describe_detect_mitigation_actions_task

IoT.Client.describe_detect_mitigation_actions_task(**kwargs)

Gets information about a Device Defender ML Detect mitigation action.

Requires permission to access the DescribeDetectMitigationActionsTask action.

See also: AWS API Documentation

Request Syntax

response = client.describe_detect_mitigation_actions_task(
    taskId='string'
)
Parameters
taskId (string) --

[REQUIRED]

The unique identifier of the task.

Return type
dict
Returns
Response Syntax
{
    'taskSummary': {
        'taskId': 'string',
        'taskStatus': 'IN_PROGRESS'|'SUCCESSFUL'|'FAILED'|'CANCELED',
        'taskStartTime': datetime(2015, 1, 1),
        'taskEndTime': datetime(2015, 1, 1),
        'target': {
            'violationIds': [
                'string',
            ],
            'securityProfileName': 'string',
            'behaviorName': 'string'
        },
        'violationEventOccurrenceRange': {
            'startTime': datetime(2015, 1, 1),
            'endTime': datetime(2015, 1, 1)
        },
        'onlyActiveViolationsIncluded': True|False,
        'suppressedAlertsIncluded': True|False,
        'actionsDefinition': [
            {
                'name': 'string',
                'id': 'string',
                'roleArn': 'string',
                'actionParams': {
                    'updateDeviceCertificateParams': {
                        'action': 'DEACTIVATE'
                    },
                    'updateCACertificateParams': {
                        'action': 'DEACTIVATE'
                    },
                    'addThingsToThingGroupParams': {
                        'thingGroupNames': [
                            'string',
                        ],
                        'overrideDynamicGroups': True|False
                    },
                    'replaceDefaultPolicyVersionParams': {
                        'templateName': 'BLANK_POLICY'
                    },
                    'enableIoTLoggingParams': {
                        'roleArnForLogging': 'string',
                        'logLevel': 'DEBUG'|'INFO'|'ERROR'|'WARN'|'DISABLED'
                    },
                    'publishFindingToSnsParams': {
                        'topicArn': 'string'
                    }
                }
            },
        ],
        'taskStatistics': {
            'actionsExecuted': 123,
            'actionsSkipped': 123,
            'actionsFailed': 123
        }
    }
}

Response Structure

  • (dict) --
    • taskSummary (dict) --

      The description of a task.

      • taskId (string) --

        The unique identifier of the task.

      • taskStatus (string) --

        The status of the task.

      • taskStartTime (datetime) --

        The date the task started.

      • taskEndTime (datetime) --

        The date the task ended.

      • target (dict) --

        Specifies the ML Detect findings to which the mitigation actions are applied.

        • violationIds (list) --

          The unique identifiers of the violations.

          • (string) --
        • securityProfileName (string) --

          The name of the security profile.

        • behaviorName (string) --

          The name of the behavior.

      • violationEventOccurrenceRange (dict) --

        Specifies the time period of which violation events occurred between.

        • startTime (datetime) --

          The start date and time of a time period in which violation events occurred.

        • endTime (datetime) --

          The end date and time of a time period in which violation events occurred.

      • onlyActiveViolationsIncluded (boolean) --

        Includes only active violations.

      • suppressedAlertsIncluded (boolean) --

        Includes suppressed alerts.

      • actionsDefinition (list) --

        The definition of the actions.

        • (dict) --

          Describes which changes should be applied as part of a mitigation action.

          • name (string) --

            A user-friendly name for the mitigation action.

          • id (string) --

            A unique identifier for the mitigation action.

          • roleArn (string) --

            The IAM role ARN used to apply this mitigation action.

          • actionParams (dict) --

            The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.

            • updateDeviceCertificateParams (dict) --

              Parameters to define a mitigation action that changes the state of the device certificate to inactive.

              • action (string) --

                The action that you want to apply to the device certificate. The only supported value is DEACTIVATE .

            • updateCACertificateParams (dict) --

              Parameters to define a mitigation action that changes the state of the CA certificate to inactive.

              • action (string) --

                The action that you want to apply to the CA certificate. The only supported value is DEACTIVATE .

            • addThingsToThingGroupParams (dict) --

              Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine.

              • thingGroupNames (list) --

                The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can't add a thing to more than one group in the same hierarchy.

                • (string) --
              • overrideDynamicGroups (boolean) --

                Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.

            • replaceDefaultPolicyVersionParams (dict) --

              Parameters to define a mitigation action that adds a blank policy to restrict permissions.

              • templateName (string) --

                The name of the template to be applied. The only supported value is BLANK_POLICY .

            • enableIoTLoggingParams (dict) --

              Parameters to define a mitigation action that enables Amazon Web Services IoT Core logging at a specified level of detail.

              • roleArnForLogging (string) --

                The Amazon Resource Name (ARN) of the IAM role used for logging.

              • logLevel (string) --

                Specifies the type of information to be logged.

            • publishFindingToSnsParams (dict) --

              Parameters to define a mitigation action that publishes findings to Amazon Simple Notification Service (Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages.

              • topicArn (string) --

                The ARN of the topic to which you want to publish the findings.

      • taskStatistics (dict) --

        The statistics of a mitigation action task.

        • actionsExecuted (integer) --

          The actions that were performed.

        • actionsSkipped (integer) --

          The actions that were skipped.

        • actionsFailed (integer) --

          The actions that failed.

Exceptions

  • IoT.Client.exceptions.ResourceNotFoundException
  • IoT.Client.exceptions.InvalidRequestException
  • IoT.Client.exceptions.ThrottlingException
  • IoT.Client.exceptions.InternalFailureException