ControlCatalog / Paginator / ListControls

ListControls

class ControlCatalog.Paginator.ListControls
paginator = client.get_paginator('list_controls')
paginate(**kwargs)

Creates an iterator that will paginate through responses from ControlCatalog.Client.list_controls().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    Filter={
        'Implementations': {
            'Types': [
                'string',
            ],
            'Identifiers': [
                'string',
            ]
        }
    },
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)
Parameters:
  • Filter (dict) –

    An optional filter that narrows the results to controls with specific implementation types or identifiers. If you don’t provide a filter, the operation returns all available controls.

    • Implementations (dict) –

      A filter that narrows the results to controls with specific implementation types or identifiers. This field allows you to find controls that are implemented by specific Amazon Web Services services or with specific service identifiers.

      • Types (list) –

        A list of implementation types that can serve as filters. For example, you can filter for controls implemented as Amazon Web Services Config Rules by specifying AWS::Config::ConfigRule as a type.

        • (string) –

      • Identifiers (list) –

        A list of service-specific identifiers that can serve as filters. For example, you can filter for controls with specific Amazon Web Services Config Rule IDs or Security Hub Control IDs.

        • (string) –

  • PaginationConfig (dict) –

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) –

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) –

      The size of each page.

    • StartingToken (string) –

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:

dict

Returns:

Response Syntax

{
    'Controls': [
        {
            'Arn': 'string',
            'Aliases': [
                'string',
            ],
            'Name': 'string',
            'Description': 'string',
            'Behavior': 'PREVENTIVE'|'PROACTIVE'|'DETECTIVE',
            'Severity': 'LOW'|'MEDIUM'|'HIGH'|'CRITICAL',
            'Implementation': {
                'Type': 'string',
                'Identifier': 'string'
            },
            'CreateTime': datetime(2015, 1, 1),
            'GovernedResources': [
                'string',
            ]
        },
    ],

}

Response Structure

  • (dict) –

    • Controls (list) –

      Returns a list of controls, given as structures of type controlSummary.

      • (dict) –

        Overview of information about a control.

        • Arn (string) –

          The Amazon Resource Name (ARN) of the control.

        • Aliases (list) –

          A list of alternative identifiers for the control. These are human-readable designators, such as SH.S3.1. Several aliases can refer to the same control across different Amazon Web Services services or compliance frameworks.

          • (string) –

        • Name (string) –

          The display name of the control.

        • Description (string) –

          A description of the control, as it may appear in the console. Describes the functionality of the control.

        • Behavior (string) –

          An enumerated type, with the following possible values:

        • Severity (string) –

          An enumerated type, with the following possible values:

        • Implementation (dict) –

          An object of type ImplementationSummary that describes how the control is implemented.

          • Type (string) –

            A string that represents the Amazon Web Services service that implements this control. For example, a value of AWS::Config::ConfigRule indicates that the control is implemented by Amazon Web Services Config, and AWS::SecurityHub::SecurityControl indicates implementation by Amazon Web Services Security Hub.

          • Identifier (string) –

            The identifier originally assigned by the Amazon Web Services service that implements the control. For example, CODEPIPELINE_DEPLOYMENT_COUNT_CHECK.

        • CreateTime (datetime) –

          A timestamp that notes the time when the control was released (start of its life) as a governance capability in Amazon Web Services.

        • GovernedResources (list) –

          A list of Amazon Web Services resource types that are governed by this control. This information helps you understand which controls can govern certain types of resources, and conversely, which resources are affected when the control is implemented. The resources are represented as Amazon Web Services CloudFormation resource types. If GovernedResources cannot be represented by available CloudFormation resource types, it’s returned as an empty list.

          • (string) –