Amazon Web Services

Severity 5 · egregious

“AWS will generate, analyze, process, store, and use Palm Data only as necessary to maintain and provide the Amazon One Enterprise Service or as necessary to comply with applicable laws or a binding order of a governmental body, and to develop and improve the Amazon One and Amazon One Enterprise Services. You understand and agree that Palm Data, and all related information, technology, processing and outputs required to generate, analyze, process, store, and use Palm Data, are not Your Content (as defined by the Agreement). You understand that all forms of Palm Data: (i) have economic value for AWS; (ii) are not readily known or knowable to others and; (iii) are subject to AWS’s reasonable efforts to keep them secret and confidential, and are, therefore, a trade secret of AWS and owned by AWS.”

AWS generates, analyzes, processes, stores, and uses your Palm Data to maintain and improve Amazon One Enterprise Services. AWS owns all Palm Data, considering it a trade secret with economic value, and it is not classified as your content.

AWS claims full ownership of your biometric Palm Data, treating it as its trade secret, which means you lose control over this highly sensitive personal information.

Severity 4 · material

“Notwithstanding anything to the contrary, you agree and instruct that we may analyze, process, use, and store Your Content, End User information to: (a) maintain and provide Amazon One Enterprise Services, and (b) develop and improve Amazon One and Amazon One Enterprise Services, including any underlying technologies and any training and testing machine learning models.”

AWS analyzes, processes, uses, and stores your content and End User information to maintain and improve Amazon One Enterprise Services, including training and testing machine learning models.

AWS uses your content and End User information for service maintenance and to train its machine learning models, which means your data directly contributes to their AI development.

Severity 3 · notable

“You may provide AWS with information relating to your access, use, testing, or evaluation of Beta Services or Beta Regions, including observations or information regarding the performance, features, and functionality of Beta Services or Beta Regions (“Test Observations”). AWS will own and may use and evaluate all Test Observations for its own purposes.”

AWS owns and uses all "Test Observations" you provide about Beta Services or Regions to evaluate and improve its products for its own purposes.

AWS gains full ownership and rights to use your feedback and data from beta testing, which means you lose control over that information.

Severity 3 · notable

“You agree and instruct that when using any Amazon CloudWatch ML Functionality, (a) we may use and store your Amazon CloudWatch ML Content to develop and improve that functionality and its underlying technologies and (b) solely in connection with the development and improvement described in clause (a), we may use your Amazon CloudWatch ML Content in an AWS region outside of the AWS region where you are using Amazon CloudWatch.”

AWS uses and stores your Amazon CloudWatch ML Content to develop and improve the functionality and its underlying technologies. AWS stores this content in an AWS region outside your current region for this purpose.

AWS processes your CloudWatch ML data for product improvement, potentially moving it across regions, which impacts data residency and privacy controls.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store Redacted Amazon Bio Discovery Content to develop and improve Amazon Bio Discovery and its underlying technologies and to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (b) solely in connection with the development and improvement described in clause (a), we may store your Redacted Amazon Bio Discovery Content in AWS regions outside the AWS regions where you are using Amazon Bio Discovery.”

AWS uses and stores your Redacted Amazon Bio Discovery Content to develop and improve Amazon Bio Discovery and other AWS machine-learning and AI technologies. AWS stores this content in AWS regions outside your current region for these purposes.

AWS uses your redacted data for broad AI and machine learning development, potentially moving it across regions, which impacts data residency and privacy.

Severity 3 · notable

“You agree and instruct that for AWS Supply Chain: (a) we may use and store Your Content that is processed by the AWS Supply Chain service to develop and improve the service and its underlying technologies; (b) we may use and store Your Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store Your Content in an AWS region outside of the AWS region where you are using AWS Supply Chain.”

AWS uses and stores your AWS Supply Chain content to improve the service and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your supply chain data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“The following terms apply to your use of Amazon WorkSpaces AI Features: (a) You agree and instruct that: (i) we may use and store Amazon WorkSpaces AI Content to develop and improve Amazon WorkSpaces and its underlying technologies; (ii) we may use and store Amazon WorkSpaces AI Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (iii) solely in connection with the development and improvement described in clauses (i) and (ii), we may store your Amazon WorkSpaces AI Content in AWS regions outside the AWS regions where you are using Amazon WorkSpaces AI Features.”

AWS uses and stores your Amazon WorkSpaces AI Content to improve Amazon WorkSpaces and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your WorkSpaces AI data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that after you have enabled the new AWS Security Hub: (a) we may use and store your Security Hub Content to develop and improve AWS Security Hub and its underlying technologies; (b) we may use and store Security Hub Content that is not personal data to develop and improve other AWS security services; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such Security Hub Content in an AWS region outside the AWS region where you are using AWS Security Hub.”

AWS uses and stores your Security Hub Content to improve AWS Security Hub and other AWS security services. AWS also uses non-personal data content to develop other AWS security services, storing it in regions outside your current one.

AWS uses your Security Hub data, including non-personal data, for broad security service development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that for Amazon CodeGuru Profiler, Amazon Comprehend, Amazon Lex, Amazon Polly, Amazon Rekognition, Amazon Textract, Amazon Transcribe, Amazon Translate, AWS Transform, Kiro Free Tier, and Kiro individual subscribers (as described here): (a) we may use and store AI Content that is processed by each of the foregoing AI Services to develop and improve the applicable AI Service and its underlying technologies; (b) we may use and store AI Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such AI Content in an AWS region outside of the AWS region where you are using such AI Service.”

AWS uses and stores your AI Content processed by various AI services to improve those services and their underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your AI-processed data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that we may use Amazon Q Content to develop and improve Amazon Q and its underlying technologies, and for that purpose we may store Amazon Q Content in an AWS region outside of the AWS region where you are using Amazon Q.”

AWS uses and stores your Amazon Q Content to develop and improve Amazon Q and its underlying technologies. AWS stores this content in an AWS region outside your current region for this purpose.

AWS processes your Amazon Q data for product improvement, potentially moving it across regions, which impacts data residency and privacy controls.

Severity 3 · notable

“You agree and instruct that we may also use Amazon Q Content that does not contain personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies including to train machine-learning models.”

AWS uses Amazon Q Content that does not contain personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies, including training machine-learning models.

AWS uses your non-personal Amazon Q data for broad AI and machine learning development, including model training, which means your data contributes to their general AI capabilities.

Severity 3 · notable

“The following terms apply to your use of Amazon Chime SDK ML Services: (a) You agree and instruct that: (i) we may record, use and store Amazon Chime SDK ML Content to develop and improve Amazon Chime SDK ML Services and their underlying technologies; (ii) we may record, use and store Amazon Chime SDK ML Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (iii) solely in connection with the development and improvement described in clauses (i) and (ii), Amazon Chime SDK ML Content may be stored in AWS regions outside the AWS regions where you are using Amazon Chime SDK ML Services.”

AWS records, uses, and stores your Amazon Chime SDK ML Content to improve the services and their underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS records and uses your Chime SDK ML data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“The following terms apply to your use of Amazon Connect AI Features: (a) You agree and instruct that: (i) we may use and store Amazon Connect AI Content to develop and improve Amazon Connect and its underlying technologies; (ii) we may use and store Amazon Connect AI Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (iii) solely in connection with the development and improvement described in clauses (i) and (ii), we may store your Amazon Connect AI Content in AWS regions outside the AWS regions where you are using Amazon Connect AI Features.”

AWS uses and stores your Amazon Connect AI Content to improve Amazon Connect and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your Connect AI data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store AWS Entity Resolution Content to develop and improve AWS Entity Resolution and its underlying technologies; (b) we may use and store AWS Entity Resolution Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such AWS Entity Resolution Content in an AWS region outside the AWS region where you are using AWS Entity Resolution.”

AWS uses and stores your AWS Entity Resolution Content to improve the service and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your Entity Resolution data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that for Amazon SageMaker Data Agent: (a) we may use and store Amazon SageMaker Data Agent Content that is processed by Amazon SageMaker Data Agent to develop and improve Amazon SageMaker Data Agent and its underlying technologies; (b) we may use and store Amazon SageMaker Data Agent Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store Amazon SageMaker Data Agent Content in an AWS region outside of the AWS region where you are using Amazon SageMaker Data Agent.”

AWS uses and stores your Amazon SageMaker Data Agent Content to improve the service and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your SageMaker Data Agent data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that: (a) we may use, and store Your Content that is processed with Amazon Fraud Detector (“Fraud Detector Content”) to develop and improve the Service and its underlying technologies; (b) we may use and store Fraud Detector Content that is not personal data to develop and improve other AWS fraud prevention services; and (c) solely in connection with the usage and storage described in clauses (a) and (b), we may store such Content in an AWS region outside of the AWS region where you are using Amazon Fraud Detector.”

AWS uses and stores your Fraud Detector Content to improve the service and its underlying technologies. AWS also uses non-personal data content to develop other AWS fraud prevention services, storing it in regions outside your current one.

AWS uses your Fraud Detector data, including non-personal data, for broad fraud prevention service development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that for Amazon Lookout for Vision, Amazon Lookout for Equipment and Amazon Monitron: (a) we may use and store Industrial AI Content that is processed by each of the foregoing Industrial AI Services to develop and improve the applicable Industrial AI Service and its underlying technologies; (b) we may use and store Industrial AI Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such Industrial AI Content in an AWS region outside of the AWS region where you are using such Industrial AI Service.”

AWS uses and stores your Industrial AI Content to improve the services and their underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your Industrial AI data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store Malware Content to develop and improve Amazon GuardDuty and its underlying technologies; (b) we may use and store Malware Content that is not personal data to develop and improve other AWS security services; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such Malware Content in an AWS region outside the AWS region where you are using the Amazon GuardDuty Malware Protection feature.”

AWS uses and stores your Malware Content to improve Amazon GuardDuty and its underlying technologies. AWS also uses non-personal data content to develop other AWS security services, storing it in regions outside your current one.

AWS uses your Malware Content, including non-personal data, for broad security service development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store Runtime Monitoring Content to develop and improve Amazon GuardDuty and its underlying technologies; and (b) we may use and store Runtime Monitoring Content that is not personal data to develop and improve other AWS security services.”

AWS uses and stores your Runtime Monitoring Content to develop and improve Amazon GuardDuty and its underlying technologies. AWS also uses non-personal data content to develop other AWS security services.

AWS uses your Runtime Monitoring Content, including non-personal data, for broad security service development, which means your operational data contributes to their security product enhancements.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store your Security Lake Content to develop and improve Amazon Security Lake and its underlying technologies; and (b) we may use and store Security Lake Content that is not personal data to develop and improve other AWS security services.”

AWS uses and stores your Security Lake Content to develop and improve Amazon Security Lake and its underlying technologies. AWS also uses non-personal data content to develop other AWS security services.

AWS uses your Security Lake Content, including non-personal data, for broad security service development, which means your security data contributes to their product enhancements.

Severity 3 · notable

“The following terms apply to your use of Amazon DataZone ML Services: a. You agree and instruct that: (i) we may use and store Amazon DataZone ML Content to develop and improve Amazon DataZone ML Services and their underlying technologies; (ii) we may use and store Amazon DataZone ML Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (iii) solely in connection with the development and improvement described in clauses (i) and (ii), we may store your Amazon DataZone ML Content in AWS regions outside the AWS regions where you are using Amazon DataZone ML Services.”

AWS uses and stores your Amazon DataZone ML Content to improve the services and their underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your DataZone ML data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 2 · minor

“Like many email service providers, to increase the security and reliability of email you send, attempt to send, or receive using SES (“SES Email”), we (or our third-party providers) may store and scan your SES Email and Your Content included in SES Email to protect you and SES by preventing and blocking “spam” and unsolicited e-mails, “phishing” or simulated “phishing” emails, viruses and spyware, and other harmful or unwanted items from being sent and received over SES.”

AWS, or its third-party providers, stores and scans your SES Email and its content to protect you and SES by preventing spam, phishing, viruses, and other harmful items.

AWS and its partners access and analyze your email content for security purposes, which means your communications are subject to automated inspection.

Severity 2 · minor

“Appliances collect and provide us with metrics regarding the use of Appliances, including boot times, size of transferred files, duration of transfers, and errors or timeouts. These metrics may be associated with your account ID, and we may use these metrics to maintain, provide, develop, and improve the Services.”

AWS Appliances collect usage metrics like boot times and file transfer data, associating them with your account ID. AWS uses these metrics to maintain, provide, develop, and improve its services.

AWS collects detailed usage data from your appliances, linked to your account, and uses it for service improvement, potentially revealing operational patterns.

Severity 2 · minor

“Amazon CloudWatch collects and stores certain information for the Services you are monitoring, including CPU utilization, data transfer, and disk usage and activity (collectively, “CloudWatch Metric Data”). CloudWatch Metric Data may be used by AWS to develop and improve the Services.”

Amazon CloudWatch collects and stores your metric data, such as CPU utilization and data transfer. AWS uses this CloudWatch Metric Data to develop and improve its services.

AWS uses your operational performance data to enhance its services, which could involve insights from your infrastructure.

Severity 2 · minor

“You agree and instruct that: (a) we may use and store de-identified Amazon Connect Health Content to develop and improve Amazon Connect Health and its underlying technologies; and (b) solely in connection with the development and improvement described in clause (a), we may store your Amazon Connect Health Content in AWS regions outside the AWS regions where you are using Amazon Connect Health.”

AWS uses and stores your de-identified Amazon Connect Health Content to develop and improve Amazon Connect Health and its underlying technologies. AWS stores this content in AWS regions outside your current region for this purpose.

AWS uses your de-identified health data for product improvement, potentially moving it across regions, which impacts data residency even if anonymized.

Severity 2 · minor

“Amazon QuickSight may use Your Content that you select as a data source for Amazon QuickSight to make personalized recommendations to you, such as suggested visualizations based on your query history and suggested insights.”

Amazon QuickSight uses your selected data sources to make personalized recommendations, including suggested visualizations and insights based on your query history.

AWS analyzes your data and query history to provide personalized suggestions, which means your analytical patterns are used to tailor the service experience.

Severity 2 · minor

“We may use information about how you use and interact with the Services to improve those Services.”

Amazon Web Services (AWS) uses information about your service usage and interaction to improve its services.

AWS uses your operational data to enhance its products, which could include proprietary information.

Severity 3 · notable

“Unless you notify us before a charge that you want to cancel or do not want to auto renew, your Digital Training subscription will automatically continue and you authorize us (without notice to you, unless required by applicable law) to collect the then-applicable subscription service fees and any taxes, using any payment method we have on record for you.”

AWS automatically renews your Digital Training subscription and charges your payment method on file for the applicable fees and taxes, unless you cancel before the charge.

Your subscription automatically renews and incurs charges unless you proactively cancel it, leading to potential unexpected costs if not managed.

Severity 3 · notable

“We may change the Digital Training subscription service fee from time to time by notifying you of the change and effective date before it takes effect.”

AWS changes the Digital Training subscription service fee from time to time. AWS notifies you of the change and its effective date before it takes effect.

Your Digital Training subscription fees can increase, but AWS provides advance notice, allowing you to adjust or cancel before new prices apply.

Severity 3 · notable

“We may change Savings Plans, EC2 Reserved Instance and EC2 Dedicated Host Reservation pricing at any time, but price changes will not apply to previously designated Savings Plans, EC2 Reserved Instances or EC2 Dedicated Host Reservations, except as described in this Section 5.4. If Microsoft increases the license fees it charges for Windows, or if Red Hat increases the license fees it charges for Red Hat Enterprise Linux (“RHEL”), we may make a corresponding increase to the per-hour usage rate (or institute a corresponding per-hour usage rate) for Savings Plans for, or EC2 Reserved Instances with, Windows or RHEL.”

AWS changes pricing for Savings Plans, EC2 Reserved Instances, and EC2 Dedicated Host Reservations at any time. Price increases from Microsoft for Windows or Red Hat for RHEL result in corresponding increases to your per-hour usage rates.

Your costs for these services can increase due to third-party license fee hikes, even if you have existing plans, impacting your budget.

Severity 3 · notable

“The third-party provider fees specified on the AWS End User Messaging pricing page (e.g., Meta message fees) may be changed by the third party that charges those fees. AWS will provide notice of increases to these fees as soon as reasonably practicable after it receives notice of the increase from the relevant third-party provider.”

Third-party providers change fees for AWS End User Messaging (e.g., Meta message fees). AWS notifies you of these increases as soon as reasonably practicable after receiving notice from the provider.

Your messaging costs can increase due to third-party fee changes, and AWS provides notice only after they are informed, limiting your time to react.

Severity 3 · notable

“If your usage exceeds the capacity of your purchased AWS Interconnect connection, AWS may reduce your performance or automatically enroll you in a higher capacity tier for subsequent subscription periods.”

If your usage exceeds your AWS Interconnect connection's capacity, AWS reduces your performance or automatically enrolls you in a higher capacity tier for future subscription periods.

Exceeding your connection capacity can lead to degraded performance or automatic enrollment in a more expensive tier, increasing your costs without explicit consent.

Severity 2 · minor

“We may change the pricing for Reserved Cache Nodes at any time, but price changes will not apply to previously designated Reserved Cache Nodes.”

AWS changes pricing for Reserved Cache Nodes at any time. Price changes do not apply to your previously designated Reserved Cache Nodes.

AWS can change future pricing for Reserved Cache Nodes, but your existing commitments are protected from these changes.

Severity 2 · minor

“We may change pricing for the Reserved DB Instance program at any time, but price changes will not apply to previously designated Reserved DB Instances.”

AWS changes pricing for the Reserved DB Instance program at any time. Price changes do not apply to your previously designated Reserved DB Instances.

AWS can change future pricing for Reserved DB Instances, but your existing commitments are protected from these changes.

Severity 2 · minor

“We may change provisioned throughput commitment pricing or stop offering commitments for provisioned throughput at any time. Any price changes will not apply to existing commitments.”

AWS changes provisioned throughput commitment pricing or stops offering commitments at any time. Price changes do not apply to your existing commitments.

AWS can change future pricing or availability for provisioned throughput, but your existing commitments are protected from these changes.

Severity 2 · minor

“We may change SageMaker AI Savings Plan (“SM AI Savings Plan”) pricing or terminate the program at any time. Any price changes will not apply to previously purchased SM AI Savings Plans.”

AWS changes SageMaker AI Savings Plan pricing or terminates the program at any time. Price changes do not apply to your previously purchased SM AI Savings Plans.

AWS can change future pricing or terminate the SageMaker AI Savings Plan program, but your existing purchased plans are protected from price changes.

Severity 2 · minor

“We may change Database Savings Plan ("DB Savings Plan") pricing or terminate the program at any time. Any price changes will not apply to previously purchased DB Savings Plans.”

AWS changes Database Savings Plan pricing or terminates the program at any time. Price changes do not apply to your previously purchased DB Savings Plans.

AWS can change future pricing or terminate the Database Savings Plan program, but your existing purchased plans are protected from price changes.

Severity 2 · minor

“We may change the pricing for Amazon DynamoDB Reserved Capacity at any time, but price changes will not apply to previously purchased Amazon DynamoDB Reserved Capacity.”

AWS changes pricing for Amazon DynamoDB Reserved Capacity at any time. Price changes do not apply to your previously purchased Reserved Capacity.

AWS can change future pricing for DynamoDB Reserved Capacity, but your existing commitments are protected from these changes.

Severity 4 · material

“AWS Diode allows You to map Your account to another Diode account (“Mapped Account”), enabling Your Content to be moved and stored by the Mapped Account to an AWS region of a different classification level. You acknowledge and agree that using the Service may result in Your Content being moved and stored in AWS regions other than the AWS regions where You initially stored Your Content.”

AWS Diode allows you to map your account to a "Mapped Account," which moves and stores your content in an AWS region of a different classification level. Your content is moved and stored in AWS regions other than where you initially stored it.

Your content can be moved to different AWS regions and classification levels via a Mapped Account, impacting data residency, security, and compliance.

Severity 4 · material

“If you use Semtech as your geolocation provider in the AWS IoT Core Device Location feature, you authorize AWS to transmit your geolocation request parameters (e.g., location data used to run the location solvers) and/or resulting output data generated by the feature (e.g., geographic coordinates) to Semtech for troubleshooting and diagnostic purposes, and other technical support. Semtech may be outside of the AWS region in which you were using the feature.”

If you use Semtech for AWS IoT Core Device Location, AWS transmits your geolocation request parameters and output data to Semtech for troubleshooting and support. Semtech processes this data outside your AWS region.

Your geolocation data is transferred to a third-party provider (Semtech) outside your AWS region for support, which impacts data residency and compliance.

Severity 4 · material

“When you use a feature of Amazon Location Service that is identified to you as being provided by a third-party geolocation service provider listed here (each such feature, including Maps, Places, and Routing, a “Geolocation Provider Feature,” and each such provider, a "Geolocation Provider”), you authorize AWS to transmit your request parameters (e.g., location searches) to the Geolocation Provider for processing which may be outside of the AWS region in which your request was made.”

When you use Amazon Location Service features provided by a third-party Geolocation Provider, AWS transmits your request parameters (e.g., location searches) to that provider for processing. This processing occurs outside your AWS region.

Your location data is transferred to third-party providers outside your AWS region for processing, impacting data residency and compliance.

Severity 4 · material

“When using the Amazon Mechanical Turk workforce of Amazon Augmented AI: (a) you may not provide data or content that contains protected health information or other information that is identifiable to a specific person, and (b) you acknowledge and agree that Your Content provided to the Amazon Mechanical Turk workforce may be moved outside of the AWS region where you are using Amazon Augmented AI.”

When using Amazon Mechanical Turk with Amazon Augmented AI, you must not provide protected health information or personally identifiable data. AWS moves your content provided to the Mechanical Turk workforce outside your AWS region.

Your content for Mechanical Turk is processed outside your AWS region, which impacts data residency and requires careful consideration of data privacy, especially for sensitive information.

Severity 4 · material

“If you use Amazon Braket to access quantum computing hardware operated by one of the third-party hardware providers listed here (each a “Hardware Provider”), you: (1) acknowledge that the Content you provide in connection with your use of Amazon Braket may be processed by the Hardware Provider outside of facilities operated by AWS; and (2) authorize AWS to transfer such Content to the Hardware Provider for processing.”

If you use Amazon Braket with a third-party Hardware Provider, AWS transfers your content to that provider for processing. The Hardware Provider processes your content outside AWS facilities.

Your content is transferred to and processed by third-party hardware providers outside AWS facilities, impacting data residency and potentially exposing your data to external entities.

Severity 3 · notable

“You agree and instruct that for AWS Supply Chain: (a) we may use and store Your Content that is processed by the AWS Supply Chain service to develop and improve the service and its underlying technologies; (b) we may use and store Your Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store Your Content in an AWS region outside of the AWS region where you are using AWS Supply Chain.”

AWS uses and stores your AWS Supply Chain content to improve the service and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your supply chain data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“The following terms apply to your use of Amazon WorkSpaces AI Features: (a) You agree and instruct that: (i) we may use and store Amazon WorkSpaces AI Content to develop and improve Amazon WorkSpaces and its underlying technologies; (ii) we may use and store Amazon WorkSpaces AI Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (iii) solely in connection with the development and improvement described in clauses (i) and (ii), we may store your Amazon WorkSpaces AI Content in AWS regions outside the AWS regions where you are using Amazon WorkSpaces AI Features.”

AWS uses and stores your Amazon WorkSpaces AI Content to improve Amazon WorkSpaces and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your WorkSpaces AI data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that after you have enabled the new AWS Security Hub: (a) we may use and store your Security Hub Content to develop and improve AWS Security Hub and its underlying technologies; (b) we may use and store Security Hub Content that is not personal data to develop and improve other AWS security services; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such Security Hub Content in an AWS region outside the AWS region where you are using AWS Security Hub.”

AWS uses and stores your Security Hub Content to improve AWS Security Hub and other AWS security services. AWS also uses non-personal data content to develop other AWS security services, storing it in regions outside your current one.

AWS uses your Security Hub data, including non-personal data, for broad security service development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You provide specific authorization for AWS to use Ring LLC as a sub-processor in accordance with the DPA to process Customer Data in the US in order to make Amazon Sidewalk available for this feature.”

You authorize AWS to use Ring LLC as a sub-processor to process Customer Data in the US, enabling Amazon Sidewalk for this feature.

Your customer data is processed by a third-party sub-processor (Ring LLC) in the US, which impacts data residency and compliance requirements.

Severity 3 · notable

“You agree and instruct that for Amazon CodeGuru Profiler, Amazon Comprehend, Amazon Lex, Amazon Polly, Amazon Rekognition, Amazon Textract, Amazon Transcribe, Amazon Translate, AWS Transform, Kiro Free Tier, and Kiro individual subscribers (as described here): (a) we may use and store AI Content that is processed by each of the foregoing AI Services to develop and improve the applicable AI Service and its underlying technologies; (b) we may use and store AI Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such AI Content in an AWS region outside of the AWS region where you are using such AI Service.”

AWS uses and stores your AI Content processed by various AI services to improve those services and their underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your AI-processed data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that we may use Amazon Q Content to develop and improve Amazon Q and its underlying technologies, and for that purpose we may store Amazon Q Content in an AWS region outside of the AWS region where you are using Amazon Q.”

AWS uses and stores your Amazon Q Content to develop and improve Amazon Q and its underlying technologies. AWS stores this content in an AWS region outside your current region for this purpose.

AWS processes your Amazon Q data for product improvement, potentially moving it across regions, which impacts data residency and privacy controls.

Severity 3 · notable

“The following terms apply to your use of Amazon Chime SDK ML Services: (a) You agree and instruct that: (i) we may record, use and store Amazon Chime SDK ML Content to develop and improve Amazon Chime SDK ML Services and their underlying technologies; (ii) we may record, use and store Amazon Chime SDK ML Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (iii) solely in connection with the development and improvement described in clauses (i) and (ii), Amazon Chime SDK ML Content may be stored in AWS regions outside the AWS regions where you are using Amazon Chime SDK ML Services.”

AWS records, uses, and stores your Amazon Chime SDK ML Content to improve the services and their underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS records and uses your Chime SDK ML data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“The following terms apply to your use of Amazon Connect AI Features: (a) You agree and instruct that: (i) we may use and store Amazon Connect AI Content to develop and improve Amazon Connect and its underlying technologies; (ii) we may use and store Amazon Connect AI Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (iii) solely in connection with the development and improvement described in clauses (i) and (ii), we may store your Amazon Connect AI Content in AWS regions outside the AWS regions where you are using Amazon Connect AI Features.”

AWS uses and stores your Amazon Connect AI Content to improve Amazon Connect and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your Connect AI data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store AWS Entity Resolution Content to develop and improve AWS Entity Resolution and its underlying technologies; (b) we may use and store AWS Entity Resolution Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such AWS Entity Resolution Content in an AWS region outside the AWS region where you are using AWS Entity Resolution.”

AWS uses and stores your AWS Entity Resolution Content to improve the service and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your Entity Resolution data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You acknowledge that we may store your Content that is processed by Amazon SageMaker Studio Lab in AWS regions outside the AWS region where you are using Amazon SageMaker Studio Lab.”

AWS stores your content processed by Amazon SageMaker Studio Lab in AWS regions outside the region where you are using the service.

Your SageMaker Studio Lab content is stored in regions outside your primary operational region, which impacts data residency and compliance.

Severity 3 · notable

“You agree and instruct that for Amazon SageMaker Data Agent: (a) we may use and store Amazon SageMaker Data Agent Content that is processed by Amazon SageMaker Data Agent to develop and improve Amazon SageMaker Data Agent and its underlying technologies; (b) we may use and store Amazon SageMaker Data Agent Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store Amazon SageMaker Data Agent Content in an AWS region outside of the AWS region where you are using Amazon SageMaker Data Agent.”

AWS uses and stores your Amazon SageMaker Data Agent Content to improve the service and its underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your SageMaker Data Agent data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that: (a) we may use, and store Your Content that is processed with Amazon Fraud Detector (“Fraud Detector Content”) to develop and improve the Service and its underlying technologies; (b) we may use and store Fraud Detector Content that is not personal data to develop and improve other AWS fraud prevention services; and (c) solely in connection with the usage and storage described in clauses (a) and (b), we may store such Content in an AWS region outside of the AWS region where you are using Amazon Fraud Detector.”

AWS uses and stores your Fraud Detector Content to improve the service and its underlying technologies. AWS also uses non-personal data content to develop other AWS fraud prevention services, storing it in regions outside your current one.

AWS uses your Fraud Detector data, including non-personal data, for broad fraud prevention service development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You agree and instruct that for Amazon Lookout for Vision, Amazon Lookout for Equipment and Amazon Monitron: (a) we may use and store Industrial AI Content that is processed by each of the foregoing Industrial AI Services to develop and improve the applicable Industrial AI Service and its underlying technologies; (b) we may use and store Industrial AI Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such Industrial AI Content in an AWS region outside of the AWS region where you are using such Industrial AI Service.”

AWS uses and stores your Industrial AI Content to improve the services and their underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your Industrial AI data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You acknowledge that we may store your Content that is processed by AWS DeepRacer Student in AWS regions outside the AWS region where you are using AWS DeepRacer Student.”

AWS stores your content processed by AWS DeepRacer Student in AWS regions outside the region where you are using the service.

Your DeepRacer Student content is stored in regions outside your primary operational region, which impacts data residency and compliance.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store Malware Content to develop and improve Amazon GuardDuty and its underlying technologies; (b) we may use and store Malware Content that is not personal data to develop and improve other AWS security services; and (c) solely in connection with the development and improvement described in clauses (a) and (b), we may store such Malware Content in an AWS region outside the AWS region where you are using the Amazon GuardDuty Malware Protection feature.”

AWS uses and stores your Malware Content to improve Amazon GuardDuty and its underlying technologies. AWS also uses non-personal data content to develop other AWS security services, storing it in regions outside your current one.

AWS uses your Malware Content, including non-personal data, for broad security service development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“The following terms apply to your use of Amazon DataZone ML Services: a. You agree and instruct that: (i) we may use and store Amazon DataZone ML Content to develop and improve Amazon DataZone ML Services and their underlying technologies; (ii) we may use and store Amazon DataZone ML Content that is not personal data to develop and improve AWS and affiliate machine-learning and artificial intelligence technologies; and (iii) solely in connection with the development and improvement described in clauses (i) and (ii), we may store your Amazon DataZone ML Content in AWS regions outside the AWS regions where you are using Amazon DataZone ML Services.”

AWS uses and stores your Amazon DataZone ML Content to improve the services and their underlying technologies. AWS also uses non-personal data content to develop AWS and affiliate AI technologies, storing it in regions outside your current one.

AWS uses your DataZone ML data, including non-personal data, for broad AI development and stores it across regions, which affects data residency and potential exposure.

Severity 3 · notable

“You acknowledge that we may store Your Content that is processed by AWS re:Post Private in AWS regions outside the AWS region where you are using AWS re:Post Private.”

AWS stores your content processed by AWS re:Post Private in AWS regions outside the region where you are using the service.

Your AWS re:Post Private content is stored in regions outside your primary operational region, which impacts data residency and compliance.

Severity 3 · notable

“Except as expressly provided herein, you acknowledge and agree that you and your End Users will not have any rights, title, or interest in any Amazon products or services or AWS Content and that we may process and store Your Content and End User information in AWS regions outside the AWS regions where you are using Amazon One Enterprise.”

You and your End Users have no rights or interest in Amazon products, services, or AWS Content. AWS processes and stores your content and End User information in AWS regions outside where you use Amazon One Enterprise.

AWS processes and stores your content and End User data for Amazon One Enterprise in regions outside your primary operational region, impacting data residency and compliance.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store Amazon Connect Health Content for troubleshooting, quality assurance, and testing of Amazon Connect Health and its underlying technologies; and (b) solely in connection with the troubleshooting, quality assurance, and testing described in clause (a), we may store such Amazon Connect Health Content in an AWS region outside of the AWS region where you are using Amazon Connect Health.”

AWS uses and stores your Amazon Connect Health Content for troubleshooting, quality assurance, and testing of the service and its underlying technologies. AWS stores this content in an AWS region outside your current region for these purposes.

AWS processes your Connect Health data for service maintenance, potentially moving it across regions, which impacts data residency and privacy controls.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store de-identified Amazon Connect Health Content to develop and improve Amazon Connect Health and its underlying technologies; and (b) solely in connection with the development and improvement described in clause (a), we may store your Amazon Connect Health Content in AWS regions outside the AWS regions where you are using Amazon Connect Health.”

AWS uses and stores your de-identified Amazon Connect Health Content to develop and improve Amazon Connect Health and its underlying technologies. AWS stores this content in AWS regions outside your current region for this purpose.

AWS uses your de-identified health data for product improvement, potentially moving it across regions, which impacts data residency even if anonymized.

Severity 3 · notable

“You agree and instruct that when using any Amazon CloudWatch ML Functionality, (a) we may use and store your Amazon CloudWatch ML Content to develop and improve that functionality and its underlying technologies and (b) solely in connection with the development and improvement described in clause (a), we may use your Amazon CloudWatch ML Content in an AWS region outside of the AWS region where you are using Amazon CloudWatch.”

AWS uses and stores your Amazon CloudWatch ML Content to develop and improve that functionality and its underlying technologies. AWS stores this content in an AWS region outside your current region for this purpose.

AWS processes your CloudWatch ML data for product improvement, potentially moving it across regions, which impacts data residency and privacy controls.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store Amazon Bio Discovery Content for troubleshooting, quality assurance, and testing of Amazon Bio Discovery and its underlying technologies; and (b) solely in connection with the troubleshooting, quality assurance, and testing described in clause (a), we may store such Amazon Bio Discovery Content in an AWS region outside of the AWS region where you are using Amazon Bio Discovery.”

AWS uses and stores your Amazon Bio Discovery Content for troubleshooting, quality assurance, and testing of the service and its underlying technologies. AWS stores this content in an AWS region outside your current region for these purposes.

AWS processes your Bio Discovery data for service maintenance, potentially moving it across regions, which impacts data residency and privacy controls.

Severity 3 · notable

“You agree and instruct that: (a) we may use and store Redacted Amazon Bio Discovery Content to develop and improve Amazon Bio Discovery and its underlying technologies and to develop and improve AWS and affiliate machine-learning and artificial-intelligence technologies; and (b) solely in connection with the development and improvement described in clause (a), we may store your Redacted Amazon Bio Discovery Content in AWS regions outside the AWS regions where you are using Amazon Bio Discovery.”

AWS uses and stores your Redacted Amazon Bio Discovery Content to develop and improve Amazon Bio Discovery and other AWS machine-learning and AI technologies. AWS stores this content in AWS regions outside your current region for these purposes.

AWS uses your redacted data for broad AI and machine learning development, potentially moving it across regions, which impacts data residency and privacy.

Severity 2 · minor

“You understand and agree that we store all user information (including chat messages, contacts, calendar, and meeting recordings) in the United States region(s) where the Amazon Chime service is hosted.”

AWS stores all your Amazon Chime user information, including chat messages, contacts, calendar, and meeting recordings, in the United States region(s) where the service is hosted.

All your Amazon Chime data is stored in the United States, which impacts data residency and compliance for users outside the US.

Severity 4 · material

“Notwithstanding the foregoing, we may remove or disable access to any Prohibited Content without prior notice in connection with illegal content, where the content may disrupt or threaten the Services or in accordance with applicable law or any judicial, regulatory or other governmental order or request.”

AWS removes or disables access to any Prohibited Content without prior notice if it is illegal, disrupts or threatens services, or is required by law or governmental order.

AWS removes your content or disables access without warning under certain conditions, which can lead to immediate data loss or service disruption without recourse.

Severity 4 · material

“SM AI Savings Plans are nontransferable and noncancellable, so you will be charged for the duration of the term you selected, even if you terminate the Agreement.”

SM AI Savings Plans are nontransferable and noncancellable. You are charged for the full term, even if you terminate the Agreement.

You are financially committed to the full term of SM AI Savings Plans, even if you stop using them or terminate your agreement, resulting in unavoidable costs.

Severity 4 · material

“Notwithstanding anything to the contrary in the Agreement, after suspension or termination of your access to or use of any Beta Service or Beta Region for any reason, (a) you will not have any further right to access or use the applicable Beta Service or Beta Region, and (b) Your Content used in the applicable Beta Service or Beta Region may be deleted or inaccessible and Your Content may not be migrated over to a generally available version of the applicable Beta Service or Beta Region.”

After AWS suspends or terminates your access to a Beta Service or Region, you lose all rights to use it. Your content in that beta service is deleted or becomes inaccessible and is not migrated to a generally available version.

Termination of beta access results in permanent loss of your content and inability to migrate it, requiring you to back up data and plan for transitions carefully.

Severity 4 · material

“We may suspend or terminate your access to, or limit your use of, Amazon Location Service immediately upon notice to you, if we reasonably determine you are using Amazon Location Service in violation of our terms, including in any manner intended to avoid incurring appropriate usage fees or in violation of applicable law or order of a governmental body.”

AWS immediately suspends or terminates your access to Amazon Location Service upon notice if AWS reasonably determines you violate terms, avoid usage fees, or breach applicable law or governmental orders.

Your Amazon Location Service access can be immediately suspended or terminated without warning for policy violations, potentially disrupting your applications and data.

Severity 4 · material

“Savings Plans, EC2 Reserved Instances and EC2 Dedicated Host Reservations are noncancellable, and EC2 Dedicated Hosts associated with an active EC2 Dedicated Host Reservation cannot be removed from your account, so you will be charged for the duration of the term you selected, even if you terminate the Agreement.”

Savings Plans, EC2 Reserved Instances, and EC2 Dedicated Host Reservations are noncancellable. You are charged for the full term, even if you terminate the Agreement, and cannot remove associated EC2 Dedicated Hosts.

You are financially committed to the full term of these services, even if you stop using them or terminate your agreement, resulting in unavoidable costs.

Severity 4 · material

“AWS Capacity Blocks cannot be canceled nor can they be modified, and the full price of a Capacity Block is nonrefundable.”

AWS Capacity Blocks are noncancellable and nonmodifiable, and their full price is nonrefundable.

You cannot cancel or modify Capacity Blocks, and the entire cost is nonrefundable, representing a significant, inflexible financial commitment.

Severity 4 · material

“DB Savings Plans are nontransferable and noncancellable, so you will be charged for the duration of the term you selected, even if you terminate the Agreement.”

DB Savings Plans are nontransferable and noncancellable. You are charged for the full term, even if you terminate the Agreement.

You are financially committed to the full term of DB Savings Plans, even if you stop using them or terminate your agreement, resulting in unavoidable costs.

Severity 4 · material

“Reserved DB Instances are noncancellable, and you will owe the amount charged for the Reserved DB Instance for the duration of the term you selected, even if the Agreement is terminated.”

Reserved DB Instances are noncancellable. You owe the full amount for the selected term, even if the Agreement is terminated.

You are financially committed to the full term of Reserved DB Instances, even if you stop using them or terminate your agreement, resulting in unavoidable costs.

Severity 4 · material

“Reserved Nodes are noncancellable, and you will owe the amount charged for the Reserved Node for the duration of the term you selected, even if the Agreement is terminated.”

Reserved Nodes are noncancellable. You owe the full amount for the selected term, even if the Agreement is terminated.

You are financially committed to the full term of Reserved Nodes, even if you stop using them or terminate your agreement, resulting in unavoidable costs.

Severity 4 · material

“Provisioned throughput commitments are nontransferable and noncancellable, so you will be charged for the duration of the term you selected, even if you terminate the Agreement.”

Provisioned throughput commitments are nontransferable and noncancellable. You are charged for the full term, even if you terminate the Agreement.

You are financially committed to the full term of provisioned throughput, even if you stop using it or terminate your agreement, resulting in unavoidable costs.

Severity 3 · notable

“If you do not remove or disable access to the Prohibited Content within 2 business days of our notice, we may remove or disable access to the Prohibited Content or suspend the Services to the extent we are not able to remove or disable access to the Prohibited Content.”

If you do not remove or disable access to Prohibited Content within 2 business days of AWS's notice, AWS removes or disables access to it, or suspends services if removal is not possible.

Failure to act quickly on AWS's notice regarding prohibited content results in AWS removing your content or suspending your services, disrupting your operations.

Severity 3 · notable

“AWS may suspend or terminate your access to or use of any Beta Service or Beta Region at any time.”

AWS suspends or terminates your access to or use of any Beta Service or Beta Region at any time.

Your access to beta services can be revoked without warning, potentially disrupting your testing or development efforts.

Severity 3 · notable

“We may terminate, stop, or hibernate Spot Instances at any time and without any notice to you if the current price for the applicable Spot Instance (the “Spot Price”) equals or exceeds the price you specified you were willing to pay for the Spot Instance (“Your Maximum Price”). Spot Instances and Spot Blocks may also be terminated for AWS capacity requirements.”

AWS terminates, stops, or hibernates Spot Instances at any time without notice if the Spot Price exceeds your maximum price or due to AWS capacity requirements.

Your Spot Instances can be terminated without warning due to price changes or AWS capacity needs, leading to unexpected service interruptions and data loss if not designed for fault tolerance.

Severity 3 · notable

“We may terminate the Savings Plans, EC2 Reserved Instance or EC2 Dedicated Host Reservation pricing programs at any time.”

AWS terminates the Savings Plans, EC2 Reserved Instance, or EC2 Dedicated Host Reservation pricing programs at any time.

AWS can discontinue these pricing programs, potentially affecting your ability to purchase new reserved capacity or savings plans in the future.

Severity 3 · notable

“All amounts paid in connection with Savings Plans, EC2 Reserved Instances and EC2 Dedicated Host Reservations are nonrefundable, except that if we terminate the Agreement other than for cause, terminate an individual EC2 Reserved Instance or EC2 Dedicated Host Reservation type, or terminate the Savings Plans, EC2 Reserved Instance or EC2 Dedicated Host pricing program(s), we will refund you a pro rata portion of any up-front fee paid in connection with any previously designated Savings Plans, EC2 Reserved Instances or EC2 Dedicated Hosts.”

All payments for Savings Plans, EC2 Reserved Instances, and EC2 Dedicated Host Reservations are nonrefundable. AWS refunds a pro rata portion of up-front fees only if AWS terminates the Agreement without cause or ends a specific program or instance type.

You generally cannot get refunds for these services, except under specific AWS-initiated termination scenarios, meaning your investment is largely non-recoverable.

Severity 3 · notable

“During the final 30 minutes of a Capacity Block, we may terminate your instances without notice and prevent new instance launches into your reservation.”

During the final 30 minutes of a Capacity Block, AWS terminates your instances without notice and prevents new instance launches into your reservation.

Your instances can be terminated without warning during the last 30 minutes of a Capacity Block, leading to potential data loss or service disruption if not managed.

Severity 3 · notable

“If during the previous 6 months you have incurred no fees for Amazon SimpleDB and have registered no usage of Your Content stored in Amazon SimpleDB, we may delete Your Content that is stored in Simple DB upon 30 days prior notice to you.”

If you have incurred no fees and registered no usage for Amazon SimpleDB for 6 months, AWS deletes your content stored in SimpleDB after 30 days' prior notice.

Your data in Amazon SimpleDB is deleted if inactive for 6 months, requiring you to monitor usage or incur minimal fees to retain it.

Severity 3 · notable

“We may terminate the Reserved DB Instance program at any time.”

AWS terminates the Reserved DB Instance program at any time.

AWS can discontinue the Reserved DB Instance program, potentially affecting your ability to purchase new reserved capacity in the future.

Severity 3 · notable

“In the event a particular Cognito User Pool has no active users within a 12 month period, we may delete the Cognito User Pool upon 30 days’ prior notice to you.”

AWS deletes a Cognito User Pool after 12 months of no active users, following 30 days' prior notice to you.

Your inactive Cognito User Pools are deleted after 12 months, requiring you to maintain activity or migrate users to prevent data loss.

Severity 3 · notable

“Reserved DB Instances are nontransferable and all amounts paid in connection with the Reserved DB Instances are nonrefundable, except that if we terminate the Agreement other than for cause, terminate an individual Reserved DB Instance type, or terminate the Reserved DB Instance program, we will refund you a pro rata portion of any up-front fee paid in connection with any previously designated Reserved DB Instances.”

Reserved DB Instances are nontransferable, and all payments are nonrefundable. AWS refunds a pro rata portion of up-front fees only if AWS terminates the Agreement without cause or ends a specific program or instance type.

You generally cannot get refunds for Reserved DB Instances, except under specific AWS-initiated termination scenarios, meaning your investment is largely non-recoverable.

Severity 3 · notable

“We may suspend or terminate your access to SES, or block or decline to send or receive any SES Email, if we determine that your use of SES fails to comply with the AWS Acceptable Use Policy and these Terms, for example if: our scan of SES Email or Your Content included in SES Email reveals abusive or low quality email (such as “spam” or other harmful or unwanted items), SES Email bounces back to us or we receive abuse complaints (including complaints from third parties) in connection with your SES Email, or the source or ReturnPath email address you have provided us for “address bounces” or complaints is not successfully receiving email.”

AWS suspends or terminates your SES access, or blocks SES Email, if your use violates the Acceptable Use Policy or Terms. This includes sending spam, receiving abuse complaints, or if your bounce/complaint address is not working.

Your SES service can be suspended or terminated due to policy violations, email quality issues, or unmanaged bounce/complaint addresses, disrupting your email communications.

Severity 3 · notable

“We may terminate the Reserved Cache Node program at any time.”

AWS terminates the Reserved Cache Node program at any time.

AWS can discontinue the Reserved Cache Node program, potentially affecting your ability to purchase new reserved capacity in the future.

Severity 3 · notable

“Reserved Cache Nodes are nontransferable, and all amounts paid in connection with Reserved Cache Nodes are nonrefundable, except that if we terminate the Agreement other than for cause, terminate an individual Reserved Cache Node type, or terminate the Reserved Cache Node program, we will refund you a pro rata portion of any up-front fee paid in connection with any previously designated Reserved Cache Nodes.”

Reserved Cache Nodes are nontransferable, and all payments are nonrefundable. AWS refunds a pro rata portion of up-front fees only if AWS terminates the Agreement without cause or ends a specific program or node type.

You generally cannot get refunds for Reserved Cache Nodes, except under specific AWS-initiated termination scenarios, meaning your investment is largely non-recoverable.

Severity 3 · notable

“We may terminate the Amazon DynamoDB Reserved Capacity program at any time.”

AWS terminates the Amazon DynamoDB Reserved Capacity program at any time.

AWS can discontinue the Amazon DynamoDB Reserved Capacity program, potentially affecting your ability to purchase new reserved capacity in the future.

Severity 3 · notable

“Amazon DynamoDB Reserved Capacity is nontransferable and all amounts paid in connection with the Amazon DynamoDB Reserved Capacity are nonrefundable, except that if we terminate the Agreement (other than for cause) or the Amazon DynamoDB Reserved Capacity program, we will refund you a pro rata portion of any up-front fee paid in connection with any previously purchased Amazon DynamoDB Reserved Capacity.”

Amazon DynamoDB Reserved Capacity is nontransferable, and all payments are nonrefundable. AWS refunds a pro rata portion of up-front fees only if AWS terminates the Agreement without cause or ends the program.

You generally cannot get refunds for DynamoDB Reserved Capacity, except under specific AWS-initiated termination scenarios, meaning your investment is largely non-recoverable.

Severity 3 · notable

“In addition, AWS may disable or remove Content you have purchased on AWS Marketplace, if AWS reasonably determines that the Content may violate any Policies or any other regulations, policies, or laws.”

AWS disables or removes content you purchased on AWS Marketplace if AWS reasonably determines it violates any policies, regulations, or laws.

AWS removes your purchased content if it deems it non-compliant, potentially leading to loss of access to critical software or data without a refund.

Severity 3 · notable

“To the extent authorized by the respective third party provider on AWS Marketplace, AWS may disable access to or remove any Third Party Content you purchased or subscribed to on AWS Marketplace in the event of overdue and uncollected payments, upon AWS providing you with at least 30 days’ advance written notice.”

AWS disables access to or removes third-party content you purchased or subscribed to on AWS Marketplace due to overdue payments. AWS provides at least 30 days' advance written notice.

Failure to pay for third-party marketplace content results in AWS removing your access after 30 days' notice, disrupting your use of essential tools.

Severity 3 · notable

“If Your Customer terminates its use of the AWS Supply Chain N-Tier Visibility Service, you will be notified of that termination and you will have 30 days following that termination to retrieve Your Content from the Service if you choose to do so, after which time Your Content will be removed.”

If your customer terminates use of AWS Supply Chain N-Tier Visibility Service, AWS notifies you. You have 30 days to retrieve your content before AWS removes it.

You have a limited 30-day window to retrieve your content after a customer terminates their service, requiring prompt action to avoid data loss.

Severity 3 · notable

“We may delete, upon 30 days’ notice to you, any of Your Content uploaded to AWS Lambda if it has not been run for more than 3 months.”

AWS deletes your content uploaded to AWS Lambda if it has not been run for more than 3 months, following 30 days' notice to you.

Your Lambda content is deleted if inactive for 3 months, requiring you to maintain activity or back up your code to prevent loss.

Severity 3 · notable

“If your use of Amazon WorkMail is terminated, we may delete your data and your End Users’ mailboxes.”

If your use of Amazon WorkMail is terminated, AWS deletes your data and your End Users' mailboxes.

Termination of Amazon WorkMail results in the deletion of all your data and End Users' mailboxes, requiring you to back up essential information beforehand.

Severity 3 · notable

“AWS IoT Core Device Shadow data for an individual device may be deleted if you do not update the Device Shadow data for an individual device within any given 12-month period. AWS IoT Core Device Registry data for an individual device may be deleted if you do not update the Registry data for an individual device within any given 7-year period.”

AWS deletes IoT Core Device Shadow data if not updated within 12 months and Device Registry data if not updated within 7 years.

Your IoT device data is automatically deleted after periods of inactivity (12 months for Shadow, 7 years for Registry), requiring regular updates to retain it.

Severity 3 · notable

“We or our affiliates may delete, upon 30 days' notice to you, any of Your Content uploaded to Amazon GameLift Servers if it has not been run in more than 3 months.”

AWS or its affiliates delete your content uploaded to Amazon GameLift Servers if it has not been run for more than 3 months, following 30 days' notice to you.

Your GameLift Server content is deleted if inactive for 3 months, requiring you to maintain activity or back up your game builds to prevent loss.

Severity 3 · notable

“We may terminate, stop, or hibernate GL Spot Instances at any time and without any notice to you for AWS capacity requirements.”

AWS terminates, stops, or hibernates GL Spot Instances at any time without notice due to AWS capacity requirements.

Your GL Spot Instances can be terminated without warning due to AWS capacity needs, leading to unexpected service interruptions and data loss if not designed for fault tolerance.

Severity 3 · notable

“Except as provided under Section 45.9, payments for AWS Professional Services are not refundable.”

Payments for AWS Professional Services are not refundable, except as specified in Section 45.9.

You generally cannot get refunds for AWS Professional Services, meaning your investment is largely non-recoverable unless specific conditions in Section 45.9 apply.

Severity 3 · notable

“We may terminate the Reserved Node program at any time.”

AWS terminates the Reserved Node program at any time.

AWS can discontinue the Reserved Node program, potentially affecting your ability to purchase new reserved capacity in the future.

Severity 3 · notable

“Reserved Nodes are nontransferable, and all amounts paid in connection with Reserved Nodes are nonrefundable, except that if we terminate the Agreement other than for cause, terminate an individual Reserved Node type, or terminate the Reserved Node program, we will refund you a pro rata portion of any up-front fee paid in connection with any previously designated Reserved Node.”

Reserved Nodes are nontransferable, and all payments are nonrefundable. AWS refunds a pro rata portion of up-front fees only if AWS terminates the Agreement without cause or ends a specific program or node type.

You generally cannot get refunds for Reserved Nodes, except under specific AWS-initiated termination scenarios, meaning your investment is largely non-recoverable.

Severity 3 · notable

“We may terminate the migration of any image that remains in a migration queue for 90 days or more.”

AWS terminates the migration of any image that remains in a migration queue for 90 days or more.

Image migrations that are stalled for 90 days or longer are automatically terminated, requiring you to actively manage your migration queues.

Severity 3 · notable

“You may not use Amazon Lightsail in a manner intended to avoid incurring data fees from other Services (e.g., proxying network traffic from Services to the public internet or other destinations or excessive data processing through load balancing or content delivery network (CDN) Services as described in the technical documentation), and if you do, we may throttle or suspend your data services or suspend your account.”

You must not use Amazon Lightsail to avoid data fees from other services. If you do, AWS throttles or suspends your data services or account.

Misusing Lightsail to bypass data fees leads to AWS throttling or suspending your services or account, disrupting your operations and potentially incurring unexpected costs.

Severity 3 · notable

“If you or your End Users sign up for and use paid features of Amazon Chime and then for any reason, including non-payment or breach, your or your End Users’ access to the paid services is terminated, you and your End Users may be reverted to the free features of Amazon Chime and may no longer have access to data and other material that you or your End Users may have stored in connection with Amazon Chime, and that data and material may be deleted by AWS.”

If your paid Amazon Chime services are terminated for any reason, including non-payment or breach, you and your End Users revert to free features. You lose access to stored data, and AWS deletes that data.

Termination of paid Amazon Chime services results in data loss and reversion to limited free features, requiring you to back up data and ensure compliance to avoid disruption.

Severity 3 · notable

“We may change SageMaker AI Savings Plan (“SM AI Savings Plan”) pricing or terminate the program at any time.”

AWS changes SageMaker AI Savings Plan pricing or terminates the program at any time.

AWS can change future pricing or terminate the SageMaker AI Savings Plan program, potentially affecting your ability to purchase new plans.

Severity 3 · notable

“All amounts paid in connection with SM AI Savings Plans are nonrefundable, except that if we terminate the Agreement other than for cause, or terminate the SM AI Savings Plan program, we will refund you a pro rata portion of any up-front fee paid.”

All payments for SM AI Savings Plans are nonrefundable. AWS refunds a pro rata portion of up-front fees only if AWS terminates the Agreement without cause or ends the program.

You generally cannot get refunds for SM AI Savings Plans, except under specific AWS-initiated termination scenarios, meaning your investment is largely non-recoverable.

Severity 3 · notable

“If during the previous 3 months you have registered no usage of your Amazon SageMaker Studio Lab account, we may delete your Amazon SageMaker Studio Lab account and any associated Content upon 30 days prior notice to you.”

If your Amazon SageMaker Studio Lab account has no usage for 3 months, AWS deletes your account and associated content after 30 days' prior notice.

Your SageMaker Studio Lab account and data are deleted if inactive for 3 months, requiring you to maintain activity or back up your content to prevent loss.

Severity 3 · notable

“We may change Database Savings Plan ("DB Savings Plan") pricing or terminate the program at any time.”

AWS changes Database Savings Plan pricing or terminates the program at any time.

AWS can change future pricing or terminate the Database Savings Plan program, potentially affecting your ability to purchase new plans.

Severity 3 · notable

“All amounts paid in connection with DB Savings Plans are nonrefundable, except that if we terminate the Agreement other than for cause, or terminate the DB Savings Plan program, we will refund you a pro rata portion of any up-front fee paid.”

All payments for DB Savings Plans are nonrefundable. AWS refunds a pro rata portion of up-front fees only if AWS terminates the Agreement without cause or ends the program.

You generally cannot get refunds for DB Savings Plans, except under specific AWS-initiated termination scenarios, meaning your investment is largely non-recoverable.

Severity 3 · notable

“Prepaid Funds are non-refundable and expire at the end of the term in the applicable Order.”

Prepaid Funds are non-refundable and expire at the end of the term specified in your order.

You lose any unused prepaid funds at the end of the term, as they are non-refundable and expire, requiring careful usage planning.

Severity 3 · notable

“AWS will charge you a fee equal to the value of any funding, discounts, or credits you receive for enterprise AWS Training if you do not consume AWS Training equal to the total amount listed in your Order, within the term specified in your Order.”

AWS charges you a fee equal to the value of any funding, discounts, or credits for enterprise AWS Training if you do not consume the total amount specified in your order within the term.

You incur a fee if you fail to fully utilize your enterprise AWS Training within the specified term, effectively losing the value of unconsumed training.

Severity 3 · notable

“If you request to reschedule or cancel a class less than 14 days before the class start date, AWS may bill you the fee listed in your Order for the canceled class excluding discounts, credits or other funding, incurred travel expenses listed in your Order, and applicable taxes.”

If you reschedule or cancel a class less than 14 days before its start date, AWS bills you the full fee for the canceled class, plus incurred travel expenses and taxes.

Canceling or rescheduling a class within 14 days of its start date results in you being charged the full class fee and travel expenses, leading to unrecoverable costs.

Severity 3 · notable

“If during the previous 12 months you have registered no usage of your AWS DeepRacer Student account, we may delete your AWS DeepRacer Student account and any associated Content upon 30 days prior notice to you.”

If your AWS DeepRacer Student account has no usage for 12 months, AWS deletes your account and associated content after 30 days' prior notice.

Your DeepRacer Student account and data are deleted if inactive for 12 months, requiring you to maintain activity or back up your content to prevent loss.

Severity 3 · notable

“If during the previous 12 months you have registered no usage of your AWS Builder ID, we may delete your AWS Builder ID upon 30 days’ prior notice.”

If your AWS Builder ID has no usage for 12 months, AWS deletes your AWS Builder ID after 30 days' prior notice.

Your AWS Builder ID is deleted if inactive for 12 months, requiring you to maintain activity to prevent loss of access to associated services.

Severity 3 · notable

“Upon deletion of your AWS Builder ID, you will no longer have access to Your Content through your AWS Builder ID, and such content will be deleted.”

Upon deletion of your AWS Builder ID, you lose access to your content through that ID, and AWS deletes that content.

Deleting your AWS Builder ID results in the permanent loss of access to and deletion of all associated content, requiring careful data management.

Severity 2 · minor

“If your SES Emails are blocked, delayed, or prevented from delivery by reasons outside of our control, your payment obligations continue.”

Your payment obligations for SES Emails continue even if your emails are blocked, delayed, or prevented from delivery due to reasons outside of AWS's control.

You are charged for SES emails regardless of successful delivery if the issue is beyond AWS's control, potentially incurring costs for undelivered messages.

Severity 2 · minor

“If your messages sent through Amazon MQ are blocked, delayed, or prevented from delivery by reasons outside of our control, your payment obligations continue.”

Your payment obligations for messages sent through Amazon MQ continue even if your messages are blocked, delayed, or prevented from delivery due to reasons outside of AWS's control.

You are charged for Amazon MQ messages regardless of successful delivery if the issue is beyond AWS's control, potentially incurring costs for undelivered messages.

Severity 2 · minor

“Following closure of your AWS account, we will delete Your Content in accordance with the technical documentation applicable to the Services.”

Following the closure of your AWS account, AWS deletes your content according to the technical documentation for the services.

Your content is deleted after account closure, so you must ensure all necessary data is backed up before termination.

Severity 2 · minor

“Your access to and use of each Beta Service and Beta Region will automatically terminate upon the release of a generally available version of the applicable Beta Service or Beta Region or upon notice of termination by AWS.”

Your access to Beta Services and Beta Regions automatically terminates when a generally available version is released or upon notice of termination by AWS.

Your access to beta services ends automatically upon general release or AWS's notice, requiring you to transition to the GA version or cease use.

Severity 2 · minor

“Fees for Amazon Pinpoint and AWS End User Messaging will apply regardless of whether delivery of your messages is prevented, delayed, or blocked due to reasons outside of our control.”

AWS charges fees for Amazon Pinpoint and AWS End User Messaging even if your messages are prevented, delayed, or blocked due to reasons outside of AWS's control.

You are charged for Pinpoint and End User Messaging regardless of successful delivery if the issue is beyond AWS's control, potentially incurring costs for undelivered messages.

Severity 2 · minor

“Fees for Amazon SNS will apply regardless of whether delivery of your notifications is prevented, delayed, or blocked due to reasons outside of our control.”

AWS charges fees for Amazon SNS even if your notifications are prevented, delayed, or blocked due to reasons outside of AWS's control.

You are charged for SNS notifications regardless of successful delivery if the issue is beyond AWS's control, potentially incurring costs for undelivered messages.

Severity 2 · minor

“AWS may terminate your use of AWS Outposts and remove the Outposts Equipment if you breach these terms or materially breach the terms of the Agreement with respect to AWS Outposts.”

AWS terminates your use of AWS Outposts and removes the Outposts Equipment if you breach the terms or materially breach the Agreement regarding AWS Outposts.

Breaching the terms for AWS Outposts results in AWS terminating your service and removing equipment, disrupting your on-premises operations.

Severity 4 · material

“Neither AWS nor its affiliates are liable for any damages resulting from any Emergency Services call or any inability to place or complete an Emergency Services call using Amazon Chime. AWS disclaims all responsibility for the conduct of local emergency response centers, third parties engaged by you to facilitate emergency response location or other address updates, and all other third parties involved in the provision of Emergency Services.”

AWS and its affiliates are not liable for any damages or inability to complete Emergency Services calls using Amazon Chime. AWS disclaims all responsibility for third parties involved in providing Emergency Services.

AWS disclaims all liability for emergency calls made via Amazon Chime, meaning you bear full responsibility for any failures or damages related to emergency services.

Severity 4 · material

“You release us (and our agents and employees) from claims, demands, and damages (actual or consequential) of any and every kind and nature, known or unknown, suspected or unsuspected, disclosed and undisclosed, arising out of or in any way connected with your use of the AWS IQ marketplace.”

You release AWS, its agents, and employees from all claims, demands, and damages, whether known or unknown, arising from your use of the AWS IQ marketplace.

You waive your right to pursue any claims against AWS related to your use of the AWS IQ marketplace, leaving you without recourse for potential issues.

Severity 4 · material

“AWS will have no obligations or liability under Section 50.10.1 with respect to any claim: (i) arising from Generative AI Output generated in connection with inputs or other data provided by you where such inputs or other data, alone or in combination, infringe or misappropriate another party’s intellectual property rights; (ii) if you interfere with or fail to enable available filters and other tools, or disregard instructions made available for the Indemnified Generative AI Service; (iii) if your use of the Indemnified Generative AI Service breaches the Agreement; (iv) if you have fine-tuned, refined, customized, or otherwise modified an Indemnified Generative AI Service and the alleged infringement or misappropriation would not have occurred but for this fine-tuning, refinement, customization, or modification; (v) arising after you receive notice to stop using the Generative AI Output; (vi) arising from Generative AI Output that you know or reasonably should know may infringe or misappropriate another party’s intellectual property rights; or (vii) alleging that your use of Generative AI Output infringes a third party’s trademark or related rights.”

AWS disclaims liability for generative AI output claims if your inputs infringe IP, you misuse the service, breach the agreement, modify the service, continue use after notice, or knowingly infringe IP.

You bear significant liability for intellectual property infringement arising from generative AI output, especially if it stems from your inputs, modifications, or misuse of the service.

Severity 4 · material

“AI Services are not intended for use in, or in association with, the operation of any hazardous environments or critical systems that may lead to serious bodily injury or death or cause environmental or property damage. AI Services may be used in connection with supporting healthcare services but are not medical devices and are not intended to be used by themselves for any clinical decision-making or other clinical use. You are responsible for liability that may arise in connection with any such uses.”

AWS AI Services are not for hazardous environments, critical systems, or standalone clinical decision-making. AWS states you are responsible for any liability arising from such uses.

You bear full liability for using AWS AI Services in high-risk applications like critical systems or medical decision-making, as AWS disclaims responsibility for these uses.

Severity 4 · material

“WITHOUT LIMITING ANY DISCLAIMERS IN THE AGREEMENT OR THE SERVICE TERMS, BETA SERVICES AND BETA REGIONS ARE NOT READY FOR GENERAL COMMERCIAL RELEASE AND MAY CONTAIN BUGS, ERRORS, DEFECTS, OR HARMFUL COMPONENTS. ACCORDINGLY, AND NOTWITHSTANDING ANYTHING TO THE CONTRARY IN THE AGREEMENT OR THESE SERVICES TERMS, AWS IS PROVIDING BETA SERVICES AND BETA REGIONS TO YOU “AS IS.” AWS AND ITS AFFILIATES AND LICENSORS MAKE NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE REGARDING BETA SERVICES AND BETA REGIONS, INCLUDING ANY WARRANTY THAT THE BETA SERVICES AND BETA REGIONS WILL BECOME GENERALLY AVAILABLE, BE UNINTERRUPTED, ERROR FREE, OR FREE OF HARMFUL COMPONENTS, OR THAT ANY CONTENT, INCLUDING YOUR CONTENT, WILL BE SECURE OR NOT OTHERWISE LOST OR DAMAGED. EXCEPT TO THE EXTENT PROHIBITED BY LAW, AWS AND ITS AFFILIATES AND LICENSORS DISCLAIM ALL WARRANTIES, INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, OR QUIET ENJOYMENT, AND ANY WARRANTIES ARISING OUT OF ANY COURSE OF DEALING OR USAGE OF TRADE. AWS’S AND ITS AFFILIATES’ AND LICENSORS’ AGGREGATE LIABILITY FOR ANY BETA SERVICES AND BETA REGIONS WILL BE LIMITED TO THE AMOUNT YOU ACTUALLY PAY US UNDER THIS AGREEMENT FOR THE BETA SERVICES OR BETA REGIONS THAT GAVE RISE TO THE CLAIM DURING THE 12 MONTHS PRECEDING THE CLAIM.”

AWS provides Beta Services and Regions "AS IS," without warranties for availability, error-freeness, security, or data integrity. AWS's total liability for these beta services is limited to the amount you paid in the 12 months preceding a claim.

You assume all risks when using beta services, as AWS disclaims all warranties and limits its liability to your payments, meaning you have minimal recourse for issues or data loss.

Severity 4 · material

“Your failure to do so may result in Amazon incurring sanitization costs for which You will be responsible, and which will be exempt from any limitations of liability in any of your agreements with AWS.”

Your failure to comply results in AWS incurring sanitization costs, for which you are responsible. These costs are exempt from any limitations of liability in your agreements with AWS.

You are fully liable for potentially unlimited sanitization costs if you fail to comply, as these costs are explicitly excluded from any liability caps.

Severity 4 · material

“Neither AWS nor its affiliates will be liable for any damages resulting from any Emergency Services call or any inability to place an Emergency Services call using Amazon Connect. AWS disclaims all responsibility for the conduct of local emergency response centers, third parties engaged by you to facilitate emergency response location or other address updates, and all other third parties involved in the provision of Emergency Services.”

AWS and its affiliates are not liable for any damages or inability to complete Emergency Services calls using Amazon Connect. AWS disclaims all responsibility for third parties involved in providing Emergency Services.

AWS disclaims all liability for emergency calls made via Amazon Connect, meaning you bear full responsibility for any failures or damages related to emergency services.

Severity 3 · notable

“In the event AWS fails to do so, and you provide written notice to AWS of such failure within ninety (90) days from the date of performance, as your sole remedy AWS will either (i) re-perform the non-conforming AWS Professional Services or (ii) refund any fees paid for the non-conforming AWS Professional Services.”

If AWS Professional Services are non-conforming and you notify AWS within 90 days, your sole remedy is either re-performance of the services or a refund of fees paid for the non-conforming services.

Your only recourse for unsatisfactory AWS Professional Services is a re-performance or refund, limited to a 90-day window, restricting your options for other damages.

Severity 3 · notable

“With AWS Organizations, the Management Account and Member Account will be jointly and severally liable for all charges accrued by the Member Accounts while joined in an Organization, but the Management Account will be billed for all such charges in accordance with the Management Account’s Agreement.”

In AWS Organizations, the Management Account and Member Account are jointly and severally liable for all charges accrued by Member Accounts. The Management Account receives the bill for all such charges.

Both the Management and Member Accounts are fully responsible for all charges, meaning the Management Account can be held liable for the Member Account's spending.

Severity 3 · notable

“If you enable Billing Transfer, the Bill-Transfer Account and the Bill-Source Account will be jointly and severally liable for all charges accrued by the Bill-Source Account’s Organization while Billing Transfer is in effect, but the Bill-Transfer Account will be billed for all such charges in accordance with the Bill-Transfer Account’s Agreement.”

If you enable Billing Transfer, the Bill-Transfer Account and Bill-Source Account are jointly and severally liable for all charges accrued by the Bill-Source Account's Organization. The Bill-Transfer Account receives the bill.

Both the Bill-Transfer and Bill-Source Accounts are fully responsible for all charges, meaning the Bill-Transfer Account can be held liable for the Bill-Source Account's spending.

Severity 3 · notable

“You are solely responsible for having or obtaining such licenses and paying any necessary royalties or fees, and AWS will have no obligations or liabilities under the Agreement (including defense and/or payment obligations) for third-party patent claims if you fail to have or obtain such licenses.”

You are solely responsible for obtaining necessary licenses and paying royalties or fees. AWS has no liability or defense obligations for third-party patent claims if you fail to secure these licenses.

You bear full responsibility for licensing and patent infringement claims if you fail to secure necessary third-party licenses, without any support from AWS.

Severity 3 · notable

“AWS and its affiliates will not be liable to you for any damages arising from (a) AWS’s actions taken pursuant to any instructions or requests that you provide or approve, (b) you not following an instruction or recommendation from AWS, (c) your delay or withholding of approval for AWS to take a requested action, or (d) any change by you to your Managed Environment (as defined in the AWS Managed Services user guides posted on the AWS Site).”

AWS and its affiliates are not liable for damages resulting from AWS actions based on your instructions, your failure to follow AWS recommendations, your delayed approvals, or your changes to your Managed Environment.

You bear the risk for damages if they result from your instructions, non-compliance with AWS recommendations, or changes you make to your environment, limiting AWS's accountability.

Severity 3 · notable

“To the extent permitted by applicable law, Oracle disclaims any liability for any damages, whether direct, indirect, incidental, special, punitive or consequential, and any loss of profits, revenue, data or data use, arising from your use of the Oracle Software.”

Oracle disclaims all liability for any damages, including direct, indirect, or consequential, and any loss of profits, revenue, or data arising from your use of Oracle Software.

Oracle avoids responsibility for any damages or data loss resulting from your use of their software, leaving you fully exposed to potential financial and operational risks.

Severity 3 · notable

“AWS will have no obligations or liability (including defense and/or payment obligations under the Agreement) with respect to any claim arising from or relating to alleged infringement of third-party patents related to use of Amazon Kinesis Video Streams to encode, decode, or transcode files.”

AWS has no liability or defense obligations for claims of third-party patent infringement related to your use of Amazon Kinesis Video Streams for encoding, decoding, or transcoding files.

You bear the full risk and responsibility for any patent infringement claims arising from your use of Kinesis Video Streams for media processing, without AWS's support.

Severity 3 · notable

“AWS will have no obligations or liability (including defense and/or payment obligations under the Agreement) with respect to any claim arising from or relating to alleged infringement of third-party patents related to use of GameLift Streams to encode, decode, or transcode files.”

AWS has no liability or defense obligations for claims of third-party patent infringement related to your use of GameLift Streams for encoding, decoding, or transcoding files.

You bear the full risk and responsibility for any patent infringement claims arising from your use of GameLift Streams for media processing, without AWS's support.

Severity 2 · minor

“AWS is not liable for inaccuracies or incomplete information in invoices resulting from your errors, or your noncompliance with applicable law.”

AWS is not liable for invoice inaccuracies or incomplete information caused by your errors or noncompliance with applicable law.

You are responsible for ensuring accurate billing information and legal compliance, as AWS disclaims liability for invoice errors stemming from your actions.

Severity 4 · material

“As permitted by applicable law, you agree to release, indemnify, and hold harmless AWS and its affiliates from and against any liability relating to: (a) any acts or omissions of such third parties or other third parties involved in the handling of or response to any emergency call, (b) your inability to use the Chime PSTN Service to contact Emergency Services due to lack of power or internet access; (c) any failure by you or your End Users to provide accurate caller location information or call back information; or (d) your failure to make additional arrangements to access Emergency Services.”

You release and indemnify AWS and its affiliates from liability for issues with emergency calls using Chime PSTN Service. This includes third-party actions, your service outages, or your failure to provide accurate information or alternative emergency access.

You assume full liability for any failures or damages related to emergency calls made via Chime PSTN, including those caused by third parties or your own operational issues.

Severity 4 · material

“As permitted by applicable law, you agree to release, indemnify, and hold harmless AWS and its affiliates from and against any liability relating to: (a) any acts or omissions of such third parties or other third parties involved in the handling of or response to any emergency call, (b) your inability to use the Connect PSTN Service to contact Emergency Services due to lack of power or internet access; (c) any failure by you, your call agents or your other End Users that may use Amazon Connect to provide accurate caller location information or call back information; or (d) your failure to make additional arrangements to access Emergency Services.”

You release and indemnify AWS and its affiliates from liability for issues with emergency calls using Connect PSTN Service. This includes third-party actions, your service outages, or your failure to provide accurate information or alternative emergency access.

You assume full liability for any failures or damages related to emergency calls made via Connect PSTN, including those caused by third parties or your own operational issues.

Severity 4 · material

“You will defend and indemnify AWS and its Affiliates for any and all claims, damages, liabilities, penalties, fines, costs, and expenses (including reasonable attorneys’ fees) arising out of or in any way related to Your or your designees’ actions while at or inside an AWS Data Transfer Terminal facility.”

You defend and indemnify AWS and its Affiliates for all claims, damages, liabilities, penalties, fines, costs, and expenses arising from your or your designees' actions at an AWS Data Transfer Terminal facility.

You are fully responsible for all costs and liabilities, including legal fees, resulting from actions taken by you or your designees at AWS Data Transfer Terminal facilities.

Severity 3 · notable

“Any disputes with a third party provider must be resolved directly with the third party provider, and you will hold AWS harmless from all related claims.”

You must resolve any disputes directly with third-party providers. You hold AWS harmless from all claims related to these disputes.

You are solely responsible for resolving third-party disputes and cannot hold AWS accountable for any issues arising from those relationships.

Severity 3 · notable

“The Google RCS Terms contain important information about use of Google RCS for Business, including how Google may use your RCS message content to improve its services, your indemnity obligations to Google relating to use of Google RCS for Business, and Google’s Acceptable Use Policy.”

The Google RCS Terms outline how Google uses your RCS message content to improve its services, your indemnity obligations to Google for using Google RCS for Business, and Google's Acceptable Use Policy.

You are bound by Google's terms, including indemnifying Google and allowing them to use your message content for service improvement, which impacts your data privacy and liability.

Severity 4 · material

“AWS may stop providing AWS Marketplace (or any features of or listings within AWS Marketplace), without prior notice to you.”

AWS stops providing AWS Marketplace, or any of its features or listings, at any time without prior notice to you.

AWS can discontinue the entire Marketplace or specific offerings without warning, potentially disrupting your access to critical third-party software and services.

Severity 3 · notable

“We may change, discontinue, or deprecate support for any third-party software development services at any time without prior notice.”

AWS changes, discontinues, or deprecates support for any third-party software development services at any time without prior notice.

AWS can remove support for your third-party software development services without warning, potentially disrupting your development workflows.

Severity 3 · notable

“AWS may add or modify terms, including lowering or raising any usage limits, related to access to or use of any Beta Services or Beta Regions at any time.”

AWS adds or modifies terms, including usage limits, for Beta Services or Beta Regions at any time.

AWS can change the terms and usage limits for beta services without your consent, potentially impacting your testing and development efforts.

Severity 3 · notable

“AWS may add, modify, or remove functionality, features, documentation, or other related aspects of any Beta Service or Beta Region at any time and these aspects may be different from any generally available version of the applicable Beta Service or Beta Region.”

AWS adds, modifies, or removes functionality, features, or documentation for any Beta Service or Beta Region at any time. These aspects differ from generally available versions.

AWS can change beta services at any time, meaning features you rely on might be removed or altered, and they may not match the final product.

Severity 3 · notable

“AWS may change, discontinue, or deprecate support for a Security Offering (within the AWS Security Hub Extended plan) at any time.”

AWS changes, discontinues, or deprecates support for a Security Offering within the AWS Security Hub Extended plan at any time.

AWS can alter or remove support for security offerings in Security Hub Extended at any time, potentially impacting your security posture and requiring adjustments.

Severity 3 · notable

“From time to time, telecommunication providers may change or modify their rules, requirements, and policies (collectively “Carrier Policies”). We will make reasonable efforts to notify you of changes to Carrier Policies through, for example, email, Personal Health Dashboard notifications, or technical documentation. You are responsible for complying with all Carrier Policies that apply to your use of the Service. AWS may pass through fees imposed by carriers for violations of Carrier Policies.”

Telecommunication providers change their Carrier Policies, and AWS notifies you of these changes. You are responsible for complying with all Carrier Policies, and AWS passes through fees for your violations.

You are responsible for adhering to evolving third-party carrier policies, and AWS passes on any fees incurred due to your non-compliance, leading to potential unexpected costs.

Severity 3 · notable

“We may change, discontinue, or deprecate support for a third party push notification platform at any time.”

AWS changes, discontinues, or deprecates support for a third-party push notification platform at any time.

AWS can remove support for your third-party push notification platform without warning, potentially disrupting your notification services.

Severity 3 · notable

“We may change, discontinue, or deprecate support for the RCS messaging channel at any time.”

AWS changes, discontinues, or deprecates support for the RCS messaging channel at any time.

AWS can remove support for the RCS messaging channel without warning, potentially disrupting your messaging services.

Severity 3 · notable

“AWS may deprecate or discontinue any geolocation provider within the feature at any time upon notice to you.”

AWS deprecates or discontinues any geolocation provider within the feature at any time upon notice to you.

AWS can remove support for geolocation providers with notice, requiring you to adapt your applications or find alternative solutions.

Severity 3 · notable

“AWS may change, deprecate, or discontinue the availability of the LoRaWAN Network Provider through AWS IoT Core at any time upon notice to you.”

AWS changes, deprecates, or discontinues the availability of the LoRaWAN Network Provider through AWS IoT Core at any time upon notice to you.

AWS can remove support for LoRaWAN Network Providers with notice, requiring you to adapt your IoT solutions or find alternative providers.

Severity 3 · notable

“We may change, discontinue, or deprecate support for any third-party trust provider at any time without prior notice.”

AWS changes, discontinues, or deprecates support for any third-party trust provider at any time without prior notice.

AWS can remove support for your third-party trust provider without warning, potentially disrupting your security and authentication mechanisms.

Severity 3 · notable

“If, as a part of Amazon Chime, AMCS provides you or your End Users with any telephone number (whether toll or toll-free), you understand and agree that you do not own the number and you do not have the right to keep that number indefinitely subject to any number portability rights under applicable law. AMCS reserves the right to change, cancel, or move telephone numbers.”

AMCS (part of Amazon Chime) provides telephone numbers but you do not own them. AMCS reserves the right to change, cancel, or move these numbers, subject to portability rights.

AMCS can change or reclaim your Amazon Chime phone numbers, potentially disrupting your communication services, even if you have portability rights.

Severity 3 · notable

“Amazon Chime’s free features are not guaranteed for any period of time, and AWS may restrict, change, limit, or terminate the use of "free" or "basic" features of Amazon Chime by any individual, entity, or group of entities.”

Amazon Chime's free features are not guaranteed. AWS restricts, changes, limits, or terminates the use of free or basic features for any user or entity at any time.

AWS can alter or remove free Amazon Chime features without warning, potentially impacting your reliance on them for basic communication needs.

Severity 3 · notable

“We reserve the right to change or reclaim telephone numbers assigned by the applicable AMCS entity (not including numbers that the customer has ported to Amazon Connect) in the event of a breach of these terms, where necessary for compliance with applicable law or regulation, or if the number has not been used for 90 days.”

AMCS reserves the right to change or reclaim assigned telephone numbers (excluding ported numbers) if you breach terms, for legal compliance, or if the number is unused for 90 days.

AMCS can reclaim your Amazon Connect phone numbers due to inactivity or policy breaches, potentially disrupting your communication services.

Severity 3 · notable

“We may change, deprecate or discontinue any Service offering that relates to services offered by any Hardware Provider at any time.”

AWS changes, deprecates, or discontinues any service offering related to services from any Hardware Provider at any time.

AWS can alter or remove services dependent on third-party hardware providers, potentially disrupting your operations and requiring you to adapt.

Severity 3 · notable

“AWS may change, deprecate, or discontinue any Geolocation Provider or Geolocation Provider Feature at any time upon notice to you.”

AWS changes, deprecates, or discontinues any Geolocation Provider or Geolocation Provider Feature at any time upon notice to you.

AWS can remove support for geolocation providers or features with notice, requiring you to adapt your applications or find alternative solutions.

Severity 3 · notable

“AWS DeepRacer Student is provided for training and educational purposes and is not intended for production workloads. AWS may modify your ability to access or use AWS DeepRacer Student at any time, including any usage or resource limits.”

AWS DeepRacer Student is for training and education, not production. AWS modifies your access or use, including usage or resource limits, at any time.

AWS can change your access or impose limits on DeepRacer Student at any time, impacting your educational or training activities.

Severity 3 · notable

“AWS may change, deprecate, or discontinue any offering of DCC Software at any time upon notice to you.”

AWS changes, deprecates, or discontinues any offering of DCC Software at any time upon notice to you.

AWS can alter or remove DCC Software offerings with notice, requiring you to adapt your workflows or find alternative software.

Severity 3 · notable

“We may change, discontinue, or deprecate support for any third-party identity provider at any time without prior notice.”

AWS changes, discontinues, or deprecates support for any third-party identity provider at any time without prior notice.

AWS can remove support for your third-party identity provider without warning, potentially disrupting your authentication and access management.

Severity 2 · minor

“If requested by the Organization's Management Account with the assisted migration feature, we may enable, with at least 14 days' prior notice to you, all features in your Organization.”

If requested by the Organization's Management Account using the assisted migration feature, AWS enables all features in your Organization with at least 14 days' prior notice.

Your Organization's Management Account can enable all features in your account with 14 days' notice, potentially changing your service configuration and costs.

Severity 2 · minor

“We may change user credentials created by you using IAM if we determine in our reasonable discretion that a change is necessary for the protection of your AWS account and resources, and we will promptly notify you of any such change.”

AWS changes user credentials you created using IAM if AWS determines it is necessary to protect your AWS account and resources. AWS promptly notifies you of any such change.

AWS can unilaterally change your IAM user credentials for security reasons, which might temporarily disrupt your access but aims to protect your account.