Two different AWS regions don't count when used for security
Two different AWS regions may count as "offsite" for disaster recovery purposes, but it doesn't work for cloud security: both regions visible and accessible on the management console. That's an excellent point. Amazon probably doesn't want an Emergency Off Button; it doesn't really take responsibility for the operation of a customer workload. But, if left optional to the customer, it's a good idea and could be imposed as an automated service.