Open in app

Sign in

Write

Sign in

DDoS detection and mitigation protection using AWS Shield?

Kubernetes Advocate
AVM Consulting Blog
Published in
3 min readAug 2, 2021

AWS Shield Standard tier, which provides basic DDoS protection, is automatically enabled for all AWS customers at no additional charge, however, the AWS Shield Advanced, the service that provides advanced DDoS protection, is a paid solution. To determine if AWS Shield Advanced plan is enabled within your AWS account, perform the following:

We can do it by using AWS Console

01. Sign in to the AWS Management Console.

02. Navigate to AWS WAF and AWS Shield home page at https://console.aws.amazon.com/waf/.

03Click Go to AWS Shield to access the service dashboard. If you are being redirected to the AWS Shield subscription page where the Status value for the AWS Shield Advanced, the plan is set to “Not activated”:

Steps to Activate Shield service in AWS

To enable AWS Shield Advanced tier for your AWS account in order to benefit from advanced DDoS detection and mitigation protection for the network layer, transport layer, and application-layer attacks, you need to perform the following actions:

AWS Shield

We can perform operations by using AWS CLI

01. Run create-subscription command (OSX/Linux/UNIX) to activate AWS Shield Advanced plan subscription for your AWS account (the command does not produce an output):

aws shield create-subscription

02. Now execute the create-protection command (OSX/Linux/UNIX) using the Amazon Resource Name (ARN) of the AWS resource that you want to protect against DDoS attacks as a parameter to enable the AWS Shield Advanced for the selected AWS resource — the resource can be an AWS CloudFront CDN distribution, an AWS ELB load balancer or an AWS Route 53 hosted zone. The following command example enables advanced DDoS protection for a Cloudfront web distribution identified by the ARN arn:aws:cloudfront::123456789012:distribution/CDOXVBD32B7DS:

aws shield create-protection
	--name ddos-protected-cloudfront-web-distribution
	--resource-arn arn:aws:cloudfront::123456789012:distribution/CDOXVBD32B7DS

03. The command output should return the unique identifier (ID) of the Protection Object, created for the selected AWS resource (i.e. Amazon Cloudfront CDN distribution):

{
    "ProtectionId": "dab5d8bb-38du-ba2a-397d-fde38f134725"
}

👋 Join us today !!

️Follow us on LinkedIn, Twitter, Facebook, and Instagram

https://avmconsulting.net/

If this post was helpful, please click the clap 👏 button below a few times to show your support! ⬇

Security
Cybersecurity
AWS
Startup
Tech

--

--

Kubernetes Advocate
AVM Consulting Blog

Written by Kubernetes Advocate

3.8K Followers
Editor for

Vineet Sharma-Founder and CEO of Kubernetes Advocate Tech author, cloud-native architect, and startup advisor.https://in.linkedin.com/in/vineet-sharma-0164

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams