[ aws . auditmanager ]
Create a batch of delegations for a specified assessment in AWS Audit Manager.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
batch-create-delegation-by-assessment
--create-delegation-requests <value>
--assessment-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--create-delegation-requests
(list)
The API request to batch create delegations in AWS Audit Manager.
(structure)
A collection of attributes used to create a delegation for an assessment in AWS Audit Manager.
comment -> (string)
A comment related to the delegation request.
controlSetId -> (string)
The unique identifier for the control set.
roleArn -> (string)
The Amazon Resource Name (ARN) of the IAM role.
roleType -> (string)
The type of customer persona.
Note
In
CreateAssessment
,roleType
can only bePROCESS_OWNER
.In
UpdateSettings
,roleType
can only bePROCESS_OWNER
.In
BatchCreateDelegationByAssessment
,roleType
can only beRESOURCE_OWNER
.
Shorthand Syntax:
comment=string,controlSetId=string,roleArn=string,roleType=string ...
JSON Syntax:
[
{
"comment": "string",
"controlSetId": "string",
"roleArn": "string",
"roleType": "PROCESS_OWNER"|"RESOURCE_OWNER"
}
...
]
--assessment-id
(string)
The identifier for the specified assessment.
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
delegations -> (list)
The delegations associated with the assessment.
(structure)
The assignment of a control set to a delegate for review.
id -> (string)
The unique identifier for the delegation.
assessmentName -> (string)
The name of the associated assessment.
assessmentId -> (string)
The identifier for the associated assessment.
status -> (string)
The status of the delegation.
roleArn -> (string)
The Amazon Resource Name (ARN) of the IAM role.
roleType -> (string)
The type of customer persona.
Note
In
CreateAssessment
,roleType
can only bePROCESS_OWNER
.In
UpdateSettings
,roleType
can only bePROCESS_OWNER
.In
BatchCreateDelegationByAssessment
,roleType
can only beRESOURCE_OWNER
.creationTime -> (timestamp)
Specifies when the delegation was created.
lastUpdated -> (timestamp)
Specifies when the delegation was last updated.
controlSetId -> (string)
The identifier for the associated control set.
comment -> (string)
The comment related to the delegation.
createdBy -> (string)
The IAM user or role that created the delegation.
errors -> (list)
A list of errors returned by the
BatchCreateDelegationByAssessment
API.(structure)
An error entity for the
BatchCreateDelegationByAssessment
API. This is used to provide more meaningful errors than a simple string message.createDelegationRequest -> (structure)
The API request to batch create delegations in AWS Audit Manager.
comment -> (string)
A comment related to the delegation request.
controlSetId -> (string)
The unique identifier for the control set.
roleArn -> (string)
The Amazon Resource Name (ARN) of the IAM role.
roleType -> (string)
The type of customer persona.
Note
In
CreateAssessment
,roleType
can only bePROCESS_OWNER
.In
UpdateSettings
,roleType
can only bePROCESS_OWNER
.In
BatchCreateDelegationByAssessment
,roleType
can only beRESOURCE_OWNER
.errorCode -> (string)
The error code returned by the
BatchCreateDelegationByAssessment
API.errorMessage -> (string)
The error message returned by the
BatchCreateDelegationByAssessment
API.