Intake Questions for a New AWS Account
- Sandy Bouton (Unlicensed)
Data Requirements
What is the risk classification of your data? (See https://cybersecurity.yale.edu/know-your-risk/data-classification-questionnaire)
Is your data subject to regulatory requirements (HIPAA, NIST, etc.) or to a data use agreement?
Have you met with the appropriate Yale review boards (Yale Information Security, IRB, etc.)?
Do you have a requirement to store your data outside of the US?
AWS Console Access
Who will need access to the AWS console? Please provide NetIDs.
Will non-Yale people need access to the AWS console (or resources)?
AWS Resources
What AWS resources/services do you plan to use?
Will you need to connect your AWS servers, databases or storage with resources on campus (e.g., Storage@Yale)?
Will your AWS servers or databases need to be available to the Internet (outside of campus)?
Security and Technical Support
You are responsible for complying with Yale's Minimum Security Standards.
Have you reviewed the Terms of Use for Cloud Access? You will need to accept this on your first login to the AWS console.
What is your team’s previous training and/or experience with the AWS platform?
Does your team have the expertise to meet your requirement to comply with Yale’s Minimum Security Standards?
Contact Information
Please provide:
Owner Department (The department that will be charged for the resource.)
Owner Department Contact (The person authorized to spend the money.)
Support Department (The department that supports the application. In some cases itmay be the same as Owner Department.)
Support Department Contact (The person with technical knowledge about the application who may be the same as Owner Department Contact.)
Charging Instructions (COA) (Can be provided later if you are using AWS credits.)