IoT / Client / start_detect_mitigation_actions_task

start_detect_mitigation_actions_task#

IoT.Client.start_detect_mitigation_actions_task(**kwargs)#

Starts a Device Defender ML Detect mitigation actions task.

Requires permission to access the StartDetectMitigationActionsTask action.

See also: AWS API Documentation

Request Syntax

response = client.start_detect_mitigation_actions_task(
    taskId='string',
    target={
        'violationIds': [
            'string',
        ],
        'securityProfileName': 'string',
        'behaviorName': 'string'
    },
    actions=[
        'string',
    ],
    violationEventOccurrenceRange={
        'startTime': datetime(2015, 1, 1),
        'endTime': datetime(2015, 1, 1)
    },
    includeOnlyActiveViolations=True|False,
    includeSuppressedAlerts=True|False,
    clientRequestToken='string'
)
Parameters:
  • taskId (string) –

    [REQUIRED]

    The unique identifier of the task.

  • target (dict) –

    [REQUIRED]

    Specifies the ML Detect findings to which the mitigation actions are applied.

    • violationIds (list) –

      The unique identifiers of the violations.

      • (string) –

    • securityProfileName (string) –

      The name of the security profile.

    • behaviorName (string) –

      The name of the behavior.

  • actions (list) –

    [REQUIRED]

    The actions to be performed when a device has unexpected behavior.

    • (string) –

  • violationEventOccurrenceRange (dict) –

    Specifies the time period of which violation events occurred between.

    • startTime (datetime) – [REQUIRED]

      The start date and time of a time period in which violation events occurred.

    • endTime (datetime) – [REQUIRED]

      The end date and time of a time period in which violation events occurred.

  • includeOnlyActiveViolations (boolean) – Specifies to list only active violations.

  • includeSuppressedAlerts (boolean) – Specifies to include suppressed alerts.

  • clientRequestToken (string) –

    [REQUIRED]

    Each mitigation action task must have a unique client request token. If you try to create a new task with the same token as a task that already exists, an exception occurs. If you omit this value, Amazon Web Services SDKs will automatically generate a unique client request.

    This field is autopopulated if not provided.

Return type:

dict

Returns:

Response Syntax

{
    'taskId': 'string'
}

Response Structure

  • (dict) –

    • taskId (string) –

      The unique identifier of the task.

Exceptions