AWS CLI Command Reference

[ aws . iot ]

update-mitigation-action

Description

Updates the definition for the specified mitigation action.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  update-mitigation-action
--action-name <value>
[--role-arn <value>]
[--action-params <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--cli-auto-prompt <value>]

Options

--action-name (string)

The friendly name for the mitigation action. You can’t change the name by using UpdateMitigationAction . Instead, you must delete and re-create the mitigation action with the new name.

--role-arn (string)

The ARN of the IAM role that is used to apply the mitigation action.

--action-params (structure)

Defines the type of action and the parameters for that action.

updateDeviceCertificateParams -> (structure)

Parameters to define a mitigation action that changes the state of the device certificate to inactive.

action -> (string)

The action that you want to apply to the device cerrtificate. The only supported value is DEACTIVATE .

updateCACertificateParams -> (structure)

Parameters to define a mitigation action that changes the state of the CA certificate to inactive.

action -> (string)

The action that you want to apply to the CA cerrtificate. The only supported value is DEACTIVATE .

addThingsToThingGroupParams -> (structure)

Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine.

thingGroupNames -> (list)

The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you cannot add a thing to more than one group in the same hierarchy.

(string)

overrideDynamicGroups -> (boolean)

Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic things groups.

replaceDefaultPolicyVersionParams -> (structure)

Parameters to define a mitigation action that adds a blank policy to restrict permissions.

templateName -> (string)

The name of the template to be applied. The only supported value is BLANK_POLICY .

enableIoTLoggingParams -> (structure)

Parameters to define a mitigation action that enables AWS IoT logging at a specified level of detail.

roleArnForLogging -> (string)

The ARN of the IAM role used for logging.

logLevel -> (string)

Specifies the types of information to be logged.

publishFindingToSnsParams -> (structure)

Parameters to define a mitigation action that publishes findings to Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages.

topicArn -> (string)

The ARN of the topic to which you want to publish the findings.

Shorthand Syntax:

updateDeviceCertificateParams={action=string},updateCACertificateParams={action=string},addThingsToThingGroupParams={thingGroupNames=[string,string],overrideDynamicGroups=boolean},replaceDefaultPolicyVersionParams={templateName=string},enableIoTLoggingParams={roleArnForLogging=string,logLevel=string},publishFindingToSnsParams={topicArn=string}

JSON Syntax:

{
  "updateDeviceCertificateParams": {
    "action": "DEACTIVATE"
  },
  "updateCACertificateParams": {
    "action": "DEACTIVATE"
  },
  "addThingsToThingGroupParams": {
    "thingGroupNames": ["string", ...],
    "overrideDynamicGroups": true|false
  },
  "replaceDefaultPolicyVersionParams": {
    "templateName": "BLANK_POLICY"
  },
  "enableIoTLoggingParams": {
    "roleArnForLogging": "string",
    "logLevel": "DEBUG"|"INFO"|"ERROR"|"WARN"|"DISABLED"
  },
  "publishFindingToSnsParams": {
    "topicArn": "string"
  }
}

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

--cli-auto-prompt (boolean) Automatically prompt for CLI input parameters.

See ‘aws help’ for descriptions of global parameters.

Examples

To update a mitigation action

The following update-mitigation-action example updates the specified mitigation action named AddThingsToQuarantineGroupAction, changes the thing group name, and sets overrideDynamicGroups to false. You can verify your changes by using the describe-mitigation-action command.

aws iot update-mitigation-action \
    --cli-input-json "{ \"actionName\": \"AddThingsToQuarantineGroupAction\", \"actionParams\": { \"addThingsToThingGroupParams\": {\"thingGroupNames\":[\"QuarantineGroup2\"],\"overrideDynamicGroups\": false}}}"

Output:

{
    "actionArn": "arn:aws:iot:us-west-2:123456789012:mitigationaction/AddThingsToQuarantineGroupAction",
    "actionId": "2fd2726d-98e1-4abf-b10f-09465ccd6bfa"
}

For more information, see UpdateMitigationAction (Mitigation Action Commands) in the AWS IoT Developer Guide.

Output

actionArn -> (string)

The ARN for the new mitigation action.

actionId -> (string)

A unique identifier for the mitigation action.

© Copyright 2018, Amazon Web Services. Created using Sphinx.