SecurityHub / Client / list_configuration_policy_associations

list_configuration_policy_associations#

SecurityHub.Client.list_configuration_policy_associations(**kwargs)#

Provides information about the associations for your configuration policies and self-managed behavior. Only the Security Hub delegated administrator can invoke this operation from the home Region.

See also: AWS API Documentation

Request Syntax

response = client.list_configuration_policy_associations(
    NextToken='string',
    MaxResults=123,
    Filters={
        'ConfigurationPolicyId': 'string',
        'AssociationType': 'INHERITED'|'APPLIED',
        'AssociationStatus': 'PENDING'|'SUCCESS'|'FAILED'
    }
)
Parameters:
  • NextToken (string) – The NextToken value that’s returned from a previous paginated ListConfigurationPolicyAssociations request where MaxResults was used but the results exceeded the value of that parameter. Pagination continues from the end of the previous response that returned the NextToken value. This value is null when there are no more results to return.

  • MaxResults (integer) – The maximum number of results that’s returned by ListConfigurationPolicies in each page of the response. When this parameter is used, ListConfigurationPolicyAssociations returns the specified number of results in a single page and a NextToken response element. You can see the remaining results of the initial request by sending another ListConfigurationPolicyAssociations request with the returned NextToken value. A valid range for MaxResults is between 1 and 100.

  • Filters (dict) –

    Options for filtering the ListConfigurationPolicyAssociations response. You can filter by the Amazon Resource Name (ARN) or universally unique identifier (UUID) of a configuration, AssociationType, or AssociationStatus.

    • ConfigurationPolicyId (string) –

      The ARN or UUID of the configuration policy.

    • AssociationType (string) –

      Indicates whether the association between a target and a configuration was directly applied by the Security Hub delegated administrator or inherited from a parent.

    • AssociationStatus (string) –

      The current status of the association between a target and a configuration policy.

Return type:

dict

Returns:

Response Syntax

{
    'ConfigurationPolicyAssociationSummaries': [
        {
            'ConfigurationPolicyId': 'string',
            'TargetId': 'string',
            'TargetType': 'ACCOUNT'|'ORGANIZATIONAL_UNIT'|'ROOT',
            'AssociationType': 'INHERITED'|'APPLIED',
            'UpdatedAt': datetime(2015, 1, 1),
            'AssociationStatus': 'PENDING'|'SUCCESS'|'FAILED',
            'AssociationStatusMessage': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) –

    • ConfigurationPolicyAssociationSummaries (list) –

      An object that contains the details of each configuration policy association that’s returned in a ListConfigurationPolicyAssociations request.

      • (dict) –

        An object that contains the details of a configuration policy association that’s returned in a ListConfigurationPolicyAssociations request.

        • ConfigurationPolicyId (string) –

          The universally unique identifier (UUID) of the configuration policy.

        • TargetId (string) –

          The identifier of the target account, organizational unit, or the root.

        • TargetType (string) –

          Specifies whether the target is an Amazon Web Services account, organizational unit, or the root.

        • AssociationType (string) –

          Indicates whether the association between the specified target and the configuration was directly applied by the Security Hub delegated administrator or inherited from a parent.

        • UpdatedAt (datetime) –

          The date and time, in UTC and ISO 8601 format, that the configuration policy association was last updated.

        • AssociationStatus (string) –

          The current status of the association between the specified target and the configuration.

        • AssociationStatusMessage (string) –

          The explanation for a FAILED value for AssociationStatus.

    • NextToken (string) –

      The NextToken value to include in the next ListConfigurationPolicyAssociations request. When the results of a ListConfigurationPolicyAssociations request exceed MaxResults, this value can be used to retrieve the next page of results. This value is null when there are no more results to return.

Exceptions

  • SecurityHub.Client.exceptions.InternalException

  • SecurityHub.Client.exceptions.InvalidAccessException

  • SecurityHub.Client.exceptions.InvalidInputException

  • SecurityHub.Client.exceptions.LimitExceededException

  • SecurityHub.Client.exceptions.AccessDeniedException