AWS Artifact is a portal that provides an enterprise with access to security and compliance reports that apply to the Amazon Web Services (AWS) public cloud.
A user can download reports and other internal AWS documents via Artifact to ensure and demonstrate to auditors or regulators that the AWS offerings he or she uses meet security and compliance standards. These reports can also provide guidance to team members, such as developers, to ensure that they also adhere to these standards.
Examples of the reports found in AWS Artifact include those that relate to the International Organization for Standardization (ISO), Payment Card Industry Data Security Standard (PCI DSS) and Service Organization Control (SOC).
AWS classifies all reports, called artifacts, into two categories: public and confidential. Public artifacts are available to all AWS accounts. Confidential artifacts require approval from Amazon, and, in some cases, require that the requesting customer sign a non-disclosure agreement to receive the report. An admin can restrict or distribute access to an artifact with AWS Identity and Access Management permissions.
The shared responsibility model requires AWS to secure compliance documents in the cloud, but, if a user downloads an agreement, he or she must secure the downloaded document. Each downloaded artifact comes with a unique, trackable watermark.
AWS Artifact also includes descriptions of all reports that detail their applicable date ranges, geographic regions and cloud services.
Another feature of the portal, called AWS Artifact Agreements, enables a user to view, accept and monitor the status of a Business Associate Addendum (BAA) agreement. AWS typically requires companies to adhere to a BAA agreement if they are subject to the Health Insurance Portability and Accountability Act and deal with protected health information.
An AWS user has global on-demand access to AWS Artifact through the AWS Management Console. AWS does not impose a charge for Artifact and Artifact Agreements.