1 個回答
- 最新
- 最多得票
- 最多評論
1
AWS endpoints are regional. For example here are the IAM endpoints.. You experience something similar in the S3 console, it will indicate global, but actually the buckets and objects are region-scoped, they exist in a region. The bucket name has to be unique within the partition so you don't have to specify the region in the ARN
IAM resource (user, groups, roles, policies) are partition-scoped (globally-scoped). They can be referenced, accessed, managed from any region in the partition. You will noticed that IAM resource ARNs do not specify the region.
相關內容
- AWS 官方已更新 2 年前
Ok, so basically, the region I set doesn't matter, just so something is set?
In the IAM case, yes. It uses that region value to construct/find the endpoint that it calls.