Regional limits - AWS Security Hub

Regional limits

Some AWS Security Hub features are available in only certain AWS Regions. The following sections specify these Regional limits.

For a list of Regions in which Security Hub is available, see AWS Security Hub endpoints and quotas in the AWS General Reference.

Cross-Region aggregation restrictions

In AWS GovCloud (US), cross-Region aggregation is available for findings, finding updates, and insights across AWS GovCloud (US) only. Specifically, you can only aggregate findings, finding updates, and insights between AWS GovCloud (US-East) and AWS GovCloud (US-West).

In the China Regions, cross-Region aggregation is available for findings, finding updates, and insights across the China Regions only. Specifically, you can only aggregate findings, finding updates, and insights between China (Beijing) and China (Ningxia).

You can't use a Region that is disabled by default as your aggregation Region. For a list of Regions that are disabled by default, see Enabling a Region in the AWS General Reference.

Availability of integrations by Region

Some integrations are not available in all Regions. If an integration is not available in a specific Region, it is not listed on the Integrations page of the Security Hub console when you choose that Region.

Integrations that are supported in China (Beijing) and China (Ningxia)

The China (Beijing) and China (Ningxia) Regions only support the following integrations with AWS services:

  • AWS Firewall Manager

  • Amazon GuardDuty

  • IAM Access Analyzer

  • AWS IoT Device Defender

  • Systems Manager Explorer

  • Systems Manager OpsCenter

  • Systems Manager Patch Manager

The China (Beijing) and China (Ningxia) Regions only support the following third-party integrations:

  • Cloud Custodian

  • FireEye Helix

  • Helecloud

  • IBM QRadar

  • PagerDuty

  • Palo Alto Networks Cortex XSOAR

  • Palo Alto Networks VM-Series

  • Prowler

  • RSA Archer

  • Splunk Enterprise

  • Splunk Phantom

  • ThreatModeler

Integrations that are supported in AWS GovCloud (US-East) and AWS GovCloud (US-West)

The AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions only support the following integrations with AWS services:

  • AWS Config

  • Amazon Detective

  • AWS Firewall Manager

  • Amazon GuardDuty

  • AWS Health

  • IAM Access Analyzer

  • Amazon Inspector

  • AWS IoT Device Defender

The AWS GovCloud (US-East) and AWS GovCloud (US-West) Regions only support the following third-party integrations:

  • Atlassian Jira Service Management

  • Atlassian Jira Service Management Cloud

  • Atlassian OpsGenie

  • Caveonix Cloud

  • Cloud Custodian

  • Cloud Storage Security Antivirus for Amazon S3

  • CrowdStrike Falcon

  • FireEye Helix

  • Forcepoint CASB

  • Forcepoint DLP

  • Forcepoint NGFW

  • Fugue

  • Kion

  • MicroFocus ArcSight

  • NETSCOUT Cyber Investigator

  • PagerDuty

  • Palo Alto Networks – Prisma Cloud Compute

  • Palo Alto Networks – Prisma Cloud Enterprise

  • Palo Alto Networks – VM-Series (available only in AWS GovCloud (US-West))

  • Prowler

  • Rackspace Technology – Cloud Native Security

  • Rapid7 InsightConnect

  • RSA Archer

  • SecureCloudDb

  • ServiceNow ITSM

  • Slack

  • ThreatModeler

  • Vectra AI Cognito Detect

Availability of standards by Region

Service-Managed Standard: AWS Control Tower is only available in Regions that AWS Control Tower supports, including AWS GovCloud (US). For a list of Regions that AWS Control Tower supports, see How AWS Regions Work With AWS Control Tower in the AWS Control Tower User Guide.

Other security standards are available in all Regions that Security Hub is available in.

Availability of controls by Region

The following Regions don't support all of the Security Hub controls. This section lists the security controls that are unavailable in each Region.

Note

Security control IDs aren't supported in the AWS GovCloud (US) Region and China Regions. In these Regions, the control IDs and titles may differ and may reference specific standards. To find corollary control IDs and titles in these Regions, see the second and third columns of the table in How consolidation impacts control IDs and titles.

US East (Ohio)

The following controls are not supported in US East (Ohio).

US East (N. Virginia)

The following controls are not supported in US East (N. Virginia).

US West (N. California)

The following controls are not supported in US West (N. California).

US West (Oregon)

The following controls are not supported in US West (Oregon).

Africa (Cape Town)

The following controls are not supported in Africa (Cape Town).

Asia Pacific (Hong Kong)

The following controls are not supported in Asia Pacific (Hong Kong).

Asia Pacific (Hyderabad)

The following controls are not supported in Asia Pacific (Hyderabad).

Asia Pacific (Jakarta)

The following controls are not supported in Asia Pacific (Jakarta).

Asia Pacific (Mumbai)

The following controls are not supported in Asia Pacific (Mumbai).

Asia Pacific (Melbourne)

The following controls are not supported in Asia Pacific (Melbourne).

Asia Pacific (Osaka)

The following controls are not supported in Asia Pacific (Osaka).

Asia Pacific (Seoul)

The following controls are not supported in Asia Pacific (Seoul).

Asia Pacific (Singapore)

The following controls are not supported in Asia Pacific (Singapore).

Asia Pacific (Sydney)

The following controls are not supported in Asia Pacific (Sydney).

Asia Pacific (Tokyo)

The following controls are not supported in Asia Pacific (Tokyo).

Canada (Central)

The following controls are not supported in Canada (Central).

China (Beijing)

The following controls are not supported in China (Beijing).

China (Ningxia)

The following controls are not supported in China (Ningxia).

Europe (Frankfurt)

The following controls are not supported in Europe (Frankfurt).

Europe (Ireland)

The following controls are not supported in Europe (Ireland).

Europe (London)

The following controls are not supported in Europe (London).

Europe (Milan)

The following controls are not supported in Europe (Milan).

Europe (Paris)

The following controls are not supported in Europe (Paris).

Europe (Spain)

The following controls are not supported in Europe (Spain).

Europe (Stockholm)

The following controls are not supported in Europe (Stockholm).

Europe (Zurich)

The following controls are not supported in Europe (Zurich).

Israel (Tel Aviv)

The following controls are not supported in Israel (Tel Aviv).

Middle East (Bahrain)

The following controls are not supported in Middle East (Bahrain).

Middle East (UAE)

The following controls are not supported in Middle East (UAE).

South America (São Paulo)

The following controls are not supported in South America (São Paulo).

AWS GovCloud (US-East)

The following controls are not supported in AWS GovCloud (US-East).

AWS GovCloud (US-West)

The following controls are not supported in AWS GovCloud (US-West).