Multiple accounts in Amazon GuardDuty
When your Amazon environment has multiple accounts, you can manage them by designating one Amazon Web Services account as the administrator account. You can then associate the multiple Amazon Web Services accounts with this administrator account as its member accounts. With this configuration, a designated GuardDuty administrator account can assess and monitor the overall security of your organization. The administrator account can also perform account management tasks, such as reviewing all generated findings and configuring protection plans within GuardDuty.
In GuardDuty, an organization consists of a delegated GuardDuty administrator account and one or more associated member accounts. You can associate the accounts in two ways – by integrating with Amazon Organizations, or by using a legacy method of sending and accepting membership invitations in the GuardDuty console. GuardDuty recommends that you integrate with Amazon Organizations.
Amazon Organizations is a global account management service that enables Amazon administrators to consolidate and centrally manage multiple Amazon Web Services accounts. It provides account management and consolidated billing features that are designed to support budgetary, security, and compliance needs. It’s offered at no additional charge and it integrates with multiple Amazon Web Services services, including Macie, Amazon Security Hub, and Amazon GuardDuty. For more information, see the Amazon Organizations User Guide.