1{ 2 "version": "1.0", 3 "parameters": { 4 "Region": { 5 "builtIn": "AWS::Region", 6 "required": false, 7 "documentation": "The AWS region used to dispatch the request.", 8 "type": "String" 9 }, 10 "UseDualStack": { 11 "builtIn": "AWS::UseDualStack", 12 "required": true, 13 "default": false, 14 "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", 15 "type": "Boolean" 16 }, 17 "UseFIPS": { 18 "builtIn": "AWS::UseFIPS", 19 "required": true, 20 "default": false, 21 "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", 22 "type": "Boolean" 23 }, 24 "Endpoint": { 25 "builtIn": "SDK::Endpoint", 26 "required": false, 27 "documentation": "Override the endpoint used to send this request", 28 "type": "String" 29 } 30 }, 31 "rules": [ 32 { 33 "conditions": [ 34 { 35 "fn": "isSet", 36 "argv": [ 37 { 38 "ref": "Endpoint" 39 } 40 ] 41 } 42 ], 43 "rules": [ 44 { 45 "conditions": [ 46 { 47 "fn": "booleanEquals", 48 "argv": [ 49 { 50 "ref": "UseFIPS" 51 }, 52 true 53 ] 54 } 55 ], 56 "error": "Invalid Configuration: FIPS and custom endpoint are not supported", 57 "type": "error" 58 }, 59 { 60 "conditions": [ 61 { 62 "fn": "booleanEquals", 63 "argv": [ 64 { 65 "ref": "UseDualStack" 66 }, 67 true 68 ] 69 } 70 ], 71 "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", 72 "type": "error" 73 }, 74 { 75 "conditions": [], 76 "endpoint": { 77 "url": { 78 "ref": "Endpoint" 79 }, 80 "properties": {}, 81 "headers": {} 82 }, 83 "type": "endpoint" 84 } 85 ], 86 "type": "tree" 87 }, 88 { 89 "conditions": [ 90 { 91 "fn": "isSet", 92 "argv": [ 93 { 94 "ref": "Region" 95 } 96 ] 97 } 98 ], 99 "rules": [ 100 { 101 "conditions": [ 102 { 103 "fn": "aws.partition", 104 "argv": [ 105 { 106 "ref": "Region" 107 } 108 ], 109 "assign": "PartitionResult" 110 } 111 ], 112 "rules": [ 113 { 114 "conditions": [ 115 { 116 "fn": "stringEquals", 117 "argv": [ 118 { 119 "fn": "getAttr", 120 "argv": [ 121 { 122 "ref": "PartitionResult" 123 }, 124 "name" 125 ] 126 }, 127 "aws" 128 ] 129 }, 130 { 131 "fn": "booleanEquals", 132 "argv": [ 133 { 134 "ref": "UseFIPS" 135 }, 136 false 137 ] 138 }, 139 { 140 "fn": "booleanEquals", 141 "argv": [ 142 { 143 "ref": "UseDualStack" 144 }, 145 false 146 ] 147 } 148 ], 149 "endpoint": { 150 "url": "https://organizations.us-east-1.amazonaws.com", 151 "properties": { 152 "authSchemes": [ 153 { 154 "name": "sigv4", 155 "signingName": "organizations", 156 "signingRegion": "us-east-1" 157 } 158 ] 159 }, 160 "headers": {} 161 }, 162 "type": "endpoint" 163 }, 164 { 165 "conditions": [ 166 { 167 "fn": "stringEquals", 168 "argv": [ 169 { 170 "fn": "getAttr", 171 "argv": [ 172 { 173 "ref": "PartitionResult" 174 }, 175 "name" 176 ] 177 }, 178 "aws" 179 ] 180 }, 181 { 182 "fn": "booleanEquals", 183 "argv": [ 184 { 185 "ref": "UseFIPS" 186 }, 187 true 188 ] 189 }, 190 { 191 "fn": "booleanEquals", 192 "argv": [ 193 { 194 "ref": "UseDualStack" 195 }, 196 false 197 ] 198 } 199 ], 200 "endpoint": { 201 "url": "https://organizations-fips.us-east-1.amazonaws.com", 202 "properties": { 203 "authSchemes": [ 204 { 205 "name": "sigv4", 206 "signingName": "organizations", 207 "signingRegion": "us-east-1" 208 } 209 ] 210 }, 211 "headers": {} 212 }, 213 "type": "endpoint" 214 }, 215 { 216 "conditions": [ 217 { 218 "fn": "stringEquals", 219 "argv": [ 220 { 221 "fn": "getAttr", 222 "argv": [ 223 { 224 "ref": "PartitionResult" 225 }, 226 "name" 227 ] 228 }, 229 "aws-cn" 230 ] 231 }, 232 { 233 "fn": "booleanEquals", 234 "argv": [ 235 { 236 "ref": "UseFIPS" 237 }, 238 false 239 ] 240 }, 241 { 242 "fn": "booleanEquals", 243 "argv": [ 244 { 245 "ref": "UseDualStack" 246 }, 247 false 248 ] 249 } 250 ], 251 "endpoint": { 252 "url": "https://organizations.cn-northwest-1.amazonaws.com.cn", 253 "properties": { 254 "authSchemes": [ 255 { 256 "name": "sigv4", 257 "signingName": "organizations", 258 "signingRegion": "cn-northwest-1" 259 } 260 ] 261 }, 262 "headers": {} 263 }, 264 "type": "endpoint" 265 }, 266 { 267 "conditions": [ 268 { 269 "fn": "stringEquals", 270 "argv": [ 271 { 272 "fn": "getAttr", 273 "argv": [ 274 { 275 "ref": "PartitionResult" 276 }, 277 "name" 278 ] 279 }, 280 "aws-us-gov" 281 ] 282 }, 283 { 284 "fn": "booleanEquals", 285 "argv": [ 286 { 287 "ref": "UseFIPS" 288 }, 289 false 290 ] 291 }, 292 { 293 "fn": "booleanEquals", 294 "argv": [ 295 { 296 "ref": "UseDualStack" 297 }, 298 false 299 ] 300 } 301 ], 302 "endpoint": { 303 "url": "https://organizations.us-gov-west-1.amazonaws.com", 304 "properties": { 305 "authSchemes": [ 306 { 307 "name": "sigv4", 308 "signingName": "organizations", 309 "signingRegion": "us-gov-west-1" 310 } 311 ] 312 }, 313 "headers": {} 314 }, 315 "type": "endpoint" 316 }, 317 { 318 "conditions": [ 319 { 320 "fn": "stringEquals", 321 "argv": [ 322 { 323 "fn": "getAttr", 324 "argv": [ 325 { 326 "ref": "PartitionResult" 327 }, 328 "name" 329 ] 330 }, 331 "aws-us-gov" 332 ] 333 }, 334 { 335 "fn": "booleanEquals", 336 "argv": [ 337 { 338 "ref": "UseFIPS" 339 }, 340 true 341 ] 342 }, 343 { 344 "fn": "booleanEquals", 345 "argv": [ 346 { 347 "ref": "UseDualStack" 348 }, 349 false 350 ] 351 } 352 ], 353 "endpoint": { 354 "url": "https://organizations.us-gov-west-1.amazonaws.com", 355 "properties": { 356 "authSchemes": [ 357 { 358 "name": "sigv4", 359 "signingName": "organizations", 360 "signingRegion": "us-gov-west-1" 361 } 362 ] 363 }, 364 "headers": {} 365 }, 366 "type": "endpoint" 367 }, 368 { 369 "conditions": [ 370 { 371 "fn": "booleanEquals", 372 "argv": [ 373 { 374 "ref": "UseFIPS" 375 }, 376 true 377 ] 378 }, 379 { 380 "fn": "booleanEquals", 381 "argv": [ 382 { 383 "ref": "UseDualStack" 384 }, 385 true 386 ] 387 } 388 ], 389 "rules": [ 390 { 391 "conditions": [ 392 { 393 "fn": "booleanEquals", 394 "argv": [ 395 true, 396 { 397 "fn": "getAttr", 398 "argv": [ 399 { 400 "ref": "PartitionResult" 401 }, 402 "supportsFIPS" 403 ] 404 } 405 ] 406 }, 407 { 408 "fn": "booleanEquals", 409 "argv": [ 410 true, 411 { 412 "fn": "getAttr", 413 "argv": [ 414 { 415 "ref": "PartitionResult" 416 }, 417 "supportsDualStack" 418 ] 419 } 420 ] 421 } 422 ], 423 "rules": [ 424 { 425 "conditions": [], 426 "endpoint": { 427 "url": "https://organizations-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", 428 "properties": {}, 429 "headers": {} 430 }, 431 "type": "endpoint" 432 } 433 ], 434 "type": "tree" 435 }, 436 { 437 "conditions": [], 438 "error": "FIPS and DualStack are enabled, but this partition does not support one or both", 439 "type": "error" 440 } 441 ], 442 "type": "tree" 443 }, 444 { 445 "conditions": [ 446 { 447 "fn": "booleanEquals", 448 "argv": [ 449 { 450 "ref": "UseFIPS" 451 }, 452 true 453 ] 454 } 455 ], 456 "rules": [ 457 { 458 "conditions": [ 459 { 460 "fn": "booleanEquals", 461 "argv": [ 462 { 463 "fn": "getAttr", 464 "argv": [ 465 { 466 "ref": "PartitionResult" 467 }, 468 "supportsFIPS" 469 ] 470 }, 471 true 472 ] 473 } 474 ], 475 "rules": [ 476 { 477 "conditions": [], 478 "endpoint": { 479 "url": "https://organizations-fips.{Region}.{PartitionResult#dnsSuffix}", 480 "properties": {}, 481 "headers": {} 482 }, 483 "type": "endpoint" 484 } 485 ], 486 "type": "tree" 487 }, 488 { 489 "conditions": [], 490 "error": "FIPS is enabled but this partition does not support FIPS", 491 "type": "error" 492 } 493 ], 494 "type": "tree" 495 }, 496 { 497 "conditions": [ 498 { 499 "fn": "booleanEquals", 500 "argv": [ 501 { 502 "ref": "UseDualStack" 503 }, 504 true 505 ] 506 } 507 ], 508 "rules": [ 509 { 510 "conditions": [ 511 { 512 "fn": "booleanEquals", 513 "argv": [ 514 true, 515 { 516 "fn": "getAttr", 517 "argv": [ 518 { 519 "ref": "PartitionResult" 520 }, 521 "supportsDualStack" 522 ] 523 } 524 ] 525 } 526 ], 527 "rules": [ 528 { 529 "conditions": [], 530 "endpoint": { 531 "url": "https://organizations.{Region}.{PartitionResult#dualStackDnsSuffix}", 532 "properties": {}, 533 "headers": {} 534 }, 535 "type": "endpoint" 536 } 537 ], 538 "type": "tree" 539 }, 540 { 541 "conditions": [], 542 "error": "DualStack is enabled but this partition does not support DualStack", 543 "type": "error" 544 } 545 ], 546 "type": "tree" 547 }, 548 { 549 "conditions": [], 550 "endpoint": { 551 "url": "https://organizations.{Region}.{PartitionResult#dnsSuffix}", 552 "properties": {}, 553 "headers": {} 554 }, 555 "type": "endpoint" 556 } 557 ], 558 "type": "tree" 559 } 560 ], 561 "type": "tree" 562 }, 563 { 564 "conditions": [], 565 "error": "Invalid Configuration: Missing Region", 566 "type": "error" 567 } 568 ] 569}