AWS::AuditManager::Assessment
The AWS::AuditManager::Assessment
resource is an AWS Audit Manager resource type that defines the scope of audit evidence
collected by AWS Audit Manager. An AWS Audit Manager assessment is an implementation
of an AWS Audit Manager framework.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::AuditManager::Assessment", "Properties" : { "AssessmentReportsDestination" :
AssessmentReportsDestination
, "AwsAccount" :AWSAccount
, "Description" :String
, "FrameworkId" :String
, "Name" :String
, "Roles" :[ Role, ... ]
, "Scope" :Scope
, "Status" :String
, "Tags" :[ Tag, ... ]
} }
YAML
Type: AWS::AuditManager::Assessment Properties: AssessmentReportsDestination:
AssessmentReportsDestination
AwsAccount:AWSAccount
Description:String
FrameworkId:String
Name:String
Roles:- Role
Scope:Scope
Status:String
Tags:- Tag
Properties
AssessmentReportsDestination
-
The destination in which evidence reports are stored for the specified assessment.
Required: No
Type: AssessmentReportsDestination
Update requires: No interruption
AwsAccount
-
The AWS account associated with the assessment.
Required: No
Type: AWSAccount
Update requires: Replacement
Description
-
The description of the assessment.
Required: No
Type: String
Maximum:
1000
Pattern:
^[\w\W\s\S]*$
Update requires: No interruption
FrameworkId
-
Not currently supported by AWS CloudFormation.
Required: No
Type: String
Update requires: Replacement
Name
-
The name of the assessment.
Required: No
Type: String
Minimum:
1
Maximum:
300
Pattern:
^[\w\W\s\S]*$
Update requires: No interruption
Roles
-
The roles associated with the assessment.
Required: No
Type: List of Role
Update requires: No interruption
Scope
-
The wrapper of AWS accounts and services in scope for the assessment.
Required: No
Type: Scope
Update requires: No interruption
Status
-
The overall status of the assessment.
Required: No
Type: String
Allowed values:
ACTIVE | INACTIVE
Update requires: No interruption
Tags
-
The tags associated with the assessment.
Required: No
Type: List of Tag
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref
function, Ref
returns the assessment ID. For example:
{ "Ref": "111A1A1A-22B2-33C3-DDD4-55E5E5E555E5" }
For more information about using the Ref
function, see Ref.
Fn::GetAtt
The Fn::GetAtt
intrinsic function returns a value for a specified attribute of this type. The following
are the available attributes and sample return values.
For more information about using the Fn::GetAtt
intrinsic function, see Fn::GetAtt.
Arn
-
The Amazon Resource Name (ARN) of the assessment. For example,
arn:aws:auditmanager:us-east-1:123456789012:assessment/111A1A1A-22B2-33C3-DDD4-55E5E5E555E5
. AssessmentId
-
The unique identifier for the assessment. For example,
111A1A1A-22B2-33C3-DDD4-55E5E5E555E5
. CreationTime
-
The time when the assessment was created. For example,
1607582033.373
. Delegations
-
The delegations associated with the assessment.
FrameworkId
-
The unique identifier for the framework. For example,
1aaa1111-22b2-33c3-3333-d44dd4d444dd
.
See also
-
CreateAssessment in the AWS Audit Manager API Reference.
-
DeleteAssessment in the AWS Audit Manager API Reference.
-
GetAssessment in the AWS Audit Manager API Reference.
-
UpdateAssessment in the AWS Audit Manager API Reference.