AWS::Shield::Protection ApplicationLayerAutomaticResponseConfiguration

The automatic application layer DDoS mitigation settings for a AWS::Shield::Protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.

If you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the guidance for the AWS::WAFv2::WebACL resource.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Action" : Action,
  "Status" : String
}

YAML


  Action: 
    Action
  Status: String

Properties

Action

Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.

Required: Yes

Type: Action

Update requires: No interruption

Status

Indicates whether automatic application layer DDoS mitigation is enabled for the protection.

Required: Yes

Type: String

Allowed values: ENABLED | DISABLED

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Action

Tag