AWS EC2
LAST UPDATED: 05/14/2024
Overview
Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides secure, resizable compute capacity in the cloud. Integration with AWS EC2 covers the major operations such as Get EC2 Instance Details, Get Network ACL Details, Take Snapshot, Add Tag, Create Auto Scaling Group, etc.
D3 SOAR is providing REST operations to function with AWS EC2.
For example, you can use AWS EC2 for data integration, data transformation, and data mining purposes, with the capability to scale up the capacity vertically according to your needs.
AWS EC2 is available for use in:
Known Limitations
When you created your AWS account, Amazon set default quotas (also referred to as limits) on resources based on your region. You can view your current limit information in the Amazon EC2 console for resources provided by Amazon EC2 and Amazon VPC, on a per-Region basis.
If you exceed an API throttling limit, you will receive the RequestLimitExceeded error code.
Please refer to Amazon EC2 Service Quotas and View Your Current Limits for more detailed information.
Connection
To connect to AWS EC2 from D3 SOAR, please follow this part to collect the required information below:
Parameter | Description | Example |
Region Name | The AWS region name. The default value is US East (N.Virginia): us-east-1. | US East (N. Virginia) |
Access Key | The access key for authentication. Please check the Policy Permission for this access key in the AWS Management Console, and ensure that this access key has granted permissions to run all commands in EC2 integration below: Add Tags To EC2 Instances(CreateTags), Block Ips By Vpc Acl(CreateNetworkAclEntry), Create Auto Scaling Group With EC2 Instance(CreateAutoScalingGroup), Get EC2 Instance Details(DescribeInstances), Get Network ACL Details(DescribeNetworkAcls), Get Security Group Details(DescribeSecurityGroups), Quarantine EC2 Instances(ModifyNetworkInterfaceAttribute), Take Snapshot On Volumes(CreateSnapshot), Test Connection(DescribeAccountAttributes), Update Auto Scaling Group(PutScheduledUpdateGroupAction). | AKIAxxxxxxxxxxxx4CYL |
Secret Key | The secret key used for authentication. | Xdwchs****E8vjHyIx9x****6iPuWdX****DXSdH |
Permission Requirements
Each endpoint in the AWS EC2 API requires a certain permission scope. The following are required scopes for the commands in this integration:
Command | Policy | |
Service | Access level (Actions) | |
Add Tags To EC2 Instances | EC2 | CreateTags |
Block Ips By Vpc Acl | EC2 | CreateNetworkAclEntry |
Create Auto Scaling Group With Ec2 Instance | EC2 | CreateAutoScalingGroup |
Get EC2 Instance Details | EC2 | DescribeInstances |
Get Network ACL Details | EC2 | DescribeNetworkAcls |
Get Security Group Details | EC2 | DescribeSecurityGroups |
Quarantine EC2 Instances | EC2 | ModifyNetworkInterfaceAttribute |
Take Snapshot On Volumes | EC2 | CreateSnapshot |
Update Auto Scaling Group | EC2 Auto Scaling | PutScheduledUpdateGroupAction |
Test Connection | EC2 | DescribeAccountAttributes |
Configuring AWS EC2 to Work with D3 SOAR
If your login user is ready to use (no policy configuration needed), please follow the steps below to obtain your Access Key and Secret Key.
If you would like to configure an account with limited API access, after you login to the AWS console, please follow Create Policy > Create User > Access Key and Secret Key to retrieve the keys.
Sign in to the AWS console with your account credentials.
Click the account icon at the top right corner, then click Security Credentials.
On my security credentials page, under the AWS IAM credentials tab, click the button Create access key to create a new Access Key and Secret Key.
READER NOTE
If you do not have permission to read or create an access key, please ask your administrator for help.
Copy the Access key ID and the Secret access key to use to connect with D3 SOAR.
READER NOTE
The secret access key can only be viewed or downloaded at this time. It is recommended that you promptly download the .csv file and securely store it for future reference. If you lose or forget your secret key, you will not be able to recover it. If you have lost your secret key, you will need to create a new access key and deactivate the old key. You can have a maximum of two access keys (active or inactive) at a time.
Create Policy
Click on Services, which will expand the navigation menu. Then select IAM.
Select Access management, which will open a menu where you can select Policies. Then, click the Create Policy button.
In the Select a service section, click on Service to Choose a service. Please refer to Permission Requirements for the service you have selected. Then click Next.
Search and assign in the Actions allowed section. For example, search for DescribeInstances in the search box, and use the tick box to select this action. Please refer to Permission Requirements for the necessary Access level (Actions). You can specify multiple permissions under the same policy. Then click Next.
Type a name under Policy name. Click Create policy.
Create User
Find the Users tab.
Create user by typing the User name, then click Next.
Choose Attach policies directly. Search for and select the name of the policy you have just created. Then click Next.
Review the details you have entered, and click Create user.
Access Key and Secret Key
Find the user you have created, and click on your user to access the details.
Under the Security credentials tab, click on Create access key.
Create an access key and save the details. Click Done after saving these credentials.
READER NOTE
The secret access key can only be viewed or downloaded at this time. It is recommended that you promptly download the .csv file and securely store it for future reference. If you lose or forget your secret key, you will not be able to recover it. If you have lost your secret key, you will need to create a new access key and deactivate the old key. You can have a maximum of two access keys (active or inactive) at a time.
Configuring D3 SOAR to Work with AWS EC2
Log in to D3 SOAR.
Find the AWS EC2 integration.
Navigate to Configuration on the top header menu.
Click on the Integration icon on the left sidebar.
Type AWS EC2 in the search box to find the integration, then click it to select it.
Click + Connection, on the right side of the Connections section. A new connection window will appear.
Configure the following fields to create a connection to AWS EC2.
Connection Name: The desired name for the connection.
Site: Specifies the site to use the integration connection. Use the drop-down menu to select the site. The Share to Internal Sites option enables all sites defined as internal sites to use the connection. Selecting a specific site will only enable that site to use the connection.
Recipient site for events from connections Shared to Internal Sites: This field appears if you selected Share to Internal Sites for Site to let you select the internal site to deploy the integration connection.
Agent Name (Optional): Specifies the proxy agent required to build the connection. Use the dropdown menu to select the proxy agent from a list of previously configured proxy agents.
Description (Optional): Add your desired description for the connection.
Tenant (Optional): When configuring the connection from a master tenant site, you have the option to choose the specific tenant sites you want to share the connection with. Once you enable this setting, you can filter and select the desired tenant sites from the dropdowns to share the connection.
Configure User Permissions: Defines which users have access to the connection.
Active: Check the tick box to ensure the connection is available for use.
System: This section contains the parameters defined specifically for the integration. These parameters must be configured to create the integration connection.
1. Select Region Name from the drop-down menu.
2. Input the Access Key. Please refer to step 4 of Configuring AWS EC2 to Work with D3 SOAR.
3. Input the Secret Key from the AWS EC2 platform. Please refer to step 4 of Configuring AWS EC2 to Work with D3 SOAR.Enable Password Vault: An optional feature that allows users to take the stored credentials from their own password vault. Please refer to the password vault connection guide if needed.
Connection Health Check: Updates the connection status you have created. A connection health check is done by scheduling the Test Connection command of this integration. This can only be done when the connection is active.
To set up a connection health check, check the Connection Health Check tickbox. You can customize the interval (minutes) for scheduling the health check. An email notification can be set up after a specified number of failed connection attempts.
Test the connection.
Click Test Connection to verify the account credentials and network connection. If the Test Connection Passed alert window appears, the test connection is successful. You will see Passed with a green checkmark appear beside the Test Connection button. If the test connection fails, please check your connection parameters and try again.
Click OK to close the alert window.
Click + Add to create and add the configured connection.
Commands
AWS EC2 includes the following executable commands for users to set up schedules or create playbook workflows. With the Test Command, you can execute these commands independently for playbook troubleshooting.
Integration API Note
For more information about the AWS EC2 API, please refer to the AWS EC2 API reference.
READER NOTE Certain permissions are required for each command. Please refer to the Permission Requirements and Configuring AWS EC2 to Work with D3 SOAR for details. |
Note for Time-related parameters
The input format of time-related parameters may vary based on your account settings. As a result, the sample data provided in our commands is different from what you see. To set your preferred time format, follow these steps:
Navigate to Configuration > Application Settings. Select Date/Time Format.
Choose your desired date and time format.
After that, you will be able to view your preferred time format when configuring the DateTime input parameters for commands.
Add Tags To EC2 Instances
Adds or overwrites only the specified tags for the specified AWS EC2 resource(s). When you specify an existing tag key, its value gets replaced with the new value. Each resource can have a maximum of 50 tags, with each tag comprising a unique key and an optional value.
READER NOTE
The parameter Instance IDs is required to run this command.
Run the Get EC2 Instance Details command to obtain Instance IDs. Instance IDs can be found in the raw data at the path $.Reservations[*].Instances[0].InstanceId.
Input
Input Parameter | Required/Optional | Description | Example |
Instance IDs | Required | The Instance IDs parameter is used to add tags to instances. You can add tags to a maximum of 1000 instances at once. Instance IDs can be obtained using the Get EC2 Instance Details command. | [ "i-040********5c9" ] |
Tags | Required | The Tags parameter is a key value pair associated with EC2 instances. Tag keys are case-sensitive and can accept a maximum of 127 Unicode characters, while Tag values, also case-sensitive, allow up to a maximum of 256 Unicode characters. | [ |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Add Tags To EC2 Instances failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Tags Failed to applied to the following instances [***]. |
Error Sample Data Add Tags To EC2 Instances failed. Status Code: 400. Message: Tags Failed to applied to the following instances [***]. |
Block IPs By Vpc Acl
Blocks the specified IP address(es) by VPC and ACL. You can use this command to block IP(s) in all Network ACLs of the specified VPC. If you want to block IP(s) in specific Network ACLs no matter which VPC, you can run the Block IPs By Acl command.
READER NOTE
Vpc ID is a required parameter to run this command.
Run the Get Network ACL Details command to obtain Vpc ID. Vpc IDs can be found in the raw data at the path $.NetworkAcls[*].VpcId.
NetworkACL ID is an optional parameter to run this command.
Run the Get Network ACL Details command to obtain NetworkACL ID. NetworkACL ID can be found in the raw data at the path $.NetworkAcls[*].NetworkAclId.
The input values of Vpc ID and NetworkACL ID must match, which means they must be a pair of values from the same JSON object in the raw data. Otherwise an error of "Cannot find specified Network Acl." will be returned.
Input
Input Parameter | Required/Optional | Description | Example |
Vpc ID | Required | The ID of the VPC to which the Network ACL binds. The Vpc ID can be obtained using the Get Network ACL Details command. | vpc-063********ea9 |
NetworkACL ID | Optional | The IDs of the Network ACLs in which to block IPs. If not specified, then the block rule will be created in all Network ACLs of the specified VPC. NetworkACL IDs can be obtained using the Get Network ACL Details command. | acl-01f********89d |
IP Addresses | Required | The IP addresses to be blocked. Use either IPV4 or IPV6 addresses. | ["136.243.***.***"] |
Priority | Required | The rule numbers for the blocked IPs. ACL entries are processed in ascending order by rule number. The available rule number is a positive integer from 1 to 32766. If there are multiple IP addresses to block, you need to assign a rule number for each IP address, and map IP address and corresponding rule number in the same position of the arrays. | 15 |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Block Ips By Vpc Acl failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 404. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Cannot find specified Network Acl. |
Error Sample Data Block Ips By Vpc Acl failed. Status Code: 404. Message: Cannot find specified Network Acl. |
Create Auto Scaling Group With EC2 Instance
Creates an Auto Scaling Group based on the specified EC2 Instance with the given Auto Scaling Group name and attributes.
READER NOTE
EC2 Instance ID is a required parameter to run this command.
Run the Get EC2 Instance Details command to obtain EC2 Instance ID. EC2 Instance IDs can be found in the raw data at the path $.Reservations[*].Instances[0].InstanceId.
Please note that the EC2 instance utilized as the basis for the launch configuration must be in 'running' state. The state of the instance can be found in the raw data at the path $.Reservations[*].Instances[0].State.Name.
Input
Input Parameter | Required/Optional | Description | Example |
EC2 Instance ID | Required | The ID of the EC2 instance serves as the foundation for creating the launch configuration. Amazon EC2 Auto Scaling uses the configuration values from the specified instance to create a new launch configuration. EC2 Instance IDs can be obtained using the Get EC2 Instance Details command. Please note that the EC2 instance utilized as the basis for the launch configuration must be in 'running' state. | i-072********992d |
AutoScalingGroupName | Required | The name of the Auto Scaling group. | API_Create_AutoScalingGroup01 |
MinSize | Required | The minimum size of the Auto Scaling group. | 1 |
MaxSize | Required | The maximum size of the Auto Scaling group. | 4 |
DesiredCapacity | Optional | The desired capacity represents the Auto Scaling group's initial capacity after the scheduled action is executed, indicating both its initial size and the level of capacity it attempts to maintain. This number must be greater than or equal to MinSize and less than or equal to MaxSize. If you do not specify a desired capacity, the default is MinSize. | 2 |
Configs | Optional | The other configurations for creating Auto Scaling groups in JSON object format. Keys and values must follow the API document: AutoScaling - Boto3 1.34.104 documentation. |
JSON
|
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Create Auto Scaling Group With EC2 Instance failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Failed to create AutoScalingGroup "****" for the EC2 instance "****". |
Error Sample Data Create Auto Scaling Group With EC2 Instance failed. Status Code: 400. Message: Failed to create AutoScalingGroup "****" for the EC2 instance "****". |
Get EC2 Instance Details
Describes the specified instances or all instances in the region.
Input
Input Parameter | Required/Optional | Description | Example |
InstanceIDs | Optional | The IDs of the EC2 instances to retrieve details of the instance. If not specified, all EC2 instances in the region will be returned. | ["i-040********5c9"] |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get EC2 Instance Details failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Failed to create AutoScalingGroup "****" for the EC2 instance "****". |
Error Sample Data Get EC2 Instance Details failed. Status Code: 400. Message: Failed to create AutoScalingGroup "****" for the EC2 instance "****". |
Get Network ACL Details
Retrieves the region in which to access resources.
Input
N/A
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Network ACL Details failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: AWS was not able to validate the provided access credentials. |
Error Sample Data Get Network ACL Details failed. Status Code: 403. Message: AWS was not able to validate the provided access credentials. |
Get Security Group Details
Describes the specified security groups or all of your security groups.
Input
Input Parameter | Required/Optional | Description | Example |
SecurityGroupIDs | Optional | The IDs of the Security Groups to retrieve details. If not specified, all Security Groups will be returned. | ["sg-04a********c92"] |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Get Security Group Details failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 401. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You are not authorized to perform this operation. |
Error Sample Data Get Security Group Details failed. Status Code: 401. Message: You are not authorized to perform this operation. |
Quarantine EC2 Instances
Designates Security Group ID(s) for quarantining specific EC2 instance(s), ensuring they belong to the same VPC as the instance(s) you intend to isolate. If uncertain about having the appropriate Security Group(s) for quarantining instance(s), it is advisable to leave the Security Group ID parameter empty; the system will then automatically generate quarantine Security Group(s) for you.
READER NOTE
Security Group IDs and Network Interface IDs are optional parameters to run this command.
Run the Get EC2 Instance Details command to obtain Security Group IDs. Security Group IDs can be found in the returned raw data at the path $.Reservations[*].Instances[0].SecurityGroups[0].
Run the Get EC2 Instance Details command to obtain NetworkInterfaceIDs. NetworkInterfaceIDs can be found in the returned raw data at the path $.Reservations[*].Instances[0].NetworkInterfaces[*].NetworkInterfaceId.
Input
Input Parameter | Required/Optional | Description | Example |
Security Group IDs | Optional | The ID of the Security Group that corresponds with the instance(s) to be quarantined. Security Group IDs can be obtained using the Get EC2 Instance Details command. You can specify Security Group ID(s) for quarantining EC2 instance(s), but you must ensure the Security Group you specify is in the same VPC as the instance you are quarantining. If you are not sure whether you have the Security Group(s) ready for quarantining instance(s), it is recommended that you leave the Security Group ID empty, and the system will create quarantine Security Group(s) for you automatically. Please note, if you have multiple EC2 Instances to quarantine, and you want to specify Security Group for each instance, you must ensure that Instance ID and Security Group ID mappings are correctly positioned. For example, Security Group ID for the first instance ID in the instance list must be in the first position of the Security Group IDs list; and Security Group ID for the second Instance ID in the instance list must be in the second position of the Security Group IDs list, etc. | ["sg-0c6********e0c"] |
Network Interface IDs | Optional | The Network Interface IDs is used to specify the network interfaces that are associated with the instance you want to quarantine. Network Interface IDs can be obtained using the Get EC2 Instance Details command. | ["eni-0bd********555"] |
Output
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Quarantine EC2 Instances failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 401. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: You are not authorized to perform this operation.. |
Error Sample Data Quarantine EC2 Instances failed. Status Code: 401. Message: You are not authorized to perform this operation.. |
Take Snapshot On Volumes
Captures snapshots of designated EBS volumes, storing them within the same region as the volumes in Amazon S3.
READER NOTE
The parameter Volume IDs is required to run this command.
Run the Get EC2 Instance Details command to obtain Volume IDs. Volume IDs can be found in the returned raw data at the path $.Reservations[*].Instances[0].BlockDeviceMappings[*].Ebs.VolumeId.
Input
Input Parameter | Required/Optional | Description | Example |
Volume IDs | Required | The IDs of the Volumes used to create snapshots. Volume IDs can be obtained using the Get EC2 Instance Details command. | ["vol-067********4f2"] |
Output
Error Handling
If the Return Data is Partially Successful or Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Take Snapshot On Volumes failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 400. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Value **** for parameter volumeId is invalid. |
Error Sample Data Take Snapshot On Volumes failed. Status Code: 400. Message: Value **** for parameter volumeId is invalid.. |
Update Auto Scaling Group
Updates a scheduled scaling action for an Auto Scaling group; if the action does not exist, it will be created automatically.
READER NOTE
Auto Scaling Group Name is a required parameter to run this command.
Run the Get Auto Scaling Group Details command to obtain Auto Scaling Group Name. Auto Scaling Group Name can be found in the raw data at the path $.AutoScalingGroupName.
Input
Input Parameter | Required/Optional | Description | Example |
Auto Scaling Group Name | Required | The name of the Auto Scaling group to be updated. Auto Scaling Group Name can be obtained using the Get Auto Scaling Group Details command. | eks-40b************823 |
ScheduledActionName | Required | The name of this scaling action. | Action01-5******* |
Start Time | Optional | The date and time for this action to start in UTC time. | 2020-06-17 06:00:00 |
End Time | Optional | The date and time for this action to end in UTC time. | 2020-06-18 06:00:00 |
Recurrence | Optional | The recurring schedule for this action, in Unix cron syntax format.(for example, "30 0 1 1,6,12 *" ) | 30 0 1 1,6,12 * |
MinSize | Optional | The minimum size of the Auto Scaling group. | 2 |
MaxSize | Optional | The maximum size of the Auto Scaling group. | 6 |
DesireCapacity | Optional | The desired capacity is the initial capacity of the Auto Scaling group at the time of its creation and the capacity it attempts to maintain. This number must be greater than or equal to MinSize and less than or equal to MaxSize. | 3 |
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Update Auto Scaling Group failed. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 500. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: Failed to apply Action "***" to the AutoScalingGroup "****". |
Error Sample Data Update Auto Scaling Group failed. Status Code: 500. Message: Failed to apply Action "***" to the AutoScalingGroup "****". |
Test Connection
Allows you to perform a health check on an integration connection. You can schedule a periodic health check by selecting Connection Health Check when editing an integration connection.
Input
N/A
Output
Error Handling
If the Return Data is Failed, an Error tab will appear in the Test Result window.
The error tab contains the details responded from D3 SOAR or third-party API calls, including Failure Indicator, Status Code, and Message. This can help you locate the root cause of a command failure.
Parts in Error | Description | Example |
Failure Indicator | Indicates the command failure that happened at a specific input and/or API call. | Test Connection failed. Failed to check the connector. |
Status Code | The response code issued by the third-party API server or the D3 SOAR system that can be used to locate the corresponding error category. For example, if the returned status code is 401, the selected connection is unauthorized to run the command. The user or system support would need to check the permission setting in the AWS EC2 portal. Refer to the HTTP Status Code Registry for details. | Status Code: 403. |
Message | The raw data or captured key error message from the integration API server about the API request failure. | Message: AWS was not able to validate the provided access credentials. |
Error Sample Data Test Connection failed. Failed to check the connector. Status Code: 403. Message: AWS was not able to validate the provided access credentials. |