AWS::AuditManager::Assessment
The AWS::AuditManager::Assessment resource is an Audit Manager
resource type that defines the scope of audit evidence collected by Audit Manager. An
Audit Manager assessment is an implementation of an Audit Manager framework.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::AuditManager::Assessment", "Properties" : { "AssessmentReportsDestination" :AssessmentReportsDestination, "AwsAccount" :AWSAccount, "Delegations" :[ Delegation, ... ], "Description" :String, "FrameworkId" :String, "Name" :String, "Roles" :[ Role, ... ], "Scope" :Scope, "Status" :String, "Tags" :[ Tag, ... ]} }
YAML
Type: AWS::AuditManager::Assessment Properties: AssessmentReportsDestination:AssessmentReportsDestinationAwsAccount:AWSAccountDelegations:- DelegationDescription:StringFrameworkId:StringName:StringRoles:- RoleScope:ScopeStatus:StringTags:- Tag
Properties
AssessmentReportsDestination-
The destination that evidence reports are stored in for the assessment.
Required: No
Type: AssessmentReportsDestination
Update requires: No interruption
AwsAccount-
The Amazon Web Services account that's associated with the assessment.
Required: No
Type: AWSAccount
Update requires: Replacement
Delegations-
The delegations that are associated with the assessment.
Required: No
Type: List of Delegation
Update requires: No interruption
Description-
The description of the assessment.
Required: No
Type: String
Maximum:
1000Pattern:
^[\w\W\s\S]*$Update requires: No interruption
FrameworkId-
The unique identifier for the framework.
Required: No
Type: String
Minimum:
36Maximum:
36Pattern:
^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$Update requires: Replacement
Name-
The name of the assessment.
Required: No
Type: String
Minimum:
1Maximum:
300Pattern:
^[^\\]*$Update requires: No interruption
Roles-
The roles that are associated with the assessment.
Required: No
Type: List of Role
Update requires: No interruption
Scope-
The wrapper of Amazon Web Services accounts and services that are in scope for the assessment.
Required: No
Type: Scope
Update requires: No interruption
Status-
The overall status of the assessment.
When you create a new assessment, the initial
Statusvalue is alwaysACTIVE. When you create an assessment, even if you specify the value asINACTIVE, the value overrides toACTIVE.After you create an assessment, you can change the value of the
Statusproperty at any time. For example, when you want to stop collecting evidence for your assessment, you can change the assessment status toINACTIVE.Required: No
Type: String
Allowed values:
ACTIVE | INACTIVEUpdate requires: No interruption
Tags-
The tags that are associated with the assessment.
Required: No
Type: List of Tag
Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Reffunction, Refreturns the assessment ID. For example:
{ "Ref": "111A1A1A-22B2-33C3-DDD4-55E5E5E555E5" }
For more information about using the Reffunction, see Ref.
Fn::GetAtt
The Fn::GetAttintrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAttintrinsic function, see Fn::GetAtt.
Arn-
The Amazon Resource Name (ARN) of the assessment. For example,
arn:aws:auditmanager:us-east-1:123456789012:assessment/111A1A1A-22B2-33C3-DDD4-55E5E5E555E5. AssessmentId-
The unique identifier for the assessment. For example,
111A1A1A-22B2-33C3-DDD4-55E5E5E555E5. CreationTime-
The time when the assessment was created. For example,
1607582033.373.
See also
-
CreateAssessment in the Amazon Audit Manager API Reference.
-
DeleteAssessment in the Amazon Audit Manager API Reference.
-
GetAssessment in the Amazon Audit Manager API Reference.
-
UpdateAssessment in the Amazon Audit Manager API Reference.