Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account

Viewing cross-Region aggregation settings

PDF
RSS
Focus mode
Viewing cross-Region aggregation settings - AWS Security Hub
Note

The aggregation Region is now called the home Region. Some Security Hub API operations still use the older term aggregation Region.

You can view the current cross-Region aggregation configuration in AWS Security Hub from any AWS Region. The configuration includes the home Region, the linked Regions (if any), and whether to automatically link new Regions as Security Hub supports them.

Member accounts can view the cross-Region aggregation settings that the administrator account configured.

Choose your preferred method, and follow the steps to view your current cross-Region aggregation settings.

Security Hub console
To view cross-Region aggregation settings (console)

  1. Open the AWS Security Hub console at https://console.aws.amazon.com/securityhub/.

  2. On the navigation pane, choose Settings and then the Regions tab.

If cross-Region aggregation is not enabled, then the Regions tab displays the option to enable cross-Region aggregation. Only administrator accounts and standalone accounts can enable cross-Region aggregation.

If cross-Region aggregation is enabled, then the Regions tab displays the following information:

  • The home Region

  • Whether to automatically aggregate findings, insights, control statuses, and security scores from new Regions that Security Hub supports and that you opt into

  • The list of linked Regions (if any are selected)

Security Hub API

To view cross-Region aggregation settings (Security Hub API)

Use the GetFindingAggregator operation of the Security Hub API. If you use the AWS CLI, run the get-finding-aggregator command.

When you make the request, provide the finding aggregator ARN. To obtain the finding aggregator ARN, use the ListFindingAggregators operation or list-finding-aggregators command.

The following example shows the cross-Region aggregation settings for the specified finding aggregator ARN. This example is formatted for Linux, macOS, or Unix, and it uses the backslash (\) line-continuation character to improve readability

$aws securityhub get-finding-aggregator --finding-aggregator-arn arn:aws:securityhub:us-east-1:222222222222:finding-aggregator/123e4567-e89b-12d3-a456-426652340000
anchoranchor
To view cross-Region aggregation settings (console)

  1. Open the AWS Security Hub console at https://console.aws.amazon.com/securityhub/.

  2. On the navigation pane, choose Settings and then the Regions tab.

If cross-Region aggregation is not enabled, then the Regions tab displays the option to enable cross-Region aggregation. Only administrator accounts and standalone accounts can enable cross-Region aggregation.

If cross-Region aggregation is enabled, then the Regions tab displays the following information:

  • The home Region

  • Whether to automatically aggregate findings, insights, control statuses, and security scores from new Regions that Security Hub supports and that you opt into

  • The list of linked Regions (if any are selected)

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.