DescribeOrganizationConfiguration
Returns information about the account selected as the delegated administrator for GuardDuty.
There might be regional differences because some data sources might not be available in all the AWS Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
Request Syntax
GET /detector/detectorId
/admin?maxResults=MaxResults
&nextToken=NextToken
HTTP/1.1
URI Request Parameters
The request uses the following URI parameters.
- detectorId
-
The detector ID of the delegated administrator for which you need to retrieve the information.
To find the
detectorId
in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.Length Constraints: Minimum length of 1. Maximum length of 300.
Required: Yes
- MaxResults
-
You can use this parameter to indicate the maximum number of items that you want in the response.
Valid Range: Minimum value of 1. Maximum value of 50.
- NextToken
-
You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill
nextToken
in the request with the value ofNextToken
from the previous response to continue listing data.
Request Body
The request does not have a request body.
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"autoEnable": boolean,
"autoEnableOrganizationMembers": "string",
"dataSources": {
"kubernetes": {
"auditLogs": {
"autoEnable": boolean
}
},
"malwareProtection": {
"scanEc2InstanceWithFindings": {
"ebsVolumes": {
"autoEnable": boolean
}
}
},
"s3Logs": {
"autoEnable": boolean
}
},
"features": [
{
"additionalConfiguration": [
{
"autoEnable": "string",
"name": "string"
}
],
"autoEnable": "string",
"name": "string"
}
],
"memberAccountLimitReached": boolean,
"nextToken": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- autoEnable
-
This parameter has been deprecated.
Indicates whether GuardDuty is automatically enabled for accounts added to the organization.
Even though this is still supported, we recommend using
AutoEnableOrganizationMembers
to achieve the similar results.Type: Boolean
- autoEnableOrganizationMembers
-
Indicates the auto-enablement configuration of GuardDuty or any of the corresponding protection plans for the member accounts in the organization.
-
NEW
: Indicates that when a new account joins the organization, they will have GuardDuty or any of the corresponding protection plans enabled automatically. -
ALL
: Indicates that all accounts in the organization have GuardDuty and any of the corresponding protection plans enabled automatically. This includesNEW
accounts that join the organization and accounts that may have been suspended or removed from the organization in GuardDuty. -
NONE
: Indicates that GuardDuty or any of the corresponding protection plans will not be automatically enabled for any account in the organization. The administrator must manage GuardDuty for each account in the organization individually.When you update the auto-enable setting from
ALL
orNEW
toNONE
, this action doesn't disable the corresponding option for your existing accounts. This configuration will apply to the new accounts that join the organization. After you update the auto-enable settings, no new account will have the corresponding option as enabled.
Type: String
Valid Values:
NEW | ALL | NONE
-
- dataSources
-
This parameter has been deprecated.
Describes which data sources are enabled automatically for member accounts.
Type: OrganizationDataSourceConfigurationsResult object
- features
-
A list of features that are configured for this organization.
Type: Array of OrganizationFeatureConfigurationResult objects
- memberAccountLimitReached
-
Indicates whether the maximum number of allowed member accounts are already associated with the delegated administrator account for your organization.
Type: Boolean
- nextToken
-
The pagination parameter to be used on the next list operation to retrieve more items.
Type: String
Errors
For information about the errors that are common to all actions, see Common Errors.
- BadRequestException
-
A bad request exception object.
HTTP Status Code: 400
- InternalServerErrorException
-
An internal server error exception object.
HTTP Status Code: 500
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: