GuardDuty / Client / disassociate_members

disassociate_members#

GuardDuty.Client.disassociate_members(**kwargs)#

Disassociates GuardDuty member accounts (from the current administrator account) specified by the account IDs.

When you disassociate an invited member from a GuardDuty delegated administrator, the member account details obtained from the CreateMembers API, including the associated email addresses, are retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.

With autoEnableOrganizationMembers configuration for your organization set to ALL, you’ll receive an error if you attempt to disassociate a member account before removing them from your organization.

If you disassociate a member account that was added by invitation, the member account details obtained from this API, including the associated email addresses, will be retained. This is done so that the delegated administrator can invoke the InviteMembers API without the need to invoke the CreateMembers API again. To remove the details associated with a member account, the delegated administrator must invoke the DeleteMembers API.

When the member accounts added through Organizations are later disassociated, you (administrator) can’t invite them by calling the InviteMembers API. You can create an association with these member accounts again only by calling the CreateMembers API.

See also: AWS API Documentation

Request Syntax

response = client.disassociate_members(
    DetectorId='string',
    AccountIds=[
        'string',
    ]
)
Parameters:

  • DetectorId (string) –

    [REQUIRED]

    The unique ID of the detector of the GuardDuty account whose members you want to disassociate from the administrator account.

  • AccountIds (list) –

    [REQUIRED]

    A list of account IDs of the GuardDuty member accounts that you want to disassociate from the administrator account.

    • (string) –

Return type:

dict

Returns:

Response Syntax

{
    'UnprocessedAccounts': [
        {
            'AccountId': 'string',
            'Result': 'string'
        },
    ]
}

Response Structure

  • (dict) –

    • UnprocessedAccounts (list) –

      A list of objects that contain the unprocessed account and a result string that explains why it was unprocessed.

      • (dict) –

        Contains information about the accounts that weren’t processed.

        • AccountId (string) –

          The Amazon Web Services account ID.

        • Result (string) –

          A reason why the account hasn’t been processed.

Exceptions