Disassociating member accounts - Amazon Security Hub
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Disassociating member accounts

An Amazon Security Hub administrator account can disassociate a member account to stop receiving and viewing findings from that account. You must disassociate a member account before you can delete it.

When you disassociate a member account, it remains in your list of member accounts with a status of Removed (Disassociated). Your account is removed from the administrator account information for the member account.

To resume receiving findings for the account, you can resend the invitation. To remove the member account entirely, you can delete the member account.

Choose your preferred method, and follow the steps to disassociate a manually-invited member account from the administrator account.

Security Hub console
To disassociate a manually-invited member account

  1. Open the Amazon Security Hub console at https://console.amazonaws.cn/securityhub/.

    Sign in using the credentials of the administrator account.

  2. In the navigation pane, under Settings, choose Configuration.

  3. In the Accounts section, select the accounts that you want to disassociate.

  4. Choose Actions, and then choose Disassociate account.

Security Hub API

To disassociate a manually-invited member account

Invoke the DisassociateMembers API from the administrator account. You must provide the Amazon Web Services account IDs of the member accounts that you want to disassociate. To view a list of member accounts, use the ListMembers operation.

Amazon CLI

To disassociate a manually-invited member account

Run the disassociate-members command from the administrator account. You must provide the Amazon Web Services account IDs of the member accounts that you want to disassociate. To view a list of member accounts, run the list-members command.

aws securityhub disassociate-members --account-ids <accountIds>

Example

aws securityhub disassociate-members --account-ids "123456789111" "123456789222"