I have cloud custodian running in Lambda with AWS Config, and I also installed c7n-org to manage multiple AWS Accounts across my Org... my question is, can I used c7n-org from a "Master" account that can then execute and manage my other accounts across my Org?
I assume I can config a Lambda function in my "Master" account that can then execute commands across my Org to my other Accounts I have?
so c7n-org is designed to run from a master account and role assume across many accounts, to execute policies as defined in the accounts.yml config file. see the docs on that.
if you want centralized lambda policies, you use the regular custodian client against the master account, and then setup out of band cwe bus relaying. on your lambda policies for the master account you set a member-role as a templated Arn for role assume back into the target account.