AWS GovCloud (US)
User Guide

AWS GovCloud (US) Endpoints

If you access AWS GovCloud (US) by using the command line interface (CLI) or programmatically by using the APIs, you need the AWS GovCloud (US) Region endpoints. The following table lists each AWS service available in GovCloud (US) and its corresponding endpoints.

AWS Service AWS GovCloud (US) Endpoint Protocol
Auto Scaling HTTP and HTTPS
AWS CloudFormation HTTPS
AWS CloudTrail HTTPS
Amazon CloudWatch



AWS Direct Connect HTTPS
Amazon DynamoDB HTTP and HTTPS
Amazon DynamoDB Streams HTTP and HTTPS
Amazon Elastic Block Store (Amazon EBS) HTTPS
Amazon Elastic Compute Cloud (Amazon EC2) HTTPS
Elastic Load Balancing HTTP and HTTPS
Amazon ElastiCache HTTPS
Amazon EMR (Amazon EMR) HTTP and HTTPS
Amazon Glacier HTTPS
AWS Identity and Access Management (IAM) HTTPS
AWS Key Management Service (AWS KMS) ** HTTPS
Amazon Kinesis Streams HTTPS
Amazon Redshift HTTPS
Amazon Relational Database Service (Amazon RDS) HTTPS
Amazon Simple Storage Service (Amazon S3) ** HTTP and HTTPS
Amazon Simple Storage Service (Amazon S3) (FIPS 140-2) HTTPS
Amazon Simple Storage Service (Amazon S3) (website) HTTP
Amazon Simple Notification Service (Amazon SNS) HTTP and HTTPS
Amazon Simple Queue Service (Amazon SQS) HTTP and HTTPS
Amazon Simple Workflow Service (Amazon SWF) HTTPS
AWS Security Token Service (AWS STS) HTTPS
AWS Snowball HTTPS
Amazon Virtual Private Cloud (Amazon VPC) HTTPS
AWS Management Console for the AWS GovCloud (US) Region

AWS Management Console with Federation HTTPS
AWS Management Console with SAML HTTPS


** AWS GovCloud (US) uses FIPS 140-2 validated cryptographic modules to support compliance with FIPS 140-2 in all our HTTPS endpoints except:

  • The non-FIPS alternative for Amazon S3:

  • The AWS Key Management Service endpoint does not yet support FIPS 140-2.

When using the endpoints, note the following:

  • If you use the AWS CLI or SDK for Python with Amazon SQS, you can also use the following legacy endpoint:

  • Amazon S3 has the following website endpoint:

    Website Endpoint Amazon Route 53 Hosted Zone ID


For information about giving federated users single sign-on access to the AWS Management Console, see Giving Federated Users Direct Access to the AWS Management Console.

For a list of all AWS endpoints, see Regions and Endpoints in the AWS General Reference.