sts_regional_endpoints - AWS SDKs and Tools

sts_regional_endpoints

Specifies how the SDK or tool determines the AWS service endpoint that it uses to talk to the AWS Security Token Service (AWS STS).

Details

Default value: legacy (exception: AWS CLI version 2 uses regional as the default value)

Valid values:

  • legacy – Uses the global AWS STS endpoint, sts.amazonaws.com, for the following AWS Regions: ap-northeast-1, ap-south-1, ap-southeast-1, ap-southeast-2, aws-global, ca-central-1, eu-central-1, eu-north-1, eu-west-1, eu-west-2, eu-west-3, sa-east-1, us-east-1, us-east-2, us-west-1, and us-west-2. All other Regions automatically use their respective regional endpoint.

  • regional – The SDK or tool always uses the AWS STS endpoint for the currently configured Region. For example, if the client is configured to use us-west-2, all calls to AWS STS are made to the regional endpoint sts.us-west-2.amazonaws.com, instead of the global sts.amazonaws.com endpoint. To send a request to the global endpoint while this setting is enabled, you can set the Region to aws-global.

Ways to set this value

Location Supported Example
config file Yes
sts_regional_endpoints = regional
credentials file -
Environment variable Yes Linux/macOS:
export AWS_STS_REGIONAL_ENDPOINTS=regional
Windows:
setx AWS_STS_REGIONAL_ENDPOINTS regional
AWS CLI parameter -

Compatibility with AWS SDKS and tools

SDK or tool Supported Notes or more information
AWS Command Line Interface (AWS CLI) Yes Default behavior for version 2 changed value to regional.
AWS SDK for .NET Yes
AWS SDK for PHP -
AWS SDK for Python (Boto3) Yes

AWS Toolkit for JetBrains

-
AWS Toolkit for Visual Studio -
AWS Toolkit for Visual Studio Code -
AWS Tools for PowerShell Yes