Федеральный стандарт по обработке информации (FIPS) 140-2
Обзор
Федеральный стандарт обработки информации (FIPS), публикация 140‑2 – это государственный стандарт США и Канады, определяющий требования к безопасности криптографических модулей для защиты конфиденциальных данных. Если при доступе к регионам AWS Восток / Запад США, AWS GovCloud (США) или AWS Канада (Центр) через интерфейс командной строки (CLI) или программно с помощью API требуется использование криптографических модулей, проверенных на соответствие FIPS 140‑2, далее в соответствующих разделах приведен список доступных адресов, проверенных на соответствие FIPS (по регионам AWS). URL серверов VPN Amazon Virtual Private Cloud в регионе AWS GovCloud (US) функционируют с использованием проверенных на соответствие FIPS 140-2 модулей шифрования. AWS взаимодействует с клиентами, чтобы предоставить им нужную информацию для обеспечения соответствия требованиям при работе в регионах AWS Восток / Запад США, AWS GovCloud (США) или AWS Канада (Центр). Дополнительную информацию о стандарте см. на странице Cryptographic Module Validation Program веб‑сайта Центра ресурсов компьютерной безопасности NIST.
Адреса FIPS в зависимости от сервиса
| Сервис AWS | Регионы AWS Восток/Запад США | AWS GovCloud (США) | Регион AWS Канада (Центр) |
| Amazon API Gateway* | apigateway-fips.us-east-1.amazonaws.com apigateway-fips.us-east-2.amazonaws.com apigateway-fips.us-west-1.amazonaws.com apigateway-fips.us-west-2.amazonaws.com |
apigateway-fips.us-gov-east-1.amazonaws.com apigateway-fips.us-gov-west-1.amazonaws.com * Оптимизированные для периферии API и пользовательское доменное имя Amazon API Gateway не поддерживаются. |
apigateway-fips.ca-central-1.amazonaws.com |
| Amazon AppStream 2.0 | appstream2-fips.us-east-1.amazonaws.com appstream2-fips.us-west-2.amazonaws.com |
appstream2-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Athena | athena-fips.us-east-1.amazonaws.com athena-fips.us-east-2.amazonaws.com athena-fips.us-west-1.amazonaws.com athena-fips.us-west-2.amazonaws.com |
athena-fips.us-gov-east-1.amazonaws.com athena-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Cloud Directory | clouddirectory-fips.us-east-1.amazonaws.com clouddirectory-fips.us-east-2.amazonaws.com clouddirectory-fips.us-west-2.amazonaws.com |
clouddirectory.us-gov-west-1.amazonaws.com | |
| Amazon CloudFront |
cloudfront-fips.amazonaws.com | ||
| Amazon CloudWatch | monitoring.us-gov-east-1.amazonaws.com monitoring.us-gov-west-1.amazonaws.com |
||
| Amazon CloudWatch Events | events-fips.us-east-1.amazonaws.com events-fips.us-east-2.amazonaws.com events-fips.us-west-1.amazonaws.com events-fips.us-west-2.amazonaws.com |
events.us-gov-east-1.amazonaws.com events.us-gov-west-1.amazonaws.com |
|
| Amazon CloudWatch Logs | logs-fips.us-east-1.amazonaws.com logs-fips.us-east-2.amazonaws.com logs-fips.us-west-1.amazonaws.com logs-fips.us-west-2.amazonaws.com |
logs.us-gov-east-1.amazonaws.com logs.us-gov-west-1.amazonaws.com |
|
| Amazon Cognito | <your_user_pool_domain>.auth-fips.us-east-1.amazoncognito.com <your_user_pool_domain>.auth-fips.us-east-2.amazoncognito.com <your_user_pool_domain>.auth-fips.us-west-2.amazoncognito.com cognito-identity-fips.us-east-1.amazonaws.com cognito-identity-fips.us-east-2.amazonaws.com cognito-identity-fips.us-west-2.amazonaws.com cognito-idp-fips.us-east-1.amazonaws.com cognito-idp-fips.us-east-2.amazonaws.com cognito-idp-fips.us-west-2.amazonaws.com cognito-sync-fips.us-east-1.amazonaws.com cognito-sync-fips.us-east-2.amazonaws.com cognito-sync-fips.us-west-2.amazonaws.com |
cognito-idp-fips.us-gov-west-1.amazonaws.com | |
| Amazon Comprehend | comprehend-fips.us-east-1.amazonaws.com comprehend-fips.us-east-2.amazonaws.com comprehend-fips.us-west-2.amazonaws.com |
comprehend-fips.us-gov-west-1.amazonaws.com | |
| Amazon Comprehend Medical |
comprehendmedical-fips.us-gov-west-1.amazonaws.com | ||
| Amazon Connect | connect-fips.us-east-1.amazonaws.com connect-fips.us-west-2.amazonaws.com |
connect.us-gov-west-1.amazonaws.com | |
| Сервис для участников Amazon Connect | participant.connect.us-east-1.amazonaws.com participant.connect-fips.us-west-2.amazonaws.com |
participant.connect.us-gov-west-1.amazonaws.com | |
| Amazon Detective | api.detective-fips.us-east-2.amazonaws.com api.detective-fips.us-east-1.amazonaws.com api.detective-fips.us-west-2.amazonaws.com |
api.detective-fips.us-gov-west-1.amazonaws.com api.detective-fips.us-gov-east-1.amazonaws.com |
|
| Amazon DocumentDB (совместимость с MongoDB) | rds.us-gov-west-1.amazonaws.com | ||
| Amazon DynamoDB | dynamodb-fips.us-east-1.amazonaws.com dynamodb-fips.us-east-2.amazonaws.com dynamodb-fips.us-west-1.amazonaws.com dynamodb-fips.us-west-2.amazonaws.com |
dynamodb.us-gov-east-1.amazonaws.com dynamodb.us-gov-west-1.amazonaws.com |
dynamodb-fips.ca-central-1.amazonaws.com |
| Amazon DynamoDB Streams |
streams.dynamodb.us-gov-east-1.amazonaws.com streams.dynamodb.us-gov-west-1.amazonaws.com |
||
| Amazon EC2 Auto Scaling | autoscaling.us-gov-east-1.amazonaws.com autoscaling.us-gov-west-1.amazonaws.com |
||
| Amazon EC2 Image Builder | imagebuilder.us-gov-west-1.amazonaws.com | ||
| Amazon Elastic Block Store (EBS) | Использует Amazon EC2 напрямую |
ebs-fips.ca-central-1.amazonaws.com | |
| API прямого доступа для Amazon Elastic Block Store (EBS) | ebs-fips.us-east-1.amazonaws.com ebs-fips.us-east-2.amazonaws.com ebs-fips.us-west-1.amazonaws.com ebs-fips.us-west-2.amazonaws.com |
ec2.us-gov-east-1.amazonaws.com ec2.us-gov-west-1.amazonaws.com |
|
| Amazon Elastic Compute Cloud (EC2) | ec2-fips.us-east-1.amazonaws.com ec2-fips.us-east-2.amazonaws.com ec2-fips.us-west-1.amazonaws.com ec2-fips.us-west-2.amazonaws.com |
ec2.us-gov-east-1.amazonaws.com ec2.us-gov-west-1.amazonaws.com |
ec2-fips.ca-central-1.amazonaws.com |
| Amazon Elastic Container Registry | *.dkr.ecr-fips.us-east-1.amazonaws.com *.dkr.ecr-fips.us-east-2.amazonaws.com *.dkr.ecr-fips.us-west-1.amazonaws.com *.dkr.ecr-fips.us-west-2.amazonaws.com ecr-fips.us-east-1.amazonaws.com ecr-fips.us-east-2.amazonaws.com ecr-fips.us-west-1.amazonaws.com ecr-fips.us-west-2.amazonaws.com |
ecr-fips.us-gov-east-1.amazonaws.com |
|
| Amazon Elastic Container Service | ecs-fips.us-east-1.amazonaws.com ecs-fips.us-east-2.amazonaws.com ecs-fips.us-west-1.amazonaws.com ecs-fips.us-west-2.amazonaws.com |
ecs-fips.us-gov-east-1.amazonaws.com ecs-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Elastic File System | elasticfilesystem-fips.us-east-1.amazonaws.com elasticfilesystem-fips.us-east-2.amazonaws.com elasticfilesystem-fips.us-west-1.amazonaws.com elasticfilesystem-fips.us-west-2.amazonaws.com |
elasticfilesystem-fips.us-gov-east-1.amazonaws.com elasticfilesystem-fips.us-gov-west-1.amazonaws.com |
elasticfilesystem-fips.ca-central-1.amazonaws.com |
| Amazon Elastic Kubernetes Service (EKS) | fips.eks.us-east-1.amazonaws.com fips.eks.us-east-2.amazonaws.com fips.eks.us-west-1.amazonaws.com fips.eks.us-west-2.amazonaws.com |
eks.us-gov-east-1.amazonaws.com eks.us-gov-west-1.amazonaws.com |
|
| Amazon ElastiCache | elasticache-fips.us-east-1.amazonaws.com elasticache-fips.us-east-2.amazonaws.com elasticache-fips.us-west-1.amazonaws.com elasticache-fips.us-west-2.amazonaws.com |
elasticache.us-gov-east-1.amazonaws.com elasticache.us-gov-west-1.amazonaws.com |
|
| Amazon Elasticsearch Service |
es-fips.us-east-1.amazonaws.com es-fips.us-east-2.amazonaws.com es-fips.us-west-1.amazonaws.com es-fips.us-west-2.amazonaws.com |
es-fips.us-gov-east-1.amazonaws.com es-fips.us-gov-west-1.amazonaws.com |
|
| Amazon EMR | elasticmapreduce-fips.us-east-1.amazonaws.com elasticmapreduce-fips.us-east-2.amazonaws.com elasticmapreduce-fips.us-west-1.amazonaws.com elasticmapreduce-fips.us-west-2.amazonaws.com |
elasticmapreduce.us-gov-east-1.amazonaws.com elasticmapreduce.us-gov-west-1.amazonaws.com |
elasticmapreduce-fips.ca-central-1.amazonaws.com |
| Amazon EventBridge | events.us-gov-east-1.amazonaws.com events.us-gov-west-1.amazonaws.com |
||
| Amazon FSx | fsx-fips.us-east-1.amazonaws.com fsx-fips.us-east-2.amazonaws.com fsx-fips.us-west-1.amazonaws.com fsx-fips.us-west-2.amazonaws.com |
fsx-fips.us-gov-east-1.amazonaws.com fsx-fips.us-gov-west-1.amazonaws.com |
fsx-fips.ca-central-1.amazonaws.com |
| Amazon GuardDuty | guardduty-fips.us-east-1.amazonaws.com guardduty-fips.us-east-2.amazonaws.com guardduty-fips.us-west-1.amazonaws.com guardduty-fips.us-west-2.amazonaws.com |
guardduty.us-gov-east-1.amazonaws.com guardduty.us-gov-west-1.amazonaws.com |
|
| Amazon Inspector | inspector-fips.us-east-1.amazonaws.com inspector-fips.us-east-2.amazonaws.com inspector-fips.us-west-1.amazonaws.com inspector-fips.us-west-2.amazonaws.com |
inspector-fips.us-gov-east-1.amazonaws.com inspector-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Kinesis Data Analytics | kinesisanalytics-fips.us-east-1.amazonaws.com kinesisanalytics-fips.us-east-2.amazonaws.com kinesisanalytics-fips.us-west-2.amazonaws.com |
||
| Amazon Kinesis Data Firehose | firehose-fips.us-east-1.amazonaws.com firehose-fips.us-east-2.amazonaws.com firehose-fips.us-west-1.amazonaws.com firehose-fips.us-west-2.amazonaws.com |
firehose-fips.us-gov-east-1.amazonaws.com firehose-fips.us-gov-west-1.amazonaws.com |
|
| Amazon Kinesis Data Streams | kinesis-fips.us-east-1.amazonaws.com kinesis-fips.us-east-2.amazonaws.com kinesis-fips.us-west-1.amazonaws.com kinesis-fips.us-west-2.amazonaws.com |
kinesis.us-gov-east-1.amazonaws.com kinesis.us-gov-west-1.amazonaws.com |
|
| Сервис создания модели Amazon Lex | models-fips.lex.us-east-1.amazonaws.com models-fips.lex.us-west-2.amazonaws.com |
||
| Сервис среды выполнения Amazon Lex | runtime-fips.lex.us-west-2.amazonaws.com runtime-v2-lex-fips.us-east-1.amazonaws.com runtime-v2-lex-fips.us-west-2.amazonaws.com runtime-fips.lex.us-east-1.amazonaws.com |
||
| Amazon Macie | macie-fips.us-east-1.amazonaws.com macie-fips.us-west-2.amazonaws.com macie2-fips.us-east-1.amazonaws.com macie2-fips.us-east-2.amazonaws.com macie2-fips.us-west-1.amazonaws.com macie2-fips.us-west-2.amazonaws.com |
||
| Amazon MQ | mq-fips.us-east-1.amazonaws.com mq-fips.us-east-2.amazonaws.com mq-fips.us-west-1.amazonaws.com mq-fips.us-west-2.amazonaws.com |
||
| Amazon Neptune | rds.us-gov-east-1.amazonaws.com rds.us-gov-west-1.amazonaws.com |
||
| Amazon Pinpoint | pinpoint-fips.us-east-1.amazonaws.com pinpoint-fips.us-west-2.amazonaws.com |
pinpoint-fips.us-gov-west-1.amazonaws.com | |
| Amazon Polly | polly-fips.us-east-1.amazonaws.com polly-fips.us-east-2.amazonaws.com polly-fips.us-west-1.amazonaws.com polly-fips.us-west-2.amazonaws.com |
polly-fips.us-gov-west-1.amazonaws.com | |
Amazon QuickSight |
fips-us-east-1.quicksight.aws.amazon.com fips-us-east-2.quicksight.aws.amazon.com fips-us-west-2.quicksight.aws.amazon.com |
||
Amazon Redshift |
redshift-fips.us-east-1.amazonaws.com redshift-fips.us-east-2.amazonaws.com redshift-fips.us-west-1.amazonaws.com redshift-fips.us-west-2.amazonaws.com |
redshift.us-gov-east-1.amazonaws.com redshift.us-gov-west-1.amazonaws.com |
redshift-fips.ca-central-1.amazonaws.com |
| Amazon Rekognition | rekognition-fips.us-east-1.amazonaws.com rekognition-fips.us-east-2.amazonaws.com rekognition-fips.us-west-1.amazonaws.com rekognition-fips.us-west-2.amazonaws.com |
rekognition-fips.us-gov-west-1.amazonaws.com | |
| Amazon Relational Database Service (RDS) / Amazon Aurora | rds-fips.us-east-1.amazonaws.com rds-fips.us-east-2.amazonaws.com rds-fips.us-west-1.amazonaws.com rds-fips.us-west-2.amazonaws.com |
rds.us-gov-east-1.amazonaws.com rds.us-gov-west-1.amazonaws.com |
rds-fips.ca-central-1.amazonaws.com |
Amazon Route 53* |
route53-fips.amazonaws.com | route53.us-gov.amazonaws.com * Идентификатор зоны хостинга Amazon Route 53 для региональных адресов региона AWS GovCloud (США) – Z1K6XKP9SAGWDV. |
|
| Amazon S3 Glacier | glacier-fips.us-east-1.amazonaws.com glacier-fips.us-east-2.amazonaws.com glacier-fips.us-west-1.amazonaws.com glacier-fips.us-west-2.amazonaws.com |
glacier.us-gov-east-1.amazonaws.com glacier.us-gov-west-1.amazonaws.com |
glacier-fips.ca-central-1.amazonaws.com |
| Amazon SageMaker | api-fips.sagemaker.us-east-1.amazonaws.com api-fips.sagemaker.us-east-2.amazonaws.com api-fips.sagemaker.us-west-1.amazonaws.com api-fips.sagemaker.us-west-2.amazonaws.com |
api.sagemaker.us-gov-west-1.amazonaws.com | |
| Среда выполнения Amazon SageMaker | runtime-fips.sagemaker.us-east-1.amazonaws.com runtime-fips.sagemaker.us-east-2.amazonaws.com runtime-fips.sagemaker.us-west-1.amazonaws.com runtime-fips.sagemaker.us-west-2.amazonaws.com |
||
| Amazon Simple Email Service (API HTTPS) | email-fips.us-east-1.amazonaws.com email-fips.us-west-2.amazonaws.com |
email-fips.us-gov-west-1.amazonaws.com | |
| Amazon Simple Email Service (SMTP) | email-smtp-fips.us-east-1.amazonaws.com email-smtp-fips.us-west-2.amazonaws.com |
email-smtp-fips.us-gov-west-1.amazonaws.com | |
| Amazon Simple Notification Service (SNS) | sns-fips.us-west-1.amazonaws.com sns-fips.us-west-2.amazonaws.com sns-fips.us-east-2.amazonaws.com sns-fips.us-east-1.amazonaws.com |
sns.us-gov-east-1.amazonaws.com sns.us-gov-west-1.amazonaws.com |
|
| Amazon Simple Queue Service (SQS) | sqs-fips.us-east-2.amazonaws.com sqs-fips.us-west-2.amazonaws.com sqs-fips.us-east-1.amazonaws.com sqs-fips.us-west-1.amazonaws.com |
sqs.us-gov-east-1.amazonaws.com sqs.us-gov-west-1.amazonaws.com |
|
Amazon Simple Storage Service (S3) Примечание. Эти URL серверов можно использовать только с адресами на виртуальных хостах. Например: https://bucket.s3-fips.us-east-2.amazonaws.com. См. дополнительные сведения на странице Документация по Amazon S3. |
s3-fips.dualstack.us-east-1.amazonaws.com s3-fips.dualstack.us-east-2.amazonaws.com s3-fips.dualstack.us-west-1.amazonaws.com s3-fips.dualstack.us-west-2.amazonaws.com s3-fips.us-east-1.amazonaws.com s3-fips.us-east-2.amazonaws.com s3-fips.us-west-1.amazonaws.com s3-fips.us-west-2.amazonaws.com |
s3-fips.us-gov-east-1.amazonaws.com s3-fips.us-gov-west-1.amazonaws.com |
s3-fips.ca-central-1.amazonaws.com |
Amazon Simple Workflow Service (SWF) |
swf-fips.us-east-1.amazonaws.com swf-fips.us-east-2.amazonaws.com swf-fips.us-west-1.amazonaws.com swf-fips.us-west-2.amazonaws.com |
swf.us-gov-east-1.amazonaws.com swf.us-gov-west-1.amazonaws.com |
|
| Amazon Textract | textract-fips.us-east-1.amazonaws.com textract-fips.us-east-2.amazonaws.com textract-fips.us-west-1.amazonaws.com textract-fips.us-west-2.amazonaws.com
|
textract-fips.us-gov-east-1.amazonaws.com textract-fips.us-gov-west-1.amazonaws.com |
textract-fips.ca-central-1.amazonaws.com
|
| Amazon Transcribe | fips.transcribe.us-east-1.amazonaws.com fips.transcribe.us-east-2.amazonaws.com fips.transcribe.us-west-1.amazonaws.com fips.transcribe.us-west-2.amazonaws.com |
fips.transcribe.us-gov-east-1.amazonaws.com fips.transcribe.us-gov-west-1.amazonaws.com |
|
| Amazon Translate | translate-fips.us-west-2.amazonaws.com translate-fips.us-east-2.amazonaws.com translate-fips.us-east-1.amazonaws.com |
translate-fips.us-gov-west-1.amazonaws.com | |
Amazon Virtual Private Cloud (VPC) |
Использует Amazon EC2 напрямую | ec2.us-gov-east-1.amazonaws.com ec2.us-gov-west-1.amazonaws.com |
|
| Amazon VPC Console | us-gov-west-1.console.amazonaws-us-gov.com/vpc/home?region=us-gov-west-1 us-gov-east-1.console.amazonaws-us-gov.com/vpc/home?region=us-gov-east-1 |
||
Amazon WorkDocs |
workdocs-fips.us-east-1.amazonaws.com workdocs-fips.us-west-2.amazonaws.com |
||
| Amazon WorkSpaces | workspaces-fips.us-east-1.amazonaws.com workspaces-fips.us-west-2.amazonaws.com |
workspaces-fips.us-gov-west-1.amazonaws.com | |
| AWS AppConfig | appconfig.us-gov-east-1.amazonaws.com appconfig.us-gov-west-1.amazonaws.com |
||
| Auto Scaling приложения AWS | application-autoscaling.us-gov-west-1.amazonaws.com application-autoscaling.us-gov-east-1.amazonaws.com |
||
| AWS Auto Scaling | autoscaling-plans.us-gov-east-1.amazonaws.com autoscaling-plans.us-gov-west-1.amazonaws.com |
||
| AWS Backup | backup-fips.us-east-1.amazonaws.com backup-fips.us-east-2.amazonaws.com backup-fips.us-west-1.amazonaws.com backup-fips.us-west-2.amazonaws.com |
backup-fips.us-gov-east-1.amazonaws.com backup-fips.us-gov-west-1.amazonaws.com |
|
| AWS Batch | fips.batch.us-east-1.amazonaws.com fips.batch.us-east-2.amazonaws.com fips.batch.us-west-1.amazonaws.com fips.batch.us-west-2.amazonaws.com |
batch.us-gov-east-1.amazonaws.com batch.us-gov-west-1.amazonaws.com |
|
| AWS Certificate Manager | acm-fips.us-east-1.amazonaws.com acm-fips.us-east-2.amazonaws.com acm-fips.us-west-2.amazonaws.com acm-fips.us-west-1.amazonaws.com |
acm.us-gov-east-1.amazonaws.com acm.us-gov-west-1.amazonaws.com |
acm-fips.ca-central-1.amazonaws.com |
| Private Certificate Authority в AWS Certificate Manager | acm-pca-fips.us-east-1.amazonaws.com acm-pca-fips.us-west-1.amazonaws.com acm-pca-fips.us-east-2.amazonaws.com acm-pca-fips.us-west-2.amazonaws.com |
acm-pca.us-gov-east-1.amazonaws.com acm-pca.us-gov-west-1.amazonaws.com |
acm-pca-fips.ca-central-1.amazonaws.com |
| AWS Cloud Map | servicediscovery-fips.us-east-1.amazonaws.com servicediscovery-fips.us-east-2.amazonaws.com servicediscovery-fips.us-west-1.amazonaws.com servicediscovery-fips.us-west-2.amazonaws.com |
servicediscovery-fips.ca-central-1.amazonaws.com | |
| AWS CloudFormation | cloudformation-fips.us-east-1.amazonaws.com cloudformation-fips.us-east-2.amazonaws.com cloudformation-fips.us-west-1.amazonaws.com cloudformation-fips.us-west-2.amazonaws.com |
cloudformation.us-gov-east-1.amazonaws.com cloudformation.us-gov-west-1.amazonaws.com |
|
| AWS CloudTrail | cloudtrail-fips.us-east-1.amazonaws.com cloudtrail-fips.us-east-2.amazonaws.com cloudtrail-fips.us-west-1.amazonaws.com cloudtrail-fips.us-west-2.amazonaws.com |
cloudtrail.us-gov-east-1.amazonaws.com cloudtrail.us-gov-west-1.amazonaws.com |
|
| AWS CodeBuild | codebuild-fips.us-west-1.amazonaws.com codebuild-fips.us-east-1.amazonaws.com codebuild-fips.us-west-2.amazonaws.com codebuild-fips.us-east-2.amazonaws.com |
codebuild-fips.us-gov-east-1.amazonaws.com codebuild-fips.us-gov-west-1.amazonaws.com |
|
| AWS CodeCommit | codecommit-fips.us-east-1.amazonaws.com codecommit-fips.us-east-2.amazonaws.com codecommit-fips.us-west-1.amazonaws.com codecommit-fips.us-west-2.amazonaws.com git-codecommit-fips.us-east-1.amazonaws.com git-codecommit-fips.us-east-2.amazonaws.com git-codecommit-fips.us-west-1.amazonaws.com git-codecommit-fips.us-west-2.amazonaws.com |
codecommit-fips.us-gov-west-1.amazonaws.com git-codecommit-fips.us-gov-west-1.amazonaws.com |
codecommit-fips.ca-central-1.amazonaws.com git-codecommit-fips.ca-central-1.amazonaws.com |
| AWS CodeDeploy | codedeploy-fips.us-east-1.amazonaws.com codedeploy-fips.us-west-1.amazonaws.com codedeploy-fips.us-west-2.amazonaws.com codedeploy-fips.us-east-2.amazonaws.com codedeploy-commands-fips.us-east-1.amazonaws.com codedeploy-commands-fips.us-east-2.amazonaws.com codedeploy-commands-fips.us-west-1.amazonaws.com codedeploy-commands-fips.us-west-2.amazonaws.com |
codedeploy-fips.us-gov-east-1.amazonaws.com codedeploy-fips.us-gov-west-1.amazonaws.com |
|
| AWS CodePipeline | codepipeline-fips.us-east-1.amazonaws.com codepipeline-fips.us-east-2.amazonaws.com codepipeline-fips.us-west-1.amazonaws.com codepipeline-fips.us-west-2.amazonaws.com |
codepipeline-fips.us-gov-west-1.amazonaws.com | codepipeline-fips.ca-central-1.amazonaws.com |
| AWS Config | config-fips.us-east-1.amazonaws.com config-fips.us-east-2.amazonaws.com config-fips.us-west-1.amazonaws.com config-fips.us-west-2.amazonaws.com |
config.us-gov-east-1.amazonaws.com config.us-gov-west-1.amazonaws.com |
|
| AWS Config Rules | config.us-gov-east-1.amazonaws.com config.us-gov-west-1.amazonaws.com |
||
| AWS Database Migration Service (DMS) | dms‑fips.us‑east‑1.amazonaws.com dms-fips.us-east-2.amazonaws.com dms-fips.us-west-1.amazonaws.com dms-fips.us-west-2.amazonaws.com |
dms.us-gov-east-1.amazonaws.com dms.us-gov-west-1.amazonaws.com |
|
| AWS DataSync | datasync-fips.us-east-1.amazonaws.com datasync-fips.us-west-1.amazonaws.com datasync-fips.us-east-2.amazonaws.com datasync-fips.us-west-2.amazonaws.com |
datasync-fips.us-gov-east-1.amazonaws.com datasync-fips.us-gov-west-1.amazonaws.com |
datasync-fips.ca-central-1.amazonaws.com |
| AWS Direct Connect | directconnect‑fips.us‑east‑1.amazonaws.com directconnect‑fips.us‑east‑2.amazonaws.com directconnect‑fips.us‑west‑1.amazonaws.com directconnect‑fips.us‑west‑2.amazonaws.com |
||
| AWS Directory Service | ds-fips.us-east-1.amazonaws.com ds-fips.us-east-2.amazonaws.com ds-fips.us-west-1.amazonaws.com ds-fips.us-west-2.amazonaws.com |
ds-fips.us-gov-east-1.amazonaws.com ds-fips.us-gov-west-1.amazonaws.com |
ds-fips.ca-central-1.amazonaws.com |
| AWS Elastic Beanstalk | elasticbeanstalk-fips.us-east-1.amazonaws.com elasticbeanstalk-fips.us-east-2.amazonaws.com elasticbeanstalk-fips.us-west-1.amazonaws.com elasticbeanstalk-fips.us-west-2.amazonaws.com |
elasticbeanstalk.us-gov-east-1.amazonaws.com elasticbeanstalk.us-gov-west-1.amazonaws.com |
|
| AWS Elemental MediaConvert | mediaconvert.us-gov-west-1.amazonaws.com | ||
| AWS Elemental MediaLive | medialive-fips.us-east-1.amazonaws.com medialive-fips.us-east-2.amazonaws.com medialive-fips.us-west-2.amazonaws.com |
||
| AWS Firewall Manager | fms-fips.us-west-1.amazonaws.com fms-fips.us-east-1.amazonaws.com fms-fips.us-west-2.amazonaws.com fms-fips.us-east-2.amazonaws.com |
fms-fips.ca-central-1.amazonaws.com | |
| AWS Glue | glue-fips.us-east-1.amazonaws.com glue-fips.us-east-2.amazonaws.com glue-fips.us-west-1.amazonaws.com glue-fips.us-west-2.amazonaws.com |
glue-fips.us-gov-east-1.amazonaws.com glue-fips.us-gov-west-1.amazonaws.com |
|
| AWS Ground Station | groundstation-fips.us-east-2.amazonaws.com groundstation-fips.us-west-2.amazonaws.com |
||
| AWS Health* |
health-fips.us-gov-west-1.amazonaws.com * Адрес AWS Health не проверен на соответствие стандарту FIPS. Мы имеем право не использовать стандарт FIPS, поскольку не распространяем личные данные пользователей (события, связанные с Health, считаются данными AWS). К адресам FIPS применяются утвержденные протоколы шифрования. |
||
| AWS IAM Access Analyzer | access-analyzer-fips.us-east-1.amazonaws.com access-analyzer-fips.us-east-2.amazonaws.com access-analyzer-fips.us-west-1.amazonaws.com access-analyzer-fips.us-west-2.amazonaws.com |
access-analyzer.us-gov-west-1.amazonaws.com access-analyzer.us-gov-east-1.amazonaws.com |
access-analyzer-fips.ca-central-1.amazonaws.com |
| AWS Identity and Access Management (IAM) | iam-fips.amazonaws.com (только регион IAD) | iam.us-gov.amazonaws.com |
|
| AWS IoT Greengrass | Операции в плоскости контроля: greengrass-fips.us-gov-east-1.amazonaws.com greengrass.us-gov-west-1.amazonaws.com |
||
| AWS Key Management Service (KMS) | kms-fips.us-east-1.amazonaws.com kms-fips.us-east-2.amazonaws.com kms-fips.us-west-1.amazonaws.com kms-fips.us-west-2.amazonaws.com |
kms-fips.us-gov-east-1.amazonaws.com kms-fips.us-gov-west-1.amazonaws.com |
|
| AWS Lake Formation | lakeformation-fips.us-gov-west-1.amazonaws.com | ||
AWS Lambda |
lambda-fips.us-east-1.amazonaws.com lambda-fips.us-east-2.amazonaws.com lambda-fips.us-west-1.amazonaws.com lambda-fips.us-west-2.amazonaws.com |
lambda-fips.us-gov-east-1.amazonaws.com lambda-fips.us-gov-west-1.amazonaws.com |
|
| AWS License Manager | license-manager-fips.us-east-1.amazonaws.com license-manager-fips.us-east-2.amazonaws.com license-manager-fips.us-west-1.amazonaws.com license-manager-fips.us-west-2.amazonaws.com |
license-manager-fips.us-gov-east-1.amazonaws.com license-manager-fips.us-gov-west-1.amazonaws.com |
|
AWS OpsWorks for Chef Automate AWS OpsWorks for Puppet Enterprise |
opsworks-cm-fips.us-east-1.amazonaws.com opsworks-cm-fips.us-east-2.amazonaws.com opsworks-cm-fips.us-west-1.amazonaws.com opsworks-cm-fips.us-west-2.amazonaws.com |
||
| AWS Organizations | organizations-fips.us-east-1.amazonaws.com | organizations.us-gov-west-1.amazonaws.com | |
| AWS Outposts | outposts-fips.us-east-1.amazonaws.com outposts-fips.us-west-1.amazonaws.com |
outposts.us-gov-east-1.amazonaws.com outposts.us-gov-west-1.amazonaws.com |
|
| AWS Resource Groups | resource-groups-fips.us-east-1.amazonaws.com resource-groups-fips.us-east-2.amazonaws.com resource-groups-fips.us-west-2.amazonaws.com resource-groups-fips.us-west-1.amazonaws.com |
||
| AWS Secrets Manager | secretsmanager-fips.us-east-2.amazonaws.com secretsmanager-fips.us-west-1.amazonaws.com secretsmanager-fips.us-east-1.amazonaws.com secretsmanager-fips.us-west-2.amazonaws.com |
secretsmanager-fips.us-gov-east-1.amazonaws.com secretsmanager-fips.us-gov-west-1.amazonaws.com |
|
| AWS Security Hub | securityhub-fips.us-gov-east-1.amazonaws.com securityhub-fips.us-gov-west-1.amazonaws.com |
||
| AWS Security Token Service (STS) | sts-fips.us-east-1.amazonaws.com sts-fips.us-east-2.amazonaws.com sts-fips.us-west-1.amazonaws.com sts-fips.us-west-2.amazonaws.com |
sts.us-gov-east-1.amazonaws.com sts.us-gov-west-1.amazonaws.com |
|
| AWS Server Migration Service (SMS) | sms-fips.us-west-2.amazonaws.com sms-fips.us-east-1.amazonaws.com sms-fips.us-east-2.amazonaws.com sms-fips.us-west-1.amazonaws.com |
sms-fips.us-gov-east-1.amazonaws.com sms-fips.us-gov-west-1.amazonaws.com |
|
| AWS Serverless Application Repository | serverlessrepo.us-gov-east-1.amazonaws.com serverlessrepo.us-gov-west-1.amazonaws.com |
||
| AWS Service Catalog | servicecatalog-fips.us-east-1.amazonaws.com servicecatalog-fips.us-east-2.amazonaws.com servicecatalog-fips.us-west-1.amazonaws.com servicecatalog-fips.us-west-2.amazonaws.com |
servicecatalog-fips.us-gov-east-1.amazonaws.com servicecatalog-fips.us-gov-west-1.amazonaws.com |
|
| AWS Service Quotas | servicequotas.us-gov-east-1.amazonaws.com servicequotas.us-gov-west-1.amazonaws.com |
||
| AWS Shield | shield-fips.us-east-1.amazonaws.com | ||
| Группа сервисов AWS Snow | snowball-fips.us-east-1.amazonaws.com snowball-fips.us-east-2.amazonaws.com snowball-fips.us-west-1.amazonaws.com snowball-fips.us-west-2.amazonaws.com |
snowball-fips.us-gov-east-1.amazonaws.com snowball-fips.us-gov-west-1.amazonaws.com |
snowball-fips.ca-central-1.amazonaws.com |
| AWS Step Functions | states-fips.us-east-1.amazonaws.com states-fips.us-east-2.amazonaws.com states-fips.us-west-1.amazonaws.com states-fips.us-west-2.amazonaws.com |
states.us-gov-west-1.amazonaws.com states-fips.us-gov-east-1.amazonaws.com |
|
| AWS Storage Gateway | storagegateway-fips.us-east-1.amazonaws.com storagegateway-fips.us-east-2.amazonaws.com storagegateway-fips.us-west-1.amazonaws.com storagegateway-fips.us-west-2.amazonaws.com |
storagegateway-fips.us-gov-east-1.amazonaws.com storagegateway-fips.us-gov-west-1.amazonaws.com |
storagegateway-fips.ca-central-1.amazonaws.com |
| AWS Support | support.us-gov-west-1.amazonaws.com |
||
| AWS Systems Manager | ssm-fips.us-east-1.amazonaws.com ssm-fips.us-east-2.amazonaws.com ssm-fips.us-west-1.amazonaws.com ssm-fips.us-west-2.amazonaws.com |
ssm.us-gov-east-1.amazonaws.com ssm.us-gov-west-1.amazonaws.com |
|
| AWS Transfer Family | transfer-fips.us-east-1.amazonaws.com transfer-fips.us-east-2.amazonaws.com transfer-fips.us-west-1.amazonaws.com transfer-fips.us-west-2.amazonaws.com |
transfer-fips.us-gov-east-1.amazonaws.com transfer-fips.us-gov-west-1.amazonaws.com |
transfer-fips.ca-central-1.amazonaws.com |
AWS WAF |
wafv2-fips.us-east-2.amazonaws.com wafv2-fips.us-west-1.amazonaws.com wafv2-fips.us-east-1.amazonaws.com wafv2-fips.us-west-2.amazonaws.com |
wafv2-fips.us-gov-east-1.amazonaws.com wafv2-fips.us-gov-west-1.amazonaws.com |
wafv2-fips.ca-central-1.amazonaws.com |
| AWS WAF Classic | waf-regional-fips.us-west-1.amazonaws.com waf-regional-fips.us-west-2.amazonaws.com waf‑fips.amazonaws.com waf‑regional‑fips.us‑east‑2.amazonaws.com |
waf-regional-fips.us-gov-west-1.amazonaws.com waf-regional-fips.us-gov-east-1.amazonaws.com |
waf-regional-fips.ca-central-1.amazonaws.com |
| AWS X-Ray | xray-fips.us-east-1.amazonaws.com xray-fips.us-east-2.amazonaws.com xray-fips.us-west-1.amazonaws.com xray-fips.us-west-2.amazonaws.com |
xray-fips.us-gov-east-1.amazonaws.com xray-fips.us-gov-west-1.amazonaws.com |
|
| Elastic Load Balancing | elasticloadbalancing-fips.us-east-1.amazonaws.com elasticloadbalancing-fips.us-east-2.amazonaws.com elasticloadbalancing-fips.us-west-1.amazonaws.com elasticloadbalancing-fips.us-west-2.amazonaws.com |
elasticloadbalancing.us-gov-east-1.amazonaws.com elasticloadbalancing.us-gov-west-1.amazonaws.com |
Вопросы и ответы
-
В каких сервисах AWS требуется протокол TLS версии не ниже 1.2 для адресов, проверенных на соответствие FIPS?
Планируется, что до 31 марта 2021 года все адреса AWS, проверенные на соответствие FIPS, во всех регионах AWS будут обновлены до версии протокола транспортного уровня безопасности (TLS) не ниже 1.2. После завершения этого обновления возможность использовать версии TLS 1.0 и TLS 1.1 для любых адресов, проверенных на соответствие FIPS, будет аннулирована. Для получения дополнительной информации ознакомьтесь с новостью в блоге AWS Security. Это изменение не затронет другие адреса AWS.
Адреса сервисов AWS, проверенные на соответствие FIPS и перечисленные ниже, уже обновлены и требуют применять TLS версии не ниже 1.2. Адреса сервисов AWS, проверенные на соответствие FIPS и не перечисленные ниже, в настоящий момент поддерживают как TLS версий 1.0 и 1.1, так и TLS 1.2.
Сервис AWS TLS 1.2 и более поздних версий Amazon Athena ✓ Amazon API Gateway ✓ Amazon AppStream 2.0 ✓ Amazon Aurora ✓ Amazon Cloud Directory ✓ Amazon CloudFront ✓ Amazon CloudWatch ✓ Amazon CloudWatch Events ✓ Amazon CloudWatch Logs
✓ Amazon Cognito ✓ Amazon Comprehend ✓ Amazon Comprehend Medical ✓ Amazon Connect ✓ Сервис для участников Amazon Connect ✓ Amazon Detective ✓ Amazon DocumentDB (совместимость с MongoDB) ✓ Amazon DynamoDB ✓ Amazon DynamoDB Streams ✓ Amazon EC2 Image Builder ✓ Amazon Elastic Block Store (EBS) ✓ API прямого доступа для Amazon Elastic Block Store (EBS) ✓ Amazon Elastic Compute Cloud (EC2) ✓ Amazon Elastic Container Registry ✓ Amazon Elastic Container Service (Amazon ECS) ✓ Amazon ElastiCache ✓ Amazon Elastic File System (Amazon EFS) ✓ Amazon Elastic Kubernetes Service (Amazon EKS) ✓ Amazon Elasticsearch Service (Amazon ES) ✓ Amazon EMR ✓ Amazon EventBridge ✓ Amazon FSx ✓ Amazon GuardDuty ✓ Amazon Inspector ✓ Amazon Kinesis Data Analytics ✓ Amazon Kinesis Data Firehose ✓ Amazon Kinesis Data Streams
✓ Amazon Lex ✓ Сервис среды выполнения Amazon Lex ✓ Amazon Macie ✓ Amazon MQ ✓ Amazon Neptune ✓ Amazon Pinpoint ✓ Amazon Polly ✓ Amazon QuickSight ✓ Amazon Redshift ✓ Amazon Rekognition ✓ Amazon Relational Database Service (Amazon RDS) ✓ Amazon Route 53 ✓ Amazon SageMaker ✓ Среда выполнения Amazon SageMaker ✓ Amazon Simple Email Service (API HTTPS) ✓ Amazon Simple Email Service (SMTP) ✓ Amazon Simple Notification Service (SNS) ✓ Amazon Simple Queue Service (SQS) ✓ Amazon Simple Storage Service Glacier ✓ Amazon Simple Workflow Service (Amazon SWF) ✓ Amazon Textract ✓ Amazon Transcribe ✓ Amazon Translate ✓ Amazon Virtual Private Cloud (VPC) ✓ Amazon VPC Console ✓ Amazon WorkDocs ✓ Amazon WorkSpaces ✓ AWS AppConfig ✓ Auto Scaling приложения AWS ✓ AWS Auto Scaling ✓ AWS Backup ✓ AWS Batch ✓ AWS Certificate Manager (ACM)
✓ Private Certificate Authority (PCA) в AWS Certificate Manager ✓ AWS Cloud Map ✓ AWS CloudFormation ✓ AWS CloudTrail ✓ AWS CodeBuild ✓ AWS CodeCommit ✓ AWS CodeDeploy ✓ AWS CodePipeline ✓ AWS Config ✓ AWS Config Rules ✓ AWS Database Migration Service ✓ AWS DataSync ✓ AWS Direct Connect ✓ AWS Directory Service ✓ AWS EC2 Auto Scaling ✓ AWS Elastic Beanstalk ✓ AWS Elemental MediaConvert ✓ AWS Elemental MediaLive ✓ AWS Firewall Manager ✓ AWS Glue ✓ AWS Ground Station ✓ AWS Health ✓ AWS IAM Access Analyzer ✓ AWS Identity and Access Management (IAM) ✓ AWS IoT Greengrass ✓ AWS Key Management Service (KMS) ✓ AWS Lake Formation ✓ AWS Lambda ✓ AWS License Manager ✓ AWS OpsWorks ✓ AWS OpsWorks for Chef Automate ✓ AWS OpsWorks for Puppet Enterprise ✓ AWS Organizations ✓ AWS Outposts ✓ AWS Resource Groups ✓ AWS Secrets Manager ✓ AWS Security Hub ✓ AWS Security Token Service (STS) ✓ AWS Server Migration Service (AWS SMS) ✓ AWS Serverless Application Repository ✓ AWS Service Catalog ✓ AWS Shield ✓ Группа сервисов AWS Snow ✓ AWS Step Functions ✓ AWS Storage Gateway ✓ AWS Support ✓ AWS Systems Manager ✓ AWS Transfer Family ✓ AWS X-Ray ✓ AWS WAF ✓ AWS WAF Classic ✓ Elastic Load Balancing ✓ -
Где найти адреса AWS GovCloud (США) (не проверенные на соответствие FIPS)?
Для ознакомления со списком адресов, не проверенных на соответствие FIPS, см. раздел Service Endpoints в руководстве пользователя AWS GovCloud (США).
-
Где найти все адреса AWS?
Список всех адресов AWS см. в разделе Regions and Endpoints справочника AWS General Reference. Сведения о предоставлении федеративным пользователям доступа к Консоли управления AWS с помощью единого входа см. в разделе Giving Federated Users Direct to the Access to the AWS Management Console.
