Compliance validation for VM Import/Export
Third-party auditors assess the security and compliance of VM Import/Export as part of multiple Amazon compliance programs. These include SOC, PCI, FedRAMP, HIPAA, and others.
For a list of Amazon services in scope of specific compliance programs, see Amazon Services in Scope by Compliance Program
You can download third-party audit reports using Amazon Artifact. For more information,
see Downloading Reports in Amazon Artifact
Your compliance responsibility when using VM Import/Export is determined by the sensitivity of your data, your company's compliance objectives, and applicable laws and regulations. Amazon provides the following resources to help with compliance:
-
Security and Compliance Quick Start Guides
Security and Compliance Quick Start Guides – These deployment guides discuss architectural considerations and provide steps for deploying security- and compliance-focused baseline environments on Amazon. -
Architecting for HIPAA Security and Compliance on Amazon Web Services – This whitepaper describes how companies can use Amazon to run HIPAA-compliant workloads.
-
Amazon Compliance Resources
– This collection of workbooks and guides might apply to your industry and location. -
Evaluating Resources with Rules in the Amazon Config Developer Guide – Amazon Config; assesses how well your resource configurations comply with internal practices, industry guidelines, and regulations.
-
Amazon Security Hub – This Amazon service provides a comprehensive view of your security state within Amazon that helps you check your compliance with security industry standards and best practices.