In order to run discovery and visibility jobs on multiple accounts in an AWS Organization, Cloud Discovery & Visibility (CDV) needs appropriate access to the AWS infrastructure. One of the ways that you can provide this access is to assign a delegated account (with the appropriate permissions) to CDV. If you will be doing this, you must enable delegated administrator status on the AWS account that hosts CDV.
Note: You do not need to do this if you will be using a regular member account to assume
a role from the management or delegated admin account when running
organization-level discovery.
To do so, run the following command on the AWS account that hosts CDV (that is, to which CDV is deployed). You will need the ID for the hosting account:
aws organizations register-delegated-administrator --account-id <AWS Account ID> --service-principal account.amazonaws.com