What are the institutional and regulatory implications of this document?

(1) REGULATORY LANDSCAPE: The agreement engages GDPR (through its Data Processing Addendum for EU/EEA customers), CCPA (through its Privacy Notice and data processing terms for California-resident data), and HIPAA (through the AWS Business Associate Addendum available for covered entities and business associates). The primary enforcement authorities include the FTC for US consumer protection and unfair practices, relevant EU supervisory authorities under GDPR, and state attorneys general for Ca…

How does AWS's AWS Customer Agreement affect users?

The agreement establishes that customers bear responsibility for all actions taken under their AWS account credentials, including activity by end users or third parties who access services through the customer's account. Under these terms, AWS may suspend or terminate service access immediately and without advance notice in circumstances including security risk, Acceptable Use Policy violations, or legal compliance requirements, with fees continuing to accrue through suspension in certain confi…

How often is AWS's AWS Customer Agreement updated?

ConductAtlas monitors this document daily and captures every version with cryptographic hashing and timestamp verification. Update frequency varies — see the change timeline on this page for complete version history.

Can I get alerted when AWS updates this document?

Yes. Monitor subscribers ($19/month) can add AWS to their watchlist and receive same-day email alerts whenever this document or any other AWS document changes.

CA-D-000674

AWS Customer Agreement

AWS

Last change detected June 2, 2026 Terms of service

SHA-256: 9df8e129bfd7d38f49d… 3 versions captured 2 changes documented

Create free account

Track 1 platform and get the weekly governance digest. No credit card required.

View original document at AWS ↗

This page describes what the document states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability may vary by jurisdiction. Methodology

10 Total

3 High severity

6 Medium severity

1 Low severity

Summary

The AWS Customer Agreement is the primary contract between AWS and its cloud services customers, covering account access, payment obligations, service suspension rights, data handling, intellectual property, and dispute procedures. The agreement states that AWS may suspend customer access immediately without advance notice if AWS determines there is a security risk, violation of the Acceptable Use Policy, or legal requirement to do so, and that customers remain liable for fees incurred through the suspension period. The agreement also caps AWS's total liability to the customer at the amount the customer paid in the twelve months preceding the claim, and explicitly excludes liability for indirect, incidental, consequential, or punitive damages regardless of cause.

Technical / Legal Breakdown

The AWS Customer Agreement governs the contractual relationship between Amazon Web Services, Inc. (or the applicable AWS contracting entity) and customers accessing AWS cloud services, establishing the legal basis for service access, payment, data handling, and dispute resolution. The agreement states that customers are responsible for all activity under their accounts, that AWS may suspend or terminate services immediately for cause (including suspected security incidents or legal compliance requirements), and that fees are due without offset based on AWS usage records unless customers raise disputes within 60 days of the applicable invoice. The agreement asserts a limitation of liability capping AWS's aggregate liability at the fees paid by the customer in the twelve months prior to the claim, excludes consequential and indirect damages, and reserves broad unilateral rights to modify service terms by posting updated versions, with continued use constituting acceptance; these provisions are operationally distinct in that they place significant financial risk on customers operating production workloads. The agreement engages GDPR, CCPA, and sector-specific frameworks such as HIPAA through its Data Processing Addendum and service-specific terms, with regulatory applicability varying by customer geography, service type, and data categories processed. Compliance teams should note that the governing law and jurisdiction provisions vary by contracting entity and customer location, and that the agreement incorporates by reference a substantial body of supplemental terms including the Service Terms, Acceptable Use Policy, and Privacy Notice, each of which may carry independent compliance obligations.

Institutional Analysis

Institutional analysis available with Compliance

Regulatory exposure by statute, material risk assessment, vendor due diligence action items, and enforcement precedent. Available on Compliance.

Start Compliance free trial

2 important changes detected

3 versions captured · Last updated: June 2026

June 2, 2026

low

What changed AWS simplified its Mexico customer contracting rules on June 1, 2026. Previously, Mexico-based customers were routed to the Mexico AWS entity based on their payment method and address in two separate phases (January and February 2026). The updated terms consolidate this: as of June 1, 2026, all customers located in Mexico now contract with the Mexico-based AWS entity, eliminating the prior bifurcated approach.

Why this matters The updated terms establish a single, simplified rule for Mexico-based customers: as of June 1, 2026, all customers located in Mexico contract with AWS's Mexico-based entity. This replaces the prior structure, which routed customers to the Mexico entity based on payment method and address in two separate phases (January and February 2026). The change consolidates which legal entity is party to the contract but does not state a change to service terms, availability, pricing, or obligations.

View full change record →

May 19, 2026

low

What changed AWS updated its Customer Agreement on May 19, 2026, making 39 additions, 15 removals, and 52 modifications across 309 sentences. The most material change was removal of a specific provision governing AWS India operations (formerly Amazon Internet Services Private Limited). The document also clarified tax withholding language and adjusted formatting in multiple sections, but the functional scope of customer obligations, service level commitments, and fee change procedures remains substantially intact.

Why this matters The updated agreement removes a specific provision that previously governed AWS India operations (formerly Amazon Internet Services Private Limited), eliminating contractual language unique to that regional entity. Tax withholding language was clarified to explicitly state that AWS will provide tax forms as reasonably requested to reduce or eliminate withholding taxes on payments. The removal of the India-specific clause may affect customers in that jurisdiction by consolidating them under standard global agreement terms rather than a region-specific addendum. No action is required by users; the change takes effect as updated terms.

View full change record →

Recent Provision Changes Jun 2, 2026

Added (5)

Aggregate Liability Cap High

This new provision imposes a strict monetary cap on AWS's liability, significantly limiting customer recovery to 12 months of fees paid or $25 for free services, fundamentally altering liability exposure.

Consequential Damages Exclusion High

This standalone provision clarifies and strengthens the exclusion of consequential damages with explicit enumeration of damage types, making the liability limitation more specific and enforceable.

60-Day Fee Dispute Waiver Medium

This new provision imposes a strict 60-day deadline for billing disputes with automatic waiver of rights, eliminating customer ability to challenge charges beyond this window.

Intellectual Property License Grant Low

This new provision explicitly defines the limited scope of license rights granted to customers, restricting copying and use of AWS Content to only what is necessary for service use.

Data Processing and Privacy Medium

This revised provision clarifies customer ownership of content while obtaining explicit consent for collection and processing, and limits AWS's use to service provision and written agreements only.

Removed (5)

Limitation of Liability

Removal of the original limitation of liability provision was replaced with more granular provisions (Consequential Damages Exclusion and Aggregate Liability Cap), potentially shifting liability treatment.

Content License Grant to AWS

Removal of AWS's broad content use and disclosure rights for government requests eliminates explicit legal justification for disclosing customer data without additional consent.

Customer Indemnification of AWS

Removal of the explicit indemnification clause eliminates customer obligation to defend AWS against third-party claims related to customer use and content, reducing customer liability.

Data Processing and Privacy Addendum Structure

Removal of explicit reference to Data Processing Addendum availability and GDPR compliance specificity eliminates clear guidance on obtaining a DPA for regulatory compliance.

Fees, Payment, and Taxes

Removal of comprehensive fees and payment provision eliminates detail about monthly billing, fraud-based acceleration billing, payment methods, and prohibition on setoff and counterclaim.

Modified (5)

Immediate Suspension Without Notice

Capitalization of 'Your' changed to match formal style conventions, but substantive meaning remains identical.

Customer Account Responsibility

Added explicit reference to 'our affiliates' in the liability disclaimer, expanding AWS's liability shield.

Modifications to Terms and Services

Specified notification channels (Service Health Dashboard, email, Management Console) rather than general notification, providing more detailed implementation guidance.

Governing Law and Dispute Jurisdiction

Narrowed dispute scope from 'your use of the Service Offerings or to products or services sold or distributed by AWS or through AWS.com' to 'the Service Offerings or this Agreement' and changed 'you consent' to 'each party consents'.

Acceptable Use Policy Incorporation

Expanded to explicitly cover Your Content compliance, added requirement to comply with all policies and applicable law, and introduced sole responsibility clause for content development and operation.

View full change record →

High — 3 provisions

Immediate Suspension Without Notice Compare →

AWS may suspend account access immediately with notice but without requiring advance notice or a cure period across a broad set of circumstances including perceived security risk, adverse platform impact, potential liability to AWS or third parties, fraud, agreement breach, payment default, or insolvency events. The determination of whether these conditions are met rests with AWS.

Added May 21, 2026 Standard Seen across 179 platforms
Aggregate Liability Cap Compare →

AWS's total financial liability to a customer for any claim arising under the agreement is capped at the total fees the customer paid for the specific service at issue during the twelve months preceding the claim, with a $25 cap for free services. This cap applies regardless of the number or nature of claims.

Added May 21, 2026 Standard Seen across 252 platforms
Consequential Damages Exclusion Compare →

The agreement excludes liability for indirect, incidental, special, consequential, or exemplary damages for both parties, explicitly including lost profits, lost revenues, lost customers, lost opportunities, lost goodwill, and data loss, even where the party was aware of the potential for such damages.

Added May 21, 2026 Standard Seen across 252 platforms

Medium — 6 provisions

60-Day Fee Dispute Waiver Compare →

Customers must notify AWS in writing of any disputed invoice charges within 60 days of the invoice or usage report date; failure to do so constitutes a waiver of the right to dispute those charges. Disputes must include reasonable detail about the nature of the disagreement.

Added May 21, 2026 Common Seen across 158 platforms
Unilateral Modification by Posting Compare →

AWS reserves the right to modify the Customer Agreement at any time by posting a revised version on the AWS website, and may change or discontinue service offerings or their features. The agreement states that AWS will provide notice of material service changes through the Service Health Dashboard, email, or the Management Console, but continued use of services constitutes acceptance of modified terms.

Added May 21, 2026 Standard Seen across 262 platforms
Customer Account Responsibility Compare →

The agreement assigns full responsibility for all account activity to the customer, including unauthorized activity by third parties such as contractors, agents, or end users, and states that AWS bears no responsibility for unauthorized account access. This responsibility is not conditioned on the customer's knowledge of or consent to the activity.

Added May 9, 2026 Standard Seen across 252 platforms
Data Processing and Privacy Compare →

The agreement states that AWS handles customer content in accordance with the AWS Privacy Notice, that customers retain ownership of their content, and that AWS will access or use customer content only as necessary to provide and maintain services or as otherwise agreed in writing. Customers consent to AWS's collection, use, and processing of their content by accepting the agreement.

Added May 21, 2026 Standard Seen across 284 platforms
Governing Law and Dispute Jurisdiction Compare →

The agreement designates Washington State law as the governing law and establishes exclusive jurisdiction for disputes in state or federal courts in King County, Washington. This applies regardless of where the customer is located or where the dispute arises.

Added May 21, 2026 Standard Seen across 217 platforms
Acceptable Use Policy Incorporation Compare →

The agreement incorporates the AWS Acceptable Use Policy by reference and assigns sole responsibility to customers for ensuring that their content and all end user activity complies with the AUP and applicable law. Violations are grounds for immediate account suspension.

Added May 9, 2026 Common Seen across 173 platforms

Low — 1 provision

Intellectual Property License Grant Compare →

AWS grants customers a limited, revocable, non-exclusive, non-sublicensable, and non-transferable license to access and use AWS services and AWS content solely as necessary for permitted service use during the agreement term. The license does not extend to sublicensing or transferring access rights to third parties.

Added May 21, 2026 Standard Seen across 242 platforms

Monitoring

AWS has updated this document before.

Monitor includes same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →

Compliance Governance Intelligence

Need provision-level monitoring and regulatory mapping?

Compliance includes governance timelines, compliance memos, audit-ready analysis, and full provision tracking.

Start Compliance free trial

Cross-platform context

See how other platforms handle Aggregate Liability Cap and similar clauses.

Compare across platforms →

Mapped Governance Frameworks

CFAA

United States Federal

View official text ↗

Archival ProvenanceSource & Archival Record

Last Captured June 2, 2026 21:10 UTC

Capture Method Automated scheduled archival capture

Document ID CA-D-000674

Version ID CA-V-003352

Source URL https://aws.amazon.com/agreement/

Wayback Machine View external archival references →

SHA-256 9df8e129bfd7d38f49d5f527b5c87cb344da507e62f98112482fffa7af8bd0f0

✓ Snapshot stored ✓ Text extracted ✓ Change verified ✓ Hash verified

AWS Customer Agreement

June 2, 2026

May 19, 2026

Recent Provision Changes Jun 2, 2026

Mapped Governance Frameworks

Monitor governance changes across the platforms you rely on.