FedRAMP Authorized — High Impact
Azure Kubernetes Service (Government) by Microsoft (AKS). 6 compliance features verified.
Azure Kubernetes Service (Government)
by Microsoft (AKS)
Impact Level
High
Status
Authorized
Pricing
enterprise
Authorization Date: June 22, 2020 | Sponsoring Agency: DoD
Overview
Azure Kubernetes Service for Government provides managed Kubernetes orchestration within the Azure Government FedRAMP High boundary. It simplifies container deployment, management, and operations with integrated CI/CD and monitoring. AKS Government supports DoD workloads requiring IL4 and IL5 authorization.
Key Features
Certifications & Authorizations
Deployment Options
NIST 800-171 Compliance Coverage
How to Procure Azure Kubernetes Service (Government) for Defense Contracts
Azure Kubernetes Service (Government) is available through GSA Multiple Award Schedule (MAS) Contract 47QTCA18D008Y and SEWP V Contract NNG15SC03B. Government pricing includes significant discounts compared to commercial Azure rates, with additional savings through Enterprise Agreement commitments. Contracting officers must reference Microsoft's FedRAMP High P-ATO authorization boundary documentation (available in the FedRAMP Marketplace) when developing the System Security Plan (SSP). The authorization boundary includes AKS control plane, worker nodes, Azure Container Registry integration, and associated networking components within Azure Government regions. Procurement approval requires verification of agency's FedRAMP High authorization requirements and confirmation that workloads align with IL4/IL5 classification levels. Typical procurement timeline spans 4-6 months including security review, ATO package development, and technical implementation planning. For CMMC assessments, AKS Government must be explicitly included in the assessment boundary as a cloud service provider, requiring documentation of Microsoft's inherited controls, data flow mappings, and interface agreements. Contracting officers should coordinate with the agency ISSO to ensure proper categorization of the AKS service within the overall information system boundary and validate that Microsoft's security controls meet the agency's specific compliance requirements.
Compliance Cross-References
Azure Kubernetes Service (Government) directly supports DFARS 252.204-7012 compliance by providing adequate security controls for Controlled Unclassified Information (CUI) processing within the FedRAMP High boundary. For DFARS 252.239-7010 cloud computing requirements, AKS Government meets data location restrictions (US persons only), provides required incident reporting capabilities, and maintains appropriate security clearances for support personnel. NIST 800-171 control families are addressed through Microsoft's inherited controls: Access Control (AC) via Azure AD integration and RBAC, System and Communications Protection (SC) through network segmentation and encryption, and Audit and Accountability (AU) via Azure Monitor and Log Analytics. CMMC Level 2 domains are satisfied across Access Control, Audit and Accountability, Configuration Management, Identification and Authentication, Media Protection, Personnel Security, Physical Protection, Risk Assessment, Security Assessment, Situational Awareness, and System and Communications Protection practices. DoD Cloud Computing SRG compliance is achieved through Microsoft's IL5 authorization, which includes enhanced monitoring, continuous security assessments, and dedicated government cloud infrastructure that meets DoD's stringent security requirements for containerized workloads.
Defense Contractor Use Case
Defense contractors use AKS Government to run containerized mission-critical applications and microservices that process CUI, leveraging the FedRAMP High and DoD IL4/IL5 authorization boundary.
Related Products
More Platform as a Service Products
Frequently Asked Questions
What is the FedRAMP authorization level for Azure Kubernetes Service (Government)?
Azure Kubernetes Service (Government) is authorized at the FedRAMP High impact level, with authorization granted on 2020-06-22 sponsored by DoD. The FedRAMP High baseline includes approximately 421 security controls and is the most rigorous authorization level.
Can defense contractors use Azure Kubernetes Service (Government) for CUI?
Yes, Azure Kubernetes Service (Government) is authorized at the FedRAMP High baseline, which is suitable for protecting CUI. Defense contractors can use this platform for processing, storing, and transmitting CUI in compliance with NIST 800-171 and DFARS 252.204-7012 requirements. The High baseline provides the most comprehensive set of security controls for cloud services.
How does Azure Kubernetes Service (Government) pricing compare to commercial?
Azure Kubernetes Service (Government) government pricing is typically negotiated on an enterprise basis and may differ from commercial list prices. Government and defense contractor pricing often includes compliance overhead that can make it 15-30% higher than commercial equivalents. However, volume discounts, GSA Schedule pricing, and multi-year commitments can help offset these costs. Contact Microsoft (AKS) directly or check GSA Advantage for current government pricing.
Browse All FedRAMP Authorized Tools
Search and filter 80+ FedRAMP authorized products for your defense contracting needs.
Open FedRAMP FinderTrack Azure Kubernetes Service (Government) FedRAMP compliance updates with AI-powered intelligence
Signals matches SAM.gov opportunities to your profile, monitors regulatory changes, and alerts you before competitors. Free for 90 days.
Start Free — 90 Days