How to use Regional AWS STS endpoints
Security Blog
This article explains how to use Regional AWS Security Token Service (AWS STS) endpoints instead of the global legacy endpoint to improve resiliency and performance.
Specifically, the article covers:
- Difference between global legacy and Regional AWS STS endpoints
- Benefits of using Regional AWS STS endpoints (resiliency, isolation, performance)
- Configuring Regional AWS STS endpoints for AWS CLI and SDKs
- Using VPC endpoints with AWS STS
- Logging and analyzing AWS STS requests using CloudTrail, CloudWatch Logs, and Athena
- Conclusion recommending the use of Regional AWS STS endpoints
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
Apr 18
2025
2025
AWS STS global endpoint now serves your requests locally in regions enabled by default
Nov 17
2025
2025
How to use Amazon S3 Multi-Region Access Points to streamline and reduce the cost of writing across AWS Regions
Nov 19
2025
2025
AWS NAT Gateway now supports regional availability
Dec 11
2024
2024
How to Make Simple Email Service Resilient Across Two AWS Regions with Global Endpoints
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.