GuardDuty / Client / disassociate_members

disassociate_members

GuardDuty.Client.disassociate_members(**kwargs)

Disassociates GuardDuty member accounts (to the current administrator account) specified by the account IDs.

With autoEnableOrganizationMembers configuration for your organization set to ALL, you’ll receive an error if you attempt to disassociate a member account before removing them from your Amazon Web Services organization.

See also: AWS API Documentation

Request Syntax

response = client.disassociate_members(
    DetectorId='string',
    AccountIds=[
        'string',
    ]
)

Parameters:

• DetectorId (string) –

  [REQUIRED]

  The unique ID of the detector of the GuardDuty account whose members you want to disassociate from the administrator account.

• AccountIds (list) –

  [REQUIRED]

  A list of account IDs of the GuardDuty member accounts that you want to disassociate from the administrator account.

  • (string) –

Return type:

dict

Returns:

Response Syntax

{
    'UnprocessedAccounts': [
        {
            'AccountId': 'string',
            'Result': 'string'
        },
    ]
}

Response Structure

• (dict) –

  • UnprocessedAccounts (list) –

    A list of objects that contain the unprocessed account and a result string that explains why it was unprocessed.

    • (dict) –

      Contains information about the accounts that weren’t processed.

      • AccountId (string) –

        The Amazon Web Services account ID.

      • Result (string) –

        A reason why the account hasn’t been processed.

Exceptions

• GuardDuty.Client.exceptions.BadRequestException

• GuardDuty.Client.exceptions.InternalServerErrorException