Why did I receive the AWS account ID status "Verification failed" with Amazon GuardDuty?

Last updated: 2020-12-17

I invited an AWS account ID to associate with my AWS account using my Amazon GuardDuty management account and the status is "Verification failed."

Short description

The "Verification failed" status indicates that the root email address or the AWS account ID that you added as a GuardDuty member account are incorrect.

Resolution

Follow these steps to designate a GuardDuty delegated administrator and add member accounts using the GuardDuty console.

-or-

Follow these steps to designate an AWS Organizations delegated administrator and GuardDuty member accounts through the API operations.

Important: Be sure to use the root email address and account ID associated with the AWS account.

If you're uploading a .csv list to bulk add accounts, be sure to specify the account ID and primary email address separated by a comma on separate lines. The first line of the .csv file must contain the account ID and email header in this format:

Account ID,Email
111111111111,primary1@example.com
222222222222,primary2@example.com

If you use Python scripts to enable GuardDuty in multiple accounts simultaneously, then the AWS accounts in the input .csv file must be listed one per line. Use the format of account ID and email address without headers in this format:

111111111111,primary1@example.com
222222222222,primary2@example.com