AuditManager / Client / batch_create_delegation_by_assessment

batch_create_delegation_by_assessment#

AuditManager.Client.batch_create_delegation_by_assessment(**kwargs)#

Creates a batch of delegations for an assessment in Audit Manager.

See also: AWS API Documentation

Request Syntax

response = client.batch_create_delegation_by_assessment(
    createDelegationRequests=[
        {
            'comment': 'string',
            'controlSetId': 'string',
            'roleArn': 'string',
            'roleType': 'PROCESS_OWNER'|'RESOURCE_OWNER'
        },
    ],
    assessmentId='string'
)
Parameters:

  • createDelegationRequests (list) –

    [REQUIRED]

    The API request to batch create delegations in Audit Manager.

    • (dict) –

      A collection of attributes that’s used to create a delegation for an assessment in Audit Manager.

      • comment (string) –

        A comment that’s related to the delegation request.

      • controlSetId (string) –

        The unique identifier for the control set.

      • roleArn (string) –

        The Amazon Resource Name (ARN) of the IAM role.

      • roleType (string) –

        The type of customer persona.

        Note

        In CreateAssessment, roleType can only be PROCESS_OWNER.

        In UpdateSettings, roleType can only be PROCESS_OWNER.

        In BatchCreateDelegationByAssessment, roleType can only be RESOURCE_OWNER.

  • assessmentId (string) –

    [REQUIRED]

    The identifier for the assessment.

Return type:

dict

Returns:

Response Syntax

{
    'delegations': [
        {
            'id': 'string',
            'assessmentName': 'string',
            'assessmentId': 'string',
            'status': 'IN_PROGRESS'|'UNDER_REVIEW'|'COMPLETE',
            'roleArn': 'string',
            'roleType': 'PROCESS_OWNER'|'RESOURCE_OWNER',
            'creationTime': datetime(2015, 1, 1),
            'lastUpdated': datetime(2015, 1, 1),
            'controlSetId': 'string',
            'comment': 'string',
            'createdBy': 'string'
        },
    ],
    'errors': [
        {
            'createDelegationRequest': {
                'comment': 'string',
                'controlSetId': 'string',
                'roleArn': 'string',
                'roleType': 'PROCESS_OWNER'|'RESOURCE_OWNER'
            },
            'errorCode': 'string',
            'errorMessage': 'string'
        },
    ]
}

Response Structure

  • (dict) –

    • delegations (list) –

      The delegations that are associated with the assessment.

      • (dict) –

        The assignment of a control set to a delegate for review.

        • id (string) –

          The unique identifier for the delegation.

        • assessmentName (string) –

          The name of the assessment that’s associated with the delegation.

        • assessmentId (string) –

          The identifier for the assessment that’s associated with the delegation.

        • status (string) –

          The status of the delegation.

        • roleArn (string) –

          The Amazon Resource Name (ARN) of the IAM role.

        • roleType (string) –

          The type of customer persona.

          Note

          In CreateAssessment, roleType can only be PROCESS_OWNER.

          In UpdateSettings, roleType can only be PROCESS_OWNER.

          In BatchCreateDelegationByAssessment, roleType can only be RESOURCE_OWNER.

        • creationTime (datetime) –

          Specifies when the delegation was created.

        • lastUpdated (datetime) –

          Specifies when the delegation was last updated.

        • controlSetId (string) –

          The identifier for the control set that’s associated with the delegation.

        • comment (string) –

          The comment that’s related to the delegation.

        • createdBy (string) –

          The user or role that created the delegation.

    • errors (list) –

      A list of errors that the BatchCreateDelegationByAssessment API returned.

      • (dict) –

        An error entity for the BatchCreateDelegationByAssessment API. This is used to provide more meaningful errors than a simple string message.

        • createDelegationRequest (dict) –

          The API request to batch create delegations in Audit Manager.

          • comment (string) –

            A comment that’s related to the delegation request.

          • controlSetId (string) –

            The unique identifier for the control set.

          • roleArn (string) –

            The Amazon Resource Name (ARN) of the IAM role.

          • roleType (string) –

            The type of customer persona.

            Note

            In CreateAssessment, roleType can only be PROCESS_OWNER.

            In UpdateSettings, roleType can only be PROCESS_OWNER.

            In BatchCreateDelegationByAssessment, roleType can only be RESOURCE_OWNER.

        • errorCode (string) –

          The error code that the BatchCreateDelegationByAssessment API returned.

        • errorMessage (string) –

          The error message that the BatchCreateDelegationByAssessment API returned.

Exceptions

  • AuditManager.Client.exceptions.ResourceNotFoundException

  • AuditManager.Client.exceptions.AccessDeniedException

  • AuditManager.Client.exceptions.ValidationException

  • AuditManager.Client.exceptions.InternalServerException