UpdateEnabledControl

Updates the configuration of an already enabled control.

If the enabled control shows an EnablementStatus of SUCCEEDED, supply parameters that are different from the currently configured parameters. Otherwise, AWS Control Tower will not accept the request.

If the enabled control shows an EnablementStatus of FAILED, AWS Control Tower updates the control to match any valid parameters that you supply.

If the DriftSummary status for the control shows as DRIFTED, you cannot call this API. Instead, you can update the control by calling the ResetEnabledControl API. Alternatively, you can call DisableControl and then call EnableControl again. Also, you can run an extending governance operation to repair drift. For usage examples, see the Controls Reference Guide.

Request Syntax

POST /update-enabled-control HTTP/1.1
Content-type: application/json

{
   "enabledControlIdentifier": "string",
   "parameters": [ 
      { 
         "key": "string",
         "value": JSON value
      }
   ]
}

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

enabledControlIdentifier

The ARN of the enabled control that will be updated.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: ^arn:aws[0-9a-zA-Z_\-:\/]+$

Required: Yes

parameters

A key/value pair, where Key is of type String and Value is of type Document.

Type: Array of EnabledControlParameter objects

Required: Yes

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "operationIdentifier": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

operationIdentifier

The operation identifier for this UpdateEnabledControl operation.

Type: String

Length Constraints: Fixed length of 36.

Pattern: ^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

HTTP Status Code: 403

ConflictException

Updating or deleting the resource can cause an inconsistent state.

HTTP Status Code: 409

InternalServerException

An unexpected error occurred during processing of a request.

HTTP Status Code: 500

ResourceNotFoundException

The request references a resource that does not exist.

HTTP Status Code: 404

ServiceQuotaExceededException

The request would cause a service quota to be exceeded. The limit is 10 concurrent operations.

HTTP Status Code: 402

ThrottlingException

The request was denied due to request throttling.

HTTP Status Code: 429

ValidationException

The input does not satisfy the constraints specified by an AWS service.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS Command Line Interface

• AWS SDK for .NET

• AWS SDK for C++

• AWS SDK for Go v2

• AWS SDK for Java V2

• AWS SDK for JavaScript V3

• AWS SDK for PHP V3

• AWS SDK for Python

• AWS SDK for Ruby V3