What is AWS artifact?

In this quick guide, we’ll cover what is AWS Artifact, key features, benefits, how it works, how to get started, and pricing, with frequently asked questions and best practices.

What is AWS Artifact?

AWS Artifact is a self-service portal for accessing and managing security and compliance reports from AWS and third-party ISVs. It allows users to download, accept, or terminate compliance agreements on-demand. This service helps enhance deployment confidence by offering insights into the security and compliance posture of AWS and its partners. It’s designed for users needing to manage compliance effectively and assess third-party risks.

What are AWS Artifact Reports?

A key feature of AWS Artifact is its Reports section, where users can access and download a variety of reports validating the security and compliance of AWS infrastructure and services, in accordance with various international regulatory standards.

Here are some of the main reports typically accessed through AWS Artifact:

SOC Reports: These are Service Organization Control reports, including SOC 1, SOC 2, and SOC 3, which provide insights into AWS’s controls and processes related to security, availability, processing integrity, confidentiality, and privacy of a system.

ISO Certifications: AWS provides numerous ISO reports, such as ISO 27001, ISO 27017, and ISO 27018. These certifications are crucial for customers needing to comply with international standards for managing information security and protecting personal data in the cloud.

PCI-DSS Compliance: The Payment Card Industry Data Security Standard reports are vital for any organization that handles credit card transactions. These reports verify that AWS services are secure and comply with the PCI-DSS requirements

You can use these reports to continuously monitor or audit your suppliers, verify the operational efficiency of AWS security controls, prove compliance of your own AWS infrastructure, and more.

How to download a report from AWS Artifact

To download a report from AWS Artifact, follow these simplified steps:

Access the AWS Artifact Console: Navigate to AWS Artifact in the AWS Management Console.
Navigate to Reports: On the AWS Artifact homepage, click on “View reports.”
Choose a Report Type: Select either the “AWS reports” tab for AWS-specific reports (like SOC 1/2/3, PCI) or the “Third-party reports” tab for reports from Independent Software Vendors (ISVs) on AWS Marketplace.
Search for a Specific Report (Optional): Use the search field to find a specific report by entering relevant keywords like “C5” in the “Title” column.
Download the Report: Click on the report you wish to download, then click “Download report.”

What are AWS Artifact Agreements?

AWS Artifact Agreements house the agreements you have with AWS. You can use AWS Artifact Agreements to review, accept, and manage agreements with AWS for your individual AWS account or AWS accounts within your AWS Organizations.

One key benefit of AWS Artifact agreements is that you can accept or reject reports across a whole AWS Organization (only the management account can accept agreements in the AWS Artifact Organization Agreements tab).

Here are some of the main agreements you can access through AWS Artifact:

Customer Agreements: Standard AWS customer agreements outline the general terms and conditions under which AWS services are provided. These are essential for all AWS customers to understand their rights, responsibilities, and the operational boundaries of these services. These can be found in the AWS Artifact account agreements tab.

Service Terms: Specific conditions related to particular AWS services can be found here. These detail additional obligations or usage limits, providing clarity for deploying particular AWS solutions.

Data Processing Addendum (DPA): This is crucial for customers concerned with data protection and privacy, especially those operating within jurisdictions governed by GDPR. The DPA provides terms for the processing and security of personal data.

Business Associate Addendum (BAA): For customers subject to U.S. health regulations like HIPAA, the BAA is necessary for compliance when handling protected health information (PHI) on AWS.

These agreements are also useful to:

Regularly review terms in light of changing regulations or business needs.
Facilitate negotiations or reviews with legal teams by providing ready access to up-to-date compliance and legal documentation.
Strengthen compliance postures by aligning internal policies with the stipulated AWS terms and conditions.

How to accept agreements through AWS Artifact

Open the AWS Artifact console.
On the AWS Artifact navigation pane, choose Agreements.
Choose Account agreements to manage agreements for your account or Organization agreements to manage agreements on behalf of your organization.
Expand the section of the agreement.
Choose Download and review.
Read the Terms and conditions. When you are finished, choose Accept and download, review the agreement, and click “Accept” to accept the agreement.

What are AWS Artifact notifications?

AWS Artifact Notifications lets users receive automated updates about new and revised documents within AWS Artifact. This service employs the AWS User Notification service to deliver messages directly to your specified email addresses, ensuring you are promptly informed about the availability of new reports or updates to existing agreements.

By subscribing to AWS Artifact notifications, you can stay updated without the need to frequently manually check the AWS Artifact console for new content. Each notification delivers direct links to the newly available or updated documents.

To begin receiving notifications, users must first subscribe through the AWS Artifact console and then configure their notification settings to specify which types of documents they wish to be alerted about. You can read more about how to set up AWS artifact notifications in the documentation.

What is the difference between an AWS artifact notification and AWS artifact configuration?

Subscribing to notifications on the AWS Artifact console is a one-time action where you opt-in to receive updates from the AWS Artifact service. This subscription is necessary to enable notification configurations.

After subscribing, you must set up one or more notification configurations to begin receiving updates. During configuration, you can specify whether to receive notifications about all reports and agreements or only a selected subset. You’ll also provide the email addresses of those who should receive these notifications.

What is AWS Artifact pricing?

AWS Artifact is free! There are no costs or fees associated with the service. And, you can download as many “artifacts” as you want with no limit.

AWS Artifact Frequently Asked Questions

Let’s dive into some frequently asked questions about AWS Artifact.

What is AWS Artifact vs AWS CodeArtifact

AWS CodeArtifact is completely different from AWS Artifact. CodeArtifact is a managed artifact repository service that helps developers securely store, publish, and share software packages used in their development process.

Unlike AWS Artifact, which provides access to compliance reports and agreements, CodeArtifact is focused on the management of development artifacts, such as Maven, npm, and Python packages, allowing teams to integrate package management into their CI/CD pipelines efficiently.

What is AWS Artifact vs AWS Audit Manager

AWS Artifact provides access to documentation to help organizations understand and manage their compliance with various regulatory standards. In contrast, AWS Audit Manager automates the collection of evidence needed to prepare for audits, helping organizations to continuously review their compliance with regulations by running assessments based on AWS best practices and frameworks.

Essentially, while AWS Artifact offers the necessary compliance documents, AWS Audit Manager assists in actively managing and auditing compliance within AWS environments.

Who has access to AWS Artifact?

AWS Artifact is accessible to all AWS account holders at no additional cost. Users with AWS account credentials can log in and access compliance reports and agreements directly through the AWS Management Console, under the security, identity, and compliance category.

Access controls within an organization can be managed through AWS Identity and Access Management (IAM) to specify which individuals or services can view or download these documents.

Reduce your AWS costs with nOps

If you’re looking to optimize your AWS costs, nOps makes it easy and painless for engineers to take action on cloud cost optimization.

The nOps all-in-one cloud platform features include:

Business Contexts: Understand and allocate 100% of your AWS bill down to the container level

Compute Copilot: Intelligent provisioner that helps you save with Spot discounts to reduce On-Demand costs by up to 90%

Commitment management: Automatic life-cycle management of your EC2/RDS/EKS commitments with risk-free guarantee

Storage migration: One-Click EBS volume migration

Rightsizing: EC2 instance rightsizing and Auto Scaling Groups rightsizing

Resource Scheduling: Automatically schedule and pause idle resources

nOps was recently ranked #1 with five stars in G2’s cloud cost management category, and we optimize $1.5+ billion in cloud spend for our customers.

Join our customers using nOps to understand your cloud costs and leverage automation with complete confidence by booking a demo today!

Best Practices for Maximizing Stability and Savings with Spot