see PCI DSS level 1 |
![]() |
Amazon has expanded its Health Insurance
Portability and Accountability Act (HIPAA) compliance program to include Amazon Managed Microsoft AD as a HIPAA
eligible service Amazon offers a HIPAA-focused whitepaper |
Shared responsibility
Security, including FedRAMP, HIPAA and PCI compliance, is a shared
responsibility
For a complete list of all the various Amazon compliance programs that Amazon Managed Microsoft AD
supports, see Amazon services
in scope by compliance program
Enable PCI compliance for your Amazon Managed Microsoft AD directory
To enable PCI compliance for your Amazon Managed Microsoft AD directory, you must configure fine-grained password policies as specified in the PCI DSS Attestation of Compliance (AOC) and Responsibility Summary document provided by Amazon Artifact.
For more information about using fine-grained password policies, see Understanding Amazon Managed Microsoft AD password policies.