Федеральный стандарт по обработке информации (FIPS) 140-2
Обзор
Федеральный стандарт обработки информации (FIPS), публикация 140-2 – это государственный стандарт США, определяющий требования к безопасности криптографических модулей для защиты конфиденциальных данных. Если при доступе к регионам AWS Восток/Запад США или AWS GovCloud (США) через интерфейс командной строки (CLI) или программно с помощью API требуется использование криптографических модулей, проверенных на соответствие FIPS 140-2, в следующих разделах приведен список доступных адресов, проверенных на соответствие FIPS (по регионам AWS). AWS взаимодействует с клиентами, чтобы предоставить им нужную информацию для обеспечения соответствия требованиям при работе в регионах AWS Восток/Запад США и AWS GovCloud (США). Дополнительную информацию о стандарте см. на странице Cryptographic Module Validation Program веб-сайта NIST Computer Security Resource Center.
-
Какие адреса в регионах AWS Восток/Запад США проверены на соответствие FIPS?
В следующей таблице перечислены все адреса, проверенные на соответствие FIPS, которые доступны для различных сервисов AWS в регионах AWS Восток/Запад США.
Сервис AWS Адреса в регионах AWS Восток/Запад США AWS Directory Service ds-fips.us-west-1.amazonaws.com
ds-fips.us-west-2.amazonaws.com
ds-fips.us-east-2.amazonaws.com
ds-fips.us-east-1.amazonaws.com
Amazon API Gateway apigateway-fips.us-west-1.amazonaws.com
apigateway-fips.us-west-2.amazonaws.com
apigateway-fips.us-east-2.amazonaws.com
apigateway-fips.us-east-1.amazonaws.com
Amazon Cloud Directory clouddirectory-fips.us-west-1.amazonaws.com
clouddirectory-fips.us-east-2.amazonaws.com
clouddirectory-fips.us-east-1.amazonaws.com
AWS CloudFormation cloudformation-fips.us-east-1.amazonaws.com
cloudformation-fips.us-east-2.amazonaws.com
cloudformation-fips.us-west-1.amazonaws.com
cloudformation-fips.us-west-2.amazonaws.com
AWS CloudTrail cloudtrail-fips.us-west-1.amazonaws.com
cloudtrail-fips.us-west-2.amazonaws.com
cloudtrail-fips.us-east-2.amazonaws.com
cloudtrail-fips.us-east-1.amazonaws.com
Amazon Cognito cognito-sync-fips.us-west-2.amazonaws.com
cognito-identity-fips.us-west-2.amazonaws.com
cognito-idp-fips.us-west-2.amazonaws.com
<домен_вашего_пула_пользователей>.auth-fips.us-west-2.amazoncognito.com
cognito-sync-fips.us-east-2.amazonaws.com
cognito-identity-fips.us-east-2.amazonaws.com
cognito-idp-fips.us-east-2.amazonaws.com
<домен_вашего_пула_пользователей>.auth-fips.us-east-2.amazoncognito.com
cognito-sync-fips.us-east-1.amazonaws.com
cognito-identity-fips.us-east-1.amazonaws.com
cognito-idp-fips.us-east-1.amazonaws.com
<домен_вашего_пула_пользователей>.auth-fips.us-east-1.amazoncognito.com
AWS Config config-fips.us-west-1.amazonaws.com
config-fips.us-west-2.amazonaws.com
config-fips.us-east-2.amazonaws.com
config-fips.us-east-1.amazonaws.com
AWS Database Migration Service (DMS) dms-fips.us-west-1.amazonaws.com
dms-fips.us-west-2.amazonaws.com
dms-fips.us-east-2.amazonaws.com
dms-fips.us-east-1.amazonaws.com
Amazon DynamoDB dynamodb-fips.us-west-1.amazonaws.com
dynamodb-fips.us-west-2.amazonaws.com
dynamodb-fips.us-east-2.amazonaws.com
dynamodb-fips.us-east-1.amazonaws.com
Amazon Elastic Block Store (EBS) Использует EC2 напрямую Amazon Elastic Compute Cloud (EC2) ec2-fips.us-west-1.amazonaws.com
ec2-fips.us-west-2.amazonaws.com
ec2-fips.us-east-2.amazonaws.com
ec2-fips.us-east-1.amazonaws.com
Amazon ElastiCache elasticache-fips.us-east-1.amazonaws.com
elasticache-fips.us-east-2.amazonaws.com
elasticache-fips.us-west-1.amazonaws.com
elasticache-fips.us-west-2.amazonaws.comElastic Load Balancing elasticloadbalancing-fips.us-west-1.amazonaws.com
elasticloadbalancing-fips.us-west-2.amazonaws.com
elasticloadbalancing-fips.us-east-2.amazonaws.com
elasticloadbalancing-fips.us-east-1.amazonaws.com
Amazon EMR (Amazon EMR) elasticmapreduce-fips.us-west-1.amazonaws.com
elasticmapreduce-fips.us-west-2.amazonaws.com
elasticmapreduce-fips.us-east-1.amazonaws.com
elasticmapreduce-fips.us-east-2.amazonaws.com
Amazon Glacier glacier-fips.us-west-1.amazonaws.com
glacier-fips.us-west-2.amazonaws.com
glacier-fips.us-east-2.amazonaws.com
glacier-fips.us-east-1.amazonaws.com
AWS Identity and Access Management (IAM) iam-fips.amazonaws.com (только регион IAD) Amazon Inspector inspector-fips.us-west-1.amazonaws.com
inspector-fips.us-west-2.amazonaws.com
inspector-fips.us-east-1.amazonaws.com
Amazon Kinesis Streams kinesis-fips.us-west-1.amazonaws.com
kinesis-fips.us-west-2.amazonaws.com
kinesis-fips.us-east-2.amazonaws.com
kinesis-fips.us-east-1.amazonaws.com
AWS Key Management Service (KMS) kms-fips.us-west-1.amazonaws.com
kms-fips.us-west-2.amazonaws.com
kms-fips.us-east-2.amazonaws.com
kms-fips.us-east-1.amazonaws.com
AWS Lambda
lambda-fips.us-west-1.amazonaws.com
lambda-fips.us-west-2.amazonaws.com
lambda-fips.us-east-2.amazonaws.com
lambda-fips.us-east-1.amazonaws.com
Amazon QuickSight
fips-us-west-2.quicksight.aws.amazon.com
fips-us-east-2.quicksight.aws.amazon.com
fips-us-east-1.quicksight.aws.amazon.com
Amazon Relational Database Service (RDS)
rds-fips.us-west-1.amazonaws.com
rds-fips.us-west-2.amazonaws.com
rds-fips.us-east-2.amazonaws.com
rds-fips.us-east-1.amazonaws.com
Amazon Redshift
redshift-fips.us-west-1.amazonaws.com
redshift-fips.us-west-2.amazonaws.com
redshift-fips.us-east-2.amazonaws.com
redshift-fips.us-east-1.amazonaws.com
Amazon Route 53
api-fips.route53-eu-west-1.com
route53-fips.amazonaws.com
Amazon Simple Storage Service (S3)
s3-fips.us-east-2.amazonaws.com
s3-fips.dualstack.us-west-1.amazonaws.com
s3-fips.dualstack.us-west-2.amazonaws.com
s3-fips.dualstack.us-east-2.amazonaws.com
s3-fips.dualstack.us-east-1.amazonaws.com
s3-fips.us-west-1.amazonaws.com
s3-fips.us-west-2.amazonaws.com
s3-fips.us-east-1.amazonaws.com
AWS Shield
shield-fips.us-east-1.amazonaws.com AWS Snowball
Не требует соответствия FIPS Amazon Simple Notification Service (SNS)
sns-fips.us-west-1.amazonaws.com
sns-fips.us-west-2.amazonaws.com
sns-fips.us-east-2.amazonaws.com
sns-fips.us-east-1.amazonaws.com
Amazon Simple Queue Service (SQS)
sqs-fips.us-west-1.amazonaws.com AWS Security Token Service (STS)
sts-fips.us-west-1.amazonaws.com
sts-fips.us-west-2.amazonaws.com
sts-fips.us-east-2.amazonaws.com
sts-fips.us-east-1.amazonaws.com
Amazon Simple Workflow Service (SWF)
swf-fips.us-west-1.amazonaws.com
swf-fips.us-west-2.amazonaws.com
swf-fips.us-east-2.amazonaws.com
swf-fips.us-east-1.amazonaws.com
AWS Systems Manager ssm-fips.us-west-1.amazonaws.com
ssm-fips.us-west-2.amazonaws.com
ssm-fips.us-east-2.amazonaws.com
ssm-fips.us-east-1.amazonaws.com
Amazon Virtual Private Cloud (VPC)
Использует EC2 напрямую AWS WAF
waf-regional-fips.us-west-1.amazonaws.com
waf-regional-fips.us-west-2.amazonaws.com
waf-regional-fips.us-east-1.amazonaws.com
waf-fips.amazonaws.com
waf-regional-fips.eu-west-1.amazonaws.com
waf-regional-fips.ap-northeast-1.amazonaws.com
Amazon WorkDocs
workdocs-fips.us-west-2.amazonaws.com
workdocs-fips.us-east-1.amazonaws.com
Список всех адресов AWS см. на странице Регионы и адреса серверов в Общих справочных материалах по AWS.
-
Какие адреса в регионе AWS GovCloud (США) проверены на соответствие FIPS?
В следующей таблице перечислены все адреса, проверенные на соответствие FIPS, которые доступны для различных сервисов AWS в регионе AWS GovCloud (США).
Сервис AWS Адреса AWS GovCloud (США) AWS Certificate Manager acm.us-gov-west-1.amazonaws.com
Amazon API Gateway apigateway-fips.us-gov-west-1.amazonaws.com
Amazon EC2 AutoScaling autoscaling.us-gov-west-1.amazonaws.com
AWS CloudFormation cloudformation.us-gov-west-1.amazonaws.com
AWS CloudHSM
cloudhsm.us-gov-west-1.amazonaws.com
AWS CloudTrail cloudtrail.us-gov-west-1.amazonaws.com
Amazon CloudWatch (Events) events.us-gov-west-1.amazonaws.com
Amazon CloudWatch (Logs) logs.us-gov-west-1.amazonaws.com
AWS CodeDeploy
codedeploy.us-gov-west-1.amazonaws.com
AWS Config config.us-gov-west-1.amazonaws.com
AWS Database Migration Service (DMS) dms.us-gov-west-1.amazonaws.com
Amazon DynamoDB dynamodb.us-gov-west-1.amazonaws.com
Amazon Elastic Block Store (EBS) ec2.us-gov-west-1.amazonaws.com Amazon Elastic Compute Cloud (EC2) ec2.us-gov-west-1.amazonaws.com
Amazon ElastiCache elasticache-fips.us-gov-west-1.amazonaws.com
Elastic Load Balancing elasticloadbalancing.us-gov-west-1.amazonaws.com
Amazon EMR (Amazon EMR) elasticmapreduce.us-gov-west-1.amazonaws.com
Amazon Glacier glacier.us-gov-west-1.amazonaws.com
AWS Identity and Access Management (IAM) iam.us-gov.amazonaws.com
Amazon Inspector inspector-fips.us-gov-west-1.amazonaws.com Amazon Kinesis Streams kinesis.us-gov-west-1.amazonaws.com
AWS Key Management Service (KMS) kms-fips.us-gov-west-1.amazonaws.com
AWS Lambda
lambda-fips.us-gov-west-1.amazonaws.com
Amazon Polly polly-fips.us-gov-west-1.amazonaws.com Amazon Rekognition rekognition-fips.us-gov-west-1.amazonaws.com Amazon Relational Database Service (RDS)
rds.us-gov-west-1.amazonaws.com
Amazon Redshift
redshift.us-gov-west-1.amazonaws.com
AWS Server Migration Service (SMS)
sms-fips.us-gov-west-1.amazonaws.com Amazon Simple Storage Service (S3)
s3-fips.dualstack.us-gov-west-1.amazonaws.com
s3-fips-us-gov-west-1.amazonaws.com
AWS Shield
Имеет только один адрес AWS Snowball
Не требует соответствия FIPS Amazon Simple Notification Service (SNS)
sns.us-gov-west-1.amazonaws.com
Amazon Simple Queue Service (SQS)
sqs.us-gov-west-1.amazonaws.com AWS Security Token Service (STS)
sts.us-gov-west-1.amazonaws.com
Amazon Simple Workflow Service (SWF)
swf.us-gov-west-1.amazonaws.com
AWS Systems Manager ssm.us-gov-west-1.amazonaws.com Amazon Virtual Private Cloud (VPC)
ec2.us-gov-west-1.amazonaws.com Список всех адресов AWS см. на странице Регионы и адреса серверов в Общих справочных материалах по AWS.
