start_detect_mitigation_actions_task

start_detect_mitigation_actions_task(**kwargs)

Starts a Device Defender ML Detect mitigation actions task.

Requires permission to access the StartDetectMitigationActionsTask action.

See also: AWS API Documentation

Request Syntax

response = client.start_detect_mitigation_actions_task(
    taskId='string',
    target={
        'violationIds': [
            'string',
        ],
        'securityProfileName': 'string',
        'behaviorName': 'string'
    },
    actions=[
        'string',
    ],
    violationEventOccurrenceRange={
        'startTime': datetime(2015, 1, 1),
        'endTime': datetime(2015, 1, 1)
    },
    includeOnlyActiveViolations=True|False,
    includeSuppressedAlerts=True|False,
    clientRequestToken='string'
)
Parameters
  • taskId (string) --

    [REQUIRED]

    The unique identifier of the task.

  • target (dict) --

    [REQUIRED]

    Specifies the ML Detect findings to which the mitigation actions are applied.

    • violationIds (list) --

      The unique identifiers of the violations.

      • (string) --
    • securityProfileName (string) --

      The name of the security profile.

    • behaviorName (string) --

      The name of the behavior.

  • actions (list) --

    [REQUIRED]

    The actions to be performed when a device has unexpected behavior.

    • (string) --
  • violationEventOccurrenceRange (dict) --

    Specifies the time period of which violation events occurred between.

    • startTime (datetime) -- [REQUIRED]

      The start date and time of a time period in which violation events occurred.

    • endTime (datetime) -- [REQUIRED]

      The end date and time of a time period in which violation events occurred.

  • includeOnlyActiveViolations (boolean) -- Specifies to list only active violations.
  • includeSuppressedAlerts (boolean) -- Specifies to include suppressed alerts.
  • clientRequestToken (string) --

    [REQUIRED]

    Each mitigation action task must have a unique client request token. If you try to create a new task with the same token as a task that already exists, an exception occurs. If you omit this value, Amazon Web Services SDKs will automatically generate a unique client request.

    This field is autopopulated if not provided.

Return type

dict

Returns

Response Syntax

{
    'taskId': 'string'
}

Response Structure

  • (dict) --

    • taskId (string) --

      The unique identifier of the task.

Exceptions

  • IoT.Client.exceptions.InvalidRequestException
  • IoT.Client.exceptions.TaskAlreadyExistsException
  • IoT.Client.exceptions.LimitExceededException
  • IoT.Client.exceptions.ThrottlingException
  • IoT.Client.exceptions.InternalFailureException