ControlTower / Client / update_enabled_control

update_enabled_control#

ControlTower.Client.update_enabled_control(**kwargs)#

Updates the configuration of an already enabled control.

If the enabled control shows an EnablementStatus of SUCCEEDED, supply parameters that are different from the currently configured parameters. Otherwise, Amazon Web Services Control Tower will not accept the request.

If the enabled control shows an EnablementStatus of FAILED, Amazon Web Services Control Tower updates the control to match any valid parameters that you supply.

If the DriftSummary status for the control shows as DRIFTED, you cannot call this API. Instead, you can update the control by calling the ResetEnabledControl API. Alternatively, you can call DisableControl and then call EnableControl again. Also, you can run an extending governance operation to repair drift. For usage examples, see the Controls Reference Guide.

See also: AWS API Documentation

Request Syntax

response = client.update_enabled_control(
    enabledControlIdentifier='string',
    parameters=[
        {
            'key': 'string',
            'value': {...}|[...]|123|123.4|'string'|True|None
        },
    ]
)
Parameters:

  • enabledControlIdentifier (string) –

    [REQUIRED]

    The ARN of the enabled control that will be updated.

  • parameters (list) –

    [REQUIRED]

    A key/value pair, where Key is of type String and Value is of type Document.

    • (dict) –

      A key/value pair, where Key is of type String and Value is of type Document.

      • key (string) – [REQUIRED]

        The key of a key/value pair.

      • value (document) – [REQUIRED]

        The value of a key/value pair.

Return type:

dict

Returns:

Response Syntax

{
    'operationIdentifier': 'string'
}

Response Structure

  • (dict) –

    • operationIdentifier (string) –

      The operation identifier for this UpdateEnabledControl operation.

Exceptions