GovCloud & FIPS endpoints, are they default or do I still need to add env variables, etc to use them?

0

Hello, I see where AWS GovCloud mentions endpoints are FIPS compliant but it never mentions validated. So I was looking for confirmation that just like in AWS commerical regions, in order to use FIPS validated endpoints I would need to specifically call them, add them to code or otherwise use env variables and the like for the AWS CLI or SDK.

I ask this question because I'm the past some people have argued that endpoints in GovCloud are FIPS by default and we don't need to specify them, this is probably a confusion of compliant and validated, but I believe for the FIPS validated endpoints we still do need to explicitly do so.

https://aws.amazon.com/compliance/fips/

2 Answers
1

You are correct in your understanding. While AWS GovCloud is designed to meet higher compliance requirements, including FIPS, it does not automatically mean that all endpoints in GovCloud are FIPS-validated by default.

To use FIPS-validated endpoints, you still need to explicitly specify them when using the AWS CLI or SDK. This means you will need to update your code or use environment variables, as you mentioned, to point to the specific FIPS endpoints for the services you're using.

For example, if you're using Amazon S3 in the GovCloud region, you would need to use a FIPS-validated endpoint like this:

s3-fips.us-gov-west-1.amazonaws.com

To find the FIPS-validated endpoints for various AWS services, refer to the official AWS FIPS endpoint list, which can be found here: https://aws.amazon.com/compliance/fips-endpoints/

Remember to verify the FIPS-validated endpoints for the specific services and regions you're working with, as they may differ.

profile picture
EXPERT
answered a year ago
  • The link posted here is showing a 404 message.

0
AWS
Justin
answered 7 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions