Gets information about a Device Defender ML Detect mitigation action.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
describe-detect-mitigation-actions-task
--task-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--task-id
(string)
The unique identifier of the task.
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
taskSummary -> (structure)
The description of a task.
taskId -> (string)
The unique identifier of the task.
taskStatus -> (string)
The status of the task.
taskStartTime -> (timestamp)
The date the task started.
taskEndTime -> (timestamp)
The date the task ended.
target -> (structure)
Specifies the ML Detect findings to which the mitigation actions are applied.
violationIds -> (list)
The unique identifiers of the violations.
(string)
securityProfileName -> (string)
The name of the security profile.
behaviorName -> (string)
The name of the behavior.
violationEventOccurrenceRange -> (structure)
Specifies the time period of which violation events occurred between.
startTime -> (timestamp)
The start date and time of a time period in which violation events occurred.
endTime -> (timestamp)
The end date and time of a time period in which violation events occurred.
onlyActiveViolationsIncluded -> (boolean)
Includes only active violations.
suppressedAlertsIncluded -> (boolean)
Includes suppressed alerts.
actionsDefinition -> (list)
The definition of the actions.
(structure)
Describes which changes should be applied as part of a mitigation action.
name -> (string)
A user-friendly name for the mitigation action.
id -> (string)
A unique identifier for the mitigation action.
roleArn -> (string)
The IAM role ARN used to apply this mitigation action.
actionParams -> (structure)
The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.
updateDeviceCertificateParams -> (structure)
Parameters to define a mitigation action that changes the state of the device certificate to inactive.
action -> (string)
The action that you want to apply to the device certificate. The only supported value is
DEACTIVATE
.updateCACertificateParams -> (structure)
Parameters to define a mitigation action that changes the state of the CA certificate to inactive.
action -> (string)
The action that you want to apply to the CA certificate. The only supported value is
DEACTIVATE
.addThingsToThingGroupParams -> (structure)
Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine.
thingGroupNames -> (list)
The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can’t add a thing to more than one group in the same hierarchy.
(string)
overrideDynamicGroups -> (boolean)
Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.
replaceDefaultPolicyVersionParams -> (structure)
Parameters to define a mitigation action that adds a blank policy to restrict permissions.
templateName -> (string)
The name of the template to be applied. The only supported value is
BLANK_POLICY
.enableIoTLoggingParams -> (structure)
Parameters to define a mitigation action that enables AWS IoT logging at a specified level of detail.
roleArnForLogging -> (string)
The Amazon Resource Name (ARN) of the IAM role used for logging.
logLevel -> (string)
Specifies the type of information to be logged.
publishFindingToSnsParams -> (structure)
Parameters to define a mitigation action that publishes findings to Amazon Simple Notification Service (Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages.
topicArn -> (string)
The ARN of the topic to which you want to publish the findings.
taskStatistics -> (structure)
The statistics of a mitigation action task.
actionsExecuted -> (long)
The actions that were performed.
actionsSkipped -> (long)
The actions that were skipped.
actionsFailed -> (long)
The actions that failed.