ğ‡ğ¨ğ° ğğ¨ ğ°ğ ğ¢ğ¦ğ©ğ¥ğğ¦ğğ§ğ ğ‚ğ«ğ¨ğ¬ğ¬-ğ‘ğğ ğ¢ğ¨ğ§ ğˆğ§ğŸğğ«ğğ§ğœğ (ğ‚ğ‘ğˆğ’) ğ°ğ¡ğ¢ğ¥ğ ğœğ¨ğ¦ğ©ğ¥ğ²ğ¢ğ§ğ ğ°ğ¢ğğ¡ ğğšğğš ğ©ğ«ğ¨ğğğœğğ¢ğ¨ğ§ ğ¥ğšğ°ğ¬?
Before I answer that question, let me quickly explain how CRIS works and why customers use it.
When you use Bedrock's CRIS, you call a model from a source region (e.g., eu-central-1 aka Frankfurt). Bedrock then routes that request to an optimal destination region - often within the same geography (EU, US, APAC) - based on real-time capacity. Your request travels from source to destination, gets processed, and the result comes back to you. This approach gives you 2x default throughput, resilience against outages, and better availability during traffic spikes.
Here's where the concern kicks in: Many customers hear "your request goes to another region" and immediately think "our data gets distributed across multiple locations." That's ğğ¡ğ ğ¦ğ¢ğ¬ğœğ¨ğ§ğœğğ©ğğ¢ğ¨ğ§ that leads to the compliance question. Let me be direct about what actually happens:
Your prompts and outputs are processed in the destination region, yes. But ğğ¡ğğ²'ğ«ğ ğ§ğ¨ğ ğ¬ğğ¨ğ«ğğ ğğ¡ğğ«ğ. They exist in memory only during processing. The moment processing completes, they're gone from that region. Meanwhile, all logs (CloudTrail, Model Invocation Logs, etc.) are persisted only in your source region. Your audit trail stays home. The transit between regions is encrypted across AWS's backbone network.
Suppose you call an EU inference profile in Frankfurt. Bedrock might route it to Paris for processing with single to double-digit milliseconds of network overhead. Negligible compared to LLM processing measured in seconds. That request gets processed in Paris, but ğ§ğ¨ğğ¡ğ¢ğ§ğ ğ©ğğ«ğ¬ğ¢ğ¬ğğ¬ ğğ¡ğğ«ğ. All logs including CloudTrail logs show the request originated from Frankfurt. Your Model Invocation Logs (if enabled) are captured in Frankfurt only. The data story is: processed elsewhere, but ğ¬ğğ¨ğ«ğğ ğ¨ğ§ğ¥ğ² ğšğ ğ¡ğ¨ğ¦ğ.
One more compliance detail: ğ ğğ¨-ğğ¢ğğ ğ‚ğ‘ğˆğ’ ğ©ğ«ğ¨ğŸğ¢ğ¥ğğ¬ are immutable. AWS won't add new regions to the profile next year. The destination region set is fixed, you can document exactly which regions handle your data, and that answer never changes.
How does this get implemented? In a nutshell all you do is ğ«ğğ©ğ¥ğšğœğ ğ²ğ¨ğ®ğ« ğ¦ğ¨ğğğ¥ ğˆğƒğ¬ ğ°ğ¢ğğ¡ ğğ¡ğ ğ¢ğ§ğŸğğ«ğğ§ğœğ ğ©ğ«ğ¨ğŸğ¢ğ¥ğ ğˆğƒ in your code. To implement compliance checks in your AWS landing zone, there is an awesome post by my colleague Arlind Nocaj that gives a detailed walk-through how to adapt your security policies. And if you are a Swiss customer, there is a great blog post by Christoph Schnidrig, Margo Cronin and Valentin Fluor that details out the compliance & security details for Swiss customers. For Swiss and EU organizations, the compliance frameworks are established. Switzerland recognizes EU jurisdictions as having adequate data protection.
Sources in the comments.
