It seems that you need data aggregation if you are working with multiple accounts. See these links:
A couple important points to remember:
For Config to send files to S3, it needs access as the Service Principal (What you see as config.amazonaws.com).
Since the condition there is for SourceAccount, you need something to limit this to your Organizational Accounts. However, as AWS states - this service won't work with organization ID or organization units based conditions.
If you remove the AWS:SourceAccount condition, then this will work for all accounts (including accounts you don't own), which could mean that any account could possibly use Config as a confused deputy. Another option would be (if you have limited accounts), to add these accounts to the Bucket Policy. This would have drawbacks as you would need to maintain and manage a larger bucket policy (could be prone to misconfiguration and bucket policy size limits as well).
Some other options include using aggregators with organizations to do aggregation across Config in your AWS Organization: https://docs.aws.amazon.com/config/latest/developerguide/setup-aggregator-console.html.
Error: Cannot retrieve repository metadata (repomd.xml) for repositoryasked 2 years ago
Amplify GitHub integration failing in ca-central-1asked 6 months ago
Exclude resources from AWS Config Managed rules?asked 8 months ago
Instructions to add another AWS account/user to my AWS accountasked 19 days ago
OpenSearch Create Repositoryasked a month ago
Central cloudwatch logs group for vpc flowlogs from multiple accountsasked 24 days ago
Central ECR for ECS in multiple accountsAccepted AnswerMODERATORasked 2 years ago
Central repository for AWS Configasked 6 months ago
AWS CloudWatch metrics to OpenSearchasked 5 months ago
how to backup glue jobs on bitbucket repositoryasked 5 months ago