Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account
UpdateStandardsControl - AWS Security Hub
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

UpdateStandardsControl

PDF

Used to control whether an individual security standard control is enabled or disabled.

Calls to this operation return a RESOURCE_NOT_FOUND_EXCEPTION error when the standard subscription for the control has StandardsControlsUpdatable value NOT_READY_FOR_UPDATES.

Request Syntax

PATCH /standards/control/StandardsControlArn+ HTTP/1.1
Content-type: application/json

{
   "ControlStatus": "string",
   "DisabledReason": "string"
}

URI Request Parameters

The request uses the following URI parameters.

StandardsControlArn

The ARN of the security standard control to enable or disable.

Pattern: .*\S.*

Required: Yes

Request Body

The request accepts the following data in JSON format.

ControlStatus

The updated status of the security standard control.

Type: String

Valid Values: ENABLED | DISABLED

Required: No

DisabledReason

A description of the reason why you are disabling a security standard control. If you are disabling a control, then this is required.

Type: String

Pattern: .*\S.*

Required: No

Response Syntax

HTTP/1.1 200

Response Elements

If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You don't have permission to perform the action specified in the request.

HTTP Status Code: 403

InternalException

Internal server error.

HTTP Status Code: 500

InvalidAccessException

The account doesn't have permission to perform this action.

HTTP Status Code: 401

InvalidInputException

The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

HTTP Status Code: 400

ResourceNotFoundException

The request was rejected because we can't find the specified resource.

HTTP Status Code: 404

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

Next topic:

Data Types

Need help?

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.