AWS CLI Command Reference

[ aws . auditmanager ]

get-assessment

Description

Returns an assessment from AWS Audit Manager.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  get-assessment
--assessment-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--assessment-id (string)

The identifier for the specified assessment.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Output

assessment -> (structure)

An entity that defines the scope of audit evidence collected by AWS Audit Manager. An AWS Audit Manager assessment is an implementation of an AWS Audit Manager framework.

arn -> (string)

The Amazon Resource Name (ARN) of the assessment.

awsAccount -> (structure)

The AWS account associated with the assessment.

id -> (string)

The identifier for the specified AWS account.

emailAddress -> (string)

The email address associated with the specified AWS account.

name -> (string)

The name of the specified AWS account.

metadata -> (structure)

The metadata for the specified assessment.

name -> (string)

The name of the assessment.

id -> (string)

The unique identifier for the assessment.

description -> (string)

The description of the assessment.

complianceType -> (string)

The name of a compliance standard related to the assessment, such as PCI-DSS.

status -> (string)

The overall status of the assessment.

assessmentReportsDestination -> (structure)

The destination in which evidence reports are stored for the specified assessment.

destinationType -> (string)

The destination type, such as Amazon S3.

destination -> (string)

The destination of the assessment report.

scope -> (structure)

The wrapper of AWS accounts and services in scope for the assessment.

awsAccounts -> (list)

The AWS accounts included in the scope of the assessment.

(structure)

The wrapper of AWS account details, such as account ID, email address, and so on.

id -> (string)

The identifier for the specified AWS account.

emailAddress -> (string)

The email address associated with the specified AWS account.

name -> (string)

The name of the specified AWS account.

awsServices -> (list)

The AWS services included in the scope of the assessment.

(structure)

An AWS service such as Amazon S3, AWS CloudTrail, and so on.

serviceName -> (string)

The name of the AWS service.

roles -> (list)

The roles associated with the assessment.

(structure)

The wrapper that contains AWS Audit Manager role information, such as the role type and IAM Amazon Resource Name (ARN).

roleType -> (string)

The type of customer persona.

Note

In CreateAssessment , roleType can only be PROCESS_OWNER .

In UpdateSettings , roleType can only be PROCESS_OWNER .

In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

roleArn -> (string)

The Amazon Resource Name (ARN) of the IAM role.

delegations -> (list)

The delegations associated with the assessment.

(structure)

The assignment of a control set to a delegate for review.

id -> (string)

The unique identifier for the delegation.

assessmentName -> (string)

The name of the associated assessment.

assessmentId -> (string)

The identifier for the associated assessment.

status -> (string)

The status of the delegation.

roleArn -> (string)

The Amazon Resource Name (ARN) of the IAM role.

roleType -> (string)

The type of customer persona.

Note

In CreateAssessment , roleType can only be PROCESS_OWNER .

In UpdateSettings , roleType can only be PROCESS_OWNER .

In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

creationTime -> (timestamp)

Specifies when the delegation was created.

lastUpdated -> (timestamp)

Specifies when the delegation was last updated.

controlSetId -> (string)

The identifier for the associated control set.

comment -> (string)

The comment related to the delegation.

createdBy -> (string)

The IAM user or role that created the delegation.

creationTime -> (timestamp)

Specifies when the assessment was created.

lastUpdated -> (timestamp)

The time of the most recent update.

framework -> (structure)

The framework from which the assessment was created.

id -> (string)

The unique identifier for the framework.

arn -> (string)

The Amazon Resource Name (ARN) of the specified framework.

metadata -> (structure)

The metadata of a framework, such as the name, ID, description, and so on.

name -> (string)

The name of the framework.

description -> (string)

The description of the framework.

logo -> (string)

The logo associated with the framework.

complianceType -> (string)

The compliance standard associated with the framework, such as PCI-DSS or HIPAA.

controlSets -> (list)

The control sets associated with the framework.

(structure)

Represents a set of controls in an AWS Audit Manager assessment.

id -> (string)

The identifier of the control set in the assessment. This is the control set name in a plain string format.

description -> (string)

The description for the control set.

status -> (string)

Specifies the current status of the control set.

roles -> (list)

The roles associated with the control set.

(structure)

The wrapper that contains AWS Audit Manager role information, such as the role type and IAM Amazon Resource Name (ARN).

roleType -> (string)

The type of customer persona.

Note

In CreateAssessment , roleType can only be PROCESS_OWNER .

In UpdateSettings , roleType can only be PROCESS_OWNER .

In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

roleArn -> (string)

The Amazon Resource Name (ARN) of the IAM role.

controls -> (list)

The list of controls contained with the control set.

(structure)

The control entity that represents a standard or custom control used in an AWS Audit Manager assessment.

id -> (string)

The identifier for the specified control.

name -> (string)

The name of the specified control.

description -> (string)

The description of the specified control.

status -> (string)

The status of the specified control.

response -> (string)

The response of the specified control.

comments -> (list)

The list of comments attached to the specified control.

(structure)

A comment posted by a user on a control. This includes the author’s name, the comment text, and a timestamp.

authorName -> (string)

The name of the user who authored the comment.

commentBody -> (string)

The body text of a control comment.

postedDate -> (timestamp)

The time when the comment was posted.

evidenceSources -> (list)

The list of data sources for the specified evidence.

(string)

evidenceCount -> (integer)

The amount of evidence generated for the control.

assessmentReportEvidenceCount -> (integer)

The amount of evidence in the assessment report.

delegations -> (list)

The delegations associated with the control set.

(structure)

The assignment of a control set to a delegate for review.

id -> (string)

The unique identifier for the delegation.

assessmentName -> (string)

The name of the associated assessment.

assessmentId -> (string)

The identifier for the associated assessment.

status -> (string)

The status of the delegation.

roleArn -> (string)

The Amazon Resource Name (ARN) of the IAM role.

roleType -> (string)

The type of customer persona.

Note

In CreateAssessment , roleType can only be PROCESS_OWNER .

In UpdateSettings , roleType can only be PROCESS_OWNER .

In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

creationTime -> (timestamp)

Specifies when the delegation was created.

lastUpdated -> (timestamp)

Specifies when the delegation was last updated.

controlSetId -> (string)

The identifier for the associated control set.

comment -> (string)

The comment related to the delegation.

createdBy -> (string)

The IAM user or role that created the delegation.

systemEvidenceCount -> (integer)

The total number of evidence objects retrieved automatically for the control set.

manualEvidenceCount -> (integer)

The total number of evidence objects uploaded manually to the control set.

tags -> (map)

The tags associated with the assessment.

key -> (string)

value -> (string)

© Copyright 2018, Amazon Web Services. Created using Sphinx.