ControlTower / Client / update_enabled_control

update_enabled_control#

ControlTower.Client.update_enabled_control(**kwargs)#

Updates the configuration of an already enabled control.

If the enabled control shows an EnablementStatus of SUCCEEDED, supply parameters that are different from the currently configured parameters. Otherwise, Amazon Web Services Control Tower will not accept the request.

If the enabled control shows an EnablementStatus of FAILED, Amazon Web Services Control Tower will update the control to match any valid parameters that you supply.

If the DriftSummary status for the control shows as DRIFTED, you cannot call this API. Instead, you can update the control by calling DisableControl and again calling EnableControl, or you can run an extending governance operation. For usage examples, see the Amazon Web Services Control Tower User Guide

See also: AWS API Documentation

Request Syntax

response = client.update_enabled_control(
    enabledControlIdentifier='string',
    parameters=[
        {
            'key': 'string',
            'value': {...}|[...]|123|123.4|'string'|True|None
        },
    ]
)
Parameters:

  • enabledControlIdentifier (string) –

    [REQUIRED]

    The ARN of the enabled control that will be updated.

  • parameters (list) –

    [REQUIRED]

    A key/value pair, where Key is of type String and Value is of type Document.

    • (dict) –

      A key/value pair, where Key is of type String and Value is of type Document.

      • key (string) – [REQUIRED]

        The key of a key/value pair.

      • value (document) – [REQUIRED]

        The value of a key/value pair.

Return type:

dict

Returns:

Response Syntax

{
    'operationIdentifier': 'string'
}

Response Structure

  • (dict) –

    • operationIdentifier (string) –

      The operation identifier for this UpdateEnabledControl operation.

Exceptions