SecurityHub / Client / batch_update_standards_control_associations

batch_update_standards_control_associations

SecurityHub.Client.batch_update_standards_control_associations(**kwargs)

For a batch of security controls and standards, this operation updates the enablement status of a control in a standard.

See also: AWS API Documentation

Request Syntax

response = client.batch_update_standards_control_associations(
    StandardsControlAssociationUpdates=[
        {
            'StandardsArn': 'string',
            'SecurityControlId': 'string',
            'AssociationStatus': 'ENABLED'|'DISABLED',
            'UpdatedReason': 'string'
        },
    ]
)

Parameters:

StandardsControlAssociationUpdates (list) –

[REQUIRED]

Updates the enablement status of a security control in a specified standard.

• (dict) –

  An array of requested updates to the enablement status of controls in specified standards. The objects in the array include a security control ID, the Amazon Resource Name (ARN) of the standard, the requested enablement status, and the reason for updating the enablement status.

  • StandardsArn (string) – [REQUIRED]

    The Amazon Resource Name (ARN) of the standard in which you want to update the control’s enablement status.

  • SecurityControlId (string) – [REQUIRED]

    The unique identifier for the security control whose enablement status you want to update.

  • AssociationStatus (string) – [REQUIRED]

    The desired enablement status of the control in the standard.

  • UpdatedReason (string) –

    The reason for updating the control’s enablement status in the standard.

Return type:

dict

Returns:

Response Syntax

{
    'UnprocessedAssociationUpdates': [
        {
            'StandardsControlAssociationUpdate': {
                'StandardsArn': 'string',
                'SecurityControlId': 'string',
                'AssociationStatus': 'ENABLED'|'DISABLED',
                'UpdatedReason': 'string'
            },
            'ErrorCode': 'INVALID_INPUT'|'ACCESS_DENIED'|'NOT_FOUND'|'LIMIT_EXCEEDED',
            'ErrorReason': 'string'
        },
    ]
}

Response Structure

• (dict) –

  • UnprocessedAssociationUpdates (list) –

    A security control (identified with SecurityControlId, SecurityControlArn, or a mix of both parameters) whose enablement status in a specified standard couldn’t be updated.

    • (dict) –

      Provides details about which control’s enablement status could not be updated in a specified standard when calling the BatchUpdateStandardsControlAssociations API. This parameter also provides details about why the request was unprocessed.

      • StandardsControlAssociationUpdate (dict) –

        An array of control and standard associations for which an update failed when calling BatchUpdateStandardsControlAssociations.

        • StandardsArn (string) –

          The Amazon Resource Name (ARN) of the standard in which you want to update the control’s enablement status.

        • SecurityControlId (string) –

          The unique identifier for the security control whose enablement status you want to update.

        • AssociationStatus (string) –

          The desired enablement status of the control in the standard.

        • UpdatedReason (string) –

          The reason for updating the control’s enablement status in the standard.

      • ErrorCode (string) –

        The error code for the unprocessed update of the control’s enablement status in the specified standard.

      • ErrorReason (string) –

        The reason why a control’s enablement status in the specified standard couldn’t be updated.

Exceptions

• SecurityHub.Client.exceptions.InternalException

• SecurityHub.Client.exceptions.LimitExceededException

• SecurityHub.Client.exceptions.InvalidAccessException

• SecurityHub.Client.exceptions.InvalidInputException

• SecurityHub.Client.exceptions.AccessDeniedException