Package software.amazon.awscdk.services.shield

Class CfnProtectionGroup

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.CfnElement
software.amazon.awscdk.core.CfnRefElement
software.amazon.awscdk.core.CfnResource
software.amazon.awscdk.services.shield.CfnProtectionGroup
All Implemented Interfaces:
IConstruct, IDependable, IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:35.781Z") @Stability(Stable) public class CfnProtectionGroup extends CfnResource implements IInspectable
A CloudFormation AWS::Shield::ProtectionGroup.

Creates a grouping of protected resources so they can be handled as a collective. This resource grouping improves the accuracy of detection and reduces false positives.

To configure this resource through AWS CloudFormation , you must be subscribed to AWS Shield Advanced . You can subscribe through the Shield Advanced console and through the APIs. For more information, see Subscribe to AWS Shield Advanced .

See example templates for Shield Advanced in AWS CloudFormation at aws-samples/aws-shield-advanced-examples .

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.shield.*;
 CfnProtectionGroup cfnProtectionGroup = CfnProtectionGroup.Builder.create(this, "MyCfnProtectionGroup")
         .aggregation("aggregation")
         .pattern("pattern")
         .protectionGroupId("protectionGroupId")
         // the properties below are optional
         .members(List.of("members"))
         .resourceType("resourceType")
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build();

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnProtectionGroup

      protected CfnProtectionGroup(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnProtectionGroup

      protected CfnProtectionGroup(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnProtectionGroup

      @Stability(Stable) public CfnProtectionGroup(@NotNull Construct scope, @NotNull String id, @NotNull CfnProtectionGroupProps props)
      Create a new AWS::Shield::ProtectionGroup.

      Parameters:
      scope -
      • scope in which this resource is defined.
      This parameter is required.
      id -
      • scoped id of the resource.
      This parameter is required.
      props -
      • resource properties.
      This parameter is required.

  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector -
      • tree inspector to collect and process attributes.
      This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrProtectionGroupArn

      @Stability(Stable) @NotNull public String getAttrProtectionGroupArn()
      The ARN (Amazon Resource Name) of the new protection group.

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getTags

      @Stability(Stable) @NotNull public TagManager getTags()
      Key:value pairs associated with an AWS resource.

      The key:value pair can be anything you define. Typically, the tag key represents a category (such as "environment") and the tag value represents a specific value within that category (such as "test," "development," or "production"). You can add up to 50 tags to each AWS resource.

      To modify tags on existing resources, use the AWS Shield Advanced APIs or command line interface. With AWS CloudFormation , you can only add tags to resources during resource creation.

    • getAggregation

      @Stability(Stable) @NotNull public String getAggregation()
      Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.

      • Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
      • Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
      • Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.

    • setAggregation

      @Stability(Stable) public void setAggregation(@NotNull String value)
      Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.

      • Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
      • Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
      • Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.

    • getPattern

      @Stability(Stable) @NotNull public String getPattern()
      The criteria to use to choose the protected resources for inclusion in the group.

      You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.

    • setPattern

      @Stability(Stable) public void setPattern(@NotNull String value)
      The criteria to use to choose the protected resources for inclusion in the group.

      You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.

    • getProtectionGroupId

      @Stability(Stable) @NotNull public String getProtectionGroupId()
      The name of the protection group.

      You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.

    • setProtectionGroupId

      @Stability(Stable) public void setProtectionGroupId(@NotNull String value)
      The name of the protection group.

      You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.

    • getMembers

      @Stability(Stable) @Nullable public List<String> getMembers()
      The ARNs (Amazon Resource Names) of the resources to include in the protection group.

      You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.

    • setMembers

      @Stability(Stable) public void setMembers(@Nullable List<String> value)
      The ARNs (Amazon Resource Names) of the resources to include in the protection group.

      You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.

    • getResourceType

      @Stability(Stable) @Nullable public String getResourceType()
      The resource type to include in the protection group.

      All protected resources of this type are included in the protection group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.

    • setResourceType

      @Stability(Stable) public void setResourceType(@Nullable String value)
      The resource type to include in the protection group.

      All protected resources of this type are included in the protection group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.