1{ 2 "version": "1.0", 3 "parameters": { 4 "Region": { 5 "builtIn": "AWS::Region", 6 "required": false, 7 "documentation": "The AWS region used to dispatch the request.", 8 "type": "String" 9 }, 10 "UseDualStack": { 11 "builtIn": "AWS::UseDualStack", 12 "required": true, 13 "default": false, 14 "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", 15 "type": "Boolean" 16 }, 17 "UseFIPS": { 18 "builtIn": "AWS::UseFIPS", 19 "required": true, 20 "default": false, 21 "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", 22 "type": "Boolean" 23 }, 24 "Endpoint": { 25 "builtIn": "SDK::Endpoint", 26 "required": false, 27 "documentation": "Override the endpoint used to send this request", 28 "type": "String" 29 } 30 }, 31 "rules": [ 32 { 33 "conditions": [ 34 { 35 "fn": "isSet", 36 "argv": [ 37 { 38 "ref": "Endpoint" 39 } 40 ] 41 } 42 ], 43 "type": "tree", 44 "rules": [ 45 { 46 "conditions": [ 47 { 48 "fn": "booleanEquals", 49 "argv": [ 50 { 51 "ref": "UseFIPS" 52 }, 53 true 54 ] 55 } 56 ], 57 "error": "Invalid Configuration: FIPS and custom endpoint are not supported", 58 "type": "error" 59 }, 60 { 61 "conditions": [ 62 { 63 "fn": "booleanEquals", 64 "argv": [ 65 { 66 "ref": "UseDualStack" 67 }, 68 true 69 ] 70 } 71 ], 72 "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", 73 "type": "error" 74 }, 75 { 76 "conditions": [], 77 "endpoint": { 78 "url": { 79 "ref": "Endpoint" 80 }, 81 "properties": {}, 82 "headers": {} 83 }, 84 "type": "endpoint" 85 } 86 ] 87 }, 88 { 89 "conditions": [ 90 { 91 "fn": "isSet", 92 "argv": [ 93 { 94 "ref": "Region" 95 } 96 ] 97 } 98 ], 99 "type": "tree", 100 "rules": [ 101 { 102 "conditions": [ 103 { 104 "fn": "aws.partition", 105 "argv": [ 106 { 107 "ref": "Region" 108 } 109 ], 110 "assign": "PartitionResult" 111 } 112 ], 113 "type": "tree", 114 "rules": [ 115 { 116 "conditions": [ 117 { 118 "fn": "stringEquals", 119 "argv": [ 120 { 121 "fn": "getAttr", 122 "argv": [ 123 { 124 "ref": "PartitionResult" 125 }, 126 "name" 127 ] 128 }, 129 "aws" 130 ] 131 }, 132 { 133 "fn": "booleanEquals", 134 "argv": [ 135 { 136 "ref": "UseFIPS" 137 }, 138 false 139 ] 140 }, 141 { 142 "fn": "booleanEquals", 143 "argv": [ 144 { 145 "ref": "UseDualStack" 146 }, 147 false 148 ] 149 } 150 ], 151 "endpoint": { 152 "url": "https://shield.us-east-1.amazonaws.com", 153 "properties": { 154 "authSchemes": [ 155 { 156 "name": "sigv4", 157 "signingName": "shield", 158 "signingRegion": "us-east-1" 159 } 160 ] 161 }, 162 "headers": {} 163 }, 164 "type": "endpoint" 165 }, 166 { 167 "conditions": [ 168 { 169 "fn": "stringEquals", 170 "argv": [ 171 { 172 "fn": "getAttr", 173 "argv": [ 174 { 175 "ref": "PartitionResult" 176 }, 177 "name" 178 ] 179 }, 180 "aws" 181 ] 182 }, 183 { 184 "fn": "booleanEquals", 185 "argv": [ 186 { 187 "ref": "UseFIPS" 188 }, 189 true 190 ] 191 }, 192 { 193 "fn": "booleanEquals", 194 "argv": [ 195 { 196 "ref": "UseDualStack" 197 }, 198 false 199 ] 200 } 201 ], 202 "endpoint": { 203 "url": "https://shield-fips.us-east-1.amazonaws.com", 204 "properties": { 205 "authSchemes": [ 206 { 207 "name": "sigv4", 208 "signingName": "shield", 209 "signingRegion": "us-east-1" 210 } 211 ] 212 }, 213 "headers": {} 214 }, 215 "type": "endpoint" 216 }, 217 { 218 "conditions": [ 219 { 220 "fn": "booleanEquals", 221 "argv": [ 222 { 223 "ref": "UseFIPS" 224 }, 225 true 226 ] 227 }, 228 { 229 "fn": "booleanEquals", 230 "argv": [ 231 { 232 "ref": "UseDualStack" 233 }, 234 true 235 ] 236 } 237 ], 238 "type": "tree", 239 "rules": [ 240 { 241 "conditions": [ 242 { 243 "fn": "booleanEquals", 244 "argv": [ 245 true, 246 { 247 "fn": "getAttr", 248 "argv": [ 249 { 250 "ref": "PartitionResult" 251 }, 252 "supportsFIPS" 253 ] 254 } 255 ] 256 }, 257 { 258 "fn": "booleanEquals", 259 "argv": [ 260 true, 261 { 262 "fn": "getAttr", 263 "argv": [ 264 { 265 "ref": "PartitionResult" 266 }, 267 "supportsDualStack" 268 ] 269 } 270 ] 271 } 272 ], 273 "type": "tree", 274 "rules": [ 275 { 276 "conditions": [], 277 "endpoint": { 278 "url": "https://shield-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", 279 "properties": {}, 280 "headers": {} 281 }, 282 "type": "endpoint" 283 } 284 ] 285 }, 286 { 287 "conditions": [], 288 "error": "FIPS and DualStack are enabled, but this partition does not support one or both", 289 "type": "error" 290 } 291 ] 292 }, 293 { 294 "conditions": [ 295 { 296 "fn": "booleanEquals", 297 "argv": [ 298 { 299 "ref": "UseFIPS" 300 }, 301 true 302 ] 303 } 304 ], 305 "type": "tree", 306 "rules": [ 307 { 308 "conditions": [ 309 { 310 "fn": "booleanEquals", 311 "argv": [ 312 true, 313 { 314 "fn": "getAttr", 315 "argv": [ 316 { 317 "ref": "PartitionResult" 318 }, 319 "supportsFIPS" 320 ] 321 } 322 ] 323 } 324 ], 325 "type": "tree", 326 "rules": [ 327 { 328 "conditions": [], 329 "endpoint": { 330 "url": "https://shield-fips.{Region}.{PartitionResult#dnsSuffix}", 331 "properties": {}, 332 "headers": {} 333 }, 334 "type": "endpoint" 335 } 336 ] 337 }, 338 { 339 "conditions": [], 340 "error": "FIPS is enabled but this partition does not support FIPS", 341 "type": "error" 342 } 343 ] 344 }, 345 { 346 "conditions": [ 347 { 348 "fn": "booleanEquals", 349 "argv": [ 350 { 351 "ref": "UseDualStack" 352 }, 353 true 354 ] 355 } 356 ], 357 "type": "tree", 358 "rules": [ 359 { 360 "conditions": [ 361 { 362 "fn": "booleanEquals", 363 "argv": [ 364 true, 365 { 366 "fn": "getAttr", 367 "argv": [ 368 { 369 "ref": "PartitionResult" 370 }, 371 "supportsDualStack" 372 ] 373 } 374 ] 375 } 376 ], 377 "type": "tree", 378 "rules": [ 379 { 380 "conditions": [], 381 "endpoint": { 382 "url": "https://shield.{Region}.{PartitionResult#dualStackDnsSuffix}", 383 "properties": {}, 384 "headers": {} 385 }, 386 "type": "endpoint" 387 } 388 ] 389 }, 390 { 391 "conditions": [], 392 "error": "DualStack is enabled but this partition does not support DualStack", 393 "type": "error" 394 } 395 ] 396 }, 397 { 398 "conditions": [], 399 "endpoint": { 400 "url": "https://shield.{Region}.{PartitionResult#dnsSuffix}", 401 "properties": {}, 402 "headers": {} 403 }, 404 "type": "endpoint" 405 } 406 ] 407 } 408 ] 409 }, 410 { 411 "conditions": [], 412 "error": "Invalid Configuration: Missing Region", 413 "type": "error" 414 } 415 ] 416}