:doc:`SecurityHub <../../securityhub>` / Client / describe_standards_controls

***************************
describe_standards_controls
***************************



.. py:method:: SecurityHub.Client.describe_standards_controls(**kwargs)

  

  Returns a list of security standards controls.

   

  For each control, the results include information about whether it is currently enabled, the severity, and a link to remediation information.

   

  This operation returns an empty list for standard subscriptions where ``StandardsControlsUpdatable`` has value ``NOT_READY_FOR_UPDATES``.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeStandardsControls>`_  


  **Request Syntax**
  ::

    response = client.describe_standards_controls(
        StandardsSubscriptionArn='string',
        NextToken='string',
        MaxResults=123
    )
    
  :type StandardsSubscriptionArn: string
  :param StandardsSubscriptionArn: **[REQUIRED]** 

    The ARN of a resource that represents your subscription to a supported standard. To get the subscription ARNs of the standards you have enabled, use the ``GetEnabledStandards`` operation.

    

  
  :type NextToken: string
  :param NextToken: 

    The token that is required for pagination. On your first call to the ``DescribeStandardsControls`` operation, set the value of this parameter to ``NULL``.

     

    For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.

    

  
  :type MaxResults: integer
  :param MaxResults: 

    The maximum number of security standard controls to return.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'Controls': [
              {
                  'StandardsControlArn': 'string',
                  'ControlStatus': 'ENABLED'|'DISABLED',
                  'DisabledReason': 'string',
                  'ControlStatusUpdatedAt': datetime(2015, 1, 1),
                  'ControlId': 'string',
                  'Title': 'string',
                  'Description': 'string',
                  'RemediationUrl': 'string',
                  'SeverityRating': 'LOW'|'MEDIUM'|'HIGH'|'CRITICAL',
                  'RelatedRequirements': [
                      'string',
                  ]
              },
          ],
          'NextToken': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **Controls** *(list) --* 

        A list of security standards controls.

        
        

        - *(dict) --* 

          Details for an individual security standard control.

          
          

          - **StandardsControlArn** *(string) --* 

            The ARN of the security standard control.

            
          

          - **ControlStatus** *(string) --* 

            The current status of the security standard control. Indicates whether the control is enabled or disabled. Security Hub does not check against disabled controls.

            
          

          - **DisabledReason** *(string) --* 

            The reason provided for the most recent change in status for the control.

            
          

          - **ControlStatusUpdatedAt** *(datetime) --* 

            The date and time that the status of the security standard control was most recently updated.

            
          

          - **ControlId** *(string) --* 

            The identifier of the security standard control.

            
          

          - **Title** *(string) --* 

            The title of the security standard control.

            
          

          - **Description** *(string) --* 

            The longer description of the security standard control. Provides information about what the control is checking for.

            
          

          - **RemediationUrl** *(string) --* 

            A link to remediation information for the control in the Security Hub user documentation.

            
          

          - **SeverityRating** *(string) --* 

            The severity of findings generated from this security standard control.

             

            The finding severity is based on an assessment of how easy it would be to compromise Amazon Web Services resources if the issue is detected.

            
          

          - **RelatedRequirements** *(list) --* 

            The list of requirements that are related to this control.

            
            

            - *(string) --* 
        
      
    
      

      - **NextToken** *(string) --* 

        The pagination token to use to request the next page of results.

        
  
  **Exceptions**
  
  *   :py:class:`SecurityHub.Client.exceptions.InternalException`

  
  *   :py:class:`SecurityHub.Client.exceptions.InvalidInputException`

  
  *   :py:class:`SecurityHub.Client.exceptions.InvalidAccessException`

  
  *   :py:class:`SecurityHub.Client.exceptions.ResourceNotFoundException`

  