Docs Home
Packages
We recommend new projects start with resources from the AWS provider.
aws-native.shield.Protection
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
Enables AWS Shield Advanced for a specific AWS resource. The resource can be an Amazon CloudFront distribution, Amazon Route 53 hosted zone, AWS Global Accelerator standard accelerator, Elastic IP Address, Application Load Balancer, or a Classic Load Balancer. You can protect Amazon EC2 instances and Network Load Balancers by association with protected Amazon EC2 Elastic IP addresses.
Create Protection Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Protection(name: string, args: ProtectionArgs, opts?: CustomResourceOptions);@overload
def Protection(resource_name: str,
args: ProtectionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Protection(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_arn: Optional[str] = None,
application_layer_automatic_response_configuration: Optional[ProtectionApplicationLayerAutomaticResponseConfigurationArgs] = None,
health_check_arns: Optional[Sequence[str]] = None,
name: Optional[str] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None)func NewProtection(ctx *Context, name string, args ProtectionArgs, opts ...ResourceOption) (*Protection, error)public Protection(string name, ProtectionArgs args, CustomResourceOptions? opts = null)
public Protection(String name, ProtectionArgs args)
public Protection(String name, ProtectionArgs args, CustomResourceOptions options)
type: aws-native:shield:Protection
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ProtectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ProtectionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ProtectionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ProtectionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ProtectionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Protection Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Protection resource accepts the following input properties:
- Resource
Arn string - The ARN (Amazon Resource Name) of the resource to be protected.
- Application
Layer Pulumi.Automatic Response Configuration Aws Native. Shield. Inputs. Protection Application Layer Automatic Response Configuration The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.
If you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the
AWS::WAFv2::WebACLresource description.- Health
Check List<string>Arns - The Amazon Resource Names (ARNs) of the health check to associate with the protection.
- Name string
- Friendly name for the Protection.
-
List<Pulumi.
Aws Native. Inputs. Tag> - One or more tag key-value pairs for the Protection object.
- Resource
Arn string - The ARN (Amazon Resource Name) of the resource to be protected.
- Application
Layer ProtectionAutomatic Response Configuration Application Layer Automatic Response Configuration Args The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.
If you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the
AWS::WAFv2::WebACLresource description.- Health
Check []stringArns - The Amazon Resource Names (ARNs) of the health check to associate with the protection.
- Name string
- Friendly name for the Protection.
-
Tag
Args - One or more tag key-value pairs for the Protection object.
- resource
Arn String - The ARN (Amazon Resource Name) of the resource to be protected.
- application
Layer ProtectionAutomatic Response Configuration Application Layer Automatic Response Configuration The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.
If you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the
AWS::WAFv2::WebACLresource description.- health
Check List<String>Arns - The Amazon Resource Names (ARNs) of the health check to associate with the protection.
- name String
- Friendly name for the Protection.
- List<Tag>
- One or more tag key-value pairs for the Protection object.
- resource
Arn string - The ARN (Amazon Resource Name) of the resource to be protected.
- application
Layer ProtectionAutomatic Response Configuration Application Layer Automatic Response Configuration The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.
If you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the
AWS::WAFv2::WebACLresource description.- health
Check string[]Arns - The Amazon Resource Names (ARNs) of the health check to associate with the protection.
- name string
- Friendly name for the Protection.
- Tag[]
- One or more tag key-value pairs for the Protection object.
- resource_
arn str - The ARN (Amazon Resource Name) of the resource to be protected.
- application_
layer_ Protectionautomatic_ response_ configuration Application Layer Automatic Response Configuration Args The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.
If you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the
AWS::WAFv2::WebACLresource description.- health_
check_ Sequence[str]arns - The Amazon Resource Names (ARNs) of the health check to associate with the protection.
- name str
- Friendly name for the Protection.
-
Sequence[Tag
Args] - One or more tag key-value pairs for the Protection object.
- resource
Arn String - The ARN (Amazon Resource Name) of the resource to be protected.
- application
Layer Property MapAutomatic Response Configuration The automatic application layer DDoS mitigation settings for the protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks.
If you use AWS CloudFormation to manage the web ACLs that you use with Shield Advanced automatic mitigation, see the additional guidance about web ACL management in the
AWS::WAFv2::WebACLresource description.- health
Check List<String>Arns - The Amazon Resource Names (ARNs) of the health check to associate with the protection.
- name String
- Friendly name for the Protection.
- List<Property Map>
- One or more tag key-value pairs for the Protection object.
Outputs
All input properties are implicitly available as output properties. Additionally, the Protection resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Protection
Arn string - The ARN (Amazon Resource Name) of the protection.
- Protection
Id string - The unique identifier (ID) of the protection.
- Id string
- The provider-assigned unique ID for this managed resource.
- Protection
Arn string - The ARN (Amazon Resource Name) of the protection.
- Protection
Id string - The unique identifier (ID) of the protection.
- id String
- The provider-assigned unique ID for this managed resource.
- protection
Arn String - The ARN (Amazon Resource Name) of the protection.
- protection
Id String - The unique identifier (ID) of the protection.
- id string
- The provider-assigned unique ID for this managed resource.
- protection
Arn string - The ARN (Amazon Resource Name) of the protection.
- protection
Id string - The unique identifier (ID) of the protection.
- id str
- The provider-assigned unique ID for this managed resource.
- protection_
arn str - The ARN (Amazon Resource Name) of the protection.
- protection_
id str - The unique identifier (ID) of the protection.
- id String
- The provider-assigned unique ID for this managed resource.
- protection
Arn String - The ARN (Amazon Resource Name) of the protection.
- protection
Id String - The unique identifier (ID) of the protection.
Supporting Types
ProtectionApplicationLayerAutomaticResponseConfiguration, ProtectionApplicationLayerAutomaticResponseConfigurationArgs
- Action
Pulumi.
Aws | Pulumi.Native. Shield. Inputs. Protection Application Layer Automatic Response Configuration Action0Properties Aws Native. Shield. Inputs. Protection Application Layer Automatic Response Configuration Action1Properties - Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.
- Status
Pulumi.
Aws Native. Shield. Protection Application Layer Automatic Response Configuration Status - Indicates whether automatic application layer DDoS mitigation is enabled for the protection.
- Action
Protection
Application | ProtectionLayer Automatic Response Configuration Action0Properties Application Layer Automatic Response Configuration Action1Properties - Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.
- Status
Protection
Application Layer Automatic Response Configuration Status - Indicates whether automatic application layer DDoS mitigation is enabled for the protection.
- action
Protection
Application | ProtectionLayer Automatic Response Configuration Action0Properties Application Layer Automatic Response Configuration Action1Properties - Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.
- status
Protection
Application Layer Automatic Response Configuration Status - Indicates whether automatic application layer DDoS mitigation is enabled for the protection.
- action
Protection
Application | ProtectionLayer Automatic Response Configuration Action0Properties Application Layer Automatic Response Configuration Action1Properties - Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.
- status
Protection
Application Layer Automatic Response Configuration Status - Indicates whether automatic application layer DDoS mitigation is enabled for the protection.
- action
Protection
Application | ProtectionLayer Automatic Response Configuration Action0Properties Application Layer Automatic Response Configuration Action1Properties - Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.
- status
Protection
Application Layer Automatic Response Configuration Status - Indicates whether automatic application layer DDoS mitigation is enabled for the protection.
- action Property Map | Property Map
- Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.
- status "ENABLED" | "DISABLED"
- Indicates whether automatic application layer DDoS mitigation is enabled for the protection.
ProtectionApplicationLayerAutomaticResponseConfigurationAction0Properties, ProtectionApplicationLayerAutomaticResponseConfigurationAction0PropertiesArgs
- Count object
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Countaction. You must specify exactly one action, eitherBlockorCount.
- Count interface{}
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Countaction. You must specify exactly one action, eitherBlockorCount.
- count Object
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Countaction. You must specify exactly one action, eitherBlockorCount.
- count any
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Countaction. You must specify exactly one action, eitherBlockorCount.
- count Any
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Countaction. You must specify exactly one action, eitherBlockorCount.
- count Any
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Countaction. You must specify exactly one action, eitherBlockorCount.
ProtectionApplicationLayerAutomaticResponseConfigurationAction1Properties, ProtectionApplicationLayerAutomaticResponseConfigurationAction1PropertiesArgs
- Block object
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Blockaction. You must specify exactly one action, eitherBlockorCount.
- Block interface{}
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Blockaction. You must specify exactly one action, eitherBlockorCount.
- block Object
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Blockaction. You must specify exactly one action, eitherBlockorCount.
- block any
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Blockaction. You must specify exactly one action, eitherBlockorCount.
- block Any
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Blockaction. You must specify exactly one action, eitherBlockorCount.
- block Any
- Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF
Blockaction. You must specify exactly one action, eitherBlockorCount.
ProtectionApplicationLayerAutomaticResponseConfigurationStatus, ProtectionApplicationLayerAutomaticResponseConfigurationStatusArgs
- Enabled
- ENABLED
- Disabled
- DISABLED
- Protection
Application Layer Automatic Response Configuration Status Enabled - ENABLED
- Protection
Application Layer Automatic Response Configuration Status Disabled - DISABLED
- Enabled
- ENABLED
- Disabled
- DISABLED
- Enabled
- ENABLED
- Disabled
- DISABLED
- ENABLED
- ENABLED
- DISABLED
- DISABLED
- "ENABLED"
- ENABLED
- "DISABLED"
- DISABLED
Tag, TagArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.