Viewing the current cross-Region aggregation configuration

You can view the current cross-Region aggregation configuration from any Region. The configuration includes the aggregation Region, the linked Regions, and whether to automatically link new Regions.

Viewing the cross-Region aggregation configuration (console)

The Regions tab of the Settings page displays the current cross-Region aggregation configuration. You can view the configuration from any Region. Member accounts can also view the cross-Region configuration that the administrator account configured.

If cross-Region aggregation is not enabled, then the Regions tab displays the option to enable cross-Region aggregation. See Enabling cross-Region aggregation. Only administrator accounts and standalone accounts can enable cross-Region aggregation.

If cross-Region aggregation is enabled, then the Regions tab displays the following information:

• The aggregation Region

• Whether to automatically aggregate findings, insights, control statuses, and security scores from new Regions that Security Hub supports and that you opt into

• The list of linked Regions

Viewing the current cross-Region aggregation configuration (Security Hub API, AWS CLI)

You can use the Security Hub API or AWS CLI to view the current cross-Region aggregation configuration. You can view the cross-Region aggregation configuration from any Region.

To view the current cross-Region aggregation configuration (Security Hub API, AWS CLI)

• Security Hub API: Use the GetFindingAggregator API. When you make the request, you must provide the finding aggregator ARN. To obtain the finding aggregator ARN, use ListFindingAggregators.

• AWS CLI: At the command line, run the get-finding-aggregator command. To obtain the finding aggregator ARN, use list-finding-aggregators.

  aws securityhub get-finding-aggregator --finding-aggregator-arn <finding aggregator ARN>