Enabling GuardDuty Malware across all Organization accounts errors out
I'm using our Management account to do this. The main GuardDuty service is enabled on a vast majority of our Organization accounts already. I do not need to enable GuardDuty itself, just turn on the new Malware protection.
However, I keep getting this nondescript error. It's been happening for a week now.
There is a note under GuardDuty > Accounts that says:
For member accounts, managed by invitation, please follow the instructions here to enable GuardDuty Malware Protection.
This doesn't make a lot of sense, though, because those instructions are for enabling the core GuardDuty service en masse. We've already done that.
What am I missing?
- Newest
- Most votes
- Most comments
In a multi-account environment, only GuardDuty administrator accounts can configure malware protection. GuardDuty administrator accounts can enable or disable the use of Malware Protection for their member accounts. Once the administrator configures GuardDuty Malware Protection for a member account, the member account will follow the administrator account settings and be unable to modify these settings through the console. If the GuardDuty delegated administrator is not the same as management account in the AWS Organization, the management account must first enable malware protection feature for their Organization in GuardDuty. This way, the delegated administrator can get permissions to create the service-linked role (SLR) for GuardDuty Malware Protection in member accounts that are managed through AWS Organizations.
Relevant content
- Accepted Answerasked 6 months ago
- Accepted Answerasked 2 years ago
AWS OFFICIALUpdated 3 years ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
