Configuring health-based detection for your protections with Shield Advanced and Route 53

This page provides instructions for configuring Shield Advanced to use health-based detection. This can help improve responsiveness and accuracy in attack detection and mitigation.

Well-configured health checks are essential for accurate detection of events. You can configure health-based detection for any resource type except for Route 53 hosted zones.

To use health-based detection, define a health check for your resource in Route 53, and then associate the health check with your Shield Advanced protection. It's important that the health check that you configure accurately reflect the health of the resource. For information and examples for configuring health checks to use with Shield Advanced, see Health-based detection using health checks with Shield Advanced and Route 53.

Health checks are required for Shield Response Team (SRT) proactive engagement support. For information about proactive engagement, see Setting up proactive engagement for the SRT to contact you directly.

Note

Health checks must be reporting healthy when you associate them with your Shield Advanced protections.

To configure health-based detection

Under Associated Health Check, choose the ID of the health check that you want to associate with the protection.

Note
If you do not see the health check you need, go to the Route 53 console and verify the health check and its ID. For information, see Creating and Updating Health Checks.
Choose Next. The console wizard advances to the alarms and notifications page.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Configuring application layer protections

Configuring alarms and notifications