DescribeOrganizationConfiguration - Amazon GuardDuty


Returns information about the account selected as the delegated administrator for GuardDuty.

There might be regional differences because some data sources might not be available in all the AWS Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.

Request Syntax

GET /detector/detectorId/admin HTTP/1.1

URI Request Parameters

The request uses the following URI parameters.


The ID of the detector to retrieve information about the delegated administrator from.

Length Constraints: Minimum length of 1. Maximum length of 300.

Required: Yes

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 200 Content-type: application/json { "autoEnable": boolean, "dataSources": { "kubernetes": { "auditLogs": { "autoEnable": boolean } }, "malwareProtection": { "scanEc2InstanceWithFindings": { "ebsVolumes": { "autoEnable": boolean } } }, "s3Logs": { "autoEnable": boolean } }, "memberAccountLimitReached": boolean }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


Indicates whether GuardDuty is automatically enabled for accounts added to the organization.

Type: Boolean


Describes which data sources are enabled automatically for member accounts.

Type: OrganizationDataSourceConfigurationsResult object


Indicates whether the maximum number of allowed member accounts are already associated with the delegated administrator account for your organization.

Type: Boolean


For information about the errors that are common to all actions, see Common Errors.


A bad request exception object.

HTTP Status Code: 400


An internal server error exception object.

HTTP Status Code: 500

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: