Microsoft continues to lead the charge in realizing the power and promise of the cloud for Government customers. We are pleased to announce that Azure Government has been granted authorization for 12 additional customer-facing services to our FedRAMP High P-ATO. We now offer 32 Infrastructure and Platform services to our customers in our Azure Government compliance boundary, all of which have been authorized for use with up to High Impact level data. Our coverage of services, and the rate at which we are increasing our scope, highlight our commitment to being the most Trusted and Certified cloud, accelerating compliance for Government customers.
We are pleased to announce that the entire Operations Management Suite (OMS) is now authorized for use in Azure Government. The OMS suite empowers customers to take full advantage of the Hybrid Cloud. OMS enables customers to gain insight across their entire fleet, allowing faster response to security threats, enabling consistent control and compliance, and ensuring the availability of apps and data irrespective of where those applications or data live; in Azure, on premises, or on other cloud platforms using a federated clouds model.
- Azure Log Analytics: helps you collect and analyze data generated by resources in your cloud and on-premises environments. It gives you real-time insights using integrated search and custom dashboards to readily analyze millions of records across all your workloads and servers regardless of their physical location.
- Azure Automation: saves time and increases the reliability of regular administrative tasks – even schedules them to be automatically performed at regular intervals. You can automate processes using runbooks or automate configuration management using Desired State Configuration. The Automation service allows customers to maximize the value proposition of the cloud, consuming services on demand and only when required.
- Azure Backup: is a unified solution to protect data on-premises and in the cloud, with 99.9% guaranteed availability! Incremental backups provide efficiency and geo-replicated storage ensures you meet availability requirements for High Impact data. And to top it off, all data is encrypted in transit and at rest using FIPS 140-2 validated encryption modules.
- Azure Site Recovery: delivers the power of the cloud for disaster recovery scenarios. With Azure Site Recovery, you can automate protection and replication of your virtual machines, remotely monitor the health of your fleet, orchestrate recovery as needed using customizable plans, and test your recovery capabilities without impacting your system availability.
Authorization of the Azure Resource Manager (ARM) service enables our government customers to deploy complex architectures in Azure Government automatically and consistently. With ARM, you define the infrastructure and dependencies for your app in a single declarative template. ARM templates are flexible enough to use for all your environments; test, staging, or production. If you create a solution from the Azure Marketplace, the solution will automatically include a template that you can use for your app.
Corresponding with the addition of ARM, we have also added our Resource Providers for Compute, Storage, and Networking. These Resource Providers enable seamless, automated deployment of Compute, Storage, and Networking resources as needed and on demand using the ARM template architecture; including ARM templates that meet certification requirements which is coming soon as part of our Azure Blueprint program.
- Azure CRP: is the Compute Resource Provider, used in creating and managing virtual machine resources and extensions in simple to use Azure Resource Manager templates.
- Azure SRP: is the Storage Resource Provider, used in creating and managing blob, table, queue, and storage account management resources in simple to use Azure Resource Manager templates.
- Azure NRP: is the Network Resource Provider, which delivers a series of Software-defined Networking (SDN) and Network Function Virtualization features for the Azure Government environment. NRP gives you more granular network control, metadata tags, faster configuration, rapid and repeatable customization, and multiple control interfaces. You can use the NRP to create software load balancers, public IPs, network security groups, virtual networks, among others.
Microsoft has collaborated with our regulators to dramatically decrease the time required to take a service from available to certified. In fact, we have a roadmap that adds all services currently available in Azure Government to our FedRAMP High boundary. We are committed to ensuring that Azure Government provides the best the cloud has to offer and that all of our offerings are certified at the highest levels of compliance. Please visit the Microsoft Trust Center for additional details and reach out to AzureBlueprint@Microsoft.com for support on how these compliant services can be included in your cloud ATO efforts.
Product Group | Azure Government Service | Availability |
Compute | ||
Batch | Newly Authorized | |
Cloud Services | Authorized | |
Compute Resource Provider | Newly Authorized | |
Virtual Machines | Authorized | |
Service Fabric | In Progress | |
Virtual Machine Scale Sets | In Progress | |
Storage | ||
Storage | Authorized | |
Storage Resource Provider | Newly Authorized | |
Networking | ||
Application Gateway | Authorized | |
Express Route | Authorized | |
Load Balancer | Authorized | |
Network Resource Provider | Newly Authorized | |
Traffic Manager | Authorized | |
Virtual Network | Authorized | |
VPN Gateway | Authorized | |
Databases | ||
Redis Cache | Newly Authorized | |
SQL Database | Authorized | |
SQL Data Warehouse | In Progress | |
SQL Server Stretch Database | In Progress | |
Intelligence + Analytics | ||
Power BI | Newly Authorized | |
HDInsight | In Progress | |
Monitoring + Management | ||
Automation | Newly Authorized | |
Azure Government Portal | Newly Authorized | |
Azure Resource Manager | Newly Authorized | |
Azure Runtime | Authorized | |
Backup | Authorized | |
Log Analytics | Newly Authorized | |
Scheduler | Newly Authorized | |
Site Recovery | Authorized | |
Security + Identity | ||
Azure Active Directory | Authorized | |
Key Vault | Authorized | |
Azure MFA | In Progress | |
Web + Mobile | ||
Media Services | Newly Authorized | |
Notification Hubs | Authorized | |
Web Apps | Authorized | |
API Apps | In Progress | |
Mobile Apps | In Progress | |
Enterprise Integration | ||
Service Bus | Authorized | |
Store Simple | Authorized | |
IoT | ||
Event Hubs | Authorized | |