AWS::AuditManager::Assessment Delegation - AWS CloudFormation

AWS::AuditManager::Assessment Delegation

The Delegation property type specifies the assignment of a control set to a delegate for review.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "AssessmentId" : String, "AssessmentName" : String, "Comment" : String, "ControlSetId" : String, "CreatedBy" : String, "CreationTime" : Double, "Id" : String, "LastUpdated" : Double, "RoleArn" : String, "RoleType" : String, "Status" : String }

YAML

AssessmentId: String AssessmentName: String Comment: String ControlSetId: String CreatedBy: String CreationTime: Double Id: String LastUpdated: Double RoleArn: String RoleType: String Status: String

Properties

AssessmentId

The identifier for the assessment that's associated with the delegation.

Required: No

Type: String

Minimum: 36

Maximum: 36

Pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$

Update requires: No interruption

AssessmentName

The name of the assessment that's associated with the delegation.

Required: No

Type: String

Minimum: 1

Maximum: 300

Pattern: ^[^\\]*$

Update requires: No interruption

Comment

The comment that's related to the delegation.

Required: No

Type: String

Maximum: 350

Pattern: ^[\w\W\s\S]*$

Update requires: No interruption

ControlSetId

The identifier for the control set that's associated with the delegation.

Required: No

Type: String

Minimum: 1

Maximum: 300

Pattern: ^[\w\W\s\S]*$

Update requires: No interruption

CreatedBy

The IAM user or role that created the delegation.

Minimum: 1

Maximum: 100

Pattern: ^[a-zA-Z0-9-_()\\[\\]\\s]+$

Required: No

Type: String

Update requires: No interruption

CreationTime

Specifies when the delegation was created.

Required: No

Type: Double

Update requires: No interruption

Id

The unique identifier for the delegation.

Required: No

Type: String

Minimum: 36

Maximum: 36

Pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$

Update requires: No interruption

LastUpdated

Specifies when the delegation was last updated.

Required: No

Type: Double

Update requires: No interruption

RoleArn

The Amazon Resource Name (ARN) of the IAM role.

Required: No

Type: String

Minimum: 20

Maximum: 2048

Pattern: ^arn:.*:iam:.*

Update requires: No interruption

RoleType

The type of customer persona.

Note

In CreateAssessment, roleType can only be PROCESS_OWNER.

In UpdateSettings, roleType can only be PROCESS_OWNER.

In BatchCreateDelegationByAssessment, roleType can only be RESOURCE_OWNER.

Required: No

Type: String

Allowed values: PROCESS_OWNER | RESOURCE_OWNER

Update requires: No interruption

Status

The status of the delegation.

Required: No

Type: String

Allowed values: COMPLETE | IN_PROGRESS | UNDER_REVIEW

Update requires: No interruption

See also

  • Delegation in the AWS Audit Manager API Reference.