2021/01/12 - AWS Audit Manager - 4 updated api methods
Changes This release introduces tag support for assessment frameworks. You can now add, remove, and get tags from existing frameworks, and specify the tags to apply when creating a custom framework.
{'tags': {'string': 'string'}}
Response {'framework': {'tags': {'string': 'string'}}}
Creates a custom framework in AWS Audit Manager.
See also: AWS API Documentation
Request Syntax
client.create_assessment_framework(
name='string',
description='string',
complianceType='string',
controlSets=[
{
'name': 'string',
'controls': [
{
'id': 'string'
},
]
},
],
tags={
'string': 'string'
}
)
string
[REQUIRED]
The name of the new custom framework.
string
An optional description for the new custom framework.
string
The compliance type that the new custom framework supports, such as CIS or HIPAA.
list
[REQUIRED]
The control sets to be associated with the framework.
(dict) --
A controlSet entity that represents a collection of controls in AWS Audit Manager. This does not contain the control set ID.
name (string) --
The name of the specified control set.
controls (list) --
The list of controls within the control set. This does not contain the control set ID.
(dict) --
Control entity attributes that uniquely identify an existing control to be added to a framework in AWS Audit Manager.
id (string) --
The unique identifier of the control.
dict
The tags associated with the framework.
(string) --
(string) --
dict
Response Syntax
{
'framework': {
'arn': 'string',
'id': 'string',
'name': 'string',
'type': 'Standard'|'Custom',
'complianceType': 'string',
'description': 'string',
'logo': 'string',
'controlSources': 'string',
'controlSets': [
{
'id': 'string',
'name': 'string',
'controls': [
{
'arn': 'string',
'id': 'string',
'type': 'Standard'|'Custom',
'name': 'string',
'description': 'string',
'testingInformation': 'string',
'actionPlanTitle': 'string',
'actionPlanInstructions': 'string',
'controlSources': 'string',
'controlMappingSources': [
{
'sourceId': 'string',
'sourceName': 'string',
'sourceDescription': 'string',
'sourceSetUpOption': 'System_Controls_Mapping'|'Procedural_Controls_Mapping',
'sourceType': 'AWS_Cloudtrail'|'AWS_Config'|'AWS_Security_Hub'|'AWS_API_Call'|'MANUAL',
'sourceKeyword': {
'keywordInputType': 'SELECT_FROM_LIST',
'keywordValue': 'string'
},
'sourceFrequency': 'DAILY'|'WEEKLY'|'MONTHLY',
'troubleshootingText': 'string'
},
],
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'createdBy': 'string',
'lastUpdatedBy': 'string',
'tags': {
'string': 'string'
}
},
]
},
],
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'createdBy': 'string',
'lastUpdatedBy': 'string',
'tags': {
'string': 'string'
}
}
}
Response Structure
(dict) --
framework (dict) --
The name of the new framework returned by the CreateAssessmentFramework API.
arn (string) --
The Amazon Resource Name (ARN) of the specified framework.
id (string) --
The unique identifier for the specified framework.
name (string) --
The name of the specified framework.
type (string) --
The framework type, such as custom or standard.
complianceType (string) --
The compliance type that the new custom framework supports, such as CIS or HIPAA.
description (string) --
The description of the specified framework.
logo (string) --
The logo associated with the framework.
controlSources (string) --
The sources from which AWS Audit Manager collects evidence for the control.
controlSets (list) --
The control sets associated with the framework.
(dict) --
A set of controls in AWS Audit Manager.
id (string) --
The identifier of the control set in the assessment. This is the control set name in a plain string format.
name (string) --
The name of the control set.
controls (list) --
The list of controls within the control set.
(dict) --
A control in AWS Audit Manager.
arn (string) --
The Amazon Resource Name (ARN) of the specified control.
id (string) --
The unique identifier for the control.
type (string) --
The type of control, such as custom or standard.
name (string) --
The name of the specified control.
description (string) --
The description of the specified control.
testingInformation (string) --
The steps to follow to determine if the control has been satisfied.
actionPlanTitle (string) --
The title of the action plan for remediating the control.
actionPlanInstructions (string) --
The recommended actions to carry out if the control is not fulfilled.
controlSources (string) --
The data source that determines from where AWS Audit Manager collects evidence for the control.
controlMappingSources (list) --
The data mapping sources for the specified control.
(dict) --
The data source that determines from where AWS Audit Manager collects evidence for the control.
sourceId (string) --
The unique identifier for the specified source.
sourceName (string) --
The name of the specified source.
sourceDescription (string) --
The description of the specified source.
sourceSetUpOption (string) --
The setup option for the data source, which reflects if the evidence collection is automated or manual.
sourceType (string) --
Specifies one of the five types of data sources for evidence collection.
sourceKeyword (dict) --
The keyword to search for in AWS CloudTrail logs.
keywordInputType (string) --
The method of input for the specified keyword.
keywordValue (string) --
The value of the keyword used to search AWS CloudTrail logs when mapping a control data source.
sourceFrequency (string) --
The frequency of evidence collection for the specified control mapping source.
troubleshootingText (string) --
The instructions for troubleshooting the specified control.
createdAt (datetime) --
Specifies when the control was created.
lastUpdatedAt (datetime) --
Specifies when the control was most recently updated.
createdBy (string) --
The IAM user or role that created the control.
lastUpdatedBy (string) --
The IAM user or role that most recently updated the control.
tags (dict) --
The tags associated with the control.
(string) --
(string) --
createdAt (datetime) --
Specifies when the framework was created.
lastUpdatedAt (datetime) --
Specifies when the framework was most recently updated.
createdBy (string) --
The IAM user or role that created the framework.
lastUpdatedBy (string) --
The IAM user or role that most recently updated the framework.
tags (dict) --
The tags associated with the framework.
(string) --
(string) --
{'framework': {'tags': {'string': 'string'}}}
Returns a framework from AWS Audit Manager.
See also: AWS API Documentation
Request Syntax
client.get_assessment_framework(
frameworkId='string'
)
string
[REQUIRED]
The identifier for the specified framework.
dict
Response Syntax
{
'framework': {
'arn': 'string',
'id': 'string',
'name': 'string',
'type': 'Standard'|'Custom',
'complianceType': 'string',
'description': 'string',
'logo': 'string',
'controlSources': 'string',
'controlSets': [
{
'id': 'string',
'name': 'string',
'controls': [
{
'arn': 'string',
'id': 'string',
'type': 'Standard'|'Custom',
'name': 'string',
'description': 'string',
'testingInformation': 'string',
'actionPlanTitle': 'string',
'actionPlanInstructions': 'string',
'controlSources': 'string',
'controlMappingSources': [
{
'sourceId': 'string',
'sourceName': 'string',
'sourceDescription': 'string',
'sourceSetUpOption': 'System_Controls_Mapping'|'Procedural_Controls_Mapping',
'sourceType': 'AWS_Cloudtrail'|'AWS_Config'|'AWS_Security_Hub'|'AWS_API_Call'|'MANUAL',
'sourceKeyword': {
'keywordInputType': 'SELECT_FROM_LIST',
'keywordValue': 'string'
},
'sourceFrequency': 'DAILY'|'WEEKLY'|'MONTHLY',
'troubleshootingText': 'string'
},
],
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'createdBy': 'string',
'lastUpdatedBy': 'string',
'tags': {
'string': 'string'
}
},
]
},
],
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'createdBy': 'string',
'lastUpdatedBy': 'string',
'tags': {
'string': 'string'
}
}
}
Response Structure
(dict) --
framework (dict) --
The framework returned by the GetAssessmentFramework API.
arn (string) --
The Amazon Resource Name (ARN) of the specified framework.
id (string) --
The unique identifier for the specified framework.
name (string) --
The name of the specified framework.
type (string) --
The framework type, such as custom or standard.
complianceType (string) --
The compliance type that the new custom framework supports, such as CIS or HIPAA.
description (string) --
The description of the specified framework.
logo (string) --
The logo associated with the framework.
controlSources (string) --
The sources from which AWS Audit Manager collects evidence for the control.
controlSets (list) --
The control sets associated with the framework.
(dict) --
A set of controls in AWS Audit Manager.
id (string) --
The identifier of the control set in the assessment. This is the control set name in a plain string format.
name (string) --
The name of the control set.
controls (list) --
The list of controls within the control set.
(dict) --
A control in AWS Audit Manager.
arn (string) --
The Amazon Resource Name (ARN) of the specified control.
id (string) --
The unique identifier for the control.
type (string) --
The type of control, such as custom or standard.
name (string) --
The name of the specified control.
description (string) --
The description of the specified control.
testingInformation (string) --
The steps to follow to determine if the control has been satisfied.
actionPlanTitle (string) --
The title of the action plan for remediating the control.
actionPlanInstructions (string) --
The recommended actions to carry out if the control is not fulfilled.
controlSources (string) --
The data source that determines from where AWS Audit Manager collects evidence for the control.
controlMappingSources (list) --
The data mapping sources for the specified control.
(dict) --
The data source that determines from where AWS Audit Manager collects evidence for the control.
sourceId (string) --
The unique identifier for the specified source.
sourceName (string) --
The name of the specified source.
sourceDescription (string) --
The description of the specified source.
sourceSetUpOption (string) --
The setup option for the data source, which reflects if the evidence collection is automated or manual.
sourceType (string) --
Specifies one of the five types of data sources for evidence collection.
sourceKeyword (dict) --
The keyword to search for in AWS CloudTrail logs.
keywordInputType (string) --
The method of input for the specified keyword.
keywordValue (string) --
The value of the keyword used to search AWS CloudTrail logs when mapping a control data source.
sourceFrequency (string) --
The frequency of evidence collection for the specified control mapping source.
troubleshootingText (string) --
The instructions for troubleshooting the specified control.
createdAt (datetime) --
Specifies when the control was created.
lastUpdatedAt (datetime) --
Specifies when the control was most recently updated.
createdBy (string) --
The IAM user or role that created the control.
lastUpdatedBy (string) --
The IAM user or role that most recently updated the control.
tags (dict) --
The tags associated with the control.
(string) --
(string) --
createdAt (datetime) --
Specifies when the framework was created.
lastUpdatedAt (datetime) --
Specifies when the framework was most recently updated.
createdBy (string) --
The IAM user or role that created the framework.
lastUpdatedBy (string) --
The IAM user or role that most recently updated the framework.
tags (dict) --
The tags associated with the framework.
(string) --
(string) --
{'frameworkMetadataList': {'arn': 'string'}}
Returns a list of the frameworks available in the AWS Audit Manager framework library.
See also: AWS API Documentation
Request Syntax
client.list_assessment_frameworks(
frameworkType='Standard'|'Custom',
nextToken='string',
maxResults=123
)
string
[REQUIRED]
The type of framework, such as standard or custom.
string
The pagination token used to fetch the next set of results.
integer
Represents the maximum number of results per page, or per API request call.
dict
Response Syntax
{
'frameworkMetadataList': [
{
'arn': 'string',
'id': 'string',
'type': 'Standard'|'Custom',
'name': 'string',
'description': 'string',
'logo': 'string',
'complianceType': 'string',
'controlsCount': 123,
'controlSetsCount': 123,
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1)
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
frameworkMetadataList (list) --
The list of metadata objects for the specified framework.
(dict) --
The metadata associated with a standard or custom framework.
arn (string) --
The Amazon Resource Name (ARN) of the framework.
id (string) --
The unique identified for the specified framework.
type (string) --
The framework type, such as standard or custom.
name (string) --
The name of the specified framework.
description (string) --
The description of the specified framework.
logo (string) --
The logo associated with the framework.
complianceType (string) --
The compliance type that the new custom framework supports, such as CIS or HIPAA.
controlsCount (integer) --
The number of controls associated with the specified framework.
controlSetsCount (integer) --
The number of control sets associated with the specified framework.
createdAt (datetime) --
Specifies when the framework was created.
lastUpdatedAt (datetime) --
Specifies when the framework was most recently updated.
nextToken (string) --
The pagination token used to fetch the next set of results.
{'framework': {'tags': {'string': 'string'}}}
Updates a custom framework in AWS Audit Manager.
See also: AWS API Documentation
Request Syntax
client.update_assessment_framework(
frameworkId='string',
name='string',
description='string',
complianceType='string',
controlSets=[
{
'id': 'string',
'name': 'string',
'controls': [
{
'id': 'string'
},
]
},
]
)
string
[REQUIRED]
The identifier for the specified framework.
string
[REQUIRED]
The name of the framework to be updated.
string
The description of the framework that is to be updated.
string
The compliance type that the new custom framework supports, such as CIS or HIPAA.
list
[REQUIRED]
The control sets associated with the framework.
(dict) --
A controlSet entity that represents a collection of controls in AWS Audit Manager. This does not contain the control set ID.
id (string) --
The unique identifier for the control set.
name (string) --
The name of the control set.
controls (list) --
The list of controls contained within the control set.
(dict) --
Control entity attributes that uniquely identify an existing control to be added to a framework in AWS Audit Manager.
id (string) --
The unique identifier of the control.
dict
Response Syntax
{
'framework': {
'arn': 'string',
'id': 'string',
'name': 'string',
'type': 'Standard'|'Custom',
'complianceType': 'string',
'description': 'string',
'logo': 'string',
'controlSources': 'string',
'controlSets': [
{
'id': 'string',
'name': 'string',
'controls': [
{
'arn': 'string',
'id': 'string',
'type': 'Standard'|'Custom',
'name': 'string',
'description': 'string',
'testingInformation': 'string',
'actionPlanTitle': 'string',
'actionPlanInstructions': 'string',
'controlSources': 'string',
'controlMappingSources': [
{
'sourceId': 'string',
'sourceName': 'string',
'sourceDescription': 'string',
'sourceSetUpOption': 'System_Controls_Mapping'|'Procedural_Controls_Mapping',
'sourceType': 'AWS_Cloudtrail'|'AWS_Config'|'AWS_Security_Hub'|'AWS_API_Call'|'MANUAL',
'sourceKeyword': {
'keywordInputType': 'SELECT_FROM_LIST',
'keywordValue': 'string'
},
'sourceFrequency': 'DAILY'|'WEEKLY'|'MONTHLY',
'troubleshootingText': 'string'
},
],
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'createdBy': 'string',
'lastUpdatedBy': 'string',
'tags': {
'string': 'string'
}
},
]
},
],
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'createdBy': 'string',
'lastUpdatedBy': 'string',
'tags': {
'string': 'string'
}
}
}
Response Structure
(dict) --
framework (dict) --
The name of the specified framework.
arn (string) --
The Amazon Resource Name (ARN) of the specified framework.
id (string) --
The unique identifier for the specified framework.
name (string) --
The name of the specified framework.
type (string) --
The framework type, such as custom or standard.
complianceType (string) --
The compliance type that the new custom framework supports, such as CIS or HIPAA.
description (string) --
The description of the specified framework.
logo (string) --
The logo associated with the framework.
controlSources (string) --
The sources from which AWS Audit Manager collects evidence for the control.
controlSets (list) --
The control sets associated with the framework.
(dict) --
A set of controls in AWS Audit Manager.
id (string) --
The identifier of the control set in the assessment. This is the control set name in a plain string format.
name (string) --
The name of the control set.
controls (list) --
The list of controls within the control set.
(dict) --
A control in AWS Audit Manager.
arn (string) --
The Amazon Resource Name (ARN) of the specified control.
id (string) --
The unique identifier for the control.
type (string) --
The type of control, such as custom or standard.
name (string) --
The name of the specified control.
description (string) --
The description of the specified control.
testingInformation (string) --
The steps to follow to determine if the control has been satisfied.
actionPlanTitle (string) --
The title of the action plan for remediating the control.
actionPlanInstructions (string) --
The recommended actions to carry out if the control is not fulfilled.
controlSources (string) --
The data source that determines from where AWS Audit Manager collects evidence for the control.
controlMappingSources (list) --
The data mapping sources for the specified control.
(dict) --
The data source that determines from where AWS Audit Manager collects evidence for the control.
sourceId (string) --
The unique identifier for the specified source.
sourceName (string) --
The name of the specified source.
sourceDescription (string) --
The description of the specified source.
sourceSetUpOption (string) --
The setup option for the data source, which reflects if the evidence collection is automated or manual.
sourceType (string) --
Specifies one of the five types of data sources for evidence collection.
sourceKeyword (dict) --
The keyword to search for in AWS CloudTrail logs.
keywordInputType (string) --
The method of input for the specified keyword.
keywordValue (string) --
The value of the keyword used to search AWS CloudTrail logs when mapping a control data source.
sourceFrequency (string) --
The frequency of evidence collection for the specified control mapping source.
troubleshootingText (string) --
The instructions for troubleshooting the specified control.
createdAt (datetime) --
Specifies when the control was created.
lastUpdatedAt (datetime) --
Specifies when the control was most recently updated.
createdBy (string) --
The IAM user or role that created the control.
lastUpdatedBy (string) --
The IAM user or role that most recently updated the control.
tags (dict) --
The tags associated with the control.
(string) --
(string) --
createdAt (datetime) --
Specifies when the framework was created.
lastUpdatedAt (datetime) --
Specifies when the framework was most recently updated.
createdBy (string) --
The IAM user or role that created the framework.
lastUpdatedBy (string) --
The IAM user or role that most recently updated the framework.
tags (dict) --
The tags associated with the framework.
(string) --
(string) --