FIPS(Federal Information Processing Standard) 140-2

개요

FIPS(Federal Information Processing Standard) 발행물 140-2는 미국 정부 표준으로서, 민감한 정보를 보호하는 암호 모듈의 보안 요구 사항을 규정하고 있습니다. 명령줄 인터페이스(CLI)를 사용하거나 API를 사용해 프로그래밍 방식으로 AWS 미국 동부/서부 또는 AWS GovCloud(US) 리전에 액세스할 때 FIPS 140-2 검증 암호화 모듈을 사용해야 하는 경우, AWS 리전에서 제공하는 FIPS 엔드포인트는 다음과 같습니다. AWS GovCloud(US)의 Amazon Virtual Private Cloud VPN 엔드포인트는 FIPS 140-2 검증 암호화 모듈을 사용하여 작동합니다. AWS는 고객과 협력하여 고객이 AWS 미국 동부/서부 또는 AWS GovCloud(US) 리전을 사용할 때 규정 준수를 관리하는 데 필요한 정보를 제공합니다. 이 표준에 대한 자세한 내용은 NIST Computer Security Resource Center 웹 사이트에서 Cryptographic Module Validation Program을 참조하십시오.

• AWS 미국 동부/서부의 FIPS 엔드포인트는 어떻게 됩니까?

  다음 표에는 AWS 미국 동부/서부 리전의 다양한 AWS 서비스에 사용할 수 있는 각 FIPS 엔드포인트 목록이 나와 있습니다. 
  

  AWS Service	AWS 미국 동부/서부 엔드포인트
  Amazon API Gateway	apigateway-fips.us-west-1.amazonaws.com apigateway-fips.us-west-2.amazonaws.com apigateway-fips.us-east-2.amazonaws.com apigateway-fips.us-east-1.amazonaws.com
  Amazon Cloud Directory	clouddirectory-fips.us-west-1.amazonaws.com clouddirectory-fips.us-east-2.amazonaws.com clouddirectory-fips.us-east-1.amazonaws.com
  AWS Cloud Formation	cloudformation-fips.us-east-1.amazonaws.com cloudformation-fips.us-east-2.amazonaws.com cloudformation-fips.us-west-1.amazonaws.com cloudformation-fips.us-west-2.amazonaws.com
  AWS CloudTrail	cloudtrail-fips.us-west-1.amazonaws.com cloudtrail-fips.us-west-2.amazonaws.com cloudtrail-fips.us-east-2.amazonaws.com cloudtrail-fips.us-east-1.amazonaws.com
  Amazon CodeCommit	git-codecommit-fips.us-east-1.amazonaws.com codecommit-fips.us-east-1.amazonaws.com git-codecommit-fips.us-east-2.amazonaws.com codecommit-fips.us-east-2.amazonaws.com git-codecommit-fips.us-west-1.amazonaws.com codecommit-fips.us-west-1.amazonaws.com git-codecommit-fips.us-west-2.amazonaws.com codecommit-fips.us-west-2.amazonaws.com git-codecommit-fips.ca-central-1.amazonaws.com codecommit-fips.ca-central-1.amazonaws.com
  Amazon Cognito	cognito-sync-fips.us-west-2.amazonaws.com cognito-identity-fips.us-west-2.amazonaws.com cognito-idp-fips.us-west-2.amazonaws.com <your_user_pool_domain>.auth-fips.us-west-2.amazoncognito.com cognito-sync-fips.us-east-2.amazonaws.com cognito-identity-fips.us-east-2.amazonaws.com cognito-idp-fips.us-east-2.amazonaws.com <your_user_pool_domain>.auth-fips.us-east-2.amazoncognito.com cognito-sync-fips.us-east-1.amazonaws.com cognito-identity-fips.us-east-1.amazonaws.com cognito-idp-fips.us-east-1.amazonaws.com <your_user_pool_domain>.auth-fips.us-east-1.amazoncognito.com
  AWS Config	config-fips.us-west-1.amazonaws.com config-fips.us-west-2.amazonaws.com config-fips.us-east-2.amazonaws.com config-fips.us-east-1.amazonaws.com
  AWS Database Migration Service(DMS)	dms-fips.us-west-1.amazonaws.com dms-fips.us-west-2.amazonaws.com dms-fips.us-east-2.amazonaws.com dms-fips.us-east-1.amazonaws.com
  AWS Directory Service	ds-fips.us-west-1.amazonaws.com ds-fips.us-west-2.amazonaws.com ds-fips.us-east-2.amazonaws.com ds-fips.us-east-1.amazonaws.com
  Amazon DynamoDB	dynamodb-fips.us-west-1.amazonaws.com dynamodb-fips.us-west-2.amazonaws.com dynamodb-fips.us-east-2.amazonaws.com dynamodb-fips.us-east-1.amazonaws.com
  AWS Elastic Beanstalk	elasticbeanstalk-fips.us-east-1.amazonaws.com elasticbeanstalk-fips.us-east-2.amazonaws.com elasticbeanstalk-fips.us-west-1.amazonaws.com elasticbeanstalk-fips.us-west-2.amazonaws.com
  Amazon Elastic Block Store(EBS)	Using EC2 Directly
  Amazon Elastic Compute Cloud(EC2)	ec2-fips.us-west-1.amazonaws.com ec2-fips.us-west-2.amazonaws.com ec2-fips.us-east-2.amazonaws.com ec2-fips.us-east-1.amazonaws.com
  Amazon ElastiCache	elasticache-fips.us-east-1.amazonaws.com elasticache-fips.us-east-2.amazonaws.com elasticache-fips.us-west-1.amazonaws.com elasticache-fips.us-west-2.amazonaws.com
  Elastic Load Balancing	elasticloadbalancing-fips.us-west-1.amazonaws.com elasticloadbalancing-fips.us-west-2.amazonaws.com elasticloadbalancing-fips.us-east-2.amazonaws.com elasticloadbalancing-fips.us-east-1.amazonaws.com
  Amazon Elasticsearch	es-fips.us-west-1.amazonaws.com es-fips.us-west-2.amazonaws.com es-fips.us-east-1.amazonaws.com es-fips.us-east-2.amazonaws.com
  Amazon EMR(EMR)	elasticmapreduce-fips.us-west-1.amazonaws.com elasticmapreduce-fips.us-west-2.amazonaws.com elasticmapreduce-fips.us-east-1.amazonaws.com elasticmapreduce-fips.us-east-2.amazonaws.com
  Amazon Glacier	glacier-fips.us-west-1.amazonaws.com glacier-fips.us-west-2.amazonaws.com glacier-fips.us-east-2.amazonaws.com glacier-fips.us-east-1.amazonaws.com
  AWS Identity and Access Management(IAM)	iam-fips.amazonaws.com(IAD 리전만 해당)
  Amazon Inspector	inspector-fips.us-west-1.amazonaws.com inspector-fips.us-west-2.amazonaws.com inspector-fips.us-east-1.amazonaws.com
  Amazon Kinesis Streams	kinesis-fips.us-west-1.amazonaws.com kinesis-fips.us-west-2.amazonaws.com kinesis-fips.us-east-2.amazonaws.com kinesis-fips.us-east-1.amazonaws.com
  AWS Key Management Service(KMS)	kms-fips.us-west-1.amazonaws.com kms-fips.us-west-2.amazonaws.com kms-fips.us-east-2.amazonaws.com kms-fips.us-east-1.amazonaws.com
  AWS Lambda	lambda-fips.us-west-1.amazonaws.com lambda-fips.us-west-2.amazonaws.com lambda-fips.us-east-2.amazonaws.com lambda-fips.us-east-1.amazonaws.com
  Amazon QuickSight	fips-us-west-2.quicksight.aws.amazon.com fips-us-east-2.quicksight.aws.amazon.com fips-us-east-1.quicksight.aws.amazon.com
  Amazon Relational Database Service(RDS)	rds-fips.us-west-1.amazonaws.com rds-fips.us-west-2.amazonaws.com rds-fips.us-east-2.amazonaws.com rds-fips.us-east-1.amazonaws.com
  Amazon Redshift	redshift-fips.us-west-1.amazonaws.com redshift-fips.us-west-2.amazonaws.com redshift-fips.us-east-2.amazonaws.com redshift-fips.us-east-1.amazonaws.com
  Amazon Route 53	api-fips.route53-eu-west-1.com route53-fips.amazonaws.com
  Amazon SageMaker	api-fips.sagemaker.us-east-1.amazonaws.com api-fips.sagemaker.us-east-2.amazonaws.com api-fips.sagemaker.us-west-2.amazonaws.com runtime-fips.sagemaker.us-east-1.amazonaws.com runtime-fips.sagemaker.us-east-2.amazonaws.com runtime-fips.sagemaker.us-west-2.amazonaws.com
  Amazon Simple Storage Service(S3) 참고: 이러한 엔드포인트는 가상 호스팅 방식 주소 지정으로만 사용할 수 있습니다. 예: https://bucket.s3-fips.us-east-2.amazonaws.com. 자세한 내용은 Amazon S3 설명서 페이지를 참조하십시오.	s3-fips.us-east-2.amazonaws.com s3-fips.dualstack.us-west-1.amazonaws.com s3-fips.dualstack.us-west-2.amazonaws.com s3-fips.dualstack.us-east-2.amazonaws.com s3-fips.dualstack.us-east-1.amazonaws.com s3-fips.us-west-1.amazonaws.com s3-fips.us-west-2.amazonaws.com s3-fips.us-east-1.amazonaws.com
  AWS Shield	shield-fips.us-east-1.amazonaws.com
  AWS Snowball	FIPS가 필요 없음
  Amazon Simple Notification Service(SNS)	sns-fips.us-west-1.amazonaws.com sns-fips.us-west-2.amazonaws.com sns-fips.us-east-2.amazonaws.com sns-fips.us-east-1.amazonaws.com
  Amazon Simple Queue Service(SQS)	sqs-fips.us-west-1.amazonaws.com
  AWS Security Token Service(STS)	sts-fips.us-west-1.amazonaws.com sts-fips.us-west-2.amazonaws.com sts-fips.us-east-2.amazonaws.com sts-fips.us-east-1.amazonaws.com
  Amazon Simple Workflow Service(SWF)	swf-fips.us-west-1.amazonaws.com swf-fips.us-west-2.amazonaws.com swf-fips.us-east-2.amazonaws.com swf-fips.us-east-1.amazonaws.com
  AWS Systems Manager	ssm-fips.us-west-1.amazonaws.com ssm-fips.us-west-2.amazonaws.com ssm-fips.us-east-2.amazonaws.com ssm-fips.us-east-1.amazonaws.com
  Amazon Virtual Private Cloud(VPC)	EC2를 직접 사용
  AWS WAF	waf-regional-fips.us-west-1.amazonaws.com waf-regional-fips.us-west-2.amazonaws.com waf-regional-fips.us-east-1.amazonaws.com waf-fips.amazonaws.com waf-regional-fips.eu-west-1.amazonaws.com waf-regional-fips.ap-northeast-1.amazonaws.com
  Amazon WorkDocs	workdocs-fips.us-west-2.amazonaws.com workdocs-fips.us-east-1.amazonaws.com

  전체 AWS 엔드포인트 목록은 AWS 일반 참조의 리전 및 엔드포인트를 참조하십시오.

• AWS GovCloud(US)의 FIPS 엔드포인트는 어떻게 됩니까?

  미국 동부 리전에서 사용할 수 있는 FIPS 엔드포인트 목록은 AWS GovCloud(미국 동부) 엔드포인트를 참조하십시오.

  미국 서부 리전에서 사용할 수 있는 FIPS 엔드포인트 목록은 AWS GovCloud(미국 서부) 엔드포인트를 참조하십시오.