BatchGetConfigurationPolicyAssociations
Returns associations between an AWS Security Hub configuration and a batch of target accounts, organizational units, or the root. Only the Security Hub delegated administrator can invoke this operation from the home Region. A configuration can refer to a configuration policy or to a self-managed configuration.
Request Syntax
POST /configurationPolicyAssociation/batchget HTTP/1.1
Content-type: application/json
{
"ConfigurationPolicyAssociationIdentifiers": [
{
"Target": { ... }
}
]
}
URI Request Parameters
The request does not use any URI parameters.
Request Body
The request accepts the following data in JSON format.
- ConfigurationPolicyAssociationIdentifiers
-
Specifies one or more target account IDs, organizational unit (OU) IDs, or the root ID to retrieve associations for.
Type: Array of ConfigurationPolicyAssociation objects
Required: Yes
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"ConfigurationPolicyAssociations": [
{
"AssociationStatus": "string",
"AssociationStatusMessage": "string",
"AssociationType": "string",
"ConfigurationPolicyId": "string",
"TargetId": "string",
"TargetType": "string",
"UpdatedAt": "string"
}
],
"UnprocessedConfigurationPolicyAssociations": [
{
"ConfigurationPolicyAssociationIdentifiers": {
"Target": { ... }
},
"ErrorCode": "string",
"ErrorReason": "string"
}
]
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- ConfigurationPolicyAssociations
-
Describes associations for the target accounts, OUs, or the root.
Type: Array of ConfigurationPolicyAssociationSummary objects
- UnprocessedConfigurationPolicyAssociations
-
An array of configuration policy associations, one for each configuration policy association identifier, that was specified in the request but couldn’t be processed due to an error.
Type: Array of UnprocessedConfigurationPolicyAssociation objects
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You don't have permission to perform the action specified in the request.
HTTP Status Code: 403
- InternalException
-
Internal server error.
HTTP Status Code: 500
- InvalidAccessException
-
The account doesn't have permission to perform this action.
HTTP Status Code: 401
- InvalidInputException
-
The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
HTTP Status Code: 400
- LimitExceededException
-
The request was rejected because it attempted to create resources beyond the current AWS account or throttling limits. The error code describes the limit exceeded.
HTTP Status Code: 429
- ResourceNotFoundException
-
The request was rejected because we can't find the specified resource.
HTTP Status Code: 404
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: