2020/02/14 - AWS Shield - 2 new 2 updated api methods
Changes This release adds support for associating Amazon Route 53 health checks to AWS Shield Advanced protected resources.
Adds health-based detection to the Shield Advanced protection for a resource. Shield Advanced health-based detection uses the health of your AWS resource to improve responsiveness and accuracy in attack detection and mitigation.
You define the health check in Route 53 and then associate it with your Shield Advanced protection. For more information, see Shield Advanced Health-Based Detection in the AWS WAF and AWS Shield Developer Guide .
See also: AWS API Documentation
Request Syntax
client.associate_health_check( ProtectionId='string', HealthCheckArn='string' )
string
[REQUIRED]
The unique identifier (ID) for the Protection object to add the health check association to.
string
[REQUIRED]
The Amazon Resource Name (ARN) of the health check to associate with the protection.
dict
Response Syntax
{}
Response Structure
(dict) --
Removes health-based detection from the Shield Advanced protection for a resource. Shield Advanced health-based detection uses the health of your AWS resource to improve responsiveness and accuracy in attack detection and mitigation.
You define the health check in Route 53 and then associate or disassociate it with your Shield Advanced protection. For more information, see Shield Advanced Health-Based Detection in the AWS WAF and AWS Shield Developer Guide .
See also: AWS API Documentation
Request Syntax
client.disassociate_health_check( ProtectionId='string', HealthCheckArn='string' )
string
[REQUIRED]
The unique identifier (ID) for the Protection object to remove the health check association from.
string
[REQUIRED]
The Amazon Resource Name (ARN) of the health check that is associated with the protection.
dict
Response Syntax
{}
Response Structure
(dict) --
{'Protection': {'HealthCheckIds': ['string']}}
Lists the details of a Protection object.
See also: AWS API Documentation
Request Syntax
client.describe_protection( ProtectionId='string', ResourceArn='string' )
string
The unique identifier (ID) for the Protection object that is described. When submitting the DescribeProtection request you must provide either the ResourceArn or the ProtectionID , but not both.
string
The ARN (Amazon Resource Name) of the AWS resource for the Protection object that is described. When submitting the DescribeProtection request you must provide either the ResourceArn or the ProtectionID , but not both.
dict
Response Syntax
{ 'Protection': { 'Id': 'string', 'Name': 'string', 'ResourceArn': 'string', 'HealthCheckIds': [ 'string', ] } }
Response Structure
(dict) --
Protection (dict) --
The Protection object that is described.
Id (string) --
The unique identifier (ID) of the protection.
Name (string) --
The friendly name of the protection. For example, My CloudFront distributions .
ResourceArn (string) --
The ARN (Amazon Resource Name) of the AWS resource that is protected.
HealthCheckIds (list) --
The unique identifier (ID) for the Route 53 health check that's associated with the protection.
(string) --
{'Protections': {'HealthCheckIds': ['string']}}
Lists all Protection objects for the account.
See also: AWS API Documentation
Request Syntax
client.list_protections( NextToken='string', MaxResults=123 )
string
The ListProtectionsRequest.NextToken value from a previous call to ListProtections . Pass null if this is the first call.
integer
The maximum number of Protection objects to be returned. If this is left blank the first 20 results will be returned.
This is a maximum value; it is possible that AWS WAF will return the results in smaller batches. That is, the number of Protection objects returned could be less than MaxResults , even if there are still more Protection objects yet to return. If there are more Protection objects to return, AWS WAF will always also return a NextToken .
dict
Response Syntax
{ 'Protections': [ { 'Id': 'string', 'Name': 'string', 'ResourceArn': 'string', 'HealthCheckIds': [ 'string', ] }, ], 'NextToken': 'string' }
Response Structure
(dict) --
Protections (list) --
The array of enabled Protection objects.
(dict) --
An object that represents a resource that is under DDoS protection.
Id (string) --
The unique identifier (ID) of the protection.
Name (string) --
The friendly name of the protection. For example, My CloudFront distributions .
ResourceArn (string) --
The ARN (Amazon Resource Name) of the AWS resource that is protected.
HealthCheckIds (list) --
The unique identifier (ID) for the Route 53 health check that's associated with the protection.
(string) --
NextToken (string) --
If you specify a value for MaxResults and you have more Protections than the value of MaxResults, AWS Shield Advanced returns a NextToken value in the response that allows you to list another group of Protections. For the second and subsequent ListProtections requests, specify the value of NextToken from the previous response to get information about another batch of Protections.
AWS WAF might return the list of Protection objects in batches smaller than the number specified by MaxResults. If there are more Protection objects to return, AWS WAF will always also return a NextToken .