Unable to take action on non-compliant resources in child accounts despite AWS Config configuration in root account

Hi there!

For this you need to use AWS Systems Manager Automation documents. The following article describe the process in detail. Essentially you would do:

Manual Remediation (via the console)

1. Sign in to the AWS Management Console and open the AWS Config console at https://console.aws.amazon.com/config/.
2. Choose Rules on the left and then on the Rules page, choose Add Rule to add new rules to the rule list
3. For existing rules, select the noncompliant rule from the rule list and choose the Actions dropdown list.
4. From the Actions dropdown list, choose Manage remediation. Select "Manual remediation" and then choose the appropriate remediation action from the recommended list. (Note: You can only manage remediations for non-service linked AWS Config rules. For more information, see Service-Linked AWS Rules.)
5. Depending on the selected remediation action, you see specific parameters or no parameters.
6. (Optional): If you want to pass the resource ID of noncompliant resources to the remediation action, choose Resource ID parameter. If selected, at runtime that parameter is substituted with the ID of the resource to be remediated. Each parameter has either a static value or a dynamic value. If you do not choose a specific resource ID parameter from the dropdown list, you can enter values for each key. If you choose a resource ID parameter from the dropdown list, you can enter values for all the other keys except the selected resource ID parameter.
7. Choose Save. The Rules page is displayed.

Automatic Remediation (via the console)

1. Sign in to the AWS Management Console and open the AWS Config console at https://console.aws.amazon.com/config/.
2. Choose Rules on the left and then on the Rules page, choose Add Rule to add new rules to the rule list. For existing rules, select the noncompliant rule from the rule list and choose the Actions dropdown list.
3. From the Actions dropdown list, choose Manage remediation. Select "Automatic remediation" and then choose the appropriate remediation action from the recommended list.
4. Choose Auto remediation to automatically remediate noncompliant resources. If a resource is still non-compliant after auto remediation, you can set the rule to try auto remediation again. Enter the desired retries and seconds.
5. (Optional): If you want to pass the resource ID of noncompliant resources to the remediation action, choose Resource ID parameter. If selected, at runtime that parameter is substituted with the ID of the resource to be remediated. Each parameter has either a static value or a dynamic value. If you do not choose a specific resource ID parameter from the dropdown list, you can enter values for each key. If you choose a resource ID parameter from the dropdown list, you can enter values for all the other keys except the selected resource ID parameter.
6. Choose Save. The Rules page is displayed.

I hope this helps (if so, please accept the answer).