com.amazonaws.services.shield.AWSShield Maven / Gradle / Ivy
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.shield;
import javax.annotation.Generated;
import com.amazonaws.*;
import com.amazonaws.regions.*;
import com.amazonaws.services.shield.model.*;
/**
* Interface for accessing AWS Shield.
*
* Note: Do not directly implement this interface, new methods are added to it regularly. Extend from
* {@link com.amazonaws.services.shield.AbstractAWSShield} instead.
*
*
* Shield Advanced
*
* This is the Shield Advanced API Reference. This guide is for developers who need detailed information about
* the Shield Advanced API actions, data types, and errors. For detailed information about WAF and Shield Advanced
* features and an overview of how to use the WAF and Shield Advanced APIs, see the WAF and Shield Developer Guide.
*
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public interface AWSShield {
/**
* The region metadata service name for computing region endpoints. You can use this value to retrieve metadata
* (such as supported regions) of the service.
*
* @see RegionUtils#getRegionsForService(String)
*/
String ENDPOINT_PREFIX = "shield";
/**
* Overrides the default endpoint for this client ("shield.us-east-1.amazonaws.com"). Callers can use this method to
* control which AWS region they want to work with.
*
* Callers can pass in just the endpoint (ex: "shield.us-east-1.amazonaws.com") or a full URL, including the
* protocol (ex: "shield.us-east-1.amazonaws.com"). If the protocol is not specified here, the default protocol from
* this client's {@link ClientConfiguration} will be used, which by default is HTTPS.
*
* For more information on using AWS regions with the AWS SDK for Java, and a complete list of all available
* endpoints for all AWS services, see: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/java-dg-region-selection.html#region-selection-
* choose-endpoint
*
* This method is not threadsafe. An endpoint should be configured when the client is created and before any
* service requests are made. Changing it afterwards creates inevitable race conditions for any service requests in
* transit or retrying.
*
* @param endpoint
* The endpoint (ex: "shield.us-east-1.amazonaws.com") or a full URL, including the protocol (ex:
* "shield.us-east-1.amazonaws.com") of the region specific AWS endpoint this client will communicate with.
* @deprecated use {@link AwsClientBuilder#setEndpointConfiguration(AwsClientBuilder.EndpointConfiguration)} for
* example:
* {@code builder.setEndpointConfiguration(new EndpointConfiguration(endpoint, signingRegion));}
*/
@Deprecated
void setEndpoint(String endpoint);
/**
* An alternative to {@link AWSShield#setEndpoint(String)}, sets the regional endpoint for this client's service
* calls. Callers can use this method to control which AWS region they want to work with.
*
* By default, all service endpoints in all regions use the https protocol. To use http instead, specify it in the
* {@link ClientConfiguration} supplied at construction.
*
* This method is not threadsafe. A region should be configured when the client is created and before any service
* requests are made. Changing it afterwards creates inevitable race conditions for any service requests in transit
* or retrying.
*
* @param region
* The region this client will communicate with. See {@link Region#getRegion(com.amazonaws.regions.Regions)}
* for accessing a given region. Must not be null and must be a region where the service is available.
*
* @see Region#getRegion(com.amazonaws.regions.Regions)
* @see Region#createClient(Class, com.amazonaws.auth.AWSCredentialsProvider, ClientConfiguration)
* @see Region#isServiceSupported(String)
* @deprecated use {@link AwsClientBuilder#setRegion(String)}
*/
@Deprecated
void setRegion(Region region);
/**
*
* Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as
* Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to
* 10 Amazon S3 buckets with your subscription.
*
*
* To use the services of the SRT and make an AssociateDRTLogBucket request, you must be subscribed to
* the Business Support plan or the Enterprise Support plan.
*
*
* @param associateDRTLogBucketRequest
* @return Result of the AssociateDRTLogBucket operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @throws NoAssociatedRoleException
* The ARN of the role that you specified does not exist.
* @throws LimitsExceededException
* Exception that indicates that the operation would exceed a limit.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws AccessDeniedForDependencyException
* In order to grant the necessary access to the Shield Response Team (SRT) the user submitting the request
* must have the iam:PassRole permission. This error indicates the user did not have the
* appropriate permissions. For more information, see Granting a User
* Permissions to Pass a Role to an Amazon Web Services Service.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.AssociateDRTLogBucket
* @see AWS
* API Documentation
*/
AssociateDRTLogBucketResult associateDRTLogBucket(AssociateDRTLogBucketRequest associateDRTLogBucketRequest);
/**
*
* Authorizes the Shield Response Team (SRT) using the specified role, to access your Amazon Web Services account to
* assist with DDoS attack mitigation during potential attacks. This enables the SRT to inspect your WAF
* configuration and create or update WAF rules and web ACLs.
*
*
* You can associate only one RoleArn with your subscription. If you submit an
* AssociateDRTRole request for an account that already has an associated role, the new
* RoleArn will replace the existing RoleArn.
*
*
* Prior to making the AssociateDRTRole request, you must attach the
* AWSShieldDRTAccessPolicy managed policy to the role that you'll specify in the request. You can
* access this policy in the IAM console at AWSShieldDRTAccessPolicy. For more information see Adding and
* removing IAM identity permissions. The role must also trust the service principal
* drt.shield.amazonaws.com. For more information, see IAM JSON
* policy elements: Principal.
*
*
* The SRT will have access only to your WAF and Shield resources. By submitting this request, you authorize the SRT
* to inspect your WAF and Shield configuration and create and update WAF rules and web ACLs on your behalf. The SRT
* takes these actions only if explicitly authorized by you.
*
*
* You must have the iam:PassRole permission to make an AssociateDRTRole request. For more
* information, see Granting a
* user permissions to pass a role to an Amazon Web Services service.
*
*
* To use the services of the SRT and make an AssociateDRTRole request, you must be subscribed to the
* Business Support plan or the Enterprise Support plan.
*
*
* @param associateDRTRoleRequest
* @return Result of the AssociateDRTRole operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws AccessDeniedForDependencyException
* In order to grant the necessary access to the Shield Response Team (SRT) the user submitting the request
* must have the iam:PassRole permission. This error indicates the user did not have the
* appropriate permissions. For more information, see Granting a User
* Permissions to Pass a Role to an Amazon Web Services Service.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.AssociateDRTRole
* @see AWS API
* Documentation
*/
AssociateDRTRoleResult associateDRTRole(AssociateDRTRoleRequest associateDRTRoleRequest);
/**
*
* Adds health-based detection to the Shield Advanced protection for a resource. Shield Advanced health-based
* detection uses the health of your Amazon Web Services resource to improve responsiveness and accuracy in attack
* detection and response.
*
*
* You define the health check in Route 53 and then associate it with your Shield Advanced protection. For more
* information, see Shield Advanced Health-Based Detection in the WAF Developer Guide.
*
*
* @param associateHealthCheckRequest
* @return Result of the AssociateHealthCheck operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws LimitsExceededException
* Exception that indicates that the operation would exceed a limit.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws InvalidResourceException
* Exception that indicates that the resource is invalid. You might not have access to the resource, or the
* resource might not exist.
* @sample AWSShield.AssociateHealthCheck
* @see AWS
* API Documentation
*/
AssociateHealthCheckResult associateHealthCheck(AssociateHealthCheckRequest associateHealthCheckRequest);
/**
*
* Initializes proactive engagement and sets the list of contacts for the Shield Response Team (SRT) to use. You
* must provide at least one phone number in the emergency contact list.
*
*
* After you have initialized proactive engagement using this call, to disable or enable proactive engagement, use
* the calls DisableProactiveEngagement and EnableProactiveEngagement.
*
*
*
* This call defines the list of email addresses and phone numbers that the SRT can use to contact you for
* escalations to the SRT and to initiate proactive customer support.
*
*
* The contacts that you provide in the request replace any contacts that were already defined. If you already have
* contacts defined and want to use them, retrieve the list using DescribeEmergencyContactSettings and
* then provide it to this call.
*
*
*
* @param associateProactiveEngagementDetailsRequest
* @return Result of the AssociateProactiveEngagementDetails operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @sample AWSShield.AssociateProactiveEngagementDetails
* @see AWS API Documentation
*/
AssociateProactiveEngagementDetailsResult associateProactiveEngagementDetails(
AssociateProactiveEngagementDetailsRequest associateProactiveEngagementDetailsRequest);
/**
*
* Enables Shield Advanced for a specific Amazon Web Services resource. The resource can be an Amazon CloudFront
* distribution, Amazon Route 53 hosted zone, Global Accelerator standard accelerator, Elastic IP Address,
* Application Load Balancer, or a Classic Load Balancer. You can protect Amazon EC2 instances and Network Load
* Balancers by association with protected Amazon EC2 Elastic IP addresses.
*
*
* You can add protection to only a single resource with each CreateProtection request. You can add
* protection to multiple resources at once through the Shield Advanced console at https://console.aws.amazon.com/wafv2/shieldv2#/. For
* more information see Getting Started with
* Shield Advanced and Adding Shield Advanced
* protection to Amazon Web Services resources.
*
*
* @param createProtectionRequest
* @return Result of the CreateProtection operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidResourceException
* Exception that indicates that the resource is invalid. You might not have access to the resource, or the
* resource might not exist.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @throws LimitsExceededException
* Exception that indicates that the operation would exceed a limit.
* @throws ResourceAlreadyExistsException
* Exception indicating the specified resource already exists. If available, this exception includes details
* in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @sample AWSShield.CreateProtection
* @see AWS API
* Documentation
*/
CreateProtectionResult createProtection(CreateProtectionRequest createProtectionRequest);
/**
*
* Creates a grouping of protected resources so they can be handled as a collective. This resource grouping improves
* the accuracy of detection and reduces false positives.
*
*
* @param createProtectionGroupRequest
* @return Result of the CreateProtectionGroup operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceAlreadyExistsException
* Exception indicating the specified resource already exists. If available, this exception includes details
* in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws LimitsExceededException
* Exception that indicates that the operation would exceed a limit.
* @sample AWSShield.CreateProtectionGroup
* @see AWS
* API Documentation
*/
CreateProtectionGroupResult createProtectionGroup(CreateProtectionGroupRequest createProtectionGroupRequest);
/**
*
* Activates Shield Advanced for an account.
*
*
*
* For accounts that are members of an Organizations organization, Shield Advanced subscriptions are billed against
* the organization's payer account, regardless of whether the payer account itself is subscribed.
*
*
*
* When you initially create a subscription, your subscription is set to be automatically renewed at the end of the
* existing subscription period. You can change this by submitting an UpdateSubscription request.
*
*
* @param createSubscriptionRequest
* @return Result of the CreateSubscription operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceAlreadyExistsException
* Exception indicating the specified resource already exists. If available, this exception includes details
* in additional properties.
* @sample AWSShield.CreateSubscription
* @see AWS API
* Documentation
*/
CreateSubscriptionResult createSubscription(CreateSubscriptionRequest createSubscriptionRequest);
/**
*
* Deletes an Shield Advanced Protection.
*
*
* @param deleteProtectionRequest
* @return Result of the DeleteProtection operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @sample AWSShield.DeleteProtection
* @see AWS API
* Documentation
*/
DeleteProtectionResult deleteProtection(DeleteProtectionRequest deleteProtectionRequest);
/**
*
* Removes the specified protection group.
*
*
* @param deleteProtectionGroupRequest
* @return Result of the DeleteProtectionGroup operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.DeleteProtectionGroup
* @see AWS
* API Documentation
*/
DeleteProtectionGroupResult deleteProtectionGroup(DeleteProtectionGroupRequest deleteProtectionGroupRequest);
/**
*
* Removes Shield Advanced from an account. Shield Advanced requires a 1-year subscription commitment. You cannot
* delete a subscription prior to the completion of that commitment.
*
*
* @param deleteSubscriptionRequest
* @return Result of the DeleteSubscription operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws LockedSubscriptionException
* You are trying to update a subscription that has not yet completed the 1-year commitment. You can change
* the AutoRenew parameter during the last 30 days of your subscription. This exception
* indicates that you are attempting to change AutoRenew prior to that period.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.DeleteSubscription
* @see AWS API
* Documentation
*/
@Deprecated
DeleteSubscriptionResult deleteSubscription(DeleteSubscriptionRequest deleteSubscriptionRequest);
/**
*
* Describes the details of a DDoS attack.
*
*
* @param describeAttackRequest
* @return Result of the DescribeAttack operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws AccessDeniedException
* Exception that indicates the specified AttackId does not exist, or the requester does not
* have the appropriate permissions to access the AttackId.
* @sample AWSShield.DescribeAttack
* @see AWS API
* Documentation
*/
DescribeAttackResult describeAttack(DescribeAttackRequest describeAttackRequest);
/**
*
* Provides information about the number and type of attacks Shield has detected in the last year for all resources
* that belong to your account, regardless of whether you've defined Shield protections for them. This operation is
* available to Shield customers as well as to Shield Advanced customers.
*
*
* The operation returns data for the time range of midnight UTC, one year ago, to midnight UTC, today. For example,
* if the current time is 2020-10-26 15:39:32 PDT, equal to 2020-10-26 22:39:32 UTC, then
* the time range for the attack data returned is from 2019-10-26 00:00:00 UTC to
* 2020-10-26 00:00:00 UTC.
*
*
* The time range indicates the period covered by the attack statistics data items.
*
*
* @param describeAttackStatisticsRequest
* @return Result of the DescribeAttackStatistics operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @sample AWSShield.DescribeAttackStatistics
* @see AWS API Documentation
*/
DescribeAttackStatisticsResult describeAttackStatistics(DescribeAttackStatisticsRequest describeAttackStatisticsRequest);
/**
*
* Returns the current role and list of Amazon S3 log buckets used by the Shield Response Team (SRT) to access your
* Amazon Web Services account while assisting with attack mitigation.
*
*
* @param describeDRTAccessRequest
* @return Result of the DescribeDRTAccess operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.DescribeDRTAccess
* @see AWS API
* Documentation
*/
DescribeDRTAccessResult describeDRTAccess(DescribeDRTAccessRequest describeDRTAccessRequest);
/**
*
* A list of email addresses and phone numbers that the Shield Response Team (SRT) can use to contact you if you
* have proactive engagement enabled, for escalations to the SRT and to initiate proactive customer support.
*
*
* @param describeEmergencyContactSettingsRequest
* @return Result of the DescribeEmergencyContactSettings operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.DescribeEmergencyContactSettings
* @see AWS API Documentation
*/
DescribeEmergencyContactSettingsResult describeEmergencyContactSettings(DescribeEmergencyContactSettingsRequest describeEmergencyContactSettingsRequest);
/**
*
* Lists the details of a Protection object.
*
*
* @param describeProtectionRequest
* @return Result of the DescribeProtection operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.DescribeProtection
* @see AWS API
* Documentation
*/
DescribeProtectionResult describeProtection(DescribeProtectionRequest describeProtectionRequest);
/**
*
* Returns the specification for the specified protection group.
*
*
* @param describeProtectionGroupRequest
* @return Result of the DescribeProtectionGroup operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.DescribeProtectionGroup
* @see AWS
* API Documentation
*/
DescribeProtectionGroupResult describeProtectionGroup(DescribeProtectionGroupRequest describeProtectionGroupRequest);
/**
*
* Provides details about the Shield Advanced subscription for an account.
*
*
* @param describeSubscriptionRequest
* @return Result of the DescribeSubscription operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.DescribeSubscription
* @see AWS
* API Documentation
*/
DescribeSubscriptionResult describeSubscription(DescribeSubscriptionRequest describeSubscriptionRequest);
/**
*
* Disable the Shield Advanced automatic application layer DDoS mitigation feature for the protected resource. This
* stops Shield Advanced from creating, verifying, and applying WAF rules for attacks that it detects for the
* resource.
*
*
* @param disableApplicationLayerAutomaticResponseRequest
* @return Result of the DisableApplicationLayerAutomaticResponse operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @sample AWSShield.DisableApplicationLayerAutomaticResponse
* @see AWS API Documentation
*/
DisableApplicationLayerAutomaticResponseResult disableApplicationLayerAutomaticResponse(
DisableApplicationLayerAutomaticResponseRequest disableApplicationLayerAutomaticResponseRequest);
/**
*
* Removes authorization from the Shield Response Team (SRT) to notify contacts about escalations to the SRT and to
* initiate proactive customer support.
*
*
* @param disableProactiveEngagementRequest
* @return Result of the DisableProactiveEngagement operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @sample AWSShield.DisableProactiveEngagement
* @see AWS API Documentation
*/
DisableProactiveEngagementResult disableProactiveEngagement(DisableProactiveEngagementRequest disableProactiveEngagementRequest);
/**
*
* Removes the Shield Response Team's (SRT) access to the specified Amazon S3 bucket containing the logs that you
* shared previously.
*
*
* @param disassociateDRTLogBucketRequest
* @return Result of the DisassociateDRTLogBucket operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @throws NoAssociatedRoleException
* The ARN of the role that you specified does not exist.
* @throws AccessDeniedForDependencyException
* In order to grant the necessary access to the Shield Response Team (SRT) the user submitting the request
* must have the iam:PassRole permission. This error indicates the user did not have the
* appropriate permissions. For more information, see Granting a User
* Permissions to Pass a Role to an Amazon Web Services Service.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.DisassociateDRTLogBucket
* @see AWS API Documentation
*/
DisassociateDRTLogBucketResult disassociateDRTLogBucket(DisassociateDRTLogBucketRequest disassociateDRTLogBucketRequest);
/**
*
* Removes the Shield Response Team's (SRT) access to your Amazon Web Services account.
*
*
* @param disassociateDRTRoleRequest
* @return Result of the DisassociateDRTRole operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.DisassociateDRTRole
* @see AWS API
* Documentation
*/
DisassociateDRTRoleResult disassociateDRTRole(DisassociateDRTRoleRequest disassociateDRTRoleRequest);
/**
*
* Removes health-based detection from the Shield Advanced protection for a resource. Shield Advanced health-based
* detection uses the health of your Amazon Web Services resource to improve responsiveness and accuracy in attack
* detection and response.
*
*
* You define the health check in Route 53 and then associate or disassociate it with your Shield Advanced
* protection. For more information, see Shield Advanced Health-Based Detection in the WAF Developer Guide.
*
*
* @param disassociateHealthCheckRequest
* @return Result of the DisassociateHealthCheck operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws InvalidResourceException
* Exception that indicates that the resource is invalid. You might not have access to the resource, or the
* resource might not exist.
* @sample AWSShield.DisassociateHealthCheck
* @see AWS
* API Documentation
*/
DisassociateHealthCheckResult disassociateHealthCheck(DisassociateHealthCheckRequest disassociateHealthCheckRequest);
/**
*
* Enable the Shield Advanced automatic application layer DDoS mitigation for the protected resource.
*
*
*
* This feature is available for Amazon CloudFront distributions and Application Load Balancers only.
*
*
*
* This causes Shield Advanced to create, verify, and apply WAF rules for DDoS attacks that it detects for the
* resource. Shield Advanced applies the rules in a Shield rule group inside the web ACL that you've associated with
* the resource. For information about how automatic mitigation works and the requirements for using it, see Shield
* Advanced automatic application layer DDoS mitigation.
*
*
*
* Don't use this action to make changes to automatic mitigation settings when it's already enabled for a resource.
* Instead, use UpdateApplicationLayerAutomaticResponse.
*
*
*
* To use this feature, you must associate a web ACL with the protected resource. The web ACL must be created using
* the latest version of WAF (v2). You can associate the web ACL through the Shield Advanced console at https://console.aws.amazon.com/wafv2/shieldv2#/. For
* more information, see Getting Started with
* Shield Advanced. You can also associate the web ACL to the resource through the WAF console or the WAF API,
* but you must manage Shield Advanced automatic mitigation through Shield Advanced. For information about WAF, see
* WAF Developer Guide.
*
*
* @param enableApplicationLayerAutomaticResponseRequest
* @return Result of the EnableApplicationLayerAutomaticResponse operation returned by the service.
* @throws LimitsExceededException
* Exception that indicates that the operation would exceed a limit.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @sample AWSShield.EnableApplicationLayerAutomaticResponse
* @see AWS API Documentation
*/
EnableApplicationLayerAutomaticResponseResult enableApplicationLayerAutomaticResponse(
EnableApplicationLayerAutomaticResponseRequest enableApplicationLayerAutomaticResponseRequest);
/**
*
* Authorizes the Shield Response Team (SRT) to use email and phone to notify contacts about escalations to the SRT
* and to initiate proactive customer support.
*
*
* @param enableProactiveEngagementRequest
* @return Result of the EnableProactiveEngagement operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @sample AWSShield.EnableProactiveEngagement
* @see AWS API Documentation
*/
EnableProactiveEngagementResult enableProactiveEngagement(EnableProactiveEngagementRequest enableProactiveEngagementRequest);
/**
*
* Returns the SubscriptionState, either Active or Inactive.
*
*
* @param getSubscriptionStateRequest
* @return Result of the GetSubscriptionState operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @sample AWSShield.GetSubscriptionState
* @see AWS
* API Documentation
*/
GetSubscriptionStateResult getSubscriptionState(GetSubscriptionStateRequest getSubscriptionStateRequest);
/**
*
* Returns all ongoing DDoS attacks or all DDoS attacks during a specified time period.
*
*
* @param listAttacksRequest
* @return Result of the ListAttacks operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @sample AWSShield.ListAttacks
* @see AWS API
* Documentation
*/
ListAttacksResult listAttacks(ListAttacksRequest listAttacksRequest);
/**
*
* Retrieves ProtectionGroup objects for the account. You can retrieve all protection groups or you can
* provide filtering criteria and retrieve just the subset of protection groups that match the criteria.
*
*
* @param listProtectionGroupsRequest
* @return Result of the ListProtectionGroups operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws InvalidPaginationTokenException
* Exception that indicates that the NextToken specified in the request is invalid. Submit the
* request using the NextToken value that was returned in the prior response.
* @sample AWSShield.ListProtectionGroups
* @see AWS
* API Documentation
*/
ListProtectionGroupsResult listProtectionGroups(ListProtectionGroupsRequest listProtectionGroupsRequest);
/**
*
* Retrieves Protection objects for the account. You can retrieve all protections or you can provide
* filtering criteria and retrieve just the subset of protections that match the criteria.
*
*
* @param listProtectionsRequest
* @return Result of the ListProtections operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws InvalidPaginationTokenException
* Exception that indicates that the NextToken specified in the request is invalid. Submit the
* request using the NextToken value that was returned in the prior response.
* @sample AWSShield.ListProtections
* @see AWS API
* Documentation
*/
ListProtectionsResult listProtections(ListProtectionsRequest listProtectionsRequest);
/**
*
* Retrieves the resources that are included in the protection group.
*
*
* @param listResourcesInProtectionGroupRequest
* @return Result of the ListResourcesInProtectionGroup operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws InvalidPaginationTokenException
* Exception that indicates that the NextToken specified in the request is invalid. Submit the
* request using the NextToken value that was returned in the prior response.
* @sample AWSShield.ListResourcesInProtectionGroup
* @see AWS API Documentation
*/
ListResourcesInProtectionGroupResult listResourcesInProtectionGroup(ListResourcesInProtectionGroupRequest listResourcesInProtectionGroupRequest);
/**
*
* Gets information about Amazon Web Services tags for a specified Amazon Resource Name (ARN) in Shield.
*
*
* @param listTagsForResourceRequest
* @return Result of the ListTagsForResource operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidResourceException
* Exception that indicates that the resource is invalid. You might not have access to the resource, or the
* resource might not exist.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.ListTagsForResource
* @see AWS API
* Documentation
*/
ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest);
/**
*
* Adds or updates tags for a resource in Shield.
*
*
* @param tagResourceRequest
* @return Result of the TagResource operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidResourceException
* Exception that indicates that the resource is invalid. You might not have access to the resource, or the
* resource might not exist.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.TagResource
* @see AWS API
* Documentation
*/
TagResourceResult tagResource(TagResourceRequest tagResourceRequest);
/**
*
* Removes tags from a resource in Shield.
*
*
* @param untagResourceRequest
* @return Result of the UntagResource operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidResourceException
* Exception that indicates that the resource is invalid. You might not have access to the resource, or the
* resource might not exist.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.UntagResource
* @see AWS API
* Documentation
*/
UntagResourceResult untagResource(UntagResourceRequest untagResourceRequest);
/**
*
* Updates an existing Shield Advanced automatic application layer DDoS mitigation configuration for the specified
* resource.
*
*
* @param updateApplicationLayerAutomaticResponseRequest
* @return Result of the UpdateApplicationLayerAutomaticResponse operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws InvalidOperationException
* Exception that indicates that the operation would not cause any change to occur.
* @sample AWSShield.UpdateApplicationLayerAutomaticResponse
* @see AWS API Documentation
*/
UpdateApplicationLayerAutomaticResponseResult updateApplicationLayerAutomaticResponse(
UpdateApplicationLayerAutomaticResponseRequest updateApplicationLayerAutomaticResponseRequest);
/**
*
* Updates the details of the list of email addresses and phone numbers that the Shield Response Team (SRT) can use
* to contact you if you have proactive engagement enabled, for escalations to the SRT and to initiate proactive
* customer support.
*
*
* @param updateEmergencyContactSettingsRequest
* @return Result of the UpdateEmergencyContactSettings operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @sample AWSShield.UpdateEmergencyContactSettings
* @see AWS API Documentation
*/
UpdateEmergencyContactSettingsResult updateEmergencyContactSettings(UpdateEmergencyContactSettingsRequest updateEmergencyContactSettingsRequest);
/**
*
* Updates an existing protection group. A protection group is a grouping of protected resources so they can be
* handled as a collective. This resource grouping improves the accuracy of detection and reduces false positives.
*
*
* @param updateProtectionGroupRequest
* @return Result of the UpdateProtectionGroup operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @sample AWSShield.UpdateProtectionGroup
* @see AWS
* API Documentation
*/
UpdateProtectionGroupResult updateProtectionGroup(UpdateProtectionGroupRequest updateProtectionGroupRequest);
/**
*
* Updates the details of an existing subscription. Only enter values for parameters you want to change. Empty
* parameters are not updated.
*
*
*
* For accounts that are members of an Organizations organization, Shield Advanced subscriptions are billed against
* the organization's payer account, regardless of whether the payer account itself is subscribed.
*
*
*
* @param updateSubscriptionRequest
* @return Result of the UpdateSubscription operation returned by the service.
* @throws InternalErrorException
* Exception that indicates that a problem occurred with the service infrastructure. You can retry the
* request.
* @throws LockedSubscriptionException
* You are trying to update a subscription that has not yet completed the 1-year commitment. You can change
* the AutoRenew parameter during the last 30 days of your subscription. This exception
* indicates that you are attempting to change AutoRenew prior to that period.
* @throws ResourceNotFoundException
* Exception indicating the specified resource does not exist. If available, this exception includes details
* in additional properties.
* @throws InvalidParameterException
* Exception that indicates that the parameters passed to the API are invalid. If available, this exception
* includes details in additional properties.
* @throws OptimisticLockException
* Exception that indicates that the resource state has been modified by another client. Retrieve the
* resource and then retry your request.
* @sample AWSShield.UpdateSubscription
* @see AWS API
* Documentation
*/
UpdateSubscriptionResult updateSubscription(UpdateSubscriptionRequest updateSubscriptionRequest);
/**
* Shuts down this client object, releasing any resources that might be held open. This is an optional method, and
* callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client
* has been shutdown, it should not be used to make any more requests.
*/
void shutdown();
/**
* Returns additional metadata for a previously executed successful request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing a request.
*
* @param request
* The originally executed request.
*
* @return The response metadata for the specified request, or null if none is available.
*/
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
}