DescribeDRTAccess - AWS Shield Advanced


Returns the current role and list of Amazon S3 log buckets used by the DDoS Response Team (DRT) to access your AWS account while assisting with attack mitigation.

Response Syntax

{ "LogBucketList": [ "string" ], "RoleArn": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.


The list of Amazon S3 buckets accessed by the DRT.

Type: Array of strings

Array Members: Minimum number of 0 items. Maximum number of 10 items.

Length Constraints: Minimum length of 3. Maximum length of 63.

Pattern: ^([a-z]|(\d(?!\d{0,2}\.\d{1,3}\.\d{1,3}\.\d{1,3})))([a-z\d]|(\.(?!(\.|-)))|(-(?!\.))){1,61}[a-z\d]$


The Amazon Resource Name (ARN) of the role the DRT used to access your AWS account.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Pattern: ^arn:aws:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+


For information about the errors that are common to all actions, see Common Errors.


Exception that indicates that a problem occurred with the service infrastructure. You can retry the request.

HTTP Status Code: 500


Exception indicating the specified resource does not exist.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: