batch_get_standards_control_associations
(**kwargs)¶For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard.
See also: AWS API Documentation
Request Syntax
response = client.batch_get_standards_control_associations(
StandardsControlAssociationIds=[
{
'SecurityControlId': 'string',
'StandardsArn': 'string'
},
]
)
[REQUIRED]
An array with one or more objects that includes a security control (identified with SecurityControlId
, SecurityControlArn
, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. This field is used to query the enablement status of a control in a specified standard. The security control ID or ARN is the same across standards.
An array with one or more objects that includes a security control (identified with SecurityControlId
, SecurityControlArn
, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. The security control ID or ARN is the same across standards.
The unique identifier (identified with SecurityControlId
, SecurityControlArn
, or a mix of both parameters) of a security control across standards.
The ARN of a standard.
{
'StandardsControlAssociationDetails': [
{
'StandardsArn': 'string',
'SecurityControlId': 'string',
'SecurityControlArn': 'string',
'AssociationStatus': 'ENABLED'|'DISABLED',
'RelatedRequirements': [
'string',
],
'UpdatedAt': datetime(2015, 1, 1),
'UpdatedReason': 'string',
'StandardsControlTitle': 'string',
'StandardsControlDescription': 'string',
'StandardsControlArns': [
'string',
]
},
],
'UnprocessedAssociations': [
{
'StandardsControlAssociationId': {
'SecurityControlId': 'string',
'StandardsArn': 'string'
},
'ErrorCode': 'INVALID_INPUT'|'ACCESS_DENIED'|'NOT_FOUND'|'LIMIT_EXCEEDED',
'ErrorReason': 'string'
},
]
}
Response Structure
Provides the enablement status of a security control in a specified standard and other details for the control in relation to the specified standard.
Provides details about a control's enablement status in a specified standard.
The Amazon Resource Name (ARN) of a security standard.
The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Service name and a number, such as APIGateway.3.
The ARN of a security control across standards, such as arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn't mention a specific standard.
Specifies whether a control is enabled or disabled in a specified standard.
The requirement that underlies a control in the compliance framework related to the standard.
The time at which the enablement status of the control in the specified standard was last updated.
The reason for updating the enablement status of a control in a specified standard.
The title of a control. This field may reference a specific standard.
The description of a control. This typically summarizes how Security Hub evaluates the control and the conditions under which it produces a failed finding. This parameter may reference a specific standard.
Provides the input parameter that Security Hub uses to call the UpdateStandardsControl API. This API can be used to enable or disable a control in a specified standard.
A security control (identified with SecurityControlId
, SecurityControlArn
, or a mix of both parameters) whose enablement status in a specified standard cannot be returned.
Provides details about which control's enablement status couldn't be retrieved in a specified standard when calling BatchUpdateStandardsControlAssociations. This parameter also provides details about why the request was unprocessed.
An array with one or more objects that includes a security control (identified with SecurityControlId
, SecurityControlArn
, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. This parameter shows the specific controls for which the enablement status couldn't be retrieved in specified standards when calling BatchUpdateStandardsControlAssociations.
The unique identifier (identified with SecurityControlId
, SecurityControlArn
, or a mix of both parameters) of a security control across standards.
The ARN of a standard.
The error code for the unprocessed standard and control association.
The reason why the standard and control association was unprocessed.
Exceptions
SecurityHub.Client.exceptions.InternalException
SecurityHub.Client.exceptions.LimitExceededException
SecurityHub.Client.exceptions.InvalidAccessException
SecurityHub.Client.exceptions.InvalidInputException