本文為英文版的機器翻譯版本，如內容有任何歧義或不一致之處，概以英文版為準。

# 更新防火牆和閘道以允許存取
<a name="endpoints"></a>

如果您使用 Web 內容篩選解決方案來篩選對特定 AWS 網域或 URL 端點的存取，則必須允許列出下列端點，才能存取 和 Amazon Q AWS Toolkit for Visual Studio 提供的所有服務和功能。如需如何針對 AWS Toolkit with Amazon Q 的防火牆和代理設定進行故障診斷的詳細步驟，請參閱本使用者指南中的*故障診斷*主題中的[防火牆和代理設定](https://docs.aws.amazon.com//toolkit-for-visual-studio/latest/user-guide/general-troubleshoot.html#general-troubleshoot-firewall)一節。如需為 Amazon Q 設定公司代理的詳細資訊，請參閱《Amazon Q *開發人員使用者指南*》[中的在 Amazon Q 主題中設定公司代理](https://docs.aws.amazon.com//amazonq/latest/qdeveloper-ug/firewall.html#corp-proxy)。

## AWS Toolkit for Visual Studio 端點
<a name="w2aac13c27b5"></a>

以下是需要允許的特定 AWS Toolkit for Visual Studio 端點和參考清單。

### 端點
<a name="w2aac13c27b5b5"></a>

```
https://idetoolkits-hostedfiles.amazonaws.com/*
https://idetoolkits.amazonwebservices.com/*
http://vstoolkit.amazonwebservices.com/*
https://aws-vs-toolkit.s3.amazonaws.com/*
https://raw.githubusercontent.com/aws/aws-toolkit-visual-studio/main/version.json
https://aws-toolkit-language-servers.amazonaws.com/*
```

## Amazon Q 外掛程式端點
<a name="w2aac13c27b7"></a>

以下是需要允許列出的 Amazon Q 外掛程式特定端點和參考清單。

```
https://idetoolkits-hostedfiles.amazonaws.com/*    (Plugin for configs)
https://idetoolkits.amazonwebservices.com/*   (Plugin for endpoints)
https://aws-toolkit-language-servers.amazonaws.com/*  (Language Server Process)
https://client-telemetry.us-east-1.amazonaws.com/ (Telemetry)                
https://cognito-identity.us-east-1.amazonaws.com    (Telemetry)
https://aws-language-servers.us-east-1.amazonaws.com (Language Server Process)
```

## Amazon Q Developer 端點
<a name="w2aac13c27b9"></a>

以下是需要允許列出的 Amazon Q Developer 特定端點和參考清單。

```
https://codewhisperer.us-east-1.amazonaws.com (Inline,Chat, QSDA,...)
https://q.us-east-1.amazonaws.com (Inline,Chat, QSDA....)
https://desktop-release.codewhisperer.us-east-1.amazonaws.com/ (Download URL for CLI.)
https://specs.q.us-east-1.amazonaws.com (URL for auto-complete specs used by CLI)
* aws-language-servers.us-east-1.amazonaws.com (Local Workspace context)
```

## Amazon Q 程式碼轉換端點
<a name="w2aac13c27c11"></a>

以下是需要允許列出的 Amazon Q Code Transform 特定端點和參考清單。

```
https://docs.aws.amazon.com/amazonq/latest/qdeveloper-ug/security_iam_manage-access-with-policies.html
```

## 身分驗證端點
<a name="w2aac13c27c15"></a>

以下是需要允許列出的身分驗證端點和參考清單。

```
[Directory ID or alias].awsapps.com 
* oidc.[Region].amazonaws.com
*.sso.[Region].amazonaws.com
*.sso-portal.[Region].amazonaws.com
*.aws.dev
*.awsstatic.com
*.console.aws.a2z.com
*.sso.amazonaws.com
```

## 身分端點
<a name="w2aac13c27c17"></a>

下列清單包含特定於身分的端點，例如 AWS IAM Identity Center 和 AWS Builder ID。

### AWS IAM Identity Center
<a name="w2aac13c27c17b5"></a>

如需 IAM Identity Center 所需端點的詳細資訊，請參閱*AWS IAM Identity Center*《 使用者指南》中的[啟用 IAM Identity Center](https://docs.aws.amazon.com/singlesignon/latest/userguide/enable-identity-center.html) 主題。

### 企業 IAM Identity Center
<a name="w2aac13c27c17b7"></a>

```
https://[Center director id].awsapps.com/start (should be permitted to initiate auth)
https://us-east-1.signin.aws (for facilitating authentication, assuming IAM Identity Center is in IAD)
https://oidc.(us-east-1).amazonaws.com
https://log.sso-portal.eu-west-1.amazonaws.com
https://portal.sso.eu-west-1.amazonaws.com
```

### AWS 建置器 ID
<a name="w2aac13c27c17b9"></a>

```
https://view.awsapps.com/start (must be blocked to disable individual tier) 
https://codewhisperer.us-east-1.amazonaws.com and q.us-east-1.amazonaws.com (should be permitted)
```

## 遙測
<a name="w2aac13c27c19"></a>

以下是需要允許列出的遙測特定端點。

```
https://telemetry.aws-language-servers.us-east-1.amazonaws.com/
https://client-telemetry.us-east-1.amazonaws.com
```

## 參考
<a name="w2aac13c27c21"></a>

以下是端點參考的清單。

```
idetoolkits-hostedfiles.amazonaws.com
cognito-identity.us-east-1.amazonaws.com
amazonwebservices.gallery.vsassets.io
eu-west-1.prod.pr.analytics.console.aws.a2z.com
prod.pa.cdn.uis.awsstatic.com
portal.sso.eu-west-1.amazonaws.com
log.sso-portal.eu-west-1.amazonaws.com
prod.assets.shortbread.aws.dev
prod.tools.shortbread.aws.dev
prod.log.shortbread.aws.dev
a.b.cdn.console.awsstatic.com
assets.sso-portal.eu-west-1.amazonaws.com
oidc.eu-west-1.amazonaws.com
aws-toolkit-language-servers.amazonaws.com
aws-language-servers.us-east-1.amazonaws.com
idetoolkits.amazonwebservices.com
```