com.amazonaws.services.shield

Class AbstractAWSShield

java.lang.Object

com.amazonaws.services.shield.AbstractAWSShield

All Implemented Interfaces:

AWSShield

Direct Known Subclasses:

AbstractAWSShieldAsync

@Generated(value="com.amazonaws:aws-java-sdk-code-generator")
public class AbstractAWSShield
extends Object
implements AWSShield

Abstract implementation of AWSShield. Convenient method forms pass through to the corresponding overload that takes a request object, which throws an UnsupportedOperationException.

Field Summary

Fields inherited from interface com.amazonaws.services.shield.AWSShield

ENDPOINT_PREFIX

Method Summary

Modifier and Type	Method and Description
AssociateDRTLogBucketResult	associateDRTLogBucket(AssociateDRTLogBucketRequest request) Authorizes the DDoS Response team (DRT) to access the specified Amazon S3 bucket containing your flow logs.
AssociateDRTRoleResult	associateDRTRole(AssociateDRTRoleRequest request) Authorizes the DDoS Response team (DRT), using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks.
CreateProtectionResult	createProtection(CreateProtectionRequest request) Enables AWS Shield Advanced for a specific AWS resource.
CreateSubscriptionResult	createSubscription(CreateSubscriptionRequest request) Activates AWS Shield Advanced for an account.
DeleteProtectionResult	deleteProtection(DeleteProtectionRequest request) Deletes an AWS Shield Advanced Protection.
DeleteSubscriptionResult	deleteSubscription(DeleteSubscriptionRequest request) Deprecated.
DescribeAttackResult	describeAttack(DescribeAttackRequest request) Describes the details of a DDoS attack.
DescribeDRTAccessResult	describeDRTAccess(DescribeDRTAccessRequest request) Returns the current role and list of Amazon S3 log buckets used by the DDoS Response team (DRT) to access your AWS account while assisting with attack mitigation.
DescribeEmergencyContactSettingsResult	describeEmergencyContactSettings(DescribeEmergencyContactSettingsRequest request) Lists the email addresses that the DRT can use to contact you during a suspected attack.
DescribeProtectionResult	describeProtection(DescribeProtectionRequest request) Lists the details of a Protection object.
DescribeSubscriptionResult	describeSubscription(DescribeSubscriptionRequest request) Provides details about the AWS Shield Advanced subscription for an account.
DisassociateDRTLogBucketResult	disassociateDRTLogBucket(DisassociateDRTLogBucketRequest request) Removes the DDoS Response team's (DRT) access to the specified Amazon S3 bucket containing your flow logs.
DisassociateDRTRoleResult	disassociateDRTRole(DisassociateDRTRoleRequest request) Removes the DDoS Response team's (DRT) access to your AWS account.
ResponseMetadata	getCachedResponseMetadata(AmazonWebServiceRequest request) Returns additional metadata for a previously executed successful request, typically used for debugging issues where a service isn't acting as expected.
GetSubscriptionStateResult	getSubscriptionState(GetSubscriptionStateRequest request) Returns the SubscriptionState, either Active or Inactive.
ListAttacksResult	listAttacks(ListAttacksRequest request) Returns all ongoing DDoS attacks or all DDoS attacks during a specified time period.
ListProtectionsResult	listProtections(ListProtectionsRequest request) Lists all Protection objects for the account.
void	setEndpoint(String endpoint) Overrides the default endpoint for this client ("shield.us-east-1.amazonaws.com").
void	setRegion(Region region) An alternative to AWSShield.setEndpoint(String), sets the regional endpoint for this client's service calls.
void	shutdown() Shuts down this client object, releasing any resources that might be held open.
UpdateEmergencyContactSettingsResult	updateEmergencyContactSettings(UpdateEmergencyContactSettingsRequest request) Updates the details of the list of email addresses that the DRT can use to contact you during a suspected attack.
UpdateSubscriptionResult	updateSubscription(UpdateSubscriptionRequest request) Updates the details of an existing subscription.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

setEndpoint

public void setEndpoint(String endpoint)

Description copied from interface: AWSShield

Overrides the default endpoint for this client ("shield.us-east-1.amazonaws.com"). Callers can use this method to control which AWS region they want to work with.

Callers can pass in just the endpoint (ex: "shield.us-east-1.amazonaws.com") or a full URL, including the protocol (ex: "shield.us-east-1.amazonaws.com"). If the protocol is not specified here, the default protocol from this client's ClientConfiguration will be used, which by default is HTTPS.

For more information on using AWS regions with the AWS SDK for Java, and a complete list of all available endpoints for all AWS services, see: https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/java-dg-region-selection.html#region-selection- choose-endpoint

This method is not threadsafe. An endpoint should be configured when the client is created and before any service requests are made. Changing it afterwards creates inevitable race conditions for any service requests in transit or retrying.

Specified by:

setEndpoint in interface AWSShield

Parameters:

endpoint - The endpoint (ex: "shield.us-east-1.amazonaws.com") or a full URL, including the protocol (ex: "shield.us-east-1.amazonaws.com") of the region specific AWS endpoint this client will communicate with.

setRegion

public void setRegion(Region region)

Description copied from interface: AWSShield

An alternative to AWSShield.setEndpoint(String), sets the regional endpoint for this client's service calls. Callers can use this method to control which AWS region they want to work with.

By default, all service endpoints in all regions use the https protocol. To use http instead, specify it in the ClientConfiguration supplied at construction.

This method is not threadsafe. A region should be configured when the client is created and before any service requests are made. Changing it afterwards creates inevitable race conditions for any service requests in transit or retrying.

Specified by:

setRegion in interface AWSShield

Parameters:

region - The region this client will communicate with. See Region.getRegion(com.amazonaws.regions.Regions) for accessing a given region. Must not be null and must be a region where the service is available.

See Also:

Region.getRegion(com.amazonaws.regions.Regions), Region.createClient(Class, com.amazonaws.auth.AWSCredentialsProvider, ClientConfiguration), Region.isServiceSupported(String)

associateDRTLogBucket

public AssociateDRTLogBucketResult associateDRTLogBucket(AssociateDRTLogBucketRequest request)

Description copied from interface: AWSShield

Authorizes the DDoS Response team (DRT) to access the specified Amazon S3 bucket containing your flow logs. You can associate up to 10 Amazon S3 buckets with your subscription.

To use the services of the DRT and make an AssociateDRTLogBucket request, you must be subscribed to the Business Support plan or the Enterprise Support plan.

Specified by:

associateDRTLogBucket in interface AWSShield

Returns:

Result of the AssociateDRTLogBucket operation returned by the service.

See Also:

AWS API Documentation

associateDRTRole

public AssociateDRTRoleResult associateDRTRole(AssociateDRTRoleRequest request)

Description copied from interface: AWSShield

Authorizes the DDoS Response team (DRT), using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks. This enables the DRT to inspect your AWS WAF configuration and create or update AWS WAF rules and web ACLs.

You can associate only one RoleArn with your subscription. If you submit an AssociateDRTRole request for an account that already has an associated role, the new RoleArn will replace the existing RoleArn.

Prior to making the AssociateDRTRole request, you must attach the AWSShieldDRTAccessPolicy managed policy to the role you will specify in the request. For more information see Attaching and Detaching IAM Policies. The role must also trust the service principal drt.shield.amazonaws.com . For more information, see IAM JSON Policy Elements: Principal.

The DRT will have access only to your AWS WAF and Shield resources. By submitting this request, you authorize the DRT to inspect your AWS WAF and Shield configuration and create and update AWS WAF rules and web ACLs on your behalf. The DRT takes these actions only if explicitly authorized by you.

You must have the iam:PassRole permission to make an AssociateDRTRole request. For more information, see Granting a User Permissions to Pass a Role to an AWS Service.

To use the services of the DRT and make an AssociateDRTRole request, you must be subscribed to the Business Support plan or the Enterprise Support plan.

Specified by:

associateDRTRole in interface AWSShield

Returns:

Result of the AssociateDRTRole operation returned by the service.

See Also:

AWS API Documentation

createProtection

public CreateProtectionResult createProtection(CreateProtectionRequest request)

Description copied from interface: AWSShield

Enables AWS Shield Advanced for a specific AWS resource. The resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, AWS Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.

You can add protection to only a single resource with each CreateProtection request. If you want to add protection to multiple resources at once, use the AWS WAF console. For more information see Getting Started with AWS Shield Advanced and Add AWS Shield Advanced Protection to more AWS Resources.

Specified by:

createProtection in interface AWSShield

Returns:

Result of the CreateProtection operation returned by the service.

See Also:

AWS API Documentation

createSubscription

public CreateSubscriptionResult createSubscription(CreateSubscriptionRequest request)

Description copied from interface: AWSShield

Activates AWS Shield Advanced for an account.

As part of this request you can specify EmergencySettings that automaticaly grant the DDoS response team (DRT) needed permissions to assist you during a suspected DDoS attack. For more information see Authorize the DDoS Response Team to Create Rules and Web ACLs on Your Behalf.

When you initally create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period. You can change this by submitting an UpdateSubscription request.

Specified by:

createSubscription in interface AWSShield

Returns:

Result of the CreateSubscription operation returned by the service.

See Also:

AWS API Documentation

deleteProtection

public DeleteProtectionResult deleteProtection(DeleteProtectionRequest request)

Description copied from interface: AWSShield

Deletes an AWS Shield Advanced Protection.

Specified by:

deleteProtection in interface AWSShield

Returns:

Result of the DeleteProtection operation returned by the service.

See Also:

AWS API Documentation

deleteSubscription

@Deprecated
public DeleteSubscriptionResult deleteSubscription(DeleteSubscriptionRequest request)

Deprecated.

Description copied from interface: AWSShield

Removes AWS Shield Advanced from an account. AWS Shield Advanced requires a 1-year subscription commitment. You cannot delete a subscription prior to the completion of that commitment.

Specified by:

deleteSubscription in interface AWSShield

Returns:

Result of the DeleteSubscription operation returned by the service.

See Also:

AWS API Documentation

describeAttack

public DescribeAttackResult describeAttack(DescribeAttackRequest request)

Description copied from interface: AWSShield

Describes the details of a DDoS attack.

Specified by:

describeAttack in interface AWSShield

Returns:

Result of the DescribeAttack operation returned by the service.

See Also:

AWS API Documentation

describeDRTAccess

public DescribeDRTAccessResult describeDRTAccess(DescribeDRTAccessRequest request)

Description copied from interface: AWSShield

Returns the current role and list of Amazon S3 log buckets used by the DDoS Response team (DRT) to access your AWS account while assisting with attack mitigation.

Specified by:

describeDRTAccess in interface AWSShield

Returns:

Result of the DescribeDRTAccess operation returned by the service.

See Also:

AWS API Documentation

describeEmergencyContactSettings

public DescribeEmergencyContactSettingsResult describeEmergencyContactSettings(DescribeEmergencyContactSettingsRequest request)

Description copied from interface: AWSShield

Lists the email addresses that the DRT can use to contact you during a suspected attack.

Specified by:

describeEmergencyContactSettings in interface AWSShield

Returns:

Result of the DescribeEmergencyContactSettings operation returned by the service.

See Also:

AWS API Documentation

describeProtection

public DescribeProtectionResult describeProtection(DescribeProtectionRequest request)

Description copied from interface: AWSShield

Lists the details of a Protection object.

Specified by:

describeProtection in interface AWSShield

Returns:

Result of the DescribeProtection operation returned by the service.

See Also:

AWS API Documentation

describeSubscription

public DescribeSubscriptionResult describeSubscription(DescribeSubscriptionRequest request)

Description copied from interface: AWSShield

Provides details about the AWS Shield Advanced subscription for an account.

Specified by:

describeSubscription in interface AWSShield

Returns:

Result of the DescribeSubscription operation returned by the service.

See Also:

AWS API Documentation

disassociateDRTLogBucket

public DisassociateDRTLogBucketResult disassociateDRTLogBucket(DisassociateDRTLogBucketRequest request)

Description copied from interface: AWSShield

Removes the DDoS Response team's (DRT) access to the specified Amazon S3 bucket containing your flow logs.

To make a DisassociateDRTLogBucket request, you must be subscribed to the Business Support plan or the Enterprise Support plan. However, if you are not subscribed to one of these support plans, but had been previously and had granted the DRT access to your account, you can submit a DisassociateDRTLogBucket request to remove this access.

Specified by:

disassociateDRTLogBucket in interface AWSShield

Returns:

Result of the DisassociateDRTLogBucket operation returned by the service.

See Also:

AWS API Documentation

disassociateDRTRole

public DisassociateDRTRoleResult disassociateDRTRole(DisassociateDRTRoleRequest request)

Description copied from interface: AWSShield

Removes the DDoS Response team's (DRT) access to your AWS account.

To make a DisassociateDRTRole request, you must be subscribed to the Business Support plan or the Enterprise Support plan. However, if you are not subscribed to one of these support plans, but had been previously and had granted the DRT access to your account, you can submit a DisassociateDRTRole request to remove this access.

Specified by:

disassociateDRTRole in interface AWSShield

Returns:

Result of the DisassociateDRTRole operation returned by the service.

See Also:

AWS API Documentation

getSubscriptionState

public GetSubscriptionStateResult getSubscriptionState(GetSubscriptionStateRequest request)

Description copied from interface: AWSShield

Returns the SubscriptionState, either Active or Inactive.

Specified by:

getSubscriptionState in interface AWSShield

Returns:

Result of the GetSubscriptionState operation returned by the service.

See Also:

AWS API Documentation

listAttacks

public ListAttacksResult listAttacks(ListAttacksRequest request)

Description copied from interface: AWSShield

Returns all ongoing DDoS attacks or all DDoS attacks during a specified time period.

Specified by:

listAttacks in interface AWSShield

Returns:

Result of the ListAttacks operation returned by the service.

See Also:

AWS API Documentation

listProtections

public ListProtectionsResult listProtections(ListProtectionsRequest request)

Description copied from interface: AWSShield

Lists all Protection objects for the account.

Specified by:

listProtections in interface AWSShield

Returns:

Result of the ListProtections operation returned by the service.

See Also:

AWS API Documentation

updateEmergencyContactSettings

public UpdateEmergencyContactSettingsResult updateEmergencyContactSettings(UpdateEmergencyContactSettingsRequest request)

Description copied from interface: AWSShield

Updates the details of the list of email addresses that the DRT can use to contact you during a suspected attack.

Specified by:

updateEmergencyContactSettings in interface AWSShield

Returns:

Result of the UpdateEmergencyContactSettings operation returned by the service.

See Also:

AWS API Documentation

updateSubscription

public UpdateSubscriptionResult updateSubscription(UpdateSubscriptionRequest request)

Description copied from interface: AWSShield

Updates the details of an existing subscription. Only enter values for parameters you want to change. Empty parameters are not updated.

Specified by:

updateSubscription in interface AWSShield

Returns:

Result of the UpdateSubscription operation returned by the service.

See Also:

AWS API Documentation

shutdown

public void shutdown()

Description copied from interface: AWSShield

Shuts down this client object, releasing any resources that might be held open. This is an optional method, and callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client has been shutdown, it should not be used to make any more requests.

Specified by:

shutdown in interface AWSShield

getCachedResponseMetadata

public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request)

Description copied from interface: AWSShield

Returns additional metadata for a previously executed successful request, typically used for debugging issues where a service isn't acting as expected. This data isn't considered part of the result data returned by an operation, so it's available through this separate, diagnostic interface.

Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic information for an executed request, you should use this method to retrieve it as soon as possible after executing a request.

Specified by:

getCachedResponseMetadata in interface AWSShield

Parameters:

request - The originally executed request.

Returns:

The response metadata for the specified request, or null if none is available.