AWS GovCloud and ElasticBox: A complementary union


AWS GovCloud is one of the several popular clouds where ElasticBox orchestrates and automates the lifecycle of applications. AWS GovCloud (US) is an isolated AWS Region for US government agencies and businesses to move sensitive workloads primarily because of regulatory and compliance requirements. If you’re curious about the use-cases for AWS GovCloud and the value ElasticBox adds, you’re at the right spot.

Amazon GovCloud targets two kinds of usage:

  • Businesses that don’t have ITAR data but want to embrace the extra security layer in this region.
  • Government agencies or businesses with confidential data that must enforce regulatory compliance and security measures.

AWS GovCloud use-cases

I’ll talk about some of the key scenarios where it makes sense to use AWS GovCloud:

  • High availability is important for mission critical apps in Oracle, SAP, and Windows. Such apps rely on fault-tolerant availability zones.
  • High-performance computing matters for apps that process big data. They need massive clusters to spin up and process large data loads in a very short time.
  • High data volume means higher primary and backup storage needs. Such storage should meet data security and compliance standards.
  • Web applications scale with user demand. Predictable workloads need reserved instances and in times of spikes, those payloads require on-demand resources.

For all these scenarios, AWS GovCloud provides agencies and businesses the elasticity of AWS with the security of an ITAR and FedRAMP compliant infrastructure. In addition, it includes enhanced security like FIPS 140-2 Level 2 hardware and cryptographic services for AWS service API endpoints.

ElasticBox for AWS GovCloud

ElasticBox orchestrates workload automation over the AWS service API endpoints in AWS GovCloud. In many ways, the automation value of ElasticBox speaks for itself.

For example, you may host production workloads in GovCloud. When they don’t use or depend on confidential client data, you can spin up dev and test workloads on Google Cloud or elsewhere. Or you may prefer a hybrid solution; one where you put secure data on GovCloud and host other applications in public clouds. Since boxes in ElasticBox define your workloads agnostically, you can port them to AWS GovCloud or any other cloud knowing they will run in exactly the same way. By simply picking a different deployment profile, you reuse the same configuration to build tested code in other environments. Along the way, you can set up CI/CD to automate builds in any environment on AWS GovCloud using the ElasticBox Jenkins plugin.

To launch in AWS GovCloud, register your GovCloud role ARN as an Amazon Web Services GovCloud provider in ElasticBox. Then without leaving ElasticBox, where you configure and self-serve microservices to launch anywhere, you can take advantage of advanced data security in the GovCloud region.

One thing of note is the limitations GovCloud imposes because of ITAR compliance for each AWS service. It helps to look them up in the AWS GovCloud guidelines. To run AWS GovCloud workloads from ElasticBox, we recommend you run ElasticBox as a virtual appliance in the US for ITAR compliance. That way, you store the workload metadata locally rather than replicate in other regions worldwide.

If ITAR regulations affect your data or if your business demands a high level of security, consider AWS GovCloud. It’s not turned on by default in ElasticBox. However, we can enable it for you if you let us know at For more information, check out our documentation.

Hacker News

Categories: AWS, Cloud Application Management, Cool Features & Tutorials, DevOps, ElasticBox
Tags: , , , ,