Skip to content

/AWS1/CL_SHD=>CREATEPROTECTION()

About CreateProtection

Enables Shield Advanced for a specific Amazon Web Services resource. The resource can be an Amazon CloudFront distribution, Amazon RouteĀ 53 hosted zone, Global Accelerator standard accelerator, Elastic IP Address, Application Load Balancer, or a Classic Load Balancer. You can protect Amazon EC2 instances and Network Load Balancers by association with protected Amazon EC2 Elastic IP addresses.

You can add protection to only a single resource with each CreateProtection request. You can add protection to multiple resources at once through the Shield Advanced console at https://console.aws.amazon.com/wafv2/shieldv2#/. For more information see Getting Started with Shield Advanced and Adding Shield Advanced protection to Amazon Web Services resources.

Method Signature

IMPORTING

Required arguments:

iv_name TYPE /AWS1/SHDPROTECTIONNAME /AWS1/SHDPROTECTIONNAME

Friendly name for the Protection you are creating.

iv_resourcearn TYPE /AWS1/SHDRESOURCEARN /AWS1/SHDRESOURCEARN

The ARN (Amazon Resource Name) of the resource to be protected.

The ARN should be in one of the following formats:

  • For an Application Load Balancer: arn:aws:elasticloadbalancing:region:account-id:loadbalancer/app/load-balancer-name/load-balancer-id

  • For an Elastic Load Balancer (Classic Load Balancer): arn:aws:elasticloadbalancing:region:account-id:loadbalancer/load-balancer-name

  • For an Amazon CloudFront distribution: arn:aws:cloudfront::account-id:distribution/distribution-id

  • For an Global Accelerator standard accelerator: arn:aws:globalaccelerator::account-id:accelerator/accelerator-id

  • For Amazon RouteĀ 53: arn:aws:route53:::hostedzone/hosted-zone-id

  • For an Elastic IP address: arn:aws:ec2:region:account-id:eip-allocation/allocation-id

Optional arguments:

it_tags TYPE /AWS1/CL_SHDTAG=>TT_TAGLIST TT_TAGLIST

One or more tag key-value pairs for the Protection object that is created.

RETURNING

oo_output TYPE REF TO /aws1/cl_shdcreprotectionrsp /AWS1/CL_SHDCREPROTECTIONRSP

Domain /AWS1/RT_ACCOUNT_ID
Primitive Type NUMC

Examples

Syntax Example

This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.

DATA(lo_result) = lo_client->/aws1/if_shd~createprotection(
  it_tags = VALUE /aws1/cl_shdtag=>tt_taglist(
    (
      new /aws1/cl_shdtag(
        iv_key = |string|
        iv_value = |string|
      )
    )
  )
  iv_name = |string|
  iv_resourcearn = |string|
).

This is an example of reading all possible response values

lo_result = lo_result.
IF lo_result IS NOT INITIAL.
  lv_protectionid = lo_result->get_protectionid( ).
ENDIF.