get_assessment

get_assessment(**kwargs)

Returns an assessment from Audit Manager.

See also: AWS API Documentation

Request Syntax

response = client.get_assessment(
    assessmentId='string'
)
Parameters
assessmentId (string) --

[REQUIRED]

The unique identifier for the assessment.

Return type
dict
Returns
Response Syntax
{
    'assessment': {
        'arn': 'string',
        'awsAccount': {
            'id': 'string',
            'emailAddress': 'string',
            'name': 'string'
        },
        'metadata': {
            'name': 'string',
            'id': 'string',
            'description': 'string',
            'complianceType': 'string',
            'status': 'ACTIVE'|'INACTIVE',
            'assessmentReportsDestination': {
                'destinationType': 'S3',
                'destination': 'string'
            },
            'scope': {
                'awsAccounts': [
                    {
                        'id': 'string',
                        'emailAddress': 'string',
                        'name': 'string'
                    },
                ],
                'awsServices': [
                    {
                        'serviceName': 'string'
                    },
                ]
            },
            'roles': [
                {
                    'roleType': 'PROCESS_OWNER'|'RESOURCE_OWNER',
                    'roleArn': 'string'
                },
            ],
            'delegations': [
                {
                    'id': 'string',
                    'assessmentName': 'string',
                    'assessmentId': 'string',
                    'status': 'IN_PROGRESS'|'UNDER_REVIEW'|'COMPLETE',
                    'roleArn': 'string',
                    'roleType': 'PROCESS_OWNER'|'RESOURCE_OWNER',
                    'creationTime': datetime(2015, 1, 1),
                    'lastUpdated': datetime(2015, 1, 1),
                    'controlSetId': 'string',
                    'comment': 'string',
                    'createdBy': 'string'
                },
            ],
            'creationTime': datetime(2015, 1, 1),
            'lastUpdated': datetime(2015, 1, 1)
        },
        'framework': {
            'id': 'string',
            'arn': 'string',
            'metadata': {
                'name': 'string',
                'description': 'string',
                'logo': 'string',
                'complianceType': 'string'
            },
            'controlSets': [
                {
                    'id': 'string',
                    'description': 'string',
                    'status': 'ACTIVE'|'UNDER_REVIEW'|'REVIEWED',
                    'roles': [
                        {
                            'roleType': 'PROCESS_OWNER'|'RESOURCE_OWNER',
                            'roleArn': 'string'
                        },
                    ],
                    'controls': [
                        {
                            'id': 'string',
                            'name': 'string',
                            'description': 'string',
                            'status': 'UNDER_REVIEW'|'REVIEWED'|'INACTIVE',
                            'response': 'MANUAL'|'AUTOMATE'|'DEFER'|'IGNORE',
                            'comments': [
                                {
                                    'authorName': 'string',
                                    'commentBody': 'string',
                                    'postedDate': datetime(2015, 1, 1)
                                },
                            ],
                            'evidenceSources': [
                                'string',
                            ],
                            'evidenceCount': 123,
                            'assessmentReportEvidenceCount': 123
                        },
                    ],
                    'delegations': [
                        {
                            'id': 'string',
                            'assessmentName': 'string',
                            'assessmentId': 'string',
                            'status': 'IN_PROGRESS'|'UNDER_REVIEW'|'COMPLETE',
                            'roleArn': 'string',
                            'roleType': 'PROCESS_OWNER'|'RESOURCE_OWNER',
                            'creationTime': datetime(2015, 1, 1),
                            'lastUpdated': datetime(2015, 1, 1),
                            'controlSetId': 'string',
                            'comment': 'string',
                            'createdBy': 'string'
                        },
                    ],
                    'systemEvidenceCount': 123,
                    'manualEvidenceCount': 123
                },
            ]
        },
        'tags': {
            'string': 'string'
        }
    },
    'userRole': {
        'roleType': 'PROCESS_OWNER'|'RESOURCE_OWNER',
        'roleArn': 'string'
    }
}

Response Structure

  • (dict) --
    • assessment (dict) --

      An entity that defines the scope of audit evidence collected by Audit Manager. An Audit Manager assessment is an implementation of an Audit Manager framework.

      • arn (string) --

        The Amazon Resource Name (ARN) of the assessment.

      • awsAccount (dict) --

        The Amazon Web Services account that's associated with the assessment.

        • id (string) --

          The identifier for the Amazon Web Services account.

        • emailAddress (string) --

          The email address that's associated with the Amazon Web Services account.

        • name (string) --

          The name of the Amazon Web Services account.

      • metadata (dict) --

        The metadata for the assessment.

        • name (string) --

          The name of the assessment.

        • id (string) --

          The unique identifier for the assessment.

        • description (string) --

          The description of the assessment.

        • complianceType (string) --

          The name of the compliance standard that's related to the assessment, such as PCI-DSS.

        • status (string) --

          The overall status of the assessment.

        • assessmentReportsDestination (dict) --

          The destination that evidence reports are stored in for the assessment.

          • destinationType (string) --

            The destination type, such as Amazon S3.

          • destination (string) --

            The destination of the assessment report.

        • scope (dict) --

          The wrapper of Amazon Web Services accounts and services that are in scope for the assessment.

          • awsAccounts (list) --

            The Amazon Web Services accounts that are included in the scope of the assessment.

            • (dict) --

              The wrapper of Amazon Web Services account details, such as account ID or email address.

              • id (string) --

                The identifier for the Amazon Web Services account.

              • emailAddress (string) --

                The email address that's associated with the Amazon Web Services account.

              • name (string) --

                The name of the Amazon Web Services account.

          • awsServices (list) --

            The Amazon Web Services services that are included in the scope of the assessment.

        • roles (list) --

          The roles that are associated with the assessment.

          • (dict) --

            The wrapper that contains the Audit Manager role information of the current user. This includes the role type and IAM Amazon Resource Name (ARN).

            • roleType (string) --

              The type of customer persona.

              Note

              In CreateAssessment , roleType can only be PROCESS_OWNER .

              In UpdateSettings , roleType can only be PROCESS_OWNER .

              In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

            • roleArn (string) --

              The Amazon Resource Name (ARN) of the IAM role.

        • delegations (list) --

          The delegations that are associated with the assessment.

          • (dict) --

            The assignment of a control set to a delegate for review.

            • id (string) --

              The unique identifier for the delegation.

            • assessmentName (string) --

              The name of the assessment that's associated with the delegation.

            • assessmentId (string) --

              The identifier for the assessment that's associated with the delegation.

            • status (string) --

              The status of the delegation.

            • roleArn (string) --

              The Amazon Resource Name (ARN) of the IAM role.

            • roleType (string) --

              The type of customer persona.

              Note

              In CreateAssessment , roleType can only be PROCESS_OWNER .

              In UpdateSettings , roleType can only be PROCESS_OWNER .

              In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

            • creationTime (datetime) --

              Specifies when the delegation was created.

            • lastUpdated (datetime) --

              Specifies when the delegation was last updated.

            • controlSetId (string) --

              The identifier for the control set that's associated with the delegation.

            • comment (string) --

              The comment that's related to the delegation.

            • createdBy (string) --

              The user or role that created the delegation.

        • creationTime (datetime) --

          Specifies when the assessment was created.

        • lastUpdated (datetime) --

          The time of the most recent update.

      • framework (dict) --

        The framework that the assessment was created from.

        • id (string) --

          The unique identifier for the framework.

        • arn (string) --

          The Amazon Resource Name (ARN) of the framework.

        • metadata (dict) --

          The metadata of a framework, such as the name, ID, or description.

          • name (string) --

            The name of the framework.

          • description (string) --

            The description of the framework.

          • logo (string) --

            The logo that's associated with the framework.

          • complianceType (string) --

            The compliance standard that's associated with the framework. For example, this could be PCI DSS or HIPAA.

        • controlSets (list) --

          The control sets that are associated with the framework.

          • (dict) --

            Represents a set of controls in an Audit Manager assessment.

            • id (string) --

              The identifier of the control set in the assessment. This is the control set name in a plain string format.

            • description (string) --

              The description for the control set.

            • status (string) --

              The current status of the control set.

            • roles (list) --

              The roles that are associated with the control set.

              • (dict) --

                The wrapper that contains the Audit Manager role information of the current user. This includes the role type and IAM Amazon Resource Name (ARN).

                • roleType (string) --

                  The type of customer persona.

                  Note

                  In CreateAssessment , roleType can only be PROCESS_OWNER .

                  In UpdateSettings , roleType can only be PROCESS_OWNER .

                  In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

                • roleArn (string) --

                  The Amazon Resource Name (ARN) of the IAM role.

            • controls (list) --

              The list of controls that's contained with the control set.

              • (dict) --

                The control entity that represents a standard control or a custom control in an Audit Manager assessment.

                • id (string) --

                  The identifier for the control.

                • name (string) --

                  The name of the control.

                • description (string) --

                  The description of the control.

                • status (string) --

                  The status of the control.

                • response (string) --

                  The response of the control.

                • comments (list) --

                  The list of comments that's attached to the control.

                  • (dict) --

                    A comment that's posted by a user on a control. This includes the author's name, the comment text, and a timestamp.

                    • authorName (string) --

                      The name of the user who authored the comment.

                    • commentBody (string) --

                      The body text of a control comment.

                    • postedDate (datetime) --

                      The time when the comment was posted.

                • evidenceSources (list) --

                  The list of data sources for the evidence.

                  • (string) --
                • evidenceCount (integer) --

                  The amount of evidence that's collected for the control.

                • assessmentReportEvidenceCount (integer) --

                  The amount of evidence in the assessment report.

            • delegations (list) --

              The delegations that are associated with the control set.

              • (dict) --

                The assignment of a control set to a delegate for review.

                • id (string) --

                  The unique identifier for the delegation.

                • assessmentName (string) --

                  The name of the assessment that's associated with the delegation.

                • assessmentId (string) --

                  The identifier for the assessment that's associated with the delegation.

                • status (string) --

                  The status of the delegation.

                • roleArn (string) --

                  The Amazon Resource Name (ARN) of the IAM role.

                • roleType (string) --

                  The type of customer persona.

                  Note

                  In CreateAssessment , roleType can only be PROCESS_OWNER .

                  In UpdateSettings , roleType can only be PROCESS_OWNER .

                  In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

                • creationTime (datetime) --

                  Specifies when the delegation was created.

                • lastUpdated (datetime) --

                  Specifies when the delegation was last updated.

                • controlSetId (string) --

                  The identifier for the control set that's associated with the delegation.

                • comment (string) --

                  The comment that's related to the delegation.

                • createdBy (string) --

                  The user or role that created the delegation.

            • systemEvidenceCount (integer) --

              The total number of evidence objects that are retrieved automatically for the control set.

            • manualEvidenceCount (integer) --

              The total number of evidence objects that are uploaded manually to the control set.

      • tags (dict) --

        The tags that are associated with the assessment.

        • (string) --
          • (string) --
    • userRole (dict) --

      The wrapper that contains the Audit Manager role information of the current user. This includes the role type and IAM Amazon Resource Name (ARN).

      • roleType (string) --

        The type of customer persona.

        Note

        In CreateAssessment , roleType can only be PROCESS_OWNER .

        In UpdateSettings , roleType can only be PROCESS_OWNER .

        In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

      • roleArn (string) --

        The Amazon Resource Name (ARN) of the IAM role.

Exceptions

  • AuditManager.Client.exceptions.ResourceNotFoundException
  • AuditManager.Client.exceptions.ValidationException
  • AuditManager.Client.exceptions.AccessDeniedException
  • AuditManager.Client.exceptions.InternalServerException