Considerations for choosing an Amazon Web Services Region

Geographical location of your users – When you select a Region that's geographically closest to the majority of your end users, they'll have lower latency of access to the Amazon Web Services access portal and Amazon managed applications, such as Amazon SageMaker AI.

Availability of Amazon managed applications – Amazon managed applications can operate only in the Amazon Web Services Regions in which they're available. Enable IAM Identity Center in a Region supported by the Amazon managed application(s) you want to use with it. Many Amazon managed applications can also operate only in the same Region where you enabled IAM Identity Center.

Digital sovereignty – Digital sovereignty regulations or company policies may mandate the use of a particular Amazon Web Services Region. Consult with your company’s legal department.

Identity source – If you’re using Amazon Managed Microsoft AD or your self-managed directory in Active Directory (AD) as the identity source, its home Region must match the Amazon Web Services Region in which you enabled IAM Identity Center.

Opt-in Regions (Regions that are disabled by default) – An opt-in Region is an Amazon Web Services Region that is disabled by default. To use an opt-in Region, you must enable it. For more information, see Managing IAM Identity Center in an opt-in Region.

Cross-Region emails with Amazon Simple Email Service – In some Regions, IAM Identity Center may call Amazon Simple Email Service (Amazon SES) in a different Region to send email. In these cross-Region calls, IAM Identity Center sends certain user attributes to the other Region. For more information, see Cross-Region emails with Amazon SES.