GuardDuty Delegate Admin doesn't have GD enabled

0

We enabled GuardDuty at the Org-level and delegated the primary/management Account. However, in the GD console at the delegated account, the primary/management Account isn't listed. It seems as though the delegate admin doesn't have GuardDuty enabled.

How do you enable GD detections on the delegate admin when it is also the primary/management Account?

Might be similar to https://repost.aws/questions/QULax-FQ6UQHW0gcW8qwEIPQ/iam-access-analyzer-delegated-admin-and-org-configuration-doesnt-pick-up-root-account

1 Answer
0

Hi There

An account that is designated as a delegated administrator becomes a GuardDuty administrator account, has GuardDuty automatically enabled in the designated Region, and is granted permission to enable and manage GuardDuty for all accounts in the organization within that Region. The other accounts in the organization can be viewed and added as GuardDuty member accounts associated with the delegated administrator account.

Not recommended to set your organization's management account as the delegated administrator. Your organization's management account can be the delegated administrator, but this is not recommended based on AWS Security best practices following the principle of least privilege.

Ref: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html

profile picture
EXPERT
Matt-B
answered 2 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions