AWS::IoT::SecurityProfile - Amazon CloudFormation
SyntaxPropertiesReturn valuesExamples
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::IoT::SecurityProfile

Use the AWS::IoT::SecurityProfile resource to create a Device Defender security profile. For API reference, see CreateSecurityProfile and for general information, see Detect.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::IoT::SecurityProfile",
  "Properties" : {
      "AdditionalMetricsToRetainV2" : [ MetricToRetain, ... ],
      "AlertTargets" : {Key: Value, ...},
      "Behaviors" : [ Behavior, ... ],
      "SecurityProfileDescription" : String,
      "SecurityProfileName" : String,
      "Tags" : [ Tag, ... ],
      "TargetArns" : [ String, ... ]
    }
}

YAML

Type: AWS::IoT::SecurityProfile
Properties: 
  AdditionalMetricsToRetainV2: 
    - MetricToRetain
  AlertTargets: 
    Key: Value
  Behaviors: 
    - Behavior
  SecurityProfileDescription: String
  SecurityProfileName: String
  Tags: 
    - Tag
  TargetArns: 
    - String

Properties

AdditionalMetricsToRetainV2

A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it's also retained for any metric specified here. Can be used with custom metrics; can't be used with dimensions.

Required: No

Type: List of MetricToRetain

Update requires: No interruption

AlertTargets

Specifies the destinations to which alerts are sent. (Alerts are always sent to the console.) Alerts are generated when a device (thing) violates a behavior.

Required: No

Type: Map of AlertTarget

Update requires: No interruption

Behaviors

Specifies the behaviors that, when violated by a device (thing), cause an alert.

Required: No

Type: List of Behavior

Update requires: No interruption

SecurityProfileDescription

A description of the security profile.

Required: No

Type: String

Update requires: No interruption

SecurityProfileName

The name you gave to the security profile.

Required: No

Type: String

Update requires: Replacement

Tags

Metadata that can be used to manage the security profile.

Required: No

Type: List of Tag

Update requires: No interruption

TargetArns

The ARN of the target (thing group) to which the security profile is attached.

Required: No

Type: List of String

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Reffunction, Refreturns the security profile name.

Fn::GetAtt

The Fn::GetAttintrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAttintrinsic function, see Fn::GetAtt.

SecurityProfileArn

The Amazon Resource Name (ARN) of the security profile.

Examples

JSON

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "Amazon Web Services IoT SecurityProfile Sample Template",
  "Resources": {
    "MySecurityProfile": {
      "Type": "AWS::IoT::SecurityProfile",
      "Properties": {
        "AdditionalMetricsToRetainV2": [
          {
            "Metric": "aws:num-messages-received"
          },
          {
            "Metric": "aws:num-disconnects"
          }
        ],
        "AlertTargets": {
          "SNS": {
            "AlertTargetArn": "arn:aws:sns:us-east-1:123456789012:DeviceDefenderDetectAlerts",
            "RoleArn": "arn:aws:iam::123456789012:role/RoleForDefenderAlerts"
          }
        },
        "Behaviors": [
          {
            "Name": "MaxMessageSize",
            "Metric": "aws:message-byte-size",
            "Criteria": {
              "ConsecutiveDatapointsToAlarm": 1,
              "ConsecutiveDatapointsToClear": 1,
              "ComparisonOperator": "less-than-equals",
              "Value": {
                "Count": 5
              }
            }
          },
          {
            "Name": "OutboundMessageCount",
            "Metric": "aws:num-messages-sent",
            "Criteria": {
              "DurationSeconds": 300,
              "ComparisonOperator": "less-than-equals",
              "Value": {
                "Count": 50
              }
            }
          },
          {
            "Name": "AuthFailuresStatThreshold",
            "Metric": "aws:num-authorization-failures",
            "Criteria": {
              "ComparisonOperator": "less-than-equals",
              "DurationSeconds": 300,
              "StatisticalThreshold": {
                "Statistic": "p90"
              }
            }
          }
        ],
        "SecurityProfileDescription": "Contains expected behaviors for connected devices",
        "SecurityProfileName": "ProfileForConnectedDevices",
        "Tags": [
          {
            "Key": "Application",
            "Value": "SmartHome"
          }
        ],
        "TargetArns": [
          "arn:aws:iot:us-east-1:123456789012:all/things"
        ]
      }
    }
  }
}

YAML

AWSTemplateFormatVersion: 2010-09-09
Description: Amazon Web Services IoT SecurityProfile Sample Template
Resources:
  MySecurityProfile:
    Type: 'AWS::IoT::SecurityProfile'
    Properties:
      AdditionalMetricsToRetainV2:
        - Metric: 'aws:num-messages-received'
        - Metric: 'aws:num-disconnects'
      AlertTargets:
        SNS:
          AlertTargetArn: 'arn:aws:sns:us-east-1:123456789012:DeviceDefenderDetectAlerts'
          RoleArn: 'arn:aws:iam::123456789012:role/RoleForDefenderAlerts'
      Behaviors:
        - Name: MaxMessageSize
          Metric: 'aws:message-byte-size'
          Criteria:
            ConsecutiveDatapointsToAlarm: 1
            ConsecutiveDatapointsToClear: 1
            ComparisonOperator: less-than-equals
            Value:
              Count: 5
        - Name: OutboundMessageCount
          Metric: 'aws:num-messages-sent'
          Criteria:
            DurationSeconds: 300
            ComparisonOperator: less-than-equals
            Value:
              Count: 50
        - Name: AuthFailuresStatThreshold
          Metric: 'aws:num-authorization-failures'
          Criteria:
            ComparisonOperator: less-than-equals
            DurationSeconds: 300
            StatisticalThreshold:
              Statistic: p90
      SecurityProfileDescription: Contains expected behaviors for connected devices
      SecurityProfileName: ProfileForConnectedDevices
      Tags:
        - Key: Application
          Value: SmartHome
      TargetArns:
        - 'arn:aws:iot:us-east-1:123456789012:all/things'