Multi-Account Multi-Region Data Aggregation - AWS Config

Multi-Account Multi-Region Data Aggregation

An aggregator is an AWS Config resource type that collects AWS Config configuration and compliance data from the following:

  • Multiple accounts and multiple regions.

  • Single account and multiple regions.

  • An organization in AWS Organizations and all the accounts in that organization which have AWS Config enabled.

Use an aggregator to view the resource configuration and compliance data recorded in AWS Config.

            An aggregator collects AWS Config data from multiple accounts and regions.

For more information about concepts, see Multi-Account Multi-Region Data Aggregation section in the Concepts topic.

To collect your AWS Config data from source accounts and regions, start with:

  1. Adding an aggregator to aggregate AWS Config configuration and compliance data from multiple accounts and regions.

  2. Authorizing aggregator accounts to collect AWS Config configuration and compliance data.


    There are two types of aggregators: Individual accounts aggregator and Organization aggregator

    For the individual accounts aggregator, authorization is required for any included source account regions including external account regions or Organization member account regions.

    For the organization aggregator, authorization is not required for Organization member account regions since authorization is integrated with the Organizations service.

  3. Monitoring compliance data for rules and accounts in the aggregated view.

Region Support

Currently, multi-account multi-region data aggregation is supported in the following regions:

Region Name Region Endpoint Protocol
Africa (Cape Town) af-south-1 HTTPS
Middle East (Bahrain) me-south-1 HTTPS
Asia Pacific (Hong Kong) ap-east-1 HTTPS
Asia Pacific (Mumbai) ap-south-1 HTTPS
Asia Pacific (Seoul) ap-northeast-2 HTTPS
Asia Pacific (Singapore) ap-southeast-1 HTTPS
Asia Pacific (Sydney) ap-southeast-2 HTTPS
Asia Pacific (Tokyo) ap-northeast-1 HTTPS
AWS GovCloud (US-East) us-gov-east-1 HTTPS
AWS GovCloud (US-West) us-gov-west-1 HTTPS
Canada (Central) ca-central-1 HTTPS
Europe (Stockholm) eu-north-1 HTTPS
Europe (Frankfurt) eu-central-1 HTTPS
Europe (Ireland) eu-west-1 HTTPS
Europe (London) eu-west-2 HTTPS
Europe (Milan) eu-south-1 HTTPS
Europe (Paris) eu-west-3 HTTPS
South America (São Paulo) sa-east-1 HTTPS
US East (N. Virginia) us-east-1 HTTPS
US East (Ohio) us-east-2 HTTPS
US West (N. California) us-west-1 HTTPS
US West (Oregon) us-west-2 HTTPS

Learn More