1{ 2 "version": "1.0", 3 "parameters": { 4 "Region": { 5 "builtIn": "AWS::Region", 6 "required": false, 7 "documentation": "The AWS region used to dispatch the request.", 8 "type": "String" 9 }, 10 "UseDualStack": { 11 "builtIn": "AWS::UseDualStack", 12 "required": true, 13 "default": false, 14 "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", 15 "type": "Boolean" 16 }, 17 "UseFIPS": { 18 "builtIn": "AWS::UseFIPS", 19 "required": true, 20 "default": false, 21 "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", 22 "type": "Boolean" 23 }, 24 "Endpoint": { 25 "builtIn": "SDK::Endpoint", 26 "required": false, 27 "documentation": "Override the endpoint used to send this request", 28 "type": "String" 29 } 30 }, 31 "rules": [ 32 { 33 "conditions": [ 34 { 35 "fn": "isSet", 36 "argv": [ 37 { 38 "ref": "Endpoint" 39 } 40 ] 41 } 42 ], 43 "rules": [ 44 { 45 "conditions": [ 46 { 47 "fn": "booleanEquals", 48 "argv": [ 49 { 50 "ref": "UseFIPS" 51 }, 52 true 53 ] 54 } 55 ], 56 "error": "Invalid Configuration: FIPS and custom endpoint are not supported", 57 "type": "error" 58 }, 59 { 60 "conditions": [ 61 { 62 "fn": "booleanEquals", 63 "argv": [ 64 { 65 "ref": "UseDualStack" 66 }, 67 true 68 ] 69 } 70 ], 71 "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", 72 "type": "error" 73 }, 74 { 75 "conditions": [], 76 "endpoint": { 77 "url": { 78 "ref": "Endpoint" 79 }, 80 "properties": {}, 81 "headers": {} 82 }, 83 "type": "endpoint" 84 } 85 ], 86 "type": "tree" 87 }, 88 { 89 "conditions": [ 90 { 91 "fn": "isSet", 92 "argv": [ 93 { 94 "ref": "Region" 95 } 96 ] 97 } 98 ], 99 "rules": [ 100 { 101 "conditions": [ 102 { 103 "fn": "aws.partition", 104 "argv": [ 105 { 106 "ref": "Region" 107 } 108 ], 109 "assign": "PartitionResult" 110 } 111 ], 112 "rules": [ 113 { 114 "conditions": [ 115 { 116 "fn": "stringEquals", 117 "argv": [ 118 { 119 "fn": "getAttr", 120 "argv": [ 121 { 122 "ref": "PartitionResult" 123 }, 124 "name" 125 ] 126 }, 127 "aws" 128 ] 129 }, 130 { 131 "fn": "booleanEquals", 132 "argv": [ 133 { 134 "ref": "UseFIPS" 135 }, 136 false 137 ] 138 }, 139 { 140 "fn": "booleanEquals", 141 "argv": [ 142 { 143 "ref": "UseDualStack" 144 }, 145 false 146 ] 147 } 148 ], 149 "endpoint": { 150 "url": "https://cloudfront.amazonaws.com", 151 "properties": { 152 "authSchemes": [ 153 { 154 "name": "sigv4", 155 "signingName": "cloudfront", 156 "signingRegion": "us-east-1" 157 } 158 ] 159 }, 160 "headers": {} 161 }, 162 "type": "endpoint" 163 }, 164 { 165 "conditions": [ 166 { 167 "fn": "stringEquals", 168 "argv": [ 169 { 170 "fn": "getAttr", 171 "argv": [ 172 { 173 "ref": "PartitionResult" 174 }, 175 "name" 176 ] 177 }, 178 "aws" 179 ] 180 }, 181 { 182 "fn": "booleanEquals", 183 "argv": [ 184 { 185 "ref": "UseFIPS" 186 }, 187 true 188 ] 189 }, 190 { 191 "fn": "booleanEquals", 192 "argv": [ 193 { 194 "ref": "UseDualStack" 195 }, 196 false 197 ] 198 } 199 ], 200 "endpoint": { 201 "url": "https://cloudfront-fips.amazonaws.com", 202 "properties": { 203 "authSchemes": [ 204 { 205 "name": "sigv4", 206 "signingName": "cloudfront", 207 "signingRegion": "us-east-1" 208 } 209 ] 210 }, 211 "headers": {} 212 }, 213 "type": "endpoint" 214 }, 215 { 216 "conditions": [ 217 { 218 "fn": "stringEquals", 219 "argv": [ 220 { 221 "fn": "getAttr", 222 "argv": [ 223 { 224 "ref": "PartitionResult" 225 }, 226 "name" 227 ] 228 }, 229 "aws-cn" 230 ] 231 }, 232 { 233 "fn": "booleanEquals", 234 "argv": [ 235 { 236 "ref": "UseFIPS" 237 }, 238 false 239 ] 240 }, 241 { 242 "fn": "booleanEquals", 243 "argv": [ 244 { 245 "ref": "UseDualStack" 246 }, 247 false 248 ] 249 } 250 ], 251 "endpoint": { 252 "url": "https://cloudfront.cn-northwest-1.amazonaws.com.cn", 253 "properties": { 254 "authSchemes": [ 255 { 256 "name": "sigv4", 257 "signingName": "cloudfront", 258 "signingRegion": "cn-northwest-1" 259 } 260 ] 261 }, 262 "headers": {} 263 }, 264 "type": "endpoint" 265 }, 266 { 267 "conditions": [ 268 { 269 "fn": "booleanEquals", 270 "argv": [ 271 { 272 "ref": "UseFIPS" 273 }, 274 true 275 ] 276 }, 277 { 278 "fn": "booleanEquals", 279 "argv": [ 280 { 281 "ref": "UseDualStack" 282 }, 283 true 284 ] 285 } 286 ], 287 "rules": [ 288 { 289 "conditions": [ 290 { 291 "fn": "booleanEquals", 292 "argv": [ 293 true, 294 { 295 "fn": "getAttr", 296 "argv": [ 297 { 298 "ref": "PartitionResult" 299 }, 300 "supportsFIPS" 301 ] 302 } 303 ] 304 }, 305 { 306 "fn": "booleanEquals", 307 "argv": [ 308 true, 309 { 310 "fn": "getAttr", 311 "argv": [ 312 { 313 "ref": "PartitionResult" 314 }, 315 "supportsDualStack" 316 ] 317 } 318 ] 319 } 320 ], 321 "rules": [ 322 { 323 "conditions": [], 324 "endpoint": { 325 "url": "https://cloudfront-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", 326 "properties": {}, 327 "headers": {} 328 }, 329 "type": "endpoint" 330 } 331 ], 332 "type": "tree" 333 }, 334 { 335 "conditions": [], 336 "error": "FIPS and DualStack are enabled, but this partition does not support one or both", 337 "type": "error" 338 } 339 ], 340 "type": "tree" 341 }, 342 { 343 "conditions": [ 344 { 345 "fn": "booleanEquals", 346 "argv": [ 347 { 348 "ref": "UseFIPS" 349 }, 350 true 351 ] 352 } 353 ], 354 "rules": [ 355 { 356 "conditions": [ 357 { 358 "fn": "booleanEquals", 359 "argv": [ 360 { 361 "fn": "getAttr", 362 "argv": [ 363 { 364 "ref": "PartitionResult" 365 }, 366 "supportsFIPS" 367 ] 368 }, 369 true 370 ] 371 } 372 ], 373 "rules": [ 374 { 375 "conditions": [], 376 "endpoint": { 377 "url": "https://cloudfront-fips.{Region}.{PartitionResult#dnsSuffix}", 378 "properties": {}, 379 "headers": {} 380 }, 381 "type": "endpoint" 382 } 383 ], 384 "type": "tree" 385 }, 386 { 387 "conditions": [], 388 "error": "FIPS is enabled but this partition does not support FIPS", 389 "type": "error" 390 } 391 ], 392 "type": "tree" 393 }, 394 { 395 "conditions": [ 396 { 397 "fn": "booleanEquals", 398 "argv": [ 399 { 400 "ref": "UseDualStack" 401 }, 402 true 403 ] 404 } 405 ], 406 "rules": [ 407 { 408 "conditions": [ 409 { 410 "fn": "booleanEquals", 411 "argv": [ 412 true, 413 { 414 "fn": "getAttr", 415 "argv": [ 416 { 417 "ref": "PartitionResult" 418 }, 419 "supportsDualStack" 420 ] 421 } 422 ] 423 } 424 ], 425 "rules": [ 426 { 427 "conditions": [], 428 "endpoint": { 429 "url": "https://cloudfront.{Region}.{PartitionResult#dualStackDnsSuffix}", 430 "properties": {}, 431 "headers": {} 432 }, 433 "type": "endpoint" 434 } 435 ], 436 "type": "tree" 437 }, 438 { 439 "conditions": [], 440 "error": "DualStack is enabled but this partition does not support DualStack", 441 "type": "error" 442 } 443 ], 444 "type": "tree" 445 }, 446 { 447 "conditions": [], 448 "endpoint": { 449 "url": "https://cloudfront.{Region}.{PartitionResult#dnsSuffix}", 450 "properties": {}, 451 "headers": {} 452 }, 453 "type": "endpoint" 454 } 455 ], 456 "type": "tree" 457 } 458 ], 459 "type": "tree" 460 }, 461 { 462 "conditions": [], 463 "error": "Invalid Configuration: Missing Region", 464 "type": "error" 465 } 466 ] 467}