[ aws . iot ]

describe-detect-mitigation-actions-task

Description

Gets information about a Device Defender ML Detect mitigation action.

Requires permission to access the DescribeDetectMitigationActionsTask action.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  describe-detect-mitigation-actions-task
--task-id <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--task-id (string)

The unique identifier of the task.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Output

taskSummary -> (structure)

The description of a task.

taskId -> (string)

The unique identifier of the task.

taskStatus -> (string)

The status of the task.

taskStartTime -> (timestamp)

The date the task started.

taskEndTime -> (timestamp)

The date the task ended.

target -> (structure)

Specifies the ML Detect findings to which the mitigation actions are applied.

violationIds -> (list)

The unique identifiers of the violations.

(string)

securityProfileName -> (string)

The name of the security profile.

behaviorName -> (string)

The name of the behavior.

violationEventOccurrenceRange -> (structure)

Specifies the time period of which violation events occurred between.

startTime -> (timestamp)

The start date and time of a time period in which violation events occurred.

endTime -> (timestamp)

The end date and time of a time period in which violation events occurred.

onlyActiveViolationsIncluded -> (boolean)

Includes only active violations.

suppressedAlertsIncluded -> (boolean)

Includes suppressed alerts.

actionsDefinition -> (list)

The definition of the actions.

(structure)

Describes which changes should be applied as part of a mitigation action.

name -> (string)

A user-friendly name for the mitigation action.

id -> (string)

A unique identifier for the mitigation action.

roleArn -> (string)

The IAM role ARN used to apply this mitigation action.

actionParams -> (structure)

The set of parameters for this mitigation action. The parameters vary, depending on the kind of action you apply.

updateDeviceCertificateParams -> (structure)

Parameters to define a mitigation action that changes the state of the device certificate to inactive.

action -> (string)

The action that you want to apply to the device certificate. The only supported value is DEACTIVATE .

updateCACertificateParams -> (structure)

Parameters to define a mitigation action that changes the state of the CA certificate to inactive.

action -> (string)

The action that you want to apply to the CA certificate. The only supported value is DEACTIVATE .

addThingsToThingGroupParams -> (structure)

Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine.

thingGroupNames -> (list)

The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can’t add a thing to more than one group in the same hierarchy.

(string)

overrideDynamicGroups -> (boolean)

Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.

replaceDefaultPolicyVersionParams -> (structure)

Parameters to define a mitigation action that adds a blank policy to restrict permissions.

templateName -> (string)

The name of the template to be applied. The only supported value is BLANK_POLICY .

enableIoTLoggingParams -> (structure)

Parameters to define a mitigation action that enables Amazon Web Services IoT Core logging at a specified level of detail.

roleArnForLogging -> (string)

The Amazon Resource Name (ARN) of the IAM role used for logging.

logLevel -> (string)

Specifies the type of information to be logged.

publishFindingToSnsParams -> (structure)

Parameters to define a mitigation action that publishes findings to Amazon Simple Notification Service (Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages.

topicArn -> (string)

The ARN of the topic to which you want to publish the findings.

taskStatistics -> (structure)

The statistics of a mitigation action task.

actionsExecuted -> (long)

The actions that were performed.

actionsSkipped -> (long)

The actions that were skipped.

actionsFailed -> (long)

The actions that failed.