IoT / Client / describe_detect_mitigation_actions_task
describe_detect_mitigation_actions_task#
- IoT.Client.describe_detect_mitigation_actions_task(**kwargs)#
Gets information about a Device Defender ML Detect mitigation action.
Requires permission to access the DescribeDetectMitigationActionsTask action.
See also: AWS API Documentation
Request Syntax
response = client.describe_detect_mitigation_actions_task( taskId='string' )
- Parameters:
taskId (string) –
[REQUIRED]
The unique identifier of the task.
- Return type:
dict
- Returns:
Response Syntax
{ 'taskSummary': { 'taskId': 'string', 'taskStatus': 'IN_PROGRESS'|'SUCCESSFUL'|'FAILED'|'CANCELED', 'taskStartTime': datetime(2015, 1, 1), 'taskEndTime': datetime(2015, 1, 1), 'target': { 'violationIds': [ 'string', ], 'securityProfileName': 'string', 'behaviorName': 'string' }, 'violationEventOccurrenceRange': { 'startTime': datetime(2015, 1, 1), 'endTime': datetime(2015, 1, 1) }, 'onlyActiveViolationsIncluded': True|False, 'suppressedAlertsIncluded': True|False, 'actionsDefinition': [ { 'name': 'string', 'id': 'string', 'roleArn': 'string', 'actionParams': { 'updateDeviceCertificateParams': { 'action': 'DEACTIVATE' }, 'updateCACertificateParams': { 'action': 'DEACTIVATE' }, 'addThingsToThingGroupParams': { 'thingGroupNames': [ 'string', ], 'overrideDynamicGroups': True|False }, 'replaceDefaultPolicyVersionParams': { 'templateName': 'BLANK_POLICY' }, 'enableIoTLoggingParams': { 'roleArnForLogging': 'string', 'logLevel': 'DEBUG'|'INFO'|'ERROR'|'WARN'|'DISABLED' }, 'publishFindingToSnsParams': { 'topicArn': 'string' } } }, ], 'taskStatistics': { 'actionsExecuted': 123, 'actionsSkipped': 123, 'actionsFailed': 123 } } }
Response Structure
(dict) –
taskSummary (dict) –
The description of a task.
taskId (string) –
The unique identifier of the task.
taskStatus (string) –
The status of the task.
taskStartTime (datetime) –
The date the task started.
taskEndTime (datetime) –
The date the task ended.
target (dict) –
Specifies the ML Detect findings to which the mitigation actions are applied.
violationIds (list) –
The unique identifiers of the violations.
(string) –
securityProfileName (string) –
The name of the security profile.
behaviorName (string) –
The name of the behavior.
violationEventOccurrenceRange (dict) –
Specifies the time period of which violation events occurred between.
startTime (datetime) –
The start date and time of a time period in which violation events occurred.
endTime (datetime) –
The end date and time of a time period in which violation events occurred.
onlyActiveViolationsIncluded (boolean) –
Includes only active violations.
suppressedAlertsIncluded (boolean) –
Includes suppressed alerts.
actionsDefinition (list) –
The definition of the actions.
(dict) –
Describes which changes should be applied as part of a mitigation action.
name (string) –
A user-friendly name for the mitigation action.
id (string) –
A unique identifier for the mitigation action.
roleArn (string) –
The IAM role ARN used to apply this mitigation action.
actionParams (dict) –
The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.
updateDeviceCertificateParams (dict) –
Parameters to define a mitigation action that changes the state of the device certificate to inactive.
action (string) –
The action that you want to apply to the device certificate. The only supported value is
DEACTIVATE.
updateCACertificateParams (dict) –
Parameters to define a mitigation action that changes the state of the CA certificate to inactive.
action (string) –
The action that you want to apply to the CA certificate. The only supported value is
DEACTIVATE.
addThingsToThingGroupParams (dict) –
Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine.
thingGroupNames (list) –
The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can’t add a thing to more than one group in the same hierarchy.
(string) –
overrideDynamicGroups (boolean) –
Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.
replaceDefaultPolicyVersionParams (dict) –
Parameters to define a mitigation action that adds a blank policy to restrict permissions.
templateName (string) –
The name of the template to be applied. The only supported value is
BLANK_POLICY.
enableIoTLoggingParams (dict) –
Parameters to define a mitigation action that enables Amazon Web Services IoT Core logging at a specified level of detail.
roleArnForLogging (string) –
The Amazon Resource Name (ARN) of the IAM role used for logging.
logLevel (string) –
Specifies the type of information to be logged.
publishFindingToSnsParams (dict) –
Parameters to define a mitigation action that publishes findings to Amazon Simple Notification Service (Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages.
topicArn (string) –
The ARN of the topic to which you want to publish the findings.
taskStatistics (dict) –
The statistics of a mitigation action task.
actionsExecuted (integer) –
The actions that were performed.
actionsSkipped (integer) –
The actions that were skipped.
actionsFailed (integer) –
The actions that failed.
Exceptions
IoT.Client.exceptions.ResourceNotFoundExceptionIoT.Client.exceptions.InvalidRequestExceptionIoT.Client.exceptions.ThrottlingExceptionIoT.Client.exceptions.InternalFailureException