1{ 2 "version": "1.0", 3 "parameters": { 4 "Region": { 5 "builtIn": "AWS::Region", 6 "required": false, 7 "documentation": "The AWS region used to dispatch the request.", 8 "type": "String" 9 }, 10 "UseDualStack": { 11 "builtIn": "AWS::UseDualStack", 12 "required": true, 13 "default": false, 14 "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", 15 "type": "Boolean" 16 }, 17 "UseFIPS": { 18 "builtIn": "AWS::UseFIPS", 19 "required": true, 20 "default": false, 21 "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", 22 "type": "Boolean" 23 }, 24 "Endpoint": { 25 "builtIn": "SDK::Endpoint", 26 "required": false, 27 "documentation": "Override the endpoint used to send this request", 28 "type": "String" 29 } 30 }, 31 "rules": [ 32 { 33 "conditions": [ 34 { 35 "fn": "isSet", 36 "argv": [ 37 { 38 "ref": "Endpoint" 39 } 40 ] 41 } 42 ], 43 "rules": [ 44 { 45 "conditions": [ 46 { 47 "fn": "booleanEquals", 48 "argv": [ 49 { 50 "ref": "UseFIPS" 51 }, 52 true 53 ] 54 } 55 ], 56 "error": "Invalid Configuration: FIPS and custom endpoint are not supported", 57 "type": "error" 58 }, 59 { 60 "conditions": [ 61 { 62 "fn": "booleanEquals", 63 "argv": [ 64 { 65 "ref": "UseDualStack" 66 }, 67 true 68 ] 69 } 70 ], 71 "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", 72 "type": "error" 73 }, 74 { 75 "conditions": [], 76 "endpoint": { 77 "url": { 78 "ref": "Endpoint" 79 }, 80 "properties": {}, 81 "headers": {} 82 }, 83 "type": "endpoint" 84 } 85 ], 86 "type": "tree" 87 }, 88 { 89 "conditions": [ 90 { 91 "fn": "isSet", 92 "argv": [ 93 { 94 "ref": "Region" 95 } 96 ] 97 } 98 ], 99 "rules": [ 100 { 101 "conditions": [ 102 { 103 "fn": "aws.partition", 104 "argv": [ 105 { 106 "ref": "Region" 107 } 108 ], 109 "assign": "PartitionResult" 110 } 111 ], 112 "rules": [ 113 { 114 "conditions": [ 115 { 116 "fn": "booleanEquals", 117 "argv": [ 118 { 119 "ref": "UseFIPS" 120 }, 121 true 122 ] 123 }, 124 { 125 "fn": "booleanEquals", 126 "argv": [ 127 { 128 "ref": "UseDualStack" 129 }, 130 true 131 ] 132 } 133 ], 134 "rules": [ 135 { 136 "conditions": [ 137 { 138 "fn": "booleanEquals", 139 "argv": [ 140 true, 141 { 142 "fn": "getAttr", 143 "argv": [ 144 { 145 "ref": "PartitionResult" 146 }, 147 "supportsFIPS" 148 ] 149 } 150 ] 151 }, 152 { 153 "fn": "booleanEquals", 154 "argv": [ 155 true, 156 { 157 "fn": "getAttr", 158 "argv": [ 159 { 160 "ref": "PartitionResult" 161 }, 162 "supportsDualStack" 163 ] 164 } 165 ] 166 } 167 ], 168 "rules": [ 169 { 170 "conditions": [ 171 { 172 "fn": "stringEquals", 173 "argv": [ 174 "aws", 175 { 176 "fn": "getAttr", 177 "argv": [ 178 { 179 "ref": "PartitionResult" 180 }, 181 "name" 182 ] 183 } 184 ] 185 } 186 ], 187 "endpoint": { 188 "url": "https://secretsmanager-fips.{Region}.amazonaws.com", 189 "properties": {}, 190 "headers": {} 191 }, 192 "type": "endpoint" 193 }, 194 { 195 "conditions": [ 196 { 197 "fn": "stringEquals", 198 "argv": [ 199 "aws-us-gov", 200 { 201 "fn": "getAttr", 202 "argv": [ 203 { 204 "ref": "PartitionResult" 205 }, 206 "name" 207 ] 208 } 209 ] 210 } 211 ], 212 "endpoint": { 213 "url": "https://secretsmanager-fips.{Region}.amazonaws.com", 214 "properties": {}, 215 "headers": {} 216 }, 217 "type": "endpoint" 218 }, 219 { 220 "conditions": [], 221 "endpoint": { 222 "url": "https://secretsmanager-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", 223 "properties": {}, 224 "headers": {} 225 }, 226 "type": "endpoint" 227 } 228 ], 229 "type": "tree" 230 }, 231 { 232 "conditions": [], 233 "error": "FIPS and DualStack are enabled, but this partition does not support one or both", 234 "type": "error" 235 } 236 ], 237 "type": "tree" 238 }, 239 { 240 "conditions": [ 241 { 242 "fn": "booleanEquals", 243 "argv": [ 244 { 245 "ref": "UseFIPS" 246 }, 247 true 248 ] 249 } 250 ], 251 "rules": [ 252 { 253 "conditions": [ 254 { 255 "fn": "booleanEquals", 256 "argv": [ 257 { 258 "fn": "getAttr", 259 "argv": [ 260 { 261 "ref": "PartitionResult" 262 }, 263 "supportsFIPS" 264 ] 265 }, 266 true 267 ] 268 } 269 ], 270 "rules": [ 271 { 272 "conditions": [], 273 "endpoint": { 274 "url": "https://secretsmanager-fips.{Region}.{PartitionResult#dnsSuffix}", 275 "properties": {}, 276 "headers": {} 277 }, 278 "type": "endpoint" 279 } 280 ], 281 "type": "tree" 282 }, 283 { 284 "conditions": [], 285 "error": "FIPS is enabled but this partition does not support FIPS", 286 "type": "error" 287 } 288 ], 289 "type": "tree" 290 }, 291 { 292 "conditions": [ 293 { 294 "fn": "booleanEquals", 295 "argv": [ 296 { 297 "ref": "UseDualStack" 298 }, 299 true 300 ] 301 } 302 ], 303 "rules": [ 304 { 305 "conditions": [ 306 { 307 "fn": "booleanEquals", 308 "argv": [ 309 true, 310 { 311 "fn": "getAttr", 312 "argv": [ 313 { 314 "ref": "PartitionResult" 315 }, 316 "supportsDualStack" 317 ] 318 } 319 ] 320 } 321 ], 322 "rules": [ 323 { 324 "conditions": [ 325 { 326 "fn": "stringEquals", 327 "argv": [ 328 "aws", 329 { 330 "fn": "getAttr", 331 "argv": [ 332 { 333 "ref": "PartitionResult" 334 }, 335 "name" 336 ] 337 } 338 ] 339 } 340 ], 341 "endpoint": { 342 "url": "https://secretsmanager.{Region}.amazonaws.com", 343 "properties": {}, 344 "headers": {} 345 }, 346 "type": "endpoint" 347 }, 348 { 349 "conditions": [ 350 { 351 "fn": "stringEquals", 352 "argv": [ 353 "aws-cn", 354 { 355 "fn": "getAttr", 356 "argv": [ 357 { 358 "ref": "PartitionResult" 359 }, 360 "name" 361 ] 362 } 363 ] 364 } 365 ], 366 "endpoint": { 367 "url": "https://secretsmanager.{Region}.amazonaws.com.cn", 368 "properties": {}, 369 "headers": {} 370 }, 371 "type": "endpoint" 372 }, 373 { 374 "conditions": [ 375 { 376 "fn": "stringEquals", 377 "argv": [ 378 "aws-us-gov", 379 { 380 "fn": "getAttr", 381 "argv": [ 382 { 383 "ref": "PartitionResult" 384 }, 385 "name" 386 ] 387 } 388 ] 389 } 390 ], 391 "endpoint": { 392 "url": "https://secretsmanager.{Region}.amazonaws.com", 393 "properties": {}, 394 "headers": {} 395 }, 396 "type": "endpoint" 397 }, 398 { 399 "conditions": [], 400 "endpoint": { 401 "url": "https://secretsmanager.{Region}.{PartitionResult#dualStackDnsSuffix}", 402 "properties": {}, 403 "headers": {} 404 }, 405 "type": "endpoint" 406 } 407 ], 408 "type": "tree" 409 }, 410 { 411 "conditions": [], 412 "error": "DualStack is enabled but this partition does not support DualStack", 413 "type": "error" 414 } 415 ], 416 "type": "tree" 417 }, 418 { 419 "conditions": [], 420 "endpoint": { 421 "url": "https://secretsmanager.{Region}.{PartitionResult#dnsSuffix}", 422 "properties": {}, 423 "headers": {} 424 }, 425 "type": "endpoint" 426 } 427 ], 428 "type": "tree" 429 } 430 ], 431 "type": "tree" 432 }, 433 { 434 "conditions": [], 435 "error": "Invalid Configuration: Missing Region", 436 "type": "error" 437 } 438 ] 439}