shield:DescribeDRTAccess

Read

shield:DescribeDRTAccess is a Read access-level action in the shield service. Grants permission to describe the current role and list of Amazon S3 log buckets used by the DDoS Response team to access your AWS account while assisting with attack mitigation

Resource types

This action does not support resource-level permissions; use "Resource": "*" in your policy.

Condition keys

No condition keys are documented for this action.

Example IAM policy

A minimal policy that allows shield:DescribeDRTAccess. Replace "Resource": "*" with a specific ARN to follow least privilege.

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowShieldDescribeDRTAccess",
      "Effect": "Allow",
      "Action": "shield:DescribeDRTAccess",
      "Resource": "*"
    }
  ]
}

Related actions in shield

View all shield actions →