Shield / Client / describe_protection_group

describe_protection_group#

Shield.Client.describe_protection_group(**kwargs)#

Returns the specification for the specified protection group.

See also: AWS API Documentation

Request Syntax

response = client.describe_protection_group(
    ProtectionGroupId='string'
)
Parameters:

ProtectionGroupId (string) –

[REQUIRED]

The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.

Return type:

dict

Returns:

Response Syntax

{
    'ProtectionGroup': {
        'ProtectionGroupId': 'string',
        'Aggregation': 'SUM'|'MEAN'|'MAX',
        'Pattern': 'ALL'|'ARBITRARY'|'BY_RESOURCE_TYPE',
        'ResourceType': 'CLOUDFRONT_DISTRIBUTION'|'ROUTE_53_HOSTED_ZONE'|'ELASTIC_IP_ALLOCATION'|'CLASSIC_LOAD_BALANCER'|'APPLICATION_LOAD_BALANCER'|'GLOBAL_ACCELERATOR',
        'Members': [
            'string',
        ],
        'ProtectionGroupArn': 'string'
    }
}

Response Structure

  • (dict) –

    • ProtectionGroup (dict) –

      A grouping of protected resources that you and Shield Advanced can monitor as a collective. This resource grouping improves the accuracy of detection and reduces false positives.

      • ProtectionGroupId (string) –

        The name of the protection group. You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.

      • Aggregation (string) –

        Defines how Shield combines resource data for the group in order to detect, mitigate, and report events.

        • Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.

        • Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.

        • Max - Use the highest traffic from each resource. This is useful for resources that don’t share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.

      • Pattern (string) –

        The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.

      • ResourceType (string) –

        The resource type to include in the protection group. All protected resources of this type are included in the protection group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.

      • Members (list) –

        The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.

        • (string) –

      • ProtectionGroupArn (string) –

        The ARN (Amazon Resource Name) of the protection group.

Exceptions

  • Shield.Client.exceptions.InternalErrorException

  • Shield.Client.exceptions.ResourceNotFoundException