Select your cookie preferences

We use cookies and similar tools to enhance your experience, provide our services, deliver relevant advertising, and make improvements. Approved third parties also use these tools to help us deliver advertising and provide certain site features.

batch_update_standards_control_associations

batch_update_standards_control_associations(**kwargs)

For a batch of security controls and standards, this operation updates the enablement status of a control in a standard.

See also: AWS API Documentation

Request Syntax

response = client.batch_update_standards_control_associations(
    StandardsControlAssociationUpdates=[
        {
            'StandardsArn': 'string',
            'SecurityControlId': 'string',
            'AssociationStatus': 'ENABLED'|'DISABLED',
            'UpdatedReason': 'string'
        },
    ]
)
Parameters
StandardsControlAssociationUpdates (list) --

[REQUIRED]

Updates the enablement status of a security control in a specified standard.

  • (dict) --

    An array of requested updates to the enablement status of controls in specified standards. The objects in the array include a security control ID, the Amazon Resource Name (ARN) of the standard, the requested enablement status, and the reason for updating the enablement status.

    • StandardsArn (string) -- [REQUIRED]

      The Amazon Resource Name (ARN) of the standard in which you want to update the control's enablement status.

    • SecurityControlId (string) -- [REQUIRED]

      The unique identifier for the security control whose enablement status you want to update.

    • AssociationStatus (string) -- [REQUIRED]

      The desired enablement status of the control in the standard.

    • UpdatedReason (string) --

      The reason for updating the control's enablement status in the standard.

Return type
dict
Returns
Response Syntax
{
    'UnprocessedAssociationUpdates': [
        {
            'StandardsControlAssociationUpdate': {
                'StandardsArn': 'string',
                'SecurityControlId': 'string',
                'AssociationStatus': 'ENABLED'|'DISABLED',
                'UpdatedReason': 'string'
            },
            'ErrorCode': 'INVALID_INPUT'|'ACCESS_DENIED'|'NOT_FOUND'|'LIMIT_EXCEEDED',
            'ErrorReason': 'string'
        },
    ]
}

Response Structure

  • (dict) --
    • UnprocessedAssociationUpdates (list) --

      A security control (identified with SecurityControlId , SecurityControlArn , or a mix of both parameters) whose enablement status in a specified standard couldn't be updated.

      • (dict) --

        Provides details about which control's enablement status could not be updated in a specified standard when calling the BatchUpdateStandardsControlAssociations API. This parameter also provides details about why the request was unprocessed.

        • StandardsControlAssociationUpdate (dict) --

          An array of control and standard associations for which an update failed when calling BatchUpdateStandardsControlAssociations.

          • StandardsArn (string) --

            The Amazon Resource Name (ARN) of the standard in which you want to update the control's enablement status.

          • SecurityControlId (string) --

            The unique identifier for the security control whose enablement status you want to update.

          • AssociationStatus (string) --

            The desired enablement status of the control in the standard.

          • UpdatedReason (string) --

            The reason for updating the control's enablement status in the standard.

        • ErrorCode (string) --

          The error code for the unprocessed update of the control's enablement status in the specified standard.

        • ErrorReason (string) --

          The reason why a control's enablement status in the specified standard couldn't be updated.

Exceptions

  • SecurityHub.Client.exceptions.InternalException
  • SecurityHub.Client.exceptions.LimitExceededException
  • SecurityHub.Client.exceptions.InvalidAccessException
  • SecurityHub.Client.exceptions.InvalidInputException