Federal Information Processing Standard (FIPS) 140-2
Overview
The Federal Information Processing Standard (FIPS) Publication 140-2 is a US and Canadian government standard that specifies the security requirements for cryptographic modules that protect sensitive information. If you require use of FIPS 140-2 validated cryptographic modules when accessing AWS US East/West, AWS GovCloud (US), or AWS Canada (Central) through use of the command line interface (CLI) or programmatically by using the APIs, the following sections provide the list of available FIPS endpoints by AWS Region. The Amazon Virtual Private Cloud VPN endpoints in AWS GovCloud (US) operate using FIPS 140-2 validated cryptographic modules. AWS works with customers to provide the information they need to manage compliance when using the AWS US East/West, AWS GovCloud (US), or AWS Canada (Central) Regions. For more information about the standard, see Cryptographic Module Validation Program on the NIST Computer Security Resource Center website.
FIPS Endpoints by Service
| AWS Service | AWS US East/West | AWS GovCloud (US) | AWS Canada (Central) |
| Amazon API Gateway* | apigateway-fips.us-east-1.amazonaws.com apigateway-fips.us-east-2.amazonaws.com apigateway-fips.us-west-1.amazonaws.com apigateway-fips.us-west-2.amazonaws.com |
apigateway-fips.us-gov-east-1.amazonaws.com apigateway-fips.us-gov-west-1.amazonaws.com * Amazon API Gateway edge-optimized API and edge-optimized custom domain name are not supported. |
apigateway-fips.ca-central-1.amazonaws.com |
| Amazon AppStream 2.0 | appstream2-fips.us-east-1.amazonaws.com appstream2-fips.us-west-2.amazonaws.com |
appstream2-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Athena | athena-fips.us-gov-east-1.amazonaws.com athena-fips.us-gov-west-1.amazonaws.com |
||
| Amazon Cloud Directory | clouddirectory-fips.us-east-1.amazonaws.com clouddirectory-fips.us-east-2.amazonaws.com clouddirectory-fips.us-west-2.amazonaws.com |
clouddirectory.us-gov-west-1.amazonaws.com | |
| Amazon CloudFront |
cloudfront-fips.amazonaws.com | ||
| Amazon CloudWatch | monitoring.us-gov-east-1.amazonaws.com monitoring.us-gov-west-1.amazonaws.com |
||
| Amazon CloudWatch Events | events-fips.us-east-1.amazonaws.com events-fips.us-east-2.amazonaws.com events-fips.us-west-1.amazonaws.com events-fips.us-west-2.amazonaws.com |
events.us-gov-east-1.amazonaws.com events.us-gov-west-1.amazonaws.com |
|
| Amazon CloudWatch Logs | logs-fips.us-east-1.amazonaws.com logs-fips.us-east-2.amazonaws.com logs-fips.us-west-1.amazonaws.com logs-fips.us-west-2.amazonaws.com |
logs.us-gov-east-1.amazonaws.com logs.us-gov-west-1.amazonaws.com |
|
| Amazon Cognito | <your_user_pool_domain>.auth-fips.us-east-1.amazoncognito.com <your_user_pool_domain>.auth-fips.us-east-2.amazoncognito.com <your_user_pool_domain>.auth-fips.us-west-2.amazoncognito.com cognito-identity-fips.us-east-1.amazonaws.com cognito-identity-fips.us-east-2.amazonaws.com cognito-identity-fips.us-west-2.amazonaws.com cognito-idp-fips.us-east-1.amazonaws.com cognito-idp-fips.us-east-2.amazonaws.com cognito-idp-fips.us-west-2.amazonaws.com cognito-sync-fips.us-east-1.amazonaws.com cognito-sync-fips.us-east-2.amazonaws.com cognito-sync-fips.us-west-2.amazonaws.com |
cognito-idp-fips.us-gov-west-1.amazonaws.com | |
| Amazon Comprehend | comprehend-fips.us-east-1.amazonaws.com comprehend-fips.us-east-2.amazonaws.com comprehend-fips.us-west-2.amazonaws.com |
comprehend-fips.us-gov-west-1.amazonaws.com | |
| Amazon Comprehend Medical |
comprehendmedical-fips.us-gov-west-1.amazonaws.com | ||
| Amazon Connect | connect-fips.us-east-1.amazonaws.com connect-fips.us-west-2.amazonaws.com |
||
| Amazon DocumentDB (with MongoDB compatibility) | rds.us-gov-west-1.amazonaws.com | ||
| Amazon DynamoDB | dynamodb-fips.us-east-1.amazonaws.com dynamodb-fips.us-east-2.amazonaws.com dynamodb-fips.us-west-1.amazonaws.com dynamodb-fips.us-west-2.amazonaws.com |
dynamodb.us-gov-east-1.amazonaws.com dynamodb.us-gov-west-1.amazonaws.com |
dynamodb-fips.ca-central-1.amazonaws.com |
| Amazon DynamoDB Streams |
streams.dynamodb.us-gov-east-1.amazonaws.com streams.dynamodb.us-gov-west-1.amazonaws.com |
||
| Amazon EC2 Auto Scaling | autoscaling.us-gov-east-1.amazonaws.com autoscaling.us-gov-west-1.amazonaws.com |
||
| Amazon EC2 Image Builder | imagebuilder.us-gov-west-1.amazonaws.com | ||
| Amazon Elastic Block Store (EBS) | Using Amazon EC2 Directly |
ebs-fips.ca-central-1.amazonaws.com | |
| Amazon Elastic Block Store (EBS) direct APIs | ebs-fips.us-east-1.amazonaws.com ebs-fips.us-east-2.amazonaws.com ebs-fips.us-west-1.amazonaws.com ebs-fips.us-west-2.amazonaws.com |
ec2.us-gov-east-1.amazonaws.com ec2.us-gov-west-1.amazonaws.com |
|
| Amazon Elastic Compute Cloud (EC2) | ec2-fips.us-east-1.amazonaws.com ec2-fips.us-east-2.amazonaws.com ec2-fips.us-west-1.amazonaws.com ec2-fips.us-west-2.amazonaws.com ec2messages-fips.us-east-1.amazonaws.com ec2messages-fips.us-east-2.amazonaws.com ec2messages-fips.us-west-1.amazonaws.com ec2messages-fips.us-west-2.amazonaws.com |
ec2.us-gov-east-1.amazonaws.com ec2.us-gov-west-1.amazonaws.com |
ec2-fips.ca-central-1.amazonaws.com |
| Amazon Elastic Container Registry | *.dkr.ecr-fips.us-east-1.amazonaws.com *.dkr.ecr-fips.us-east-2.amazonaws.com *.dkr.ecr-fips.us-west-1.amazonaws.com *.dkr.ecr-fips.us-west-2.amazonaws.com ecr-fips.us-east-1.amazonaws.com ecr-fips.us-east-2.amazonaws.com ecr-fips.us-west-1.amazonaws.com ecr-fips.us-west-2.amazonaws.com |
ecr-fips.us-gov-east-1.amazonaws.com ecr-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Elastic Container Service | ecs-fips.us-east-1.amazonaws.com ecs-fips.us-east-2.amazonaws.com ecs-fips.us-west-1.amazonaws.com ecs-fips.us-west-2.amazonaws.com |
ecs-fips.us-gov-east-1.amazonaws.com ecs-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Elastic File System | elasticfilesystem-fips.us-east-1.amazonaws.com elasticfilesystem-fips.us-east-2.amazonaws.com elasticfilesystem-fips.us-west-1.amazonaws.com elasticfilesystem-fips.us-west-2.amazonaws.com |
elasticfilesystem-fips.us-gov-east-1.amazonaws.com elasticfilesystem-fips.us-gov-west-1.amazonaws.com |
elasticfilesystem-fips.ca-central-1.amazonaws.com |
| Amazon Elastic Kubernetes Service (EKS) | fips.eks.us-east-1.amazonaws.com fips.eks.us-east-2.amazonaws.com fips.eks.us-west-1.amazonaws.com fips.eks.us-west-2.amazonaws.com |
eks.us-gov-east-1.amazonaws.com eks.us-gov-west-1.amazonaws.com |
|
| Amazon ElastiCache | elasticache-fips.us-east-1.amazonaws.com elasticache-fips.us-east-2.amazonaws.com elasticache-fips.us-west-1.amazonaws.com elasticache-fips.us-west-2.amazonaws.com |
elasticache.us-gov-east-1.amazonaws.com elasticache.us-gov-west-1.amazonaws.com |
|
| Amazon Elasticsearch Service |
es-fips.us-east-1.amazonaws.com es-fips.us-east-2.amazonaws.com es-fips.us-west-1.amazonaws.com es-fips.us-west-2.amazonaws.com |
es-fips.us-gov-east-1.amazonaws.com es-fips.us-gov-west-1.amazonaws.com |
|
| Amazon EMR | elasticmapreduce-fips.us-east-1.amazonaws.com elasticmapreduce-fips.us-east-2.amazonaws.com elasticmapreduce-fips.us-west-1.amazonaws.com elasticmapreduce-fips.us-west-2.amazonaws.com |
elasticmapreduce.us-gov-east-1.amazonaws.com elasticmapreduce.us-gov-west-1.amazonaws.com |
elasticmapreduce-fips.ca-central-1.amazonaws.com |
| Amazon EventBridge | events.us-gov-east-1.amazonaws.com events.us-gov-west-1.amazonaws.com |
||
| Amazon FSx | fsx-fips.us-east-1.amazonaws.com fsx-fips.us-east-2.amazonaws.com fsx-fips.us-west-1.amazonaws.com fsx-fips.us-west-2.amazonaws.com |
fsx-fips.us-gov-east-1.amazonaws.com fsx-fips.us-gov-west-1.amazonaws.com |
fsx-fips.ca-central-1.amazonaws.com |
| Amazon GuardDuty | guardduty-fips.us-east-1.amazonaws.com guardduty-fips.us-east-2.amazonaws.com guardduty-fips.us-west-1.amazonaws.com guardduty-fips.us-west-2.amazonaws.com |
guardduty.us-gov-east-1.amazonaws.com guardduty.us-gov-west-1.amazonaws.com |
|
| Amazon Inspector | inspector-fips.us-east-1.amazonaws.com inspector-fips.us-east-2.amazonaws.com inspector-fips.us-west-1.amazonaws.com inspector-fips.us-west-2.amazonaws.com |
inspector-fips.us-gov-east-1.amazonaws.com inspector-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Kinesis Data Analytics | kinesisanalytics-fips.us-east-1.amazonaws.com kinesisanalytics-fips.us-east-2.amazonaws.com kinesisanalytics-fips.us-west-2.amazonaws.com |
||
| Amazon Kinesis Data Firehose | firehose-fips.us-east-1.amazonaws.com firehose-fips.us-east-2.amazonaws.com firehose-fips.us-west-1.amazonaws.com firehose-fips.us-west-2.amazonaws.com |
firehose-fips.us-gov-east-1.amazonaws.com firehose-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Kinesis Data Streams | kinesis-fips.us-east-1.amazonaws.com kinesis-fips.us-east-2.amazonaws.com kinesis-fips.us-west-1.amazonaws.com kinesis-fips.us-west-2.amazonaws.com |
kinesis.us-gov-east-1.amazonaws.com kinesis.us-gov-west-1.amazonaws.com |
|
| Amazon Macie | macie-fips.us-east-1.amazonaws.com macie-fips.us-west-2.amazonaws.com macie2-fips.us-east-1.amazonaws.com macie2-fips.us-east-2.amazonaws.com macie2-fips.us-west-1.amazonaws.com macie2-fips.us-west-2.amazonaws.com |
||
| Amazon MQ | mq-fips.us-east-1.amazonaws.com mq-fips.us-east-2.amazonaws.com mq-fips.us-west-1.amazonaws.com mq-fips.us-west-2.amazonaws.com |
||
| Amazon Neptune | rds.us-gov-east-1.amazonaws.com rds.us-gov-west-1.amazonaws.com |
||
| Amazon Pinpoint | pinpoint-fips.us-east-1.amazonaws.com pinpoint-fips.us-west-2.amazonaws.com |
pinpoint-fips.us-gov-west-1.amazonaws.com | |
| Amazon Polly | polly-fips.us-east-1.amazonaws.com polly-fips.us-east-2.amazonaws.com polly-fips.us-west-1.amazonaws.com polly-fips.us-west-2.amazonaws.com |
polly-fips.us-gov-west-1.amazonaws.com | |
Amazon QuickSight |
fips-us-east-1.quicksight.aws.amazon.com fips-us-east-2.quicksight.aws.amazon.com fips-us-west-2.quicksight.aws.amazon.com |
||
Amazon Redshift |
redshift-fips.us-east-1.amazonaws.com redshift-fips.us-east-2.amazonaws.com redshift-fips.us-west-1.amazonaws.com redshift-fips.us-west-2.amazonaws.com |
redshift.us-gov-east-1.amazonaws.com redshift.us-gov-west-1.amazonaws.com |
redshift-fips.ca-central-1.amazonaws.com |
| Amazon Rekognition | rekognition-fips.us-east-1.amazonaws.com rekognition-fips.us-east-2.amazonaws.com rekognition-fips.us-west-1.amazonaws.com rekognition-fips.us-west-2.amazonaws.com |
rekognition-fips.us-gov-west-1.amazonaws.com | |
| Amazon Relational Database Service (RDS) / Amazon Aurora | rds-fips.us-east-1.amazonaws.com rds-fips.us-east-2.amazonaws.com rds-fips.us-west-1.amazonaws.com rds-fips.us-west-2.amazonaws.com |
rds.us-gov-east-1.amazonaws.com rds.us-gov-west-1.amazonaws.com |
rds-fips.ca-central-1.amazonaws.com |
Amazon Route 53* |
route53-fips.amazonaws.com | route53.us-gov.amazonaws.com * Amazon Route 53 hosted Zone ID for the regional endpoint in the AWS GovCloud (US) region is Z1K6XKP9SAGWDV. |
|
| Amazon S3 Glacier | glacier-fips.us-east-1.amazonaws.com glacier-fips.us-east-2.amazonaws.com glacier-fips.us-west-1.amazonaws.com glacier-fips.us-west-2.amazonaws.com |
glacier.us-gov-east-1.amazonaws.com glacier.us-gov-west-1.amazonaws.com |
glacier-fips.ca-central-1.amazonaws.com |
| Amazon SageMaker | api-fips.sagemaker.us-west-1.amazonaws.com api-fips.sagemaker.us-east-1.amazonaws.com api-fips.sagemaker.us-east-2.amazonaws.com api-fips.sagemaker.us-west-2.amazonaws.com runtime-fips.sagemaker.us-east-1.amazonaws.com runtime-fips.sagemaker.us-east-2.amazonaws.com runtime-fips.sagemaker.us-west-2.amazonaws.com runtime-fips.sagemaker.us-west-1.amazonaws.com |
api.sagemaker.us-gov-west-1.amazonaws.com | |
| Amazon Simple Email Service (API HTTPS) | email-fips.us-east-1.amazonaws.com email-fips.us-west-2.amazonaws.com |
email-fips.us-gov-west-1.amazonaws.com | |
| Amazon Simple Email Service (SMTP) | email-smtp-fips.us-east-1.amazonaws.com email-smtp-fips.us-west-2.amazonaws.com |
email-smtp-fips.us-gov-west-1.amazonaws.com | |
| Amazon Simple Notification Service (SNS) | sns-fips.us-west-1.amazonaws.com sns-fips.us-west-2.amazonaws.com sns-fips.us-east-2.amazonaws.com sns-fips.us-east-1.amazonaws.com |
sns.us-gov-east-1.amazonaws.com sns.us-gov-west-1.amazonaws.com |
|
| Amazon Simple Queue Service (SQS) | sqs-fips.us-east-2.amazonaws.com sqs-fips.us-west-2.amazonaws.com sqs-fips.us-east-1.amazonaws.com sqs-fips.us-west-1.amazonaws.com |
sqs.us-gov-east-1.amazonaws.com sqs.us-gov-west-1.amazonaws.com |
|
Amazon Simple Storage Service (S3) Note: These Endpoints can only be used with Virtual Hosted-Style addressing. For example: https://bucket.s3-fips.us-east-2.amazonaws.com. Visit the Amazon S3 Documentation page for more information. |
s3-fips.dualstack.us-east-1.amazonaws.com s3-fips.dualstack.us-east-2.amazonaws.com s3-fips.dualstack.us-west-1.amazonaws.com s3-fips.dualstack.us-west-2.amazonaws.com s3-fips.us-east-1.amazonaws.com s3-fips.us-east-2.amazonaws.com s3-fips.us-west-1.amazonaws.com s3-fips.us-west-2.amazonaws.com |
s3-fips.us-gov-east-1.amazonaws.com s3-fips.us-gov-west-1.amazonaws.com |
s3-fips.ca-central-1.amazonaws.com |
Amazon Simple Workflow Service (SWF) |
swf-fips.us-east-1.amazonaws.com swf-fips.us-east-2.amazonaws.com swf-fips.us-west-1.amazonaws.com swf-fips.us-west-2.amazonaws.com |
swf.us-gov-east-1.amazonaws.com swf.us-gov-west-1.amazonaws.com |
|
| Amazon Textract | textract-fips.us-east-1.amazonaws.com textract-fips.us-east-2.amazonaws.com textract-fips.us-west-1.amazonaws.com textract-fips.us-west-2.amazonaws.com
|
textract-fips.us-gov-east-1.amazonaws.com textract-fips.us-gov-west-1.amazonaws.com |
textract-fips.ca-central-1.amazonaws.com
|
| Amazon Transcribe | fips.transcribe.us-west-1.amazonaws.com | fips.transcribe.us-gov-east-1.amazonaws.com fips.transcribe.us-gov-west-1.amazonaws.com |
|
| Amazon Translate | translate-fips.us-west-2.amazonaws.com translate-fips.us-east-2.amazonaws.com translate-fips.us-east-1.amazonaws.com |
translate-fips.us-gov-west-1.amazonaws.com | |
Amazon Virtual Private Cloud (VPC) |
Uses Amazon EC2 Directly | ec2.us-gov-east-1.amazonaws.com ec2.us-gov-west-1.amazonaws.com |
|
| Amazon VPC Console | us-gov-west-1.console.amazonaws-us-gov.com/vpc/home?region=us-gov-west-1 us-gov-east-1.console.amazonaws-us-gov.com/vpc/home?region=us-gov-east-1 |
||
Amazon WorkDocs |
workdocs-fips.us-east-1.amazonaws.com workdocs-fips.us-west-2.amazonaws.com |
||
| Amazon WorkSpaces | workspaces-fips.us-east-1.amazonaws.com workspaces-fips.us-west-2.amazonaws.com |
workspaces-fips.us-gov-west-1.amazonaws.com | |
| AWS Application Auto Scaling | autoscaling-plans.us-gov-east-1.amazonaws.com autoscaling-plans.us-gov-west-1.amazonaws.com |
||
| AWS Auto Scaling | autoscaling-plans.us-gov-east-1.amazonaws.com autoscaling-plans.us-gov-west-1.amazonaws.com |
||
| AWS Backup | backup-fips.us-east-1.amazonaws.com backup-fips.us-east-2.amazonaws.com backup-fips.us-west-1.amazonaws.com backup-fips.us-west-2.amazonaws.com |
backup-fips.us-gov-east-1.amazonaws.com backup-fips.us-gov-west-1.amazonaws.com |
|
| AWS Batch | fips.batch.us-east-1.amazonaws.com fips.batch.us-east-2.amazonaws.com fips.batch.us-west-1.amazonaws.com fips.batch.us-west-2.amazonaws.com |
batch.us-gov-east-1.amazonaws.com batch.us-gov-west-1.amazonaws.com |
|
| AWS Certificate Manager | acm-fips.us-east-1.amazonaws.com acm-fips.us-east-2.amazonaws.com acm-fips.us-west-2.amazonaws.com acm-fips.us-west-1.amazonaws.com |
acm.us-gov-east-1.amazonaws.com acm.us-gov-west-1.amazonaws.com |
acm-fips.ca-central-1.amazonaws.com |
| AWS Certificate Manager Private Certificate Authority | acm-pca-fips.us-east-1.amazonaws.com acm-pca-fips.us-west-1.amazonaws.com acm-pca-fips.us-east-2.amazonaws.com acm-pca-fips.us-west-2.amazonaws.com |
acm-pca.us-gov-east-1.amazonaws.com acm-pca.us-gov-west-1.amazonaws.com |
acm-pca-fips.ca-central-1.amazonaws.com |
| AWS Cloud Map | servicediscovery-fips.us-east-1.amazonaws.com servicediscovery-fips.us-east-2.amazonaws.com servicediscovery-fips.us-west-1.amazonaws.com servicediscovery-fips.us-west-2.amazonaws.com |
servicediscovery-fips.ca-central-1.amazonaws.com | |
| AWS CloudFormation | cloudformation-fips.us-east-1.amazonaws.com cloudformation-fips.us-east-2.amazonaws.com cloudformation-fips.us-west-1.amazonaws.com cloudformation-fips.us-west-2.amazonaws.com |
cloudformation.us-gov-east-1.amazonaws.com cloudformation.us-gov-west-1.amazonaws.com |
|
| AWS CloudTrail | cloudtrail-fips.us-east-1.amazonaws.com cloudtrail-fips.us-east-2.amazonaws.com cloudtrail-fips.us-west-1.amazonaws.com cloudtrail-fips.us-west-2.amazonaws.com |
cloudtrail.us-gov-east-1.amazonaws.com cloudtrail.us-gov-west-1.amazonaws.com |
|
| AWS CodeBuild | codebuild-fips.us-west-1.amazonaws.com codebuild-fips.us-east-1.amazonaws.com codebuild-fips.us-west-2.amazonaws.com codebuild-fips.us-east-2.amazonaws.com |
codebuild-fips.us-gov-east-1.amazonaws.com codebuild-fips.us-gov-west-1.amazonaws.com |
|
| AWS CodeCommit | codecommit-fips.us-east-1.amazonaws.com codecommit-fips.us-east-2.amazonaws.com codecommit-fips.us-west-1.amazonaws.com codecommit-fips.us-west-2.amazonaws.com git-codecommit-fips.us-east-1.amazonaws.com git-codecommit-fips.us-east-2.amazonaws.com git-codecommit-fips.us-west-1.amazonaws.com git-codecommit-fips.us-west-2.amazonaws.com |
codecommit-fips.us-gov-west-1.amazonaws.com git-codecommit-fips.us-gov-west-1.amazonaws.com |
codecommit-fips.ca-central-1.amazonaws.com git-codecommit-fips.ca-central-1.amazonaws.com |
| AWS CodeDeploy | codedeploy-fips.us-east-1.amazonaws.com codedeploy-fips.us-west-1.amazonaws.com codedeploy-fips.us-west-2.amazonaws.com codedeploy-fips.us-east-2.amazonaws.com codedeploy-commands-fips.us-east-1.amazonaws.com codedeploy-commands-fips.us-east-2.amazonaws.com codedeploy-commands-fips.us-west-1.amazonaws.com codedeploy-commands-fips.us-west-2.amazonaws.com |
codedeploy-fips.us-gov-east-1.amazonaws.com codedeploy-fips.us-gov-west-1.amazonaws.com |
|
| AWS CodePipeline | codepipeline-fips.us-east-1.amazonaws.com codepipeline-fips.us-east-2.amazonaws.com codepipeline-fips.us-west-1.amazonaws.com codepipeline-fips.us-west-2.amazonaws.com |
codepipeline-fips.us-gov-west-1.amazonaws.com | codepipeline-fips.ca-central-1.amazonaws.com |
| AWS Config | config-fips.us-east-1.amazonaws.com config-fips.us-east-2.amazonaws.com config-fips.us-west-1.amazonaws.com config-fips.us-west-2.amazonaws.com |
config.us-gov-east-1.amazonaws.com config.us-gov-west-1.amazonaws.com |
|
| AWS Config Rules | config.us-gov-east-1.amazonaws.com config.us-gov-west-1.amazonaws.com |
||
| AWS Database Migration Service (DMS) | dms-fips.us-east-1.amazonaws.com dms-fips.us-east-2.amazonaws.com dms-fips.us-west-1.amazonaws.com dms-fips.us-west-2.amazonaws.com |
dms.us-gov-east-1.amazonaws.com dms.us-gov-west-1.amazonaws.com |
|
| AWS DataSync | datasync-fips.us-east-1.amazonaws.com datasync-fips.us-west-1.amazonaws.com datasync-fips.us-east-2.amazonaws.com datasync-fips.us-west-2.amazonaws.com |
datasync-fips.us-gov-east-1.amazonaws.com datasync-fips.us-gov-west-1.amazonaws.com |
datasync-fips.ca-central-1.amazonaws.com |
| AWS Direct Connect | directconnect-fips.us-east-1.amazonaws.com directconnect-fips.us-east-2.amazonaws.com directconnect-fips.us-west-1.amazonaws.com directconnect-fips.us-west-2.amazonaws.com |
||
| AWS Directory Service | ds-fips.us-east-1.amazonaws.com ds-fips.us-east-2.amazonaws.com ds-fips.us-west-1.amazonaws.com ds-fips.us-west-2.amazonaws.com |
ds-fips.us-gov-east-1.amazonaws.com ds-fips.us-gov-west-1.amazonaws.com |
ds-fips.ca-central-1.amazonaws.com |
| AWS Elastic Beanstalk | elasticbeanstalk-fips.us-east-1.amazonaws.com elasticbeanstalk-fips.us-east-2.amazonaws.com elasticbeanstalk-fips.us-west-1.amazonaws.com elasticbeanstalk-fips.us-west-2.amazonaws.com |
elasticbeanstalk.us-gov-east-1.amazonaws.com elasticbeanstalk.us-gov-west-1.amazonaws.com |
|
| AWS Elemental MediaConvert | mediaconvert.us-gov-west-1.amazonaws.com | ||
| AWS Elemental MediaLive | medialive-fips.us-east-1.amazonaws.com medialive-fips.us-east-2.amazonaws.com medialive-fips.us-west-2.amazonaws.com |
||
| AWS Firewall Manager | fms-fips.us-west-1.amazonaws.com fms-fips.us-east-1.amazonaws.com fms-fips.us-west-2.amazonaws.com fms-fips.us-east-2.amazonaws.com |
fms-fips.ca-central-1.amazonaws.com | |
| AWS Glue | glue-fips.us-east-1.amazonaws.com glue-fips.us-east-2.amazonaws.com glue-fips.us-west-1.amazonaws.com glue-fips.us-west-2.amazonaws.com |
glue-fips.us-gov-east-1.amazonaws.com glue-fips.us-gov-west-1.amazonaws.com |
|
| AWS Ground Station | groundstation-fips.us-east-2.amazonaws.com groundstation-fips.us-west-2.amazonaws.com |
||
| AWS Health* |
health-fips.us-gov-west-1.amazonaws.com * AWS Health is a non-fips endpoint. We were cleared to not use fips because we do not share customer data (Health events are considered AWS data). FIPS endpoints have mandated encryptions applied to them. |
||
| AWS IAM Access Analyzer | access-analyzer-fips.us-east-1.amazonaws.com access-analyzer-fips.us-east-2.amazonaws.com access-analyzer-fips.us-west-1.amazonaws.com access-analyzer-fips.us-west-2.amazonaws.com |
access-analyzer.us-gov-west-1.amazonaws.com access-analyzer.us-gov-east-1.amazonaws.com |
access-analyzer-fips.ca-central-1.amazonaws.com |
| AWS Identity and Access Management (IAM) | iam-fips.amazonaws.com (IAD Region Only) | iam.us-gov.amazonaws.com |
|
| AWS IoT Greengrass | Control plane operations: greengrass-fips.us-gov-east-1.amazonaws.com greengrass.us-gov-west-1.amazonaws.com |
||
| AWS Key Management Service (KMS) | kms-fips.us-east-1.amazonaws.com kms-fips.us-east-2.amazonaws.com kms-fips.us-west-1.amazonaws.com kms-fips.us-west-2.amazonaws.com |
kms-fips.us-gov-east-1.amazonaws.com kms-fips.us-gov-west-1.amazonaws.com |
|
| AWS Lake Formation | lakeformation-fips.us-gov-west-1.amazonaws.com | ||
AWS Lambda |
lambda-fips.us-east-1.amazonaws.com lambda-fips.us-east-2.amazonaws.com lambda-fips.us-west-1.amazonaws.com lambda-fips.us-west-2.amazonaws.com |
lambda-fips.us-gov-east-1.amazonaws.com lambda-fips.us-gov-west-1.amazonaws.com |
|
| AWS License Manager | license-manager-fips.us-east-1.amazonaws.com license-manager-fips.us-east-2.amazonaws.com license-manager-fips.us-west-1.amazonaws.com license-manager-fips.us-west-2.amazonaws.com |
license-manager-fips.us-gov-east-1.amazonaws.com license-manager-fips.us-gov-west-1.amazonaws.com |
|
AWS OpsWorks for Chef Automate AWS OpsWorks for Puppet Enterprise |
opsworks-cm-fips.us-east-1.amazonaws.com opsworks-cm-fips.us-east-2.amazonaws.com opsworks-cm-fips.us-west-1.amazonaws.com opsworks-cm-fips.us-west-2.amazonaws.com |
||
| AWS Organizations | organizations-fips.us-east-1.amazonaws.com | organizations.us-gov-west-1.amazonaws.com | |
| AWS Outposts | outposts-fips.us-east-1.amazonaws.com outposts-fips.us-west-1.amazonaws.com |
outposts.us-gov-east-1.amazonaws.com outposts.us-gov-west-1.amazonaws.com |
|
| AWS Resource Groups | resource-groups-fips.us-east-1.amazonaws.com resource-groups-fips.us-east-2.amazonaws.com resource-groups-fips.us-west-2.amazonaws.com resource-groups-fips.us-west-1.amazonaws.com |
||
| AWS Secrets Manager | secretsmanager-fips.us-east-2.amazonaws.com secretsmanager-fips.us-west-1.amazonaws.com secretsmanager-fips.us-east-1.amazonaws.com secretsmanager-fips.us-west-2.amazonaws.com |
secretsmanager-fips.us-gov-east-1.amazonaws.com secretsmanager-fips.us-gov-west-1.amazonaws.com |
|
| AWS Security Hub | securityhub-fips.us-gov-east-1.amazonaws.com securityhub-fips.us-gov-west-1.amazonaws.com |
||
| AWS Security Token Service (STS) | sts-fips.us-east-1.amazonaws.com sts-fips.us-east-2.amazonaws.com sts-fips.us-west-1.amazonaws.com sts-fips.us-west-2.amazonaws.com |
sts.us-gov-east-1.amazonaws.com sts.us-gov-west-1.amazonaws.com |
|
| AWS Server Migration Service (SMS) | sms-fips.us-west-2.amazonaws.com sms-fips.us-east-1.amazonaws.com sms-fips.us-east-2.amazonaws.com sms-fips.us-west-1.amazonaws.com |
sms-fips.us-gov-east-1.amazonaws.com sms-fips.us-gov-west-1.amazonaws.com |
|
| AWS Serverless Application Repository | serverlessrepo.us-gov-east-1.amazonaws.com serverlessrepo.us-gov-west-1.amazonaws.com |
||
| AWS Service Catalog | servicecatalog-fips.us-east-1.amazonaws.com servicecatalog-fips.us-east-2.amazonaws.com servicecatalog-fips.us-west-1.amazonaws.com servicecatalog-fips.us-west-2.amazonaws.com |
servicecatalog-fips.us-gov-east-1.amazonaws.com servicecatalog-fips.us-gov-west-1.amazonaws.com |
|
| AWS Shield | shield-fips.us-east-1.amazonaws.com | ||
| AWS Snowball | snowball-fips.us-east-1.amazonaws.com snowball-fips.us-east-2.amazonaws.com snowball-fips.us-west-1.amazonaws.com snowball-fips.us-west-2.amazonaws.com |
snowball-fips.ca-central-1.amazonaws.com | |
| AWS Step Functions | states-fips.us-east-1.amazonaws.com states-fips.us-east-2.amazonaws.com states-fips.us-west-1.amazonaws.com states-fips.us-west-2.amazonaws.com |
states.us-gov-west-1.amazonaws.com states-fips.us-gov-east-1.amazonaws.com |
|
| AWS Storage Gateway | storagegateway-fips.us-east-1.amazonaws.com storagegateway-fips.us-east-2.amazonaws.com storagegateway-fips.us-west-1.amazonaws.com storagegateway-fips.us-west-2.amazonaws.com |
storagegateway-fips.us-gov-east-1.amazonaws.com storagegateway-fips.us-gov-west-1.amazonaws.com |
storagegateway-fips.ca-central-1.amazonaws.com |
| AWS Support | support.us-gov-west-1.amazonaws.com |
||
| AWS Systems Manager | ssm-fips.us-east-1.amazonaws.com ssm-fips.us-east-2.amazonaws.com ssm-fips.us-west-1.amazonaws.com ssm-fips.us-west-2.amazonaws.com |
ssm.us-gov-east-1.amazonaws.com ssm.us-gov-west-1.amazonaws.com |
|
| AWS Transfer Family | transfer-fips.us-east-1.amazonaws.com transfer-fips.us-east-2.amazonaws.com transfer-fips.us-west-1.amazonaws.com transfer-fips.us-west-2.amazonaws.com |
transfer-fips.us-gov-east-1.amazonaws.com transfer-fips.us-gov-west-1.amazonaws.com |
transfer-fips.ca-central-1.amazonaws.com |
AWS WAF |
waf-fips.amazonaws.com waf-regional-fips.us-east-1.amazonaws.com waf-regional-fips.us-east-2.amazonaws.com waf-regional-fips.us-west-1.amazonaws.com waf-regional-fips.us-west-2.amazonaws.com wafv2-fips.us-east-1.amazonaws.com wafv2-fips.us-east-2.amazonaws.com wafv2-fips.us-west-1.amazonaws.com wafv2-fips.us-west-2.amazonaws.com |
waf-regional-fips.us-gov-west-1.amazonaws.com wafv2-fips.us-gov-west-1.amazonaws.com |
waf-regional-fips.ca-central-1.amazonaws.com wafv2-fips.ca-central-1.amazonaws.com |
| Elastic Load Balancing | elasticloadbalancing-fips.us-east-1.amazonaws.com elasticloadbalancing-fips.us-east-2.amazonaws.com elasticloadbalancing-fips.us-west-1.amazonaws.com elasticloadbalancing-fips.us-west-2.amazonaws.com |
elasticloadbalancing.us-gov-east-1.amazonaws.com elasticloadbalancing.us-gov-west-1.amazonaws.com |
FAQs
-
Which AWS services require a minimum version of TLS 1.2 for FIPS Endpoints?
AWS is updating all AWS FIPS endpoints to a minimum Transport Layer Security (TLS) version of 1.2 across all AWS Regions, with a targeted completion date of March 31, 2021. Once completed, these updates will revoke the ability to use TLS 1.0 and TLS 1.1 on all FIPS endpoints. For more information, read the announcement on the AWS Security Blog. No other AWS endpoints will be affected by this change.
The FIPS endpoints for the AWS services listed below have been updated and require TLS 1.2 or higher. The FIPS endpoints for any AWS services not listed below currently support TLS 1.0 and TLS 1.1 in addition to TLS 1.2.
AWS Service TLS Minimum 1.2 Amazon Athena ✓ Amazon API Gateway ✓ Amazon Connect ✓ Amazon EC2 Image Builder ✓ Amazon Elastic Block Store (EBS) Direct API ✓ Amazon Elastic Kubernetes Service (Amazon EKS) ✓ Amazon GuardDuty ✓ Amazon Macie ✓ Amazon MQ ✓ Amazon Pinpoint ✓ Amazon QuickSight ✓ Amazon Textract ✓ AWS Batch ✓ AWS Certificate Manager Private Certificate Authority (PCA) ✓ AWS Cloud Map ✓ AWS Database Migration Service ✓ AWS Datasync ✓ AWS Elemental MediaConvert ✓ AWS Elemental Medialive ✓ AWS Glue ✓ AWS Ground Station ✓ AWS Health ✓ AWS IAM Access Analyzer ✓ AWS IoT Greengrass ✓ AWS Key Management Service (KMS) ✓ AWS Lake Formation ✓ AWS Outposts ✓ AWS Resource Groups ✓ AWS Security Hub ✓ AWS Serverless App Repository ✓ AWS Storage Gateway ✓ AWS Transfer Family ✓ AWS WAF ✓ -
Where can I find AWS GovCloud (US) endpoints (Non-FIPS)?
For a list of Non-FIPS endpoints, see Service Endpoints in the AWS GovCloud (US) User Guide.
-
Where can I find all AWS Endpoints?
For a list of all AWS endpoints, see Regions and Endpoints in the AWS General Reference. For information about giving federated users single sign-in access to the AWS Management Console, see Giving Federated Users Direct to the Access to the AWS Management Console.
