aws-cdk-lib.aws_shield.CfnProtectionGroupProps

interface CfnProtectionGroupProps

LanguageType name
.NETAmazon.CDK.aws_shield.CfnProtectionGroupProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsshield#CfnProtectionGroupProps
Javaservices.shield.CfnProtectionGroupProps
Pythonaws_cdk.aws_shield.CfnProtectionGroupProps
TypeScript aws-cdk-lib » aws_shield » CfnProtectionGroupProps

Properties for defining a CfnProtectionGroup.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_shield as shield } from 'aws-cdk-lib';
const cfnProtectionGroupProps: shield.CfnProtectionGroupProps = {
  aggregation: 'aggregation',
  pattern: 'pattern',
  protectionGroupId: 'protectionGroupId',

  // the properties below are optional
  members: ['members'],
  resourceType: 'resourceType',
  tags: [{
    key: 'key',
    value: 'value',
  }],
};

Properties

NameTypeDescription
aggregationstringDefines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.
patternstringThe criteria to use to choose the protected resources for inclusion in the group.
protectionGroupIdstringThe name of the protection group.
members?string[]The ARNs (Amazon Resource Names) of the resources to include in the protection group.
resourceType?stringThe resource type to include in the protection group.
tags?CfnTag[]Key:value pairs associated with an AWS resource.

aggregation

Type: string

Defines how AWS Shield combines resource data for the group in order to detect, mitigate, and report events.

  • Sum - Use the total traffic across the group. This is a good choice for most cases. Examples include Elastic IP addresses for EC2 instances that scale manually or automatically.
  • Mean - Use the average of the traffic across the group. This is a good choice for resources that share traffic uniformly. Examples include accelerators and load balancers.
  • Max - Use the highest traffic from each resource. This is useful for resources that don't share traffic and for resources that share that traffic in a non-uniform way. Examples include Amazon CloudFront distributions and origin resources for CloudFront distributions.

pattern

Type: string

The criteria to use to choose the protected resources for inclusion in the group.

You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.


protectionGroupId

Type: string

The name of the protection group.

You use this to identify the protection group in lists and to manage the protection group, for example to update, delete, or describe it.


members?

Type: string[] (optional)

The ARNs (Amazon Resource Names) of the resources to include in the protection group.

You must set this when you set Pattern to ARBITRARY and you must not set it for any other Pattern setting.


resourceType?

Type: string (optional)

The resource type to include in the protection group.

All protected resources of this type are included in the protection group. You must set this when you set Pattern to BY_RESOURCE_TYPE and you must not set it for any other Pattern setting.


tags?

Type: CfnTag[] (optional)

Key:value pairs associated with an AWS resource.

The key:value pair can be anything you define. Typically, the tag key represents a category (such as "environment") and the tag value represents a specific value within that category (such as "test," "development," or "production"). You can add up to 50 tags to each AWS resource.