Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions,
see Getting Started with Amazon Web Services in China
(PDF).
Deleting member accounts from
GuardDuty organization
As a delegated GuardDuty administrator account, after you have disassociated a member account and you no longer want to keep that member
account in the GuardDuty organization, you can delete the member account from your GuardDuty organization. This member
account will no longer appear in your account inventory. However, this doesn't impact
the configuration of GuardDuty and dedicated protection plans in these accounts, unless suspended
GuardDuty for these member accounts. This step will not delete the
member account from your Amazon organization.
Choose a preferred method to delete a member account from your GuardDuty organization.
- Console
-
Open the GuardDuty console at https://console.amazonaws.cn/guardduty/.
To sign in, use the credentials of the delegated GuardDuty administrator account.
-
In the navigation pane, choose Accounts.
-
In the Accounts table, you can remove an account that has
Type as Via Organizations and
Status as Removed (disassociated).
Select one or more accounts with the same Type
and Status.
-
From the Actions dropdown menu, choose Delete
account.
-
Choose Delete accounts to confirm your selection. The
selected account member will no longer appear in your Accounts table.
Repeat the preceding steps in each additional Region where you want to delete this member
account.
- API/CLI
-
-
To retrieve the account ID for the member account that you want to delete, use the ListMembers API. Include
the OnlyAssociated
parameter in your request. If you set this parameter's value
to false
, GuardDuty returns a members
array that provides details about
only those accounts that are currently disassociated GuardDuty members.
Alternatively, you can use Amazon Command Line Interface (Amazon CLI) to run the following command:
aws guardduty list-members --only-associated="false" --region us-east-1
Replace us-east-1
by the Region where you want to remove this account.
To delete one or more GuardDuty member accounts, run DeleteMembers
to delete the member account from the GuardDuty organization.
Alternatively, you can use Amazon CLI to run the following command:
aws guardduty delete-members --detector-id 12abc34d567e8fa901bc2d34EXAMPLE --account-ids 111122223333
--region us-east-1
Replace us-east-1
by the Region where you want to remove this account.
If you have a list of account IDs that you want to remove, separate them by a space character.