diff --git a/resources/fetchers/iam_fetcher.go b/resources/fetchers/iam_fetcher.go
index e851314584..a2bd952b6c 100644
--- a/resources/fetchers/iam_fetcher.go
+++ b/resources/fetchers/iam_fetcher.go
@@ -108,6 +108,7 @@ func (r IAMResource) GetMetadata() (fetching.ResourceMetadata, error) {
 		Type:    fetching.CloudIdentity,
 		SubType: r.GetResourceType(),
 		Name:    r.GetResourceName(),
+		Region:  r.GetRegion(),
 	}, nil
 }
 func (r IAMResource) GetElasticCommonData() any { return nil }
diff --git a/resources/fetchers/kms_fetcher.go b/resources/fetchers/kms_fetcher.go
index d54cf216a2..986c82000f 100644
--- a/resources/fetchers/kms_fetcher.go
+++ b/resources/fetchers/kms_fetcher.go
@@ -74,6 +74,7 @@ func (r KmsResource) GetMetadata() (fetching.ResourceMetadata, error) {
 		Type:    fetching.KeyManagement,
 		SubType: r.key.GetResourceType(),
 		Name:    r.key.GetResourceName(),
+		Region:  r.key.GetRegion(),
 	}, nil
 }
 
diff --git a/resources/fetchers/logging_fetcher.go b/resources/fetchers/logging_fetcher.go
index 5f8c6c77b0..770355b9db 100644
--- a/resources/fetchers/logging_fetcher.go
+++ b/resources/fetchers/logging_fetcher.go
@@ -89,6 +89,7 @@ func (r LoggingResource) GetMetadata() (fetching.ResourceMetadata, error) {
 		Type:    fetching.CloudAudit,
 		SubType: r.GetResourceType(),
 		Name:    r.GetResourceName(),
+		Region:  r.GetRegion(),
 	}, nil
 }
 func (r LoggingResource) GetElasticCommonData() any { return nil }
diff --git a/resources/fetchers/monitoring_fetcher.go b/resources/fetchers/monitoring_fetcher.go
index 1d73674fc5..5721cd9469 100644
--- a/resources/fetchers/monitoring_fetcher.go
+++ b/resources/fetchers/monitoring_fetcher.go
@@ -94,6 +94,7 @@ func (r MonitoringResource) GetMetadata() (fetching.ResourceMetadata, error) {
 		Type:    fetching.MonitoringIdentity,
 		SubType: fetching.MultiTrailsType,
 		Name:    id,
+		Region:  awslib.GlobalRegion,
 	}, nil
 }
 func (r MonitoringResource) GetElasticCommonData() any { return nil }
@@ -108,6 +109,7 @@ func (s SecurityHubResource) GetMetadata() (fetching.ResourceMetadata, error) {
 		Name:    s.GetResourceName(),
 		Type:    fetching.MonitoringIdentity,
 		SubType: fetching.SecurityHubType,
+		Region:  s.GetRegion(),
 	}, nil
 }
 
diff --git a/resources/fetchers/monitoring_fetcher_test.go b/resources/fetchers/monitoring_fetcher_test.go
index 1984611593..3794d1adc3 100644
--- a/resources/fetchers/monitoring_fetcher_test.go
+++ b/resources/fetchers/monitoring_fetcher_test.go
@@ -160,6 +160,7 @@ func TestMonitoringResource_GetMetadata(t *testing.T) {
 				Name:    "cloudtrail-aws-account-id",
 				Type:    fetching.MonitoringIdentity,
 				SubType: fetching.MultiTrailsType,
+				Region:  awslib.GlobalRegion,
 			},
 		},
 		{
@@ -178,6 +179,7 @@ func TestMonitoringResource_GetMetadata(t *testing.T) {
 				Name:    "cloudtrail-aws-account-id",
 				Type:    fetching.MonitoringIdentity,
 				SubType: fetching.MultiTrailsType,
+				Region:  awslib.GlobalRegion,
 			},
 		},
 	}
@@ -227,6 +229,7 @@ func TestSecurityHubResource_GetMetadata(t *testing.T) {
 				Name:    "securityhub-us-east-1-" + accountId,
 				Type:    fetching.MonitoringIdentity,
 				SubType: fetching.SecurityHubType,
+				Region:  "us-east-1",
 			},
 		},
 		{
@@ -243,6 +246,7 @@ func TestSecurityHubResource_GetMetadata(t *testing.T) {
 				Name:    "securityhub-us-east-2-" + accountId,
 				Type:    fetching.MonitoringIdentity,
 				SubType: fetching.SecurityHubType,
+				Region:  "us-east-2",
 			},
 		},
 	}
diff --git a/resources/fetchers/network_fetcher.go b/resources/fetchers/network_fetcher.go
index 1b9e3054d9..77c1ee7440 100644
--- a/resources/fetchers/network_fetcher.go
+++ b/resources/fetchers/network_fetcher.go
@@ -77,6 +77,7 @@ func (r NetworkResource) GetMetadata() (fetching.ResourceMetadata, error) {
 		Type:    fetching.EC2Identity,
 		SubType: r.GetResourceType(),
 		Name:    r.GetResourceName(),
+		Region:  r.GetRegion(),
 	}, nil
 }
 
diff --git a/resources/fetchers/rds_fetcher.go b/resources/fetchers/rds_fetcher.go
index d1653cf547..20fbcb65b9 100644
--- a/resources/fetchers/rds_fetcher.go
+++ b/resources/fetchers/rds_fetcher.go
@@ -72,6 +72,7 @@ func (r RdsResource) GetMetadata() (fetching.ResourceMetadata, error) {
 		Type:    fetching.CloudDatabase,
 		SubType: r.dbInstance.GetResourceType(),
 		Name:    r.dbInstance.GetResourceName(),
+		Region:  r.dbInstance.GetRegion(),
 	}, nil
 }
 
diff --git a/resources/fetchers/s3_fetcher.go b/resources/fetchers/s3_fetcher.go
index 7479455b4a..36827745f7 100644
--- a/resources/fetchers/s3_fetcher.go
+++ b/resources/fetchers/s3_fetcher.go
@@ -72,6 +72,7 @@ func (r S3Resource) GetMetadata() (fetching.ResourceMetadata, error) {
 		Type:    fetching.CloudStorage,
 		SubType: r.bucket.GetResourceType(),
 		Name:    r.bucket.GetResourceName(),
+		Region:  r.bucket.GetRegion(),
 	}, nil
 }
 
diff --git a/resources/providers/aws_cis/logging/provider.go b/resources/providers/aws_cis/logging/provider.go
index f973ef5770..81ff5fc61a 100644
--- a/resources/providers/aws_cis/logging/provider.go
+++ b/resources/providers/aws_cis/logging/provider.go
@@ -94,3 +94,10 @@ func (e EnrichedTrail) GetResourceName() string {
 func (e EnrichedTrail) GetResourceType() string {
 	return fetching.TrailType
 }
+
+func (e EnrichedTrail) GetRegion() string {
+	if e.Trail.HomeRegion == nil {
+		return ""
+	}
+	return *e.Trail.HomeRegion
+}
diff --git a/resources/providers/awslib/aws.go b/resources/providers/awslib/aws.go
index f69c349d8a..19170997f9 100644
--- a/resources/providers/awslib/aws.go
+++ b/resources/providers/awslib/aws.go
@@ -23,7 +23,10 @@ import (
 	awssdk "github.com/aws/aws-sdk-go-v2/aws"
 )
 
-const DefaultRegion = "us-east-1"
+const (
+	DefaultRegion = "us-east-1"
+	GlobalRegion  = "global"
+)
 
 var ErrClientNotFound = errors.New("aws client not found")
 
@@ -35,6 +38,7 @@ type AwsResource interface {
 	GetResourceArn() string
 	GetResourceName() string
 	GetResourceType() string
+	GetRegion() string
 }
 
 func GetClient[T any](region *string, list map[string]T) (T, error) {
diff --git a/resources/providers/awslib/configservice/configservice.go b/resources/providers/awslib/configservice/configservice.go
index dc76f07aa0..37cf77d1a9 100644
--- a/resources/providers/awslib/configservice/configservice.go
+++ b/resources/providers/awslib/configservice/configservice.go
@@ -80,3 +80,7 @@ func (c Config) GetResourceName() string {
 func (c Config) GetResourceType() string {
 	return fetching.ConfigServiceResourceType
 }
+
+func (c Config) GetRegion() string {
+	return c.region
+}
diff --git a/resources/providers/awslib/ec2/ebs_encryption.go b/resources/providers/awslib/ec2/ebs_encryption.go
index bf879692a0..45bd02129c 100644
--- a/resources/providers/awslib/ec2/ebs_encryption.go
+++ b/resources/providers/awslib/ec2/ebs_encryption.go
@@ -40,3 +40,7 @@ func (e EBSEncryption) GetResourceName() string {
 func (e EBSEncryption) GetResourceType() string {
 	return fetching.EBSType
 }
+
+func (e EBSEncryption) GetRegion() string {
+	return e.region
+}
diff --git a/resources/providers/awslib/ec2/nacl.go b/resources/providers/awslib/ec2/nacl.go
index 36c7e95da5..b59af02b79 100644
--- a/resources/providers/awslib/ec2/nacl.go
+++ b/resources/providers/awslib/ec2/nacl.go
@@ -48,3 +48,7 @@ func (r NACLInfo) GetResourceName() string {
 func (r NACLInfo) GetResourceType() string {
 	return fetching.NetworkNACLType
 }
+
+func (r NACLInfo) GetRegion() string {
+	return r.region
+}
diff --git a/resources/providers/awslib/ec2/security_group.go b/resources/providers/awslib/ec2/security_group.go
index e5e899810d..7428878ba9 100644
--- a/resources/providers/awslib/ec2/security_group.go
+++ b/resources/providers/awslib/ec2/security_group.go
@@ -47,3 +47,7 @@ func (s SecurityGroup) GetResourceName() string {
 func (s SecurityGroup) GetResourceType() string {
 	return fetching.SecurityGroupType
 }
+
+func (s SecurityGroup) GetRegion() string {
+	return s.region
+}
diff --git a/resources/providers/awslib/ec2/vpc.go b/resources/providers/awslib/ec2/vpc.go
index d8c286c1e8..641aaf9aed 100644
--- a/resources/providers/awslib/ec2/vpc.go
+++ b/resources/providers/awslib/ec2/vpc.go
@@ -48,3 +48,7 @@ func (v VpcInfo) GetResourceName() string {
 func (v VpcInfo) GetResourceType() string {
 	return fetching.VpcType
 }
+
+func (v VpcInfo) GetRegion() string {
+	return v.region
+}
diff --git a/resources/providers/awslib/iam/password_policy.go b/resources/providers/awslib/iam/password_policy.go
index 6fb8618061..81be5caf39 100644
--- a/resources/providers/awslib/iam/password_policy.go
+++ b/resources/providers/awslib/iam/password_policy.go
@@ -70,3 +70,7 @@ func (p PasswordPolicy) GetResourceName() string {
 func (p PasswordPolicy) GetResourceType() string {
 	return fetching.PwdPolicyType
 }
+
+func (p PasswordPolicy) GetRegion() string {
+	return awslib.GlobalRegion
+}
diff --git a/resources/providers/awslib/iam/policy.go b/resources/providers/awslib/iam/policy.go
index 7ecaf30b0f..2dca723c36 100644
--- a/resources/providers/awslib/iam/policy.go
+++ b/resources/providers/awslib/iam/policy.go
@@ -136,6 +136,10 @@ func (p Policy) GetResourceType() string {
 	return fetching.PolicyType
 }
 
+func (p Policy) GetRegion() string {
+	return awslib.GlobalRegion
+}
+
 func stringOrEmpty(s *string) string {
 	if s == nil {
 		return ""
diff --git a/resources/providers/awslib/iam/user.go b/resources/providers/awslib/iam/user.go
index cac75ba23f..2f8108ce59 100644
--- a/resources/providers/awslib/iam/user.go
+++ b/resources/providers/awslib/iam/user.go
@@ -125,6 +125,10 @@ func (u User) GetResourceType() string {
 	return fetching.IAMUserType
 }
 
+func (u User) GetRegion() string {
+	return awslib.GlobalRegion
+}
+
 func (p Provider) listUsers(ctx context.Context) ([]types.User, error) {
 	p.log.Debug("IAMProvider.getUsers")
 	var nativeUsers []types.User
diff --git a/resources/providers/awslib/kms/kms.go b/resources/providers/awslib/kms/kms.go
index fa502fe4e0..a9e79d49d4 100644
--- a/resources/providers/awslib/kms/kms.go
+++ b/resources/providers/awslib/kms/kms.go
@@ -30,6 +30,7 @@ import (
 type KmsInfo struct {
 	KeyMetadata        types.KeyMetadata `json:"key_metadata"`
 	KeyRotationEnabled bool              `json:"key_rotation_enabled"`
+	region             string
 }
 
 type KMS interface {
diff --git a/resources/providers/awslib/kms/provider.go b/resources/providers/awslib/kms/provider.go
index 687ddf7273..2b9c223f4b 100644
--- a/resources/providers/awslib/kms/provider.go
+++ b/resources/providers/awslib/kms/provider.go
@@ -81,6 +81,7 @@ func (p *Provider) DescribeSymmetricKeys(ctx context.Context) ([]awslib.AwsResou
 			result = append(result, KmsInfo{
 				KeyMetadata:        *keyInfo.KeyMetadata,
 				KeyRotationEnabled: rotationStatus.KeyRotationEnabled,
+				region:             region,
 			})
 		}
 		return result, nil
@@ -107,3 +108,7 @@ func (k KmsInfo) GetResourceName() string {
 func (k KmsInfo) GetResourceType() string {
 	return fetching.KmsType
 }
+
+func (k KmsInfo) GetRegion() string {
+	return k.region
+}
diff --git a/resources/providers/awslib/kms/provider_test.go b/resources/providers/awslib/kms/provider_test.go
index c26cddde9b..6e4b78c9a1 100644
--- a/resources/providers/awslib/kms/provider_test.go
+++ b/resources/providers/awslib/kms/provider_test.go
@@ -26,7 +26,6 @@ import (
 	kmsClient "github.com/aws/aws-sdk-go-v2/service/kms"
 	"github.com/aws/aws-sdk-go-v2/service/kms/types"
 	"github.com/elastic/cloudbeat/resources/providers/awslib"
-	"github.com/elastic/cloudbeat/resources/utils/testhelper"
 	"github.com/elastic/elastic-agent-libs/logp"
 	"github.com/stretchr/testify/mock"
 	"github.com/stretchr/testify/suite"
@@ -58,7 +57,7 @@ func (s *ProviderTestSuite) TearDownTest() {}
 var keyId1 = "21c0ba99-3a6c-4f72-8ef8-8118d4804710"
 var keyId2 = "21c0ba99-3a6c-4f72-8ef8-8118d4804711"
 
-func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
+func (s *ProviderTestSuite) TestProvider_DescribeSymmetricKeys() {
 	var tests = []struct {
 		name                    string
 		regions                 []string
@@ -142,8 +141,8 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 				},
 			},
 			expected: []awslib.AwsResource{
-				KmsInfo{KeyMetadata: types.KeyMetadata{KeyId: &keyId1, KeySpec: types.KeySpecSymmetricDefault}, KeyRotationEnabled: true},
-				KmsInfo{KeyMetadata: types.KeyMetadata{KeyId: &keyId2, KeySpec: types.KeySpecSymmetricDefault}, KeyRotationEnabled: true},
+				KmsInfo{KeyMetadata: types.KeyMetadata{KeyId: &keyId1, KeySpec: types.KeySpecSymmetricDefault}, KeyRotationEnabled: true, region: "us-east-1"},
+				KmsInfo{KeyMetadata: types.KeyMetadata{KeyId: &keyId2, KeySpec: types.KeySpecSymmetricDefault}, KeyRotationEnabled: true, region: "us-east-2"},
 			},
 			expectError: false,
 			regions:     []string{"us-east-1", "us-east-2"},
@@ -151,16 +150,18 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 	}
 
 	for _, test := range tests {
-		kmsClientMock := &MockClient{}
-		for funcName, returnVals := range test.kmsClientMockReturnVals {
-			for _, vals := range returnVals {
-				kmsClientMock.On(funcName, vals[0]...).Return(vals[1]...).Once()
+		mockClients := make(map[string]Client, len(test.regions))
+		for i, region := range test.regions {
+			kmsClientMock := &MockClient{}
+			for funcName, returnVals := range test.kmsClientMockReturnVals {
+				kmsClientMock.On(funcName, returnVals[i][0]...).Return(returnVals[i][1]...)
 			}
+			mockClients[region] = kmsClientMock
 		}
 
 		kmsProvider := Provider{
 			log:     s.log,
-			clients: testhelper.CreateMockClients[Client](kmsClientMock, test.regions),
+			clients: mockClients,
 		}
 
 		ctx := context.Background()
diff --git a/resources/providers/awslib/mock_aws_resource.go b/resources/providers/awslib/mock_aws_resource.go
index 2a741bd312..9e3a925ec3 100644
--- a/resources/providers/awslib/mock_aws_resource.go
+++ b/resources/providers/awslib/mock_aws_resource.go
@@ -34,6 +34,47 @@ func (_m *MockAwsResource) EXPECT() *MockAwsResource_Expecter {
 	return &MockAwsResource_Expecter{mock: &_m.Mock}
 }
 
+// GetRegion provides a mock function with given fields:
+func (_m *MockAwsResource) GetRegion() string {
+	ret := _m.Called()
+
+	var r0 string
+	if rf, ok := ret.Get(0).(func() string); ok {
+		r0 = rf()
+	} else {
+		r0 = ret.Get(0).(string)
+	}
+
+	return r0
+}
+
+// MockAwsResource_GetRegion_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetRegion'
+type MockAwsResource_GetRegion_Call struct {
+	*mock.Call
+}
+
+// GetRegion is a helper method to define mock.On call
+func (_e *MockAwsResource_Expecter) GetRegion() *MockAwsResource_GetRegion_Call {
+	return &MockAwsResource_GetRegion_Call{Call: _e.mock.On("GetRegion")}
+}
+
+func (_c *MockAwsResource_GetRegion_Call) Run(run func()) *MockAwsResource_GetRegion_Call {
+	_c.Call.Run(func(args mock.Arguments) {
+		run()
+	})
+	return _c
+}
+
+func (_c *MockAwsResource_GetRegion_Call) Return(_a0 string) *MockAwsResource_GetRegion_Call {
+	_c.Call.Return(_a0)
+	return _c
+}
+
+func (_c *MockAwsResource_GetRegion_Call) RunAndReturn(run func() string) *MockAwsResource_GetRegion_Call {
+	_c.Call.Return(run)
+	return _c
+}
+
 // GetResourceArn provides a mock function with given fields:
 func (_m *MockAwsResource) GetResourceArn() string {
 	ret := _m.Called()
diff --git a/resources/providers/awslib/multi_region_test.go b/resources/providers/awslib/multi_region_test.go
index 16f4e416f0..c32757ac4a 100644
--- a/resources/providers/awslib/multi_region_test.go
+++ b/resources/providers/awslib/multi_region_test.go
@@ -168,6 +168,8 @@ func (t testAwsResource) GetResourceName() string { return "" }
 
 func (t testAwsResource) GetResourceType() string { return "" }
 
+func (t testAwsResource) GetRegion() string { return "" }
+
 func (d dummyTester) DummyFunc() ([]AwsResource, error) {
 	awsRes := []AwsResource{testAwsResource{resRegion: d.region}}
 	switch d.region {
diff --git a/resources/providers/awslib/rds/provider.go b/resources/providers/awslib/rds/provider.go
index acb9a614cc..b59eaf7700 100644
--- a/resources/providers/awslib/rds/provider.go
+++ b/resources/providers/awslib/rds/provider.go
@@ -63,6 +63,7 @@ func (p Provider) DescribeDBInstances(ctx context.Context) ([]awslib.AwsResource
 				AutoMinorVersionUpgrade: dbInstance.AutoMinorVersionUpgrade,
 				PubliclyAccessible:      dbInstance.PubliclyAccessible,
 				Subnets:                 subnets,
+				region:                  region,
 			})
 		}
 
@@ -105,3 +106,7 @@ func (d DBInstance) GetResourceName() string {
 func (d DBInstance) GetResourceType() string {
 	return fetching.RdsType
 }
+
+func (d DBInstance) GetRegion() string {
+	return d.region
+}
diff --git a/resources/providers/awslib/rds/provider_test.go b/resources/providers/awslib/rds/provider_test.go
index 11da713e91..82c1c945a0 100644
--- a/resources/providers/awslib/rds/provider_test.go
+++ b/resources/providers/awslib/rds/provider_test.go
@@ -98,8 +98,27 @@ func (s *ProviderTestSuite) TestProvider_DescribeDBInstances() {
 				{ec2types.RouteTable{RouteTableId: &identifier, Routes: []ec2types.Route{{DestinationCidrBlock: &destinationCidrBlock, GatewayId: &gatewayId}}}, nil},
 			},
 			expected: []awslib.AwsResource{
-				DBInstance{Identifier: identifier, Arn: arn, StorageEncrypted: false, AutoMinorVersionUpgrade: false, PubliclyAccessible: false, Subnets: []Subnet(nil)},
-				DBInstance{Identifier: identifier2, Arn: arn2, StorageEncrypted: true, AutoMinorVersionUpgrade: true, PubliclyAccessible: true, Subnets: []Subnet{{ID: identifier, RouteTable: nil}, {ID: identifier2, RouteTable: &RouteTable{ID: identifier, Routes: []Route{{DestinationCidrBlock: &destinationCidrBlock, GatewayId: &gatewayId}}}}}},
+				DBInstance{
+					Identifier:              identifier,
+					Arn:                     arn,
+					StorageEncrypted:        false,
+					AutoMinorVersionUpgrade: false,
+					PubliclyAccessible:      false,
+					Subnets:                 []Subnet(nil),
+					region:                  awslib.DefaultRegion,
+				},
+				DBInstance{
+					Identifier:              identifier2,
+					Arn:                     arn2,
+					StorageEncrypted:        true,
+					AutoMinorVersionUpgrade: true,
+					PubliclyAccessible:      true, Subnets: []Subnet{
+						{ID: identifier, RouteTable: nil},
+						{ID: identifier2, RouteTable: &RouteTable{
+							ID:     identifier,
+							Routes: []Route{{DestinationCidrBlock: &destinationCidrBlock, GatewayId: &gatewayId}},
+						}}},
+					region: awslib.DefaultRegion},
 			},
 		},
 	}
diff --git a/resources/providers/awslib/rds/rds.go b/resources/providers/awslib/rds/rds.go
index 8151eb317a..de2b93b6af 100644
--- a/resources/providers/awslib/rds/rds.go
+++ b/resources/providers/awslib/rds/rds.go
@@ -19,10 +19,9 @@ package rds
 
 import (
 	"context"
-	"github.com/elastic/cloudbeat/resources/providers/awslib/ec2"
-
 	"github.com/aws/aws-sdk-go-v2/service/rds"
 	"github.com/elastic/cloudbeat/resources/providers/awslib"
+	"github.com/elastic/cloudbeat/resources/providers/awslib/ec2"
 	"github.com/elastic/elastic-agent-libs/logp"
 )
 
@@ -33,6 +32,7 @@ type DBInstance struct {
 	AutoMinorVersionUpgrade bool     `json:"auto_minor_version_upgrade"`
 	PubliclyAccessible      bool     `json:"publicly_accessible"`
 	Subnets                 []Subnet `json:"subnets"`
+	region                  string
 }
 
 type Subnet struct {
diff --git a/resources/providers/awslib/s3/provider.go b/resources/providers/awslib/s3/provider.go
index 75689319e9..68dd898c84 100644
--- a/resources/providers/awslib/s3/provider.go
+++ b/resources/providers/awslib/s3/provider.go
@@ -107,6 +107,7 @@ func (p Provider) DescribeBuckets(ctx context.Context) ([]awslib.AwsResource, er
 				BucketVersioning:                      bucketVersioning,
 				PublicAccessBlockConfiguration:        publicAccessBlockConfiguration,
 				AccountPublicAccessBlockConfiguration: accountPublicAccessBlockConfig,
+				region:                                region,
 			})
 		}
 	}
@@ -303,3 +304,7 @@ func (b BucketDescription) GetResourceName() string {
 func (b BucketDescription) GetResourceType() string {
 	return fetching.S3Type
 }
+
+func (b BucketDescription) GetRegion() string {
+	return b.region
+}
diff --git a/resources/providers/awslib/s3/provider_test.go b/resources/providers/awslib/s3/provider_test.go
index 66bb223d7b..6775cdd012 100644
--- a/resources/providers/awslib/s3/provider_test.go
+++ b/resources/providers/awslib/s3/provider_test.go
@@ -127,6 +127,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 				BucketVersioning:                      nil,
 				PublicAccessBlockConfiguration:        nil,
 				AccountPublicAccessBlockConfiguration: nil,
+				region:                                awslib.DefaultRegion,
 			}},
 			expectError: false,
 			regions:     []string{awslib.DefaultRegion},
@@ -145,6 +146,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 				BucketVersioning:                      nil,
 				PublicAccessBlockConfiguration:        nil,
 				AccountPublicAccessBlockConfiguration: nil,
+				region:                                string(region),
 			}},
 			expectError: false,
 			regions:     []string{awslib.DefaultRegion},
@@ -173,6 +175,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 				BucketVersioning:                      nil,
 				PublicAccessBlockConfiguration:        nil,
 				AccountPublicAccessBlockConfiguration: nil,
+				region:                                string(region),
 			}},
 			expectError: false,
 			regions:     []string{awslib.DefaultRegion, string(region)},
@@ -195,6 +198,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 				BucketVersioning:                      nil,
 				PublicAccessBlockConfiguration:        nil,
 				AccountPublicAccessBlockConfiguration: nil,
+				region:                                string(region),
 			}},
 			expectError: false,
 			regions:     []string{awslib.DefaultRegion, string(region)},
@@ -217,6 +221,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 				BucketVersioning:                      &BucketVersioning{true, true},
 				PublicAccessBlockConfiguration:        nil,
 				AccountPublicAccessBlockConfiguration: nil,
+				region:                                string(region),
 			}},
 			expectError: false,
 			regions:     []string{awslib.DefaultRegion, string(region)},
@@ -251,6 +256,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 					RestrictPublicBuckets: false,
 				},
 				AccountPublicAccessBlockConfiguration: nil,
+				region:                                string(region),
 			}},
 			expectError: false,
 			regions:     []string{awslib.DefaultRegion, string(region)},
@@ -285,6 +291,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 					IgnorePublicAcls:      false,
 					RestrictPublicBuckets: false,
 				},
+				region: string(region),
 			}},
 			expectError: false,
 			regions:     []string{awslib.DefaultRegion, string(region)},
@@ -366,6 +373,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 						IgnorePublicAcls:      false,
 						RestrictPublicBuckets: false,
 					},
+					region: string(region),
 				},
 				BucketDescription{
 					Name:             secondBucketName,
@@ -384,6 +392,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 						IgnorePublicAcls:      false,
 						RestrictPublicBuckets: false,
 					},
+					region: awslib.DefaultRegion,
 				},
 			},
 			expectError: false,
@@ -466,6 +475,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 						IgnorePublicAcls:      false,
 						RestrictPublicBuckets: false,
 					},
+					region: awslib.DefaultRegion,
 				},
 				BucketDescription{
 					Name:             secondBucketName,
@@ -484,6 +494,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 						IgnorePublicAcls:      false,
 						RestrictPublicBuckets: false,
 					},
+					region: awslib.DefaultRegion,
 				},
 			},
 			expectError: false,
@@ -508,6 +519,7 @@ func (s *ProviderTestSuite) TestProvider_DescribeBuckets() {
 			log:           s.log,
 			clients:       testhelper.CreateMockClients[Client](s3ClientMock, test.regions),
 			controlClient: controlClient,
+			accountId:     "asd",
 		}
 
 		ctx := context.Background()
diff --git a/resources/providers/awslib/s3/s3.go b/resources/providers/awslib/s3/s3.go
index 3b77e2342f..b753a42fd7 100644
--- a/resources/providers/awslib/s3/s3.go
+++ b/resources/providers/awslib/s3/s3.go
@@ -34,6 +34,7 @@ type BucketDescription struct {
 	BucketVersioning                      *BucketVersioning                              `json:"bucket_versioning,omitempty"`
 	PublicAccessBlockConfiguration        *types.PublicAccessBlockConfiguration          `json:"public_access_block_configuration"`
 	AccountPublicAccessBlockConfiguration *s3ContorlTypes.PublicAccessBlockConfiguration `json:"account_public_access_block_configuration"`
+	region                                string
 }
 
 // TODO: This can be better typed, but this is a complex object. See this library for example: https://github.com/liamg/iamgo/
diff --git a/resources/providers/awslib/securityhub/securityhub.go b/resources/providers/awslib/securityhub/securityhub.go
index a6c0f72875..0bb3c493a0 100644
--- a/resources/providers/awslib/securityhub/securityhub.go
+++ b/resources/providers/awslib/securityhub/securityhub.go
@@ -20,7 +20,6 @@ package securityhub
 import (
 	"context"
 	"fmt"
-
 	"github.com/aws/aws-sdk-go-v2/service/securityhub"
 	"github.com/elastic/cloudbeat/resources/fetching"
 )
@@ -52,3 +51,7 @@ func (s SecurityHub) GetResourceName() string {
 func (s SecurityHub) GetResourceType() string {
 	return fetching.SecurityHubType
 }
+
+func (s SecurityHub) GetRegion() string {
+	return s.Region
+}