AWS GovCloud (US-West) User Guide
AWS GovCloud (US-West) User Guide

AWS GovCloud (US-West) Endpoints

If you access AWS GovCloud (US-West) by using the command line interface (CLI) or programmatically by using the APIs, you need the AWS GovCloud (US-West) Region endpoints. AWS GovCloud (US-West) uses FIPS 140-2 validated cryptographic modules to support compliance with FIPS 140-2 in all our HTTPS endpoints unless otherwise noted. For more information about FIPS 140-2, see "Cryptographic Module Validation Program" on the NIST Computer Security Resource Center website.

When using the endpoints, note the following:

  • Amazon S3 has the following website endpoint:

    Website Endpoint Route 53 Hosted Zone ID

    s3-website-us-gov-west-1.amazonaws.com

    Z31GFT0UA1I2HV

For a list of all AWS endpoints, see Regions and Endpoints in the AWS General Reference.

The following table lists each AWS service available in GovCloud (US) and its corresponding endpoints.

AWS Service AWS GovCloud (US-West) FIPS Endpoint AWS GovCloud (US-West) Non-FIPS Endpoint Protocol
Amazon API Gateway* apigateway-fips.us-gov-west-1.amazonaws.com apigateway.us-gov-west-1.amazonaws.com HTTPS
Amazon Aurora rds.us-gov-west-1.amazonaws.com n/a HTTPS
AWS Auto Scaling* autoscaling.us-gov-west-1.amazonaws.com n/a HTTP and HTTPS
Amazon EC2 Auto Scaling autoscaling.us-gov-west-1.amazonaws.com n/a HTTP and HTTPS
AWS Certificate Manager n/a acm.us-gov-west-1.amazonaws.com HTTPS
Amazon Cloud Directory clouddirectory.us-gov-west-1.amazonaws.com n/a HTTPS
AWS CloudFormation cloudformation.us-gov-west-1.amazonaws.com n/a HTTPS
AWS CloudHSM cloudhsmv2.us-gov-west-1.amazonaws.com n/a HTTPS
AWS CloudHSM Classic cloudhsm.us-gov-west-1.amazonaws.com n/a HTTPS
AWS CloudTrail cloudtrail.us-gov-west-1.amazonaws.com n/a HTTPS
Amazon CloudWatch

monitoring.us-gov-west-1.amazonaws.com

n/a

HTTPS

Amazon CloudWatch Events

events.us-gov-west-1.amazonaws.com

n/a

HTTPS

Amazon CloudWatch Logs

logs.us-gov-west-1.amazonaws.com

n/a

HTTPS

AWS CodeDeploy codedeploy.us-gov-west-1.amazonaws.com n/a HTTPS

AWS Config

config.us-gov-west-1.amazonaws.com n/a HTTPS

AWS Config Rules

config.us-gov-west-1.amazonaws.com n/a HTTPS
AWS Database Migration Service (DMS) dms.us-gov-west-1.amazonaws.com n/a HTTPS
AWS Direct Connect n/a directconnect.us-gov-west-1.amazonaws.com HTTPS
AWS Directory Service ds-fips.us-gov-west-1.amazonaws.com ds.us-gov-west-1.amazonaws.com HTTPS
Amazon DynamoDB dynamodb.us-gov-west-1.amazonaws.com n/a HTTP and HTTPS
Amazon DynamoDB Streams streams.dynamodb.us-gov-west-1.amazonaws.com n/a HTTP and HTTPS
AWS Elastic Beanstalk n/a elasticbeanstalk.us-gov-west-1.amazonaws.com HTTPS
Amazon Elastic Block Store (Amazon EBS) ec2.us-gov-west-1.amazonaws.com n/a HTTPS
Amazon Elastic Compute Cloud (Amazon EC2) ec2.us-gov-west-1.amazonaws.com n/a HTTPS
Amazon Elastic Container Registry (Amazon ECR)

ecr-fips.us-gov-west-1.amazonaws.com

ecr.us-gov-west-1.amazonaws.com HTTPS
Amazon Elastic Container Service (Amazon ECS)

ecs-fips.us-gov-west-1.amazonaws.com

ecs.us-gov-west-1.amazonaws.com HTTPS
Amazon ElastiCache elasticache.us-gov-west-1.amazonaws.com n/a HTTPS
Elastic Load Balancing elasticloadbalancing.us-gov-west-1.amazonaws.com n/a HTTP and HTTPS
Amazon Elasticsearch Service n/a es.us-gov-west-1.amazonaws.com HTTPS
Amazon EMR elasticmapreduce.us-gov-west-1.amazonaws.com n/a HTTPS
Amazon Glacier glacier.us-gov-west-1.amazonaws.com n/a HTTPS
Amazon GuardDuty n/a guardduty.us-gov-west-1.amazonaws.com HTTPS
AWS Identity and Access Management (IAM) iam.us-gov.amazonaws.com n/a HTTPS
Amazon Inspector

inspector-fips.us-gov-west-1.amazonaws.com

inspector.us-gov-west-1.amazonaws.com

HTTPS
AWS IoT Core n/a

iot.us-gov-west-1.amazonaws.com

HTTPS

AWS IoT Device Management n/a

iot.us-gov-west-1.amazonaws.com

HTTPS
AWS Key Management Service (AWS KMS)

kms-fips.us-gov-west-1.amazonaws.com

kms.us-gov-west-1.amazonaws.com **

HTTPS

HTTPS

Amazon Kinesis Data Streams kinesis.us-gov-west-1.amazonaws.com n/a HTTPS
AWS Lambda

lambda-fips.us-gov-west-1.amazonaws.com

lambda.us-gov-west-1.amazonaws.com

HTTPS
Amazon Polly

polly-fips.us-gov-west-1.amazonaws.com

polly.us-gov-west-1.amazonaws.com

HTTPS
Amazon Redshift redshift.us-gov-west-1.amazonaws.com n/a HTTPS
Amazon Rekognition

rekognition-fips.us-gov-west-1.amazonaws.com

rekognition.us-gov-west-1.amazonaws.com

HTTPS
Amazon Relational Database Service (Amazon RDS) rds.us-gov-west-1.amazonaws.com n/a HTTPS
Amazon SageMaker

api.sagemaker.us-gov-west-1.amazonaws.com

runtime.sagemaker.us-gov-west-1.amazonaws.com

n/a HTTPS
AWS Server Migration Service (AWS SMS)

sms-fips.us-gov-west-1.amazonaws.com

sms.us-gov-west-1.amazonaws.com

HTTPS
Amazon Simple Storage Service (Amazon S3) s3-fips-us-gov-west-1.amazonaws.com s3.dualstack.us-gov-west-1.amazonaws.com ***

s3-us-gov-west-1.amazonaws.com

HTTP and HTTPS
Amazon Simple Storage Service (Amazon S3) (website) n/a s3-website-us-gov-west-1.amazonaws.com HTTP
Amazon Simple Notification Service (Amazon SNS) n/a sns.us-gov-west-1.amazonaws.com HTTP and HTTPS
Amazon Simple Queue Service (Amazon SQS) sqs.us-gov-west-1.amazonaws.com n/a HTTP and HTTPS
Amazon Simple Workflow Service (Amazon SWF) swf.us-gov-west-1.amazonaws.com n/a HTTPS
AWS Security Token Service (AWS STS) sts.us-gov-west-1.amazonaws.com n/a HTTPS
AWS Snowball FIPS is not needed. snowball.us-gov-west-1.amazonaws.com HTTPS
AWS Step Functions n/a states.us-gov-west-1.amazonaws.com HTTPS
AWS Storage Gateway (AWS Storage Gateway) n/a storagegateway.us-gov-west-1.amazonaws.com HTTPS
AWS Systems Manager n/a ssm.us-gov-west-1.amazonaws.com HTTPS
Amazon Translate translate-fips.us-gov-west-1.amazonaws.com translate.us-gov-west-1.amazonaws.com HTTPS
Amazon Virtual Private Cloud (Amazon VPC) ec2.us-gov-west-1.amazonaws.com n/a HTTPS
AWS Management Console for the AWS GovCloud (US) Region n/a

console.amazonaws-us-gov.com

signin.amazonaws-us-gov.com

HTTPS
AWS Management Console with Federation n/a signin.amazonaws-us-gov.com/federation HTTPS
AWS Management Console with SAML n/a signin.amazonaws-us-gov.com/saml HTTPS

For information about giving federated users single sign-on access to the AWS Management Console, see Giving Federated Users Direct Access to the AWS Management Console.

Note

* Amazon API Gateway edge-optimized API and edge-optimized custom domain name are not supported.

* Application Auto Scaling Scaling API and CLI are available. The AWS Auto Scaling console is not available. The AWS Auto Scaling API and command line interface (CLI) are not available.

* Amazon Route 53 hosted Zone ID for the regional endpoint in the AWS GovCloud (US) region is Z1K6XKP9SAGWDV.

** The AWS Key Management Service endpoint kms.us-gov-west-1.amazonaws.com is active, but does not support FIPS 140-2 for TLS connections.

*** Amazon S3 dual-stack endpoints support requests to S3 buckets over IPv6 and IPv4. For more information, see Using Dual-Stack Endpoints.