1{ 2 "version": "1.0", 3 "parameters": { 4 "Region": { 5 "builtIn": "AWS::Region", 6 "required": false, 7 "documentation": "The AWS region used to dispatch the request.", 8 "type": "String" 9 }, 10 "UseDualStack": { 11 "builtIn": "AWS::UseDualStack", 12 "required": true, 13 "default": false, 14 "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", 15 "type": "Boolean" 16 }, 17 "UseFIPS": { 18 "builtIn": "AWS::UseFIPS", 19 "required": true, 20 "default": false, 21 "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", 22 "type": "Boolean" 23 }, 24 "Endpoint": { 25 "builtIn": "SDK::Endpoint", 26 "required": false, 27 "documentation": "Override the endpoint used to send this request", 28 "type": "String" 29 } 30 }, 31 "rules": [ 32 { 33 "conditions": [ 34 { 35 "fn": "isSet", 36 "argv": [ 37 { 38 "ref": "Endpoint" 39 } 40 ] 41 } 42 ], 43 "rules": [ 44 { 45 "conditions": [ 46 { 47 "fn": "booleanEquals", 48 "argv": [ 49 { 50 "ref": "UseFIPS" 51 }, 52 true 53 ] 54 } 55 ], 56 "error": "Invalid Configuration: FIPS and custom endpoint are not supported", 57 "type": "error" 58 }, 59 { 60 "conditions": [ 61 { 62 "fn": "booleanEquals", 63 "argv": [ 64 { 65 "ref": "UseDualStack" 66 }, 67 true 68 ] 69 } 70 ], 71 "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", 72 "type": "error" 73 }, 74 { 75 "conditions": [], 76 "endpoint": { 77 "url": { 78 "ref": "Endpoint" 79 }, 80 "properties": {}, 81 "headers": {} 82 }, 83 "type": "endpoint" 84 } 85 ], 86 "type": "tree" 87 }, 88 { 89 "conditions": [ 90 { 91 "fn": "isSet", 92 "argv": [ 93 { 94 "ref": "Region" 95 } 96 ] 97 } 98 ], 99 "rules": [ 100 { 101 "conditions": [ 102 { 103 "fn": "aws.partition", 104 "argv": [ 105 { 106 "ref": "Region" 107 } 108 ], 109 "assign": "PartitionResult" 110 } 111 ], 112 "rules": [ 113 { 114 "conditions": [ 115 { 116 "fn": "booleanEquals", 117 "argv": [ 118 { 119 "ref": "UseFIPS" 120 }, 121 true 122 ] 123 }, 124 { 125 "fn": "booleanEquals", 126 "argv": [ 127 { 128 "ref": "UseDualStack" 129 }, 130 true 131 ] 132 } 133 ], 134 "rules": [ 135 { 136 "conditions": [ 137 { 138 "fn": "booleanEquals", 139 "argv": [ 140 true, 141 { 142 "fn": "getAttr", 143 "argv": [ 144 { 145 "ref": "PartitionResult" 146 }, 147 "supportsFIPS" 148 ] 149 } 150 ] 151 }, 152 { 153 "fn": "booleanEquals", 154 "argv": [ 155 true, 156 { 157 "fn": "getAttr", 158 "argv": [ 159 { 160 "ref": "PartitionResult" 161 }, 162 "supportsDualStack" 163 ] 164 } 165 ] 166 } 167 ], 168 "rules": [ 169 { 170 "conditions": [], 171 "endpoint": { 172 "url": "https://sso-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", 173 "properties": {}, 174 "headers": {} 175 }, 176 "type": "endpoint" 177 } 178 ], 179 "type": "tree" 180 }, 181 { 182 "conditions": [], 183 "error": "FIPS and DualStack are enabled, but this partition does not support one or both", 184 "type": "error" 185 } 186 ], 187 "type": "tree" 188 }, 189 { 190 "conditions": [ 191 { 192 "fn": "booleanEquals", 193 "argv": [ 194 { 195 "ref": "UseFIPS" 196 }, 197 true 198 ] 199 } 200 ], 201 "rules": [ 202 { 203 "conditions": [ 204 { 205 "fn": "booleanEquals", 206 "argv": [ 207 { 208 "fn": "getAttr", 209 "argv": [ 210 { 211 "ref": "PartitionResult" 212 }, 213 "supportsFIPS" 214 ] 215 }, 216 true 217 ] 218 } 219 ], 220 "rules": [ 221 { 222 "conditions": [ 223 { 224 "fn": "stringEquals", 225 "argv": [ 226 { 227 "fn": "getAttr", 228 "argv": [ 229 { 230 "ref": "PartitionResult" 231 }, 232 "name" 233 ] 234 }, 235 "aws-us-gov" 236 ] 237 } 238 ], 239 "endpoint": { 240 "url": "https://sso.{Region}.amazonaws.com", 241 "properties": {}, 242 "headers": {} 243 }, 244 "type": "endpoint" 245 }, 246 { 247 "conditions": [], 248 "endpoint": { 249 "url": "https://sso-fips.{Region}.{PartitionResult#dnsSuffix}", 250 "properties": {}, 251 "headers": {} 252 }, 253 "type": "endpoint" 254 } 255 ], 256 "type": "tree" 257 }, 258 { 259 "conditions": [], 260 "error": "FIPS is enabled but this partition does not support FIPS", 261 "type": "error" 262 } 263 ], 264 "type": "tree" 265 }, 266 { 267 "conditions": [ 268 { 269 "fn": "booleanEquals", 270 "argv": [ 271 { 272 "ref": "UseDualStack" 273 }, 274 true 275 ] 276 } 277 ], 278 "rules": [ 279 { 280 "conditions": [ 281 { 282 "fn": "booleanEquals", 283 "argv": [ 284 true, 285 { 286 "fn": "getAttr", 287 "argv": [ 288 { 289 "ref": "PartitionResult" 290 }, 291 "supportsDualStack" 292 ] 293 } 294 ] 295 } 296 ], 297 "rules": [ 298 { 299 "conditions": [], 300 "endpoint": { 301 "url": "https://sso.{Region}.{PartitionResult#dualStackDnsSuffix}", 302 "properties": {}, 303 "headers": {} 304 }, 305 "type": "endpoint" 306 } 307 ], 308 "type": "tree" 309 }, 310 { 311 "conditions": [], 312 "error": "DualStack is enabled but this partition does not support DualStack", 313 "type": "error" 314 } 315 ], 316 "type": "tree" 317 }, 318 { 319 "conditions": [], 320 "endpoint": { 321 "url": "https://sso.{Region}.{PartitionResult#dnsSuffix}", 322 "properties": {}, 323 "headers": {} 324 }, 325 "type": "endpoint" 326 } 327 ], 328 "type": "tree" 329 } 330 ], 331 "type": "tree" 332 }, 333 { 334 "conditions": [], 335 "error": "Invalid Configuration: Missing Region", 336 "type": "error" 337 } 338 ] 339}