Amazon Control Tower · Schema
EnabledControl
Information about an enabled control.
ComplianceGovernanceLanding ZoneMulti-AccountSecurityControls
Properties
| Name | Type | Description |
|---|---|---|
| arn | string | The ARN of the enabled control. |
| controlIdentifier | string | The control identifier. |
| driftStatusSummary | object | |
| parameters | array | |
| statusSummary | object | |
| targetIdentifier | string | The ARN of the organizational unit. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://raw.githubusercontent.com/api-evangelist/amazon-control-tower/refs/heads/main/json-schema/enabled-control-schema.json",
"title": "EnabledControl",
"description": "Information about an enabled control.",
"type": "object",
"properties": {
"arn": {
"type": "string",
"description": "The ARN of the enabled control.",
"example": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/a1b2c3d4EXAMPLE"
},
"controlIdentifier": {
"type": "string",
"description": "The control identifier.",
"example": "arn:aws:controltower:us-east-1::control/AWS-GR_ENCRYPTED_VOLUMES"
},
"driftStatusSummary": {
"type": "object",
"properties": {
"driftStatus": {
"type": "string",
"enum": [
"DRIFTED",
"IN_SYNC",
"NOT_CHECKING_FOR_DRIFT",
"UNKNOWN"
]
}
}
},
"parameters": {
"type": "array",
"items": {
"$ref": "#/components/schemas/EnabledControlParameter"
}
},
"statusSummary": {
"type": "object",
"properties": {
"lastOperationIdentifier": {
"type": "string"
},
"status": {
"type": "string",
"enum": [
"SUCCEEDED",
"FAILED",
"UNDER_CHANGE"
]
}
}
},
"targetIdentifier": {
"type": "string",
"description": "The ARN of the organizational unit."
}
}
}