Sign in to the AWS Management Console using the Audit account. You can verify the organization’s account structure in the Set up Landing Zone step.
Run the following commands:
aws organizations register-delegated-administrator --account-id $ACCOUNT_ID --service-principal config-multiaccountsetup.amazonaws.com
and
aws organizations register-delegated-administrator --account-id $ACCOUNT_ID --service-principal config.amazonaws.com
To verify that the Audit account has been successfully registered as a delegated administrator for AWS Config, run the following commands:
aws organizations list-delegated-administrators --service-principal=config.amazonaws.com
and
aws organizations list-delegated-administrators --service-principal=config-multiaccountsetup.amazonaws.com