Федеральный стандарт по обработке информации (FIPS) 140-2
Обзор
Федеральный стандарт обработки информации (FIPS), публикация 140‑2 – это государственный стандарт США и Канады, определяющий требования к безопасности криптографических модулей для защиты конфиденциальных данных. Если при доступе к регионам AWS Восток / Запад США, AWS GovCloud (США) или AWS Канада (Центр) через интерфейс командной строки (CLI) или программно с помощью API требуется использование криптографических модулей, проверенных на соответствие FIPS 140‑2, далее в соответствующих разделах приведен список доступных адресов, проверенных на соответствие FIPS (по регионам AWS). URL серверов VPN Amazon Virtual Private Cloud в регионе AWS GovCloud (US) функционируют с использованием проверенных на соответствие FIPS 140-2 модулей шифрования. AWS взаимодействует с клиентами, чтобы предоставить им нужную информацию для обеспечения соответствия требованиям при работе в регионах AWS Восток / Запад США, AWS GovCloud (США) или AWS Канада (Центр). Дополнительную информацию о стандарте см. на странице Cryptographic Module Validation Program веб‑сайта Центра ресурсов компьютерной безопасности NIST.
Адреса FIPS в зависимости от сервиса
| Сервис AWS | Регионы AWS Восток/Запад США | AWS GovCloud (США) | Регион AWS Канада (Центр) |
| Amazon API Gateway* | apigateway-fips.us-east-1.amazonaws.com apigateway-fips.us-east-2.amazonaws.com apigateway-fips.us-west-1.amazonaws.com apigateway-fips.us-west-2.amazonaws.com |
apigateway-fips.us-gov-east-1.amazonaws.com apigateway-fips.us-gov-west-1.amazonaws.com * Оптимизированные для периферии API и пользовательское доменное имя Amazon API Gateway не поддерживаются. |
apigateway-fips.ca-central-1.amazonaws.com |
| Amazon AppStream 2.0 | appstream2-fips.us-east-1.amazonaws.com appstream2-fips.us-west-2.amazonaws.com |
appstream2-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Athena | athena-fips.us-gov-east-1.amazonaws.com athena-fips.us-gov-west-1.amazonaws.com |
||
| Amazon Cloud Directory | clouddirectory-fips.us-east-1.amazonaws.com clouddirectory-fips.us-east-2.amazonaws.com clouddirectory-fips.us-west-2.amazonaws.com |
clouddirectory.us-gov-west-1.amazonaws.com | |
| Amazon CloudFront |
cloudfront-fips.amazonaws.com | ||
| Amazon CloudWatch | monitoring.us-gov-east-1.amazonaws.com monitoring.us-gov-west-1.amazonaws.com |
||
| Amazon CloudWatch Events | events-fips.us-east-1.amazonaws.com events-fips.us-east-2.amazonaws.com events-fips.us-west-1.amazonaws.com events-fips.us-west-2.amazonaws.com |
events.us-gov-east-1.amazonaws.com events.us-gov-west-1.amazonaws.com |
|
| Amazon CloudWatch Logs | logs-fips.us-east-1.amazonaws.com logs-fips.us-east-2.amazonaws.com logs-fips.us-west-1.amazonaws.com logs-fips.us-west-2.amazonaws.com |
logs.us-gov-east-1.amazonaws.com logs.us-gov-west-1.amazonaws.com |
|
| Amazon Cognito | <your_user_pool_domain>.auth-fips.us-east-1.amazoncognito.com <your_user_pool_domain>.auth-fips.us-east-2.amazoncognito.com <your_user_pool_domain>.auth-fips.us-west-2.amazoncognito.com cognito-identity-fips.us-east-1.amazonaws.com cognito-identity-fips.us-east-2.amazonaws.com cognito-identity-fips.us-west-2.amazonaws.com cognito-idp-fips.us-east-1.amazonaws.com cognito-idp-fips.us-east-2.amazonaws.com cognito-idp-fips.us-west-2.amazonaws.com cognito-sync-fips.us-east-1.amazonaws.com cognito-sync-fips.us-east-2.amazonaws.com cognito-sync-fips.us-west-2.amazonaws.com |
cognito-idp-fips.us-gov-west-1.amazonaws.com | |
| Amazon Comprehend | comprehend-fips.us-east-1.amazonaws.com comprehend-fips.us-east-2.amazonaws.com comprehend-fips.us-west-2.amazonaws.com |
comprehend-fips.us-gov-west-1.amazonaws.com | |
| Amazon Comprehend Medical |
comprehendmedical-fips.us-gov-west-1.amazonaws.com | ||
| Amazon Connect | connect-fips.us-east-1.amazonaws.com connect-fips.us-west-2.amazonaws.com |
||
| Amazon DocumentDB (совместимость с MongoDB) | rds.us-gov-west-1.amazonaws.com | ||
| Amazon DynamoDB | dynamodb-fips.us-east-1.amazonaws.com dynamodb-fips.us-east-2.amazonaws.com dynamodb-fips.us-west-1.amazonaws.com dynamodb-fips.us-west-2.amazonaws.com |
dynamodb.us-gov-east-1.amazonaws.com dynamodb.us-gov-west-1.amazonaws.com |
dynamodb-fips.ca-central-1.amazonaws.com |
| Amazon DynamoDB Streams |
streams.dynamodb.us-gov-east-1.amazonaws.com streams.dynamodb.us-gov-west-1.amazonaws.com |
||
| Amazon EC2 Auto Scaling | autoscaling.us-gov-east-1.amazonaws.com autoscaling.us-gov-west-1.amazonaws.com |
||
| Amazon EC2 Image Builder | imagebuilder.us-gov-west-1.amazonaws.com | ||
| Amazon Elastic Block Store (EBS) | Использует Amazon EC2 напрямую |
ebs-fips.ca-central-1.amazonaws.com | |
| API прямого доступа для Amazon Elastic Block Store (EBS) | ebs-fips.us-east-1.amazonaws.com ebs-fips.us-east-2.amazonaws.com ebs-fips.us-west-1.amazonaws.com ebs-fips.us-west-2.amazonaws.com |
ec2.us-gov-east-1.amazonaws.com ec2.us-gov-west-1.amazonaws.com |
|
| Amazon Elastic Compute Cloud (EC2) | ec2-fips.us-east-1.amazonaws.com ec2-fips.us-east-2.amazonaws.com ec2-fips.us-west-1.amazonaws.com ec2-fips.us-west-2.amazonaws.com ec2messages-fips.us-east-1.amazonaws.com ec2messages-fips.us-east-2.amazonaws.com ec2messages-fips.us-west-1.amazonaws.com ec2messages-fips.us-west-2.amazonaws.com |
ec2.us-gov-east-1.amazonaws.com ec2.us-gov-west-1.amazonaws.com |
ec2-fips.ca-central-1.amazonaws.com |
| Amazon Elastic Container Registry | *.dkr.ecr-fips.us-east-1.amazonaws.com *.dkr.ecr-fips.us-east-2.amazonaws.com *.dkr.ecr-fips.us-west-1.amazonaws.com *.dkr.ecr-fips.us-west-2.amazonaws.com ecr-fips.us-east-1.amazonaws.com ecr-fips.us-east-2.amazonaws.com ecr-fips.us-west-1.amazonaws.com ecr-fips.us-west-2.amazonaws.com |
ecr-fips.us-gov-east-1.amazonaws.com ecr-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Elastic Container Service | ecs-fips.us-east-1.amazonaws.com ecs-fips.us-east-2.amazonaws.com ecs-fips.us-west-1.amazonaws.com ecs-fips.us-west-2.amazonaws.com |
ecs-fips.us-gov-east-1.amazonaws.com ecs-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Elastic File System | elasticfilesystem-fips.us-east-1.amazonaws.com elasticfilesystem-fips.us-east-2.amazonaws.com elasticfilesystem-fips.us-west-1.amazonaws.com elasticfilesystem-fips.us-west-2.amazonaws.com |
elasticfilesystem-fips.us-gov-east-1.amazonaws.com elasticfilesystem-fips.us-gov-west-1.amazonaws.com |
elasticfilesystem-fips.ca-central-1.amazonaws.com |
| Amazon Elastic Kubernetes Service (EKS) | fips.eks.us-east-1.amazonaws.com fips.eks.us-east-2.amazonaws.com fips.eks.us-west-1.amazonaws.com fips.eks.us-west-2.amazonaws.com |
eks.us-gov-east-1.amazonaws.com eks.us-gov-west-1.amazonaws.com |
|
| Amazon ElastiCache | elasticache-fips.us-east-1.amazonaws.com elasticache-fips.us-east-2.amazonaws.com elasticache-fips.us-west-1.amazonaws.com elasticache-fips.us-west-2.amazonaws.com |
elasticache.us-gov-east-1.amazonaws.com elasticache.us-gov-west-1.amazonaws.com |
|
| Amazon Elasticsearch Service |
es-fips.us-east-1.amazonaws.com es-fips.us-east-2.amazonaws.com es-fips.us-west-1.amazonaws.com es-fips.us-west-2.amazonaws.com |
es-fips.us-gov-east-1.amazonaws.com es-fips.us-gov-west-1.amazonaws.com |
|
| Amazon EMR | elasticmapreduce-fips.us-east-1.amazonaws.com elasticmapreduce-fips.us-east-2.amazonaws.com elasticmapreduce-fips.us-west-1.amazonaws.com elasticmapreduce-fips.us-west-2.amazonaws.com |
elasticmapreduce.us-gov-east-1.amazonaws.com elasticmapreduce.us-gov-west-1.amazonaws.com |
elasticmapreduce-fips.ca-central-1.amazonaws.com |
| Amazon EventBridge | events.us-gov-east-1.amazonaws.com events.us-gov-west-1.amazonaws.com |
||
| Amazon GuardDuty | guardduty-fips.us-east-1.amazonaws.com guardduty-fips.us-east-2.amazonaws.com guardduty-fips.us-west-1.amazonaws.com guardduty-fips.us-west-2.amazonaws.com |
guardduty.us-gov-east-1.amazonaws.com guardduty.us-gov-west-1.amazonaws.com |
|
| Amazon Inspector | inspector-fips.us-east-1.amazonaws.com inspector-fips.us-east-2.amazonaws.com inspector-fips.us-west-1.amazonaws.com inspector-fips.us-west-2.amazonaws.com |
inspector-fips.us-gov-east-1.amazonaws.com inspector-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Kinesis Data Analytics | kinesisanalytics-fips.us-east-1.amazonaws.com kinesisanalytics-fips.us-east-2.amazonaws.com kinesisanalytics-fips.us-west-2.amazonaws.com |
||
| Amazon Kinesis Data Firehose | firehose-fips.us-east-1.amazonaws.com firehose-fips.us-east-2.amazonaws.com firehose-fips.us-west-1.amazonaws.com firehose-fips.us-west-2.amazonaws.com |
firehose-fips.us-gov-east-1.amazonaws.com firehose-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Kinesis Data Streams | kinesis-fips.us-east-1.amazonaws.com kinesis-fips.us-east-2.amazonaws.com kinesis-fips.us-west-1.amazonaws.com kinesis-fips.us-west-2.amazonaws.com |
kinesis.us-gov-east-1.amazonaws.com kinesis.us-gov-west-1.amazonaws.com |
|
| Amazon Macie | macie-fips.us-east-1.amazonaws.com macie-fips.us-west-2.amazonaws.com macie2-fips.us-east-1.amazonaws.com macie2-fips.us-east-2.amazonaws.com macie2-fips.us-west-1.amazonaws.com macie2-fips.us-west-2.amazonaws.com |
||
| Amazon MQ | mq-fips.us-east-1.amazonaws.com mq-fips.us-east-2.amazonaws.com mq-fips.us-west-1.amazonaws.com mq-fips.us-west-2.amazonaws.com |
||
| Amazon Neptune | rds.us-gov-east-1.amazonaws.com rds.us-gov-west-1.amazonaws.com |
||
| Amazon Pinpoint | pinpoint-fips.us-east-1.amazonaws.com pinpoint-fips.us-west-2.amazonaws.com |
pinpoint-fips.us-gov-west-1.amazonaws.com | |
| Amazon Polly | polly-fips.us-east-1.amazonaws.com polly-fips.us-east-2.amazonaws.com polly-fips.us-west-1.amazonaws.com polly-fips.us-west-2.amazonaws.com |
polly-fips.us-gov-west-1.amazonaws.com | |
Amazon QuickSight |
fips-us-east-1.quicksight.aws.amazon.com fips-us-east-2.quicksight.aws.amazon.com fips-us-west-2.quicksight.aws.amazon.com |
||
Amazon Redshift |
redshift-fips.us-east-1.amazonaws.com redshift-fips.us-east-2.amazonaws.com redshift-fips.us-west-1.amazonaws.com redshift-fips.us-west-2.amazonaws.com |
redshift.us-gov-east-1.amazonaws.com redshift.us-gov-west-1.amazonaws.com |
redshift-fips.ca-central-1.amazonaws.com |
| Amazon Rekognition | rekognition-fips.us-east-1.amazonaws.com rekognition-fips.us-east-2.amazonaws.com rekognition-fips.us-west-1.amazonaws.com rekognition-fips.us-west-2.amazonaws.com |
rekognition-fips.us-gov-west-1.amazonaws.com | |
| Amazon Relational Database Service (RDS) / Amazon Aurora | rds-fips.us-east-1.amazonaws.com rds-fips.us-east-2.amazonaws.com rds-fips.us-west-1.amazonaws.com rds-fips.us-west-2.amazonaws.com |
rds.us-gov-east-1.amazonaws.com rds.us-gov-west-1.amazonaws.com |
rds-fips.ca-central-1.amazonaws.com |
Amazon Route 53* |
route53-fips.amazonaws.com | route53.us-gov.amazonaws.com * Идентификатор зоны хостинга Amazon Route 53 для региональных адресов региона AWS GovCloud (США) – Z1K6XKP9SAGWDV. |
|
| Amazon S3 Glacier | glacier-fips.us-east-1.amazonaws.com glacier-fips.us-east-2.amazonaws.com glacier-fips.us-west-1.amazonaws.com glacier-fips.us-west-2.amazonaws.com |
glacier.us-gov-east-1.amazonaws.com glacier.us-gov-west-1.amazonaws.com |
glacier-fips.ca-central-1.amazonaws.com |
| Amazon SageMaker | api-fips.sagemaker.us-west-1.amazonaws.com api-fips.sagemaker.us-east-1.amazonaws.com api-fips.sagemaker.us-east-2.amazonaws.com api-fips.sagemaker.us-west-2.amazonaws.com runtime-fips.sagemaker.us-east-1.amazonaws.com runtime-fips.sagemaker.us-east-2.amazonaws.com runtime-fips.sagemaker.us-west-2.amazonaws.com runtime-fips.sagemaker.us-west-1.amazonaws.com |
api.sagemaker.us-gov-west-1.amazonaws.com | |
| Amazon Simple Email Service (API HTTPS) | email-fips.us-east-1.amazonaws.com email-fips.us-west-2.amazonaws.com |
email-fips.us-gov-west-1.amazonaws.com | |
| Amazon Simple Email Service (SMTP) | email-smtp-fips.us-east-1.amazonaws.com email-smtp-fips.us-west-2.amazonaws.com |
email-smtp-fips.us-gov-west-1.amazonaws.com | |
| Amazon Simple Notification Service (SNS) | sns-fips.us-west-1.amazonaws.com sns-fips.us-west-2.amazonaws.com sns-fips.us-east-2.amazonaws.com sns-fips.us-east-1.amazonaws.com |
sns.us-gov-east-1.amazonaws.com sns.us-gov-west-1.amazonaws.com |
|
| Amazon Simple Queue Service (SQS) | sqs-fips.us-east-2.amazonaws.com sqs-fips.us-west-2.amazonaws.com sqs-fips.us-east-1.amazonaws.com sqs-fips.us-west-1.amazonaws.com |
sqs.us-gov-east-1.amazonaws.com sqs.us-gov-west-1.amazonaws.com |
|
Amazon Simple Storage Service (S3) Примечание. Эти URL серверов можно использовать только с адресами на виртуальных хостах. Например: https://bucket.s3-fips.us-east-2.amazonaws.com. См. дополнительные сведения на странице Документация по Amazon S3. |
s3-fips.dualstack.us-east-1.amazonaws.com s3-fips.dualstack.us-east-2.amazonaws.com s3-fips.dualstack.us-west-1.amazonaws.com s3-fips.dualstack.us-west-2.amazonaws.com s3-fips.us-east-1.amazonaws.com s3-fips.us-east-2.amazonaws.com s3-fips.us-west-1.amazonaws.com s3-fips.us-west-2.amazonaws.com |
s3-fips.us-gov-east-1.amazonaws.com s3-fips.us-gov-west-1.amazonaws.com |
s3-fips.ca-central-1.amazonaws.com |
Amazon Simple Workflow Service (SWF) |
swf-fips.us-east-1.amazonaws.com swf-fips.us-east-2.amazonaws.com swf-fips.us-west-1.amazonaws.com swf-fips.us-west-2.amazonaws.com |
swf.us-gov-east-1.amazonaws.com swf.us-gov-west-1.amazonaws.com |
|
| Amazon Textract | textract-fips.us-east-1.amazonaws.com textract-fips.us-east-2.amazonaws.com textract-fips.us-west-1.amazonaws.com textract-fips.us-west-2.amazonaws.com
|
textract-fips.us-gov-east-1.amazonaws.com textract-fips.us-gov-west-1.amazonaws.com |
textract-fips.ca-central-1.amazonaws.com
|
| Amazon Transcribe | fips.transcribe.us-west-1.amazonaws.com | fips.transcribe.us-gov-east-1.amazonaws.com fips.transcribe.us-gov-west-1.amazonaws.com |
|
| Amazon Translate | translate-fips.us-west-2.amazonaws.com translate-fips.us-east-2.amazonaws.com translate-fips.us-east-1.amazonaws.com |
translate-fips.us-gov-west-1.amazonaws.com | |
Amazon Virtual Private Cloud (VPC) |
Использует Amazon EC2 напрямую | ec2.us-gov-east-1.amazonaws.com ec2.us-gov-west-1.amazonaws.com |
|
| Amazon VPC Console | us-gov-west-1.console.amazonaws-us-gov.com/vpc/home?region=us-gov-west-1 us-gov-east-1.console.amazonaws-us-gov.com/vpc/home?region=us-gov-east-1 |
||
Amazon WorkDocs |
workdocs-fips.us-east-1.amazonaws.com workdocs-fips.us-west-2.amazonaws.com |
||
| Amazon WorkSpaces | workspaces-fips.us-east-1.amazonaws.com workspaces-fips.us-west-2.amazonaws.com |
workspaces-fips.us-gov-west-1.amazonaws.com | |
| AWS Application Auto Scaling | autoscaling-plans.us-gov-east-1.amazonaws.com autoscaling-plans.us-gov-west-1.amazonaws.com |
||
| AWS Auto Scaling | autoscaling-plans.us-gov-east-1.amazonaws.com autoscaling-plans.us-gov-west-1.amazonaws.com |
||
| AWS Backup | backup-fips.us-east-1.amazonaws.com backup-fips.us-east-2.amazonaws.com backup-fips.us-west-1.amazonaws.com backup-fips.us-west-2.amazonaws.com |
backup-fips.us-gov-east-1.amazonaws.com backup-fips.us-gov-west-1.amazonaws.com |
|
| AWS Batch | fips.batch.us-east-1.amazonaws.com fips.batch.us-east-2.amazonaws.com fips.batch.us-west-1.amazonaws.com fips.batch.us-west-2.amazonaws.com |
batch.us-gov-east-1.amazonaws.com batch.us-gov-west-1.amazonaws.com |
|
| AWS Certificate Manager | acm-fips.us-east-1.amazonaws.com acm-fips.us-east-2.amazonaws.com acm-fips.us-west-2.amazonaws.com acm-fips.us-west-1.amazonaws.com |
acm.us-gov-east-1.amazonaws.com acm.us-gov-west-1.amazonaws.com |
acm-fips.ca-central-1.amazonaws.com |
| Private Certificate Authority в AWS Certificate Manager | acm-pca-fips.us-east-1.amazonaws.com acm-pca-fips.us-west-1.amazonaws.com acm-pca-fips.us-east-2.amazonaws.com acm-pca-fips.us-west-2.amazonaws.com |
acm-pca.us-gov-east-1.amazonaws.com acm-pca.us-gov-west-1.amazonaws.com |
acm-pca-fips.ca-central-1.amazonaws.com |
| AWS Cloud Map | servicediscovery-fips.us-east-1.amazonaws.com servicediscovery-fips.us-east-2.amazonaws.com servicediscovery-fips.us-west-1.amazonaws.com servicediscovery-fips.us-west-2.amazonaws.com |
servicediscovery-fips.ca-central-1.amazonaws.com | |
| AWS CloudFormation | cloudformation-fips.us-east-1.amazonaws.com cloudformation-fips.us-east-2.amazonaws.com cloudformation-fips.us-west-1.amazonaws.com cloudformation-fips.us-west-2.amazonaws.com |
cloudformation.us-gov-east-1.amazonaws.com cloudformation.us-gov-west-1.amazonaws.com |
|
| AWS CloudTrail | cloudtrail-fips.us-east-1.amazonaws.com cloudtrail-fips.us-east-2.amazonaws.com cloudtrail-fips.us-west-1.amazonaws.com cloudtrail-fips.us-west-2.amazonaws.com |
cloudtrail.us-gov-east-1.amazonaws.com cloudtrail.us-gov-west-1.amazonaws.com |
|
| AWS CodeBuild | codebuild-fips.us-west-1.amazonaws.com codebuild-fips.us-east-1.amazonaws.com codebuild-fips.us-west-2.amazonaws.com codebuild-fips.us-east-2.amazonaws.com |
codebuild-fips.us-gov-east-1.amazonaws.com codebuild-fips.us-gov-west-1.amazonaws.com |
|
| AWS CodeCommit | codecommit-fips.us-east-1.amazonaws.com codecommit-fips.us-east-2.amazonaws.com codecommit-fips.us-west-1.amazonaws.com codecommit-fips.us-west-2.amazonaws.com git-codecommit-fips.us-east-1.amazonaws.com git-codecommit-fips.us-east-2.amazonaws.com git-codecommit-fips.us-west-1.amazonaws.com git-codecommit-fips.us-west-2.amazonaws.com |
codecommit-fips.us-gov-west-1.amazonaws.com git-codecommit-fips.us-gov-west-1.amazonaws.com |
codecommit-fips.ca-central-1.amazonaws.com git-codecommit-fips.ca-central-1.amazonaws.com |
| AWS CodeDeploy | codedeploy-fips.us-east-1.amazonaws.com codedeploy-fips.us-west-1.amazonaws.com codedeploy-fips.us-west-2.amazonaws.com codedeploy-fips.us-east-2.amazonaws.com codedeploy-commands-fips.us-east-1.amazonaws.com codedeploy-commands-fips.us-east-2.amazonaws.com codedeploy-commands-fips.us-west-1.amazonaws.com codedeploy-commands-fips.us-west-2.amazonaws.com |
codedeploy-fips.us-gov-east-1.amazonaws.com codedeploy-fips.us-gov-west-1.amazonaws.com |
|
| AWS CodePipeline | codepipeline-fips.us-east-1.amazonaws.com codepipeline-fips.us-east-2.amazonaws.com codepipeline-fips.us-west-1.amazonaws.com codepipeline-fips.us-west-2.amazonaws.com |
codepipeline-fips.us-gov-west-1.amazonaws.com | codepipeline-fips.ca-central-1.amazonaws.com |
| AWS Config | config-fips.us-east-1.amazonaws.com config-fips.us-east-2.amazonaws.com config-fips.us-west-1.amazonaws.com config-fips.us-west-2.amazonaws.com |
config.us-gov-east-1.amazonaws.com config.us-gov-west-1.amazonaws.com |
|
| AWS Config Rules | config.us-gov-east-1.amazonaws.com config.us-gov-west-1.amazonaws.com |
||
| AWS Database Migration Service (DMS) | dms‑fips.us‑east‑1.amazonaws.com dms-fips.us-east-2.amazonaws.com dms-fips.us-west-1.amazonaws.com dms-fips.us-west-2.amazonaws.com |
dms.us-gov-east-1.amazonaws.com dms.us-gov-west-1.amazonaws.com |
|
| AWS DataSync | datasync-fips.us-east-1.amazonaws.com datasync-fips.us-west-1.amazonaws.com datasync-fips.us-east-2.amazonaws.com datasync-fips.us-west-2.amazonaws.com |
datasync-fips.us-gov-east-1.amazonaws.com datasync-fips.us-gov-west-1.amazonaws.com |
datasync-fips.ca-central-1.amazonaws.com |
| AWS Direct Connect | directconnect‑fips.us‑east‑1.amazonaws.com directconnect‑fips.us‑east‑2.amazonaws.com directconnect‑fips.us‑west‑1.amazonaws.com directconnect‑fips.us‑west‑2.amazonaws.com |
||
| AWS Directory Service | ds-fips.us-east-1.amazonaws.com ds-fips.us-east-2.amazonaws.com ds-fips.us-west-1.amazonaws.com ds-fips.us-west-2.amazonaws.com |
ds-fips.us-gov-east-1.amazonaws.com ds-fips.us-gov-west-1.amazonaws.com |
ds-fips.ca-central-1.amazonaws.com |
| AWS Elastic Beanstalk | elasticbeanstalk-fips.us-east-1.amazonaws.com elasticbeanstalk-fips.us-east-2.amazonaws.com elasticbeanstalk-fips.us-west-1.amazonaws.com elasticbeanstalk-fips.us-west-2.amazonaws.com |
elasticbeanstalk.us-gov-east-1.amazonaws.com elasticbeanstalk.us-gov-west-1.amazonaws.com |
|
| AWS Elemental MediaConvert | mediaconvert.us-gov-west-1.amazonaws.com | ||
| AWS Elemental MediaLive | medialive-fips.us-east-1.amazonaws.com medialive-fips.us-east-2.amazonaws.com medialive-fips.us-west-2.amazonaws.com |
||
| AWS Firewall Manager | fms-fips.us-west-1.amazonaws.com fms-fips.us-east-1.amazonaws.com fms-fips.us-west-2.amazonaws.com fms-fips.us-east-2.amazonaws.com |
fms-fips.ca-central-1.amazonaws.com | |
| AWS Glue | glue-fips.us-east-1.amazonaws.com glue-fips.us-east-2.amazonaws.com glue-fips.us-west-1.amazonaws.com glue-fips.us-west-2.amazonaws.com |
glue-fips.us-gov-east-1.amazonaws.com glue-fips.us-gov-west-1.amazonaws.com |
|
| AWS Ground Station | groundstation-fips.us-east-2.amazonaws.com groundstation-fips.us-west-2.amazonaws.com |
||
| AWS Health* |
health-fips.us-gov-west-1.amazonaws.com * Адрес AWS Health не проверен на соответствие стандарту FIPS. Мы имеем право не использовать стандарт FIPS, поскольку не распространяем личные данные пользователей (события, связанные с Health, считаются данными AWS). К адресам FIPS применяются утвержденные протоколы шифрования. |
||
| AWS IAM Access Analyzer | access-analyzer-fips.us-east-1.amazonaws.com access-analyzer-fips.us-east-2.amazonaws.com access-analyzer-fips.us-west-1.amazonaws.com access-analyzer-fips.us-west-2.amazonaws.com |
access-analyzer.us-gov-west-1.amazonaws.com access-analyzer.us-gov-east-1.amazonaws.com |
access-analyzer-fips.ca-central-1.amazonaws.com |
| AWS Identity and Access Management (IAM) | iam-fips.amazonaws.com (только регион IAD) | iam.us-gov.amazonaws.com |
|
| AWS IoT Greengrass | Операции в плоскости контроля: greengrass-fips.us-gov-east-1.amazonaws.com greengrass.us-gov-west-1.amazonaws.com |
||
| AWS Key Management Service (KMS) | kms-fips.us-east-1.amazonaws.com kms-fips.us-east-2.amazonaws.com kms-fips.us-west-1.amazonaws.com kms-fips.us-west-2.amazonaws.com |
kms-fips.us-gov-east-1.amazonaws.com kms-fips.us-gov-west-1.amazonaws.com |
|
| AWS Lake Formation | lakeformation-fips.us-gov-west-1.amazonaws.com | ||
AWS Lambda |
lambda-fips.us-east-1.amazonaws.com lambda-fips.us-east-2.amazonaws.com lambda-fips.us-west-1.amazonaws.com lambda-fips.us-west-2.amazonaws.com |
lambda-fips.us-gov-east-1.amazonaws.com lambda-fips.us-gov-west-1.amazonaws.com |
|
| AWS License Manager | license-manager-fips.us-east-1.amazonaws.com license-manager-fips.us-east-2.amazonaws.com license-manager-fips.us-west-1.amazonaws.com license-manager-fips.us-west-2.amazonaws.com |
license-manager-fips.us-gov-east-1.amazonaws.com license-manager-fips.us-gov-west-1.amazonaws.com |
|
AWS OpsWorks for Chef Automate AWS OpsWorks for Puppet Enterprise |
opsworks-cm-fips.us-east-1.amazonaws.com opsworks-cm-fips.us-east-2.amazonaws.com opsworks-cm-fips.us-west-1.amazonaws.com opsworks-cm-fips.us-west-2.amazonaws.com |
||
| AWS Organizations | organizations-fips.us-east-1.amazonaws.com | organizations.us-gov-west-1.amazonaws.com | |
| AWS Outposts | outposts-fips.us-east-1.amazonaws.com outposts-fips.us-west-1.amazonaws.com |
outposts.us-gov-east-1.amazonaws.com outposts.us-gov-west-1.amazonaws.com |
|
| AWS Resource Groups | resource-groups-fips.us-east-1.amazonaws.com resource-groups-fips.us-east-2.amazonaws.com resource-groups-fips.us-west-2.amazonaws.com resource-groups-fips.us-west-1.amazonaws.com |
||
| AWS Secrets Manager | secretsmanager-fips.us-east-2.amazonaws.com secretsmanager-fips.us-west-1.amazonaws.com secretsmanager-fips.us-east-1.amazonaws.com secretsmanager-fips.us-west-2.amazonaws.com |
secretsmanager-fips.us-gov-east-1.amazonaws.com secretsmanager-fips.us-gov-west-1.amazonaws.com |
|
| AWS Security Hub | securityhub-fips.us-gov-east-1.amazonaws.com securityhub-fips.us-gov-west-1.amazonaws.com |
||
| AWS Security Token Service (STS) | sts-fips.us-east-1.amazonaws.com sts-fips.us-east-2.amazonaws.com sts-fips.us-west-1.amazonaws.com sts-fips.us-west-2.amazonaws.com |
sts.us-gov-east-1.amazonaws.com sts.us-gov-west-1.amazonaws.com |
|
| AWS Server Migration Service (SMS) | sms-fips.us-west-2.amazonaws.com sms-fips.us-east-1.amazonaws.com sms-fips.us-east-2.amazonaws.com sms-fips.us-west-1.amazonaws.com |
sms-fips.us-gov-east-1.amazonaws.com sms-fips.us-gov-west-1.amazonaws.com |
|
| AWS Serverless Application Repository | serverlessrepo.us-gov-east-1.amazonaws.com serverlessrepo.us-gov-west-1.amazonaws.com |
||
| AWS Service Catalog | servicecatalog-fips.us-east-1.amazonaws.com servicecatalog-fips.us-east-2.amazonaws.com servicecatalog-fips.us-west-1.amazonaws.com servicecatalog-fips.us-west-2.amazonaws.com |
servicecatalog-fips.us-gov-east-1.amazonaws.com servicecatalog-fips.us-gov-west-1.amazonaws.com |
|
| AWS Shield | shield-fips.us-east-1.amazonaws.com | ||
| AWS Snowball | snowball-fips.us-east-1.amazonaws.com snowball-fips.us-east-2.amazonaws.com snowball-fips.us-west-1.amazonaws.com snowball-fips.us-west-2.amazonaws.com |
snowball-fips.ca-central-1.amazonaws.com | |
| AWS Step Functions | states-fips.us-east-1.amazonaws.com states-fips.us-east-2.amazonaws.com states-fips.us-west-1.amazonaws.com states-fips.us-west-2.amazonaws.com |
states.us-gov-west-1.amazonaws.com states-fips.us-gov-east-1.amazonaws.com |
|
| AWS Storage Gateway | storagegateway-fips.us-east-1.amazonaws.com storagegateway-fips.us-east-2.amazonaws.com storagegateway-fips.us-west-1.amazonaws.com storagegateway-fips.us-west-2.amazonaws.com |
storagegateway-fips.us-gov-east-1.amazonaws.com storagegateway-fips.us-gov-west-1.amazonaws.com |
storagegateway-fips.ca-central-1.amazonaws.com |
| AWS Support | support.us-gov-west-1.amazonaws.com support.us-gov-west-1.amazonaws.com |
||
| AWS Systems Manager | ssm-fips.us-east-1.amazonaws.com ssm-fips.us-east-2.amazonaws.com ssm-fips.us-west-1.amazonaws.com ssm-fips.us-west-2.amazonaws.com |
ssm.us-gov-east-1.amazonaws.com ssm.us-gov-west-1.amazonaws.com |
|
| AWS Transfer Family | transfer-fips.us-east-1.amazonaws.com transfer-fips.us-east-2.amazonaws.com transfer-fips.us-west-1.amazonaws.com transfer-fips.us-west-2.amazonaws.com |
transfer-fips.us-gov-east-1.amazonaws.com transfer-fips.us-gov-west-1.amazonaws.com |
transfer-fips.ca-central-1.amazonaws.com |
AWS WAF |
waf‑fips.amazonaws.com waf‑regional‑fips.us‑east‑1.amazonaws.com waf‑regional‑fips.us‑east‑2.amazonaws.com waf-regional-fips.us-west-1.amazonaws.com waf-regional-fips.us-west-2.amazonaws.com wafv2-fips.us-east-1.amazonaws.com wafv2-fips.us-east-2.amazonaws.com wafv2-fips.us-west-1.amazonaws.com wafv2-fips.us-west-2.amazonaws.com |
waf-regional-fips.us-gov-west-1.amazonaws.com wafv2-fips.us-gov-west-1.amazonaws.com |
waf-regional-fips.ca-central-1.amazonaws.com wafv2-fips.ca-central-1.amazonaws.com |
| Elastic Load Balancing | elasticloadbalancing-fips.us-east-1.amazonaws.com elasticloadbalancing-fips.us-east-2.amazonaws.com elasticloadbalancing-fips.us-west-1.amazonaws.com elasticloadbalancing-fips.us-west-2.amazonaws.com |
elasticloadbalancing.us-gov-east-1.amazonaws.com elasticloadbalancing.us-gov-west-1.amazonaws.com |
Вопросы и ответы
-
В каких сервисах AWS требуется протокол TLS версии не ниже 1.2 для адресов, проверенных на соответствие FIPS?
Планируется, что до 31 марта 2021 года все адреса AWS, проверенные на соответствие FIPS, во всех регионах AWS будут обновлены до версии протокола транспортного уровня безопасности (TLS) не ниже 1.2. После завершения этого обновления возможность использовать версии TLS 1.0 и TLS 1.1 для любых адресов, проверенных на соответствие FIPS, будет аннулирована. Для получения дополнительной информации ознакомьтесь с новостью в блоге AWS Security. Это изменение не затронет другие адреса AWS.
Адреса сервисов AWS, проверенные на соответствие FIPS и перечисленные ниже, уже обновлены и требуют применять TLS версии не ниже 1.2. Адреса сервисов AWS, проверенные на соответствие FIPS и не перечисленные ниже, в настоящий момент поддерживают как TLS версий 1.0 и 1.1, так и TLS 1.2.
Сервис AWS TLS 1.2 и более поздних версий Amazon Athena ✓ Amazon API Gateway ✓ Amazon Connect ✓ Amazon EC2 Image Builder ✓ API прямого доступа для Amazon Elastic Block Store (EBS) ✓ Amazon Elastic Kubernetes Service (Amazon EKS) ✓ Amazon GuardDuty ✓ Amazon Macie ✓ Amazon MQ ✓ Amazon Pinpoint ✓ Amazon QuickSight ✓ Amazon Textract ✓ AWS Batch ✓ Private Certificate Authority (PCA) в AWS Certificate Manager ✓ AWS Cloud Map ✓ AWS Database Migration Service ✓ AWS DataSync ✓ AWS Elemental MediaConvert ✓ AWS Elemental MediaLive ✓ AWS Glue ✓ AWS Ground Station ✓ AWS Health ✓ AWS IAM Access Analyzer ✓ AWS IoT Greengrass ✓ AWS Key Management Service (KMS) ✓ AWS Lake Formation ✓ AWS Outposts ✓ AWS Resource Groups ✓ AWS Security Hub ✓ AWS Serverless App Respository ✓ AWS Storage Gateway ✓ AWS Transfer Family ✓ AWS WAF ✓ -
Где найти адреса AWS GovCloud (США) (не проверенные на соответствие FIPS)?
Для ознакомления со списком адресов, не проверенных на соответствие FIPS, см. раздел Service Endpoints в руководстве пользователя AWS GovCloud (США).
-
Где найти все адреса AWS?
Список всех адресов AWS см. в разделе Regions and Endpoints справочника AWS General Reference. Сведения о предоставлении федеративным пользователям доступа к Консоли управления AWS с помощью единого входа см. в разделе Giving Federated Users Direct to the Access to the AWS Management Console.
