Using Stax-managed AWS Regions
Stax-managed AWS Regions allows you to view and enable AWS opt-in Regions for all accounts within your Stax Organization. This provides flexibility and seamless enablement of opt-in regions, bringing them in line with security and best practices through the Stax Assurance process.
Follow the below instructions to configure Stax-managed AWS Regions or see the Stax API.
If you choose to enable opt-in AWS Regions, ensure you are aware of the pricing for AWS services that will be enabled in the region as part of the Stax Assurance process. Enabling a new region in Stax opens the Region to all accounts within your Organization, allowing you to deploy resources and workloads in the Region. As a best practice, opt-in only to AWS Regions where you will run workloads.
Before You Begin
- Estimated time to complete: 5 minutes (enablement of an opt-in region can take a few minutes or up to 2 hours depending on the number of in-scope accounts and opt-in regions enabled)
- Ensure you are a member of the Admin role in your Stax tenancy
Enabling AWS Opt-in Regions
- Log in to the Stax Console
- Click Organization in the left-hand nav
- Choose Foundation Services in the sub-menu, beneath Service Control Policies
- Choose the settings cog on the Stax-managed AWS Regionstile
- Click on the Edit icon next to Settings to enable opt-in regions supported by Stax
- Choose the opt-in region(s) you wish to enable by clicking the toggle next to the region
- Click Save
Enabling AWS opt-in Regions will take some time to configure depending on the number of AWS accounts you have. Once configured, Stax-managed AWS Regions will transition from Configuring to Active on the Foundation Services page.
Disabling AWS Opt-in Regions
Disabling enabled AWS opt-in Region is not supported in the Stax Console or API at this time. You can request Stax to disable an AWS Opt-in Region by raising a Stax support case.
Disabling Default Regions
Stax does not support disabling AWS Default Regions. If you require this functionality, please use SCPs.
External Management of AWS Regions
Changes made to the Organization's AWS Regions outside of Stax, such as the AWS console or AWS SDK, will not be preserved by Stax. When the Stax assurance process is run, your AWS Region settings will be reset to the configuration specified in the Stax-managed AWS Regionsservice*.*