Whether you're taking your first steps with Kubernetes or you're an experienced practitioner looking to sharpen your skills, our Amazon EKS workshop series delivers practical, real-world experience that moves you forward. Learn directly from AWS solutions architects and EKS specialists through hands-on sessions designed to build your confidence with Kubernetes. Register now and start building with Amazon EKS!
Service principal list in GovCloud?
Hi all
I could see a service principal list in the standard account - https://gist.github.com/shortjared/4c1e3fe52bdfa47522cfe5b41e5d6f22, but I don't see a similar one for the GovCloud. Anybody knows a similar thing or how to check service principals?
For example, google AI says it's elasticfilesystem.us-gov-east-1.amazonaws.com but I don't see an official document.
Thanks.
- Topics
- StorageGovernment
- Language
- English
- Newest
- Most votes
- Most comments
While there isn't a publicly available comprehensive list of service principals specifically for AWS GovCloud (US) like the one you referenced for standard AWS accounts, service principals in GovCloud generally follow a similar pattern to those in standard AWS regions, with some key differences:
-
Region naming: GovCloud uses region names like "us-gov-east-1" or "us-gov-west-1" instead of standard region names.
-
Domain: Service principals in GovCloud typically end with ".amazonaws.com" or ".us-gov.amazonaws.com".
-
Service-specific prefixes: The service name usually precedes the region and domain (e.g., "elasticfilesystem" for Amazon EFS).
To determine the correct service principal for a specific AWS service in GovCloud, you can:
- Check the AWS documentation for that particular service in GovCloud.
- Use AWS CLI or SDK to interact with the service and observe the endpoint being used.
- Consult with AWS Support if you need official confirmation for a specific service.
It's important to note that not all AWS services available in standard regions are available in GovCloud, and some services may have slight differences in their implementation or naming conventions. Always refer to the official AWS GovCloud (US) documentation or consult with AWS Support for the most accurate and up-to-date information on service principals in the GovCloud environment.
Sources
What's the role of account root user in GovCloud? | AWS re:Post
Like the re:post agent mentioned there isn't a list specifically for govcloud but you can swap out the regionname instead. Also to mention the gist you referenced containing the service principal list can get outdated pretty quickly with all the new AWS services being released.
So I'd figure I'd take it a step further and create an automatically updated reference list that scrapes both the AWS documentation and the AWS Policy Generator to keep everything current. It's currently got 450+ service principals with direct links to the docs where available, and it updates programmatically so it never gets stale.
Relevant content
- asked 7 months ago
