美国联邦信息处理标准 (FIPS) 140-2

概述

FIPS_sized

美国联邦信息处理标准 (FIPS) 第 140-2 版是美国和加拿大政府标准,其中规定了对保护敏感信息的加密模块的要求。在通过使用命令行界面 (CLI) 或以编程方式通过使用 API 访问 AWS 美国东部/西部、AWS GovCloud(美国)或 AWS 加拿大(中部)时,如果您需要使用经过 FIPS 140-2 验证的加密模块,以下部分提供了 AWS 区域可用的 FIPS 终端节点列表。AWS GovCloud(美国)中的 Amazon Virtual Private Cloud VPN 终端节点使用通过 FIPS 140-2 验证的加密模块操作。AWS 与客户合作,提供在使用 AWS 美国东部/西部、AWS GovCloud(美国)或 AWS 加拿大(中部)区域时管理合规性所需的信息。有关该标准的更多信息,请参阅 NIST 计算机安全资源中心网站上的加密模块验证计划

  • AWS 美国东部/西部可以使用哪些 FIPS 终端节点?

    下表列出了 AWS 美国东部/西部区域中各种 AWS 服务可以使用的各个 FIPS 终端节点。 

    AWS 服务     AWS 美国东部/西部终端节点    
    Amazon API Gateway

    apigateway-fips.us-west-1.amazonaws.com

    apigateway-fips.us-west-2.amazonaws.com

    apigateway-fips.us-east-2.amazonaws.com

    apigateway-fips.us-east-1.amazonaws.com

    Amazon Cloud Directory

    clouddirectory-fips.us-west-1.amazonaws.com

    clouddirectory-fips.us-east-2.amazonaws.com

    clouddirectory-fips.us-east-1.amazonaws.com

    AWS Cloud Formation  

    cloudformation-fips.us-east-1.amazonaws.com

    cloudformation-fips.us-east-2.amazonaws.com

    cloudformation-fips.us-west-1.amazonaws.com

    cloudformation-fips.us-west-2.amazonaws.com

    AWS CloudTrail

    cloudtrail-fips.us-west-1.amazonaws.com

    cloudtrail-fips.us-west-2.amazonaws.com

    cloudtrail-fips.us-east-2.amazonaws.com

    cloudtrail-fips.us-east-1.amazonaws.com

    Amazon CodeCommit

    git-codecommit-fips.us-east-1.amazonaws.com

    codecommit-fips.us-east-1.amazonaws.com

    git-codecommit-fips.us-east-2.amazonaws.com

    codecommit-fips.us-east-2.amazonaws.com

    git-codecommit-fips.us-west-1.amazonaws.com

    codecommit-fips.us-west-1.amazonaws.com

    git-codecommit-fips.us-west-2.amazonaws.com

    codecommit-fips.us-west-2.amazonaws.com

    Amazon Cognito

    cognito-sync-fips.us-west-2.amazonaws.com

    cognito-identity-fips.us-west-2.amazonaws.com

    cognito-idp-fips.us-west-2.amazonaws.com

    <your_user_pool_domain>.auth-fips.us-west-2.amazoncognito.com

    cognito-sync-fips.us-east-2.amazonaws.com

    cognito-identity-fips.us-east-2.amazonaws.com

    cognito-idp-fips.us-east-2.amazonaws.com

    <your_user_pool_domain>.auth-fips.us-east-2.amazoncognito.com

    cognito-sync-fips.us-east-1.amazonaws.com

    cognito-identity-fips.us-east-1.amazonaws.com

    cognito-idp-fips.us-east-1.amazonaws.com

    <your_user_pool_domain>.auth-fips.us-east-1.amazoncognito.com

    AWS Config

    config-fips.us-west-1.amazonaws.com

    config-fips.us-west-2.amazonaws.com

    config-fips.us-east-2.amazonaws.com

    config-fips.us-east-1.amazonaws.com    

    AWS Database Migration Service (DMS)

    dms-fips.us-west-1.amazonaws.com

    dms-fips.us-west-2.amazonaws.com

    dms-fips.us-east-2.amazonaws.com

    dms-fips.us-east-1.amazonaws.com

    AWS Directory Service 

    ds-fips.us-west-1.amazonaws.com

    ds-fips.us-west-2.amazonaws.com

    ds-fips.us-east-2.amazonaws.com

    ds-fips.us-east-1.amazonaws.com

    Amazon DynamoDB

    dynamodb-fips.us-west-1.amazonaws.com

    dynamodb-fips.us-west-2.amazonaws.com

    dynamodb-fips.us-east-2.amazonaws.com

    dynamodb-fips.us-east-1.amazonaws.com

    AWS Elastic Beanstalk

    elasticbeanstalk-fips.us-east-1.amazonaws.com

    elasticbeanstalk-fips.us-east-2.amazonaws.com

    elasticbeanstalk-fips.us-west-1.amazonaws.com

    elasticbeanstalk-fips.us-west-2.amazonaws.com

    Amazon Elastic Block Store (EBS) 直接使用 EC2
    Amazon Elastic Compute Cloud (EC2)

    ec2-fips.us-west-1.amazonaws.com

    ec2-fips.us-west-2.amazonaws.com

    ec2-fips.us-east-2.amazonaws.com

    ec2-fips.us-east-1.amazonaws.com

    Amazon ElastiCache

    elasticache-fips.us-east-1.amazonaws.com

    elasticache-fips.us-east-2.amazonaws.com

    elasticache-fips.us-west-1.amazonaws.com

    elasticache-fips.us-west-2.amazonaws.com

    Elastic Load Balancing

    elasticloadbalancing-fips.us-west-1.amazonaws.com

    elasticloadbalancing-fips.us-west-2.amazonaws.com

    elasticloadbalancing-fips.us-east-2.amazonaws.com

    elasticloadbalancing-fips.us-east-1.amazonaws.com

    Amazon Elasticsearch es-fips.us-west-1.amazonaws.com
    es-fips.us-west-2.amazonaws.com
    es-fips.us-east-1.amazonaws.com
    es-fips.us-east-2.amazonaws.com
    Amazon EMR (Amazon EMR)

    elasticmapreduce-fips.us-west-1.amazonaws.com

    elasticmapreduce-fips.us-west-2.amazonaws.com

    elasticmapreduce-fips.us-east-1.amazonaws.com

    elasticmapreduce-fips.us-east-2.amazonaws.com

    Amazon Glacier

    glacier-fips.us-west-1.amazonaws.com

    glacier-fips.us-west-2.amazonaws.com

    glacier-fips.us-east-2.amazonaws.com

    glacier-fips.us-east-1.amazonaws.com

    AWS Identity and Access Management (IAM) iam-fips.amazonaws.com(仅限 IAD 区域)    
    Amazon Inspector

    inspector-fips.us-west-1.amazonaws.com

    inspector-fips.us-west-2.amazonaws.com

    inspector-fips.us-east-1.amazonaws.com

    Amazon Kinesis Streams

    kinesis-fips.us-west-1.amazonaws.com

    kinesis-fips.us-west-2.amazonaws.com

    kinesis-fips.us-east-2.amazonaws.com

    kinesis-fips.us-east-1.amazonaws.com

    AWS Key Management Service (KMS)

    kms-fips.us-west-1.amazonaws.com

    kms-fips.us-west-2.amazonaws.com

    kms-fips.us-east-2.amazonaws.com

    kms-fips.us-east-1.amazonaws.com

    AWS Lambda

    lambda-fips.us-west-1.amazonaws.com

    lambda-fips.us-west-2.amazonaws.com

    lambda-fips.us-east-2.amazonaws.com

    lambda-fips.us-east-1.amazonaws.com

    Amazon Quicksight

    fips-us-west-2.quicksight.aws.amazon.com

    fips-us-east-2.quicksight.aws.amazon.com

    fips-us-east-1.quicksight.aws.amazon.com

    Amazon Relational Database Service (RDS)/Amazon Aurora

    rds-fips.us-west-1.amazonaws.com

    rds-fips.us-west-2.amazonaws.com

    rds-fips.us-east-2.amazonaws.com

    rds-fips.us-east-1.amazonaws.com

    Amazon Redshift

    redshift-fips.us-west-1.amazonaws.com

    redshift-fips.us-west-2.amazonaws.com

    redshift-fips.us-east-2.amazonaws.com

    redshift-fips.us-east-1.amazonaws.com

    Amazon Route 53

    api-fips.route53-eu-west-1.com

    route53-fips.amazonaws.com

    Amazon SageMaker

    api-fips.sagemaker.us-east-1.amazonaws.com

    api-fips.sagemaker.us-east-2.amazonaws.com

    api-fips.sagemaker.us-west-2.amazonaws.com

    runtime-fips.sagemaker.us-east-1.amazonaws.com

    runtime-fips.sagemaker.us-east-2.amazonaws.com

    runtime-fips.sagemaker.us-west-2.amazonaws.com

    Amazon Simple Storage Service (S3)

    注意:这些终端节点只能用于虚拟托管类型的寻址。 例如:https://bucket.s3-fips.us-east-2.amazonaws.com。 有关更多信息,请访问 Amazon S3 文档页面

    s3-fips.us-east-2.amazonaws.com

    s3-fips.dualstack.us-west-1.amazonaws.com

    s3-fips.dualstack.us-west-2.amazonaws.com

    s3-fips.dualstack.us-east-2.amazonaws.com

    s3-fips.dualstack.us-east-1.amazonaws.com

    s3-fips.us-west-1.amazonaws.com

    s3-fips.us-west-2.amazonaws.com

    s3-fips.us-east-1.amazonaws.com

    AWS Shield

    shield-fips.us-east-1.amazonaws.com

    AWS Snowball

    不需要 FIPS

    Amazon Simple Notification Service (SNS)

    sns-fips.us-west-1.amazonaws.com

    sns-fips.us-west-2.amazonaws.com

    sns-fips.us-east-2.amazonaws.com

    sns-fips.us-east-1.amazonaws.com

    Amazon Simple Queue Service (SQS)

    sqs-fips.us-west-1.amazonaws.com

    AWS Security Token Service (STS)

    sts-fips.us-west-1.amazonaws.com

    sts-fips.us-west-2.amazonaws.com

    sts-fips.us-east-2.amazonaws.com

    sts-fips.us-east-1.amazonaws.com

    Amazon Simple Workflow Service (SWF)

    swf-fips.us-west-1.amazonaws.com

    swf-fips.us-west-2.amazonaws.com

    swf-fips.us-east-2.amazonaws.com

    swf-fips.us-east-1.amazonaws.com

    AWS Systems Manager

    ssm-fips.us-west-1.amazonaws.com

    ssm-fips.us-west-2.amazonaws.com

    ssm-fips.us-east-2.amazonaws.com

    ssm-fips.us-east-1.amazonaws.com

    Amazon Virtual Private Cloud (VPC)

    直接使用 EC2

    AWS WAF

    waf-regional-fips.us-west-1.amazonaws.com

    waf-regional-fips.us-west-2.amazonaws.com

    waf-regional-fips.us-east-1.amazonaws.com

    waf-fips.amazonaws.com

    waf-regional-fips.eu-west-1.amazonaws.com

    waf-regional-fips.ap-northeast-1.amazonaws.com

    Amazon WorkDocs

    workdocs-fips.us-west-2.amazonaws.com

    workdocs-fips.us-east-1.amazonaws.com

    有关所有 AWS 终端节点的列表,请参阅 AWS 一般参考 中的区域和终端节点

  • AWS GovCloud(美国)可以使用哪些 FIPS 终端节点?

    有关适用于 AWS GovCloud(美国)的 FIPS 终端节点列表,请参阅 AWS GovCloud(美国)用户指南

  • AWS 加拿大(中部)可以使用哪些 FIPS 终端节点?

    AWS 服务     AWS 加拿大(中部)终端节点    
    Amazon CodeCommit

    git-codecommit-fips.ca-central-1.amazonaws.com

    codecommit-fips.ca-central-1.amazonaws.com

    AWS Directory Service 

    ds-fips.ca-central-1.amazonaws.com

    Amazon DynamoDB dynamodb-fips.ca-central-1.amazonaws.com
    Amazon Elastic Compute Cloud (EC2)

    ec2-fips.ca-central-1.amazonaws.com

    Amazon EMR (Amazon EMR)

    elasticmapreduce-fips.ca-central-1.amazonaws.com

    Amazon Glacier

    glacier-fips.ca-central-1.amazonaws.com

    Amazon Relational Database Service (RDS)/Amazon Aurora

    rds-fips.ca-central-1.amazonaws.com

    Amazon Redshift

    redshift-fips.ca-central-1.amazonaws.com

    AWS Security Token Service (STS)

    sts.ca-central-1.amazonaws.com

compliance-contactus-icon
有问题? 联系 AWS 业务代表
想要提供合规性服务?
立即申请 »
想要了解 AWS 合规性动态?
在 Twitter 上关注我们 »