AWS::Shield::Protection Action

Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Block" : Json,
  "Count" : Json
}

YAML


  Block: Json
  Count: Json

Properties

Block

Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF Block action.

You must specify exactly one action, either Block or Count.

Example JSON: { "Block": {} }

Example YAML: Block: {}

Required: No

Type: Json

Update requires: No interruption

Count

Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF Count action.

You must specify exactly one action, either Block or Count.

Example JSON: { "Count": {} }

Example YAML: Count: {}

Required: No

Type: Json

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS::Shield::Protection

ApplicationLayerAutomaticResponseConfiguration