CreateSecurityProfile - AWS IoT
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

CreateSecurityProfile

创建 AWS IoT Device Defender 安全配置文件。

有关更多信息,请参阅 API 参考中的 CreateSecurityProfile

摘要:

aws iot create-security-profile \ --security-profile-name <value> \ [--security-profile-description <value>] \ [--behaviors <value>] \ [--alert-targets <value>] \ [--additional-metrics-to-retain <value>] \ [--tags <value>] \ [--cli-input-json <value>] \ [--generate-cli-skeleton]

要定义具有维度的行为,请使用指标旁边的 MetricDimension 字段。要保留具有维度的指标,请使用 AdditionalMetricsToRetainV2 字段。MetricDimension 有一个允许颠倒主题筛选条件的运算符字段。

以下示例显示了一个定义,即不应将消息发送到除 FavoriteTopics 之外的维度。此外,此定义允许保留表示发送到身份验证主题的消息数的指标。

aws iot create-security-profile \ --security-profile-name security-profile-for-smart-lights \ --behaviors '[{ "name": "num-messages-sent-to-unexpected-topic", "metric": "aws:num-messages-sent", "metricDimension": { "dimensionName": "FavoriteTopics", "operator": "NOT_IN" }, "criteria": { "comparisonOperator": "less-than", "value": {"count": 1}, "durationSeconds": 300 }}]' \ --additional-metrics-to-retain-v2 '[{ "metric": "aws:num-messages-sent", "metricDimension": {"dimensionName": "TopicFilterForAuthMessages"} }]'

cli-input-json 格式:

{ "additionalMetricsToRetainV2": [ "string" ], "alertTargets": { "string" : { "alertTargetArn": "string", "roleArn": "string" } }, "behaviors": [ { "criteria": { "comparisonOperator": "string", "consecutiveDatapointsToAlarm": number, "consecutiveDatapointsToClear": number, "durationSeconds": number, "statisticalThreshold": { "statistic": "string" }, "value": { "cidrs": [ "string" ], "count": number, "ports": [ number ] } }, "metricDimension": [ "string" ], "metric": "string", "name": "string" } ], "securityProfileDescription": "string", "tags": [ { "Key": "string", "Value": "string" } ] }

输出:

{ "securityProfileName": "string", "securityProfileArn": "string" }