SecurityHub / Client / disassociate_from_master_account



This method is deprecated. Instead, use DisassociateFromAdministratorAccount.

The Security Hub console continues to use DisassociateFromMasterAccount. It will eventually change to use DisassociateFromAdministratorAccount. Any IAM policies that specifically control access to this function must continue to use DisassociateFromMasterAccount. You should also add DisassociateFromAdministratorAccount to your policies to ensure that the correct permissions are in place after the console begins to use DisassociateFromAdministratorAccount.

Disassociates the current Security Hub member account from the associated administrator account.

This operation is only used by accounts that are not part of an organization. For organization accounts, only the administrator account can disassociate a member account.


This operation is deprecated and may not function as expected. This operation should not be used going forward and is only kept for the purpose of backwards compatiblity.

See also: AWS API Documentation

Request Syntax

response = client.disassociate_from_master_account()
Return type:



Response Syntax


Response Structure

  • (dict) –


  • SecurityHub.Client.exceptions.InternalException

  • SecurityHub.Client.exceptions.InvalidInputException

  • SecurityHub.Client.exceptions.InvalidAccessException

  • SecurityHub.Client.exceptions.LimitExceededException

  • SecurityHub.Client.exceptions.ResourceNotFoundException