Amazon Web Services at U-M (AWS) is offered to current faculty and staff only. For VPN documentation see the Amazon Web Services at U-M Support page.
Review Safely Use the Cloud before using public cloud resources. Review the Sensitive Data Guide for what data types are permitted in AWS.
ITS currently offers an Enterprise Agreement and a Business Associate Agreement (BAA) for Amazon Web Services (AWS). AWS is a comprehensive, evolving cloud computing platform provided by Amazon. This agreement covers all campuses and Michigan Medicine, and includes the following options:
- University Enterprise Agreement
This replaces the Click-Through agreement and provides more protections to the university and to the faculty and staff who use AWS. - U-M Negotiated Pricing (U-M login required)
- Preconfigured security/networking/reporting/logging
Custom configurations provide added security, networking, and reporting. This includes Shibboleth integration through MCommunity group authorization. As well as central logging of Cloud Trail and Virtual Private Cloud (VPC) Flow Logs into Splunk. Networking security includes initial VPC provisioning with dedicated UM-approved private IP address space. Subnets for web and database applications are pre-defined along with security groups centered around use cases. An optional VPN allows for a secure connection between the cloud and campus resources. Reporting includes inventory and security reporting. Security reports will initially include vulnerability scan results and "loose" security policy. Inventory reports will list provisioned AWS resources and how they are configured. - Virtual Private Network (VPN) service
For those workloads that need a Virtual Private Network (VPN) to the Ann Arbor campus, ITS configured a VPN connection. These workloads are ones that are not available to the public internet by default or workloads that are on private IP space on campus. The subscriber is responsible for the AWS charges incurred by the VPN connection. - Shortcode Billing
This allows use of single or multiple university Shortcodes in paying for AWS Services. There are no additional overhead charges for this service. The account holder is responsible for any service charges generated by their account. Please refer to AWS Service Pricing Overview for a list of services and associated pricing. You can use the AWS Simple Monthly Calculator to estimate your monthly costs. - U-M Single Sign On
- Approved for Some Sensitive Data Types
- Data Egress Waiver