Starting today, AWS Security Token Service supports AWS PrivateLink in US East (Virginia), US East (Ohio), EU (Ireland), and Asia Pacific (Tokyo) regions, enabling you to route data between your Amazon Virtual Private Cloud (VPC) and Security Token Service entirely within the AWS network. 

from Recent Announcements https://aws.amazon.com/about-aws/whats-new/2019/06/aws-security-token-supports-privatelink-in-us-eu-asia-pacific/