SecurityHub / Client / batch_get_standards_control_associations
batch_get_standards_control_associations#
- SecurityHub.Client.batch_get_standards_control_associations(**kwargs)#
For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard.
See also: AWS API Documentation
Request Syntax
response = client.batch_get_standards_control_associations( StandardsControlAssociationIds=[ { 'SecurityControlId': 'string', 'StandardsArn': 'string' }, ] )
- Parameters:
StandardsControlAssociationIds (list) –
[REQUIRED]
An array with one or more objects that includes a security control (identified with
SecurityControlId
,SecurityControlArn
, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. This field is used to query the enablement status of a control in a specified standard. The security control ID or ARN is the same across standards.(dict) –
An array with one or more objects that includes a security control (identified with
SecurityControlId
,SecurityControlArn
, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. The security control ID or ARN is the same across standards.SecurityControlId (string) – [REQUIRED]
The unique identifier (identified with
SecurityControlId
,SecurityControlArn
, or a mix of both parameters) of a security control across standards.StandardsArn (string) – [REQUIRED]
The ARN of a standard.
- Return type:
dict
- Returns:
Response Syntax
{ 'StandardsControlAssociationDetails': [ { 'StandardsArn': 'string', 'SecurityControlId': 'string', 'SecurityControlArn': 'string', 'AssociationStatus': 'ENABLED'|'DISABLED', 'RelatedRequirements': [ 'string', ], 'UpdatedAt': datetime(2015, 1, 1), 'UpdatedReason': 'string', 'StandardsControlTitle': 'string', 'StandardsControlDescription': 'string', 'StandardsControlArns': [ 'string', ] }, ], 'UnprocessedAssociations': [ { 'StandardsControlAssociationId': { 'SecurityControlId': 'string', 'StandardsArn': 'string' }, 'ErrorCode': 'INVALID_INPUT'|'ACCESS_DENIED'|'NOT_FOUND'|'LIMIT_EXCEEDED', 'ErrorReason': 'string' }, ] }
Response Structure
(dict) –
StandardsControlAssociationDetails (list) –
Provides the enablement status of a security control in a specified standard and other details for the control in relation to the specified standard.
(dict) –
Provides details about a control’s enablement status in a specified standard.
StandardsArn (string) –
The Amazon Resource Name (ARN) of a security standard.
SecurityControlId (string) –
The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Services service name and a number, such as APIGateway.3.
SecurityControlArn (string) –
The ARN of a security control across standards, such as
arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1
. This parameter doesn’t mention a specific standard.AssociationStatus (string) –
Specifies whether a control is enabled or disabled in a specified standard.
RelatedRequirements (list) –
The requirement that underlies a control in the compliance framework related to the standard.
(string) –
UpdatedAt (datetime) –
The time at which the enablement status of the control in the specified standard was last updated.
UpdatedReason (string) –
The reason for updating the enablement status of a control in a specified standard.
StandardsControlTitle (string) –
The title of a control. This field may reference a specific standard.
StandardsControlDescription (string) –
The description of a control. This typically summarizes how Security Hub evaluates the control and the conditions under which it produces a failed finding. This parameter may reference a specific standard.
StandardsControlArns (list) –
Provides the input parameter that Security Hub uses to call the UpdateStandardsControl API. This API can be used to enable or disable a control in a specified standard.
(string) –
UnprocessedAssociations (list) –
A security control (identified with
SecurityControlId
,SecurityControlArn
, or a mix of both parameters) whose enablement status in a specified standard cannot be returned.(dict) –
Provides details about which control’s enablement status couldn’t be retrieved in a specified standard when calling BatchUpdateStandardsControlAssociations. This parameter also provides details about why the request was unprocessed.
StandardsControlAssociationId (dict) –
An array with one or more objects that includes a security control (identified with
SecurityControlId
,SecurityControlArn
, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. This parameter shows the specific controls for which the enablement status couldn’t be retrieved in specified standards when calling BatchUpdateStandardsControlAssociations.SecurityControlId (string) –
The unique identifier (identified with
SecurityControlId
,SecurityControlArn
, or a mix of both parameters) of a security control across standards.StandardsArn (string) –
The ARN of a standard.
ErrorCode (string) –
The error code for the unprocessed standard and control association.
ErrorReason (string) –
The reason why the standard and control association was unprocessed.
Exceptions
SecurityHub.Client.exceptions.InternalException
SecurityHub.Client.exceptions.LimitExceededException
SecurityHub.Client.exceptions.InvalidAccessException
SecurityHub.Client.exceptions.InvalidInputException