Vodafone Limited

Public Cloud - Amazon Web Services - Standard

Amazon Web Service (AWS) offered by Vodafone brings you the breadth and depth of the AWS portfolio, the leading provider of Public Cloud services globally.
AWS is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help businesses scale and grow.


  • Scalable, reliable and secure global computing infrastructure
  • Your application can scale up or down based on demand
  • End-to-end approach to secure flexible infrastructure


  • Quick and secure hosting of your applications
  • Flexibility to select all the services you need
  • No long-term contracts or up-front commitments


£0.01 a virtual machine an hour

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks_team@vodafone.com. Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

9 0 6 3 6 4 8 9 9 9 9 9 4 4 8


Vodafone Limited Frameworks Team
Telephone: 03333 040191
Email: frameworks_team@vodafone.com

Service scope

Service constraints
Please view detailed Service Description.
System requirements
Refer AWS Service Description and catalogue for system requirements

User support

Email or online ticketing support
Email or online ticketing
Support response times
The standard response time is one hour with support available on a 24/7 basis. The Support Incident Escalation is available to be utilised for critical issues and whenever needed to resolve the issue speedily.
User can manage status and priority of support tickets
Phone support
Phone support availability
24 hours, 7 days a week
Web chat support
Onsite support
Yes, at extra cost
Support levels
Vodafone will provide you with support for AWS Service. Our Hosting Solutions Support team provides a 24x365 Service Desk and Incident Management team. Support will be provided in English. The Vodafone operational model for support is ITIL based. Vodafone’s support model for AWS will triage issues into AWS if Vodafone is unable to resolve the issue. More details : Service Descriptions Support section
Support available to third parties

Onboarding and offboarding

Getting started
Onboarding guidance is provided as part of the service. When the AWS service is ready the customer will be provided with the following: I. Service Terms – contains Vodafone and AWS T&Cs II. Service Descriptions – a guide to cover all customer information inc. AWS products, support, global infrastructure etc. III : Document for all relevant information pack
Service documentation
Documentation formats
End-of-contract data extraction
From the application that uses AWS or through the Admin GUI. Vodafone may also be able to help you minimise the impact of off-boarding through our professional service capability.
End-of-contract process
Customer must remove all of their data from the Platform notify Vodafone that they wish to terminate the Service. Vodafone will notify Customer of the date that the Service and any remaining data will be removed. It is Customer’s sole responsibility to remove their data from the Platform and Vodafone shall have no liability whatsoever for any of Customers data that remains on the Platform once Customer has notified Vodafone that Customer wishes to terminate the Service.

Using the service

Web browser interface
Using the web interface
Customer can access AWS management console
Web interface accessibility standard
Web interface accessibility testing
It is accessible anywhere through an internet connection over HTTPs and end to end security can be assured by using Vodafone's secure networks.
What users can and can't do using the API
The AWS public cloud provides a self-service management console and application programming interfaces for the provision and management of AWS services. Both the API and Console are available over the public Internet to Vodafone and our customers.
API automation tools
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
API documentation
Command line interface
Command line interface compatibility
  • Linux or Unix
  • Windows
  • MacOS
Using the command line interface
Please refer the attached link for more detail. https://aws.amazon.com/cli/


Scaling available
Scaling type
Independence of resources
AWS offers a broad set of global cloud-based products including compute, storage, databases, analytics, networking, mobile, developer tools, management tools, IoT, security and enterprise applications. These services help organizations move faster, lower IT costs, and scale
Usage notifications
Usage reporting


Infrastructure or application metrics
Metrics types
  • CPU
  • Disk
  • Memory
Reporting types
API access


Supplier type
Reseller providing extra support
Organisation whose services are being resold
Amazon Web Service

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Baseline Personnel Security Standard (BPSS)

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
User control over data storage and processing locations
Datacentre security standards
Managed by a third party
Penetration testing frequency
At least once a year
Penetration testing approach
Another external penetration testing organisation
Protecting data at rest
Other data at rest protection approach
"The AWS infrastructure puts strong safeguards in place to help protect customer privacy. All data is stored in highly secure AWS data centers. AWS enables customers to control their content (where it will be stored, how it will be secured in transit or at rest, For information on how data at rest is protected in AWS, see:



With regards to Billing data is encrypted at rest.
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
A third-party destruction service

Backup and recovery

Backup and recovery
What’s backed up
  • Replaces your existing on-premises or off-site backup solution
  • Backup offers multiple components that you download and deploy
Backup controls
Backup applications need to be purchased by AWS console. No Operational Support System (OSS) tooling is deployed (monitoring, backup, patch management and anti-malware).
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users contact the support team to schedule backups
Backup recovery
Users contact the support team

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • IPsec or TLS VPN gateway
  • Other
Other protection between networks
"You can connect to an AWS access point via HTTP or HTTPS using Secure Sockets Layer (SSL), a cryptographic protocol that is designed to protect against eavesdropping, tampering, and message forgery.
For customers who require additional layers of network security, AWS offers the Amazon Virtual Private Cloud (VPC), which provides a private subnet within the AWS cloud, and the ability to use an IPsec Virtual Private Network (VPN) device to provide an encrypted tunnel between the Amazon VPC and your data center.

For all details see: https://aws.amazon.com/whitepapers/overview-of-security-processes/"
Data protection within supplier network
  • IPsec or TLS VPN gateway
  • Other
Other protection within supplier network
For all details see: https://aws.amazon.com/whitepapers/overview-of-security-processes/"

Availability and resilience

Guaranteed availability
Refer to AWS availability SLAs from here : https://aws.amazon.com/de/legal/service-level-agreements/
Approach to resilience
Highly resilient, fault-tolerant network connections are key to a well-architected system. AWS recommends connecting from multiple data centers for physical location redundancy. When designing remote connections, consider using redundant hardware and telecommunications providers. Additionally, it is a best practice to use dynamically routed, active/active connections for automatic load balancing and failover across redundant network connections. Provision sufficient network capacity to ensure that the failure of one network connection does not overwhelm and degrade redundant connections.
Outage reporting
"As part of the service offering you have access to AWS Health that provides ongoing visibility into the state of your AWS resources, services, and accounts. The service gives you awareness and remediation guidance for resource performance or availability issues that may affect your applications that run on AWS.
The Personal Health Dashboard (PHD), powered by the AWS Health API, is available to all customers. The dashboard requires no setup and is ready to use for authenticated AWS users. You can use the AWS Health API to integrate with in-house and third-party systems.
Further information on AWS Health can be found here: https://docs.aws.amazon.com/health/latest/ug/what-is-aws-health.html"

Identity and authentication

User authentication
  • 2-factor authentication
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
"When an AWS account is first created, an associated single sign-in identity is created which has complete access to all AWS services and resources, which reside within the account. The root user is accessed by signing-in with the email address and password which were used to create the account.
ii. In the scenario where a customer is new to AWS or transferring to Vodafone (excluding BYO model), the root credentials will be either retained or migrated to Vodafone.
For further details please refer service description document
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Limited access network (for example PSN)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
Lloyd's Register Quality Assurance Limited
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
Available upon request.
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Who accredited the PCI DSS certification
QSA Company: NCC Services Ltd.
PCI DSS accreditation date
What the PCI DSS doesn’t cover
Available upon request.
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
For details see https://aws.amazon.com/compliance/iso-27001-faqs/

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
Vodafone policies align to ISO27002:2013

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Available on request
Vulnerability management type
Vulnerability management approach
Cloud provider controls. Refer to https://aws.amazon.com/security/
Protective monitoring type
Protective monitoring approach
Cloud provider controls (Amazon CloudWatch) and Vodafone Fraud module.
Incident management type
Incident management approach
Incident management processes are in line with ITIL best practice, and integrated with event, problem and change management processes.

Please refer Service Description document for more information

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
Who implements virtualisation
Third-party virtualisation provider
Amazon Web Service
How shared infrastructure is kept separate
Refer to AWS Shared responsibility model

Energy efficiency

Energy-efficient datacentres
Description of energy efficient datacentres
Available upon request

Social Value

Fighting climate change

Fighting climate change

We believe that urgent and sustained action is required to address the climate emergency. Business success should not come at a cost to the environment, and we are committed to ensure the greening of all our activities. We also see a key role for our digital networks and technologies in helping to address climate change. Digitalisation is key to saving energy, using natural resources more efficiently and creating a circular economy
Covid-19 recovery

Covid-19 recovery

At Vodafone, we believe that everyone, everywhere should have access to technology. That is why our initiative – everyone.connected – aims to close the digital divide.
The COVID-19 pandemic has caused a global economic crisis, creating a greater need for focus on inclusion and equality. As a technology brand, we are determined to support those who need it most – students, jobseekers, small businesses, remote communities and the elderly. This is because we know that being connected creates endless opportunities; from remote working, to education and staying in touch.
We will keep doing all we can to make sure nobody is left behind – because when people are connected, equal opportunities are created and the future is brighter.
Tackling economic inequality

Tackling economic inequality

As a global telecommunications company, Vodafone is committed to tackling economic inequality by helping to create new businesses, jobs, and skills.   Since forming in 1982, we have purchased products and services globally to innovate and achieve business growth.
Today, Vodafone works with over 11,000 suppliers. We’re strong advocates of the ‘one company, local roots’ concept. By creating opportunities for new businesses and supporting supply chain resilience, we enable our suppliers to recruit and grow. In turn, our partners maintain their own diverse supply chains of smaller, local partners, technology start-ups and market specialists.
We also work with leading public service provider, PeoplePlus, to help create opportunities for individuals from lower income households who may face barriers to employment. They are a national UK wide company and extension of the UK Job Centre who aim to deliver skills and training to ensure people can access the right employment and enhance their career prospects.
Equal opportunity

Equal opportunity

We currently use gender neutral advertising for vacancies posted. We run the advertisements through a gender decoder to make sure the way we advertise uses inclusive language. Ensuring we do not use masculine language means we can try and appeal to more people.
Our recruitment team also actively ensure diverse shortlists are provided to hiring managers as well as having diverse interview panels. This is to ensure the candidate feels as comfortable as possible throughout the process.

Senior leadership gender split: Talent initiatives, SMART targets, reverse mentoring, and inclusive leadership training. Our GMT has a 50:50 gender split.
External collaboration: External partnerships, thought leadership from commissioned research. Participants in BITC’s BAME Cross-Organisational Mentoring Programme and the Black British Business Awards’ Talent Accelerator Programme. Signatories of the Race at Work Charter, Disability Confident Scheme and Hidden Disabilities Sunflower Scheme.


Our Group Health, Safety and Wellbeing Policy expands on the Code of Conduct, setting out our commitment to establish a robust and durable health, safety and wellbeing culture. This policy is accompanied by detailed standards setting out the specific steps that must be taken to manage our greatest risks.
For example:
Family: Industry leading Maternity/Paternity Policies; and a flexible working culture.
Work-life balance: An award-winning ReConnect return to work programme; an award-winning Domestic Abuse Policy, both recognised by the WorkingMums.co.uk Top Employer Awards.
Learning and Development: Inclusion 4 All and Challenge 4 Change training, including senior leaders. Our new mandatory Withstander Programme focused on bystander intervention and active allyship launched globally in November 2020.


£0.01 a virtual machine an hour
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at frameworks_team@vodafone.com. Tell them what format you need. It will help if you say what assistive technology you use.