shield:AssociateDRTRole

Write

shield:AssociateDRTRole is a Write access-level action in the shield service. Grants permission to authorize the DDoS Response team using the specified role, to access your AWS account to assist with DDoS attack mitigation during potential attacks

Resource types

This action does not support resource-level permissions; use "Resource": "*" in your policy.

Condition keys

No condition keys are documented for this action.

Dependent actions

To use shield:AssociateDRTRole you may also need to grant:

Example IAM policy

A minimal policy that allows shield:AssociateDRTRole. Replace "Resource": "*" with a specific ARN to follow least privilege.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowShieldAssociateDRTRole",
      "Effect": "Allow",
      "Action": "shield:AssociateDRTRole",
      "Resource": "*"
    }
  ]
}

Related actions in shield

View all shield actions →