awscc.auditmanager_assessment¶
Filters¶
event
reduce
value
Actions¶
delete¶
Parent base class for filters and actions.
properties:
type:
enum:
- delete
required:
- type
Permissions - auditmanager:DeleteAssessment
update¶
Parent base class for filters and actions.
definitions:
AWSAccount:
additionalProperties: false
description: The AWS account associated with the assessment.
properties:
EmailAddress:
description: The unique identifier for the email account.
maxLength: 320
minLength: 1
pattern: ^.*@.*$
type: string
Id:
description: The identifier for the specified AWS account.
maxLength: 12
minLength: 12
pattern: ^[0-9]{12}$
type: string
Name:
description: The name of the specified AWS account.
maxLength: 50
minLength: 1
pattern: ^[\u0020-\u007E]+$
type: string
type: object
AWSService:
additionalProperties: false
description: An AWS service such as Amazon S3, AWS CloudTrail, and so on.
properties:
ServiceName:
description: The name of the AWS service.
type: string
type: object
AWSServiceName:
description: The name of the AWS service.
type: string
AccountId:
description: The identifier for the specified AWS account.
maxLength: 12
minLength: 12
pattern: ^[0-9]{12}$
type: string
AccountName:
description: The name of the specified AWS account.
maxLength: 50
minLength: 1
pattern: ^[\u0020-\u007E]+$
type: string
AssessmentArn:
description: The Amazon Resource Name (ARN) of the assessment.
maxLength: 2048
minLength: 20
pattern: ^arn:.*:auditmanager:.*
type: string
AssessmentDescription:
description: The description of the specified assessment.
type: string
AssessmentName:
description: The name of the related assessment.
maxLength: 127
minLength: 1
pattern: ^[a-zA-Z0-9-_\.]+$
type: string
AssessmentReportDestinationType:
description: The destination type, such as Amazon S3.
enum:
- S3
type: string
AssessmentReportsDestination:
additionalProperties: false
description: The destination in which evidence reports are stored for the specified
assessment.
properties:
Destination:
description: The URL of the specified Amazon S3 bucket.
type: string
DestinationType:
description: The destination type, such as Amazon S3.
enum:
- S3
type: string
type: object
AssessmentStatus:
description: 'The status of the specified assessment. '
enum:
- ACTIVE
- INACTIVE
type: string
ControlSetId:
description: The identifier for the specified control set.
maxLength: 300
minLength: 1
pattern: ^[\w\W\s\S]*$
type: string
CreatedBy:
description: The IAM user or role that performed the action.
maxLength: 100
minLength: 1
pattern: ^[a-zA-Z0-9-_()\[\]\s]+$
type: string
Delegation:
additionalProperties: false
description: The assignment of a control set to a delegate for review.
properties:
AssessmentId:
maxLength: 36
minLength: 36
pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$
type: string
AssessmentName:
description: The name of the related assessment.
maxLength: 127
minLength: 1
pattern: ^[a-zA-Z0-9-_\.]+$
type: string
Comment:
description: The comment related to the delegation.
maxLength: 350
pattern: ^[\w\W\s\S]*$
type: string
ControlSetId:
description: The identifier for the specified control set.
maxLength: 300
minLength: 1
pattern: ^[\w\W\s\S]*$
type: string
CreatedBy:
description: The IAM user or role that performed the action.
maxLength: 100
minLength: 1
pattern: ^[a-zA-Z0-9-_()\[\]\s]+$
type: string
CreationTime:
description: The sequence of characters that identifies when the event occurred.
type: number
Id:
maxLength: 36
minLength: 36
pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$
type: string
LastUpdated:
description: The sequence of characters that identifies when the event occurred.
type: number
RoleArn:
description: The Amazon Resource Name (ARN) of the IAM user or role.
maxLength: 2048
minLength: 20
pattern: ^arn:.*:iam:.*
type: string
RoleType:
description: ' The IAM role type.'
enum:
- PROCESS_OWNER
- RESOURCE_OWNER
type: string
Status:
description: The status of the delegation.
enum:
- IN_PROGRESS
- UNDER_REVIEW
- COMPLETE
type: string
type: object
DelegationComment:
description: The comment related to the delegation.
maxLength: 350
pattern: ^[\w\W\s\S]*$
type: string
DelegationStatus:
description: The status of the delegation.
enum:
- IN_PROGRESS
- UNDER_REVIEW
- COMPLETE
type: string
EmailAddress:
description: The unique identifier for the email account.
maxLength: 320
minLength: 1
pattern: ^.*@.*$
type: string
FrameworkId:
description: The identifier for the specified framework.
maxLength: 36
minLength: 32
pattern: ^([a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}|.*\S.*)$
type: string
IamArn:
description: The Amazon Resource Name (ARN) of the IAM user or role.
maxLength: 2048
minLength: 20
pattern: ^arn:.*:iam:.*
type: string
Role:
additionalProperties: false
description: The wrapper that contains AWS Audit Manager role information, such
as the role type and IAM ARN.
properties:
RoleArn:
description: The Amazon Resource Name (ARN) of the IAM user or role.
maxLength: 2048
minLength: 20
pattern: ^arn:.*:iam:.*
type: string
RoleType:
description: ' The IAM role type.'
enum:
- PROCESS_OWNER
- RESOURCE_OWNER
type: string
type: object
RoleType:
description: ' The IAM role type.'
enum:
- PROCESS_OWNER
- RESOURCE_OWNER
type: string
S3Url:
description: The URL of the specified Amazon S3 bucket.
type: string
Scope:
additionalProperties: false
description: The wrapper that contains the AWS accounts and AWS services in scope
for the assessment.
properties:
AwsAccounts:
description: The AWS accounts included in scope.
items:
additionalProperties: false
description: The AWS account associated with the assessment.
properties:
EmailAddress:
description: The unique identifier for the email account.
maxLength: 320
minLength: 1
pattern: ^.*@.*$
type: string
Id:
description: The identifier for the specified AWS account.
maxLength: 12
minLength: 12
pattern: ^[0-9]{12}$
type: string
Name:
description: The name of the specified AWS account.
maxLength: 50
minLength: 1
pattern: ^[\u0020-\u007E]+$
type: string
type: object
type: array
AwsServices:
description: The AWS services included in scope.
items:
additionalProperties: false
description: An AWS service such as Amazon S3, AWS CloudTrail, and so on.
properties:
ServiceName:
description: The name of the AWS service.
type: string
type: object
type: array
type: object
Tag:
additionalProperties: false
description: A key-value pair to associate with a resource.
properties:
Key:
description: 'The key name of the tag. You can specify a value that is 1 to
127 Unicode characters in length and cannot be prefixed with aws:. You can
use any of the following characters: the set of Unicode letters, digits,
whitespace, _, ., /, =, +, and -. '
maxLength: 128
minLength: 1
type: string
Value:
description: 'The value for the tag. You can specify a value that is 1 to
255 Unicode characters in length and cannot be prefixed with aws:. You can
use any of the following characters: the set of Unicode letters, digits,
whitespace, _, ., /, =, +, and -. '
maxLength: 256
minLength: 0
type: string
required:
- Key
- Value
type: object
Timestamp:
description: The sequence of characters that identifies when the event occurred.
type: number
UUID:
maxLength: 36
minLength: 36
pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$
type: string
properties:
AssessmentReportsDestination:
additionalProperties: false
description: The destination in which evidence reports are stored for the specified
assessment.
properties:
Destination:
description: The URL of the specified Amazon S3 bucket.
type: string
DestinationType:
description: The destination type, such as Amazon S3.
enum:
- S3
type: string
type: object
Description:
description: The description of the specified assessment.
type: string
Name:
description: The name of the related assessment.
maxLength: 127
minLength: 1
pattern: ^[a-zA-Z0-9-_\.]+$
type: string
Roles:
description: The list of roles for the specified assessment.
items:
additionalProperties: false
description: The wrapper that contains AWS Audit Manager role information, such
as the role type and IAM ARN.
properties:
RoleArn:
description: The Amazon Resource Name (ARN) of the IAM user or role.
maxLength: 2048
minLength: 20
pattern: ^arn:.*:iam:.*
type: string
RoleType:
description: ' The IAM role type.'
enum:
- PROCESS_OWNER
- RESOURCE_OWNER
type: string
type: object
type: array
Scope:
additionalProperties: false
description: The wrapper that contains the AWS accounts and AWS services in scope
for the assessment.
properties:
AwsAccounts:
description: The AWS accounts included in scope.
items:
additionalProperties: false
description: The AWS account associated with the assessment.
properties:
EmailAddress:
description: The unique identifier for the email account.
maxLength: 320
minLength: 1
pattern: ^.*@.*$
type: string
Id:
description: The identifier for the specified AWS account.
maxLength: 12
minLength: 12
pattern: ^[0-9]{12}$
type: string
Name:
description: The name of the specified AWS account.
maxLength: 50
minLength: 1
pattern: ^[\u0020-\u007E]+$
type: string
type: object
type: array
AwsServices:
description: The AWS services included in scope.
items:
additionalProperties: false
description: An AWS service such as Amazon S3, AWS CloudTrail, and so on.
properties:
ServiceName:
description: The name of the AWS service.
type: string
type: object
type: array
type: object
Status:
description: 'The status of the specified assessment. '
enum:
- ACTIVE
- INACTIVE
type: string
Tags:
description: The tags associated with the assessment.
items:
additionalProperties: false
description: A key-value pair to associate with a resource.
properties:
Key:
description: 'The key name of the tag. You can specify a value that is 1
to 127 Unicode characters in length and cannot be prefixed with aws:.
You can use any of the following characters: the set of Unicode letters,
digits, whitespace, _, ., /, =, +, and -. '
maxLength: 128
minLength: 1
type: string
Value:
description: 'The value for the tag. You can specify a value that is 1 to
255 Unicode characters in length and cannot be prefixed with aws:. You
can use any of the following characters: the set of Unicode letters, digits,
whitespace, _, ., /, =, +, and -. '
maxLength: 256
minLength: 0
type: string
required:
- Key
- Value
type: object
type: array
type:
enum:
- update
Permissions - auditmanager:UpdateAssessment, auditmanager:UpdateAssessmentStatus