Removing an Amazon Inspector delegated administrator - Amazon Inspector

Removing an Amazon Inspector delegated administrator

In the event that you need to assign a new Amazon Inspector delegated administrator, you can remove an existing delegated administrator as the AWS Organizations management account.

When you remove a delegated administrator it does not disable Amazon Inspector in that account or in any organization member accounts. Accounts within your organization are converted to standalone accounts and retain the scan settings they had prior to being managed by a delegated administrator.

To remove a delegated administrator:

  1. Log in to the AWS Management Console using the AWS Organizations management account.

  2. Open the Amazon Inspector console at https://console.aws.amazon.com/inspector/v2/home, then use the Region selector in the upper right to specify the desired Region.

  3. Select Settings from the navigation bar.

  4. Select Remove from the Delegated administrator pane and confirm your action on the next pane.

  5. Repeat in each Region in which you registered this delegated administrator.

To associate members to a new delegated administrator:

When you add a new Amazon Inspector delegated administrator, you need to manually associate organization members to the new administrator account.

  1. Log in to the AWS Management Console using the delegated administrator account.

  2. Open the Amazon Inspector console at https://console.aws.amazon.com/inspector/v2/home, then use the Region selector in the upper right to specify the desired Region.

  3. Select Account Management under Settings in the navigation panel.

  4. Select all of the listed accounts in your organization using the top check box.

  5. Select the Actions button, then choose Add member from the menu.

  6. Repeat in each other Region in which you registered this delegated administrator.