:doc:`SecurityHub <../../securityhub>` / Client / batch_get_standards_control_associations

****************************************
batch_get_standards_control_associations
****************************************



.. py:method:: SecurityHub.Client.batch_get_standards_control_associations(**kwargs)

  

  For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard.

   

  Calls to this operation return a ``RESOURCE_NOT_FOUND_EXCEPTION`` error when the standard subscription for the association has a ``NOT_READY_FOR_UPDATES`` value for ``StandardsControlsUpdatable``.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchGetStandardsControlAssociations>`_  


  **Request Syntax**
  ::

    response = client.batch_get_standards_control_associations(
        StandardsControlAssociationIds=[
            {
                'SecurityControlId': 'string',
                'StandardsArn': 'string'
            },
        ]
    )
    
  :type StandardsControlAssociationIds: list
  :param StandardsControlAssociationIds: **[REQUIRED]** 

    An array with one or more objects that includes a security control (identified with ``SecurityControlId``, ``SecurityControlArn``, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. This field is used to query the enablement status of a control in a specified standard. The security control ID or ARN is the same across standards.

    

  
    - *(dict) --* 

      An array with one or more objects that includes a security control (identified with ``SecurityControlId``, ``SecurityControlArn``, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. The security control ID or ARN is the same across standards.

      

    
      - **SecurityControlId** *(string) --* **[REQUIRED]** 

        The unique identifier (identified with ``SecurityControlId``, ``SecurityControlArn``, or a mix of both parameters) of a security control across standards.

        

      
      - **StandardsArn** *(string) --* **[REQUIRED]** 

        The ARN of a standard.

        

      
    

  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'StandardsControlAssociationDetails': [
              {
                  'StandardsArn': 'string',
                  'SecurityControlId': 'string',
                  'SecurityControlArn': 'string',
                  'AssociationStatus': 'ENABLED'|'DISABLED',
                  'RelatedRequirements': [
                      'string',
                  ],
                  'UpdatedAt': datetime(2015, 1, 1),
                  'UpdatedReason': 'string',
                  'StandardsControlTitle': 'string',
                  'StandardsControlDescription': 'string',
                  'StandardsControlArns': [
                      'string',
                  ]
              },
          ],
          'UnprocessedAssociations': [
              {
                  'StandardsControlAssociationId': {
                      'SecurityControlId': 'string',
                      'StandardsArn': 'string'
                  },
                  'ErrorCode': 'INVALID_INPUT'|'ACCESS_DENIED'|'NOT_FOUND'|'RESOURCE_NOT_FOUND'|'LIMIT_EXCEEDED',
                  'ErrorReason': 'string'
              },
          ]
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **StandardsControlAssociationDetails** *(list) --* 

        Provides the enablement status of a security control in a specified standard and other details for the control in relation to the specified standard.

        
        

        - *(dict) --* 

          Provides details about a control's enablement status in a specified standard.

          
          

          - **StandardsArn** *(string) --* 

            The Amazon Resource Name (ARN) of a security standard.

            
          

          - **SecurityControlId** *(string) --* 

            The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Services service name and a number, such as APIGateway.3.

            
          

          - **SecurityControlArn** *(string) --* 

            The ARN of a security control across standards, such as ``arn:aws:securityhub:eu-central-1:123456789012:security-control/S3.1``. This parameter doesn't mention a specific standard.

            
          

          - **AssociationStatus** *(string) --* 

            Specifies whether a control is enabled or disabled in a specified standard.

            
          

          - **RelatedRequirements** *(list) --* 

            The requirement that underlies a control in the compliance framework related to the standard.

            
            

            - *(string) --* 
        
          

          - **UpdatedAt** *(datetime) --* 

            The time at which the enablement status of the control in the specified standard was last updated.

            
          

          - **UpdatedReason** *(string) --* 

            The reason for updating the enablement status of a control in a specified standard.

            
          

          - **StandardsControlTitle** *(string) --* 

            The title of a control. This field may reference a specific standard.

            
          

          - **StandardsControlDescription** *(string) --* 

            The description of a control. This typically summarizes how Security Hub evaluates the control and the conditions under which it produces a failed finding. This parameter may reference a specific standard.

            
          

          - **StandardsControlArns** *(list) --* 

            Provides the input parameter that Security Hub uses to call the `UpdateStandardsControl <https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_UpdateStandardsControl.html>`__ API. This API can be used to enable or disable a control in a specified standard.

            
            

            - *(string) --* 
        
      
    
      

      - **UnprocessedAssociations** *(list) --* 

        A security control (identified with ``SecurityControlId``, ``SecurityControlArn``, or a mix of both parameters) whose enablement status in a specified standard cannot be returned.

        
        

        - *(dict) --* 

          Provides details about which control's enablement status couldn't be retrieved in a specified standard when calling `BatchUpdateStandardsControlAssociations <https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html>`__. This parameter also provides details about why the request was unprocessed.

          
          

          - **StandardsControlAssociationId** *(dict) --* 

            An array with one or more objects that includes a security control (identified with ``SecurityControlId``, ``SecurityControlArn``, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. This parameter shows the specific controls for which the enablement status couldn't be retrieved in specified standards when calling `BatchUpdateStandardsControlAssociations <https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html>`__.

            
            

            - **SecurityControlId** *(string) --* 

              The unique identifier (identified with ``SecurityControlId``, ``SecurityControlArn``, or a mix of both parameters) of a security control across standards.

              
            

            - **StandardsArn** *(string) --* 

              The ARN of a standard.

              
        
          

          - **ErrorCode** *(string) --* 

            The error code for the unprocessed standard and control association. The ``NOT_FOUND`` value has been deprecated and replaced by the ``RESOURCE_NOT_FOUND`` value.

            
          

          - **ErrorReason** *(string) --* 

            The reason why the standard and control association was unprocessed.

            
      
    
  
  **Exceptions**
  
  *   :py:class:`SecurityHub.Client.exceptions.InternalException`

  
  *   :py:class:`SecurityHub.Client.exceptions.LimitExceededException`

  
  *   :py:class:`SecurityHub.Client.exceptions.InvalidAccessException`

  
  *   :py:class:`SecurityHub.Client.exceptions.InvalidInputException`

  