Self-service enhanced compliance BYOC clouds for AWS

You can now set up enhanced compliance bring your own cloud (BYOC) clouds yourself, without help from Aiven. When you create an AWS custom cloud, choose a compliance deployment model to run Aiven services in your own AWS account under specific compliance requirements:

• hipaa for healthcare workloads that handle protected health information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA)
• pci_dss for payment workloads that require cardholder data environment (CDE) isolation under the Payment Card Industry Data Security Standard (PCI DSS)

These clouds keep your data in your AWS account: services have no public internet access and are reachable only over VPC peering or AWS PrivateLink, outbound traffic is proxied through a bastion host, backups and cold data are stored in your own object storage, all resources are tagged with their compliance model for governance and audit traceability, and services cannot be forked or migrated to another cloud.

For more information, see Enhanced compliance BYOC clouds.