AWS Security Hub
AWS Security Hub provides you with a comprehensive view of your security state in AWS and helps you check your environment against security industry standards and best practices. Security Hub collects security data from across AWS accounts, services, and supported third-party partner products and helps you analyze your security trends and identify the highest priority security issues.
How Security Hub Differs for AWS GovCloud (US)
Product integrations
Not all integrations with AWS Services and third-party partners are available in the AWS GovCloud (US) Region.
For a list of the supported integrations in the AWS GovCloud (US) Region, see Integrations that are supported in AWS GovCloud (US-East) and AWS GovCloud (US-West).
Controls
Not all security controls are supported in the AWS GovCloud (US) Region. For details, see the following lists in the AWS Security Hub User Guide.
Cross-Region aggregation
Cross-Region aggregation is supported with limitations in AWS GovCloud (US). In AWS GovCloud (US), cross-Region aggregation is supported only for findings, finding updates, and insights across AWS GovCloud (US). Specifically, you can only aggregate findings, finding updates, and insights between AWS GovCloud (US-East) and AWS GovCloud (US-West).
Documentation for Security Hub
AWS Security Hub documentation.
Export-Controlled Content
For AWS Services architected within the AWS GovCloud (US) Regions, the following list explains how certain components of data may leave the AWS GovCloud (US) Regions in the normal course of the service offerings. The list can be used as a guide to help meet applicable customer compliance obligations. Data not included in the following list remains within the AWS GovCloud (US) Regions.
-
This service can generate metadata from customer-defined configurations. AWS suggests customers do not enter export-controlled information in console fields, descriptions, resource names, and tagging information.
