diff --git a/.changes/next-release/feature-AWSShield-67ae7d6.json b/.changes/next-release/feature-AWSShield-67ae7d6.json new file mode 100644 index 000000000000..d13d0ffb855a --- /dev/null +++ b/.changes/next-release/feature-AWSShield-67ae7d6.json @@ -0,0 +1,6 @@ +{ + "type": "feature", + "category": "AWS Shield", + "contributor": "", + "description": "Change name of DDoS Response Team (DRT) to Shield Response Team (SRT)" +} diff --git a/services/shield/src/main/resources/codegen-resources/service-2.json b/services/shield/src/main/resources/codegen-resources/service-2.json index c35e4190b55a..f4fce91164b4 100644 --- a/services/shield/src/main/resources/codegen-resources/service-2.json +++ b/services/shield/src/main/resources/codegen-resources/service-2.json @@ -31,7 +31,7 @@ {"shape":"OptimisticLockException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"
Authorizes the DDoS Response Team (DRT) to access the specified Amazon S3 bucket containing your AWS WAF logs. You can associate up to 10 Amazon S3 buckets with your subscription.
To use the services of the DRT and make an AssociateDRTLogBucket
request, you must be subscribed to the Business Support plan or the Enterprise Support plan.
Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.
To use the services of the SRT and make an AssociateDRTLogBucket
request, you must be subscribed to the Business Support plan or the Enterprise Support plan.
Authorizes the DDoS Response Team (DRT), using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the DRT to inspect your AWS WAF configuration and create or update AWS WAF rules and web ACLs.
You can associate only one RoleArn
with your subscription. If you submit an AssociateDRTRole
request for an account that already has an associated role, the new RoleArn
will replace the existing RoleArn
.
Prior to making the AssociateDRTRole
request, you must attach the AWSShieldDRTAccessPolicy managed policy to the role you will specify in the request. For more information see Attaching and Detaching IAM Policies. The role must also trust the service principal drt.shield.amazonaws.com
. For more information, see IAM JSON Policy Elements: Principal.
The DRT will have access only to your AWS WAF and Shield resources. By submitting this request, you authorize the DRT to inspect your AWS WAF and Shield configuration and create and update AWS WAF rules and web ACLs on your behalf. The DRT takes these actions only if explicitly authorized by you.
You must have the iam:PassRole
permission to make an AssociateDRTRole
request. For more information, see Granting a User Permissions to Pass a Role to an AWS Service.
To use the services of the DRT and make an AssociateDRTRole
request, you must be subscribed to the Business Support plan or the Enterprise Support plan.
Authorizes the Shield Response Team (SRT) using the specified role, to access your Amazon Web Services account to assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your WAF configuration and create or update WAF rules and web ACLs.
You can associate only one RoleArn
with your subscription. If you submit an AssociateDRTRole
request for an account that already has an associated role, the new RoleArn
will replace the existing RoleArn
.
Prior to making the AssociateDRTRole
request, you must attach the AWSShieldDRTAccessPolicy managed policy to the role you will specify in the request. For more information see Attaching and Detaching IAM Policies. The role must also trust the service principal drt.shield.amazonaws.com
. For more information, see IAM JSON Policy Elements: Principal.
The SRT will have access only to your WAF and Shield resources. By submitting this request, you authorize the SRT to inspect your WAF and Shield configuration and create and update WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.
You must have the iam:PassRole
permission to make an AssociateDRTRole
request. For more information, see Granting a User Permissions to Pass a Role to an Amazon Web Services Service.
To use the services of the SRT and make an AssociateDRTRole
request, you must be subscribed to the Business Support plan or the Enterprise Support plan.
Adds health-based detection to the Shield Advanced protection for a resource. Shield Advanced health-based detection uses the health of your AWS resource to improve responsiveness and accuracy in attack detection and mitigation.
You define the health check in Route 53 and then associate it with your Shield Advanced protection. For more information, see Shield Advanced Health-Based Detection in the AWS WAF and AWS Shield Developer Guide.
" + "documentation":"Adds health-based detection to the Shield Advanced protection for a resource. Shield Advanced health-based detection uses the health of your Amazon Web Services resource to improve responsiveness and accuracy in attack detection and mitigation.
You define the health check in Route 53 and then associate it with your Shield Advanced protection. For more information, see Shield Advanced Health-Based Detection in the WAF Developer Guide.
" }, "AssociateProactiveEngagementDetails":{ "name":"AssociateProactiveEngagementDetails", @@ -83,7 +83,7 @@ {"shape":"ResourceNotFoundException"}, {"shape":"OptimisticLockException"} ], - "documentation":"Initializes proactive engagement and sets the list of contacts for the DDoS Response Team (DRT) to use. You must provide at least one phone number in the emergency contact list.
After you have initialized proactive engagement using this call, to disable or enable proactive engagement, use the calls DisableProactiveEngagement
and EnableProactiveEngagement
.
This call defines the list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you for escalations to the DRT and to initiate proactive customer support.
The contacts that you provide in the request replace any contacts that were already defined. If you already have contacts defined and want to use them, retrieve the list using DescribeEmergencyContactSettings
and then provide it to this call.
Initializes proactive engagement and sets the list of contacts for the Shield Response Team (SRT) to use. You must provide at least one phone number in the emergency contact list.
After you have initialized proactive engagement using this call, to disable or enable proactive engagement, use the calls DisableProactiveEngagement
and EnableProactiveEngagement
.
This call defines the list of email addresses and phone numbers that the SRT can use to contact you for escalations to the SRT and to initiate proactive customer support.
The contacts that you provide in the request replace any contacts that were already defined. If you already have contacts defined and want to use them, retrieve the list using DescribeEmergencyContactSettings
and then provide it to this call.
Enables AWS Shield Advanced for a specific AWS resource. The resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, AWS Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.
You can add protection to only a single resource with each CreateProtection request. If you want to add protection to multiple resources at once, use the AWS WAF console. For more information see Getting Started with AWS Shield Advanced and Add AWS Shield Advanced Protection to more AWS Resources.
" + "documentation":"Enables Shield Advanced for a specific Amazon Web Services resource. The resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.
You can add protection to only a single resource with each CreateProtection request. If you want to add protection to multiple resources at once, use the WAF console. For more information see Getting Started with Shield Advanced and Add Shield Advanced Protection to more Amazon Web Services Resources.
" }, "CreateProtectionGroup":{ "name":"CreateProtectionGroup", @@ -135,7 +135,7 @@ {"shape":"InternalErrorException"}, {"shape":"ResourceAlreadyExistsException"} ], - "documentation":"Activates AWS Shield Advanced for an account.
When you initally create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period. You can change this by submitting an UpdateSubscription
request.
Activates Shield Advanced for an account.
When you initally create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period. You can change this by submitting an UpdateSubscription
request.
Deletes an AWS Shield Advanced Protection.
" + "documentation":"Deletes an Shield Advanced Protection.
" }, "DeleteProtectionGroup":{ "name":"DeleteProtectionGroup", @@ -180,7 +180,7 @@ {"shape":"LockedSubscriptionException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Removes AWS Shield Advanced from an account. AWS Shield Advanced requires a 1-year subscription commitment. You cannot delete a subscription prior to the completion of that commitment.
", + "documentation":"Removes Shield Advanced from an account. Shield Advanced requires a 1-year subscription commitment. You cannot delete a subscription prior to the completion of that commitment.
", "deprecated":true }, "DescribeAttack":{ @@ -208,7 +208,7 @@ "errors":[ {"shape":"InternalErrorException"} ], - "documentation":"Provides information about the number and type of attacks AWS Shield has detected in the last year for all resources that belong to your account, regardless of whether you've defined Shield protections for them. This operation is available to Shield customers as well as to Shield Advanced customers.
The operation returns data for the time range of midnight UTC, one year ago, to midnight UTC, today. For example, if the current time is 2020-10-26 15:39:32 PDT
, equal to 2020-10-26 22:39:32 UTC
, then the time range for the attack data returned is from 2019-10-26 00:00:00 UTC
to 2020-10-26 00:00:00 UTC
.
The time range indicates the period covered by the attack statistics data items.
" + "documentation":"Provides information about the number and type of attacks Shield has detected in the last year for all resources that belong to your account, regardless of whether you've defined Shield protections for them. This operation is available to Shield customers as well as to Shield Advanced customers.
The operation returns data for the time range of midnight UTC, one year ago, to midnight UTC, today. For example, if the current time is 2020-10-26 15:39:32 PDT
, equal to 2020-10-26 22:39:32 UTC
, then the time range for the attack data returned is from 2019-10-26 00:00:00 UTC
to 2020-10-26 00:00:00 UTC
.
The time range indicates the period covered by the attack statistics data items.
" }, "DescribeDRTAccess":{ "name":"DescribeDRTAccess", @@ -222,7 +222,7 @@ {"shape":"InternalErrorException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Returns the current role and list of Amazon S3 log buckets used by the DDoS Response Team (DRT) to access your AWS account while assisting with attack mitigation.
" + "documentation":"Returns the current role and list of Amazon S3 log buckets used by the Shield Response Team (SRT) to access your Amazon Web Services account while assisting with attack mitigation.
" }, "DescribeEmergencyContactSettings":{ "name":"DescribeEmergencyContactSettings", @@ -236,7 +236,7 @@ {"shape":"InternalErrorException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"A list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you if you have proactive engagement enabled, for escalations to the DRT and to initiate proactive customer support.
" + "documentation":"A list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you if you have proactive engagement enabled, for escalations to the SRT and to initiate proactive customer support.
" }, "DescribeProtection":{ "name":"DescribeProtection", @@ -279,7 +279,7 @@ {"shape":"InternalErrorException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Provides details about the AWS Shield Advanced subscription for an account.
" + "documentation":"Provides details about the Shield Advanced subscription for an account.
" }, "DisableProactiveEngagement":{ "name":"DisableProactiveEngagement", @@ -296,7 +296,7 @@ {"shape":"ResourceNotFoundException"}, {"shape":"OptimisticLockException"} ], - "documentation":"Removes authorization from the DDoS Response Team (DRT) to notify contacts about escalations to the DRT and to initiate proactive customer support.
" + "documentation":"Removes authorization from the Shield Response Team (SRT) to notify contacts about escalations to the SRT and to initiate proactive customer support.
" }, "DisassociateDRTLogBucket":{ "name":"DisassociateDRTLogBucket", @@ -314,7 +314,7 @@ {"shape":"OptimisticLockException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Removes the DDoS Response Team's (DRT) access to the specified Amazon S3 bucket containing your AWS WAF logs.
To make a DisassociateDRTLogBucket
request, you must be subscribed to the Business Support plan or the Enterprise Support plan. However, if you are not subscribed to one of these support plans, but had been previously and had granted the DRT access to your account, you can submit a DisassociateDRTLogBucket
request to remove this access.
Removes the Shield Response Team's (SRT) access to the specified Amazon S3 bucket containing the logs that you shared previously.
To make a DisassociateDRTLogBucket
request, you must be subscribed to the Business Support plan or the Enterprise Support plan. However, if you are not subscribed to one of these support plans, but had been previously and had granted the SRT access to your account, you can submit a DisassociateDRTLogBucket
request to remove this access.
Removes the DDoS Response Team's (DRT) access to your AWS account.
To make a DisassociateDRTRole
request, you must be subscribed to the Business Support plan or the Enterprise Support plan. However, if you are not subscribed to one of these support plans, but had been previously and had granted the DRT access to your account, you can submit a DisassociateDRTRole
request to remove this access.
Removes the Shield Response Team's (SRT) access to your Amazon Web Services account.
To make a DisassociateDRTRole
request, you must be subscribed to the Business Support plan or the Enterprise Support plan. However, if you are not subscribed to one of these support plans, but had been previously and had granted the SRT access to your account, you can submit a DisassociateDRTRole
request to remove this access.
Removes health-based detection from the Shield Advanced protection for a resource. Shield Advanced health-based detection uses the health of your AWS resource to improve responsiveness and accuracy in attack detection and mitigation.
You define the health check in Route 53 and then associate or disassociate it with your Shield Advanced protection. For more information, see Shield Advanced Health-Based Detection in the AWS WAF and AWS Shield Developer Guide.
" + "documentation":"Removes health-based detection from the Shield Advanced protection for a resource. Shield Advanced health-based detection uses the health of your Amazon Web Services resource to improve responsiveness and accuracy in attack detection and mitigation.
You define the health check in Route 53 and then associate or disassociate it with your Shield Advanced protection. For more information, see Shield Advanced Health-Based Detection in the WAF Developer Guide.
" }, "EnableProactiveEngagement":{ "name":"EnableProactiveEngagement", @@ -363,7 +363,7 @@ {"shape":"ResourceNotFoundException"}, {"shape":"OptimisticLockException"} ], - "documentation":"Authorizes the DDoS Response Team (DRT) to use email and phone to notify contacts about escalations to the DRT and to initiate proactive customer support.
" + "documentation":"Authorizes the Shield Response Team (SRT) to use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.
" }, "GetSubscriptionState":{ "name":"GetSubscriptionState", @@ -451,7 +451,7 @@ {"shape":"InvalidResourceException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Gets information about AWS tags for a specified Amazon Resource Name (ARN) in AWS Shield.
" + "documentation":"Gets information about Amazon Web Services tags for a specified Amazon Resource Name (ARN) in Shield.
" }, "TagResource":{ "name":"TagResource", @@ -467,7 +467,7 @@ {"shape":"InvalidParameterException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Adds or updates tags for a resource in AWS Shield.
" + "documentation":"Adds or updates tags for a resource in Shield.
" }, "UntagResource":{ "name":"UntagResource", @@ -483,7 +483,7 @@ {"shape":"InvalidParameterException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Removes tags from a resource in AWS Shield.
" + "documentation":"Removes tags from a resource in Shield.
" }, "UpdateEmergencyContactSettings":{ "name":"UpdateEmergencyContactSettings", @@ -499,7 +499,7 @@ {"shape":"OptimisticLockException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Updates the details of the list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you if you have proactive engagement enabled, for escalations to the DRT and to initiate proactive customer support.
" + "documentation":"Updates the details of the list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you if you have proactive engagement enabled, for escalations to the SRT and to initiate proactive customer support.
" }, "UpdateProtectionGroup":{ "name":"UpdateProtectionGroup", @@ -549,7 +549,7 @@ "members":{ "message":{"shape":"errorMessage"} }, - "documentation":"In order to grant the necessary access to the DDoS Response Team (DRT), the user submitting the request must have the iam:PassRole
permission. This error indicates the user did not have the appropriate permissions. For more information, see Granting a User Permissions to Pass a Role to an AWS Service.
In order to grant the necessary access to the Shield Response Team (SRT) the user submitting the request must have the iam:PassRole
permission. This error indicates the user did not have the appropriate permissions. For more information, see Granting a User Permissions to Pass a Role to an Amazon Web Services Service.
The Amazon S3 bucket that contains your AWS WAF logs.
" + "documentation":"The Amazon S3 bucket that contains the logs that you want to share.
" } } }, @@ -573,7 +573,7 @@ "members":{ "RoleArn":{ "shape":"RoleArn", - "documentation":"The Amazon Resource Name (ARN) of the role the DRT will use to access your AWS account.
Prior to making the AssociateDRTRole
request, you must attach the AWSShieldDRTAccessPolicy managed policy to this role. For more information see Attaching and Detaching IAM Policies.
The Amazon Resource Name (ARN) of the role the SRT will use to access your Amazon Web Services account.
Prior to making the AssociateDRTRole
request, you must attach the AWSShieldDRTAccessPolicy managed policy to this role. For more information see Attaching and Detaching IAM Policies.
A list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you for escalations to the DRT and to initiate proactive customer support.
To enable proactive engagement, the contact list must include at least one phone number.
The contacts that you provide here replace any contacts that were already defined. If you already have contacts defined and want to use them, retrieve the list using DescribeEmergencyContactSettings
and then provide it here.
A list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you for escalations to the SRT and to initiate proactive customer support.
To enable proactive engagement, the contact list must include at least one phone number.
The contacts that you provide here replace any contacts that were already defined. If you already have contacts defined and want to use them, retrieve the list using DescribeEmergencyContactSettings
and then provide it here.
The array of AttackProperty objects.
" + "documentation":"The array of objects that provide details of the Shield event.
For infrastructure layer events (L3 and L4 events) after January 25, 2021, you can view metrics for top contributors in Amazon CloudWatch metrics. For more information, see Shield metrics and alarms in the WAF Developer Guide.
" }, "Mitigations":{ "shape":"MitigationList", @@ -679,26 +679,26 @@ "members":{ "AttackLayer":{ "shape":"AttackLayer", - "documentation":"The type of distributed denial of service (DDoS) event that was observed. NETWORK
indicates layer 3 and layer 4 events and APPLICATION
indicates layer 7 events.
The type of Shield event that was observed. NETWORK
indicates layer 3 and layer 4 events and APPLICATION
indicates layer 7 events.
For infrastructure layer events (L3 and L4 events) after January 25, 2021, you can view metrics for top contributors in Amazon CloudWatch metrics. For more information, see Shield metrics and alarms in the WAF Developer Guide.
" }, "AttackPropertyIdentifier":{ "shape":"AttackPropertyIdentifier", - "documentation":"Defines the DDoS attack property information that is provided. The WORDPRESS_PINGBACK_REFLECTOR
and WORDPRESS_PINGBACK_SOURCE
values are valid only for WordPress reflective pingback DDoS attacks.
Defines the Shield event property information that is provided. The WORDPRESS_PINGBACK_REFLECTOR
and WORDPRESS_PINGBACK_SOURCE
values are valid only for WordPress reflective pingback events.
The array of contributor objects that includes the top five contributors to an attack.
" + "documentation":"Contributor objects for the top five contributors to a Shield event.
" }, "Unit":{ "shape":"Unit", - "documentation":"The unit of the Value
of the contributions.
The unit used for the Contributor
Value
property.
The total contributions made to this attack by all contributors, not just the five listed in the TopContributors
list.
The total contributions made to this Shield event by all contributors.
" } }, - "documentation":"Details of the described attack.
" + "documentation":"Details of a Shield event. This is provided as part of an AttackDetail.
" }, "AttackPropertyIdentifier":{ "type":"string", @@ -848,7 +848,7 @@ }, "Aggregation":{ "shape":"ProtectionGroupAggregation", - "documentation":"Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include CloudFront distributions and origin resources for CloudFront distributions.
Defines how Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront and origin resources for CloudFront distributions.
The ARN (Amazon Resource Name) of the resource to be protected.
The ARN should be in one of the following formats:
For an Application Load Balancer: arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
For an Elastic Load Balancer (Classic Load Balancer): arn:aws:elasticloadbalancing:region:account-id:loadbalancer/load-balancer-name
For an AWS CloudFront distribution: arn:aws:cloudfront::account-id:distribution/distribution-id
For an AWS Global Accelerator accelerator: arn:aws:globalaccelerator::account-id:accelerator/accelerator-id
For Amazon Route 53: arn:aws:route53:::hostedzone/hosted-zone-id
For an Elastic IP address: arn:aws:ec2:region:account-id:eip-allocation/allocation-id
The ARN (Amazon Resource Name) of the resource to be protected.
The ARN should be in one of the following formats:
For an Application Load Balancer: arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id
For an Elastic Load Balancer (Classic Load Balancer): arn:aws:elasticloadbalancing:region:account-id:loadbalancer/load-balancer-name
For an Amazon CloudFront distribution: arn:aws:cloudfront::account-id:distribution/distribution-id
For an Global Accelerator accelerator: arn:aws:globalaccelerator::account-id:accelerator/accelerator-id
For Amazon Route 53: arn:aws:route53:::hostedzone/hosted-zone-id
For an Elastic IP address: arn:aws:ec2:region:account-id:eip-allocation/allocation-id
The Amazon Resource Name (ARN) of the role the DRT used to access your AWS account.
" + "documentation":"The Amazon Resource Name (ARN) of the role the SRT used to access your Amazon Web Services account.
" }, "LogBucketList":{ "shape":"LogBucketList", - "documentation":"The list of Amazon S3 buckets accessed by the DRT.
" + "documentation":"The list of Amazon S3 buckets accessed by the SRT.
" } } }, @@ -1021,7 +1021,7 @@ "members":{ "EmergencyContactList":{ "shape":"EmergencyContactList", - "documentation":"A list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you if you have proactive engagement enabled, for escalations to the DRT and to initiate proactive customer support.
" + "documentation":"A list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you if you have proactive engagement enabled, for escalations to the SRT and to initiate proactive customer support.
" } } }, @@ -1041,7 +1041,7 @@ "members":{ "ProtectionGroup":{ "shape":"ProtectionGroup", - "documentation":"A grouping of protected resources that you and AWS Shield Advanced can monitor as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
" + "documentation":"A grouping of protected resources that you and Shield Advanced can monitor as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
" } } }, @@ -1054,7 +1054,7 @@ }, "ResourceArn":{ "shape":"ResourceArn", - "documentation":"The ARN (Amazon Resource Name) of the AWS resource for the Protection object that is described. When submitting the DescribeProtection
request you must provide either the ResourceArn
or the ProtectionID
, but not both.
The ARN (Amazon Resource Name) of the Amazon Web Services resource for the Protection object that is described. When submitting the DescribeProtection
request you must provide either the ResourceArn
or the ProtectionID
, but not both.
The AWS Shield Advanced subscription details for an account.
" + "documentation":"The Shield Advanced subscription details for an account.
" } } }, @@ -1097,7 +1097,7 @@ "members":{ "LogBucket":{ "shape":"LogBucket", - "documentation":"The Amazon S3 bucket that contains your AWS WAF logs.
" + "documentation":"The Amazon S3 bucket that contains the logs that you want to share.
" } } }, @@ -1166,7 +1166,7 @@ "documentation":"Additional notes regarding the contact.
" } }, - "documentation":"Contact information that the DRT can use to contact you if you have proactive engagement enabled, for escalations to the DRT and to initiate proactive customer support.
" + "documentation":"Contact information that the SRT can use to contact you if you have proactive engagement enabled, for escalations to the SRT and to initiate proactive customer support.
" }, "EmergencyContactList":{ "type":"list", @@ -1357,7 +1357,7 @@ }, "NextToken":{ "shape":"Token", - "documentation":"If you specify a value for MaxResults
and you have more protection groups than the value of MaxResults, AWS Shield Advanced returns this token that you can use in your next request, to get the next batch of objects.
If you specify a value for MaxResults
and you have more protection groups than the value of MaxResults, Shield Advanced returns this token that you can use in your next request, to get the next batch of objects.
If you specify a value for MaxResults
and you have more Protections than the value of MaxResults, AWS Shield Advanced returns a NextToken value in the response that allows you to list another group of Protections. For the second and subsequent ListProtections requests, specify the value of NextToken from the previous response to get information about another batch of Protections.
Shield Advanced might return the list of Protection objects in batches smaller than the number specified by MaxResults. If there are more Protection objects to return, Shield Advanced will always also return a NextToken
.
If you specify a value for MaxResults
and you have more Protections than the value of MaxResults, Shield Advanced returns a NextToken value in the response that allows you to list another group of Protections. For the second and subsequent ListProtections requests, specify the value of NextToken from the previous response to get information about another batch of Protections.
Shield Advanced might return the list of Protection objects in batches smaller than the number specified by MaxResults. If there are more Protection objects to return, Shield Advanced will always also return a NextToken
.
If you specify a value for MaxResults
and you have more resources in the protection group than the value of MaxResults, AWS Shield Advanced returns this token that you can use in your next request, to get the next batch of objects.
If you specify a value for MaxResults
and you have more resources in the protection group than the value of MaxResults, Shield Advanced returns this token that you can use in your next request, to get the next batch of objects.
The ARN (Amazon Resource Name) of the AWS resource that is protected.
" + "documentation":"The ARN (Amazon Resource Name) of the Amazon Web Services resource that is protected.
" }, "HealthCheckIds":{ "shape":"HealthCheckIds", @@ -1561,7 +1561,7 @@ }, "Aggregation":{ "shape":"ProtectionGroupAggregation", - "documentation":"Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include CloudFront distributions and origin resources for CloudFront distributions.
Defines how Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.
The ARN (Amazon Resource Name) of the protection group.
" } }, - "documentation":"A grouping of protected resources that you and AWS Shield Advanced can monitor as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
" + "documentation":"A grouping of protected resources that you and Shield Advanced can monitor as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
" }, "ProtectionGroupAggregation":{ "type":"string", @@ -1773,7 +1773,7 @@ }, "TimeCommitmentInSeconds":{ "shape":"DurationInSeconds", - "documentation":"The length, in seconds, of the AWS Shield Advanced subscription for the account.
" + "documentation":"The length, in seconds, of the Shield Advanced subscription for the account.
" }, "AutoRenew":{ "shape":"AutoRenew", @@ -1785,7 +1785,7 @@ }, "ProactiveEngagementStatus":{ "shape":"ProactiveEngagementStatus", - "documentation":"If ENABLED
, the DDoS Response Team (DRT) will use email and phone to notify contacts about escalations to the DRT and to initiate proactive customer support.
If PENDING
, you have requested proactive engagement and the request is pending. The status changes to ENABLED
when your request is fully processed.
If DISABLED
, the DRT will not proactively notify contacts about escalations or to initiate proactive customer support.
If ENABLED
, the Shield Response Team (SRT) will use email and phone to notify contacts about escalations to the SRT and to initiate proactive customer support.
If PENDING
, you have requested proactive engagement and the request is pending. The status changes to ENABLED
when your request is fully processed.
If DISABLED
, the SRT will not proactively notify contacts about escalations or to initiate proactive customer support.
The ARN (Amazon Resource Name) of the subscription.
" } }, - "documentation":"Information about the AWS Shield Advanced subscription for an account.
" + "documentation":"Information about the Shield Advanced subscription for an account.
" }, "SubscriptionLimits":{ "type":"structure", @@ -1888,7 +1888,7 @@ "documentation":"Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as \"companyA\" or \"companyB.\" Tag values are case-sensitive.
" } }, - "documentation":"A tag associated with an AWS resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing or other management. Typically, the tag key represents a category, such as \"environment\", and the tag value represents a specific value within that category, such as \"test,\" \"development,\" or \"production\". Or you might set the tag key to \"customer\" and the value to the customer name or ID. You can specify one or more tags to add to each AWS resource, up to 50 tags for a resource.
" + "documentation":"A tag associated with an Amazon Web Services resource. Tags are key:value pairs that you can use to categorize and manage your resources, for purposes like billing or other management. Typically, the tag key represents a category, such as \"environment\", and the tag value represents a specific value within that category, such as \"test,\" \"development,\" or \"production\". Or you might set the tag key to \"customer\" and the value to the customer name or ID. You can specify one or more tags to add to each Amazon Web Services resource, up to 50 tags for a resource.
" }, "TagKey":{ "type":"string", @@ -1995,7 +1995,7 @@ "members":{ "EmergencyContactList":{ "shape":"EmergencyContactList", - "documentation":"A list of email addresses and phone numbers that the DDoS Response Team (DRT) can use to contact you if you have proactive engagement enabled, for escalations to the DRT and to initiate proactive customer support.
If you have proactive engagement enabled, the contact list must include at least one phone number.
" + "documentation":"A list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you if you have proactive engagement enabled, for escalations to the SRT and to initiate proactive customer support.
If you have proactive engagement enabled, the contact list must include at least one phone number.
" } } }, @@ -2018,7 +2018,7 @@ }, "Aggregation":{ "shape":"ProtectionGroupAggregation", - "documentation":"Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include CloudFront distributions and origin resources for CloudFront distributions.
Defines how Shield combines resource data for the group in order to detect, mitigate, and report events.
Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.
This is the AWS Shield Advanced API Reference. This guide is for developers who need detailed information about the AWS Shield Advanced API actions, data types, and errors. For detailed information about AWS WAF and AWS Shield Advanced features and an overview of how to use the AWS WAF and AWS Shield Advanced APIs, see the AWS WAF and AWS Shield Developer Guide.
" + "documentation":"This is the Shield Advanced API Reference. This guide is for developers who need detailed information about the Shield Advanced API actions, data types, and errors. For detailed information about WAF and Shield Advanced features and an overview of how to use the WAF and Shield Advanced APIs, see the WAF and Shield Developer Guide.
" }