Accounts created with enabladeguardduty.py then followed up by running disableguardduty.py results in the following error.
amazon-guardduty-multiaccount-scripts$ python3.6 disableguardduty.py
Assumed session for xxxxxxxxxxx in region ap-south-1.
GuardDuty is active in ap-south-1
There are members in ap-south-1
Deleted members for xxxxxxxxxxx in ap-south-1
Traceback (most recent call last):
File "disableguardduty.py", line 187, in
main()
File "disableguardduty.py", line 69, in main
delete_detector(gd_client, detector_id)
File "disableguardduty.py", line 79, in delete_detector
DetectorId=detector_id
File "/Users/riad/anaconda3/lib/python3.6/site-packages/botocore/client.py", line 317, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/Users/riad/anaconda3/lib/python3.6/site-packages/botocore/client.py", line 615, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.errorfactory.BadRequestException: An error occurred (BadRequestException) when calling the DeleteDetector operation: The request is rejected because the current account cannot delete detector while it has invited or associated members.
Accounts created with enabladeguardduty.py then followed up by running disableguardduty.py results in the following error.
amazon-guardduty-multiaccount-scripts$ python3.6 disableguardduty.py Assumed session for xxxxxxxxxxx in region ap-south-1. GuardDuty is active in ap-south-1 There are members in ap-south-1 Deleted members for xxxxxxxxxxx in ap-south-1 Traceback (most recent call last): File "disableguardduty.py", line 187, in
main()
File "disableguardduty.py", line 69, in main
delete_detector(gd_client, detector_id)
File "disableguardduty.py", line 79, in delete_detector
DetectorId=detector_id
File "/Users/riad/anaconda3/lib/python3.6/site-packages/botocore/client.py", line 317, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/Users/riad/anaconda3/lib/python3.6/site-packages/botocore/client.py", line 615, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.errorfactory.BadRequestException: An error occurred (BadRequestException) when calling the DeleteDetector operation: The request is rejected because the current account cannot delete detector while it has invited or associated members.