Posted On: Feb 17, 2015

AWS Security Token Service (STS), a service that enables your applications to request temporary security credentials, is now available in every AWS region. By bringing AWS STS to a region geographically closer to your applications and services, your applications and services can call AWS STS with lower latencies and take advantage of the multiregional resiliency provided by the new regional AWS STS endpoints. Today’s launch also gives AWS account administrators greater control over where apps can request temporary security credentials by allowing administrators to activate or deactivate any of the new AWS STS endpoints.

To take advantage of one of the new regional AWS STS endpoints, an account administrator (a user with permissions to call iam:*) will first need to activate the endpoint for use with your AWS account. An administrator can do this by using the new Account Settings page found in the AWS Identity and Access Management (IAM) console. Likewise, an administrator can deactivate any of the new regional AWS STS endpoints. For backward compatibility, the AWS STS endpoints in the US East, AWS GovCloud (US), and China (Beijing) regions are always active and cannot be deactivated.

To get started, visit the IAM console.