Enabling Opt-In Regions
Copy link

ℹ️

This page has moved

For up-to-date information about AWS Configuration options, go to AWS Additional Configuration.

Cloud Security (InsightCloudSec) includes support for several AWS Commercial regions with the “opt-in” classification. Currently those are: Bahrain me-south-1, Hong Kong ap-east-1, Cape Town af-south-1, and Milan eu-south-1. Each of these regions are AWS “opt-in” regions and require additional configuration to be enabled.

Once enabled, you will also need to update the STS token compatibility to allow Cloud Security (InsightCloudSec) to communicate with these regions.

Session Tokens
Copy link

STS tokens need to be enabled in the AWS account where your Cloud Security (InsightCloudSec) instance is deployed.

  • Without these changes, Cloud Security (InsightCloudSec) will be unable to retrieve information from these regions even if they are enabled.
  • For customers who prefer to keep these regions disabled, there are no changes required.

Allow larger session tokens
Copy link

To enable STS tokens, you must allow larger session tokens to the global endpoint.

  1. Go to the AWS console (https://console.aws.amazon.com/iam/home?#/account_settings).
  2. In the Security Token Service (STS) section, in the Global Endpoint row, click Edit. (https://sts.amazonaws.com).
  3. Select Valid in all AWS Regions.
  4. Click Save changes.

AWS Regions
Copy link

A full list of AWS Regions can be found on the AWS site.