Table Of Contents

Feedback

User Guide

First time using the AWS CLI? See the User Guide for help getting started.

Note: You are viewing the documentation for an older major version of the AWS CLI (version 1).

AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.

[ aws . auditmanager ]

update-assessment

Description

Edits an AWS Audit Manager assessment.

See also: AWS API Documentation

See 'aws help' for descriptions of global parameters.

Synopsis

  update-assessment
--assessment-id <value>
[--assessment-name <value>]
[--assessment-description <value>]
--scope <value>
[--assessment-reports-destination <value>]
[--roles <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]

Options

--assessment-id (string)

The identifier for the specified assessment.

--assessment-name (string)

The name of the specified assessment to be updated.

--assessment-description (string)

The description of the specified assessment.

--scope (structure)

The scope of the specified assessment.

awsAccounts -> (list)

The AWS accounts included in the scope of the assessment.

(structure)

The wrapper of AWS account details, such as account ID, email address, and so on.

id -> (string)

The identifier for the specified AWS account.

emailAddress -> (string)

The email address associated with the specified AWS account.

name -> (string)

The name of the specified AWS account.

awsServices -> (list)

The AWS services included in the scope of the assessment.

(structure)

An AWS service such as Amazon S3, AWS CloudTrail, and so on.

serviceName -> (string)

The name of the AWS service.

Shorthand Syntax:

awsAccounts=[{id=string,emailAddress=string,name=string},{id=string,emailAddress=string,name=string}],awsServices=[{serviceName=string},{serviceName=string}]

JSON Syntax:

{
  "awsAccounts": [
    {
      "id": "string",
      "emailAddress": "string",
      "name": "string"
    }
    ...
  ],
  "awsServices": [
    {
      "serviceName": "string"
    }
    ...
  ]
}

--assessment-reports-destination (structure)

The assessment report storage destination for the specified assessment that is being updated.

destinationType -> (string)

The destination type, such as Amazon S3.

destination -> (string)

The destination of the assessment report.

Shorthand Syntax:

destinationType=string,destination=string

JSON Syntax:

{
  "destinationType": "S3",
  "destination": "string"
}

--roles (list)

The list of roles for the specified assessment.

(structure)

The wrapper that contains the AWS Audit Manager role information of the current user, such as the role type and IAM Amazon Resource Name (ARN).

roleType -> (string)

The type of customer persona.

Note

In CreateAssessment , roleType can only be PROCESS_OWNER .

In UpdateSettings , roleType can only be PROCESS_OWNER .

In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

roleArn -> (string)

The Amazon Resource Name (ARN) of the IAM role.

Shorthand Syntax:

roleType=string,roleArn=string ...

JSON Syntax:

[
  {
    "roleType": "PROCESS_OWNER"|"RESOURCE_OWNER",
    "roleArn": "string"
  }
  ...
]

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See 'aws help' for descriptions of global parameters.

Output

assessment -> (structure)

The response object (name of the updated assessment) for the UpdateAssessmentRequest API.

arn -> (string)

The Amazon Resource Name (ARN) of the assessment.

awsAccount -> (structure)

The AWS account associated with the assessment.

id -> (string)

The identifier for the specified AWS account.

emailAddress -> (string)

The email address associated with the specified AWS account.

name -> (string)

The name of the specified AWS account.

metadata -> (structure)

The metadata for the specified assessment.

name -> (string)

The name of the assessment.

id -> (string)

The unique identifier for the assessment.

description -> (string)

The description of the assessment.

complianceType -> (string)

The name of a compliance standard related to the assessment, such as PCI-DSS.

status -> (string)

The overall status of the assessment.

assessmentReportsDestination -> (structure)

The destination in which evidence reports are stored for the specified assessment.

destinationType -> (string)

The destination type, such as Amazon S3.

destination -> (string)

The destination of the assessment report.

scope -> (structure)

The wrapper of AWS accounts and services in scope for the assessment.

awsAccounts -> (list)

The AWS accounts included in the scope of the assessment.

(structure)

The wrapper of AWS account details, such as account ID, email address, and so on.

id -> (string)

The identifier for the specified AWS account.

emailAddress -> (string)

The email address associated with the specified AWS account.

name -> (string)

The name of the specified AWS account.

awsServices -> (list)

The AWS services included in the scope of the assessment.

(structure)

An AWS service such as Amazon S3, AWS CloudTrail, and so on.

serviceName -> (string)

The name of the AWS service.

roles -> (list)

The roles associated with the assessment.

(structure)

The wrapper that contains the AWS Audit Manager role information of the current user, such as the role type and IAM Amazon Resource Name (ARN).

roleType -> (string)

The type of customer persona.

Note

In CreateAssessment , roleType can only be PROCESS_OWNER .

In UpdateSettings , roleType can only be PROCESS_OWNER .

In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

roleArn -> (string)

The Amazon Resource Name (ARN) of the IAM role.

delegations -> (list)

The delegations associated with the assessment.

(structure)

The assignment of a control set to a delegate for review.

id -> (string)

The unique identifier for the delegation.

assessmentName -> (string)

The name of the associated assessment.

assessmentId -> (string)

The identifier for the associated assessment.

status -> (string)

The status of the delegation.

roleArn -> (string)

The Amazon Resource Name (ARN) of the IAM role.

roleType -> (string)

The type of customer persona.

Note

In CreateAssessment , roleType can only be PROCESS_OWNER .

In UpdateSettings , roleType can only be PROCESS_OWNER .

In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

creationTime -> (timestamp)

Specifies when the delegation was created.

lastUpdated -> (timestamp)

Specifies when the delegation was last updated.

controlSetId -> (string)

The identifier for the associated control set.

comment -> (string)

The comment related to the delegation.

createdBy -> (string)

The IAM user or role that created the delegation.

creationTime -> (timestamp)

Specifies when the assessment was created.

lastUpdated -> (timestamp)

The time of the most recent update.

framework -> (structure)

The framework from which the assessment was created.

id -> (string)

The unique identifier for the framework.

arn -> (string)

The Amazon Resource Name (ARN) of the specified framework.

metadata -> (structure)

The metadata of a framework, such as the name, ID, description, and so on.

name -> (string)

The name of the framework.

description -> (string)

The description of the framework.

logo -> (string)

The logo associated with the framework.

complianceType -> (string)

The compliance standard associated with the framework, such as PCI-DSS or HIPAA.

controlSets -> (list)

The control sets associated with the framework.

(structure)

Represents a set of controls in an AWS Audit Manager assessment.

id -> (string)

The identifier of the control set in the assessment. This is the control set name in a plain string format.

description -> (string)

The description for the control set.

status -> (string)

Specifies the current status of the control set.

roles -> (list)

The roles associated with the control set.

(structure)

The wrapper that contains the AWS Audit Manager role information of the current user, such as the role type and IAM Amazon Resource Name (ARN).

roleType -> (string)

The type of customer persona.

Note

In CreateAssessment , roleType can only be PROCESS_OWNER .

In UpdateSettings , roleType can only be PROCESS_OWNER .

In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

roleArn -> (string)

The Amazon Resource Name (ARN) of the IAM role.

controls -> (list)

The list of controls contained with the control set.

(structure)

The control entity that represents a standard or custom control used in an AWS Audit Manager assessment.

id -> (string)

The identifier for the specified control.

name -> (string)

The name of the specified control.

description -> (string)

The description of the specified control.

status -> (string)

The status of the specified control.

response -> (string)

The response of the specified control.

comments -> (list)

The list of comments attached to the specified control.

(structure)

A comment posted by a user on a control. This includes the author's name, the comment text, and a timestamp.

authorName -> (string)

The name of the user who authored the comment.

commentBody -> (string)

The body text of a control comment.

postedDate -> (timestamp)

The time when the comment was posted.

evidenceSources -> (list)

The list of data sources for the specified evidence.

(string)

evidenceCount -> (integer)

The amount of evidence generated for the control.

assessmentReportEvidenceCount -> (integer)

The amount of evidence in the assessment report.

delegations -> (list)

The delegations associated with the control set.

(structure)

The assignment of a control set to a delegate for review.

id -> (string)

The unique identifier for the delegation.

assessmentName -> (string)

The name of the associated assessment.

assessmentId -> (string)

The identifier for the associated assessment.

status -> (string)

The status of the delegation.

roleArn -> (string)

The Amazon Resource Name (ARN) of the IAM role.

roleType -> (string)

The type of customer persona.

Note

In CreateAssessment , roleType can only be PROCESS_OWNER .

In UpdateSettings , roleType can only be PROCESS_OWNER .

In BatchCreateDelegationByAssessment , roleType can only be RESOURCE_OWNER .

creationTime -> (timestamp)

Specifies when the delegation was created.

lastUpdated -> (timestamp)

Specifies when the delegation was last updated.

controlSetId -> (string)

The identifier for the associated control set.

comment -> (string)

The comment related to the delegation.

createdBy -> (string)

The IAM user or role that created the delegation.

systemEvidenceCount -> (integer)

The total number of evidence objects retrieved automatically for the control set.

manualEvidenceCount -> (integer)

The total number of evidence objects uploaded manually to the control set.

tags -> (map)

The tags associated with the assessment.

key -> (string)

value -> (string)