[ aws . auditmanager ]
Creates a custom framework in Audit Manager.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
create-assessment-framework
--name <value>
[--description <value>]
[--compliance-type <value>]
--control-sets <value>
[--tags <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--name
(string)
The name of the new custom framework.
--description
(string)
An optional description for the new custom framework.
--compliance-type
(string)
The compliance type that the new custom framework supports, such as CIS or HIPAA.
--control-sets
(list)
The control sets that are associated with the framework.
(structure)
A
controlSet
entity that represents a collection of controls in Audit Manager. This doesn’t contain the control set ID.name -> (string)
The name of the control set.
controls -> (list)
The list of controls within the control set. This doesn’t contain the control set ID.
(structure)
The control entity attributes that uniquely identify an existing control to be added to a framework in Audit Manager.
id -> (string)
The unique identifier of the control.
Shorthand Syntax:
name=string,controls=[{id=string},{id=string}] ...
JSON Syntax:
[
{
"name": "string",
"controls": [
{
"id": "string"
}
...
]
}
...
]
--tags
(map)
The tags that are associated with the framework.
key -> (string)
value -> (string)
Shorthand Syntax:
KeyName1=string,KeyName2=string
JSON Syntax:
{"string": "string"
...}
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
framework -> (structure)
The name of the new framework that the
CreateAssessmentFramework
API returned.arn -> (string)
The Amazon Resource Name (ARN) of the framework.
id -> (string)
The unique identifier for the framework.
name -> (string)
The name of the framework.
type -> (string)
The framework type, such as a custom framework or a standard framework.
complianceType -> (string)
The compliance type that the new custom framework supports, such as CIS or HIPAA.
description -> (string)
The description of the framework.
logo -> (string)
The logo that’s associated with the framework.
controlSources -> (string)
The sources that Audit Manager collects evidence from for the control.
controlSets -> (list)
The control sets that are associated with the framework.
(structure)
A set of controls in Audit Manager.
id -> (string)
The identifier of the control set in the assessment. This is the control set name in a plain string format.
name -> (string)
The name of the control set.
controls -> (list)
The list of controls within the control set.
(structure)
A control in Audit Manager.
arn -> (string)
The Amazon Resource Name (ARN) of the control.
id -> (string)
The unique identifier for the control.
type -> (string)
The type of control, such as a custom control or a standard control.
name -> (string)
The name of the control.
description -> (string)
The description of the control.
testingInformation -> (string)
The steps that you should follow to determine if the control has been satisfied.
actionPlanTitle -> (string)
The title of the action plan for remediating the control.
actionPlanInstructions -> (string)
The recommended actions to carry out if the control isn’t fulfilled.
controlSources -> (string)
The data source that determines where Audit Manager collects evidence from for the control.
controlMappingSources -> (list)
The data mapping sources for the control.
(structure)
The data source that determines where Audit Manager collects evidence from for the control.
sourceId -> (string)
The unique identifier for the source.
sourceName -> (string)
The name of the source.
sourceDescription -> (string)
The description of the source.
sourceSetUpOption -> (string)
The setup option for the data source. This option reflects if the evidence collection is automated or manual.
sourceType -> (string)
Specifies one of the five types of data sources for evidence collection.
sourceKeyword -> (structure)
The keyword to search for in CloudTrail logs, Config rules, Security Hub checks, and Amazon Web Services API names.
keywordInputType -> (string)
The input method for the keyword.
keywordValue -> (string)
The value of the keyword that’s used when mapping a control data source. For example, this can be a CloudTrail event name, a rule name for Config, a Security Hub control, or the name of an Amazon Web Services API call.
If you’re mapping a data source to a rule in Config, the
keywordValue
that you specify depends on the type of rule:
For managed rules , you can use the rule identifier as the
keywordValue
. You can find the rule identifier from the list of Config managed rules .
Managed rule name: s3-bucket-acl-prohibited
keywordValue
:S3_BUCKET_ACL_PROHIBITED
For custom rules , you form the
keywordValue
by adding theCustom_
prefix to the rule name. This prefix distinguishes the rule from a managed rule.
Custom rule name: my-custom-config-rule
keywordValue
:Custom_my-custom-config-rule
For service-linked rules , you form the
keywordValue
by adding theCustom_
prefix to the rule name. In addition, you remove the suffix ID that appears at the end of the rule name.
Service-linked rule name: CustomRuleForAccount-conformance-pack-szsm1uv0w
keywordValue
:Custom_CustomRuleForAccount-conformance-pack
Service-linked rule name: securityhub-api-gw-cache-encrypted-101104e1
keywordValue
:Custom_securityhub-api-gw-cache-encrypted
Service-linked rule name: OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
keywordValue
:Custom_OrgConfigRule-s3-bucket-versioning-enabled
sourceFrequency -> (string)
The frequency of evidence collection for the control mapping source.
troubleshootingText -> (string)
The instructions for troubleshooting the control.
createdAt -> (timestamp)
Specifies when the control was created.
lastUpdatedAt -> (timestamp)
Specifies when the control was most recently updated.
createdBy -> (string)
The IAM user or role that created the control.
lastUpdatedBy -> (string)
The IAM user or role that most recently updated the control.
tags -> (map)
The tags associated with the control.
key -> (string)
value -> (string)
createdAt -> (timestamp)
Specifies when the framework was created.
lastUpdatedAt -> (timestamp)
Specifies when the framework was most recently updated.
createdBy -> (string)
The IAM user or role that created the framework.
lastUpdatedBy -> (string)
The IAM user or role that most recently updated the framework.
tags -> (map)
The tags that are associated with the framework.
key -> (string)
value -> (string)