Shield / Client / list_protections
list_protections#
- Shield.Client.list_protections(**kwargs)#
Retrieves Protection objects for the account. You can retrieve all protections or you can provide filtering criteria and retrieve just the subset of protections that match the criteria.
See also: AWS API Documentation
Request Syntax
response = client.list_protections( NextToken='string', MaxResults=123, InclusionFilters={ 'ResourceArns': [ 'string', ], 'ProtectionNames': [ 'string', ], 'ResourceTypes': [ 'CLOUDFRONT_DISTRIBUTION'|'ROUTE_53_HOSTED_ZONE'|'ELASTIC_IP_ALLOCATION'|'CLASSIC_LOAD_BALANCER'|'APPLICATION_LOAD_BALANCER'|'GLOBAL_ACCELERATOR', ] } )
- Parameters:
NextToken (string) –
When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, Shield Advanced includes a
NextToken
value in the response. You can retrieve the next batch of objects by requesting the list again and providing the token that was returned by the prior call in your request.You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the
MaxResults
setting. Shield Advanced will not return more thanMaxResults
objects, but may return fewer, even if more objects are still available.Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a
NextToken
value.On your first call to a list operation, leave this setting empty.
MaxResults (integer) –
The greatest number of objects that you want Shield Advanced to return to the list request. Shield Advanced might return fewer objects than you indicate in this setting, even if more objects are available. If there are more objects remaining, Shield Advanced will always also return a
NextToken
value in the response.The default setting is 20.
InclusionFilters (dict) –
Narrows the set of protections that the call retrieves. You can retrieve a single protection by providing its name or the ARN (Amazon Resource Name) of its protected resource. You can also retrieve all protections for a specific resource type. You can provide up to one criteria per filter type. Shield Advanced returns protections that exactly match all of the filter criteria that you provide.
ResourceArns (list) –
The ARN (Amazon Resource Name) of the resource whose protection you want to retrieve.
(string) –
ProtectionNames (list) –
The name of the protection that you want to retrieve.
(string) –
ResourceTypes (list) –
The type of protected resource whose protections you want to retrieve.
(string) –
- Return type:
dict
- Returns:
Response Syntax
{ 'Protections': [ { 'Id': 'string', 'Name': 'string', 'ResourceArn': 'string', 'HealthCheckIds': [ 'string', ], 'ProtectionArn': 'string', 'ApplicationLayerAutomaticResponseConfiguration': { 'Status': 'ENABLED'|'DISABLED', 'Action': { 'Block': {}, 'Count': {} } } }, ], 'NextToken': 'string' }
Response Structure
(dict) –
Protections (list) –
The array of enabled Protection objects.
(dict) –
An object that represents a resource that is under DDoS protection.
Id (string) –
The unique identifier (ID) of the protection.
Name (string) –
The name of the protection. For example,
My CloudFront distributions
.ResourceArn (string) –
The ARN (Amazon Resource Name) of the Amazon Web Services resource that is protected.
HealthCheckIds (list) –
The unique identifier (ID) for the Route 53 health check that’s associated with the protection.
(string) –
ProtectionArn (string) –
The ARN (Amazon Resource Name) of the protection.
ApplicationLayerAutomaticResponseConfiguration (dict) –
The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.
Status (string) –
Indicates whether automatic application layer DDoS mitigation is enabled for the protection.
Action (dict) –
Specifies the action setting that Shield Advanced should use in the WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.
Block (dict) –
Specifies that Shield Advanced should configure its WAF rules with the WAF
Block
action.You must specify exactly one action, either
Block
orCount
.Count (dict) –
Specifies that Shield Advanced should configure its WAF rules with the WAF
Count
action.You must specify exactly one action, either
Block
orCount
.
NextToken (string) –
When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects, Shield Advanced includes a
NextToken
value in the response. You can retrieve the next batch of objects by requesting the list again and providing the token that was returned by the prior call in your request.You can indicate the maximum number of objects that you want Shield Advanced to return for a single call with the
MaxResults
setting. Shield Advanced will not return more thanMaxResults
objects, but may return fewer, even if more objects are still available.Whenever more objects remain that Shield Advanced has not yet returned to you, the response will include a
NextToken
value.
Exceptions
Shield.Client.exceptions.InternalErrorException
Shield.Client.exceptions.ResourceNotFoundException
Shield.Client.exceptions.InvalidPaginationTokenException