Skip to main content

Using Stax-managed AWS Regions

Stax-managed AWS Regions allows you to view and enable AWS opt-in Regions for all accounts within your Stax Organization. This provides flexibility and seamless enablement of opt-in regions, bringing them in line with security and best practices through the Stax Assurance process.

Follow the below instructions to configure Stax-managed AWS Regions or see the Stax API.

If you choose to enable opt-in AWS Regions, ensure you are aware of the pricing for AWS services that will be enabled in the region as part of the Stax Assurance process. Enabling a new region in Stax opens the Region to all accounts within your Organization, allowing you to deploy resources and workloads in the Region. As a best practice, opt-in only to AWS Regions where you will run workloads.

Before You Begin

  • Estimated time to complete: 5 minutes (enablement of an opt-in region can take a few minutes or up to 2 hours depending on the number of in-scope accounts and opt-in regions enabled)
  • Ensure you are a member of the Admin role in your Stax tenancy

Enabling AWS Opt-in Regions

  1. Log in to the Stax Console
  2. Click Organization in the left-hand nav
  3. Choose Foundation Services in the sub-menu, beneath Service Control Policies
  4. Choose the settings cog on the Stax-managed AWS Regions tile
  5. Click on the Edit icon next to Settings to enable opt-in regions supported by Stax
  6. Choose the opt-in region(s) you wish to enable by clicking the toggle next to the region
  7. Click Save

Enabling AWS opt-in Regions will take some time to configure depending on the number of AWS accounts you have. Once configured, Stax-managed AWS Regions will transition from Configuring to Active on the Foundation Services page.

Disabling AWS Opt-in Regions

Disabling enabled AWS opt-in Region is not supported in the Stax Console or API at this time. You can request Stax to disable an AWS Opt-in Region by raising a Stax support case.

Disabling Default Regions

Stax does not support disabling AWS Default Regions. If you require this functionality, please use SCPs.

External Management of AWS Regions

Changes made to the Organization's AWS Regions outside of Stax, such as the AWS console or AWS SDK, will not be preserved by Stax. When the Stax assurance process is run, your AWS Region settings will be reset to the configuration specified in the Stax-managed AWS Regions service.

Using Amazon Bedrock

Amazon Bedrock provides two types of inference profiles for model invocation:

  • Cross-region inference profiles, which are predefined profiles provided by Amazon Bedrock. Model invocation requests may be routed through different regions, including regions that aren't supported by Stax.
  • Application inference profiles, which are user-managed. By using an application inference profile, you can able to specify the regions that model invocation requests are routed through.

If your Stax-managed AWS Organization uses Amazon Bedrock, it is recommended to use application inference profiles for best results in order for requests to be routed through only enabled regions.