Federal Information Processing Standard (FIPS) 140-2
Overview

The Federal Information Processing Standard (FIPS) Publication 140-2 is a US and Canadian government standard that specifies the security requirements for cryptographic modules that protect sensitive information. If you require use of FIPS 140-2 validated cryptographic modules when accessing AWS US East/West, AWS GovCloud (US), or AWS Canada (Central) through use of the command line interface (CLI) or programmatically by using the APIs, the following sections provide the list of available FIPS endpoints by AWS Region. The Amazon Virtual Private Cloud VPN endpoints in AWS GovCloud (US) operate using FIPS 140-2 validated cryptographic modules. AWS works with customers to provide the information they need to manage compliance when using the AWS US East/West, AWS GovCloud (US), or AWS Canada (Central) Regions. For more information about the standard, see Cryptographic Module Validation Program on the NIST Computer Security Resource Center website.
-
What are the FIPS endpoints for AWS US East/West?
The following table lists each FIPS endpoint available for various AWS services in the AWS Region US East/West.
AWS Service AWS US East/West Endpoints Amazon API Gateway apigateway-fips.us-west-1.amazonaws.com
apigateway-fips.us-west-2.amazonaws.com
apigateway-fips.us-east-2.amazonaws.com
apigateway-fips.us-east-1.amazonaws.com
Amazon AppStream 2.0 appstream2-fips.us-east-1.amazonaws.com
appstream2-fips.us-west-2.amazonaws.com
Amazon Cloud Directory clouddirectory-fips.us-west-1.amazonaws.com
clouddirectory-fips.us-east-2.amazonaws.com
clouddirectory-fips.us-east-1.amazonaws.com
AWS CloudFormation cloudformation-fips.us-east-1.amazonaws.com
cloudformation-fips.us-east-2.amazonaws.com
cloudformation-fips.us-west-1.amazonaws.com
cloudformation-fips.us-west-2.amazonaws.com
AWS CloudTrail cloudtrail-fips.us-west-1.amazonaws.com
cloudtrail-fips.us-west-2.amazonaws.com
cloudtrail-fips.us-east-2.amazonaws.com
cloudtrail-fips.us-east-1.amazonaws.com
AWS CodeCommit git-codecommit-fips.us-east-1.amazonaws.com
codecommit-fips.us-east-1.amazonaws.com
git-codecommit-fips.us-east-2.amazonaws.com
codecommit-fips.us-east-2.amazonaws.com
git-codecommit-fips.us-west-1.amazonaws.com
codecommit-fips.us-west-1.amazonaws.com
git-codecommit-fips.us-west-2.amazonaws.com
codecommit-fips.us-west-2.amazonaws.com
Amazon Cognito cognito-sync-fips.us-west-2.amazonaws.com
cognito-identity-fips.us-west-2.amazonaws.com
cognito-idp-fips.us-west-2.amazonaws.com
<your_user_pool_domain>.auth-fips.us-west-2.amazoncognito.com
cognito-sync-fips.us-east-2.amazonaws.com
cognito-identity-fips.us-east-2.amazonaws.com
cognito-idp-fips.us-east-2.amazonaws.com
<your_user_pool_domain>.auth-fips.us-east-2.amazoncognito.com
cognito-sync-fips.us-east-1.amazonaws.com
cognito-identity-fips.us-east-1.amazonaws.com
cognito-idp-fips.us-east-1.amazonaws.com
<your_user_pool_domain>.auth-fips.us-east-1.amazoncognito.com
AWS Config config-fips.us-west-1.amazonaws.com
config-fips.us-west-2.amazonaws.com
config-fips.us-east-2.amazonaws.com
config-fips.us-east-1.amazonaws.com
AWS Database Migration Service (DMS) dms-fips.us-west-1.amazonaws.com
dms-fips.us-west-2.amazonaws.com
dms-fips.us-east-2.amazonaws.com
dms-fips.us-east-1.amazonaws.com
AWS Directory Service ds-fips.us-west-1.amazonaws.com
ds-fips.us-west-2.amazonaws.com
ds-fips.us-east-2.amazonaws.com
ds-fips.us-east-1.amazonaws.com
Amazon DynamoDB dynamodb-fips.us-west-1.amazonaws.com
dynamodb-fips.us-west-2.amazonaws.com
dynamodb-fips.us-east-2.amazonaws.com
dynamodb-fips.us-east-1.amazonaws.com
AWS Elastic Beanstalk elasticbeanstalk-fips.us-east-1.amazonaws.com
elasticbeanstalk-fips.us-east-2.amazonaws.com
elasticbeanstalk-fips.us-west-1.amazonaws.com
elasticbeanstalk-fips.us-west-2.amazonaws.com
Amazon Elastic Block Store (EBS) Using EC2 Directly Amazon Elastic Compute Cloud (EC2) ec2-fips.us-west-1.amazonaws.com
ec2-fips.us-west-2.amazonaws.com
ec2-fips.us-east-2.amazonaws.com
ec2-fips.us-east-1.amazonaws.com
Amazon Elastic Container Registry ecr-fips.us-west-1.amazonaws.com
ecr-fips.us-west-2.amazonaws.com
ecr-fips.us-east-2.amazonaws.com
ecr-fips.us-east-1.amazonaws.com
*.dkr.ecr-fips.us-west-1.amazonaws.com
*.dkr.ecr-fips.us-west-2.amazonaws.com
*.dkr.ecr-fips.us-east-2.amazonaws.com
*.dkr.ecr-fips.us-east-1.amazonaws.com
Amazon ElastiCache elasticache-fips.us-east-1.amazonaws.com
elasticache-fips.us-east-2.amazonaws.com
elasticache-fips.us-west-1.amazonaws.com
elasticache-fips.us-west-2.amazonaws.comElastic Load Balancing elasticloadbalancing-fips.us-west-1.amazonaws.com
elasticloadbalancing-fips.us-west-2.amazonaws.com
elasticloadbalancing-fips.us-east-2.amazonaws.com
elasticloadbalancing-fips.us-east-1.amazonaws.com
Amazon Elasticsearch es-fips.us-west-1.amazonaws.com
es-fips.us-west-2.amazonaws.com
es-fips.us-east-1.amazonaws.com
es-fips.us-east-2.amazonaws.comAmazon EMR (Amazon EMR) elasticmapreduce-fips.us-west-1.amazonaws.com
elasticmapreduce-fips.us-west-2.amazonaws.com
elasticmapreduce-fips.us-east-1.amazonaws.com
elasticmapreduce-fips.us-east-2.amazonaws.com
Amazon Glacier glacier-fips.us-west-1.amazonaws.com
glacier-fips.us-west-2.amazonaws.com
glacier-fips.us-east-2.amazonaws.com
glacier-fips.us-east-1.amazonaws.com
Amazon GuardDuty guardduty-fips.us-east-1.amazonaws.com
guardduty-fips.us-west-1.amazonaws.com
guardduty-fips.us-east-2.amazonaws.com
guardduty-fips.us-west-2.amazonaws.com
AWS Identity and Access Management (IAM) iam-fips.amazonaws.com (IAD Region Only) Amazon Inspector inspector-fips.us-west-1.amazonaws.com
inspector-fips.us-west-2.amazonaws.com
inspector-fips.us-east-1.amazonaws.com
Amazon Kinesis Streams kinesis-fips.us-west-1.amazonaws.com
kinesis-fips.us-west-2.amazonaws.com
kinesis-fips.us-east-2.amazonaws.com
kinesis-fips.us-east-1.amazonaws.com
AWS Key Management Service (KMS) kms-fips.us-west-1.amazonaws.com
kms-fips.us-west-2.amazonaws.com
kms-fips.us-east-2.amazonaws.com
kms-fips.us-east-1.amazonaws.com
AWS Lambda
lambda-fips.us-west-1.amazonaws.com
lambda-fips.us-west-2.amazonaws.com
lambda-fips.us-east-2.amazonaws.com
lambda-fips.us-east-1.amazonaws.com
Amazon MQ mq-fips.us-east-1.amazonaws.com
mq-fips.us-east-2.amazonaws.com
mq-fips.us-west-1.amazonaws.com
mq-fips.us-west-2.amazonaws.com
Amazon Pinpoint pinpoint-fips.us-east-1.amazonaws.com
pinpoint-fips.us-west-2.amazonaws.com
Amazon Quicksight
fips-us-west-2.quicksight.aws.amazon.com
fips-us-east-2.quicksight.aws.amazon.com
fips-us-east-1.quicksight.aws.amazon.com
Amazon Relational Database Service (RDS) / Amazon Aurora rds-fips.us-west-1.amazonaws.com
rds-fips.us-west-2.amazonaws.com
rds-fips.us-east-2.amazonaws.com
rds-fips.us-east-1.amazonaws.com
Amazon Redshift
redshift-fips.us-west-1.amazonaws.com
redshift-fips.us-west-2.amazonaws.com
redshift-fips.us-east-2.amazonaws.com
redshift-fips.us-east-1.amazonaws.com
Amazon Route 53
api-fips.route53-eu-west-1.com
route53-fips.amazonaws.com
Amazon SageMaker api-fips.sagemaker.us-east-1.amazonaws.com
api-fips.sagemaker.us-east-2.amazonaws.com
api-fips.sagemaker.us-west-2.amazonaws.com
runtime-fips.sagemaker.us-east-1.amazonaws.com
runtime-fips.sagemaker.us-east-2.amazonaws.com
runtime-fips.sagemaker.us-west-2.amazonaws.com
AWS Security Token Service (STS) sts-fips.us-west-1.amazonaws.com
sts-fips.us-west-2.amazonaws.com
sts-fips.us-east-2.amazonaws.com
sts-fips.us-east-1.amazonaws.com
AWS Service Catalog servicecatalog-fips.us-west-1.amazonaws.com
servicecatalog-fips.us-west-2.amazonaws.com
servicecatalog-fips.us-east-1.amazonaws.com
servicecatalog-fips.us-east-2.amazonaws.com
AWS Shield shield-fips.us-east-1.amazonaws.com Amazon Simple Email Service (API HTTPS) email-fips.us-east-1.amazonaws.com
email-fips.us-west-2.amazonaws.com
Amazon Simple Email Service (SMTP) email-smtp-fips.us-east-1.amazonaws.com
email-smtp-fips.us-west-2.amazonaws.com
Amazon Simple Notification Service (SNS) sns-fips.us-west-1.amazonaws.com
sns-fips.us-west-2.amazonaws.com
sns-fips.us-east-2.amazonaws.com
sns-fips.us-east-1.amazonaws.com
Amazon Simple Queue Service (SQS) sqs-fips.us-west-1.amazonaws.com Amazon Simple Storage Service (S3)
Note: These Endpoints can only be used with Virtual Hosted-Style addressing. For example: https://bucket.s3-fips.us-east-2.amazonaws.com. Visit the Amazon S3 Documentation page for more information.
s3-fips.us-east-2.amazonaws.com
s3-fips.dualstack.us-west-1.amazonaws.com
s3-fips.dualstack.us-west-2.amazonaws.com
s3-fips.dualstack.us-east-2.amazonaws.com
s3-fips.dualstack.us-east-1.amazonaws.com
s3-fips.us-west-1.amazonaws.com
s3-fips.us-west-2.amazonaws.com
s3-fips.us-east-1.amazonaws.com
Amazon Simple Workflow Service (SWF)
swf-fips.us-west-1.amazonaws.com
swf-fips.us-west-2.amazonaws.com
swf-fips.us-east-2.amazonaws.com
swf-fips.us-east-1.amazonaws.com
AWS Snowball Does not need FIPS AWS Systems Manager ssm-fips.us-west-1.amazonaws.com
ssm-fips.us-west-2.amazonaws.com
ssm-fips.us-east-2.amazonaws.com
ssm-fips.us-east-1.amazonaws.com
Amazon Virtual Private Cloud (VPC)
Uses EC2 Directly AWS WAF
waf-regional-fips.us-west-1.amazonaws.com
waf-regional-fips.us-west-2.amazonaws.com
waf-regional-fips.us-east-1.amazonaws.com
waf-regional-fips.us-east-2.amazonaws.com
waf-fips.amazonaws.com
Amazon WorkDocs
workdocs-fips.us-west-2.amazonaws.com
workdocs-fips.us-east-1.amazonaws.com
shield-fips.us-east-1.amazonaws.com shield-fips.us-east-1.amazonaws.com shield-fips.us-east-1.amazonaws.com Does not need FIPS For a list of all AWS endpoints, see Regions and Endpoints in the AWS General Reference.
-
What are the FIPS endpoints for AWS GovCloud (US)?
For a list of the FIPS endpoints available for AWS GovCloud (US), refer to the AWS GovCloud (US) User Guide.
-
What are the FIPS endpoints for AWS Canada (Central)?
AWS Service AWS Canada (Central) Endpoints Amazon API Gateway apigateway-fips.ca-central-1.amazonaws.com Amazon CodeCommit git-codecommit-fips.ca-central-1.amazonaws.com
codecommit-fips.ca-central-1.amazonaws.com
AWS Directory Service ds-fips.ca-central-1.amazonaws.com
Amazon DynamoDB dynamodb-fips.ca-central-1.amazonaws.com Amazon Elastic Compute Cloud (EC2) ec2-fips.ca-central-1.amazonaws.com
Amazon EMR (Amazon EMR) elasticmapreduce-fips.ca-central-1.amazonaws.com
Amazon Glacier glacier-fips.ca-central-1.amazonaws.com
Amazon Relational Database Service (RDS) / Amazon Aurora rds-fips.ca-central-1.amazonaws.com
Amazon Redshift
redshift-fips.ca-central-1.amazonaws.com
AWS Security Token Service (STS)
sts.ca-central-1.amazonaws.com
Amazon Simple Storage Service (Amazon S3)
Note: This Endpoint can only be used with Virtual Hosted-Style addressing. For example: https://bucket.s3-fips.ca-central-1.amazonaws.com. Visit the Amazon S3 Documentation page for more information.
s3-fips.ca-central-1.amazonaws.com