list_enabled_controls

ControlTower.Client.list_enabled_controls(**kwargs)

Lists the controls enabled by AWS Control Tower on the specified organizational unit and the accounts it contains.

See also: AWS API Documentation

Request Syntax

response = client.list_enabled_controls(
    maxResults=123,
    nextToken='string',
    targetIdentifier='string'
)
Parameters
  • maxResults (integer) -- How many results to return per API call.
  • nextToken (string) -- The token to continue the list from a previous API call with the same parameters.
  • targetIdentifier (string) --

    [REQUIRED]

    The ARN of the organizational unit.

Return type

dict

Returns

Response Syntax

{
    'enabledControls': [
        {
            'controlIdentifier': 'string'
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • enabledControls (list) --

      Lists the controls enabled by AWS Control Tower on the specified organizational unit and the accounts it contains.

      • (dict) --

        A summary of enabled controls.

        • controlIdentifier (string) --

          The ARN of the control. Only Strongly recommended and Elective controls are permitted, with the exception of the Region deny guardrail.

    • nextToken (string) --

      Retrieves the next page of results. If the string is empty, the current response is the end of the results.

Exceptions

  • ControlTower.Client.exceptions.ValidationException
  • ControlTower.Client.exceptions.InternalServerException
  • ControlTower.Client.exceptions.AccessDeniedException
  • ControlTower.Client.exceptions.ThrottlingException
  • ControlTower.Client.exceptions.ResourceNotFoundException