AuditManager.Client.
get_settings
(**kwargs)¶Returns the settings for the specified Amazon Web Services account.
See also: AWS API Documentation
Request Syntax
response = client.get_settings(
attribute='ALL'|'IS_AWS_ORG_ENABLED'|'SNS_TOPIC'|'DEFAULT_ASSESSMENT_REPORTS_DESTINATION'|'DEFAULT_PROCESS_OWNERS'|'EVIDENCE_FINDER_ENABLEMENT'|'DEREGISTRATION_POLICY'
)
[REQUIRED]
The list of setting attribute enum values.
{
'settings': {
'isAwsOrgEnabled': True|False,
'snsTopic': 'string',
'defaultAssessmentReportsDestination': {
'destinationType': 'S3',
'destination': 'string'
},
'defaultProcessOwners': [
{
'roleType': 'PROCESS_OWNER'|'RESOURCE_OWNER',
'roleArn': 'string'
},
],
'kmsKey': 'string',
'evidenceFinderEnablement': {
'eventDataStoreArn': 'string',
'enablementStatus': 'ENABLED'|'DISABLED'|'ENABLE_IN_PROGRESS'|'DISABLE_IN_PROGRESS',
'backfillStatus': 'NOT_STARTED'|'IN_PROGRESS'|'COMPLETED',
'error': 'string'
},
'deregistrationPolicy': {
'deleteResources': 'ALL'|'DEFAULT'
}
}
}
Response Structure
The settings object that holds all supported Audit Manager settings.
Specifies whether Organizations is enabled.
The designated Amazon Simple Notification Service (Amazon SNS) topic.
The default storage destination for assessment reports.
The destination type, such as Amazon S3.
The destination of the assessment report.
The designated default audit owners.
The wrapper that contains the Audit Manager role information of the current user. This includes the role type and IAM Amazon Resource Name (ARN).
The type of customer persona.
Note
In CreateAssessment
, roleType
can only be PROCESS_OWNER
.
In UpdateSettings
, roleType
can only be PROCESS_OWNER
.
In BatchCreateDelegationByAssessment
, roleType
can only be RESOURCE_OWNER
.
The Amazon Resource Name (ARN) of the IAM role.
The KMS key details.
The current evidence finder status and event data store details.
The Amazon Resource Name (ARN) of the CloudTrail Lake event data store that’s used by evidence finder. The event data store is the lake of evidence data that evidence finder runs queries against.
The current status of the evidence finder feature and the related event data store.
ENABLE_IN_PROGRESS
means that you requested to enable evidence finder. An event data store is currently being created to support evidence finder queries.ENABLED
means that an event data store was successfully created and evidence finder is enabled. We recommend that you wait 7 days until the event data store is backfilled with your past two years’ worth of evidence data. You can use evidence finder in the meantime, but not all data might be available until the backfill is complete.DISABLE_IN_PROGRESS
means that you requested to disable evidence finder, and your request is pending the deletion of the event data store.DISABLED
means that you have permanently disabled evidence finder and the event data store has been deleted. You can't re-enable evidence finder after this point.The current status of the evidence data backfill process.
The backfill starts after you enable evidence finder. During this task, Audit Manager populates an event data store with your past two years’ worth of evidence data so that your evidence can be queried.
NOT_STARTED
means that the backfill hasn’t started yet.IN_PROGRESS
means that the backfill is in progress. This can take up to 7 days to complete, depending on the amount of evidence data.COMPLETED
means that the backfill is complete. All of your past evidence is now queryable.Represents any errors that occurred when enabling or disabling evidence finder.
The deregistration policy for your Audit Manager data. You can use this attribute to determine how your data is handled when you deregister Audit Manager.
Specifies which Audit Manager data will be deleted when you deregister Audit Manager.
ALL
, all of your data is deleted within seven days of deregistration.DEFAULT
, none of your data is deleted at the time of deregistration. However, keep in mind that the Audit Manager data retention policy still applies. As a result, any evidence data will be deleted two years after its creation date. Your other Audit Manager resources will continue to exist indefinitely.Exceptions
AuditManager.Client.exceptions.AccessDeniedException
AuditManager.Client.exceptions.InternalServerException