AWS service endpoints
To connect programmatically to an AWS service, you use an endpoint. An endpoint is the URL of the entry point for an AWS web service. The AWS SDKs and the AWS Command Line Interface (AWS CLI) automatically use the default endpoint for each service in an AWS Region. But you can specify an alternate endpoint for your API requests.
If a service supports Regions, the resources in each Region are independent of similar resources in other Regions. For example, you can create an Amazon EC2 instance or an Amazon SQS queue in one Region. When you do, the instance or queue is independent of instances or queues in all other Regions.
Regional endpoints
Most Amazon Web Services offer a Regional endpoint that you can use to make your requests. The general syntax of a Regional endpoint is as follows.
protocol
://service-code
.region-code
.amazonaws.com
For example, https://dynamodb.us-west-2.amazonaws.com
is the endpoint for the
Amazon DynamoDB service in the US West (Oregon) Region.
The following table lists the name and code of each Region.
Region Name | Code |
---|---|
US East (Ohio) | us-east-2 |
US East (N. Virginia) | us-east-1 |
US West (N. California) | us-west-1 |
US West (Oregon) | us-west-2 |
Africa (Cape Town) | af-south-1 |
Asia Pacific (Hong Kong) | ap-east-1 |
Asia Pacific (Jakarta) | ap-southeast-3 |
Asia Pacific (Mumbai) | ap-south-1 |
Asia Pacific (Osaka) | ap-northeast-3 |
Asia Pacific (Seoul) | ap-northeast-2 |
Asia Pacific (Singapore) | ap-southeast-1 |
Asia Pacific (Sydney) | ap-southeast-2 |
Asia Pacific (Tokyo) | ap-northeast-1 |
Canada (Central) | ca-central-1 |
China (Beijing) | cn-north-1 |
China (Ningxia) | cn-northwest-1 |
Europe (Frankfurt) | eu-central-1 |
Europe (Ireland) | eu-west-1 |
Europe (London) | eu-west-2 |
Europe (Milan) | eu-south-1 |
Europe (Paris) | eu-west-3 |
Europe (Stockholm) | eu-north-1 |
Middle East (Bahrain) | me-south-1 |
South America (São Paulo) | sa-east-1 |
Some services, such as IAM, do not support Regions. The endpoints for these
services do not include a Region. Other services, such as Amazon EC2, support Regions but
let you specify an endpoint that does not include a Region, such as
https://ec2.amazonaws.com
. When you use an endpoint with no Region, AWS
routes the Amazon EC2 request to US East (N. Virginia) (us-east-1), which is the default
Region for API calls.
View the service endpoints
You can view the AWS service endpoints using the following options:
-
Open Service endpoints and quotas, search for the service name, and click the link to open the page for that service. To view the supported endpoints for all AWS services in the documentation without switching pages, view the information in the Service Endpoints and Quotas page in the PDF instead.
-
To programmatically check for service availability using the SDK for Java, see Checking for Service Availability in an AWS Region in the AWS SDK for Java Developer Guide.
-
To programmatically view Region and service information using Systems Manager, see Calling AWS Service, Region, and Endpoint Public Parameters in the AWS Systems Manager User Guide. For information about how to use public parameters, see Query for AWS Regions, Endpoints, and More Using AWS Systems Manager Parameter Store
. -
To see the supported AWS services in each Region (without endpoints), see the Region Table
.
FIPS endpoints
Some AWS services offer FIPS endpoints in selected Regions. Unlike standard AWS
endpoints, FIPS endpoints use a TLS software library that complies with Federal Information
Processing Standard (FIPS) 140-2. These endpoints might be required by enterprises that
interact with the United States government. For more information, see Federal Information Processing Standard (FIPS) 140-2
To use a FIPS endpoint with an AWS operation, use the mechanism provided by the AWS
SDK or tool to specify a custom endpoint. For example, the AWS SDKs provide an
AWS_USE_FIPS_ENDPOINT
environment variable. The AWS Command Line Interface provides the
--endpoint-url
option. The following example uses the FIPS endpoint for the
US West (Oregon) Region with an operation for AWS Key Management Service (AWS KMS).
aws kms create-key --endpoint-url https://kms-fips.us-west-2.amazonaws.com
Minimum TLS version for FIPS endpoints
With FIPS endpoints, the minimum requirement is TLS 1.2. AWS revoked the ability to
use TLS 1.0 and TLS 1.1 on all FIPS endpoints in all Regions as of March 31, 2021. For
information about how to determine whether your applications were impacted by this
change, see this AWS Security Blog post
from May 3, 2021
Learn more
You can find endpoint information from the following sources:
-
To learn about enabling Regions that are disabled by default, see Managing AWS Regions.
-
For information about the AWS services and endpoints available in the China Regions, see China (Beijing) Region Endpoints
and China (Ningxia) Region Endpoints .