AWS::Shield::Protection Action
Specifies the action setting that Shield Advanced should use in the Amazon WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the Amazon WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource.
Syntax
To declare this entity in your Amazon CloudFormation template, use the following syntax:
Properties
Block
-
Specifies that Shield Advanced should configure its Amazon WAF rules with the Amazon WAF
Block
action.You must specify exactly one action, either
Block
orCount
.Example JSON:
{ "Block": {} }
Example YAML:
Block: {}
Required: No
Type: Json
Update requires: No interruption
Count
-
Specifies that Shield Advanced should configure its Amazon WAF rules with the Amazon WAF
Count
action.You must specify exactly one action, either
Block
orCount
.Example JSON:
{ "Count": {} }
Example YAML:
Count: {}
Required: No
Type: Json
Update requires: No interruption