How can I simulate a DDoS attack to test Shield Advanced?

Last updated: 2022-08-26

I want to run a simulation of a Distributed Denial of Service (DDoS) attack to test the responsiveness of AWS Shield Advanced. How can I do this?

Short description

AWS Shield Advanced helps you protect your application against DDoS attacks. DDoS attacks occur when attackers use a flood of traffic from multiple sources to attempt to impact the availability of a targeted application. Shield Advanced provides enhanced visibility into DDoS events and attacks. For more information, see Visibility into DDoS events.

You can test the responsiveness of AWS Shield Advanced with:

  • A simulated DDoS attack in production traffic with an authorized pre-approved AWS Partner Network (APN) Partner.
  • A simulated DDoS attack using the DDoSDetected metric value set to 1 with the Shield Response Team (SRT).

Resolution

DDoS simulation testing with an AWS Partner Network Partner

AWS DDoS Test Partners are authorized to conduct DDoS simulation test on your behalf without prior approval from AWS. You must agree to the Terms and Conditions for DDoS simulation tests. Your application must be well-architected prior to DDoS simulation testing as described in the AWS Best Practices for DDoS Resiliency whitepaper.

Note: Don't perform a DDoS simulation without an approved partner.

For more information and to get started, see DDoS Simulation Testing Policy.

DDoS simulation testing with the Shield Response Team

Shield Advanced provides added support with the Shield Response Team that specializes in testing the DDoS response workflow. You can contact the Shield Response Team to request assistance with running a DDoS simulation. The Shield Response Team will create a simulated DDoS attack and trigger the DDoSDetected metric value to 1 during a specific time period.

Before contacting the Shield Response Team to request assistance with running a DDoS simulation, make sure that you have:

Note: The Shield Response Team won't contact you during DDoS simulation testing to report an attack.