UpdateOrganizationConfiguration - Amazon GuardDuty


Updates the delegated administrator account with the values provided.

There might be regional differences because some data sources might not be available in all the AWS Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.

Request Syntax

POST /detector/detectorId/admin HTTP/1.1 Content-type: application/json { "autoEnable": boolean, "dataSources": { "kubernetes": { "auditLogs": { "autoEnable": boolean } }, "malwareProtection": { "scanEc2InstanceWithFindings": { "ebsVolumes": { "autoEnable": boolean } } }, "s3Logs": { "autoEnable": boolean } } }

URI Request Parameters

The request uses the following URI parameters.


The ID of the detector to update the delegated administrator for.

Length Constraints: Minimum length of 1. Maximum length of 300.

Required: Yes

Request Body

The request accepts the following data in JSON format.


Indicates whether to automatically enable member accounts in the organization.

Type: Boolean

Required: Yes


Describes which data sources will be updated.

Type: OrganizationDataSourceConfigurations object

Required: No

Response Syntax

HTTP/1.1 200

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.


For information about the errors that are common to all actions, see Common Errors.


A bad request exception object.

HTTP Status Code: 400


An internal server error exception object.

HTTP Status Code: 500

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: