AWS service endpoints
To connect programmatically to an AWS service, you use an endpoint. An endpoint is the URL of the entry point for an AWS web service. The AWS SDKs and the AWS Command Line Interface (AWS CLI) automatically use the default endpoint for each service in an AWS Region. But you can specify an alternate endpoint for your API requests.
If a service supports Regions, the resources in each Region are independent of similar resources in other Regions. For example, you can create an Amazon EC2 instance or an Amazon SQS queue in one Region. When you do, the instance or queue is independent of instances or queues in all other Regions.
Contents
Regional endpoints
Most Amazon Web Services offer a Regional endpoint that you can use to make your requests. The general syntax of a Regional endpoint is as follows.
protocol://service-code.region-code.amazonaws.comFor example, https://dynamodb.us-west-2.amazonaws.com is the endpoint for
the Amazon DynamoDB service in the US West (Oregon) Region.
The following table lists the name and code of each Region.
| Name | Code |
|---|---|
| US East (Ohio) | us-east-2 |
| US East (N. Virginia) | us-east-1 |
| US West (N. California) | us-west-1 |
| US West (Oregon) | us-west-2 |
| Africa (Cape Town) | af-south-1 |
| Asia Pacific (Hong Kong) | ap-east-1 |
| Asia Pacific (Hyderabad) | ap-south-2 |
| Asia Pacific (Jakarta) | ap-southeast-3 |
| Asia Pacific (Melbourne) | ap-southeast-4 |
| Asia Pacific (Mumbai) | ap-south-1 |
| Asia Pacific (Osaka) | ap-northeast-3 |
| Asia Pacific (Seoul) | ap-northeast-2 |
| Asia Pacific (Singapore) | ap-southeast-1 |
| Asia Pacific (Sydney) | ap-southeast-2 |
| Asia Pacific (Tokyo) | ap-northeast-1 |
| Canada (Central) | ca-central-1 |
| Europe (Frankfurt) | eu-central-1 |
| Europe (Ireland) | eu-west-1 |
| Europe (London) | eu-west-2 |
| Europe (Milan) | eu-south-1 |
| Europe (Paris) | eu-west-3 |
| Europe (Spain) | eu-south-2 |
| Europe (Stockholm) | eu-north-1 |
| Europe (Zurich) | eu-central-2 |
| Israel (Tel Aviv) | il-central-1 |
| Middle East (Bahrain) | me-south-1 |
| Middle East (UAE) | me-central-1 |
| South America (São Paulo) | sa-east-1 |
| AWS GovCloud (US-East) | us-gov-east-1 |
| AWS GovCloud (US-West) | us-gov-west-1 |
General endpoints
The following services support Regional endpoints but also support a general endpoint
that doesn't include a Region. When you use a general endpoint, AWS routes the API
request to US East (N. Virginia) (us-east-1), which is the default Region for
API calls.
-
Amazon EC2 – ec2.amazonaws.com
-
Amazon EC2 Auto Scaling – autoscaling.amazonaws.com
-
Amazon EMR – elasticmapreduce.amazonaws.com
Global endpoints
Global services do not support Regions. The following services each have a single global endpoint:
-
Amazon CloudFront
-
AWS Global Accelerator
-
AWS Identity and Access Management (IAM)
-
AWS Network Manager
-
AWS Organizations
-
Amazon Route 53
-
AWS Shield Advanced
-
AWS WAF Classic
View the service endpoints
You can view the AWS service endpoints using the following options:
-
Open Service endpoints and quotas, search for the service name, and click the link to open the page for that service. To view the supported endpoints for all AWS services in the documentation without switching pages, view the information in the Service Endpoints and Quotas page in the PDF instead.
-
To programmatically check for service availability using the SDK for Java, see Checking for Service Availability in an AWS Region in the AWS SDK for Java Developer Guide.
-
To programmatically view Region and service information using Systems Manager, see Calling AWS Service, Region, and Endpoint Public Parameters in the AWS Systems Manager User Guide. For information about how to use public parameters, see Query for AWS Regions, Endpoints, and More Using AWS Systems Manager Parameter Store
. -
To see the supported AWS services in each Region (without endpoints), see the Region Table
.
FIPS endpoints
Some AWS services offer endpoints that support Federal Information Processing Standard (FIPS) 140-2 in some Regions. Unlike standard AWS endpoints, FIPS endpoints use a TLS software library that complies with FIPS 140-2. These endpoints might be required by enterprises that interact with the United States government.
To specify a FIPS endpoint when you call an AWS operation, use a mechanism provided by the tool that you're using to make the call. For example, the AWS SDKs provide the following mechanisms to enable the use of FIPS endpoints:
-
Set the
AWS_USE_FIPS_ENDPOINTenvironment variable totrue -
Add
use_fips_endpoint=trueto your~/.aws/configfile
The AWS Command Line Interface supports these mechanisms, and also provides the
--endpoint-url option. The following example uses
--endpoint-url to specify the FIPS endpoint for AWS Key Management Service (AWS KMS) in the
US West (Oregon) Region.
aws kms create-key --endpoint-url https://kms-fips.us-west-2.amazonaws.comFor a list of FIPS endpoints, see FIPS endpoints by
Service
Minimum TLS version for FIPS endpoints
With FIPS endpoints, the minimum requirement is TLS 1.2. We recommend TLS 1.3. For
information about how to determine whether your applications were impacted by this
change, see this AWS Security Blog
post
Dual stack endpoints
Some AWS services offer dual stack endpoints, so that you can access them using either IPv4 or IPv6 requests.
The general syntax of a dual stack endpoint is as follows.
protocol://service-code.region-code.api.awsFor example, https://ec2.us-west-2.api.aws is the dual stack endpoint for
Amazon EC2 in the US West (Oregon) Region.
To make a request to a dual stack endpoint, you must use the mechanism provided by the
tool or AWS SDK to specify the endpoint. For example, the AWS CLI provides the
--endpoint-url option. The following example uses
--endpoint-url to specify the dual stack endpoint for Amazon EC2 in the
US West (Oregon) Region.
aws ec2 describe-regions --endpoint-url https://ec2.us-west-2.api.awsFor a list of services that support dual stack endpoints, see AWS services that support IPv6.
Learn more
You can find endpoint information from the following sources:
-
To learn about enabling Regions that are disabled by default, see Specifying which AWS Regions your account can use in the AWS Account Management Reference Guide.
-
For information about the AWS services and endpoints available in the China Regions, see China (Beijing) Region Endpoints
and China (Ningxia) Region Endpoints .
