AWS Shield Advanced now supports proactive response to events

Posted on: Jun 9, 2020

AWS Shield Advanced now allows proactive engagement from the DDoS Response Team (DRT) when a DDoS event is detected. When you turn on proactive engagement, the DRT will directly contact you if an Amazon Route 53 health check associated with your protected resource becomes unhealthy during an event that's detected by Shield Advanced. This allows you to engage with experts more quickly when the availability of your application might be affected by a suspected attack. You can receive proactive engagement for network-layer and transport-layer events on Elastic IP addresses and Global Accelerator accelerators, and for web request floods on CloudFront distributions and Application Load Balancers.

To use proactive engagement, first configure Shield Advanced health-based detection for a resource that you want the DRT to monitor. You can then enable proactive engagement in the Shield console, and specify up to ten contacts for DRT to contact during a detected event that correlates with an unhealthy protected resource. You must be subscribed to the Business Support plan or the Enterprise Support plan to use proactive engagement.

Proactive engagement is available in all AWS regions where Shield Advanced is available and can be enabled at no additional cost. For more information on proactive engagement, or Shield Advanced Health-Based Detection, see the Shield Advanced Developer guide.