apprunner-roadmap
apprunner-roadmap copied to clipboard
aws
Adding app runner to AWS compliance program
Background - Customers may use any AWS service in an account designated as a HIPAA account, but they should only process, store, and transmit protected health information (PHI) in the HIPAA-eligible services defined in the Business Associate Addendum (BAA). Ref. - https://aws.amazon.com/compliance/hipaa-compliance/
This is a feature request for adding App runner to compliance scope. AWS Services in Scope by Compliance Program
HIPPA compliance is key for our industry. I cannot consider AppRunner until we get some kind of certification here.
Any news with this one? Would love to use App Runner but w/o HIPAA it's not an option. Looking at Fargate atm.
@napalm684 @princepathria97 and other, what are you using instead until App Runner is HIPAA compliant ?
Any news with this one? Would love to use App Runner but w/o HIPAA it's not an option. Looking at Fargate atm.
@napalm684 @princepathria97 and other, what are you using instead until App Runner is HIPAA compliant ?
Fargate ECS
This would be great to have, or at least some information on why it is not covered as it seems under the hood it uses all covered services.
They have documentation kinda outlining the overall architecture diagram of App Runner services and it is indeed using all of their already compliant services. Find more information here: https://aws.amazon.com/blogs/containers/deep-dive-on-aws-app-runner-vpc-networking/.
I suspect the main issue for app runner getting HIPAA compliance (and others) is that it uses a VPC (at least one per region) that is shared among customers. Ideally, app runner would be able to run in a customer controlled VPC.
Would love to see HIPAA compliance in App Runner! It'd be a game-changer for healthcare deployments like ours.
