AWS GovCloud (US)
User Guide

AWS GovCloud (US) Endpoints

If you access AWS GovCloud (US) by using the command line interface (CLI) or programmatically by using the APIs, you need the AWS GovCloud (US) Region endpoints. The following table lists each AWS service available in GovCloud (US) and its corresponding endpoints.

AWS Service AWS GovCloud (US) Endpoint Protocol
Amazon API Gateway* apigateway.us-gov-west-1.amazonaws.com HTTPS
Amazon Aurora rds.us-gov-west-1.amazonaws.com HTTPS
AWS Auto Scaling* autoscaling.us-gov-west-1.amazonaws.com HTTP and HTTPS
Amazon EC2 Auto Scaling autoscaling.us-gov-west-1.amazonaws.com HTTP and HTTPS
AWS Certificate Manager acm.us-gov-west-1.amazonaws.com HTTPS
AWS CloudFormation cloudformation.us-gov-west-1.amazonaws.com HTTPS
AWS CloudHSM cloudhsmv2.us-gov-west-1.amazonaws.com HTTPS
AWS CloudHSM Classic cloudhsm.us-gov-west-1.amazonaws.com HTTPS
AWS CloudTrail cloudtrail.us-gov-west-1.amazonaws.com HTTPS
Amazon CloudWatch

monitoring.us-gov-west-1.amazonaws.com

HTTPS

Amazon CloudWatch Events

events.us-gov-west-1.amazonaws.com

HTTPS

Amazon CloudWatch Logs

logs.us-gov-west-1.amazonaws.com

HTTPS

AWS CodeDeploy codedeploy.us-gov-west-1.amazonaws.com HTTPS

AWS Config

AWS Config Rules

config.us-gov-west-1.amazonaws.com HTTPS
AWS Direct Connect directconnect.us-gov-west-1.amazonaws.com HTTPS
AWS Database Migration Service (DMS) dms.us-gov-west-1.amazonaws.com HTTPS
Amazon DynamoDB dynamodb.us-gov-west-1.amazonaws.com HTTP and HTTPS
Amazon DynamoDB Streams streams.dynamodb.us-gov-west-1.amazonaws.com HTTP and HTTPS
AWS Elastic Beanstalk elasticbeanstalk.us-gov-west-1.amazonaws.com HTTPS
Amazon Elastic Block Store (Amazon EBS) ec2.us-gov-west-1.amazonaws.com HTTPS
Amazon Elastic Compute Cloud (Amazon EC2) ec2.us-gov-west-1.amazonaws.com HTTPS
Amazon Elastic Container Registry ecr.us-gov-west-1.amazonaws.com ** HTTPS
Amazon Elastic Container Service ecs.us-gov-west-1.amazonaws.com ** HTTPS
Elastic Load Balancing elasticloadbalancing.us-gov-west-1.amazonaws.com HTTP and HTTPS
Amazon ElastiCache elasticache.us-gov-west-1.amazonaws.com HTTPS
Amazon Elasticsearch Service es.us-gov-west-1.amazonaws.com ** HTTPS
Amazon EMR elasticmapreduce.us-gov-west-1.amazonaws.com HTTPS
Amazon Glacier glacier.us-gov-west-1.amazonaws.com HTTPS
Amazon GuardDuty guardduty.us-gov-west-1.amazonaws.com HTTPS
AWS Identity and Access Management (IAM) iam.us-gov.amazonaws.com HTTPS
Amazon Inspector

inspector.us-gov-west-1.amazonaws.com **

inspector-fips.us-gov-west-1.amazonaws.com

HTTPS
AWS IoT Core

iot.us-gov-west-1.amazonaws.com **

HTTPS

AWS IoT Device Management

iot.us-gov-west-1.amazonaws.com **

HTTPS
AWS Key Management Service (AWS KMS)

kms-fips.us-gov-west-1.amazonaws.com

kms.us-gov-west-1.amazonaws.com **

HTTPS

HTTPS

Amazon Kinesis Data Streams kinesis.us-gov-west-1.amazonaws.com HTTPS
AWS Lambda

lambda.us-gov-west-1.amazonaws.com **

lambda-fips.us-gov-west-1.amazonaws.com

HTTPS
Amazon Polly

polly.us-gov-west-1.amazonaws.com **

polly-fips.us-gov-west-1.amazonaws.com

HTTPS
Amazon Redshift redshift.us-gov-west-1.amazonaws.com HTTPS
Amazon Rekognition

rekognition-fips.us-gov-west-1.amazonaws.com

rekognition.us-gov-west-1.amazonaws.com**

HTTPS
Amazon Relational Database Service (Amazon RDS) rds.us-gov-west-1.amazonaws.com HTTPS
AWS Server Migration Service (AWS SMS)

sms.us-gov-west-1.amazonaws.com **

sms-fips.us-gov-west-1.amazonaws.com

HTTPS
Amazon Simple Storage Service (Amazon S3)

s3-us-gov-west-1.amazonaws.com **

s3.dualstack.us-gov-west-1.amazonaws.com ***

HTTP and HTTPS
Amazon Simple Storage Service (Amazon S3) (FIPS 140-2) s3-fips-us-gov-west-1.amazonaws.com HTTPS
Amazon Simple Storage Service (Amazon S3) (website) s3-website-us-gov-west-1.amazonaws.com HTTP
Amazon Simple Notification Service (Amazon SNS) sns.us-gov-west-1.amazonaws.com HTTP and HTTPS
Amazon Simple Queue Service (Amazon SQS) sqs.us-gov-west-1.amazonaws.com HTTP and HTTPS
Amazon Simple Workflow Service (Amazon SWF) swf.us-gov-west-1.amazonaws.com HTTPS
AWS Security Token Service (AWS STS) sts.us-gov-west-1.amazonaws.com HTTPS
AWS Snowball snowball.us-gov-west-1.amazonaws.com HTTPS
AWS Step Functions states.us-gov-west-1.amazonaws.com HTTPS
AWS Storage Gateway (AWS Storage Gateway) storagegateway.us-gov-west-1.amazonaws.com HTTPS
AWS Systems Manager ssm.us-gov-west-1.amazonaws.com HTTPS
Amazon Translate

translate-fips.us-gov-west-1.amazonaws.com

translate.us-gov-west-1.amazonaws.com

HTTPS
Amazon Virtual Private Cloud (Amazon VPC) ec2.us-gov-west-1.amazonaws.com HTTPS
AWS Management Console for the AWS GovCloud (US) Region

console.amazonaws-us-gov.com

signin.amazonaws-us-gov.com

HTTPS
AWS Management Console with Federation signin.amazonaws-us-gov.com/federation HTTPS
AWS Management Console with SAML signin.amazonaws-us-gov.com/saml HTTPS

Note

* Amazon API Gateway edge-optimized API and edge-optimized custom domain name are not supported.

* Application Auto Scaling Scaling API and CLI are available. The AWS Auto Scaling console is not available. The AWS Auto Scaling API and command line interface (CLI) are not available.

* Amazon Route 53 hosted Zone ID for the regional endpoint in the AWS GovCloud (US) region is Z1K6XKP9SAGWDV.

** AWS GovCloud (US) uses FIPS 140-2 validated cryptographic modules to support compliance with FIPS 140-2 in all our HTTPS endpoints except:

  • The non-FIPS alternative for Amazon Inspector: inspector.us-gov-west-1.amazonaws.com

  • The non-FIPS alternative for AWS Lambda: lambda.us-gov-west-1.amazonaws.com

  • The non-FIPS alternative for Amazon Polly: polly.us-gov-west-1.amazonaws.com

  • The non-FIPS alternative for Amazon Rekognition: rekognition.us-gov-west-1.amazonaws.com

  • The non-FIPS alternative for Amazon S3: s3-us-gov-west-1.amazonaws.com

  • The non-FIPS alternative for AWS Server Migration Service (SMS): sms.us-gov-west-1.amazonaws.com

  • The AWS Key Management Service endpoint kms.us-gov-west-1.amazonaws.com is active, but does not support FIPS 140-2 for TLS connections.

  • The Amazon Elastic Container Registry endpoint does not yet support FIPS 140-2.

  • The Amazon Elastic Container Service endpoint does not yet support FIPS 140-2.

  • The Amazon Elasticsearch Service endpoint does not yet support FIPS 140-2.

  • The AWS IoT Core endpoint does not yet support FIPS 140-2.

  • The AWS IoT Device Management endpoint does not yet support FIPS 140-2.

*** Amazon S3 dual-stack endpoints support requests to S3 buckets over IPv6 and IPv4. For more information, see Using Dual-Stack Endpoints.

When using the endpoints, note the following:

  • If you use the AWS CLI or SDK for Python with Amazon SQS, you can also use the following legacy endpoint: us-gov-west-1.queue.amazonaws.com

  • Amazon S3 has the following website endpoint:

    Website Endpoint Route 53 Hosted Zone ID

    s3-website-us-gov-west-1.amazonaws.com

    Z31GFT0UA1I2HV

For information about giving federated users single sign-on access to the AWS Management Console, see Giving Federated Users Direct Access to the AWS Management Console.

For a list of all AWS endpoints, see Regions and Endpoints in the AWS General Reference.