CfnSecurityProfilePropsMixin
- class aws_cdk.mixins_preview.aws_iot.mixins.CfnSecurityProfilePropsMixin(props, *, strategy=None)
Bases:
MixinUse the
AWS::IoT::SecurityProfileresource to create a Device Defender security profile.For API reference, see CreateSecurityProfile and for general information, see Detect .
- See:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-securityprofile.html
- CloudformationResource:
AWS::IoT::SecurityProfile
- Mixin:
true
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview import mixins from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins cfn_security_profile_props_mixin = iot_mixins.CfnSecurityProfilePropsMixin(iot_mixins.CfnSecurityProfileMixinProps( additional_metrics_to_retain_v2=[iot_mixins.CfnSecurityProfilePropsMixin.MetricToRetainProperty( export_metric=False, metric="metric", metric_dimension=iot_mixins.CfnSecurityProfilePropsMixin.MetricDimensionProperty( dimension_name="dimensionName", operator="operator" ) )], alert_targets={ "alert_targets_key": iot_mixins.CfnSecurityProfilePropsMixin.AlertTargetProperty( alert_target_arn="alertTargetArn", role_arn="roleArn" ) }, behaviors=[iot_mixins.CfnSecurityProfilePropsMixin.BehaviorProperty( criteria=iot_mixins.CfnSecurityProfilePropsMixin.BehaviorCriteriaProperty( comparison_operator="comparisonOperator", consecutive_datapoints_to_alarm=123, consecutive_datapoints_to_clear=123, duration_seconds=123, ml_detection_config=iot_mixins.CfnSecurityProfilePropsMixin.MachineLearningDetectionConfigProperty( confidence_level="confidenceLevel" ), statistical_threshold=iot_mixins.CfnSecurityProfilePropsMixin.StatisticalThresholdProperty( statistic="statistic" ), value=iot_mixins.CfnSecurityProfilePropsMixin.MetricValueProperty( cidrs=["cidrs"], count="count", number=123, numbers=[123], ports=[123], strings=["strings"] ) ), export_metric=False, metric="metric", metric_dimension=iot_mixins.CfnSecurityProfilePropsMixin.MetricDimensionProperty( dimension_name="dimensionName", operator="operator" ), name="name", suppress_alerts=False )], metrics_export_config=iot_mixins.CfnSecurityProfilePropsMixin.MetricsExportConfigProperty( mqtt_topic="mqttTopic", role_arn="roleArn" ), security_profile_description="securityProfileDescription", security_profile_name="securityProfileName", tags=[CfnTag( key="key", value="value" )], target_arns=["targetArns"] ), strategy=mixins.PropertyMergeStrategy.OVERRIDE )
Create a mixin to apply properties to
AWS::IoT::SecurityProfile.- Parameters:
props (
Union[CfnSecurityProfileMixinProps,Dict[str,Any]]) – L1 properties to apply.strategy (
Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE
Methods
- apply_to(construct)
Apply the mixin properties to the construct.
- Parameters:
construct (
IConstruct)- Return type:
- supports(construct)
Check if this mixin supports the given construct.
- Parameters:
construct (
IConstruct)- Return type:
bool
Attributes
- CFN_PROPERTY_KEYS = ['additionalMetricsToRetainV2', 'alertTargets', 'behaviors', 'metricsExportConfig', 'securityProfileDescription', 'securityProfileName', 'tags', 'targetArns']
Static Methods
- classmethod is_mixin(x)
(experimental) Checks if
xis a Mixin.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsMixin.- Stability:
experimental
AlertTargetProperty
- class CfnSecurityProfilePropsMixin.AlertTargetProperty(*, alert_target_arn=None, role_arn=None)
Bases:
objectA structure containing the alert target ARN and the role ARN.
- Parameters:
alert_target_arn (
Optional[str]) – The Amazon Resource Name (ARN) of the notification target to which alerts are sent.role_arn (
Optional[str]) – The ARN of the role that grants permission to send alerts to the notification target.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins alert_target_property = iot_mixins.CfnSecurityProfilePropsMixin.AlertTargetProperty( alert_target_arn="alertTargetArn", role_arn="roleArn" )
Attributes
- alert_target_arn
The Amazon Resource Name (ARN) of the notification target to which alerts are sent.
- role_arn
The ARN of the role that grants permission to send alerts to the notification target.
BehaviorCriteriaProperty
- class CfnSecurityProfilePropsMixin.BehaviorCriteriaProperty(*, comparison_operator=None, consecutive_datapoints_to_alarm=None, consecutive_datapoints_to_clear=None, duration_seconds=None, ml_detection_config=None, statistical_threshold=None, value=None)
Bases:
objectThe criteria by which the behavior is determined to be normal.
- Parameters:
comparison_operator (
Optional[str]) – The operator that relates the thing measured (metric) to the criteria (containing avalueorstatisticalThreshold). Valid operators include: -string-list:in-setandnot-in-set-number-list:in-setandnot-in-set-ip-address-list:in-cidr-setandnot-in-cidr-set-number:less-than,less-than-equals,greater-than, andgreater-than-equalsconsecutive_datapoints_to_alarm (
Union[int,float,None]) – If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.consecutive_datapoints_to_clear (
Union[int,float,None]) – If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.duration_seconds (
Union[int,float,None]) – Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example,NUM_MESSAGES_SENT). For astatisticalThreshholdmetric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.ml_detection_config (
Union[IResolvable,MachineLearningDetectionConfigProperty,Dict[str,Any],None]) – The confidence level of the detection model.statistical_threshold (
Union[IResolvable,StatisticalThresholdProperty,Dict[str,Any],None]) – A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.value (
Union[IResolvable,MetricValueProperty,Dict[str,Any],None]) – The value to be compared with themetric.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins behavior_criteria_property = iot_mixins.CfnSecurityProfilePropsMixin.BehaviorCriteriaProperty( comparison_operator="comparisonOperator", consecutive_datapoints_to_alarm=123, consecutive_datapoints_to_clear=123, duration_seconds=123, ml_detection_config=iot_mixins.CfnSecurityProfilePropsMixin.MachineLearningDetectionConfigProperty( confidence_level="confidenceLevel" ), statistical_threshold=iot_mixins.CfnSecurityProfilePropsMixin.StatisticalThresholdProperty( statistic="statistic" ), value=iot_mixins.CfnSecurityProfilePropsMixin.MetricValueProperty( cidrs=["cidrs"], count="count", number=123, numbers=[123], ports=[123], strings=["strings"] ) )
Attributes
- comparison_operator
The operator that relates the thing measured (
metric) to the criteria (containing avalueorstatisticalThreshold).Valid operators include:
string-list:in-setandnot-in-setnumber-list:in-setandnot-in-setip-address-list:in-cidr-setandnot-in-cidr-setnumber:less-than,less-than-equals,greater-than, andgreater-than-equals
- consecutive_datapoints_to_alarm
If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs.
If not specified, the default is 1.
- consecutive_datapoints_to_clear
If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared.
If not specified, the default is 1.
- duration_seconds
Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example,
NUM_MESSAGES_SENT).For a
statisticalThreshholdmetric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.
- ml_detection_config
The confidence level of the detection model.
- statistical_threshold
A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.
- value
The value to be compared with the
metric.
BehaviorProperty
- class CfnSecurityProfilePropsMixin.BehaviorProperty(*, criteria=None, export_metric=None, metric=None, metric_dimension=None, name=None, suppress_alerts=None)
Bases:
objectA Device Defender security profile behavior.
- Parameters:
criteria (
Union[IResolvable,BehaviorCriteriaProperty,Dict[str,Any],None]) – The criteria that determine if a device is behaving normally in regard to themetric. .. epigraph:: In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.export_metric (
Union[bool,IResolvable,None]) – Value indicates exporting metrics related to the behavior when it is true.metric (
Optional[str]) – What is measured by the behavior.metric_dimension (
Union[IResolvable,MetricDimensionProperty,Dict[str,Any],None]) – The dimension of the metric.name (
Optional[str]) – The name you’ve given to the behavior.suppress_alerts (
Union[bool,IResolvable,None]) – The alert status. If you set the value totrue, alerts will be suppressed.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins behavior_property = iot_mixins.CfnSecurityProfilePropsMixin.BehaviorProperty( criteria=iot_mixins.CfnSecurityProfilePropsMixin.BehaviorCriteriaProperty( comparison_operator="comparisonOperator", consecutive_datapoints_to_alarm=123, consecutive_datapoints_to_clear=123, duration_seconds=123, ml_detection_config=iot_mixins.CfnSecurityProfilePropsMixin.MachineLearningDetectionConfigProperty( confidence_level="confidenceLevel" ), statistical_threshold=iot_mixins.CfnSecurityProfilePropsMixin.StatisticalThresholdProperty( statistic="statistic" ), value=iot_mixins.CfnSecurityProfilePropsMixin.MetricValueProperty( cidrs=["cidrs"], count="count", number=123, numbers=[123], ports=[123], strings=["strings"] ) ), export_metric=False, metric="metric", metric_dimension=iot_mixins.CfnSecurityProfilePropsMixin.MetricDimensionProperty( dimension_name="dimensionName", operator="operator" ), name="name", suppress_alerts=False )
Attributes
- criteria
The criteria that determine if a device is behaving normally in regard to the
metric.In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously.
- export_metric
Value indicates exporting metrics related to the behavior when it is true.
- metric
What is measured by the behavior.
- metric_dimension
The dimension of the metric.
- name
The name you’ve given to the behavior.
- suppress_alerts
The alert status.
If you set the value to
true, alerts will be suppressed.
MachineLearningDetectionConfigProperty
- class CfnSecurityProfilePropsMixin.MachineLearningDetectionConfigProperty(*, confidence_level=None)
Bases:
objectThe
MachineLearningDetectionConfigproperty type controls confidence of the machine learning model.- Parameters:
confidence_level (
Optional[str]) – The model confidence level. There are three levels of confidence,"high","medium", and"low". The higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins machine_learning_detection_config_property = iot_mixins.CfnSecurityProfilePropsMixin.MachineLearningDetectionConfigProperty( confidence_level="confidenceLevel" )
Attributes
- confidence_level
The model confidence level.
There are three levels of confidence,
"high","medium", and"low".The higher the confidence level, the lower the sensitivity, and the lower the alarm frequency will be.
MetricDimensionProperty
- class CfnSecurityProfilePropsMixin.MetricDimensionProperty(*, dimension_name=None, operator=None)
Bases:
objectThe dimension of the metric.
- Parameters:
dimension_name (
Optional[str]) – The name of the dimension.operator (
Optional[str]) – Operators are constructs that perform logical operations. Valid values areINandNOT_IN.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins metric_dimension_property = iot_mixins.CfnSecurityProfilePropsMixin.MetricDimensionProperty( dimension_name="dimensionName", operator="operator" )
Attributes
- dimension_name
The name of the dimension.
- operator
Operators are constructs that perform logical operations.
Valid values are
INandNOT_IN.
MetricToRetainProperty
- class CfnSecurityProfilePropsMixin.MetricToRetainProperty(*, export_metric=None, metric=None, metric_dimension=None)
Bases:
objectThe metric you want to retain.
Dimensions are optional.
- Parameters:
export_metric (
Union[bool,IResolvable,None]) – The value indicates exporting metrics related to theMetricToRetainwhen it’s true.metric (
Optional[str]) – A standard of measurement.metric_dimension (
Union[IResolvable,MetricDimensionProperty,Dict[str,Any],None]) – The dimension of the metric.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins metric_to_retain_property = iot_mixins.CfnSecurityProfilePropsMixin.MetricToRetainProperty( export_metric=False, metric="metric", metric_dimension=iot_mixins.CfnSecurityProfilePropsMixin.MetricDimensionProperty( dimension_name="dimensionName", operator="operator" ) )
Attributes
- export_metric
The value indicates exporting metrics related to the
MetricToRetainwhen it’s true.
- metric
A standard of measurement.
- metric_dimension
The dimension of the metric.
MetricValueProperty
- class CfnSecurityProfilePropsMixin.MetricValueProperty(*, cidrs=None, count=None, number=None, numbers=None, ports=None, strings=None)
Bases:
objectThe value to be compared with the
metric.- Parameters:
cidrs (
Optional[Sequence[str]]) – If thecomparisonOperatorcalls for a set of CIDRs, use this to specify that set to be compared with themetric.count (
Optional[str]) – If thecomparisonOperatorcalls for a numeric value, use this to specify that numeric value to be compared with themetric.number (
Union[int,float,None]) – The numeric values of a metric.numbers (
Union[Sequence[Union[int,float]],IResolvable,None]) – The numeric value of a metric.ports (
Union[Sequence[Union[int,float]],IResolvable,None]) – If thecomparisonOperatorcalls for a set of ports, use this to specify that set to be compared with themetric.strings (
Optional[Sequence[str]]) – The string values of a metric.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins metric_value_property = iot_mixins.CfnSecurityProfilePropsMixin.MetricValueProperty( cidrs=["cidrs"], count="count", number=123, numbers=[123], ports=[123], strings=["strings"] )
Attributes
- cidrs
If the
comparisonOperatorcalls for a set of CIDRs, use this to specify that set to be compared with themetric.
- count
If the
comparisonOperatorcalls for a numeric value, use this to specify that numeric value to be compared with themetric.
- number
The numeric values of a metric.
- numbers
The numeric value of a metric.
- ports
If the
comparisonOperatorcalls for a set of ports, use this to specify that set to be compared with themetric.
- strings
The string values of a metric.
MetricsExportConfigProperty
- class CfnSecurityProfilePropsMixin.MetricsExportConfigProperty(*, mqtt_topic=None, role_arn=None)
Bases:
objectSpecifies the MQTT topic and role ARN required for metric export.
- Parameters:
mqtt_topic (
Optional[str]) – The MQTT topic that Device Defender Detect should publish messages to for metrics export.role_arn (
Optional[str]) – This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins metrics_export_config_property = iot_mixins.CfnSecurityProfilePropsMixin.MetricsExportConfigProperty( mqtt_topic="mqttTopic", role_arn="roleArn" )
Attributes
- mqtt_topic
The MQTT topic that Device Defender Detect should publish messages to for metrics export.
- role_arn
This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.
StatisticalThresholdProperty
- class CfnSecurityProfilePropsMixin.StatisticalThresholdProperty(*, statistic=None)
Bases:
objectA statistical ranking (percentile) that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.
- Parameters:
statistic (
Optional[str]) – The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period (durationSeconds) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below (comparisonOperator) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_iot import mixins as iot_mixins statistical_threshold_property = iot_mixins.CfnSecurityProfilePropsMixin.StatisticalThresholdProperty( statistic="statistic" )
Attributes
- statistic
The percentile that resolves to a threshold value by which compliance with a behavior is determined.
Metrics are collected over the specified period (
durationSeconds) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below (comparisonOperator) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.