UpdateSecurityProfile
Updates a Device Defender security profile.
Requires permission to access the UpdateSecurityProfile action.
Request Syntax
PATCH /security-profiles/securityProfileName?expectedVersion=expectedVersion HTTP/1.1
Content-type: application/json
{
"additionalMetricsToRetain": [ "string" ],
"additionalMetricsToRetainV2": [
{
"exportMetric": boolean,
"metric": "string",
"metricDimension": {
"dimensionName": "string",
"operator": "string"
}
}
],
"alertTargets": {
"string" : {
"alertTargetArn": "string",
"roleArn": "string"
}
},
"behaviors": [
{
"criteria": {
"comparisonOperator": "string",
"consecutiveDatapointsToAlarm": number,
"consecutiveDatapointsToClear": number,
"durationSeconds": number,
"mlDetectionConfig": {
"confidenceLevel": "string"
},
"statisticalThreshold": {
"statistic": "string"
},
"value": {
"cidrs": [ "string" ],
"count": number,
"number": number,
"numbers": [ number ],
"ports": [ number ],
"strings": [ "string" ]
}
},
"exportMetric": boolean,
"metric": "string",
"metricDimension": {
"dimensionName": "string",
"operator": "string"
},
"name": "string",
"suppressAlerts": boolean
}
],
"deleteAdditionalMetricsToRetain": boolean,
"deleteAlertTargets": boolean,
"deleteBehaviors": boolean,
"deleteMetricsExportConfig": boolean,
"metricsExportConfig": {
"mqttTopic": "string",
"roleArn": "string"
},
"securityProfileDescription": "string"
}URI Request Parameters
The request uses the following URI parameters.
- expectedVersion
-
The expected version of the security profile. A new version is generated whenever the security profile is updated. If you specify a value that is different from the actual version, a
VersionConflictExceptionis thrown. - securityProfileName
-
The name of the security profile you want to update.
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[a-zA-Z0-9:_-]+Required: Yes
Request Body
The request accepts the following data in JSON format.
- additionalMetricsToRetain
-
This parameter has been deprecated.
Please use UpdateSecurityProfile:additionalMetricsToRetainV2 instead.
A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's
behaviors, but it is also retained for any metric specified here. Can be used with custom metrics; cannot be used with dimensions.Type: Array of strings
Required: No
- additionalMetricsToRetainV2
-
A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here. Can be used with custom metrics; cannot be used with dimensions.
Type: Array of MetricToRetain objects
Required: No
- alertTargets
-
Where the alerts are sent. (Alerts are always sent to the console.)
Type: String to AlertTarget object map
Valid Keys:
SNSRequired: No
- behaviors
-
Specifies the behaviors that, when violated by a device (thing), cause an alert.
Type: Array of Behavior objects
Array Members: Maximum number of 100 items.
Required: No
- deleteAdditionalMetricsToRetain
-
If true, delete all
additionalMetricsToRetaindefined for this security profile. If anyadditionalMetricsToRetainare defined in the current invocation, an exception occurs.Type: Boolean
Required: No
- deleteAlertTargets
-
If true, delete all
alertTargetsdefined for this security profile. If anyalertTargetsare defined in the current invocation, an exception occurs.Type: Boolean
Required: No
- deleteBehaviors
-
If true, delete all
behaviorsdefined for this security profile. If anybehaviorsare defined in the current invocation, an exception occurs.Type: Boolean
Required: No
- deleteMetricsExportConfig
-
Set the value as true to delete metrics export related configurations.
Type: Boolean
Required: No
- metricsExportConfig
-
Specifies the MQTT topic and role ARN required for metric export.
Type: MetricsExportConfig object
Required: No
- securityProfileDescription
-
A description of the security profile.
Type: String
Length Constraints: Maximum length of 1000.
Pattern:
[\p{Graph}\x20]*Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"additionalMetricsToRetain": [ "string" ],
"additionalMetricsToRetainV2": [
{
"exportMetric": boolean,
"metric": "string",
"metricDimension": {
"dimensionName": "string",
"operator": "string"
}
}
],
"alertTargets": {
"string" : {
"alertTargetArn": "string",
"roleArn": "string"
}
},
"behaviors": [
{
"criteria": {
"comparisonOperator": "string",
"consecutiveDatapointsToAlarm": number,
"consecutiveDatapointsToClear": number,
"durationSeconds": number,
"mlDetectionConfig": {
"confidenceLevel": "string"
},
"statisticalThreshold": {
"statistic": "string"
},
"value": {
"cidrs": [ "string" ],
"count": number,
"number": number,
"numbers": [ number ],
"ports": [ number ],
"strings": [ "string" ]
}
},
"exportMetric": boolean,
"metric": "string",
"metricDimension": {
"dimensionName": "string",
"operator": "string"
},
"name": "string",
"suppressAlerts": boolean
}
],
"creationDate": number,
"lastModifiedDate": number,
"metricsExportConfig": {
"mqttTopic": "string",
"roleArn": "string"
},
"securityProfileArn": "string",
"securityProfileDescription": "string",
"securityProfileName": "string",
"version": number
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- additionalMetricsToRetain
-
This parameter has been deprecated.
Please use UpdateSecurityProfile:additionalMetricsToRetainV2 instead.
A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the security profile's
behaviors, but it is also retained for any metric specified here.Type: Array of strings
- additionalMetricsToRetainV2
-
A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here. Can be used with custom metrics; cannot be used with dimensions.
Type: Array of MetricToRetain objects
- alertTargets
-
Where the alerts are sent. (Alerts are always sent to the console.)
Type: String to AlertTarget object map
Valid Keys:
SNS - behaviors
-
Specifies the behaviors that, when violated by a device (thing), cause an alert.
Type: Array of Behavior objects
Array Members: Maximum number of 100 items.
- creationDate
-
The time the security profile was created.
Type: Timestamp
- lastModifiedDate
-
The time the security profile was last modified.
Type: Timestamp
- metricsExportConfig
-
Specifies the MQTT topic and role ARN required for metric export.
Type: MetricsExportConfig object
- securityProfileArn
-
The ARN of the security profile that was updated.
Type: String
- securityProfileDescription
-
The description of the security profile.
Type: String
Length Constraints: Maximum length of 1000.
Pattern:
[\p{Graph}\x20]* - securityProfileName
-
The name of the security profile that was updated.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[a-zA-Z0-9:_-]+ - version
-
The updated version of the security profile.
Type: Long
Errors
- InternalFailureException
-
An unexpected error has occurred.
HTTP Status Code: 500
- InvalidRequestException
-
The request is not valid.
HTTP Status Code: 400
- ResourceNotFoundException
-
The specified resource does not exist.
HTTP Status Code: 404
- ThrottlingException
-
The rate exceeds the limit.
HTTP Status Code: 400
- VersionConflictException
-
An exception thrown when the version of an entity specified with the
expectedVersionparameter does not match the latest version in the system.HTTP Status Code: 409
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
