By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to enable FIPS endpoint for govcloud AWS gateway (for lambda)?

0

I have a invoke URL as follows: https://ccvddddXXXXX.execute-api.us-gov-west-1.amazonaws.com/beta I want to implement a FIPS endpoint (so that we are TLS 1.2 compliant). I'm missing the fundamental step here. Is the FIPS endpoint automatically? This doesn't work: https://ccvddddXXXXX.execute-api-fips.us-gov-west-1.amazonaws.com/beta I'm not too familiar with the CLI, so if there is something non-UI can you help provide syntax? thanks!

Topics
ServerlessCompute
Tags
AWS Lambda
Language
English
AWSUSerMIDP
asked 2 years ago1694 views
2 Answers
2

According to the GovCloud API Gateway documentation, "All API Gateway APIs created in GovCloud regions are FIPS-compliant by default."

profile pictureAWS
EXPERT
kentrad
answered 2 years ago
  • AWSUSerMIDP
    2 years ago

    Good find, but confusing. Do you know why documentation here is listing a FIPS specific endpoint for AWS Gateway service? https://aws.amazon.com/compliance/fips/

  • kentrad EXPERT
    2 years ago

    That is the control plane endpoint. You are concerned with the data plane endpoint (execute-api)

1

At this time, FIPS is enabled for Amazon API Gateway running in AWS GovCloud only. It it not enabled for API Gateway running in commercial regions such as us-west-1 (Northern California).

However, you do not need FIPS to be enabled to support TLS 1.2. You can create a custom domain for your API endpoint and associate a security policy with it that enforces TLS 1.2. For instructions, see the API Gateway documentation.

AWS
EXPERT
MichaelFischer
answered 2 years ago
  • AWSUSerMIDP
    2 years ago

    this is for govcloud, I've updated question to reflect that. Didn't realize that would effect answer. thanks!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content