**To retrieve a description of the authorizations the DRT has to mitigate attacks on your behalf** The following ``describe-drt-access`` example retrieves the role and S3 bucket authorizations that the DRT has, which allow it to respond to potential attacks on your behalf. :: aws shield describe-drt-access Output:: { "RoleArn": "arn:aws:iam::123456789012:role/service-role/DrtRole", "LogBucketList": [ "flow-logs-for-website-lb" ] } For more information, see `Authorize the DDoS Response Team <https://docs.aws.amazon.com/waf/latest/developerguide/authorize-DRT.html>`__ in the *AWS Shield Advanced Developer Guide*.