Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions,
see Getting Started with Amazon Web Services in China
(PDF).
Deleting member accounts
As an Amazon Security Hub administrator account, you can delete member accounts that were added by
invitation. Before you can delete an enabled account, you must disassociate it.
When you delete a member account, it is completely removed from the list. To restore
the account's membership, you must add and invite it again as if it were a completely new
member account.
You can't delete accounts that belong to an organization and that are managed using the integration with Amazon Organizations.
Choose your preferred method, and follow the steps to delete manually-invited member accounts.
- Security Hub console
-
To delete a manually-invited member account
Open the Amazon Security Hub console at https://console.amazonaws.cn/securityhub/.
Sign in using the administrator account.
-
In the navigation pane, choose Settings, and then
choose Configuration.
-
Choose the Invitation accounts tab. Then, select the accounts to
delete.
-
Choose Actions, and then choose Delete. This option is available only if you have disassociated the account. You
must disassociate a member account before it can be deleted.
- Security Hub API
-
To delete a manually-invited member account
Invoke the DeleteMembers
API from the administrator account. You must provide the
Amazon Web Services account IDs of the member accounts that you want to delete. To retrieve the list of
member accounts, invoke the ListMembers
API.
- Amazon CLI
-
To delete a manually-invited member account
Run
the delete-members
command from the administrator account. You must provide the
Amazon Web Services account IDs of the member accounts that you want to delete. To retrieve the list of
member accounts, run the list-members
command.
aws securityhub delete-members --account-ids <memberAccountIDs>
Example
aws securityhub delete-members --account-ids "123456789111" "123456789222"