2017/11/21 - AWS Shield - 1 new 1 updated api methods
Changes The AWS Shield SDK has been updated in order to support Elastic IP address protections, the addition of AttackProperties objects in DescribeAttack responses, and a new GetSubscriptionState operation.
Returns the SubscriptionState , either Active or Inactive .
See also: AWS API Documentation
Request Syntax
client.get_subscription_state()
dict
Response Syntax
{ 'SubscriptionState': 'ACTIVE'|'INACTIVE' }
Response Structure
(dict) --
SubscriptionState (string) --
The status of the subscription.
{'Attack': {'AttackProperties': [{'AttackLayer': 'NETWORK | APPLICATION', 'AttackPropertyIdentifier': 'DESTINATION_URL ' '| REFERRER | ' 'SOURCE_ASN | ' 'SOURCE_COUNTRY ' '| ' 'SOURCE_IP_ADDRESS ' '| ' 'SOURCE_USER_AGENT', 'TopContributors': [{'Name': 'string', 'Value': 'long'}], 'Total': 'long', 'Unit': 'BITS | BYTES | PACKETS | ' 'REQUESTS'}]}}
Describes the details of a DDoS attack.
See also: AWS API Documentation
Request Syntax
client.describe_attack( AttackId='string' )
string
[REQUIRED]
The unique identifier (ID) for the attack that to be described.
dict
Response Syntax
{ 'Attack': { 'AttackId': 'string', 'ResourceArn': 'string', 'SubResources': [ { 'Type': 'IP'|'URL', 'Id': 'string', 'AttackVectors': [ { 'VectorType': 'string', 'VectorCounters': [ { 'Name': 'string', 'Max': 123.0, 'Average': 123.0, 'Sum': 123.0, 'N': 123, 'Unit': 'string' }, ] }, ], 'Counters': [ { 'Name': 'string', 'Max': 123.0, 'Average': 123.0, 'Sum': 123.0, 'N': 123, 'Unit': 'string' }, ] }, ], 'StartTime': datetime(2015, 1, 1), 'EndTime': datetime(2015, 1, 1), 'AttackCounters': [ { 'Name': 'string', 'Max': 123.0, 'Average': 123.0, 'Sum': 123.0, 'N': 123, 'Unit': 'string' }, ], 'AttackProperties': [ { 'AttackLayer': 'NETWORK'|'APPLICATION', 'AttackPropertyIdentifier': 'DESTINATION_URL'|'REFERRER'|'SOURCE_ASN'|'SOURCE_COUNTRY'|'SOURCE_IP_ADDRESS'|'SOURCE_USER_AGENT', 'TopContributors': [ { 'Name': 'string', 'Value': 123 }, ], 'Unit': 'BITS'|'BYTES'|'PACKETS'|'REQUESTS', 'Total': 123 }, ], 'Mitigations': [ { 'MitigationName': 'string' }, ] } }
Response Structure
(dict) --
Attack (dict) --
The attack that is described.
AttackId (string) --
The unique identifier (ID) of the attack.
ResourceArn (string) --
The ARN (Amazon Resource Name) of the resource that was attacked.
SubResources (list) --
If applicable, additional detail about the resource being attacked, for example, IP address or URL.
(dict) --
The attack information for the specified SubResource.
Type (string) --
The SubResource type.
Id (string) --
The unique identifier (ID) of the SubResource .
AttackVectors (list) --
The list of attack types and associated counters.
(dict) --
A summary of information about the attack.
VectorType (string) --
The attack type, for example, SNMP reflection or SYN flood.
VectorCounters (list) --
The list of counters that describe the details of the attack.
(dict) --
The counter that describes a DDoS attack.
Name (string) --
The counter name.
Max (float) --
The maximum value of the counter for a specified time period.
Average (float) --
The average value of the counter for a specified time period.
Sum (float) --
The total of counter values for a specified time period.
N (integer) --
The number of counters for a specified time period.
Unit (string) --
The unit of the counters.
Counters (list) --
The counters that describe the details of the attack.
(dict) --
The counter that describes a DDoS attack.
Name (string) --
The counter name.
Max (float) --
The maximum value of the counter for a specified time period.
Average (float) --
The average value of the counter for a specified time period.
Sum (float) --
The total of counter values for a specified time period.
N (integer) --
The number of counters for a specified time period.
Unit (string) --
The unit of the counters.
StartTime (datetime) --
The time the attack started, in Unix time in seconds. For more information see timestamp .
EndTime (datetime) --
The time the attack ended, in Unix time in seconds. For more information see timestamp .
AttackCounters (list) --
List of counters that describe the attack for the specified time period.
(dict) --
The counter that describes a DDoS attack.
Name (string) --
The counter name.
Max (float) --
The maximum value of the counter for a specified time period.
Average (float) --
The average value of the counter for a specified time period.
Sum (float) --
The total of counter values for a specified time period.
N (integer) --
The number of counters for a specified time period.
Unit (string) --
The unit of the counters.
AttackProperties (list) --
The array of AttackProperty objects.
(dict) --
Details of the described attack.
AttackLayer (string) --
The type of DDoS event that was observed. NETWORK indicates layer 3 and layer 4 events and APPLICATION indicates layer 7 events.
AttackPropertyIdentifier (string) --
Defines the DDoS attack property information that is provided.
TopContributors (list) --
The array of Contributor objects that includes the top five contributors to an attack.
(dict) --
A contributor to the attack and their contribution.
Name (string) --
The name of the contributor. This is dependent on the AttackPropertyIdentifier . For example, if the AttackPropertyIdentifier is SOURCE_COUNTRY , the Name could be United States .
Value (integer) --
The contribution of this contributor expressed in Protection units. For example 10,000 .
Unit (string) --
The unit of the Value of the contributions.
Total (integer) --
The total contributions made to this attack by all contributors, not just the five listed in the TopContributors list.
Mitigations (list) --
List of mitigation actions taken for the attack.
(dict) --
The mitigation applied to a DDoS attack.
MitigationName (string) --
The name of the mitigation taken for this attack.