IoT / Client / update_mitigation_action

update_mitigation_action#

IoT.Client.update_mitigation_action(**kwargs)#

Updates the definition for the specified mitigation action.

Requires permission to access the UpdateMitigationAction action.

See also: AWS API Documentation

Request Syntax

response = client.update_mitigation_action(
    actionName='string',
    roleArn='string',
    actionParams={
        'updateDeviceCertificateParams': {
            'action': 'DEACTIVATE'
        },
        'updateCACertificateParams': {
            'action': 'DEACTIVATE'
        },
        'addThingsToThingGroupParams': {
            'thingGroupNames': [
                'string',
            ],
            'overrideDynamicGroups': True|False
        },
        'replaceDefaultPolicyVersionParams': {
            'templateName': 'BLANK_POLICY'
        },
        'enableIoTLoggingParams': {
            'roleArnForLogging': 'string',
            'logLevel': 'DEBUG'|'INFO'|'ERROR'|'WARN'|'DISABLED'
        },
        'publishFindingToSnsParams': {
            'topicArn': 'string'
        }
    }
)
Parameters:
  • actionName (string) –

    [REQUIRED]

    The friendly name for the mitigation action. You cannot change the name by using UpdateMitigationAction. Instead, you must delete and recreate the mitigation action with the new name.

  • roleArn (string) – The ARN of the IAM role that is used to apply the mitigation action.

  • actionParams (dict) –

    Defines the type of action and the parameters for that action.

    • updateDeviceCertificateParams (dict) –

      Parameters to define a mitigation action that changes the state of the device certificate to inactive.

      • action (string) – [REQUIRED]

        The action that you want to apply to the device certificate. The only supported value is DEACTIVATE.

    • updateCACertificateParams (dict) –

      Parameters to define a mitigation action that changes the state of the CA certificate to inactive.

      • action (string) – [REQUIRED]

        The action that you want to apply to the CA certificate. The only supported value is DEACTIVATE.

    • addThingsToThingGroupParams (dict) –

      Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine.

      • thingGroupNames (list) – [REQUIRED]

        The list of groups to which you want to add the things that triggered the mitigation action. You can add a thing to a maximum of 10 groups, but you can’t add a thing to more than one group in the same hierarchy.

        • (string) –

      • overrideDynamicGroups (boolean) –

        Specifies if this mitigation action can move the things that triggered the mitigation action even if they are part of one or more dynamic thing groups.

    • replaceDefaultPolicyVersionParams (dict) –

      Parameters to define a mitigation action that adds a blank policy to restrict permissions.

      • templateName (string) – [REQUIRED]

        The name of the template to be applied. The only supported value is BLANK_POLICY.

    • enableIoTLoggingParams (dict) –

      Parameters to define a mitigation action that enables Amazon Web Services IoT Core logging at a specified level of detail.

      • roleArnForLogging (string) – [REQUIRED]

        The Amazon Resource Name (ARN) of the IAM role used for logging.

      • logLevel (string) – [REQUIRED]

        Specifies the type of information to be logged.

    • publishFindingToSnsParams (dict) –

      Parameters to define a mitigation action that publishes findings to Amazon Simple Notification Service (Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages.

      • topicArn (string) – [REQUIRED]

        The ARN of the topic to which you want to publish the findings.

Return type:

dict

Returns:

Response Syntax

{
    'actionArn': 'string',
    'actionId': 'string'
}

Response Structure

  • (dict) –

    • actionArn (string) –

      The ARN for the new mitigation action.

    • actionId (string) –

      A unique identifier for the mitigation action.

Exceptions