You cannot use AWS to launch or assist denial-of-service attacks, generate mass unsolicited messages, or disrupt other internet systems in any way.
This analysis describes what Amazon's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This clause establishes use restrictions that AWS enforces through its operational control of the platform. The provision creates a contractual obligation that forms the basis for AWS to monitor, restrict, or terminate service access when the specified conduct is detected.
Businesses running publicly accessible services on AWS must implement adequate security controls to prevent their infrastructure from being compromised and used for attacks, because a security breach that results in their AWS resources being weaponized could trigger AUP violations and account suspension even though they were the victim.
How other platforms handle this
Avoid Professional Advice: Don't seek to receive or provide medical, legal, financial, or tax advice through the platform.
To the maximum extent permitted by applicable law, Kit shall not be liable for any indirect, incidental, special, consequential or punitive damages, or any loss of profits or revenues, whether incurred directly or indirectly, or any loss of data, use, goodwill, or other intangible losses, resulting ...
We have implemented appropriate technical and organizational security measures designed to protect the security of any Personal Information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technolo...
Monitoring
Amazon has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"No Abuse. You may not use the Services to engage in, foster, or promote illegal, abusive, or irresponsible behavior, including: carrying out or enabling denial of service attacks; generating, distributing, publishing or facilitating unsolicited mass email or other messages; or otherwise causing disruption to the operation of the Services or other systems.— Excerpt from Amazon's AWS Acceptable Use Policy
(1) REGULATORY FRAMEWORK: DDoS attacks constitute violations of CFAA (18 U.S.C. § 1030(a)(5), DOJ enforcement), UK Computer Misuse Act 1990 s.3, and EU Directive 2013/40/EU Art. 5. Enabling or facilitating such attacks through inadequate security may also implicate FTC Act Section 5 (unfair security practices) per FTC's LabMD and Wyndham precedents establishing that inadequate security constitutes an unfair practice. NIS2 Directive Art. 21 requires operators of essential services to implement security measures proportionate to risks, including DDoS protection. (2)
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This clause establishes use restrictions that AWS enforces through its operational control of the platform. The provision creates a contractual obligation that forms the basis for AWS to monitor, restrict, or terminate service access when the specified conduct is detected.
Businesses running publicly accessible services on AWS must implement adequate security controls to prevent their infrastructure from being compromised and used for attacks, because a security breach that results in their AWS resources being weaponized could trigger AUP violations and account suspension even though they were the victim.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Amazon.