Security and Compliance Share Share via LinkedIn Reddit Email Copy Link Print On This Page Compliance AI features are only available for Cloud customers at this time. Self-managed customers don't have access to these features. Appian Cloud PCI-DSS customers: Review the feature's compliance to ensure it aligns with your organization's security requirements. Note: AI Skills are not highly available at this time, however, they can still be used in a high availability environment. AI Skills won't impact other HA features in your environment. See High Availability for Appian Cloud for more information. Regional availability Appian offers a range of AI capabilities with availability varying based on geographical location. The following sections outline which regions are supported. AI Skills regional availability AI Copilot regional availability If your Appian environment isn't in a supported region, you can elect to send your data to a supported region. This doesn't change your environment's region. Contact Appian Support to learn more. Refer to the multi-region architecture diagram to learn more about how data is transmitted in this configuration. Caution: Changing your Appian environment's region will make any of these AI skills that exist no longer available in your environment. Multi-region environments and migration between regions are not supported. However, if Enhanced Business Continuity is enabled for your environment and a failover occurs, AI skill data will be present when you return to your primary region. AI skill data isn't lost permanently in this case. AI Skills regional availability Tip: Unless listed below, AI skills are available in all regions. The following AI skills are available in select regions: Region Name Region Document Classification Document Extraction Prompt Builder and generative AI skills Africa (Cape Town) af-south-1 Not Supported Not Supported Not Supported Asia Pacific (Tokyo) ap-northeast-1 Not Supported Not Supported Supported Asia Pacific (Seoul) ap-northeast-2 Supported Supported Not Supported Asia Pacific (Mumbai) ap-south-1 Supported Supported Supported Asia Pacific (Singapore) ap-southeast-1 Supported Supported Supported Asia Pacific (Sydney) ap-southeast-2 Supported Supported Supported Asia Pacific (Jakarta) ap-southeast-3 Not Supported Not Supported Not Supported Canada (Central) ca-central-1 Supported Supported Supported Europe (Frankfurt) eu-central-1 Supported Supported Supported Europe (Zurich) eu-central-2 Not Supported Not Supported Not Supported Europe (Stockholm) eu-north-1 Not Supported Not Supported Not Supported Europe (Milan) eu-south-1 Not Supported Not Supported Not Supported Europe (Ireland) eu-west-1 Supported Supported Supported Europe (London) eu-west-2 Supported Supported Supported Europe (Paris) eu-west-3 Supported Supported Supported Middle East (UAE) me-central-1 Not Supported Not Supported Not Supported Middle East (Bahrain) me-south-1 Not Supported Not Supported Not Supported South America (Sao Paulo) sa-east-1 Not Supported Not Supported Supported GovCloud (US-East) us-gov-east-1 Supported Supported Supported GovCloud (US-West) us-gov-west-1 Supported Supported Supported US East (N. Virginia) us-east-1 Supported Supported Supported US East (Ohio) us-east-2 Supported Supported Not Supported US West (N. California) us-west-1 Supported Supported Not Supported US West (Oregon) us-west-2 Supported Supported Supported AI Copilot regional availability The following AI Copilot features are available in select regions: Feature Supported regions AI Copilot for data fabric Asia Pacific (Mumbai) ap-south-1* Asia Pacific (Sydney) ap-southeast-2 Canada (Central) ca-central-1* Europe (Frankfurt) eu-central-1 Europe (Ireland) eu-west-1* Europe (London) eu-west-2* Europe (Paris) eu-west-3 GovCloud (US-East) us-gov-east-1 GovCloud (US-West) us-gov-west-1 South America (Sao Paulo) sa-east-1* US East (N. Virginia) us-east-1 US West (Oregon) us-west-2 AI Copilot for reports Europe (Frankfurt) eu-central-1 GovCloud (US-East) us-gov-east-1 GovCloud (US-West) us-gov-west-1 US East (N. Virginia) us-east-1 US West (Oregon) us-west-2 Process Insights Suggested views Asia Pacific (Mumbai) ap-south-1* Asia Pacific (Sydney) ap-southeast-2 Canada (Central) ca-central-1* Europe (Frankfurt) eu-central-1 Europe (London) eu-west-2* Europe (Paris) eu-west-3 GovCloud (US-East) us-gov-east-1 GovCloud (US-West) us-gov-west-1 South America (Sao Paulo) sa-east-1* US East (N. Virginia) us-east-1 US West (Oregon) us-west-2 Create sample data for record types Europe (Frankfurt) eu-central-1 GovCloud (US-East) us-gov-east-1 GovCloud (US-West) us-gov-west-1 US East (N. Virginia) us-east-1 US West (Oregon) us-west-2 Enterprise Copilot Asia Pacific (Mumbai) ap-south-1 Asia Pacific (Singapore) ap-southeast-1 Asia Pacific (Sydney) ap-southeast-2 Asia Pacific (Tokyo) ap-northeast-1 Canada (Central) ca-central-1 Europe (Frankfurt) eu-central-1 Europe (Ireland) eu-west-1 Europe (London) eu-west-2 Europe (Paris) eu-west-3 South America (Sao Paulo) sa-east-1 US East (N. Virginia) us-east-1 US West (Oregon) us-west-2 Generate test cases for expression rules Asia Pacific (Sydney) ap-southeast-2 Europe (Frankfurt) eu-central-1 Europe (Paris) eu-west-3 GovCloud (US-East) us-gov-east-1 GovCloud (US-West) us-gov-west-1 US East (N. Virginia) us-east-1 US West (Oregon) us-west-2 Records chat component Europe (Frankfurt) eu-central-1 GovCloud (US-East) us-gov-east-1 GovCloud (US-West) us-gov-west-1 US East (N. Virginia) us-east-1 US West (Oregon) us-west-2 * Sites in these regions have a lower token limit (28K tokens as opposed to 100K tokens) when using AI Copilot. Users can work with up to 30 record types, and may also need to start a new session more frequently. Tip: We are continuously working to expand support across all regions. While the some regions do not currently support AI Copilot features, we are committed to extending our capabilities and look forward to bringing these innovative tools to these regions in the future. Stay tuned for updates as we enhance our global support to better serve you! Add AI skill endpoints to your network allowlist To ensure the AI skill is available in your environment, locate your environment's region in the table below and add the corresponding endpoints to your network allow list. Add the endpoints that corresponds to your site's region, even if you send AI skill data to a different supported region. For PCI-compliant sites, use the endpoints that include -strict in the string. Designer endpoints support proper rendering of the user interface. S3 endpoints enable storage for the model and related data. AI skills may not be available in all regions. Region Name Designer Endpoint S3 Endpoint Africa (Cape Town) https://ai-skill-designer-af-south-1.appiancloud.com https://appian-custom-ai-customer-af-south-1-customer-bucket.s3.af-south-1.amazonaws.com Asia Pacific (Tokyo) https://ai-skill-designer-ap-northeast-1.appiancloud.com https://appian-custom-ai-customer-ap-northeast-1-customer-bucket.s3.ap-northeast-1.amazonaws.com Asia Pacific (Seoul) https://ai-skill-designer-ap-northeast-2.appiancloud.com https://appian-custom-ai-customer-ap-northeast-2-customer-bucket.s3.ap-northeast-2.amazonaws.com Asia Pacific (Mumbai) https://ai-skill-designer-ap-south-1.appiancloud.com https://appian-custom-ai-customer-ap-south-1-customer-bucket.s3.ap-south-1.amazonaws.com Asia Pacific (Singapore) https://ai-skill-designer-ap-southeast-1.appiancloud.com https://appian-custom-ai-customer-ap-southeast-1-customer-bucket.s3.ap-southeast-1.amazonaws.com Asia Pacific (Sydney) https://ai-skill-designer-ap-southeast-2.appiancloud.com https://appian-custom-ai-customer-ap-southeast-2-customer-bucket.s3.ap-southeast-2.amazonaws.com Asia Pacific (Jakarta) https://ai-skill-designer-ap-southeast-3.appiancloud.com https://appian-custom-ai-customer-ap-southeast-3-customer-bucket.s3.ap-southeast-3.amazonaws.com Canada (Central) https://ai-skill-designer-ca-central-1.appiancloud.com https://appian-custom-ai-customer-ca-central-1-customer-bucket.s3.ca-central-1.amazonaws.com Europe (Frankfurt) https://ai-skill-designer-eu-central-1.appiancloud.com https://appian-custom-ai-customer-eu-central-1-customer-bucket.s3.eu-central-1.amazonaws.com Europe (Zurich) https://ai-skill-designer-eu-central-2.appiancloud.com https://appian-custom-ai-customer-eu-central-2-customer-bucket.s3.eu-central-2.amazonaws.com Europe (Stockholm) https://ai-skill-designer-eu-north-1.appiancloud.com https://appian-custom-ai-customer-eu-north-1-customer-bucket.s3.eu-north-1.amazonaws.com Europe (Milan) https://ai-skill-designer-eu-south-1.appiancloud.com https://appian-custom-ai-customer-eu-south-1-customer-bucket.s3.eu-south-1.amazonaws.com Europe (Ireland) https://ai-skill-designer-eu-west-1.appiancloud.com https://appian-custom-ai-customer-eu-west-1-customer-bucket.s3.eu-west-1.amazonaws.com Europe (London) https://ai-skill-designer-eu-west-2.appiancloud.com https://appian-custom-ai-customer-eu-west-2-customer-bucket.s3.eu-west-2.amazonaws.com Europe (Paris) https://ai-skill-designer-eu-west-3.appiancloud.com https://appian-custom-ai-customer-eu-west-3-customer-bucket.s3.eu-west-3.amazonaws.com Middle East (UAE) https://ai-skill-designer-me-central-1.appiancloud.com https://appian-custom-ai-customer-me-central-1-customer-bucket.s3.me-central-1.amazonaws.com Middle East (Bahrain) https://ai-skill-designer-me-south-1.appiancloud.com https://appian-custom-ai-customer-me-south-1-customer-bucket.s3.me-south-1.amazonaws.com South America (São Paulo) https://ai-skill-designer-sa-east-1.appiancloud.com https://appian-custom-ai-customer-sa-east-1-customer-bucket.s3.sa-east-1.amazonaws.com GovCloud (US-East) https://ai-skill-designer-us-gov-east-1.appiancloud.com https://cai-gov-customer-us-gov-east-1-customer-bucket.s3-fips.us-gov-east-1.amazonaws.com US East (N. Virginia) standard site: https://ai-skill-designer-us-east-1.appiancloud.com PCI-compliant site: https://ai-skill-designer-strict-us-east-1.appiancloud.com https://appian-custom-ai-customer-us-east-1-customer-bucket.s3.us-east-1.amazonaws.com US East (Ohio) https://ai-skill-designer-us-east-2.appiancloud.com https://appian-custom-ai-customer-us-east-2-customer-bucket.s3.us-east-2.amazonaws.com US West (N. California) https://ai-skill-designer-us-west-1.appiancloud.com https://appian-custom-ai-customer-us-west-1-customer-bucket.s3.us-west-1.amazonaws.com US West (Oregon) https://ai-skill-designer-us-west-2.appiancloud.com https://appian-custom-ai-customer-us-west-2-customer-bucket.s3.us-west-2.amazonaws.com Note that these endpoints are only used for publicly accessible environments. They do not apply to environments accessed over VPN, PrivateLink, or Dual Access. AI service architecture This section applies to AI Skills and AI Copilot features except generate an interface from PDF. Our AI architecture is designed with private AI as the foundation and upholds those principles. Learn more about private AI features. Single region architecture Appian's AI architecture utilizes a single AWS region to provide a secure and scalable AI as a service solution. These capabilities are in-line with the architecture of Appian Cloud deployments, which also use AWS as the provider. Multi-region architecture If a customer site is not located in a region that supports a feature, customers can elect to send their data to a supported region. Note: The email classification AI skill uses neither of these services (Amazon Bedrock or Amazon Textract). Foundational principles Foundational principles of our AI architecture apply to single- and multi-region implementations. Multi-tenant AI service: Appian's multi-tenant AI service is shared among multiple customers in a given region and has multiple layers of control to restrict data access to respective customer sites. The service has site-level controls to restrict data access and encryption/decryption permissions, whether that distinction is a separate customer site or a separate site within a single customer's environment. This shared service approach allows for economies of scale. Data transit and retention: All of your data stays within the Appian Cloud environment. All data in-transit is encrypted using TLS. Communication between Appian and the AI service uses asymmetric signing where each customer site has a unique key used to verify its identity. Communication between the AI service, Amazon Bedrock, and Amazon Textract uses AWS Signature V4 authentication to verify the identity of the requesting service. Bedrock and Textract are stateless, so no information is retained. Learn more about Amazon Bedrock and Amazon Textract. Document classification and extraction The document classification and document extraction AI skills use Amazon Textract to recognize the content within the documents. When the ML model is called during training, testing, or process execution, the associated documents are uploaded to an S3 bucket. The documents are kept in the same region as the customer site. Additionally, the bucket is: Encrypted using keys specific to each customer site Segmented for each customer site Not accessible by application developers or users Note: If the documents to be classified or extracted contain protected data, then this protected data would be required in order to leverage extraction and classification features. Customers can use other mechanisms to redact protected data that is considered as proprietary, sensitive, or confidential, and data containing PII/PHI in accordance with their organization's policies prior to using these AI skills. All data used for a model both at training and execution is retained until the AI skill is deleted. The model package is deleted when the AI skill object is deleted. When a user submits a reconciliation task after document extraction, the updated key-value pair mappings are entirely stored within the application on the customer's site. Learn how document extraction works in Appian. Records chat Users can only chat with records they have access to. Record-level security is the responsibility of the customer to develop and maintain. No records data is retained in either the AI service or Bedrock due to their stateless nature. Feedback Was this page helpful? SHARE FEEDBACK Loading...
