GetAssessment
Gets information about a specified assessment.
Request Syntax
GET /assessments/assessmentId HTTP/1.1
URI Request Parameters
The request uses the following URI parameters.
- assessmentId
-
The unique identifier for the assessment.
Length Constraints: Fixed length of 36.
Pattern:
^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$Required: Yes
Request Body
The request does not have a request body.
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"assessment": {
"arn": "string",
"awsAccount": {
"emailAddress": "string",
"id": "string",
"name": "string"
},
"framework": {
"arn": "string",
"controlSets": [
{
"controls": [
{
"assessmentReportEvidenceCount": number,
"comments": [
{
"authorName": "string",
"commentBody": "string",
"postedDate": number
}
],
"description": "string",
"evidenceCount": number,
"evidenceSources": [ "string" ],
"id": "string",
"name": "string",
"response": "string",
"status": "string"
}
],
"delegations": [
{
"assessmentId": "string",
"assessmentName": "string",
"comment": "string",
"controlSetId": "string",
"createdBy": "string",
"creationTime": number,
"id": "string",
"lastUpdated": number,
"roleArn": "string",
"roleType": "string",
"status": "string"
}
],
"description": "string",
"id": "string",
"manualEvidenceCount": number,
"roles": [
{
"roleArn": "string",
"roleType": "string"
}
],
"status": "string",
"systemEvidenceCount": number
}
],
"id": "string",
"metadata": {
"complianceType": "string",
"description": "string",
"logo": "string",
"name": "string"
}
},
"metadata": {
"assessmentReportsDestination": {
"destination": "string",
"destinationType": "string"
},
"complianceType": "string",
"creationTime": number,
"delegations": [
{
"assessmentId": "string",
"assessmentName": "string",
"comment": "string",
"controlSetId": "string",
"createdBy": "string",
"creationTime": number,
"id": "string",
"lastUpdated": number,
"roleArn": "string",
"roleType": "string",
"status": "string"
}
],
"description": "string",
"id": "string",
"lastUpdated": number,
"name": "string",
"roles": [
{
"roleArn": "string",
"roleType": "string"
}
],
"scope": {
"awsAccounts": [
{
"emailAddress": "string",
"id": "string",
"name": "string"
}
],
"awsServices": [
{
"serviceName": "string"
}
]
},
"status": "string"
},
"tags": {
"string" : "string"
}
},
"userRole": {
"roleArn": "string",
"roleType": "string"
}
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- assessment
-
An entity that defines the scope of audit evidence collected by AWS Audit Manager. An Audit Manager assessment is an implementation of an Audit Manager framework.
Type: Assessment object
- userRole
-
The wrapper that contains the Audit Manager role information of the current user. This includes the role type and IAM Amazon Resource Name (ARN).
Type: Role object
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
Your account isn't registered with AWS Audit Manager. Check the delegated administrator setup on the Audit Manager settings page, and try again.
HTTP Status Code: 403
- InternalServerException
-
An internal service error occurred during the processing of your request. Try again later.
HTTP Status Code: 500
- ResourceNotFoundException
-
The resource that's specified in the request can't be found.
HTTP Status Code: 404
- ValidationException
-
The request has invalid or missing parameters.
HTTP Status Code: 400
Examples
Getting information about an assessment
This example shows a sample response for the GetAssessment API
operation.
Sample Response
{
"assessment": {
"arn": "arn:aws:auditmanager:us-east-1:111122223333:assessment/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"awsAccount": {
"id": "111122223333"
},
"metadata": {
"name": "My assessment",
"id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
"description": "This is a description about the assessment",
"complianceType": "AWS Audit Manager Sample Framework",
"status": "ACTIVE",
"assessmentReportsDestination": {
"destinationType": "S3",
"destination": "s3://my-assessment-report-destination"
},
"scope": {
"awsAccounts": [
{
"id": "111122223333"
}
],
"awsServices": [
{
"serviceName": "iam"
},
{
"serviceName": "ec2"
},
{
"serviceName": "cloudtrail"
}
]
},
"roles": [
{
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::111122223333:role/Administrator"
},
{
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::222233334444:role/ReadOnly"
}
],
"delegations": [],
"creationTime": "2023-03-13T16:05:55.180000-07:00",
"lastUpdated": "2023-03-13T16:05:55.309000-07:00"
},
"framework": {
"id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE22222",
"metadata": {
"name": "AWS Audit Manager Sample Framework",
"description": "The AWS Audit Manager sample template contains CloudTrail and AWS API calls. \n\n4 automated controls\n1 manual controls",
"logo": "Arch_AWS-Audit-Manager_16.svg",
"complianceType": "AWS Audit Manager Sample Framework"
},
"controlSets": [
{
"id": "AWS API",
"description": "AWS API",
"status": "ACTIVE",
"roles": [
{
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::111122223333:role/Administrator"
},
{
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::222233334444:role/ReadOnly"
}
],
"controls": [
{
"id": "control1-5678-90ab-cdef-example11111",
"name": "2.2.0 - List Principals and Policies",
"description": "2.2.0 - List Principals and Policies",
"status": "UNDER_REVIEW",
"comments": [],
"evidenceSources": [
"AWS API calls"
],
"evidenceCount": 0,
"assessmentReportEvidenceCount": 0
},
{
"id": "control2-5678-90ab-cdef-example22222",
"name": "2.2.1 - Describe Networks",
"description": "2.2.1 - Describe Networks",
"status": "UNDER_REVIEW",
"comments": [],
"evidenceSources": [
"AWS API calls"
],
"evidenceCount": 0,
"assessmentReportEvidenceCount": 0
}
],
"delegations": [],
"systemEvidenceCount": 0,
"manualEvidenceCount": 0
},
{
"id": "Account",
"description": "Account",
"status": "ACTIVE",
"roles": [
{
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::111122223333:role/Administrator"
},
{
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::222233334444:role/ReadOnly"
}
],
"controls": [
{
"id": "control3-5678-90ab-cdef-example33333",
"name": "3.0.0 - Account Summary",
"description": "3.0.0 - Account Summary",
"status": "REVIEWED",
"comments": [],
"evidenceSources": [
"Manual"
],
"evidenceCount": 1,
"assessmentReportEvidenceCount": 1
}
],
"delegations": [],
"systemEvidenceCount": 0,
"manualEvidenceCount": 0
},
{
"id": "CloudTrail",
"description": "CloudTrail",
"status": "ACTIVE",
"roles": [
{
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::111122223333:role/Administrator"
},
{
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::222233334444:role/ReadOnly"
}
],
"controls": [
{
"id": "control4-5678-90ab-cdef-example44444",
"name": "1.0.1 - CloudTrail Instance Events",
"description": "1.0.1 - CloudTrail Instance Events",
"status": "UNDER_REVIEW",
"comments": [],
"evidenceSources": [
"AWS CloudTrail"
],
"evidenceCount": 0,
"assessmentReportEvidenceCount": 0
},
{
"id": "ab65b812-0e1d-4aa9-ad61-0a642535824d",
"name": "1.0.2 - CloudTrail Volume Events",
"description": "1.0.2 - CloudTrail Volume Events",
"status": "UNDER_REVIEW",
"comments": [],
"evidenceSources": [
"AWS CloudTrail"
],
"evidenceCount": 0,
"assessmentReportEvidenceCount": 0
}
],
"delegations": [],
"systemEvidenceCount": 0,
"manualEvidenceCount": 0
}
]
},
"tags": {}
},
"userRole": {
"roleType": "PROCESS_OWNER",
"roleArn": "arn:aws:iam::111122223333:role/Administrator"
}
}See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
