ListAttacks - AWS Shield Advanced

ListAttacks

Returns all ongoing DDoS attacks or all DDoS attacks during a specified time period.

Request Syntax

{ "EndTime": { "FromInclusive": number, "ToExclusive": number }, "MaxResults": number, "NextToken": "string", "ResourceArns": [ "string" ], "StartTime": { "FromInclusive": number, "ToExclusive": number } }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

EndTime

The end of the time period for the attacks. This is a timestamp type. The sample request above indicates a number type because the default used by AWS WAF is Unix time in seconds. However any valid timestamp format is allowed.

Type: TimeRange object

Required: No

MaxResults

The maximum number of AttackSummary objects to return. If you leave this blank, Shield Advanced returns the first 20 results.

This is a maximum value. Shield Advanced might return the results in smaller batches. That is, the number of objects returned could be less than MaxResults, even if there are still more objects yet to return. If there are more objects to return, Shield Advanced returns a value in NextToken that you can use in your next request, to get the next batch of objects.

Type: Integer

Valid Range: Minimum value of 0. Maximum value of 10000.

Required: No

NextToken

The ListAttacksRequest.NextMarker value from a previous call to ListAttacksRequest. Pass null if this is the first call.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 4096.

Pattern: ^.*$

Required: No

ResourceArns

The ARN (Amazon Resource Name) of the resource that was attacked. If this is left blank, all applicable resources for this account will be included.

Type: Array of strings

Length Constraints: Minimum length of 1. Maximum length of 2048.

Pattern: ^arn:aws.*

Required: No

StartTime

The start of the time period for the attacks. This is a timestamp type. The sample request above indicates a number type because the default used by AWS WAF is Unix time in seconds. However any valid timestamp format is allowed.

Type: TimeRange object

Required: No

Response Syntax

{ "AttackSummaries": [ { "AttackId": "string", "AttackVectors": [ { "VectorType": "string" } ], "EndTime": number, "ResourceArn": "string", "StartTime": number } ], "NextToken": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

AttackSummaries

The attack information for the specified time range.

Type: Array of AttackSummary objects

NextToken

The token returned by a previous call to indicate that there is more data available. If not null, more results are available. Pass this value for the NextMarker parameter in a subsequent call to ListAttacks to retrieve the next set of items.

Shield Advanced might return the list of AttackSummary objects in batches smaller than the number specified by MaxResults. If there are more attack summary objects to return, Shield Advanced will always also return a NextToken.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 4096.

Pattern: ^.*$

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalErrorException

Exception that indicates that a problem occurred with the service infrastructure. You can retry the request.

HTTP Status Code: 500

InvalidOperationException

Exception that indicates that the operation would not cause any change to occur.

HTTP Status Code: 400

InvalidParameterException

Exception that indicates that the parameters passed to the API are invalid. If available, this exception includes details in additional properties.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: