Region and Availability Zone FAQ

For a conceptual overview of regions and endpoints, see Using Regions and Availability Zones.

Why aren't Regions tightly integrated with each other?

We isolate the Regions from each other to achieve greater fault tolerance, improve stability, and to help prevent issues within one Region from affecting another. To simplify using instances across regions, we provide tools such as ec2-migrate-image and ec2-migrate-manifest. For more information, go to Amazon Elastic Compute Cloud Command Line Reference.

How do I interact with EC2 in different Regions?

Use the Region-specific service endpoint for the Region you want. To get a list of Regions and their endpoints, use the DescribeRegions API (i.e., the ec2-describe-regions command), for example:

PROMPT> ec2-describe-regions
REGION  ap-northeast-1       ec2.ap-northeast-1.amazonaws.com
REGION  ap-southeast-1       ec2.ap-southeast-1.amazonaws.com
..

For more information, see Specifying the Region to Use.

How do I launch an AMI in another Region?

For Amazon EC2 instance store-backed AMIs: Copy your AMI from its current bucket to a bucket located in the Region where you want to launch the AMI, and register the AMI. For example, to launch a US-based AMI in the EU Region, copy the AMI to an Amazon S3 bucket that was created with an EU location constraint. After the AMI is copied, you must register the AMI and use the obtained AMI ID for launches in the new Region.

Also, make sure to give read access to the bucket, image manifest, and image parts to ec2-bundled-images@amazon.com for Windows AMIs, and za-team@amazon.com for Linux AMIs.

What tools are available to help migrate my AMIs to a new Region?

The API Tools contain a new command called ec2-migrate-image. It is designed to help migrate AMIs to a new Region. Run ec2-migrate-image --help for more details. Also go to Amazon Elastic Compute Cloud Command Line Reference.

Can I use the same SSH key pair across Regions?

This question refers only to the key pair used for SSH connections to the instance. Don't confuse this with your AWS Account ID and other credentials, which are global and work in all Regions.

The SSH key pairs that you create with ec2-add-keypair, CreateKeyPair, or in the AWS Management Console work only in the Region where you create them. However, you can optionally create an RSA key pair with a third-party tool and upload the public key to AWS. That key pair works in all Regions. For more information, go to ec2-import-keypair in the Amazon Elastic Compute Cloud Command Line Reference or ImportKeyPair in the Amazon Elastic Compute Cloud API Reference.

How do I launch an Amazon EBS volume from a snapshot across Regions?

At this time, snapshots cannot be copied across Regions. However, data on Amazon EBS volumes can be copied across Regions out of band, For example, you can run an instance in the Region with the source volume, run an instance in the destination Region with a new volume attached, and use rsync or some other file copy mechanism to copy data.

If I make service calls to the ec2.amazonaws.com service endpoint, where will my instances launch?

They will launch in the original Amazon EC2 ec2.us-east-1.amazonaws.com Region.

Can instances use group-based firewall rules across Regions?

No. Group-based firewall rules only work within a Region. If you need instances to communicate with each other across Regions, you should use CIDR based firewall rules. To simplify IP address management, you can use firewall rules in combination with Elastic IP addresses.

	Note
	Because inter-Region traffic crosses the public Internet, encrypt all sensitive data.

How do I use the command line tools with multiple Regions?

By default, the command line tools use the original ec2.us-east-1.amazonaws.com endpoint (the us-east-1 Region). For information about changing the Region, see Specifying the Region to Use.

What is the cost for data transfer between Regions?

Data transferred from one Region to another is charged at both sides at the Internet data transfer rate.

Can I assume that my Availability Zone us-east-1a is the same location as someone else's Availability Zone us-east-1a?

No. Currently, we do not support cross-account proximity. Each account's Availability Zones are independent. For example, the us-east-1a Availability Zone for one account might be in a different location than for another account.

How can I make sure that I am in the same Availability Zone as another developer?

We do not currently support the ability to coordinate Availability Zones between AWS accounts. We are seeking customer feedback to understand the types of use cases for proximity control between accounts. We will use this feedback to determine how and when we might provide Availability Zone control between accounts.

Regional data transfer seems like such a small charge, why are you complicating my bill with this?

We anticipate that for most common use cases, Regional data transfer will only constitute a very small portion of your monthly usage charges. There are valid use cases that involve moving large amounts of data between Availability Zones. In these cases, the Regional data transfer can be a significant cost.

We try to enable as many use cases as possible while charging you only for what you use. Because of the large potential differences in the way developers could use Regional data transfer, we think it is appropriate to break this cost out rather than amortize it across other charges.

If I have two instances in different Availability Zones, how will I be charged for Regional data transfer?

Each instance is charged for its data in and data out. Therefore, if data is transferred between these two instances, it is charged out for the first instance and in for the second instance.

If I transfer data between Availability Zones using public IP addresses, will I be charged twice for Regional data transfer (once because it crosses Availability Zones, and once because I use public IP addresses)?

No. Regional data transfer rates apply if at least one of the following cases is true, but are only charged once for a given instance even if both are true:

Why are my Amazon EC2 resources not visible in the EU Region or other Region?

Amazon EC2 Regions are isolated from each other. Resources such as SSH key pairs from a CreateKeyPair call, security groups, and AMIs, are not replicated between Regions. For more information, see Appendix A: Resources.