{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--aws-iot-securityprofile.json", "title": "AWSIoTSecurityProfileProperties", "description": "A security profile defines a set of expected behaviors for devices in your account.. Source:- ", "x-lintel": { "source": "https://raw.githubusercontent.com/lalcebo/json-schema/master/serverless/resources/cloudformation-modified/aws-iot-securityprofile.json", "sourceSha256": "c5083a9078873e4caafeabc2849e32ad873350b230923e7f7c617748538eef1f" }, "type": "object", "properties": { "SecurityProfileName": { "oneOf": [ { "type": "string", "pattern": "[a-zA-Z0-9:_-]+", "minLength": 1, "maxLength": 128 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "A unique identifier for the security profile." }, "SecurityProfileDescription": { "oneOf": [ { "type": "string", "maxLength": 1000 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "A description of the security profile." }, "Behaviors": { "description": "Specifies the behaviors that, when violated by a device (thing), cause an alert.", "type": "array", "maxLength": 100, "uniqueItems": true, "insertionOrder": false, "items": { "$ref": "#/$defs/Behavior" } }, "AlertTargets": { "description": "Specifies the destinations to which alerts are sent.", "type": "object", "additionalProperties": false, "patternProperties": { "[a-zA-Z0-9:_-]+": { "$ref": "#/$defs/AlertTarget" } } }, "AdditionalMetricsToRetainV2": { "description": "A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile's behaviors, but it is also retained for any metric specified here.", "type": "array", "uniqueItems": true, "insertionOrder": false, "items": { "$ref": "#/$defs/MetricToRetain" } }, "Tags": { "description": "Metadata that can be used to manage the security profile.", "type": "array", "maxItems": 50, "uniqueItems": true, "insertionOrder": false, "items": { "$ref": "#/$defs/Tag" } }, "TargetArns": { "description": "A set of target ARNs that the security profile is attached to.", "type": "array", "uniqueItems": true, "insertionOrder": false, "items": { "description": "The ARN of the target to which the security profile is attached.", "type": "string", "maxLength": 2048 } } }, "typeName": "AWS::IoT::SecurityProfile", "readOnlyProperties": [ "/properties/SecurityProfileArn" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-iot.git", "additionalProperties": false, "createOnlyProperties": [ "/properties/SecurityProfileName" ], "$defs": { "Behavior": { "description": "A security profile behavior.", "type": "object", "properties": { "Name": { "oneOf": [ { "type": "string", "pattern": "[a-zA-Z0-9:_-]+", "minLength": 1, "maxLength": 128 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "The name for the behavior." }, "Metric": { "oneOf": [ { "type": "string", "pattern": "[a-zA-Z0-9:_-]+", "minLength": 1, "maxLength": 128 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "What is measured by the behavior." }, "MetricDimension": { "$ref": "#/$defs/MetricDimension" }, "Criteria": { "$ref": "#/$defs/BehaviorCriteria" }, "SuppressAlerts": { "description": "Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification.", "type": "boolean" } }, "required": [ "Name" ], "title": "AWSIoTSecurityProfileBehaviorDefinition", "additionalProperties": false }, "MetricDimension": { "description": "The dimension of a metric.", "type": "object", "properties": { "DimensionName": { "oneOf": [ { "type": "string", "pattern": "[a-zA-Z0-9:_-]+", "minLength": 1, "maxLength": 128 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "A unique identifier for the dimension." }, "Operator": { "oneOf": [ { "type": "string", "enum": [ "IN", "NOT_IN" ] }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "Defines how the dimensionValues of a dimension are interpreted." } }, "required": [ "DimensionName" ], "title": "AWSIoTSecurityProfileMetricDimensionDefinition", "additionalProperties": false }, "BehaviorCriteria": { "description": "The criteria by which the behavior is determined to be normal.", "type": "object", "properties": { "ComparisonOperator": { "oneOf": [ { "type": "string", "enum": [ "less-than", "less-than-equals", "greater-than", "greater-than-equals", "in-cidr-set", "not-in-cidr-set", "in-port-set", "not-in-port-set", "in-set", "not-in-set" ] }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold)." }, "Value": { "$ref": "#/$defs/MetricValue" }, "DurationSeconds": { "type": "integer", "description": "Use this to specify the time duration over which the behavior is evaluated." }, "ConsecutiveDatapointsToAlarm": { "description": "If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.", "type": "integer", "minimum": 1, "maximum": 10 }, "ConsecutiveDatapointsToClear": { "description": "If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.", "type": "integer", "minimum": 1, "maximum": 10 }, "StatisticalThreshold": { "$ref": "#/$defs/StatisticalThreshold" }, "MlDetectionConfig": { "$ref": "#/$defs/MachineLearningDetectionConfig" } }, "title": "AWSIoTSecurityProfileBehaviorCriteriaDefinition", "additionalProperties": false }, "MetricValue": { "description": "The value to be compared with the metric.", "type": "object", "properties": { "Count": { "oneOf": [ { "type": "string", "minimum": 0 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric." }, "Cidrs": { "description": "If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric.", "type": "array", "uniqueItems": true, "insertionOrder": false, "items": { "type": "string" } }, "Ports": { "description": "If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric.", "type": "array", "uniqueItems": true, "insertionOrder": false, "items": { "type": "integer", "minimum": 0, "maximum": 65535 } }, "Number": { "description": "The numeral value of a metric.", "type": "number" }, "Numbers": { "description": "The numeral values of a metric.", "type": "array", "uniqueItems": true, "insertionOrder": false, "items": { "type": "number" } }, "Strings": { "description": "The string values of a metric.", "type": "array", "uniqueItems": true, "insertionOrder": false, "items": { "type": "string" } } }, "title": "AWSIoTSecurityProfileMetricValueDefinition", "additionalProperties": false }, "StatisticalThreshold": { "description": "A statistical ranking (percentile) which indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.", "type": "object", "properties": { "Statistic": { "oneOf": [ { "type": "string", "enum": [ "Average", "p0", "p0.1", "p0.01", "p1", "p10", "p50", "p90", "p99", "p99.9", "p99.99", "p100" ] }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "The percentile which resolves to a threshold value by which compliance with a behavior is determined" } }, "title": "AWSIoTSecurityProfileStatisticalThresholdDefinition", "additionalProperties": false }, "MachineLearningDetectionConfig": { "description": "The configuration of an ML Detect Security Profile.", "type": "object", "properties": { "ConfidenceLevel": { "oneOf": [ { "type": "string", "enum": [ "LOW", "MEDIUM", "HIGH" ] }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High." } }, "title": "AWSIoTSecurityProfileMachineLearningDetectionConfigDefinition", "additionalProperties": false }, "AlertTarget": { "description": "A structure containing the alert target ARN and the role ARN.", "type": "object", "properties": { "AlertTargetArn": { "oneOf": [ { "type": "string", "maxLength": 2048 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "The ARN of the notification target to which alerts are sent." }, "RoleArn": { "oneOf": [ { "type": "string", "minLength": 20, "maxLength": 2048 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "The ARN of the role that grants permission to send alerts to the notification target." } }, "required": [ "AlertTargetArn", "RoleArn" ], "title": "AWSIoTSecurityProfileAlertTargetDefinition", "additionalProperties": false }, "MetricToRetain": { "description": "The metric you want to retain. Dimensions are optional.", "type": "object", "properties": { "Metric": { "oneOf": [ { "type": "string", "pattern": "[a-zA-Z0-9:_-]+", "minLength": 1, "maxLength": 128 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "What is measured by the behavior." }, "MetricDimension": { "$ref": "#/$defs/MetricDimension" } }, "required": [ "Metric" ], "title": "AWSIoTSecurityProfileMetricToRetainDefinition", "additionalProperties": false }, "Tag": { "description": "A key-value pair to associate with a resource.", "type": "object", "properties": { "Key": { "oneOf": [ { "type": "string", "minLength": 1, "maxLength": 128 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "The tag's key." }, "Value": { "oneOf": [ { "type": "string", "minLength": 1, "maxLength": 256 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "The tag's value." } }, "required": [ "Value", "Key" ], "title": "AWSIoTSecurityProfileTagDefinition", "additionalProperties": false } }, "primaryIdentifier": [ "/properties/SecurityProfileName" ], "required": [] }