[ aws . auditmanager ]
Returns a control from Audit Manager.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
get-control
--control-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--control-id
(string)
The identifier for the control.
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
control -> (structure)
The name of the control that the
GetControl
API returned.arn -> (string)
The Amazon Resource Name (ARN) of the control.
id -> (string)
The unique identifier for the control.
type -> (string)
The type of control, such as a custom control or a standard control.
name -> (string)
The name of the control.
description -> (string)
The description of the control.
testingInformation -> (string)
The steps that you should follow to determine if the control has been satisfied.
actionPlanTitle -> (string)
The title of the action plan for remediating the control.
actionPlanInstructions -> (string)
The recommended actions to carry out if the control isn’t fulfilled.
controlSources -> (string)
The data source that determines where Audit Manager collects evidence from for the control.
controlMappingSources -> (list)
The data mapping sources for the control.
(structure)
The data source that determines where Audit Manager collects evidence from for the control.
sourceId -> (string)
The unique identifier for the source.
sourceName -> (string)
The name of the source.
sourceDescription -> (string)
The description of the source.
sourceSetUpOption -> (string)
The setup option for the data source. This option reflects if the evidence collection is automated or manual.
sourceType -> (string)
Specifies one of the five types of data sources for evidence collection.
sourceKeyword -> (structure)
The keyword to search for in CloudTrail logs, Config rules, Security Hub checks, and Amazon Web Services API names.
keywordInputType -> (string)
The input method for the keyword.
keywordValue -> (string)
The value of the keyword that’s used when mapping a control data source. For example, this can be a CloudTrail event name, a rule name for Config, a Security Hub control, or the name of an Amazon Web Services API call.
If you’re mapping a data source to a rule in Config, the
keywordValue
that you specify depends on the type of rule:
For managed rules , you can use the rule identifier as the
keywordValue
. You can find the rule identifier from the list of Config managed rules .
Managed rule name: s3-bucket-acl-prohibited
keywordValue
:S3_BUCKET_ACL_PROHIBITED
For custom rules , you form the
keywordValue
by adding theCustom_
prefix to the rule name. This prefix distinguishes the rule from a managed rule.
Custom rule name: my-custom-config-rule
keywordValue
:Custom_my-custom-config-rule
For service-linked rules , you form the
keywordValue
by adding theCustom_
prefix to the rule name. In addition, you remove the suffix ID that appears at the end of the rule name.
Service-linked rule name: CustomRuleForAccount-conformance-pack-szsm1uv0w
keywordValue
:Custom_CustomRuleForAccount-conformance-pack
Service-linked rule name: securityhub-api-gw-cache-encrypted-101104e1
keywordValue
:Custom_securityhub-api-gw-cache-encrypted
Service-linked rule name: OrgConfigRule-s3-bucket-versioning-enabled-dbgzf8ba
keywordValue
:Custom_OrgConfigRule-s3-bucket-versioning-enabled
sourceFrequency -> (string)
The frequency of evidence collection for the control mapping source.
troubleshootingText -> (string)
The instructions for troubleshooting the control.
createdAt -> (timestamp)
Specifies when the control was created.
lastUpdatedAt -> (timestamp)
Specifies when the control was most recently updated.
createdBy -> (string)
The IAM user or role that created the control.
lastUpdatedBy -> (string)
The IAM user or role that most recently updated the control.
tags -> (map)
The tags associated with the control.
key -> (string)
value -> (string)