Disable trusted access in Reachability Analyzer
After you disable trusted access, the users in the management account and delegated administrator accounts can't run a new cross-account analysis in Reachability Analyzer. However, they can still see the previously run analyses. Before you can disable trusted access, you must deregister the delegated administrator accounts.
You can enable trusted access again after disabling it. However, you must first re-register the delegated administrator accounts.
To disable trusted access using the console
-
Sign in to the management account.
-
Open the Network Manager console at https://console.aws.amazon.com/networkmanager/home
. -
From the navigation pane, choose Reachability Analyzer, Settings.
-
For Trusted Access, choose Turn off trusted access.
-
Do not close or navigate away from this page until you see a success notification indicating that trusted access is turned off. This can take several minutes.
To disable trusted access using the AWS CLI
From the management account, use the disable-aws-service-access command.