In Policies, expand Service control policies and note the SCP policies that are attached.
At the top of the page, choose Policies.
Select the policy, and then choose View details.
In the JSON preview pane, confirm that the policy allows the DeleteConfigRule API action.
The rule isn't a service-linked rule
When you enable a security standard, AWS Security Hub creates AWS Config service-linked rules for you. You can't delete these service-linked rules using AWS Config, so the delete button is grayed out. To remove the AWS Config service-linked rules, see Disabling a security standard.