Viewing cross-Region aggregation settings
You can view the current cross-Region aggregation configuration from any Region. The configuration includes the aggregation Region, the linked Regions, and whether to automatically link new Regions.
Viewing the cross-Region aggregation configuration (console)
The Regions tab of the Settings page displays the current cross-Region aggregation configuration. You can view the configuration from any Region. Member accounts can also view the cross-Region configuration that the administrator account configured.
If cross-Region aggregation is not enabled, then the Regions tab displays the option to enable cross-Region aggregation. See Enabling cross-Region aggregation. Only administrator accounts and standalone accounts can enable cross-Region aggregation.
If cross-Region aggregation is enabled, then the Regions tab displays the following information:
-
The aggregation Region
-
Whether to automatically aggregate findings, insights, control statuses, and security scores from new Regions that Security Hub supports and that you opt into
-
The list of linked Regions
Viewing the current cross-Region aggregation configuration (Security Hub API, Amazon CLI)
You can use the Security Hub API or Amazon CLI to view the current cross-Region aggregation configuration. You can view the cross-Region aggregation configuration from any Region.
To view the current cross-Region aggregation configuration (Security Hub API, Amazon CLI)
-
Security Hub API: Use the
GetFindingAggregatorAPI. When you make the request, you must provide the finding aggregator ARN. To obtain the finding aggregator ARN, useListFindingAggregators. -
Amazon CLI: At the command line, run the
get-finding-aggregatorcommand. To obtain the finding aggregator ARN, uselist-finding-aggregators.aws securityhub get-finding-aggregator --finding-aggregator-arn<finding aggregator ARN>