AWS GovCloud (US-East) User Guide
AWS GovCloud (US-East) User Guide

AWS GovCloud (US-East) Endpoints

If you access AWS GovCloud (US-East) by using the command line interface (CLI) or programmatically by using the APIs, you need the AWS GovCloud (US-East) Region endpoints. AWS GovCloud (US-East) uses FIPS 140-2 validated cryptographic modules to support compliance with FIPS 140-2 in all our HTTPS endpoints unless otherwise noted. For more information about FIPS 140-2, see "Cryptographic Module Validation Program" on the NIST Computer Security Resource Center website.

When using the endpoints, note the following:

  • Amazon S3 has the following website endpoint:

    Website Endpoint Route 53 Hosted Zone ID

    s3-website-us-gov-east-1.amazonaws.com

    Z31GFT0UA1I2HV

For a list of all AWS endpoints, see Regions and Endpoints in the AWS General Reference.

The following table lists each AWS service available in GovCloud (US) and its corresponding endpoints.

AWS Service AWS GovCloud (US-East) FIPS Endpoint AWS GovCloud (US-East) Non-FIPS Endpoint Protocol
Amazon API Gateway* apigateway-fips.us-gov-east-1.amazonaws.com apigateway.us-gov-east-1.amazonaws.com HTTPS
Amazon Aurora rds.us-gov-east-1.amazonaws.com >n/a >HTTPS
AWS Auto Scaling* autoscaling.us-gov-east-1.amazonaws.com n/a HTTP and HTTPS
Amazon EC2 Auto Scaling autoscaling.us-gov-east-1.amazonaws.com n/a HTTP and HTTPS
AWS Certificate Manager n/a acm.us-gov-east-1.amazonaws.com HTTPS
AWS CloudFormation cloudformation.us-gov-east-1.amazonaws.com n/a HTTPS
AWS CloudTrail cloudtrail.us-gov-east-1.amazonaws.com n/a HTTPS
Amazon CloudWatch

monitoring.us-gov-east-1.amazonaws.com

n/a

HTTPS

Amazon CloudWatch Events

events.us-gov-east-1.amazonaws.com

n/a

HTTPS

Amazon CloudWatch Logs

logs.us-gov-east-1.amazonaws.com

n/a

HTTPS

AWS CodeDeploy codedeploy.us-gov-east-1.amazonaws.com n/a HTTPS

AWS Config

config.us-gov-east-1.amazonaws.com n/a HTTPS

AWS Config Rules

config.us-gov-east-1.amazonaws.com n/a HTTPS
AWS Database Migration Service (DMS) dms.us-gov-east-1.amazonaws.com n/a HTTPS
AWS Direct Connect n/a directconnect.us-gov-east-1.amazonaws.com HTTPS
Amazon DynamoDB dynamodb.us-gov-east-1.amazonaws.com n/a HTTP and HTTPS
Amazon DynamoDB Streams streams.dynamodb.us-gov-east-1.amazonaws.com n/a HTTP and HTTPS
AWS Elastic Beanstalk n/a elasticbeanstalk.us-gov-east-1.amazonaws.com HTTPS
Amazon Elastic Block Store (Amazon EBS) ec2.us-gov-east-1.amazonaws.com n/a HTTPS
Amazon Elastic Compute Cloud (Amazon EC2) ec2.us-gov-east-1.amazonaws.com n/a HTTPS
Amazon Elastic Container Registry (Amazon ECR)

ecr-fips.us-gov-east-1.amazonaws.com

ecr.us-gov-east-1.amazonaws.com HTTPS
Amazon Elastic Container Service (Amazon ECS)

ecs-fips.us-gov-east-1.amazonaws.com

ecs.us-gov-east-1.amazonaws.com HTTPS
Amazon ElastiCache elasticache.us-gov-east-1.amazonaws.com n/a HTTPS
Elastic Load Balancing elasticloadbalancing.us-gov-east-1.amazonaws.com n/a HTTP and HTTPS
Amazon Elasticsearch Service es-fips.us-gov-east-1.amazonaws.com es.us-gov-east-1.amazonaws.com HTTPS
Amazon EMR elasticmapreduce.us-gov-east-1.amazonaws.com n/a HTTPS
AWS Glue

glue-fips.us-gov-west-1.amazonaws.com.

glue.us-gov-west-1.amazonaws.com

HTTPS
Amazon S3 Glacier glacier.us-gov-east-1.amazonaws.com n/a HTTPS
AWS Identity and Access Management (IAM) iam.us-gov.amazonaws.com n/a HTTPS
Amazon Inspector

inspector-fips.us-gov-east-1.amazonaws.com

inspector.us-gov-east-1.amazonaws.com

HTTPS
AWS Key Management Service (AWS KMS)

kms-fips.us-gov-east-1.amazonaws.com

kms.us-gov-east-1.amazonaws.com **

HTTPS

HTTPS

Amazon Kinesis Data Streams kinesis.us-gov-east-1.amazonaws.com n/a HTTPS
AWS Lambda

lambda-fips.us-gov-east-1.amazonaws.com

lambda.us-gov-east-1.amazonaws.com

HTTPS
AWS License Manager

license-manager-fips.us-gov-east-1.amazonaws.com

license-manager. us-gov-east-1.amazonaws.com

HTTPS
AWS Organizations

organizations.us-gov-east-1.amazonaws.com

n/a

HTTPS
Amazon Redshift redshift.us-gov-east-1.amazonaws.com n/a HTTPS
Amazon Relational Database Service (Amazon RDS) rds.us-gov-east-1.amazonaws.com n/a HTTPS
AWS Server Migration Service (AWS SMS)

sms-fips.us-gov-east-1.amazonaws.com

sms.us-gov-east-1.amazonaws.com

HTTPS
Amazon Simple Storage Service (Amazon S3) s3-fips-us-gov-east-1.amazonaws.com s3.dualstack.us-gov-east-1.amazonaws.com ***

s3.us-gov-east-1.amazonaws.com

HTTP and HTTPS
Amazon Simple Storage Service (Amazon S3) (website) n/a s3-website-us-gov-east-1.amazonaws.com HTTP
Amazon Simple Notification Service (Amazon SNS) n/a sns.us-gov-east-1.amazonaws.com HTTP and HTTPS
Amazon Simple Queue Service (Amazon SQS) sqs.us-gov-east-1.amazonaws.com n/a HTTP and HTTPS
Amazon Simple Workflow Service (Amazon SWF) swf.us-gov-east-1.amazonaws.com n/a HTTPS
AWS Security Token Service (AWS STS) sts.us-gov-east-1.amazonaws.com n/a HTTPS
AWS Snowball FIPS is not needed. snowball.us-gov-east-1.amazonaws.com HTTPS
AWS Step Functions n/a states.us-gov-east-1.amazonaws.com HTTPS
AWS Systems Manager n/a ssm.us-gov-east-1.amazonaws.com HTTPS
Amazon Virtual Private Cloud (Amazon VPC) ec2.us-gov-east-1.amazonaws.com n/a HTTPS
AWS Management Console for the AWS GovCloud (US) Region n/a

console.amazonaws-us-gov.com

signin.amazonaws-us-gov.com

HTTPS
AWS Management Console with Federation n/a signin.amazonaws-us-gov.com/federation HTTPS
AWS Management Console with SAML n/a signin.amazonaws-us-gov.com/saml HTTPS

For information about giving federated users single sign-on access to the AWS Management Console, see Giving Federated Users Direct Access to the AWS Management Console.

Note

* Amazon API Gateway edge-optimized API and edge-optimized custom domain name are not supported.

* Application Auto Scaling Scaling API and CLI are available. The AWS Auto Scaling console is not available. The AWS Auto Scaling API and command line interface (CLI) are not available.

* Amazon Route 53 hosted Zone ID for the regional endpoint in the AWS GovCloud (US) region is Z1K6XKP9SAGWDV.

** The AWS Key Management Service endpoint kms.us-gov-east-1.amazonaws.com is active, but does not support FIPS 140-2 for TLS connections.

*** Amazon S3 dual-stack endpoints support requests to S3 buckets over IPv6 and IPv4. For more information, see Using Dual-Stack Endpoints.