GetSettings
Gets the settings for a specified AWS account.
Request Syntax
GET /settings/attribute HTTP/1.1
URI Request Parameters
The request uses the following URI parameters.
- attribute
-
The list of setting attribute enum values.
Valid Values:
ALL | IS_AWS_ORG_ENABLED | SNS_TOPIC | DEFAULT_ASSESSMENT_REPORTS_DESTINATION | DEFAULT_PROCESS_OWNERS | EVIDENCE_FINDER_ENABLEMENT | DEREGISTRATION_POLICY | DEFAULT_EXPORT_DESTINATIONRequired: Yes
Request Body
The request does not have a request body.
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"settings": {
"defaultAssessmentReportsDestination": {
"destination": "string",
"destinationType": "string"
},
"defaultExportDestination": {
"destination": "string",
"destinationType": "string"
},
"defaultProcessOwners": [
{
"roleArn": "string",
"roleType": "string"
}
],
"deregistrationPolicy": {
"deleteResources": "string"
},
"evidenceFinderEnablement": {
"backfillStatus": "string",
"enablementStatus": "string",
"error": "string",
"eventDataStoreArn": "string"
},
"isAwsOrgEnabled": boolean,
"kmsKey": "string",
"snsTopic": "string"
}
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
Your account isn't registered with AWS Audit Manager. Check the delegated administrator setup on the Audit Manager settings page, and try again.
HTTP Status Code: 403
- InternalServerException
-
An internal service error occurred during the processing of your request. Try again later.
HTTP Status Code: 500
Examples
Confirming the status of evidence finder
This is an example response for the GetSettings API operation, where
the attribute parameter is set to
EVIDENCE_FINDER_ENABLEMENT.
This response returns the following evidence finder settings:
-
eventDataStoreArnshows the ARN of the event data store that was created when evidence finder was enabled. -
enablementStatusshows the current status of evidence finder. In this case,ENABLEDindicates that evidence finder was successfully enabled. -
backfillStatusshows the current status of the evidence data backfill. In this case,IN_PROGRESSindicates that the backfill is not yet complete.
Sample Response
{
"settings": {
"evidenceFinderEnablement": {
"eventDataStoreArn": "arn:aws:cloudtrail:us-east-1:111122223333:eventdatastore/1q2w3e4r-2w3e-4r5t-6y7u-1q2w3e4r5t6y",
"enablementStatus": "ENABLED",
"backfillStatus": "IN_PROGRESS"
}
}
}Reviewing your data retention settings
This is an example response for the GetSettings API operation, where
the attribute parameter is set to
DEREGISTRATION_POLICY.
This response returns your current data retention preferences. In this case,
deleteResources has a value of DEFAULT. This indicates
that your Audit Manager data is subject to default data retention policies. For
more information about data retention, see Data Protection
in the
AWS Audit Manager User Guide.
Sample Response
{
"settings": {
"deregistrationPolicy": {
"deleteResources": "DEFAULT"
}
}
}Reviewing your Audit Manager notification settings
This is an example response for the GetSettings API operation, where
the attribute parameter is set to SNS_TOPIC.
If an SNS topic is in use, the response returns the ARN for that topic.
Sample Response
{
"settings": {
"snsTopic": "arn:aws:sns:us-east-1:111122223333:my-assessment-topic"
}
}Reviewing the default audit owners for your Audit Manager assessments
This is an example response for the GetSettings API operation, where
the attribute parameter is set to
DEFAULT_PROCESS_OWNERS.
If one or more default audit owners were specified, the response returns the ARN for each audit owner's role.
Sample Response
{
"settings": {
"defaultProcessOwners": [
{
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::111122223333:role/Administrator"
}
]
}
}See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
