Mitigation actions can be used to take actions to mitigate issues that were found in an Audit finding or Detect violation.
action_params
(Attributes) The set of parameters for this mitigation action. You can specify only one type of parameter (in other words, you can apply only one action for each defined mitigation action). (see below for nested schema)role_arn
(String)action_name
(String) A unique identifier for the mitigation action.tags
(Attributes Set) An array of key-value pairs to apply to this resource. (see below for nested schema)id
(String) Uniquely identifies the resource.mitigation_action_arn
(String)mitigation_action_id
(String)action_params
Optional:
add_things_to_thing_group_params
(Attributes) Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine. (see below for nested schema)enable_io_t_logging_params
(Attributes) Parameters to define a mitigation action that enables AWS IoT logging at a specified level of detail. (see below for nested schema)publish_finding_to_sns_params
(Attributes) Parameters, to define a mitigation action that publishes findings to Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages. (see below for nested schema)replace_default_policy_version_params
(Attributes) Parameters to define a mitigation action that adds a blank policy to restrict permissions. (see below for nested schema)update_ca_certificate_params
(Attributes) Parameters to define a mitigation action that changes the state of the CA certificate to inactive. (see below for nested schema)update_device_certificate_params
(Attributes) Parameters to define a mitigation action that changes the state of the device certificate to inactive. (see below for nested schema)action_params.add_things_to_thing_group_params
Required:
thing_group_names
(Set of String) The list of groups to which you want to add the things that triggered the mitigation action.Optional:
override_dynamic_groups
(Boolean) Specifies if this mitigation action can move the things that triggered the mitigation action out of one or more dynamic thing groups.action_params.enable_io_t_logging_params
Required:
log_level
(String) Specifies which types of information are logged.role_arn_for_logging
(String) The ARN of the IAM role used for logging.action_params.publish_finding_to_sns_params
Required:
topic_arn
(String) The ARN of the topic to which you want to publish the findings.action_params.replace_default_policy_version_params
Required:
template_name
(String)action_params.update_ca_certificate_params
Required:
action
(String)action_params.update_device_certificate_params
Required:
action
(String)tags
Required:
key
(String) The tag's key.value
(String) The tag's value.Import is supported using the following syntax:
$ terraform import awscc_iot_mitigation_action.example <resource ID>