- Newest
- Most votes
- Most comments
If you have already set up a GuardDuty administrator with associated member accounts by invitation, and the member accounts are part of the same organization, their Type changes from by Invitation to via Organizations when you set a GuardDuty delegated administrator for your organization.
If the new delegated administrator previously added members by invitation that are not part of the same organization, their Type is by Invitation. In both cases, these previously added accounts are member accounts to the organization's GuardDuty delegated administrator.
You cannot designate an account outside of your organization as a GuardDuty administrator account.
You cannot delegate Admin to an account outside of your organization as it uses Org based roles for access across the accounts.
You can find more information about enabling org wide integration in the AWS docs: https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_organizations.html
Thank you!
Relevant content
- Accepted Answerasked 3 months ago
- asked 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
Thank you!