awscc.iot_securityprofile¶
Filters¶
event
reduce
value
Actions¶
delete¶
Parent base class for filters and actions.
properties:
type:
enum:
- delete
required:
- type
Permissions - iot:DescribeSecurityProfile, iot:DeleteSecurityProfile
update¶
Parent base class for filters and actions.
definitions:
AlertTarget:
additionalProperties: false
description: A structure containing the alert target ARN and the role ARN.
properties:
AlertTargetArn:
description: The ARN of the notification target to which alerts are sent.
maxLength: 2048
type: string
RoleArn:
description: The ARN of the role that grants permission to send alerts to
the notification target.
maxLength: 2048
minLength: 20
type: string
required:
- AlertTargetArn
- RoleArn
type: object
Behavior:
additionalProperties: false
description: A security profile behavior.
properties:
Criteria:
additionalProperties: false
description: The criteria by which the behavior is determined to be normal.
properties:
ComparisonOperator:
description: The operator that relates the thing measured (metric) to
the criteria (containing a value or statisticalThreshold).
enum:
- less-than
- less-than-equals
- greater-than
- greater-than-equals
- in-cidr-set
- not-in-cidr-set
- in-port-set
- not-in-port-set
- in-set
- not-in-set
type: string
ConsecutiveDatapointsToAlarm:
description: If a device is in violation of the behavior for the specified
number of consecutive datapoints, an alarm occurs. If not specified,
the default is 1.
maximum: 10
minimum: 1
type: integer
ConsecutiveDatapointsToClear:
description: If an alarm has occurred and the offending device is no longer
in violation of the behavior for the specified number of consecutive
datapoints, the alarm is cleared. If not specified, the default is 1.
maximum: 10
minimum: 1
type: integer
DurationSeconds:
description: Use this to specify the time duration over which the behavior
is evaluated.
type: integer
MlDetectionConfig:
additionalProperties: false
description: The configuration of an ML Detect Security Profile.
properties:
ConfidenceLevel:
description: The sensitivity of anomalous behavior evaluation. Can
be Low, Medium, or High.
enum:
- LOW
- MEDIUM
- HIGH
type: string
type: object
StatisticalThreshold:
additionalProperties: false
description: A statistical ranking (percentile) which indicates a threshold
value by which a behavior is determined to be in compliance or in violation
of the behavior.
properties:
Statistic:
description: The percentile which resolves to a threshold value by
which compliance with a behavior is determined
enum:
- Average
- p0
- p0.1
- p0.01
- p1
- p10
- p50
- p90
- p99
- p99.9
- p99.99
- p100
type: string
type: object
Value:
additionalProperties: false
description: The value to be compared with the metric.
properties:
Cidrs:
description: If the ComparisonOperator calls for a set of CIDRs, use
this to specify that set to be compared with the metric.
insertionOrder: false
items:
type: string
type: array
uniqueItems: true
Count:
description: If the ComparisonOperator calls for a numeric value,
use this to specify that (integer) numeric value to be compared
with the metric.
minimum: 0
type: string
Number:
description: The numeral value of a metric.
type: number
Numbers:
description: The numeral values of a metric.
insertionOrder: false
items:
type: number
type: array
uniqueItems: true
Ports:
description: If the ComparisonOperator calls for a set of ports, use
this to specify that set to be compared with the metric.
insertionOrder: false
items:
maximum: 65535
minimum: 0
type: integer
type: array
uniqueItems: true
Strings:
description: The string values of a metric.
insertionOrder: false
items:
type: string
type: array
uniqueItems: true
type: object
type: object
Metric:
description: What is measured by the behavior.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
MetricDimension:
additionalProperties: false
description: The dimension of a metric.
properties:
DimensionName:
description: A unique identifier for the dimension.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
Operator:
description: Defines how the dimensionValues of a dimension are interpreted.
enum:
- IN
- NOT_IN
type: string
required:
- DimensionName
type: object
Name:
description: The name for the behavior.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
SuppressAlerts:
description: Manage Detect alarm SNS notifications by setting behavior notification
to on or suppressed. Detect will continue to performing device behavior
evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification.
type: boolean
required:
- Name
type: object
BehaviorCriteria:
additionalProperties: false
description: The criteria by which the behavior is determined to be normal.
properties:
ComparisonOperator:
description: The operator that relates the thing measured (metric) to the
criteria (containing a value or statisticalThreshold).
enum:
- less-than
- less-than-equals
- greater-than
- greater-than-equals
- in-cidr-set
- not-in-cidr-set
- in-port-set
- not-in-port-set
- in-set
- not-in-set
type: string
ConsecutiveDatapointsToAlarm:
description: If a device is in violation of the behavior for the specified
number of consecutive datapoints, an alarm occurs. If not specified, the
default is 1.
maximum: 10
minimum: 1
type: integer
ConsecutiveDatapointsToClear:
description: If an alarm has occurred and the offending device is no longer
in violation of the behavior for the specified number of consecutive datapoints,
the alarm is cleared. If not specified, the default is 1.
maximum: 10
minimum: 1
type: integer
DurationSeconds:
description: Use this to specify the time duration over which the behavior
is evaluated.
type: integer
MlDetectionConfig:
additionalProperties: false
description: The configuration of an ML Detect Security Profile.
properties:
ConfidenceLevel:
description: The sensitivity of anomalous behavior evaluation. Can be
Low, Medium, or High.
enum:
- LOW
- MEDIUM
- HIGH
type: string
type: object
StatisticalThreshold:
additionalProperties: false
description: A statistical ranking (percentile) which indicates a threshold
value by which a behavior is determined to be in compliance or in violation
of the behavior.
properties:
Statistic:
description: The percentile which resolves to a threshold value by which
compliance with a behavior is determined
enum:
- Average
- p0
- p0.1
- p0.01
- p1
- p10
- p50
- p90
- p99
- p99.9
- p99.99
- p100
type: string
type: object
Value:
additionalProperties: false
description: The value to be compared with the metric.
properties:
Cidrs:
description: If the ComparisonOperator calls for a set of CIDRs, use this
to specify that set to be compared with the metric.
insertionOrder: false
items:
type: string
type: array
uniqueItems: true
Count:
description: If the ComparisonOperator calls for a numeric value, use
this to specify that (integer) numeric value to be compared with the
metric.
minimum: 0
type: string
Number:
description: The numeral value of a metric.
type: number
Numbers:
description: The numeral values of a metric.
insertionOrder: false
items:
type: number
type: array
uniqueItems: true
Ports:
description: If the ComparisonOperator calls for a set of ports, use this
to specify that set to be compared with the metric.
insertionOrder: false
items:
maximum: 65535
minimum: 0
type: integer
type: array
uniqueItems: true
Strings:
description: The string values of a metric.
insertionOrder: false
items:
type: string
type: array
uniqueItems: true
type: object
type: object
MachineLearningDetectionConfig:
additionalProperties: false
description: The configuration of an ML Detect Security Profile.
properties:
ConfidenceLevel:
description: The sensitivity of anomalous behavior evaluation. Can be Low,
Medium, or High.
enum:
- LOW
- MEDIUM
- HIGH
type: string
type: object
MetricDimension:
additionalProperties: false
description: The dimension of a metric.
properties:
DimensionName:
description: A unique identifier for the dimension.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
Operator:
description: Defines how the dimensionValues of a dimension are interpreted.
enum:
- IN
- NOT_IN
type: string
required:
- DimensionName
type: object
MetricToRetain:
additionalProperties: false
description: The metric you want to retain. Dimensions are optional.
properties:
Metric:
description: What is measured by the behavior.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
MetricDimension:
additionalProperties: false
description: The dimension of a metric.
properties:
DimensionName:
description: A unique identifier for the dimension.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
Operator:
description: Defines how the dimensionValues of a dimension are interpreted.
enum:
- IN
- NOT_IN
type: string
required:
- DimensionName
type: object
required:
- Metric
type: object
MetricValue:
additionalProperties: false
description: The value to be compared with the metric.
properties:
Cidrs:
description: If the ComparisonOperator calls for a set of CIDRs, use this
to specify that set to be compared with the metric.
insertionOrder: false
items:
type: string
type: array
uniqueItems: true
Count:
description: If the ComparisonOperator calls for a numeric value, use this
to specify that (integer) numeric value to be compared with the metric.
minimum: 0
type: string
Number:
description: The numeral value of a metric.
type: number
Numbers:
description: The numeral values of a metric.
insertionOrder: false
items:
type: number
type: array
uniqueItems: true
Ports:
description: If the ComparisonOperator calls for a set of ports, use this
to specify that set to be compared with the metric.
insertionOrder: false
items:
maximum: 65535
minimum: 0
type: integer
type: array
uniqueItems: true
Strings:
description: The string values of a metric.
insertionOrder: false
items:
type: string
type: array
uniqueItems: true
type: object
StatisticalThreshold:
additionalProperties: false
description: A statistical ranking (percentile) which indicates a threshold value
by which a behavior is determined to be in compliance or in violation of the
behavior.
properties:
Statistic:
description: The percentile which resolves to a threshold value by which compliance
with a behavior is determined
enum:
- Average
- p0
- p0.1
- p0.01
- p1
- p10
- p50
- p90
- p99
- p99.9
- p99.99
- p100
type: string
type: object
Tag:
additionalProperties: false
description: A key-value pair to associate with a resource.
properties:
Key:
description: The tag's key.
maxLength: 128
minLength: 1
type: string
Value:
description: The tag's value.
maxLength: 256
minLength: 1
type: string
required:
- Value
- Key
type: object
properties:
AdditionalMetricsToRetainV2:
description: A list of metrics whose data is retained (stored). By default, data
is retained for any metric used in the profile's behaviors, but it is also retained
for any metric specified here.
insertionOrder: false
items:
additionalProperties: false
description: The metric you want to retain. Dimensions are optional.
properties:
Metric:
description: What is measured by the behavior.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
MetricDimension:
additionalProperties: false
description: The dimension of a metric.
properties:
DimensionName:
description: A unique identifier for the dimension.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
Operator:
description: Defines how the dimensionValues of a dimension are interpreted.
enum:
- IN
- NOT_IN
type: string
required:
- DimensionName
type: object
required:
- Metric
type: object
type: array
uniqueItems: true
AlertTargets:
additionalProperties: false
description: Specifies the destinations to which alerts are sent.
patternProperties:
'[a-zA-Z0-9:_-]+':
additionalProperties: false
description: A structure containing the alert target ARN and the role ARN.
properties:
AlertTargetArn:
description: The ARN of the notification target to which alerts are sent.
maxLength: 2048
type: string
RoleArn:
description: The ARN of the role that grants permission to send alerts
to the notification target.
maxLength: 2048
minLength: 20
type: string
required:
- AlertTargetArn
- RoleArn
type: object
type: object
Behaviors:
description: Specifies the behaviors that, when violated by a device (thing),
cause an alert.
insertionOrder: false
items:
additionalProperties: false
description: A security profile behavior.
properties:
Criteria:
additionalProperties: false
description: The criteria by which the behavior is determined to be normal.
properties:
ComparisonOperator:
description: The operator that relates the thing measured (metric) to
the criteria (containing a value or statisticalThreshold).
enum:
- less-than
- less-than-equals
- greater-than
- greater-than-equals
- in-cidr-set
- not-in-cidr-set
- in-port-set
- not-in-port-set
- in-set
- not-in-set
type: string
ConsecutiveDatapointsToAlarm:
description: If a device is in violation of the behavior for the specified
number of consecutive datapoints, an alarm occurs. If not specified,
the default is 1.
maximum: 10
minimum: 1
type: integer
ConsecutiveDatapointsToClear:
description: If an alarm has occurred and the offending device is no
longer in violation of the behavior for the specified number of consecutive
datapoints, the alarm is cleared. If not specified, the default is
1.
maximum: 10
minimum: 1
type: integer
DurationSeconds:
description: Use this to specify the time duration over which the behavior
is evaluated.
type: integer
MlDetectionConfig:
additionalProperties: false
description: The configuration of an ML Detect Security Profile.
properties:
ConfidenceLevel:
description: The sensitivity of anomalous behavior evaluation. Can
be Low, Medium, or High.
enum:
- LOW
- MEDIUM
- HIGH
type: string
type: object
StatisticalThreshold:
additionalProperties: false
description: A statistical ranking (percentile) which indicates a threshold
value by which a behavior is determined to be in compliance or in
violation of the behavior.
properties:
Statistic:
description: The percentile which resolves to a threshold value
by which compliance with a behavior is determined
enum:
- Average
- p0
- p0.1
- p0.01
- p1
- p10
- p50
- p90
- p99
- p99.9
- p99.99
- p100
type: string
type: object
Value:
additionalProperties: false
description: The value to be compared with the metric.
properties:
Cidrs:
description: If the ComparisonOperator calls for a set of CIDRs,
use this to specify that set to be compared with the metric.
insertionOrder: false
items:
type: string
type: array
uniqueItems: true
Count:
description: If the ComparisonOperator calls for a numeric value,
use this to specify that (integer) numeric value to be compared
with the metric.
minimum: 0
type: string
Number:
description: The numeral value of a metric.
type: number
Numbers:
description: The numeral values of a metric.
insertionOrder: false
items:
type: number
type: array
uniqueItems: true
Ports:
description: If the ComparisonOperator calls for a set of ports,
use this to specify that set to be compared with the metric.
insertionOrder: false
items:
maximum: 65535
minimum: 0
type: integer
type: array
uniqueItems: true
Strings:
description: The string values of a metric.
insertionOrder: false
items:
type: string
type: array
uniqueItems: true
type: object
type: object
Metric:
description: What is measured by the behavior.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
MetricDimension:
additionalProperties: false
description: The dimension of a metric.
properties:
DimensionName:
description: A unique identifier for the dimension.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
Operator:
description: Defines how the dimensionValues of a dimension are interpreted.
enum:
- IN
- NOT_IN
type: string
required:
- DimensionName
type: object
Name:
description: The name for the behavior.
maxLength: 128
minLength: 1
pattern: '[a-zA-Z0-9:_-]+'
type: string
SuppressAlerts:
description: Manage Detect alarm SNS notifications by setting behavior notification
to on or suppressed. Detect will continue to performing device behavior
evaluations. However, suppressed alarms wouldn't be forwarded for SNS
notification.
type: boolean
required:
- Name
type: object
maxLength: 100
type: array
uniqueItems: true
SecurityProfileDescription:
description: A description of the security profile.
maxLength: 1000
type: string
Tags:
description: Metadata that can be used to manage the security profile.
insertionOrder: false
items:
additionalProperties: false
description: A key-value pair to associate with a resource.
properties:
Key:
description: The tag's key.
maxLength: 128
minLength: 1
type: string
Value:
description: The tag's value.
maxLength: 256
minLength: 1
type: string
required:
- Value
- Key
type: object
maxItems: 50
type: array
uniqueItems: true
TargetArns:
description: A set of target ARNs that the security profile is attached to.
insertionOrder: false
items:
description: The ARN of the target to which the security profile is attached.
maxLength: 2048
type: string
type: array
uniqueItems: true
type:
enum:
- update
Permissions - iot:UpdateSecurityProfile, iot:ListTargetsForSecurityProfile, iot:AttachSecurityProfile, iot:DetachSecurityProfile, iot:ListTagsForResource, iot:UntagResource, iot:TagResource, iam:PassRole