Class CfnDRTAccessProps
Properties for defining a CfnDRTAccess
.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.Shield
Assembly: Amazon.CDK.AWS.Shield.dll
Syntax (csharp)
public class CfnDRTAccessProps : Object, ICfnDRTAccessProps
Syntax (vb)
Public Class CfnDRTAccessProps
Inherits Object
Implements ICfnDRTAccessProps
Remarks
Link: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-shield-drtaccess.html
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.Shield;
var cfnDRTAccessProps = new CfnDRTAccessProps {
RoleArn = "roleArn",
// the properties below are optional
LogBucketList = new [] { "logBucketList" }
};
Synopsis
Constructors
CfnDRTAccessProps() |
Properties
LogBucketList | Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. |
RoleArn | Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. |
Constructors
CfnDRTAccessProps()
public CfnDRTAccessProps()
Properties
LogBucketList
Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources.
public string[] LogBucketList { get; set; }
Property Value
System.String[]
Remarks
You can associate up to 10 Amazon S3 buckets with your subscription.
Use this to share information with the SRT that's not available in AWS WAF logs.
To use the services of the SRT, you must be subscribed to the Business Support plan or the Enterprise Support plan .
RoleArn
Authorizes the Shield Response Team (SRT) using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks.
public string RoleArn { get; set; }
Property Value
System.String
Remarks
This enables the SRT to inspect your AWS WAF configuration and logs and to create or update AWS WAF rules and web ACLs.
You can associate only one RoleArn
with your subscription. If you submit this update for an account that already has an associated role, the new RoleArn
will replace the existing RoleArn
.
This change requires the following:
The SRT will have access only to your AWS WAF and Shield resources. By submitting this request, you provide permissions to the SRT to inspect your AWS WAF and Shield configuration and logs, and to create and update AWS WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.