IAM Access Analyzer Delegated admin and Org configuration, doesnt pick up root account

Question

Hi,

I have delegated admin to a security account for IAM access analyser and a few other AWS security features (security hub, guard duty). They all currently work and connect to all accounts. But for some reason, IAM Access analyser has not registered with the root account.

Is there a way to connect it to the delegated admin account?

Answer

Greetings,
 
Thank you for reaching out to AWS:repost, I understand that you are having trouble with your IAM Access Analyzer and registering it with your root account. 
 
From my investigation, only your AWS Organizations management account can add remove, or changed a delegated admin. 
Login into AWS IAM Console -> Select Access Analyzer -> Choose settings -> Choose Add delegated administrator -> Enter account number of an organization member to make the delegated admin
 
Please take a look into this document for a deeper dive into your query. [1]
 
Please contact if you have any further questions, or reach out to us via a support case to facilitate a discussion on the specifics of your resources. 
 
Hope you have a wonderful day.
 
[1] Delegated administrator for Access Analyzer - https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-settings.html

IAM Access Analyzer Delegated admin and Org configuration, doesnt pick up root account

관련 콘텐츠