AWS GuardDuty Organization ADMin Account

This page shows how to write Terraform and CloudFormation for GuardDuty Organization ADMin Account and write them securely.

aws_guardduty_organization_admin_account (Terraform)

The Organization ADMin Account in GuardDuty can be configured in Terraform with the resource name aws_guardduty_organization_admin_account. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub
resource "aws_guardduty_organization_admin_account" "guardduty_organization_admin_account" {
  # depends_on = [aws_organizations_organization.guardduty_detector]
  admin_account_id = data.aws_caller_identity.current.account_id

resource "aws_guardduty_organization_configuration" "guardduty_organization_configuration" {
resource "aws_guardduty_organization_admin_account" "this" {
  admin_account_id = var.admin_account_id
resource "aws_guardduty_organization_admin_account" "this" {
  admin_account_id = var.guardduty_delegated_admin_account_id
resource "aws_guardduty_organization_admin_account" "root_delegates_to_audit" {
  admin_account_id = var.audit_account_id
resource "aws_guardduty_organization_admin_account" "org_admin" {
  count = length(var.admin_account_id) > 0 ? 1 : 0

  #provider = aws.org_admin
  admin_account_id = var.admin_account_id
  depends_on = [

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).


Explanation in Terraform Registry

Manages a GuardDuty Organization Admin Account. The AWS account utilizing this resource must be an Organizations primary account. More information about Organizations support in GuardDuty can be found in the GuardDuty User Guide.

AWS::GuardDuty::Master (CloudFormation)

The Master in GuardDuty can be configured in CloudFormation with the resource name AWS::GuardDuty::Master. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.


Explanation in CloudFormation Registry

You can use the AWS::GuardDuty::Master resource in a GuardDuty member account to accept an invitation from a GuardDuty administrator account. The invitation to the member account must be sent prior to using the AWS::GuardDuty::Master resource to accept the administrator account's invitation. You can invite a member account by using the InviteMembers operation of the Amazon GuardDuty API, or by creating an AWS::GuardDuty::Member resource.

Frequently asked questions

What is AWS GuardDuty Organization ADMin Account?

AWS GuardDuty Organization ADMin Account is a resource for GuardDuty of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS GuardDuty Organization ADMin Account?

For Terraform, the cloudavail/snippets, niveklabs/aws and binbashar/terraform-aws-guardduty-multiaccount source code examples are useful. See the Terraform Example section for further details.