StartDetectMitigationActionsTask
Starts a Device Defender ML Detect mitigation actions task.
Requires permission to access the StartDetectMitigationActionsTask action.
Request Syntax
PUT /detect/mitigationactions/tasks/taskId
HTTP/1.1
Content-type: application/json
{
"actions": [ "string
" ],
"clientRequestToken": "string
",
"includeOnlyActiveViolations": boolean
,
"includeSuppressedAlerts": boolean
,
"target": {
"behaviorName": "string
",
"securityProfileName": "string
",
"violationIds": [ "string
" ]
},
"violationEventOccurrenceRange": {
"endTime": number
,
"startTime": number
}
}
URI Request Parameters
The request uses the following URI parameters.
- taskId
-
The unique identifier of the task.
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[a-zA-Z0-9_-]+
Required: Yes
Request Body
The request accepts the following data in JSON format.
- actions
-
The actions to be performed when a device has unexpected behavior.
Type: Array of strings
Array Members: Minimum number of 1 item. Maximum number of 5 items.
Length Constraints: Maximum length of 128.
Pattern:
[a-zA-Z0-9_-]+
Required: Yes
- clientRequestToken
-
Each mitigation action task must have a unique client request token. If you try to create a new task with the same token as a task that already exists, an exception occurs. If you omit this value, AWS SDKs will automatically generate a unique client request.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
^[a-zA-Z0-9-_]+$
Required: Yes
- includeOnlyActiveViolations
-
Specifies to list only active violations.
Type: Boolean
Required: No
- includeSuppressedAlerts
-
Specifies to include suppressed alerts.
Type: Boolean
Required: No
- target
-
Specifies the ML Detect findings to which the mitigation actions are applied.
Type: DetectMitigationActionsTaskTarget object
Required: Yes
- violationEventOccurrenceRange
-
Specifies the time period of which violation events occurred between.
Type: ViolationEventOccurrenceRange object
Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"taskId": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- taskId
-
The unique identifier of the task.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[a-zA-Z0-9_-]+
Errors
- InternalFailureException
-
An unexpected error has occurred.
HTTP Status Code: 500
- InvalidRequestException
-
The request is not valid.
HTTP Status Code: 400
- LimitExceededException
-
A limit has been exceeded.
HTTP Status Code: 410
- TaskAlreadyExistsException
-
This exception occurs if you attempt to start a task with the same task-id as an existing task but with a different clientRequestToken.
HTTP Status Code: 400
- ThrottlingException
-
The rate exceeds the limit.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: