Automate the AWS GuardDuty account invitation lifecycle for all of your organizations AWS accounts in all regions as well as aggregate and normalize the GuardDuty findings
Currently when iterating over accounts listed in dynamodb, if an account is encountered for which role assumption fails, we currently abort and do not continue processing.
This can happen if
The AWS account is deleted
Someone in the account deletes the role without using CloudFormation
What do we want to do in this case? Keep processing? How do we notify someone that something's wrong in a child account?
Currently when iterating over accounts listed in dynamodb, if an account is encountered for which role assumption fails, we currently abort and do not continue processing.
This can happen if
What do we want to do in this case? Keep processing? How do we notify someone that something's wrong in a child account?