boto
SSO Client's FIPS endpoint incorrect
Describe the bug
When creating a client for sso with boto3, the client's endpoint does not match the expected endpoint when setting AWS_USE_FIPS_ENDPOINT=true and AWS_DEFAULT_REGION=us-gov-east-1 or AWS_DEFAULT_REGION=us-gov-west-1.
Regression Issue
- [ ] Select this option if this issue appears to be a regression.
Expected Behavior
I expected the endpoints to use the documented FIPS endpoints. This would be portal.sso.us-gov-east-1.amazonaws.com and portal.sso.us-gov-west-1.amazonaws.com
Current Behavior
The endpoint does not match the documentation. It resolves to portal.sso-fips.us-gov-east-1.amazonaws.com and portal.sso-fips.us-gov-west-1.amazonaws.com.
Reproduction Steps
import boto3, os
os.environ["AWS_USE_FIPS_ENDPOINT"]="true"
os.environ["AWS_DEFAULT_REGION"]="us-gov-east-1"
c = boto3.client("sso")
print(c.meta._endpoint_url)
os.environ["AWS_DEFAULT_REGION"]="us-gov-west-1"
c = boto3.client("sso")
print(c.meta._endpoint_url)
Output
https://portal.sso-fips.us-gov-east-1.amazonaws.com
https://portal.sso-fips.us-gov-west-1.amazonaws.com
Possible Solution
No response
Additional Information/Context
No response
SDK version used
1.37.5
Environment details (OS name and version, etc.)
python 3.13.1/macos 15.0.1
Hi @abohne, thanks for reaching out. I was able to reproduce this behavior. I've reached out to the service team to verify what the correct endpoint is, and hopefully we can correct this inconsistency. I'll let you know when I have any updates. Thanks!
Ticket # for internal use : P211246126
