📌  相关文章
📜  amazon shield (1)

📅  最后修改于: 2023-12-03 15:29:19.734000             🧑  作者: Mango

Amazon Shield

Amazon Shield is a cloud-based Distributed Denial of Service (DDoS) protection service that safeguards web applications running on AWS from volumetric attacks or flooding attacks. It is designed to protect web applications from common DDoS attacks like SYN floods, UDP floods, DNS amplification, and HTTP GET floods.

Features
  • Automatic protection: Amazon Shield provides automatic protection against DDoS attacks. It automatically detects and mitigates DDoS attacks targeting your application, without any intervention required from your side.
  • Cost-effective: Amazon Shield is a cost-effective solution that eliminates the need for separate DDoS protection services, providing full protection at no extra cost.
  • Customizable protection: Amazon Shield allows you to customize DDoS protection settings for each application or resource. This allows you to set protection thresholds, adjust rules, and monitor traffic patterns.
  • AWS integration: Amazon Shield is fully integrated with AWS, providing seamless integration with other AWS services like Amazon CloudFront, Amazon Route 53, and AWS Shield Advanced.
Benefits
  • Provides automatic and cost-effective protection against DDoS attacks
  • Eliminates the need for separate DDoS protection services
  • Customizable protection settings for each application or resource
  • Seamlessly integrates with other AWS services
  • Provides 24/7 technical support
Code Example
# Amazon Shield protection
aws shield create-protection --name my-protection --resource-arn arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188

# Custom protection settings
aws shield update-protection --name my-protection --details "{ \"DDoSProtectionPolicy\": \"VIP\" }"

Above is an example of how Amazon Shield can be used to protect a web application running on an Elastic Load Balancer. The Amazon Shield CLI is used to create and update the protection settings for the application.

Conclusion

Amazon Shield is a powerful and cost-effective DDoS protection service that provides automatic protection, customizable protection settings, and seamless integration with other AWS services. It is a valuable addition to any web application running on AWS, providing 24/7 protection against DDoS attacks.