This content applies solely to Appian Government Cloud, which must be purchased separately from the Appian base platform.
Appian Government Cloud (AGC) is an unclassified platform-as-a-service cloud service offering that has a DoD provisional authorization at Impact Level 5 (IL5). This is the highest level of authorization for unclassified information that can be achieved at the US Department of Defense (DoD).
AGC accelerates the timeline to go live because it has already cleared many of the authorization processes to make sure the applications and underlying infrastructure are secure. This means DoD customers can focus on their mission, knowing that Appian has done the heavy lifting by pre-authorizing a significant portion of the system.
AGC resides in a Virtual Private Cloud (VPC) within AWS GovCloud IL5 utilizing Federal Information Processing Standards (FIPS) validated GovCloud endpoints.
The AGC accreditation boundary consists of management services (powered by SMX Cloud Assured Managed Services) and the customer's Appian instances in AWS GovCloud. It is a three-tier application made up of redundant web servers, application servers, and databases.
The AGC architecture is segmented within separate, non-routable by default VPCs. The AGC customer environments are built in single-tenant VPCs. Clients do not share the VPCs, meta structure accounts (AWS accounts), cloud native compute, storage, databases, or network instances.
AGC runs on AWS GovCloud (US-West) and delivers dedicated, single tenant environments (development, test, and production) to each customer. It follows a private cloud deployment model where cloud services and infrastructure are dedicated solely to a specific organization or agency.
We provide the Appian platform and the managed services required to meet the requirements of IL5 and class leading service level agreements.
AGC includes the following services:
The customer is responsible for the Secure Cloud Computing Architecture (SCCA), which has the following four components:
Appian meets many of the SCCA functional requirements, but there are shared and customer responsibilities that are detailed in the system security plan (SSP).
Combine AGC with your SCCA, identity provider for DoD CAC integration, and your DoD cybersecurity service provider (CSSP), and you're off and running with your Appian development team to deliver on your mission.
Built on top of the Appian Government Cloud management plane (1), each customer gets its own AWS GovCloud account, for which Appian environments (2) are created, (dev/test/prod) each in their own VPC (3). Each VPC is connected through your provided SCCA (4) to the DoD Information Network (DoDIN) (5).
To learn more about AGC, see the Appian Government Cloud Security and Availability whitepaper.
If you need assistance, contact our dedicated Appian Government Cloud support team.
For more information about AGC, email firstname.lastname@example.org.
Appian Government Cloud (AGC) Overview