SecurityHub / Client / get_configuration_policy_association

get_configuration_policy_association#

SecurityHub.Client.get_configuration_policy_association(**kwargs)#

Returns the association between a configuration and a target account, organizational unit, or the root. The configuration can be a configuration policy or self-managed behavior. Only the Security Hub delegated administrator can invoke this operation from the home Region.

See also: AWS API Documentation

Request Syntax

response = client.get_configuration_policy_association(
    Target={
        'AccountId': 'string',
        'OrganizationalUnitId': 'string',
        'RootId': 'string'
    }
)
Parameters:

Target (dict) –

[REQUIRED]

The target account ID, organizational unit ID, or the root ID to retrieve the association for.

Note

This is a Tagged Union structure. Only one of the following top level keys can be set: AccountId, OrganizationalUnitId, RootId.

  • AccountId (string) –

    The Amazon Web Services account ID of the target account.

  • OrganizationalUnitId (string) –

    The organizational unit ID of the target organizational unit.

  • RootId (string) –

    The ID of the organization root.

Return type:

dict

Returns:

Response Syntax

{
    'ConfigurationPolicyId': 'string',
    'TargetId': 'string',
    'TargetType': 'ACCOUNT'|'ORGANIZATIONAL_UNIT'|'ROOT',
    'AssociationType': 'INHERITED'|'APPLIED',
    'UpdatedAt': datetime(2015, 1, 1),
    'AssociationStatus': 'PENDING'|'SUCCESS'|'FAILED',
    'AssociationStatusMessage': 'string'
}

Response Structure

  • (dict) –

    • ConfigurationPolicyId (string) –

      The universally unique identifier (UUID) of a configuration policy. For self-managed behavior, the value is SELF_MANAGED_SECURITY_HUB.

    • TargetId (string) –

      The target account ID, organizational unit ID, or the root ID for which the association is retrieved.

    • TargetType (string) –

      Specifies whether the target is an Amazon Web Services account, organizational unit, or the organization root.

    • AssociationType (string) –

      Indicates whether the association between the specified target and the configuration was directly applied by the Security Hub delegated administrator or inherited from a parent.

    • UpdatedAt (datetime) –

      The date and time, in UTC and ISO 8601 format, that the configuration policy association was last updated.

    • AssociationStatus (string) –

      The current status of the association between the specified target and the configuration.

    • AssociationStatusMessage (string) –

      The explanation for a FAILED value for AssociationStatus.

Exceptions