2 réponses
- Le plus récent
- Le plus de votes
- La plupart des commentaires
2
According to the GovCloud API Gateway documentation, "All API Gateway APIs created in GovCloud regions are FIPS-compliant by default."
1
At this time, FIPS is enabled for Amazon API Gateway running in AWS GovCloud only. It it not enabled for API Gateway running in commercial regions such as us-west-1 (Northern California).
However, you do not need FIPS to be enabled to support TLS 1.2. You can create a custom domain for your API endpoint and associate a security policy with it that enforces TLS 1.2. For instructions, see the API Gateway documentation.
this is for govcloud, I've updated question to reflect that. Didn't realize that would effect answer. thanks!
Contenus pertinents
- demandé il y a 4 mois
- demandé il y a 2 ans
- demandé il y a 4 mois
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 5 mois
Good find, but confusing. Do you know why documentation here is listing a FIPS specific endpoint for AWS Gateway service? https://aws.amazon.com/compliance/fips/
That is the control plane endpoint. You are concerned with the data plane endpoint (execute-api)