Pros and cons of restricting user access to certain regions

0

Hello, Are there any drawbacks I should be aware of if we restrict user access to only a single region?

We use a variety of AWS services but mainly S3 and Sagemaker Studio. Our team is located in various locations so their default regions are different. It has been a challenge to keep track of studio instances when they are created in different regions so we are now considering restricting access to a single region. Are there issues that we may face in that case? Any services we may miss?

1 Answer
4
Accepted Answer

I would take a look at this for some potential edge cases. In summary, you may need to allow us-east-1 and us-west-2 in addition to whatever regions your team is in since they host some of the global service endpoints (like IAM, Route 53, Global Accelerator, and a few others). For STS, I would use the regional endpoints if you aren't already.

AWS
mike
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions