diff --git a/.changes/1.29.53.json b/.changes/1.29.53.json new file mode 100644 index 000000000000..605b0a641aa4 --- /dev/null +++ b/.changes/1.29.53.json @@ -0,0 +1,32 @@ +[ + { + "category": "``braket``", + "description": "This release adds support to view the device queue depth (the number of queued quantum tasks and hybrid jobs on a device) and queue position for a quantum task and hybrid job.", + "type": "api-change" + }, + { + "category": "``dms``", + "description": "new vendors for DMS CSF: MongoDB, MariaDB, DocumentDb and Redshift", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "EC2 M2 Pro Mac instances are powered by Apple M2 Pro Mac Mini computers featuring 12 core CPU, 19 core GPU, 32 GiB of memory, and 16 core Apple Neural Engine and uniquely enabled by the AWS Nitro System through high-speed Thunderbolt connections.", + "type": "api-change" + }, + { + "category": "``efs``", + "description": "Update efs command to latest version", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Add `EKS_CLUSTER_NAME` to filter and sort key.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release supports the creation of of audio-only tracks in CMAF output groups.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.54.json b/.changes/1.29.54.json new file mode 100644 index 000000000000..78ba69186cca --- /dev/null +++ b/.changes/1.29.54.json @@ -0,0 +1,37 @@ +[ + { + "category": "``amplifyuibuilder``", + "description": "Support for generating code that is compatible with future versions of amplify project dependencies.", + "type": "api-change" + }, + { + "category": "``chime-sdk-media-pipelines``", + "description": "Adds support for sending WebRTC audio to Amazon Kineses Video Streams.", + "type": "api-change" + }, + { + "category": "``emr-serverless``", + "description": "This release adds support for application-wide default job configurations.", + "type": "api-change" + }, + { + "category": "``finspace-data``", + "description": "Adding sensitive trait to attributes. Change max SessionDuration from 720 to 60. Correct \"ApiAccess\" attribute to \"apiAccess\" to maintain consistency between APIs.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Added ability to tag users upon creation.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "This release updates the enum values for ResourceType in SSM DescribeInstanceInformation input and ConnectionStatus in GetConnectionStatus output.", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "You can now perform an exact match against the web request's JA3 fingerprint.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.55.json b/.changes/1.29.55.json new file mode 100644 index 000000000000..9d5df9c88c58 --- /dev/null +++ b/.changes/1.29.55.json @@ -0,0 +1,47 @@ +[ + { + "category": "``appintegrations``", + "description": "The Amazon AppIntegrations service adds a set of APIs (in preview) to manage third party applications to be used in Amazon Connect agent workspace.", + "type": "api-change" + }, + { + "category": "``apprunner``", + "description": "This release allows an App Runner customer to specify a custom source directory to run the build & start command. This change allows App Runner to support monorepo based repositories", + "type": "api-change" + }, + { + "category": "``codedeploy``", + "description": "CodeDeploy now supports In-place and Blue/Green EC2 deployments with multiple Classic Load Balancers and multiple Target Groups.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release updates a set of Amazon Connect APIs that provides the ability to integrate third party applications in the Amazon Connect agent workspace.", + "type": "api-change" + }, + { + "category": "``dynamodb``", + "description": "Amazon DynamoDB now supports Incremental Export as an enhancement to the existing Export Table", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "The release includes AWS verified access to support FIPs compliance in North America regions", + "type": "api-change" + }, + { + "category": "``lakeformation``", + "description": "This release adds three new API support \"CreateLakeFormationOptIn\", \"DeleteLakeFormationOptIn\" and \"ListLakeFormationOptIns\", and also updates the corresponding documentation.", + "type": "api-change" + }, + { + "category": "``pinpoint``", + "description": "Update documentation for RemoveAttributes to more accurately reflect its behavior when attributes are deleted.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "This release adds a new field COMPLETED to the ReplicationStatus Enum. You can now use this field to validate the replication status of S3 objects using the AWS SDK.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.56.json b/.changes/1.29.56.json new file mode 100644 index 000000000000..c0cc45a43656 --- /dev/null +++ b/.changes/1.29.56.json @@ -0,0 +1,22 @@ +[ + { + "category": "``cognito-idp``", + "description": "The UserPoolType Status field is no longer used.", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "Features : Adding support for new data ingestion source to Kinesis Firehose - AWS Managed Services Kafka.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "Added support for IoT Rules Engine Kafka Action Headers", + "type": "api-change" + }, + { + "category": "``textract``", + "description": "This release adds new feature - Layout to Analyze Document API which can automatically extract layout elements such as titles, paragraphs, headers, section headers, lists, page numbers, footers, table areas, key-value areas and figure areas and order the elements as a human would read.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.57.json b/.changes/1.29.57.json new file mode 100644 index 000000000000..32bdf9aad4ad --- /dev/null +++ b/.changes/1.29.57.json @@ -0,0 +1,42 @@ +[ + { + "category": "``bedrock``", + "description": "Model Invocation logging added to enable or disable logs in customer account. Model listing and description support added. Provisioned Throughput feature added. Custom model support added for creating custom models. Also includes list, and delete functions for custom model.", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Run Inference: Added support to run the inference on models. Includes set of APIs for running inference in streaming and non-streaming mode.", + "type": "api-change" + }, + { + "category": "``budgets``", + "description": "Update DescribeBudgets and DescribeBudgetNotificationsForAccount MaxResults limit to 1000.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Adds support for Customer Managed Key encryption for Amazon Verified Access resources", + "type": "api-change" + }, + { + "category": "``iotfleetwise``", + "description": "AWS IoT FleetWise now supports encryption through a customer managed AWS KMS key. The PutEncryptionConfiguration and GetEncryptionConfiguration APIs were added.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Online store feature groups supports Standard and InMemory tier storage types for low latency storage for real-time data retrieval. The InMemory tier supports collection types List, Set, and Vector.", + "type": "api-change" + }, + { + "category": "``sagemaker-featurestore-runtime``", + "description": "Feature Store supports read/write of records with collection type features.", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "Correct and improve the documentation for the FieldToMatch option JA3 fingerprint.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.58.json b/.changes/1.29.58.json new file mode 100644 index 000000000000..d3b03114245a --- /dev/null +++ b/.changes/1.29.58.json @@ -0,0 +1,42 @@ +[ + { + "category": "``bedrock-runtime``", + "description": "Add model timeout exception for InvokeModelWithResponseStream API and update validator for invoke model identifier.", + "type": "api-change" + }, + { + "category": "``bedrock``", + "description": "Provisioned throughput feature with Amazon and third-party base models, and update validators for model identifier and taggable resource ARNs.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Introducing Amazon EC2 R7iz instances with 3.9 GHz sustained all-core turbo frequency and deliver up to 20% better performance than previous generation z1d instances.", + "type": "api-change" + }, + { + "category": "``managedblockchain``", + "description": "Remove Rinkeby as option from Ethereum APIs", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Adds DefaultCertificateForNewLaunches field in the DescribeCertificates API response.", + "type": "api-change" + }, + { + "category": "``sso``", + "description": "Fix FIPS Endpoints in aws-us-gov.", + "type": "api-change" + }, + { + "category": "``sts``", + "description": "STS API updates for assumeRole", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "Documentation updates for AWS Transfer Family", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.59.json b/.changes/1.29.59.json new file mode 100644 index 000000000000..cbf0f03ad9c3 --- /dev/null +++ b/.changes/1.29.59.json @@ -0,0 +1,32 @@ +[ + { + "category": "``connect``", + "description": "GetMetricDataV2 API: Update to include new metrics CONTACTS_RESOLVED_IN_X , AVG_HOLD_TIME_ALL_CONTACTS , AVG_RESOLUTION_TIME , ABANDONMENT_RATE , AGENT_NON_RESPONSE_WITHOUT_CUSTOMER_ABANDONS with added features: Interval Period, TimeZone, Negate MetricFilters, Extended date time range.", + "type": "api-change" + }, + { + "category": "``location``", + "description": "Amazon Location Service adds support for bounding polygon queries. Additionally, the GeofenceCount field has been added to the DescribeGeofenceCollection API response.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release adds the ability to replace video frames without modifying the audio essence.", + "type": "api-change" + }, + { + "category": "``oam``", + "description": "This release adds support for sharing AWS::ApplicationInsights::Application resources.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release allows users to run Selective Execution in SageMaker Pipelines without SourcePipelineExecutionArn if selected steps do not have any dependent steps.", + "type": "api-change" + }, + { + "category": "``wellarchitected``", + "description": "AWS Well-Architected now supports Review Templates that allows you to create templates with pre-filled answers for Well-Architected and Custom Lens best practices.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.60.json b/.changes/1.29.60.json new file mode 100644 index 000000000000..c95cfb79ff7b --- /dev/null +++ b/.changes/1.29.60.json @@ -0,0 +1,27 @@ +[ + { + "category": "``appconfig``", + "description": "AWS AppConfig introduces KMS customer-managed key (CMK) encryption support for data saved to AppConfig's hosted configuration store.", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "Initial release of Amazon DataZone", + "type": "api-change" + }, + { + "category": "``mediatailor``", + "description": "Updates DescribeVodSource to include a list of ad break opportunities in the response", + "type": "api-change" + }, + { + "category": "``mgn``", + "description": "This release includes the following new APIs: ListConnectors, CreateConnector, UpdateConnector, DeleteConnector and UpdateSourceServer to support the source action framework feature.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adding support for AdditionalS3DataSource, a data source used for training or inference that is in addition to the input dataset or model data.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.61.json b/.changes/1.29.61.json new file mode 100644 index 000000000000..cf24a228ecdd --- /dev/null +++ b/.changes/1.29.61.json @@ -0,0 +1,32 @@ +[ + { + "category": "``omics``", + "description": "Add Etag Support for Omics Storage in ListReadSets and GetReadSetMetadata API", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for corrections and minor improvements.", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "Add hostedzonetype filter to ListHostedZones API.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Added new resource detail objects to ASFF, including resources for AwsEventsEventbus, AwsEventsEndpoint, AwsDmsEndpoint, AwsDmsReplicationTask, AwsDmsReplicationInstance, AwsRoute53HostedZone, and AwsMskCluster", + "type": "api-change" + }, + { + "category": "``storagegateway``", + "description": "Add SoftwareVersion to response of DescribeGatewayInformation.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "This release introduces Manage applications. This feature allows users to manage their WorkSpaces applications by associating or disassociating their WorkSpaces with applications. The DescribeWorkspaces API will now additionally return OperatingSystemName in its responses.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.62.json b/.changes/1.29.62.json new file mode 100644 index 000000000000..5dbfae40cf5c --- /dev/null +++ b/.changes/1.29.62.json @@ -0,0 +1,27 @@ +[ + { + "category": "``ec2``", + "description": "Documentation updates for Elastic Compute Cloud (EC2).", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "After performing steps to repair the Active Directory configuration of a file system, use this action to initiate the process of attempting to recover to the file system.", + "type": "api-change" + }, + { + "category": "``marketplace-catalog``", + "description": "This release adds support for Document type as an alternative for stringified JSON for StartChangeSet, DescribeChangeSet and DescribeEntity APIs", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "NullOption in FilterListConfiguration; Dataset schema/table max length increased; Support total placement for pivot table visual; Lenient mode relaxes the validation to create resources with definition; Data sources can be added to folders; Redshift data sources support IAM Role-based authentication", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "This release updates the max character limit of PreAuthenticationLoginBanner and PostAuthenticationLoginBanner to 4096 characters", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.63.json b/.changes/1.29.63.json new file mode 100644 index 000000000000..cfbcb0e411a1 --- /dev/null +++ b/.changes/1.29.63.json @@ -0,0 +1,102 @@ +[ + { + "category": "``auditmanager``", + "description": "This release introduces a new limit to the awsAccounts parameter. When you create or update an assessment, there is now a limit of 200 AWS accounts that can be specified in the assessment scope.", + "type": "api-change" + }, + { + "category": "``autoscaling``", + "description": "Update the NotificationMetadata field to only allow visible ascii characters. Add paginators to DescribeInstanceRefreshes, DescribeLoadBalancers, and DescribeLoadBalancerTargetGroups", + "type": "api-change" + }, + { + "category": "``config``", + "description": "Add enums for resource types supported by Config", + "type": "api-change" + }, + { + "category": "``controltower``", + "description": "Added new EnabledControl resource details to ListEnabledControls API and added new GetEnabledControl API.", + "type": "api-change" + }, + { + "category": "``customer-profiles``", + "description": "Adds sensitive trait to various shapes in Customer Profiles Calculated Attribute API model.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds Ubuntu Pro as a supported platform for On-Demand Capacity Reservations and adds support for setting an Amazon Machine Image (AMI) to disabled state. Disabling the AMI makes it private if it was previously shared, and prevents new EC2 instance launches from it.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "Update elbv2 command to latest version", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Extending version control support to GitLab and Bitbucket from AWSGlue", + "type": "api-change" + }, + { + "category": "``inspector2``", + "description": "Add MacOs ec2 platform support", + "type": "api-change" + }, + { + "category": "``ivs-realtime``", + "description": "Update GetParticipant to return additional metadata.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Adds support for Lambda functions to access Dual-Stack subnets over IPv6, via an opt-in flag in CreateFunction and UpdateFunctionConfiguration APIs", + "type": "api-change" + }, + { + "category": "``location``", + "description": "This release adds endpoint updates for all AWS Location resource operations.", + "type": "api-change" + }, + { + "category": "``machinelearning``", + "description": "This release marks Password field as sensitive", + "type": "api-change" + }, + { + "category": "``pricing``", + "description": "Documentation updates for Price List", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for adding a dedicated log volume to open-source RDS instances.", + "type": "api-change" + }, + { + "category": "``rekognition``", + "description": "Amazon Rekognition introduces support for Custom Moderation. This allows the enhancement of accuracy for detect moderation labels operations by creating custom adapters tuned on customer data.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker Canvas adds KendraSettings and DirectDeploySettings support for CanvasAppSettings", + "type": "api-change" + }, + { + "category": "``textract``", + "description": "This release adds 9 new APIs for adapter and adapter version management, 3 new APIs for tagging, and updates AnalyzeDocument and StartDocumentAnalysis API parameters for using adapters.", + "type": "api-change" + }, + { + "category": "``transcribe``", + "description": "This release is to enable m4a format to customers", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Updated the CreateWorkspaces action documentation to clarify that the PCoIP protocol is only available for Windows bundles.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.64.json b/.changes/1.29.64.json new file mode 100644 index 000000000000..13c4adf6c495 --- /dev/null +++ b/.changes/1.29.64.json @@ -0,0 +1,57 @@ +[ + { + "category": "``cloudformation``", + "description": "SDK and documentation updates for UpdateReplacePolicy", + "type": "api-change" + }, + { + "category": "``drs``", + "description": "Updated exsiting API to allow AWS Elastic Disaster Recovery support of launching recovery into existing EC2 instances.", + "type": "api-change" + }, + { + "category": "``entityresolution``", + "description": "This launch expands our matching techniques to include provider-based matching to help customer match, link, and enhance records with minimal data movement. With data service providers, we have removed the need for customers to build bespoke integrations,.", + "type": "api-change" + }, + { + "category": "``managedblockchain-query``", + "description": "This release introduces two new APIs: GetAssetContract and ListAssetContracts. This release also adds support for Bitcoin Testnet.", + "type": "api-change" + }, + { + "category": "``mediapackagev2``", + "description": "This release allows customers to manage MediaPackage v2 resource using CloudFormation.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release allows customers to list and associate optional plugin packages with compatible Amazon OpenSearch Service clusters for enhanced functionality.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Added support for managing credentials of serverless namespace admin using AWS Secrets Manager.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Added support for managing credentials of provisioned cluster admin using AWS Secrets Manager.", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "This release provides enhanced visibility into your SES identity verification status. This will offer you more actionable insights, enabling you to promptly address any verification-related issues.", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "Documentation updates for AWS Transfer Family", + "type": "api-change" + }, + { + "category": "``xray``", + "description": "This releases enhances GetTraceSummaries API to support new TimeRangeType Service to query trace summaries by segment end time.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.65.json b/.changes/1.29.65.json new file mode 100644 index 000000000000..971adaf1f601 --- /dev/null +++ b/.changes/1.29.65.json @@ -0,0 +1,42 @@ +[ + { + "category": "``codepipeline``", + "description": "Add retryMode ALL_ACTIONS to RetryStageExecution API that retries a failed stage starting from first action in the stage", + "type": "api-change" + }, + { + "category": "``discovery``", + "description": "This release introduces three new APIs: StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "Documentation only updates to address Amazon ECS tickets.", + "type": "api-change" + }, + { + "category": "``globalaccelerator``", + "description": "Fixed error where ListCustomRoutingEndpointGroups did not have a paginator", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Add domainWithSuffix finding field to dnsRequestAction", + "type": "api-change" + }, + { + "category": "``kafka``", + "description": "AWS Managed Streaming for Kafka is launching MSK Replicator, a new feature that enables customers to reliably replicate data across Amazon MSK clusters in same or different AWS regions. You can now use SDK to create, list, describe, delete, update, and manage tags of MSK Replicators.", + "type": "api-change" + }, + { + "category": "``route53-recovery-cluster``", + "description": "Adds Owner field to ListRoutingControls API.", + "type": "api-change" + }, + { + "category": "``route53-recovery-control-config``", + "description": "Adds permissions for GetResourcePolicy to support returning details about AWS Resource Access Manager resource policies for shared resources.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.66.json b/.changes/1.29.66.json new file mode 100644 index 000000000000..1ef1695c6826 --- /dev/null +++ b/.changes/1.29.66.json @@ -0,0 +1,27 @@ +[ + { + "category": "``cloud9``", + "description": "Update to imageId parameter behavior and dates updated.", + "type": "api-change" + }, + { + "category": "``dynamodb``", + "description": "Updating descriptions for several APIs.", + "type": "api-change" + }, + { + "category": "``kendra``", + "description": "Changes for a new feature in Amazon Kendra's Query API to Collapse/Expand query results", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for upgrading the storage file system configuration on the DB instance using a blue/green deployment or a read replica.", + "type": "api-change" + }, + { + "category": "``wisdom``", + "description": "This release adds an max limit of 25 recommendation ids for NotifyRecommendationsReceived API.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.67.json b/.changes/1.29.67.json new file mode 100644 index 000000000000..eb430cff5a10 --- /dev/null +++ b/.changes/1.29.67.json @@ -0,0 +1,52 @@ +[ + { + "category": "``ec2``", + "description": "Amazon EC2 C7a instances, powered by 4th generation AMD EPYC processors, are ideal for high performance, compute-intensive workloads such as high performance computing. Amazon EC2 R7i instances are next-generation memory optimized and powered by custom 4th Generation Intel Xeon Scalable processors.", + "type": "api-change" + }, + { + "category": "``managedblockchain-query``", + "description": "This release adds support for Ethereum Sepolia network", + "type": "api-change" + }, + { + "category": "``neptunedata``", + "description": "Doc changes to add IAM action mappings for the data actions.", + "type": "api-change" + }, + { + "category": "``omics``", + "description": "This change enables customers to retrieve failure reasons with detailed status messages for their failed runs", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "Added Cluster Administrative options for node restart, opensearch process restart and opensearch dashboard restart for Multi-AZ without standby domains", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "This release adds the following: 1) Trino and Starburst Database Connectors 2) Custom total for tables and pivot tables 3) Enable restricted folders 4) Add rolling dates for time equality filters 5) Refine DataPathValue and introduce DataPathType 6) Add SeriesType to ReferenceLineDataConfiguration", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Documentation updates for Secrets Manager", + "type": "api-change" + }, + { + "category": "``servicecatalog``", + "description": "Introduce support for EXTERNAL product and provisioning artifact type in CreateProduct and CreateProvisioningArtifact APIs.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Improving Amazon Verified Permissions Create experience", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Documentation updates for WorkSpaces", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.68.json b/.changes/1.29.68.json new file mode 100644 index 000000000000..79e57ed4d759 --- /dev/null +++ b/.changes/1.29.68.json @@ -0,0 +1,32 @@ +[ + { + "category": "``appconfig``", + "description": "Update KmsKeyIdentifier constraints to support AWS KMS multi-Region keys.", + "type": "api-change" + }, + { + "category": "``appintegrations``", + "description": "Updated ScheduleConfig to be an optional input to CreateDataIntegration to support event driven downloading of files from sources such as Amazon s3 using Amazon Connect AppIntegrations.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release adds support for updating phone number metadata, such as phone number description.", + "type": "api-change" + }, + { + "category": "``discovery``", + "description": "This release introduces three new APIs: StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents.", + "type": "api-change" + }, + { + "category": "``medical-imaging``", + "description": "Updates on documentation links", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "This release introduces a new API: DeleteOpsItem. This allows deletion of an OpsItem.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.69.json b/.changes/1.29.69.json new file mode 100644 index 000000000000..dc81c180eea5 --- /dev/null +++ b/.changes/1.29.69.json @@ -0,0 +1,22 @@ +[ + { + "category": "``marketplacecommerceanalytics``", + "description": "The StartSupportDataExport operation has been deprecated as part of the Product Support Connection deprecation. As of December 2022, Product Support Connection is no longer supported.", + "type": "api-change" + }, + { + "category": "``networkmanager``", + "description": "This release adds API support for Tunnel-less Connect (NoEncap Protocol) for AWS Cloud WAN", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "This release adds support for customers to see the patch version and workgroup version in Amazon Redshift Serverless.", + "type": "api-change" + }, + { + "category": "``rekognition``", + "description": "Amazon Rekognition introduces StartMediaAnalysisJob, GetMediaAnalysisJob, and ListMediaAnalysisJobs operations to run a bulk analysis of images with a Detect Moderation model.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.70.json b/.changes/1.29.70.json new file mode 100644 index 000000000000..1f0104b23186 --- /dev/null +++ b/.changes/1.29.70.json @@ -0,0 +1,37 @@ +[ + { + "category": "``codepipeline``", + "description": "Add ability to trigger pipelines from git tags, define variables at pipeline level and new pipeline type V2.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release updates the documentation for InstanceInterruptionBehavior and HibernationOptionsRequest to more accurately describe the behavior of these two parameters when using Spot hibernation.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Added support for Cluster Subnet and Security Group mutability.", + "type": "api-change" + }, + { + "category": "``iam``", + "description": "Add the partitional endpoint for IAM in iso-f.", + "type": "api-change" + }, + { + "category": "``migrationhub-config``", + "description": "This release introduces DeleteHomeRegionControl API that customers can use to delete the Migration Hub Home Region configuration", + "type": "api-change" + }, + { + "category": "``migrationhubstrategy``", + "description": "This release introduces multi-data-source feature in Migration Hub Strategy Recommendations. This feature now supports vCenter as a data source to fetch inventory in addition to ADS and Import from file workflow that is currently supported with MHSR collector.", + "type": "api-change" + }, + { + "category": "``opensearchserverless``", + "description": "This release includes the following new APIs: CreateLifecyclePolicy, UpdateLifecyclePolicy, BatchGetLifecyclePolicy, DeleteLifecyclePolicy, ListLifecyclePolicies and BatchGetEffectiveLifecyclePolicy to support the data lifecycle management feature.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.71.json b/.changes/1.29.71.json new file mode 100644 index 000000000000..86e8119b6b68 --- /dev/null +++ b/.changes/1.29.71.json @@ -0,0 +1,17 @@ +[ + { + "category": "``connectcases``", + "description": "Increase maximum length of CommentBody to 3000, and increase maximum length of StringValue to 1500", + "type": "api-change" + }, + { + "category": "``groundstation``", + "description": "This release will allow KMS alias names to be used when creating Mission Profiles", + "type": "api-change" + }, + { + "category": "``iam``", + "description": "Updates to GetAccessKeyLastUsed action to replace NoSuchEntity error with AccessDeniedException error.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.72.json b/.changes/1.29.72.json new file mode 100644 index 000000000000..6fa27a020b6b --- /dev/null +++ b/.changes/1.29.72.json @@ -0,0 +1,52 @@ +[ + { + "category": "``appstream``", + "description": "This release introduces multi-session fleets, allowing customers to provision more than one user session on a single fleet instance.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Launching GetSecurityGroupsForVpc API. This API gets security groups that can be associated by the AWS account making the request with network interfaces in the specified VPC.", + "type": "api-change" + }, + { + "category": "``network-firewall``", + "description": "Network Firewall now supports inspection of outbound SSL/TLS traffic.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "You can specify ipv4 or dualstack IPAddressType for cluster endpoints. If you specify IPAddressType as dualstack, the new endpoint will be visible under the 'EndpointV2' parameter and will support IPv4 and IPv6 requests. Whereas, the 'Endpoint' will continue to serve IPv4 requests.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Add Redshift APIs GetResourcePolicy, DeleteResourcePolicy, PutResourcePolicy and DescribeInboundIntegrations for the new Amazon Redshift Zero-ETL integration feature, which can be used to control data ingress into Redshift namespace, and view inbound integrations.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon Sagemaker Autopilot now supports Text Generation jobs.", + "type": "api-change" + }, + { + "category": "``sns``", + "description": "Message Archiving and Replay is now supported in Amazon SNS for FIFO topics.", + "type": "api-change" + }, + { + "category": "``ssm-sap``", + "description": "AWS Systems Manager for SAP added support for registration and discovery of SAP ABAP applications", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "No API changes from previous release. This release migrated the model to Smithy keeping all features unchanged.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.73.json b/.changes/1.29.73.json new file mode 100644 index 000000000000..8538efbe98d7 --- /dev/null +++ b/.changes/1.29.73.json @@ -0,0 +1,27 @@ +[ + { + "category": "``emr``", + "description": "Update emr command to latest version", + "type": "api-change" + }, + { + "category": "``neptune``", + "description": "Update TdeCredentialPassword type to SensitiveString", + "type": "api-change" + }, + { + "category": "``pinpoint``", + "description": "Updated documentation to describe the case insensitivity for EndpointIds.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "added support to create a dual stack cluster", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "Updates the descriptions for the calls that manage web ACL associations, to provide information for customer-managed IAM policies.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.74.json b/.changes/1.29.74.json new file mode 100644 index 000000000000..a918f3dd9998 --- /dev/null +++ b/.changes/1.29.74.json @@ -0,0 +1,52 @@ +[ + { + "category": "``connect``", + "description": "This release adds InstanceId field for phone number APIs.", + "type": "api-change" + }, + { + "category": "``dataexchange``", + "description": "We added a new API action: SendDataSetNotification.", + "type": "api-change" + }, + { + "category": "``datasync``", + "description": "Platform version changes to support AL1 deprecation initiative.", + "type": "api-change" + }, + { + "category": "``finspace``", + "description": "Introducing new API UpdateKxClusterCodeConfiguration, introducing new cache types for clusters and introducing new deployment modes for updating clusters.", + "type": "api-change" + }, + { + "category": "``mediapackagev2``", + "description": "This feature allows customers to create a combination of manifest filtering, startover and time delay configuration that applies to all egress requests by default.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release launches the CreateIntegration, DeleteIntegration, and DescribeIntegrations APIs to manage zero-ETL Integrations.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Added support for custom domain names for Amazon Redshift Serverless workgroups. This feature enables customers to create a custom domain name and use ACM to generate fully secure connections to it.", + "type": "api-change" + }, + { + "category": "``resiliencehub``", + "description": "Introduced the ability to filter applications by their last assessment date and time and have included metrics for the application's estimated workload Recovery Time Objective (RTO) and estimated workload Recovery Point Objective (RPO).", + "type": "api-change" + }, + { + "category": "``s3outposts``", + "description": "Updated ListOutpostsWithS3 API response to include S3OutpostArn for use with AWS RAM.", + "type": "api-change" + }, + { + "category": "``wisdom``", + "description": "This release added necessary API documents on creating a Wisdom knowledge base to integrate with S3.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.75.json b/.changes/1.29.75.json new file mode 100644 index 000000000000..18814c371bd5 --- /dev/null +++ b/.changes/1.29.75.json @@ -0,0 +1,32 @@ +[ + { + "category": "``amplify``", + "description": "Add backend field to CreateBranch and UpdateBranch requests. Add pagination support for ListApps, ListDomainAssociations, ListBranches, and ListJobs", + "type": "api-change" + }, + { + "category": "``application-insights``", + "description": "Automate attaching managed policies", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Capacity Blocks for ML are a new EC2 purchasing option for reserving GPU instances on a future date to support short duration machine learning (ML) workloads. Capacity Blocks automatically place instances close together inside Amazon EC2 UltraClusters for low-latency, high-throughput networking.", + "type": "api-change" + }, + { + "category": "``m2``", + "description": "Added name filter ability for ListDataSets API, added ForceUpdate for Updating environment and BatchJob submission using S3BatchJobIdentifier", + "type": "api-change" + }, + { + "category": "``neptunedata``", + "description": "Minor change to not retry CancelledByUserException", + "type": "api-change" + }, + { + "category": "``translate``", + "description": "Added support for Brevity translation settings feature.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.76.json b/.changes/1.29.76.json new file mode 100644 index 000000000000..9f121024d1b8 --- /dev/null +++ b/.changes/1.29.76.json @@ -0,0 +1,27 @@ +[ + { + "category": "``connect``", + "description": "Adds the BatchGetFlowAssociation API which returns flow associations (flow-resource) corresponding to the list of resourceArns supplied in the request. This release also adds IsDefault, LastModifiedRegion and LastModifiedTime fields to the responses of several Describe and List APIs.", + "type": "api-change" + }, + { + "category": "``globalaccelerator``", + "description": "Global Accelerator now support accelerators with cross account endpoints.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for customized networking resources to Amazon RDS Custom.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Added support for Multi-AZ deployments for Provisioned RA3 clusters that provide 99.99% SLA availability.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Support for batch transform input in Model dashboard", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.77.json b/.changes/1.29.77.json new file mode 100644 index 000000000000..6382abf08371 --- /dev/null +++ b/.changes/1.29.77.json @@ -0,0 +1,37 @@ +[ + { + "category": "``apprunner``", + "description": "AWS App Runner now supports using dual-stack address type for the public endpoint of your incoming traffic.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "GetMetricDataV2 API: Update to include new metrics PERCENT_NON_TALK_TIME, PERCENT_TALK_TIME, PERCENT_TALK_TIME_AGENT, PERCENT_TALK_TIME_CUSTOMER", + "type": "api-change" + }, + { + "category": "``gamelift``", + "description": "Amazon GameLift adds support for shared credentials, which allows applications that are deployed on managed EC2 fleets to interact with other AWS resources.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "This release introduces Google BigQuery Source and Target in AWS Glue CodeGenConfigurationNode.", + "type": "api-change" + }, + { + "category": "``network-firewall``", + "description": "This release introduces the stateless rule analyzer, which enables you to analyze your stateless rules for asymmetric routing.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "This release introduces Float Decimal Type as SubType in QuickSight SPICE datasets and Custom week start and Custom timezone options in Analysis and Dashboard", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] diff --git a/.changes/1.29.78.json b/.changes/1.29.78.json new file mode 100644 index 000000000000..c1080499e785 --- /dev/null +++ b/.changes/1.29.78.json @@ -0,0 +1,27 @@ +[ + { + "category": "``config``", + "description": "Updated ResourceType enum with new resource types onboarded by AWS Config in October 2023.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Amazon Connect Chat introduces Create Persistent Contact Association API, allowing customers to choose when to resume previous conversations from previous chats, eliminating the need to repeat themselves and allowing agents to provide personalized service with access to entire conversation history.", + "type": "api-change" + }, + { + "category": "``iotwireless``", + "description": "Added LoRaWAN version 1.0.4 support", + "type": "api-change" + }, + { + "category": "``launch-wizard``", + "description": "AWS Launch Wizard is a service that helps reduce the time it takes to deploy applications to the cloud while providing a guided deployment experience.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.79.json b/.changes/1.29.79.json new file mode 100644 index 000000000000..6ea5d296d79b --- /dev/null +++ b/.changes/1.29.79.json @@ -0,0 +1,47 @@ +[ + { + "category": "``ce``", + "description": "This release extends the GetReservationPurchaseRecommendation API to support recommendations for Amazon MemoryDB reservations.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "AWS CodeBuild now supports AWS Lambda compute.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Added new API that allows Amazon Connect Outbound Campaigns to create contacts in Amazon Connect when ingesting your dial requests.", + "type": "api-change" + }, + { + "category": "``docdb``", + "description": "Update the input of CreateDBInstance and ModifyDBInstance to support setting CA Certificates. Update the output of DescribeDBInstance and DescribeDBEngineVersions to show current and supported CA certificates.", + "type": "api-change" + }, + { + "category": "``iam``", + "description": "Add partitional endpoint for iso-e.", + "type": "api-change" + }, + { + "category": "``mwaa``", + "description": "This release adds support for Apache Airflow version 2.7.2. This version release includes support for deferrable operators and triggers.", + "type": "api-change" + }, + { + "category": "``polly``", + "description": "Amazon Polly adds new US English voices - Danielle and Gregory. Danielle and Gregory are available as Neural voices only.", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "Add partitional endpoints for iso-e and iso-f.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.80.json b/.changes/1.29.80.json new file mode 100644 index 000000000000..60f011cf5fbf --- /dev/null +++ b/.changes/1.29.80.json @@ -0,0 +1,27 @@ +[ + { + "category": "``help``", + "description": "Relax line length limit for rendered ``help`` pages", + "type": "bugfix" + }, + { + "category": "``dataexchange``", + "description": "Updated SendDataSetNotificationRequest Comment to be maximum length 4096.", + "type": "api-change" + }, + { + "category": "``dlm``", + "description": "Added support for pre and post scripts in Amazon Data Lifecycle Manager EBS snapshot lifecycle policies.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This Amazon RDS release adds support for the multi-tenant configuration. In this configuration, an RDS DB instance can contain multiple tenant databases. In RDS for Oracle, a tenant database is a pluggable database (PDB).", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.81.json b/.changes/1.29.81.json new file mode 100644 index 000000000000..eb7da4b2c512 --- /dev/null +++ b/.changes/1.29.81.json @@ -0,0 +1,62 @@ +[ + { + "category": "``connect``", + "description": "This release clarifies in our public documentation that InstanceId is a requirement for SearchUsers API requests.", + "type": "api-change" + }, + { + "category": "``connectcases``", + "description": "This release adds the ability to add/view comment authors through CreateRelatedItem and SearchRelatedItems API. For more information see https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html", + "type": "api-change" + }, + { + "category": "``datasync``", + "description": "This change allows for 0 length access keys and secret keys for object storage locations. Users can now pass in empty string credentials.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Added API support for new GuardDuty EKS Audit Log finding types.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add Node 20 (nodejs20.x) support to AWS Lambda.", + "type": "api-change" + }, + { + "category": "``lexv2-models``", + "description": "Update lexv2-models command to latest version", + "type": "api-change" + }, + { + "category": "``omics``", + "description": "Adding Run UUID and Run Output URI: GetRun and StartRun API response has two new fields \"uuid\" and \"runOutputUri\".", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This Amazon RDS release adds support for patching the OS of an RDS Custom for Oracle DB instance. You can now upgrade the database or operating system using the modify-db-instance command.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Added a new parameter in the workgroup that helps you control your cost for compute resources. This feature provides a ceiling for RPUs that Amazon Redshift Serverless can scale up to. When automatic compute scaling is required, having a higher value for MaxRPU can enhance query throughput.", + "type": "api-change" + }, + { + "category": "``resiliencehub``", + "description": "AWS Resilience Hub enhances Resiliency Score, providing actionable recommendations to improve application resilience. Amazon Elastic Kubernetes Service (EKS) operational recommendations have been added to help improve the resilience posture of your applications.", + "type": "api-change" + }, + { + "category": "``sqs``", + "description": "This release enables customers to call SQS using AWS JSON-1.0 protocol.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.82.json b/.changes/1.29.82.json new file mode 100644 index 000000000000..b59b12190dd3 --- /dev/null +++ b/.changes/1.29.82.json @@ -0,0 +1,7 @@ +[ + { + "category": "``sqs``", + "description": "This release enables customers to call SQS using AWS JSON-1.0 protocol and bug fix.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.83.json b/.changes/1.29.83.json new file mode 100644 index 000000000000..b7fe7a674465 --- /dev/null +++ b/.changes/1.29.83.json @@ -0,0 +1,52 @@ +[ + { + "category": "``cloudformation``", + "description": "Added new ConcurrencyMode feature for AWS CloudFormation StackSets for faster deployments to target accounts.", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "The Insights in Lake feature lets customers enable CloudTrail Insights on a source CloudTrail Lake event data store and create a destination event data store to collect Insights events based on unusual management event activity in the source event data store.", + "type": "api-change" + }, + { + "category": "``comprehend``", + "description": "This release adds support for toxicity detection and prompt safety classification.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release adds the ability to integrate customer lambda functions with Connect attachments for scanning and updates the ListIntegrationAssociations API to support filtering on IntegrationArn.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "AWS EBS now supports Block Public Access for EBS Snapshots. This release introduces the EnableSnapshotBlockPublicAccess, DisableSnapshotBlockPublicAccess and GetSnapshotBlockPublicAccessState APIs to manage account-level public access settings for EBS Snapshots in an AWS Region.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Adding EKS Anywhere subscription related operations.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add Custom runtime on Amazon Linux 2023 (provided.al2023) support to AWS Lambda.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Update to support new APIs for delivery of logs from AWS services.", + "type": "api-change" + }, + { + "category": "``omics``", + "description": "Support UBAM filetype for Omics Storage and make referenceArn optional", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.84.json b/.changes/1.29.84.json new file mode 100644 index 000000000000..ad8b88e37764 --- /dev/null +++ b/.changes/1.29.84.json @@ -0,0 +1,42 @@ +[ + { + "category": "``controltower``", + "description": "AWS Control Tower supports tagging for enabled controls. This release introduces TagResource, UntagResource and ListTagsForResource APIs to manage tags in existing enabled controls. It updates EnabledControl API to tag resources at creation time.", + "type": "api-change" + }, + { + "category": "``cur``", + "description": "This release adds support for tagging and customers can now tag report definitions. Additionally, ReportStatus is now added to report definition to show when the last delivered time stamp and if it succeeded or not.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "EC2 adds API updates to enable ENA Express at instance launch time.", + "type": "api-change" + }, + { + "category": "``fms``", + "description": "Adds optimizeUnassociatedWebACL flag to ManagedServiceData, updates third-party firewall examples, and other minor documentation updates.", + "type": "api-change" + }, + { + "category": "``marketplace-entitlement``", + "description": "Update marketplace-entitlement command to latest version", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release includes the ability to specify any input source as the primary input for corresponding follow modes, and allows users to specify fit and fill behaviors without resizing content.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for zero-ETL integrations.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.29.85.json b/.changes/1.29.85.json new file mode 100644 index 000000000000..7a3e62be3663 --- /dev/null +++ b/.changes/1.29.85.json @@ -0,0 +1,37 @@ +[ + { + "category": "``dataexchange``", + "description": "Removed Required trait for DataSet.OriginDetails.ProductId.", + "type": "api-change" + }, + { + "category": "``dms``", + "description": "Added new Db2 LUW Target endpoint with related endpoint settings. New executeTimeout endpoint setting for mysql endpoint. New ReplicationDeprovisionTime field for serverless describe-replications.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Adds the new EC2 DescribeInstanceTopology API, which you can use to retrieve the network topology of your running instances on select platform types to determine their relative proximity to each other.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "Adds a Client Token parameter to the ECS RunTask API. The Client Token parameter allows for idempotent RunTask requests.", + "type": "api-change" + }, + { + "category": "``emr``", + "description": "Update emr command to latest version", + "type": "api-change" + }, + { + "category": "``servicecatalog-appregistry``", + "description": "When the customer associates a resource collection to their application with this new feature, then a new application tag will be applied to all supported resources that are part of that collection. This allows customers to more easily find the application that is associated with those resources.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.30.0.json b/.changes/1.30.0.json new file mode 100644 index 000000000000..08aa15d0c495 --- /dev/null +++ b/.changes/1.30.0.json @@ -0,0 +1,72 @@ +[ + { + "category": "``backup``", + "description": "AWS Backup - Features: Provide Job Summary for your backup activity.", + "type": "api-change" + }, + { + "category": "``cleanrooms``", + "description": "This feature provides the ability for the collaboration creator to configure either the member who can run queries or a different member in the collaboration to be billed for query compute costs.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Introducing SegmentAttributes parameter for StartChatContact API", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Introduces new storage optimization APIs to support automatic compaction of Apache Iceberg tables.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "This release introduces new attributes in API CreateSecurityProfile, UpdateSecurityProfile and DescribeSecurityProfile to support management of Metrics Export for AWS IoT Device Defender Detect.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add Python 3.12 (python3.12) support to AWS Lambda", + "type": "api-change" + }, + { + "category": "``mediatailor``", + "description": "Removed unnecessary default values.", + "type": "api-change" + }, + { + "category": "``pipes``", + "description": "Added support (via new LogConfiguration field in CreatePipe and UpdatePipe APIs) for logging to Amazon CloudWatch Logs, Amazon Simple Storage Service (Amazon S3), and Amazon Kinesis Data Firehose", + "type": "api-change" + }, + { + "category": "``resource-explorer-2``", + "description": "Resource Explorer supports multi-account search. You can now use Resource Explorer to search and discover resources across AWS accounts within your organization or organizational unit.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release makes Model Registry Inference Specification fields as not required.", + "type": "api-change" + }, + { + "category": "``signer``", + "description": "Documentation updates for AWS Signer", + "type": "api-change" + }, + { + "category": "``stepfunctions``", + "description": "Update stepfunctions command to latest version", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + }, + { + "category": "ContainerProvider", + "description": "Added Support for EKS container credentials", + "type": "feature" + } +] \ No newline at end of file diff --git a/.changes/1.30.1.json b/.changes/1.30.1.json new file mode 100644 index 000000000000..064ca5543663 --- /dev/null +++ b/.changes/1.30.1.json @@ -0,0 +1,62 @@ +[ + { + "category": "``autoscaling``", + "description": "This release introduces Instance Maintenance Policy, a new EC2 Auto Scaling capability that allows customers to define whether instances are launched before or after existing instances are terminated during instance replacement operations.", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "The Lake Repricing feature lets customers configure a BillingMode for an event data store. The BillingMode determines the cost for ingesting and storing events and the default and maximum retention period for the event data store.", + "type": "api-change" + }, + { + "category": "``codecatalyst``", + "description": "This release adds functionality for retrieving information about workflows and workflow runs and starting workflow runs in Amazon CodeCatalyst.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "AWS EBS now supports Snapshot Lock, giving users the ability to lock an EBS Snapshot to prohibit deletion of the snapshot. This release introduces the LockSnapshot, UnlockSnapshot & DescribeLockedSnapshots APIs to manage lock configuration for snapshots. The release also includes the dl2q_24xlarge.", + "type": "api-change" + }, + { + "category": "``finspace-data``", + "description": "Adding deprecated trait to APIs in this name space.", + "type": "api-change" + }, + { + "category": "``finspace``", + "description": "Adding deprecated trait on Dataset Browser Environment APIs", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add Java 21 (java21) support to AWS Lambda", + "type": "api-change" + }, + { + "category": "``mwaa``", + "description": "This Amazon MWAA release adds support for customer-managed VPC endpoints. This lets you choose whether to create, and manage your environment's VPC endpoints, or to have Amazon MWAA create, and manage them for you.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for support for upgrading RDS for MySQL snapshots from version 5.7 to version 8.0.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "The custom domain name SDK for Amazon Redshift provisioned clusters is updated with additional required parameters for modify and delete operations. Additionally, users can provide domain names with longer top-level domains.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "Add 5 APIs to create, update, get, list, delete S3 Storage Lens group(eg. CreateStorageLensGroup), 3 APIs for tagging(TagResource,UntagResource,ListTagsForResource), and update to StorageLensConfiguration to allow metrics to be aggregated on Storage Lens groups.", + "type": "api-change" + }, + { + "category": "``ssm-sap``", + "description": "Update the default value of MaxResult to 50.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.30.2.json b/.changes/1.30.2.json new file mode 100644 index 000000000000..eb07e5c89dd7 --- /dev/null +++ b/.changes/1.30.2.json @@ -0,0 +1,107 @@ +[ + { + "category": "``codecatalyst``", + "description": "This release includes updates to the Dev Environment APIs to include an optional vpcConnectionName parameter that supports using Dev Environments with Amazon VPC.", + "type": "api-change" + }, + { + "category": "``dlm``", + "description": "This release adds support for Amazon Data Lifecycle Manager default policies for EBS snapshots and EBS-backed AMIs.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Enable use of tenant-specific PublicSigningKeyUrl from device trust providers and onboard jumpcloud as a new device trust provider.", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "Enables customers to update their PerUnitStorageThroughput on their Lustre file systems.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Introduces new column statistics APIs to support statistics generation for tables within the Glue Data Catalog.", + "type": "api-change" + }, + { + "category": "``imagebuilder``", + "description": "This release adds the Image Lifecycle Management feature to automate the process of deprecating, disabling and deleting outdated images and their associated resources.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "GA release the ability to index and search devices based on their GeoLocation data. With GeoQueries you can narrow your search to retrieve devices located in the desired geographic boundary.", + "type": "api-change" + }, + { + "category": "``ivs-realtime``", + "description": "This release introduces server side composition and recording for stages.", + "type": "api-change" + }, + { + "category": "``kafka``", + "description": "Added a new API response field which determines if there is an action required from the customer regarding their cluster.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Adds support for logging configuration in Lambda Functions. Customers will have more control how their function logs are captured and to which cloud watch log group they are delivered also.", + "type": "api-change" + }, + { + "category": "``macie2``", + "description": "This release adds support for configuring Macie to assume an IAM role when retrieving sample occurrences of sensitive data reported by findings.", + "type": "api-change" + }, + { + "category": "``mediapackage``", + "description": "DRM_TOP_LEVEL_COMPACT allows placing content protection elements at the MPD level and referenced at the AdaptationSet level", + "type": "api-change" + }, + { + "category": "``pinpoint-sms-voice-v2``", + "description": "Amazon Pinpoint now offers additional operations as part of version 2 of the SMS and voice APIs. This release includes 26 new APIs to create and manage phone number registrations, add verified destination numbers, and request sender IDs.", + "type": "api-change" + }, + { + "category": "``polly``", + "description": "Add new engine - long-form - dedicated for longer content, such as news articles, training materials, or marketing videos.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Custom permission support for QuickSight roles; Three new datasources STARBURST, TRINO, BIGQUERY; Lenient mode changes the default behavior to allow for exporting and importing with certain UI allowed errors, Support for permissions and tags export and import.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker Studio now supports Trainium instance types - trn1.2xlarge, trn1.32xlarge, trn1n.32xlarge.", + "type": "api-change" + }, + { + "category": "``ssm-incidents``", + "description": "Introduces new APIs ListIncidentFindings and BatchGetIncidentFindings to use findings related to an incident.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "This release introduces the ability to filter automation execution steps which have parent steps. In addition, runbook variable information is returned by GetAutomationExecution and parent step information is returned by the DescribeAutomationStepExecutions API.", + "type": "api-change" + }, + { + "category": "``sso-admin``", + "description": "Instances bound to a single AWS account, API operations for managing instances and applications, and assignments to applications are now supported. Trusted identity propagation is also supported, with new API operations for managing trusted token issuers and application grants and scopes.", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "Introduced S3StorageOptions for servers to enable directory listing optimizations and added Type fields to logical directory mappings.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.30.3.json b/.changes/1.30.3.json new file mode 100644 index 000000000000..3c6d4d734293 --- /dev/null +++ b/.changes/1.30.3.json @@ -0,0 +1,167 @@ +[ + { + "category": "``ssm`` Session Manager", + "description": "Pass StartSession API response as environment variable to session-manager-plugin", + "type": "enhancement" + }, + { + "category": "``appmesh``", + "description": "Change the default value of these fields from 0 to null: MaxConnections, MaxPendingRequests, MaxRequests, HealthCheckThreshold, PortNumber, and HealthCheckPolicy -> port. Users are not expected to perceive the change, except that badRequestException is thrown when required fields missing configured.", + "type": "api-change" + }, + { + "category": "``athena``", + "description": "Adding SerivicePreProcessing time metric", + "type": "api-change" + }, + { + "category": "``cloud9``", + "description": "A minor doc only update related to changing the date of an API change.", + "type": "api-change" + }, + { + "category": "``cloudformation``", + "description": "This release adds a new flag ImportExistingResources to CreateChangeSet. Specify this parameter on a CREATE- or UPDATE-type change set to import existing resources with custom names instead of recreating them.", + "type": "api-change" + }, + { + "category": "``codepipeline``", + "description": "CodePipeline now supports overriding source revisions to achieve manual re-deploy of a past revision", + "type": "api-change" + }, + { + "category": "``codestar-connections``", + "description": "This release adds support for the CloudFormation Git sync feature. Git sync enables updating a CloudFormation stack from a template stored in a Git repository.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release adds WISDOM_QUICK_RESPONSES as new IntegrationType of Connect IntegrationAssociation resource and bug fixes.", + "type": "api-change" + }, + { + "category": "``dlm``", + "description": "Added support for SAP HANA in Amazon Data Lifecycle Manager EBS snapshot lifecycle policies with pre and post scripts.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds new features for Amazon VPC IP Address Manager (IPAM) Allowing a choice between Free and Advanced Tiers, viewing public IP address insights across regions and in Amazon Cloudwatch, use IPAM to plan your subnet IPs within a VPC and bring your own autonomous system number to IPAM.", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "Documentation and operational updates for Amazon ECR, adding support for pull through cache rules for upstream registries that require authentication.", + "type": "api-change" + }, + { + "category": "``emr``", + "description": "Update emr command to latest version", + "type": "api-change" + }, + { + "category": "``events``", + "description": "Update events command to latest version", + "type": "api-change" + }, + { + "category": "``internetmonitor``", + "description": "Adds new querying capabilities for running data queries on a monitor", + "type": "api-change" + }, + { + "category": "``ivs``", + "description": "type & defaulting refinement to various range properties", + "type": "api-change" + }, + { + "category": "``ivschat``", + "description": "type & defaulting refinement to various range properties", + "type": "api-change" + }, + { + "category": "``kinesisvideo``", + "description": "Docs only build to bring up-to-date with public docs.", + "type": "api-change" + }, + { + "category": "``location``", + "description": "Remove default value and allow nullable for request parameters having minimum value larger than zero.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "MediaLive has now added support for per-output static image overlay.", + "type": "api-change" + }, + { + "category": "``mgn``", + "description": "Removed invalid and unnecessary default values.", + "type": "api-change" + }, + { + "category": "``osis``", + "description": "Add support for enabling a persistent buffer when creating or updating an OpenSearch Ingestion pipeline. Add tags to Pipeline and PipelineSummary response models.", + "type": "api-change" + }, + { + "category": "``pipes``", + "description": "TargetParameters now properly supports BatchJobParameters.ArrayProperties.Size and BatchJobParameters.RetryStrategy.Attempts being optional, and EcsTaskParameters.Overrides.EphemeralStorage.SizeInGiB now properly required when setting EphemeralStorage", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for option groups and replica enhancements to Amazon RDS Custom.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Updated SDK for Amazon Redshift Serverless, which provides the ability to configure a connection with IAM Identity Center to manage user and group access to databases.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Updated SDK for Amazon Redshift, which you can use to configure a connection with IAM Identity Center to manage access to databases. With these, you can create a connection through a managed application. You can also change a managed application, delete it, or get information about an existing one.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Removes all default 0 values for numbers and false values for booleans", + "type": "api-change" + }, + { + "category": "``sso-admin``", + "description": "Improves support for configuring RefreshToken and TokenExchange grants on applications.", + "type": "api-change" + }, + { + "category": "``sso-oidc``", + "description": "Adding support for `sso-oauth:CreateTokenWithIAM`.", + "type": "api-change" + }, + { + "category": "``sts``", + "description": "API updates for the AWS Security Token Service", + "type": "api-change" + }, + { + "category": "``trustedadvisor``", + "description": "AWS Trusted Advisor introduces new APIs to enable you to programmatically access Trusted Advisor best practice checks, recommendations, and prioritized recommendations. Trusted Advisor APIs enable you to integrate Trusted Advisor with your operational tools to automate your workloads.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Adding BatchIsAuthorized API which supports multiple authorization requests against a PolicyStore", + "type": "api-change" + }, + { + "category": "``wisdom``", + "description": "This release adds QuickResponse as a new Wisdom resource and Wisdom APIs for import, create, read, search, update and delete QuickResponse resources.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.30.4.json b/.changes/1.30.4.json new file mode 100644 index 000000000000..f5a173ee941d --- /dev/null +++ b/.changes/1.30.4.json @@ -0,0 +1,17 @@ +[ + { + "category": "``codestar-connections``", + "description": "This release updates a few CodeStar Connections related APIs.", + "type": "api-change" + }, + { + "category": "``docdb``", + "description": "Amazon DocumentDB updates for new cluster storage configuration: Amazon DocumentDB I/O-Optimized.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds support for Security group referencing over Transit gateways, enabling you to simplify Security group management and control of instance-to-instance traffic across VPCs that are connected by Transit gateway.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.30.5.json b/.changes/1.30.5.json new file mode 100644 index 000000000000..b3bedad778b6 --- /dev/null +++ b/.changes/1.30.5.json @@ -0,0 +1,42 @@ +[ + { + "category": "``cloudfront-keyvaluestore``", + "description": "This release adds support for CloudFront KeyValueStore, a globally managed key value datastore associated with CloudFront Functions.", + "type": "api-change" + }, + { + "category": "``cloudfront``", + "description": "This release adds support for CloudFront KeyValueStore, a globally managed key value datastore associated with CloudFront Functions.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Documentation updates for Amazon EC2.", + "type": "api-change" + }, + { + "category": "``inspector-scan``", + "description": "This release adds support for the new Amazon Inspector Scan API. The new Inspector Scan API can synchronously scan SBOMs adhering to the CycloneDX v1.5 format.", + "type": "api-change" + }, + { + "category": "``iotsitewise``", + "description": "Adds 1/ user-defined unique identifier for asset and model metadata, 2/ asset model components, and 3/ query API for asset metadata and telemetry data. Supports 4/ multi variate anomaly detection using Amazon Lookout for Equipment, 5/ warm storage tier, and 6/ buffered ingestion of time series data.", + "type": "api-change" + }, + { + "category": "``iottwinmaker``", + "description": "This release adds following support. 1. New APIs for metadata bulk operations. 2. Modify the component type API to support composite component types - nesting component types within one another. 3. New list APIs for components and properties. 4. Support the larger scope digital twin modeling.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Add support for automatic date based partitioning in S3 Server Access Logs.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.30.6.json b/.changes/1.30.6.json new file mode 100644 index 000000000000..14afe26cca70 --- /dev/null +++ b/.changes/1.30.6.json @@ -0,0 +1,22 @@ +[ + { + "category": "``kinesis``", + "description": "This release adds support for resource based policies on streams and consumers.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "Amazon S3 Batch Operations now manages buckets or prefixes in a single step.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This feature adds the end user license agreement status as a model access configuration parameter.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.30.7.json b/.changes/1.30.7.json new file mode 100644 index 000000000000..7e66b1a7eb75 --- /dev/null +++ b/.changes/1.30.7.json @@ -0,0 +1,197 @@ +[ + { + "category": "``accessanalyzer``", + "description": "IAM Access Analyzer now continuously monitors IAM roles and users in your AWS account or organization to generate findings for unused access. Additionally, IAM Access Analyzer now provides custom policy checks to validate that IAM policies adhere to your security standards ahead of deployments.", + "type": "api-change" + }, + { + "category": "``amp``", + "description": "This release adds support for the Amazon Managed Service for Prometheus collector, a fully managed, agentless Prometheus metrics scraping capability.", + "type": "api-change" + }, + { + "category": "``bcm-data-exports``", + "description": "Users can create, read, update, delete Exports of billing and cost management data. Users can get details of Export Executions and details of Tables for exporting. Tagging support is provided for Exports", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "CloudTrail Lake now supports federating event data stores. giving users the ability to run queries against their event data using Amazon Athena.", + "type": "api-change" + }, + { + "category": "``codestar-connections``", + "description": "This release adds support for the CloudFormation Git sync feature. Git sync enables updating a CloudFormation stack from a template stored in a Git repository.", + "type": "api-change" + }, + { + "category": "``compute-optimizer``", + "description": "This release enables AWS Compute Optimizer to analyze and generate recommendations with customization and discounts preferences.", + "type": "api-change" + }, + { + "category": "``config``", + "description": "Support Periodic Recording for Configuration Recorder", + "type": "api-change" + }, + { + "category": "``controltower``", + "description": "Add APIs to create and manage a landing zone.", + "type": "api-change" + }, + { + "category": "``cost-optimization-hub``", + "description": "This release launches Cost Optimization Hub, a new AWS Billing and Cost Management feature that helps you consolidate and prioritize cost optimization recommendations across your AWS Organizations member accounts and AWS Regions, so that you can get the most out of your AWS spend.", + "type": "api-change" + }, + { + "category": "``detective``", + "description": "Added new APIs in Detective to support resource investigations", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "Adds a new 'type' property to the Setting structure. Adds a new AccountSetting - guardDutyActivate for ECS.", + "type": "api-change" + }, + { + "category": "``efs``", + "description": "Update efs command to latest version", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "This release adds support for EKS Pod Identity feature. EKS Pod Identity makes it easy for customers to obtain IAM permissions for the applications running in their EKS clusters.", + "type": "api-change" + }, + { + "category": "``eks-auth``", + "description": "This release adds support for EKS Pod Identity feature. EKS Pod Identity makes it easy for customers to obtain IAM permissions for their applications running in the EKS clusters.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "Update elbv2 command to latest version", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + }, + { + "category": "``freetier``", + "description": "This is the initial SDK release for the AWS Free Tier GetFreeTierUsage API", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "Added support for FSx for ONTAP scale-out file systems and FlexGroup volumes. Added the HAPairs field and ThroughputCapacityPerHAPair for filesystem. Added AggregateConfiguration (containing Aggregates and ConstituentsPerAggregate) and SizeInBytes for volume.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Add support for Runtime Monitoring for ECS and ECS-EC2.", + "type": "api-change" + }, + { + "category": "``iotfleetwise``", + "description": "AWS IoT FleetWise introduces new APIs for vision system data, such as data collected from cameras, radars, and lidars. You can now model and decode complex data types.", + "type": "api-change" + }, + { + "category": "``lakeformation``", + "description": "This release adds four new APIs \"DescribeLakeFormationIdentityCenterConfiguration\", \"CreateLakeFormationIdentityCenterConfiguration\", \"DescribeLakeFormationIdentityCenterConfiguration\", and \"DeleteLakeFormationIdentityCenterConfiguration\", and also updates the corresponding documentation.", + "type": "api-change" + }, + { + "category": "``lexv2-models``", + "description": "Update lexv2-models command to latest version", + "type": "api-change" + }, + { + "category": "``lexv2-runtime``", + "description": "Update lexv2-runtime command to latest version", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Added APIs to Create, Update, Get, List and Delete LogAnomalyDetectors and List and Update Anomalies in Detector. Added LogGroupClass attribute for LogGroups to classify loggroup as Standard loggroup with all capabilities or InfrequentAccess loggroup with limited capabilities.", + "type": "api-change" + }, + { + "category": "``managedblockchain``", + "description": "Add optional NetworkType property to Accessor APIs", + "type": "api-change" + }, + { + "category": "``personalize``", + "description": "Enables metadata in recommendations, recommendations with themes, and next best action recommendations", + "type": "api-change" + }, + { + "category": "``personalize-events``", + "description": "This release enables PutActions and PutActionInteractions", + "type": "api-change" + }, + { + "category": "``personalize-runtime``", + "description": "Enables metadata in recommendations and next best action recommendations", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "This release launches new APIs for trusted identity propagation setup and supports creating datasources using trusted identity propagation as authentication method for QuickSight accounts configured with IAM Identity Center.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "This release adds support for multi-data warehouse writes through data sharing.", + "type": "api-change" + }, + { + "category": "``repostspace``", + "description": "Initial release of AWS re:Post Private", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Adding new params - Key and Prefix, to S3 API operations for supporting S3 Access Grants. Note - These updates will not change any of the existing S3 API functionality.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "Introduce Amazon S3 Access Grants, a new S3 access control feature that maps identities in directories such as Active Directory, or AWS Identity and Access Management (IAM) Principals, to datasets in S3.", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "AWS Secrets Manager has released the BatchGetSecretValue API, which allows customers to fetch up to 20 Secrets with a single request using a list of secret names or filters.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Adds and updates APIs to support customizable security controls. This feature allows Security Hub customers to provide custom parameters for security controls. With this release, findings for controls that support custom parameters will include the parameters used to generate the findings.", + "type": "api-change" + }, + { + "category": "``stepfunctions``", + "description": "Update stepfunctions command to latest version", + "type": "api-change" + }, + { + "category": "``transcribe``", + "description": "This release adds support for transcriptions from audio sources in 64 new languages and introduces generative call summarization in Transcribe Call Analytics (Post call)", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "The release introduces Multi-Region Resilience one-way data replication that allows you to replicate data from your primary WorkSpace to a standby WorkSpace in another AWS Region. DescribeWorkspaces now returns the status of data replication.", + "type": "api-change" + }, + { + "category": "``workspaces-thin-client``", + "description": "Initial release of Amazon WorkSpaces Thin Client", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.0.json b/.changes/1.31.0.json new file mode 100644 index 000000000000..6e21a9b85029 --- /dev/null +++ b/.changes/1.31.0.json @@ -0,0 +1,62 @@ +[ + { + "category": "``appsync``", + "description": "This update enables introspection of Aurora cluster databases using the RDS Data API", + "type": "api-change" + }, + { + "category": "``b2bi``", + "description": "This is the initial SDK release for AWS B2B Data Interchange.", + "type": "api-change" + }, + { + "category": "``backup``", + "description": "AWS Backup now supports restore testing, a new feature that allows customers to automate restore testing and validating their backups. Additionally, this release adds support for EBS Snapshots Archive tier.", + "type": "api-change" + }, + { + "category": "``controltower``", + "description": "This release adds the following support: 1. The EnableControl API can configure controls that are configurable. 2. The GetEnabledControl API shows the configured parameters on an enabled control. 3. The new UpdateEnabledControl API can change parameters on an enabled control.", + "type": "api-change" + }, + { + "category": "``efs``", + "description": "Update efs command to latest version", + "type": "api-change" + }, + { + "category": "``fis``", + "description": "AWS FIS adds support for multi-account experiments & empty target resolution. This release also introduces the CreateTargetAccountConfiguration API that allows experiments across multiple AWS accounts, and the ListExperimentResolvedTargets API to list target details.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "add observations support to DQ CodeGen config model + update document for connectiontypes supported by ConnectorData entities", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for support for RDS for Db2.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Adds and updates APIs to support central configuration. This feature allows the Security Hub delegated administrator to configure Security Hub for their entire AWS Org across multiple regions from a home Region. With this release, findings also include account name and application metadata.", + "type": "api-change" + }, + { + "category": "``transcribe``", + "description": "This release adds support for AWS HealthScribe APIs within Amazon Transcribe", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + }, + { + "category": "Versioning", + "description": "With the release of Botocore 1.33.0, Boto3 and Botocore will share the same version number.", + "type": "feature" + } +] \ No newline at end of file diff --git a/.changes/1.31.1.json b/.changes/1.31.1.json new file mode 100644 index 000000000000..524d2adedb74 --- /dev/null +++ b/.changes/1.31.1.json @@ -0,0 +1,7 @@ +[ + { + "category": "``elasticache``", + "description": "Launching Amazon ElastiCache Serverless that enables you to create a cache in under a minute without any capacity management. ElastiCache Serverless monitors the cache's memory, CPU, and network usage and scales both vertically and horizontally to support your application's requirements.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.10.json b/.changes/1.31.10.json new file mode 100644 index 000000000000..ce795f1ce9eb --- /dev/null +++ b/.changes/1.31.10.json @@ -0,0 +1,7 @@ +[ + { + "category": "``codedeploy``", + "description": "This release adds support for two new CodeDeploy features: 1) zonal deployments for Amazon EC2 in-place deployments, 2) deployments triggered by Auto Scaling group termination lifecycle hook events.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.11.json b/.changes/1.31.11.json new file mode 100644 index 000000000000..2ef30bee6811 --- /dev/null +++ b/.changes/1.31.11.json @@ -0,0 +1,17 @@ +[ + { + "category": "``cloudwatch``", + "description": "Update cloudwatch command to latest version", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "M2 Mac instances are built on Apple M2 Mac mini computers. I4i instances are powered by 3rd generation Intel Xeon Scalable processors. C7i compute optimized, M7i general purpose and R7i memory optimized instances are powered by custom 4th Generation Intel Xeon Scalable processors.", + "type": "api-change" + }, + { + "category": "``finspace``", + "description": "Releasing Scaling Group, Dataview, and Volume APIs", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.12.json b/.changes/1.31.12.json new file mode 100644 index 000000000000..7aac2551612a --- /dev/null +++ b/.changes/1.31.12.json @@ -0,0 +1,22 @@ +[ + { + "category": "``neptune``", + "description": "This release adds a new parameter configuration setting to the Neptune cluster related APIs that can be leveraged to switch between the underlying supported storage modes.", + "type": "api-change" + }, + { + "category": "``pinpoint``", + "description": "This release includes Amazon Pinpoint API documentation updates pertaining to campaign message sending rate limits.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Added new resource detail objects to ASFF, including resources for AwsDynamoDbTable, AwsEc2ClientVpnEndpoint, AwsMskCluster, AwsS3AccessPoint, AwsS3Bucket", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.13.json b/.changes/1.31.13.json new file mode 100644 index 000000000000..2647908eb0fb --- /dev/null +++ b/.changes/1.31.13.json @@ -0,0 +1,17 @@ +[ + { + "category": "``imagebuilder``", + "description": "This release adds the Image Workflows feature to give more flexibility and control over the image building and testing process.", + "type": "api-change" + }, + { + "category": "``location``", + "description": "This release 1) adds sub-municipality field in Places API for searching and getting places information, and 2) allows optimizing route calculation based on expected arrival time.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "This release introduces the StartLiveTail API to tail ingested logs in near real time.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.2.json b/.changes/1.31.2.json new file mode 100644 index 000000000000..d67780dd43ba --- /dev/null +++ b/.changes/1.31.2.json @@ -0,0 +1,62 @@ +[ + { + "category": "``accessanalyzer``", + "description": "This release adds support for external access findings for S3 directory buckets to help you easily identify cross-account access. Updated service API, documentation, and paginators.", + "type": "api-change" + }, + { + "category": "``bedrock``", + "description": "This release adds support for customization types, model life cycle status and minor versions/aliases for model identifiers.", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "This release introduces Agents for Amazon Bedrock", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "This release introduces Agents for Amazon Bedrock Runtime", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "This release adds support for minor versions/aliases for invoke model identifier.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Added support for following capabilities: Amazon Connect's in-app, web, and video calling. Two-way SMS integrations. Contact Lens real-time chat analytics feature. Amazon Connect Analytics Datalake capability. Capability to configure real time chat rules.", + "type": "api-change" + }, + { + "category": "``customer-profiles``", + "description": "This release introduces DetectProfileObjectType API to auto generate object type mapping.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Amazon Q - a generative AI powered application that your employees can use to ask questions and get answers from knowledge spread across disparate content repositories, summarize reports, write articles, take actions, and much more - all within their company's connected content repositories.", + "type": "api-change" + }, + { + "category": "``qconnect``", + "description": "Amazon Q in Connect, an LLM-enhanced evolution of Amazon Connect Wisdom. This release adds generative AI support to Amazon Q Connect QueryAssistant and GetRecommendations APIs.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Adds support for S3 Express One Zone.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "Adds support for S3 Express One Zone, and InvocationSchemaVersion 2.0 for S3 Batch Operations.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.3.json b/.changes/1.31.3.json new file mode 100644 index 000000000000..a14ff4ba8897 --- /dev/null +++ b/.changes/1.31.3.json @@ -0,0 +1,47 @@ +[ + { + "category": "``application-autoscaling``", + "description": "Amazon SageMaker customers can now use Application Auto Scaling to automatically scale the number of Inference Component copies across an endpoint to meet the varying demand of their workloads.", + "type": "api-change" + }, + { + "category": "``cleanrooms``", + "description": "AWS Clean Rooms now provides differential privacy to protect against user-identification attempts and machine learning modeling to allow two parties to identify similar users in their data.", + "type": "api-change" + }, + { + "category": "``cleanroomsml``", + "description": "Public Preview SDK release of AWS Clean Rooms ML APIs", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "Launching Amazon OpenSearch Service support for new zero-ETL integration with Amazon S3. Customers can now manage their direct query data sources to Amazon S3 programatically", + "type": "api-change" + }, + { + "category": "``opensearchserverless``", + "description": "Amazon OpenSearch Serverless collections support an additional attribute called standby-replicas. This allows to specify whether a collection should have redundancy enabled.", + "type": "api-change" + }, + { + "category": "``sagemaker-runtime``", + "description": "Update sagemaker-runtime command to latest version", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release adds following support 1/ Improved SDK tooling for model deployment. 2/ New Inference Component based features to lower inference costs and latency 3/ SageMaker HyperPod management. 4/ Additional parameters for FM Fine Tuning in Autopilot", + "type": "api-change" + }, + { + "category": "``sts``", + "description": "Documentation updates for AWS Security Token Service.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.4.json b/.changes/1.31.4.json new file mode 100644 index 000000000000..00de9fa404e0 --- /dev/null +++ b/.changes/1.31.4.json @@ -0,0 +1,27 @@ +[ + { + "category": "``marketplace-agreement``", + "description": "The AWS Marketplace Agreement Service provides an API interface that helps AWS Marketplace sellers manage their agreements, including listing, filtering, and viewing details about their agreements.", + "type": "api-change" + }, + { + "category": "``marketplace-catalog``", + "description": "This release enhances the ListEntities API to support new entity type-specific strongly typed filters in the request and entity type-specific strongly typed summaries in the response.", + "type": "api-change" + }, + { + "category": "``marketplace-deployment``", + "description": "AWS Marketplace Deployment is a new service that provides essential features that facilitate the deployment of software, data, and services procured through AWS Marketplace.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "This release adds the following support for Amazon Redshift Serverless: 1) cross-account cross-VPCs, 2) copying snapshots across Regions, 3) scheduling snapshot creation, and 4) restoring tables from a recovery point.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.5.json b/.changes/1.31.5.json new file mode 100644 index 000000000000..98789bebbfa1 --- /dev/null +++ b/.changes/1.31.5.json @@ -0,0 +1,17 @@ +[ + { + "category": "``arc-zonal-shift``", + "description": "This release adds a new capability, zonal autoshift. You can configure zonal autoshift so that AWS shifts traffic for a resource away from an Availability Zone, on your behalf, when AWS determines that there is an issue that could potentially affect customers in the Availability Zone.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Adds observation and analyzer support to the GetDataQualityResult and BatchGetDataQualityResult APIs.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release adds support for 1/ Code Editor, based on Code-OSS, Visual Studio Code Open Source, a new fully managed IDE option in SageMaker Studio 2/ JupyterLab, a new fully managed JupyterLab IDE experience in SageMaker Studio", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.6.json b/.changes/1.31.6.json new file mode 100644 index 000000000000..66ee657571e8 --- /dev/null +++ b/.changes/1.31.6.json @@ -0,0 +1,17 @@ +[ + { + "category": "``qconnect``", + "description": "This release adds the PutFeedback API and allows providing feedback against the specified assistant for the specified target.", + "type": "api-change" + }, + { + "category": "``rbin``", + "description": "Added resource identifier in the output and updated error handling.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Adds description field to PolicyStore API's and namespaces field to GetSchema.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.7.json b/.changes/1.31.7.json new file mode 100644 index 000000000000..d52fd338ef0c --- /dev/null +++ b/.changes/1.31.7.json @@ -0,0 +1,42 @@ +[ + { + "category": "``billingconductor``", + "description": "This release adds the ability to specify a linked account of the billing group for the custom line item resource.", + "type": "api-change" + }, + { + "category": "``braket``", + "description": "This release enhances service support to create quantum tasks and hybrid jobs associated with Braket Direct Reservations.", + "type": "api-change" + }, + { + "category": "``cloud9``", + "description": "This release adds the requirement to include the imageId parameter in the CreateEnvironmentEC2 API call.", + "type": "api-change" + }, + { + "category": "``cloudformation``", + "description": "Including UPDATE_* states as a success status for CreateStack waiter.", + "type": "api-change" + }, + { + "category": "``finspace``", + "description": "Release General Purpose type clusters", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "Adds support for custom color correction on channels using 3D LUT files.", + "type": "api-change" + }, + { + "category": "``servicecatalog-appregistry``", + "description": "Documentation-only updates for Dawn", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.8.json b/.changes/1.31.8.json new file mode 100644 index 000000000000..761937821522 --- /dev/null +++ b/.changes/1.31.8.json @@ -0,0 +1,22 @@ +[ + { + "category": "``athena``", + "description": "Adding IdentityCenter enabled request for interactive query", + "type": "api-change" + }, + { + "category": "``cleanroomsml``", + "description": "Updated service title from cleanroomsml to CleanRoomsML.", + "type": "api-change" + }, + { + "category": "``cloudformation``", + "description": "Documentation update, December 2023", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Adds A10G, T4G, and H100 as accelerator name options and Habana as an accelerator manufacturer option for attribute based selection", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.31.9.json b/.changes/1.31.9.json new file mode 100644 index 000000000000..4cc8ed839cae --- /dev/null +++ b/.changes/1.31.9.json @@ -0,0 +1,27 @@ +[ + { + "category": "``backup``", + "description": "AWS Backup - Features: Add VaultType to the output of DescribeRecoveryPoint, ListRecoveryPointByBackupVault API and add ResourceType to the input of ListRestoreJobs API", + "type": "api-change" + }, + { + "category": "``comprehend``", + "description": "Documentation updates for Trust and Safety features.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Releasing Tagging Support for Instance Management APIS", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Releasing the new cpuManufacturer attribute within the DescribeInstanceTypes API response which notifies our customers with information on who the Manufacturer is for the processor attached to the instance, for example: Intel.", + "type": "api-change" + }, + { + "category": "``payment-cryptography``", + "description": "AWS Payment Cryptography IPEK feature release", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.0.json b/.changes/1.32.0.json new file mode 100644 index 000000000000..972b224e5899 --- /dev/null +++ b/.changes/1.32.0.json @@ -0,0 +1,17 @@ +[ + { + "category": "Python", + "description": "End of support for Python 3.7", + "type": "feature" + }, + { + "category": "``drs``", + "description": "Adding AgentVersion to SourceServer and RecoveryInstance structures", + "type": "api-change" + }, + { + "category": "Python", + "description": "End of support for Python 3.7", + "type": "feature" + } +] \ No newline at end of file diff --git a/.changes/1.32.1.json b/.changes/1.32.1.json new file mode 100644 index 000000000000..90d902c67aee --- /dev/null +++ b/.changes/1.32.1.json @@ -0,0 +1,67 @@ +[ + { + "category": "``appstream``", + "description": "This release includes support for images of Windows Server 2022 platform.", + "type": "api-change" + }, + { + "category": "``b2bi``", + "description": "Documentation updates for AWS B2B Data Interchange", + "type": "api-change" + }, + { + "category": "``billingconductor``", + "description": "Billing Conductor is releasing a new API, GetBillingGroupCostReport, which provides the ability to retrieve/view the Billing Group Cost Report broken down by attributes for a specific billing group.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release adds support for more granular billing using tags (key:value pairs)", + "type": "api-change" + }, + { + "category": "``controltower``", + "description": "Documentation updates for AWS Control Tower.", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "This release, 1) adds configurable buffering hints for the Splunk destination, and 2) reduces the minimum configurable buffering interval for supported destinations", + "type": "api-change" + }, + { + "category": "``gamelift``", + "description": "Amazon GameLift adds the ability to add and update the game properties of active game sessions.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "This release adds the ability to self-manage certificate signing in AWS IoT Core fleet provisioning using the new certificate provider resource.", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "This is the initial SDK release for Amazon Neptune Analytics", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "Updating documentation for Amazon OpenSearch Service support for new zero-ETL integration with Amazon S3.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Update Dashboard Links support; SingleAxisOptions support; Scatterplot Query limit support.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Updated note to ensure customers understand running modes.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.10.json b/.changes/1.32.10.json new file mode 100644 index 000000000000..f4a6f5745500 --- /dev/null +++ b/.changes/1.32.10.json @@ -0,0 +1,17 @@ +[ + { + "category": "``codestar-connections``", + "description": "New integration with the GitLab self-managed provider type.", + "type": "api-change" + }, + { + "category": "``kinesis-video-archived-media``", + "description": "NoDataRetentionException thrown when GetImages requested for a Stream that does not retain data (that is, has a DataRetentionInHours of 0).", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker Studio now supports Docker access from within app container", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.100.json b/.changes/1.32.100.json new file mode 100644 index 000000000000..0e44716ef270 --- /dev/null +++ b/.changes/1.32.100.json @@ -0,0 +1,22 @@ +[ + { + "category": "``b2bi``", + "description": "Documentation update to clarify the MappingTemplate definition.", + "type": "api-change" + }, + { + "category": "``budgets``", + "description": "This release adds tag support for budgets and budget actions.", + "type": "api-change" + }, + { + "category": "``resiliencehub``", + "description": "AWS Resilience Hub has expanded its drift detection capabilities by introducing a new type of drift detection - application resource drift. This new enhancement detects changes, such as the addition or deletion of resources within the application's input sources.", + "type": "api-change" + }, + { + "category": "``route53profiles``", + "description": "Doc only update for Route 53 profiles that fixes some link issues", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.101.json b/.changes/1.32.101.json new file mode 100644 index 000000000000..6971bf6b053b --- /dev/null +++ b/.changes/1.32.101.json @@ -0,0 +1,32 @@ +[ + { + "category": "``cognito-idp``", + "description": "Add EXTERNAL_PROVIDER enum value to UserStatusType.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Adding Precision Hardware Clock (PHC) to public API DescribeInstanceTypes", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "This release adds pull through cache rules support for GitLab container registry in Amazon ECR.", + "type": "api-change" + }, + { + "category": "``fms``", + "description": "The policy scope resource tag is always a string value, either a non-empty string or an empty string.", + "type": "api-change" + }, + { + "category": "``polly``", + "description": "Add new engine - generative - that builds the most expressive conversational voices.", + "type": "api-change" + }, + { + "category": "``sqs``", + "description": "This release adds MessageSystemAttributeNames to ReceiveMessageRequest to replace AttributeNames.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.102.json b/.changes/1.32.102.json new file mode 100644 index 000000000000..497a767fdae3 --- /dev/null +++ b/.changes/1.32.102.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bedrock-agent-runtime``", + "description": "This release adds support to provide guardrail configuration and modify inference parameters that are then used in RetrieveAndGenerate API in Agents for Amazon Bedrock.", + "type": "api-change" + }, + { + "category": "``pinpoint``", + "description": "This release adds support for specifying email message headers for Email Templates, Campaigns, Journeys and Send Messages.", + "type": "api-change" + }, + { + "category": "``route53resolver``", + "description": "Update the DNS Firewall settings to correct a spelling issue.", + "type": "api-change" + }, + { + "category": "``ssm-sap``", + "description": "Added support for application-aware start/stop of SAP applications running on EC2 instances, with SSM for SAP", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Adds policy effect and actions fields to Policy API's.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.103.json b/.changes/1.32.103.json new file mode 100644 index 000000000000..99caa64f2080 --- /dev/null +++ b/.changes/1.32.103.json @@ -0,0 +1,22 @@ +[ + { + "category": "``discovery``", + "description": "add v2 smoke tests and smithy smokeTests trait for SDK testing", + "type": "api-change" + }, + { + "category": "``greengrassv2``", + "description": "Mark ComponentVersion in ComponentDeploymentSpecification as required.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Introduced support for G6 instance types on Sagemaker Notebook Instances and on SageMaker Studio for JupyterLab and CodeEditor applications.", + "type": "api-change" + }, + { + "category": "``sso-oidc``", + "description": "Updated request parameters for PKCE support.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.104.json b/.changes/1.32.104.json new file mode 100644 index 000000000000..c0d01b9af359 --- /dev/null +++ b/.changes/1.32.104.json @@ -0,0 +1,12 @@ +[ + { + "category": "``events``", + "description": "Amazon EventBridge introduces KMS customer-managed key (CMK) encryption support for custom and partner events published on EventBridge Event Bus (including default bus) and UpdateEventBus API.", + "type": "api-change" + }, + { + "category": "``vpc-lattice``", + "description": "This release adds TLS Passthrough support. It also increases max number of target group per rule to 10.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.105.json b/.changes/1.32.105.json new file mode 100644 index 000000000000..ed70d806d04e --- /dev/null +++ b/.changes/1.32.105.json @@ -0,0 +1,12 @@ +[ + { + "category": "``connect``", + "description": "Amazon Connect provides enhanced search capabilities for flows & flow modules on the Connect admin website and programmatically using APIs. You can search for flows and flow modules by name, description, type, status, and tags, to filter and identify a specific flow in your Connect instances.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Updated a few x-id in the http uri traits", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.106.json b/.changes/1.32.106.json new file mode 100644 index 000000000000..12704461fb3d --- /dev/null +++ b/.changes/1.32.106.json @@ -0,0 +1,32 @@ +[ + { + "category": "``bedrock-agent-runtime``", + "description": "Updating Bedrock Knowledge Base Metadata & Filters feature with two new filters listContains and stringContains", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "CodeBuild Reserved Capacity VPC Support", + "type": "api-change" + }, + { + "category": "``datasync``", + "description": "Task executions now display a CANCELLING status when an execution is in the process of being cancelled.", + "type": "api-change" + }, + { + "category": "``grafana``", + "description": "This release adds new ServiceAccount and ServiceAccountToken APIs.", + "type": "api-change" + }, + { + "category": "``medical-imaging``", + "description": "Added support for importing medical imaging data from Amazon S3 buckets across accounts and regions.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Documentation-only update for AWS Security Hub", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.107.json b/.changes/1.32.107.json new file mode 100644 index 000000000000..86f9024a6f56 --- /dev/null +++ b/.changes/1.32.107.json @@ -0,0 +1,37 @@ +[ + { + "category": "``acm-pca``", + "description": "This release adds support for waiters to fail on AccessDeniedException when having insufficient permissions", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Adding Contact Flow metrics to the GetMetricDataV2 API", + "type": "api-change" + }, + { + "category": "``kafka``", + "description": "AWS MSK support for Broker Removal.", + "type": "api-change" + }, + { + "category": "``mwaa``", + "description": "Amazon MWAA now supports Airflow web server auto scaling to automatically handle increased demand from REST APIs, Command Line Interface (CLI), or more Airflow User Interface (UI) users. Customers can specify maximum and minimum web server instances during environment creation and update workflow.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "This release adds DescribeKeyRegistration and UpdateKeyRegistration APIs to manage QuickSight Customer Managed Keys (CMK).", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Introduced WorkerAccessConfiguration to SageMaker Workteam. This allows customers to configure resource access for workers in a workteam.", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Documentation updates for AWS Secrets Manager", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.108.json b/.changes/1.32.108.json new file mode 100644 index 000000000000..25b8a8ec9f84 --- /dev/null +++ b/.changes/1.32.108.json @@ -0,0 +1,27 @@ +[ + { + "category": "``application-autoscaling``", + "description": "add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "Aws CodeBuild now supports 36 hours build timeout", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "This release adds dualstack-without-public-ipv4 IP address type for ALB.", + "type": "api-change" + }, + { + "category": "``lakeformation``", + "description": "Introduces a new API, GetDataLakePrincipal, that returns the identity of the invoking principal", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "Enable use of CloudFormation traits in Smithy model to improve generated CloudFormation schema from the Smithy API model.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.109.json b/.changes/1.32.109.json new file mode 100644 index 000000000000..447147c7cf92 --- /dev/null +++ b/.changes/1.32.109.json @@ -0,0 +1,32 @@ +[ + { + "category": "``bedrock-agent``", + "description": "This release adds support for using Guardrails with Bedrock Agents.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "This release adds support for using Guardrails with Bedrock Agents.", + "type": "api-change" + }, + { + "category": "``controltower``", + "description": "Added ListControlOperations API and filtering support for ListEnabledControls API. Updates also includes added metadata for enabled controls and control operations.", + "type": "api-change" + }, + { + "category": "``osis``", + "description": "Add support for creating an OpenSearch Ingestion pipeline that is attached to a provided VPC. Add information about the destinations of an OpenSearch Ingestion pipeline to the GetPipeline and ListPipelines APIs.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for EngineLifecycleSupport on DBInstances, DBClusters, and GlobalClusters.", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "add v2 smoke tests and smithy smokeTests trait for SDK testing", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.11.json b/.changes/1.32.11.json new file mode 100644 index 000000000000..60b364745942 --- /dev/null +++ b/.changes/1.32.11.json @@ -0,0 +1,17 @@ +[ + { + "category": "``apprunner``", + "description": "AWS App Runner adds Python 3.11 and Node.js 18 runtimes.", + "type": "api-change" + }, + { + "category": "``location``", + "description": "This release introduces a new parameter to bypasses an API key's expiry conditions and delete the key.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Add LinkEntityArn support for different partitions; Add UnsupportedUserEditionException in UpdateDashboardLinks API; Add support for New Reader Experience Topics", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.110.json b/.changes/1.32.110.json new file mode 100644 index 000000000000..b0ae3518b3a0 --- /dev/null +++ b/.changes/1.32.110.json @@ -0,0 +1,37 @@ +[ + { + "category": "``cloudfront``", + "description": "Model update; no change to SDK functionality.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Add Maintenance window to CreateJob and UpdateJob APIs and JobRun response. Add a new Job Run State for EXPIRED.", + "type": "api-change" + }, + { + "category": "``lightsail``", + "description": "This release adds support for Amazon Lightsail instances to switch between dual-stack or IPv4 only and IPv6-only public IP address types.", + "type": "api-change" + }, + { + "category": "``mailmanager``", + "description": "This release includes a new Amazon SES feature called Mail Manager, which is a set of email gateway capabilities designed to help customers strengthen their organization's email infrastructure, simplify email workflow management, and streamline email compliance control.", + "type": "api-change" + }, + { + "category": "``pi``", + "description": "Performance Insights added a new input parameter called AuthorizedActions to support the fine-grained access feature. Performance Insights also restricted the acceptable input characters.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for Db2 license through AWS Marketplace.", + "type": "api-change" + }, + { + "category": "``storagegateway``", + "description": "Added new SMBSecurityStrategy enum named MandatoryEncryptionNoAes128, new mode enforces encryption and disables AES 128-bit algorithums.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.111.json b/.changes/1.32.111.json new file mode 100644 index 000000000000..cf003dd00422 --- /dev/null +++ b/.changes/1.32.111.json @@ -0,0 +1,27 @@ +[ + { + "category": "``chatbot``", + "description": "This change adds support for tagging Chatbot configurations.", + "type": "api-change" + }, + { + "category": "``cloudformation``", + "description": "Added DeletionMode FORCE_DELETE_STACK for deleting a stack that is stuck in DELETE_FAILED state due to resource deletion failure.", + "type": "api-change" + }, + { + "category": "``kms``", + "description": "This release includes feature to import customer's asymmetric (RSA, ECC and SM2) and HMAC keys into KMS in China.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release adds support for enabling or disabling a data source configured as part of Zero-ETL integration with Amazon S3, by setting its status.", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "You can now use Security Lake to collect web ACL traffic data.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.112.json b/.changes/1.32.112.json new file mode 100644 index 000000000000..bc271e879692 --- /dev/null +++ b/.changes/1.32.112.json @@ -0,0 +1,12 @@ +[ + { + "category": "``emr-serverless``", + "description": "This release adds the capability to run interactive workloads using Apache Livy Endpoint.", + "type": "api-change" + }, + { + "category": "``opsworks``", + "description": "Documentation-only update for OpsWorks Stacks.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.113.json b/.changes/1.32.113.json new file mode 100644 index 000000000000..cfa389e1f494 --- /dev/null +++ b/.changes/1.32.113.json @@ -0,0 +1,17 @@ +[ + { + "category": "``dynamodb``", + "description": "Documentation only updates for DynamoDB.", + "type": "api-change" + }, + { + "category": "``iotfleetwise``", + "description": "AWS IoT FleetWise now supports listing vehicles with attributes filter, ListVehicles API is updated to support additional attributes filter.", + "type": "api-change" + }, + { + "category": "``managedblockchain``", + "description": "This is a minor documentation update to address the impact of the shut down of the Goerli and Polygon networks.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.114.json b/.changes/1.32.114.json new file mode 100644 index 000000000000..bd7cd32b2ce4 --- /dev/null +++ b/.changes/1.32.114.json @@ -0,0 +1,22 @@ +[ + { + "category": "``dynamodb``", + "description": "Doc-only update for DynamoDB. Specified the IAM actions needed to authorize a user to create a table with a resource-based policy.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Providing support to accept BgpAsnExtended attribute", + "type": "api-change" + }, + { + "category": "``kafka``", + "description": "Adds ControllerNodeInfo in ListNodes response to support Raft mode for MSK", + "type": "api-change" + }, + { + "category": "``swf``", + "description": "This release adds new APIs for deleting activity type and workflow type resources.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.115.json b/.changes/1.32.115.json new file mode 100644 index 000000000000..a66e32cfa7f1 --- /dev/null +++ b/.changes/1.32.115.json @@ -0,0 +1,27 @@ +[ + { + "category": "``athena``", + "description": "Throwing validation errors on CreateNotebook with Name containing `/`,`:`,`\\`", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "AWS CodeBuild now supports manually creating GitHub webhooks", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release includes changes to DescribeContact API's response by including ConnectedToSystemTimestamp, RoutingCriteria, Customer, Campaign, AnsweringMachineDetectionStatus, CustomerVoiceActivity, QualityMetrics, DisconnectDetails, and SegmentAttributes information from a contact in Amazon Connect.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Add optional field JobMode to CreateJob and UpdateJob APIs.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Add ROOT type for TargetType model", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.116.json b/.changes/1.32.116.json new file mode 100644 index 000000000000..6f7787e74ca4 --- /dev/null +++ b/.changes/1.32.116.json @@ -0,0 +1,47 @@ +[ + { + "category": "``acm``", + "description": "add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "With this release, Knowledge bases for Bedrock adds support for Titan Text Embedding v2.", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "This release adds Converse and ConverseStream APIs to Bedrock Runtime", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "CloudTrail Lake returns PartitionKeys in the GetEventDataStore API response. Events are grouped into partitions based on these keys for better query performance. For example, the calendarday key groups events by day, while combining the calendarday key with the hour key groups them by day and hour.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Adding associatedQueueIds as a SearchCriteria and response field to the SearchRoutingProfiles API", + "type": "api-change" + }, + { + "category": "``emr-serverless``", + "description": "The release adds support for spark structured streaming.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for Aurora Postgres DBname.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adds Model Card information as a new component to Model Package. Autopilot launches algorithm selection for TimeSeries modality to generate AutoML candidates per algorithm.", + "type": "api-change" + }, + { + "category": "``ssm start-session``", + "description": "Only provide profile name to session-manager-plugin if provided using --profile flag", + "type": "bugfix" + } +] \ No newline at end of file diff --git a/.changes/1.32.117.json b/.changes/1.32.117.json new file mode 100644 index 000000000000..abbe7aba702d --- /dev/null +++ b/.changes/1.32.117.json @@ -0,0 +1,22 @@ +[ + { + "category": "``codebuild``", + "description": "AWS CodeBuild now supports Self-hosted GitHub Actions runners for Github Enterprise", + "type": "api-change" + }, + { + "category": "``codeguru-security``", + "description": "This release includes minor model updates and documentation updates.", + "type": "api-change" + }, + { + "category": "``elasticache``", + "description": "Update to attributes of TestFailover and minor revisions.", + "type": "api-change" + }, + { + "category": "``launch-wizard``", + "description": "This release adds support for describing workload deployment specifications, deploying additional workload types, and managing tags for Launch Wizard resources with API operations.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.12.json b/.changes/1.32.12.json new file mode 100644 index 000000000000..5b653b81fa52 --- /dev/null +++ b/.changes/1.32.12.json @@ -0,0 +1,12 @@ +[ + { + "category": "``connect``", + "description": "Amazon Connect, Contact Lens Evaluation API increase evaluation notes max length to 3072.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release includes video engine updates including HEVC improvements, support for ingesting VP9 encoded video in MP4 containers, and support for user-specified 3D LUTs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.13.json b/.changes/1.32.13.json new file mode 100644 index 000000000000..7bf55600c72f --- /dev/null +++ b/.changes/1.32.13.json @@ -0,0 +1,47 @@ +[ + { + "category": "``config``", + "description": "Updated ResourceType enum with new resource types onboarded by AWS Config in November and December 2023.", + "type": "api-change" + }, + { + "category": "``docdb``", + "description": "Adding PerformanceInsightsEnabled and PerformanceInsightsKMSKeyId fields to DescribeDBInstances Response.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release adds support for managed instance draining which facilitates graceful termination of Amazon ECS instances.", + "type": "api-change" + }, + { + "category": "``es``", + "description": "This release adds support for new or existing Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward secrecy cipher suites for domain endpoints.", + "type": "api-change" + }, + { + "category": "``lightsail``", + "description": "This release adds support to set up an HTTPS endpoint on an instance.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release adds support for new or existing Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward secrecy cipher suites for domain endpoints.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adding support for provisioned throughput mode for SageMaker Feature Groups", + "type": "api-change" + }, + { + "category": "``servicecatalog``", + "description": "Added Idempotency token support to Service Catalog AssociateServiceActionWithProvisioningArtifact, DisassociateServiceActionFromProvisioningArtifact, DeleteServiceAction API", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.14.json b/.changes/1.32.14.json new file mode 100644 index 000000000000..7faf07f8c302 --- /dev/null +++ b/.changes/1.32.14.json @@ -0,0 +1,17 @@ +[ + { + "category": "``connect``", + "description": "Minor trait updates for User APIs", + "type": "api-change" + }, + { + "category": "``kms``", + "description": "Documentation updates for AWS Key Management Service (KMS).", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "use_fips_ssl and require_ssl parameter support for Workgroup, UpdateWorkgroup, and CreateWorkgroup", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.15.json b/.changes/1.32.15.json new file mode 100644 index 000000000000..b810c90ca1d3 --- /dev/null +++ b/.changes/1.32.15.json @@ -0,0 +1,17 @@ +[ + { + "category": "``codebuild``", + "description": "Aws CodeBuild now supports new compute type BUILD_GENERAL1_XLARGE", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Amazon EC2 R7iz bare metal instances are powered by custom 4th generation Intel Xeon Scalable processors.", + "type": "api-change" + }, + { + "category": "``route53resolver``", + "description": "This release adds support for query type configuration on firewall rules that enables customers for granular action (ALLOW, ALERT, BLOCK) by DNS query type.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.16.json b/.changes/1.32.16.json new file mode 100644 index 000000000000..be3360a07e7b --- /dev/null +++ b/.changes/1.32.16.json @@ -0,0 +1,37 @@ +[ + { + "category": "``connectcampaigns``", + "description": "Minor pattern updates for Campaign and Dial Request API fields.", + "type": "api-change" + }, + { + "category": "``location``", + "description": "This release adds API support for custom layers for the maps service APIs: CreateMap, UpdateMap, DescribeMap.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Add support for account level subscription filter policies to PutAccountPolicy, DescribeAccountPolicies, and DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been modified with new optional \"selectionCriteria\" parameter for resource selection.", + "type": "api-change" + }, + { + "category": "``qconnect``", + "description": "QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Updates to ConfigParameter for RSS workgroup, removal of use_fips_ssl", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "Route53 now supports geoproximity routing in AWS regions", + "type": "api-change" + }, + { + "category": "``wisdom``", + "description": "QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.17.json b/.changes/1.32.17.json new file mode 100644 index 000000000000..0b26d6e77112 --- /dev/null +++ b/.changes/1.32.17.json @@ -0,0 +1,37 @@ +[ + { + "category": "``ec2``", + "description": "This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks.", + "type": "api-change" + }, + { + "category": "``events``", + "description": "Update events command to latest version", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "Add ConflictException to Update APIs of AWS IoT Software Package Catalog", + "type": "api-change" + }, + { + "category": "``iotfleetwise``", + "description": "The following dataTypes have been removed: CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType; CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason; CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Doc only update for Secrets Manager", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added AWS Workspaces RebootWorkspaces API - Extended Reboot documentation update", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.18.json b/.changes/1.32.18.json new file mode 100644 index 000000000000..4f791589d7b0 --- /dev/null +++ b/.changes/1.32.18.json @@ -0,0 +1,42 @@ +[ + { + "category": "``connect``", + "description": "Supervisor Barge for Chat is now supported through the MonitorContact API.", + "type": "api-change" + }, + { + "category": "``connectparticipant``", + "description": "Introduce new Supervisor participant role", + "type": "api-change" + }, + { + "category": "``location``", + "description": "Location SDK documentation update. Added missing fonts to the MapConfiguration data type. Updated note for the SubMunicipality property in the place data type.", + "type": "api-change" + }, + { + "category": "``mwaa``", + "description": "This Amazon MWAA feature release includes new fields in CreateWebLoginToken response model. The new fields IamIdentity and AirflowIdentity will let you match identifications, as the Airflow identity length is currently hashed to 64 characters.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "S3 On Outposts team adds dualstack endpoints support for S3Control and S3Outposts API calls.", + "type": "api-change" + }, + { + "category": "``supplychain``", + "description": "This release includes APIs CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob.", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "AWS Transfer Family now supports static IP addresses for SFTP & AS2 connectors and for async MDNs on AS2 servers.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.19.json b/.changes/1.32.19.json new file mode 100644 index 000000000000..89bc774774fd --- /dev/null +++ b/.changes/1.32.19.json @@ -0,0 +1,7 @@ +[ + { + "category": "``sagemaker``", + "description": "This release will have ValidationException thrown if certain invalid app types are provided. The release will also throw ValidationException if more than 10 account ids are provided in VpcOnlyTrustedAccounts.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.2.json b/.changes/1.32.2.json new file mode 100644 index 000000000000..58482956ed6b --- /dev/null +++ b/.changes/1.32.2.json @@ -0,0 +1,37 @@ +[ + { + "category": "``cloudformation package``", + "description": "Add support for intrinsic Fn:ForEach (fixes `#8075 `__)", + "type": "enhancement" + }, + { + "category": "``cloud9``", + "description": "Updated Cloud9 API documentation for AL2023 release", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Adds relatedContactId field to StartOutboundVoiceContact API input. Introduces PauseContact API and ResumeContact API for Task contacts. Adds pause duration, number of pauses, timestamps for last paused and resumed events to DescribeContact API response. Adds new Rule type and new Rule action.", + "type": "api-change" + }, + { + "category": "``connectcases``", + "description": "Increase number of fields that can be included in CaseEventIncludedData from 50 to 200", + "type": "api-change" + }, + { + "category": "``kms``", + "description": "Documentation updates for AWS Key Management Service", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation by adding code examples", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release 1) introduces a new API: DeleteCompilationJob , and 2) adds InfraCheckConfig for Create/Describe training job API", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.20.json b/.changes/1.32.20.json new file mode 100644 index 000000000000..4fd7c93d6b2d --- /dev/null +++ b/.changes/1.32.20.json @@ -0,0 +1,42 @@ +[ + { + "category": "``iot``", + "description": "Revert release of LogTargetTypes", + "type": "api-change" + }, + { + "category": "``iotfleetwise``", + "description": "Updated APIs: SignalNodeType query parameter has been added to ListSignalCatalogNodesRequest and ListVehiclesResponse has been extended with attributes field.", + "type": "api-change" + }, + { + "category": "``macie2``", + "description": "This release adds support for analyzing Amazon S3 objects that are encrypted using dual-layer server-side encryption with AWS KMS keys (DSSE-KMS). It also adds support for reporting DSSE-KMS details in statistics and metadata about encryption settings for S3 buckets and objects.", + "type": "api-change" + }, + { + "category": "``payment-cryptography``", + "description": "Provide an additional option for key exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and ExportKey operations. Added new key usage (type) TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane operations with ISO9797 Algorithm 1 MAC calculations.", + "type": "api-change" + }, + { + "category": "``personalize-runtime``", + "description": "Documentation updates for Amazon Personalize", + "type": "api-change" + }, + { + "category": "``personalize``", + "description": "Documentation updates for Amazon Personalize.", + "type": "api-change" + }, + { + "category": "``rekognition``", + "description": "This release adds ContentType and TaxonomyLevel attributes to DetectModerationLabels and GetMediaAnalysisJob API responses.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Documentation updates for AWS Security Hub", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.21.json b/.changes/1.32.21.json new file mode 100644 index 000000000000..9e5d7a8649bd --- /dev/null +++ b/.changes/1.32.21.json @@ -0,0 +1,12 @@ +[ + { + "category": "``dynamodb``", + "description": "Updating note for enabling streams for UpdateTable.", + "type": "api-change" + }, + { + "category": "``keyspaces``", + "description": "This release adds support for Multi-Region Replication with provisioned tables, and Keyspaces auto scaling APIs", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.22.json b/.changes/1.32.22.json new file mode 100644 index 000000000000..7a42e9e30e03 --- /dev/null +++ b/.changes/1.32.22.json @@ -0,0 +1,32 @@ +[ + { + "category": "``b2bi``", + "description": "Increasing TestMapping inputFileContent file size limit to 5MB and adding file size limit 250KB for TestParsing input file. This release also includes exposing InternalServerException for Tag APIs.", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "This release adds a new API ListInsightsMetricData to retrieve metric data from CloudTrail Insights.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "GetMetricDataV2 now supports 3 groupings", + "type": "api-change" + }, + { + "category": "``drs``", + "description": "Removed invalid and unnecessary default values.", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "Allow support for Snowflake as a Kinesis Data Firehose delivery destination.", + "type": "api-change" + }, + { + "category": "``sagemaker-featurestore-runtime``", + "description": "Increase BatchGetRecord limits from 10 items to 100 items", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.23.json b/.changes/1.32.23.json new file mode 100644 index 000000000000..da7f95b37de8 --- /dev/null +++ b/.changes/1.32.23.json @@ -0,0 +1,22 @@ +[ + { + "category": "``athena``", + "description": "Introducing new NotebookS3LocationUri parameter to Athena ImportNotebook API. Payload is no longer required and either Payload or NotebookS3LocationUri needs to be provided (not both) for a successful ImportNotebook API call. If both are provided, an InvalidRequestException will be thrown.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "Release CodeBuild Reserved Capacity feature", + "type": "api-change" + }, + { + "category": "``dynamodb``", + "description": "This release adds support for including ApproximateCreationDateTimePrecision configurations in EnableKinesisStreamingDestination API, adds the same as an optional field in the response of DescribeKinesisStreamingDestination, and adds support for a new UpdateKinesisStreamingDestination API.", + "type": "api-change" + }, + { + "category": "``qconnect``", + "description": "Increased Quick Response name max length to 100", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.24.json b/.changes/1.32.24.json new file mode 100644 index 000000000000..20fd7841c947 --- /dev/null +++ b/.changes/1.32.24.json @@ -0,0 +1,52 @@ +[ + { + "category": "``appconfigdata``", + "description": "Fix FIPS Endpoints in aws-us-gov.", + "type": "api-change" + }, + { + "category": "``cloud9``", + "description": "Doc-only update around removing AL1 from list of available AMIs for Cloud9", + "type": "api-change" + }, + { + "category": "``cloudfront-keyvaluestore``", + "description": "This release improves upon the DescribeKeyValueStore API by returning two additional fields, Status of the KeyValueStore and the FailureReason in case of failures during creation of KeyValueStore.", + "type": "api-change" + }, + { + "category": "``connectcases``", + "description": "This release adds the ability to view audit history on a case and introduces a new parameter, performedBy, for CreateCase and UpdateCase API's.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Documentation updates for Amazon EC2.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release adds support for Transport Layer Security (TLS) and Configurable Timeout to ECS Service Connect. TLS facilitates privacy and data security for inter-service communications, while Configurable Timeout allows customized per-request timeout and idle timeout for Service Connect services.", + "type": "api-change" + }, + { + "category": "``finspace``", + "description": "Allow customer to set zip default through command line arguments.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "Doc only update for quota increase change", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Introduced support for the InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API method. This provides enhanced error handling, ensuring a more robust experience when creating database clusters with insufficient instance capacity.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.25.json b/.changes/1.32.25.json new file mode 100644 index 000000000000..6e07b40ff724 --- /dev/null +++ b/.changes/1.32.25.json @@ -0,0 +1,7 @@ +[ + { + "category": "``s3 sync``", + "description": "Disable S3 Express support for s3 sync command", + "type": "bugfix" + } +] \ No newline at end of file diff --git a/.changes/1.32.26.json b/.changes/1.32.26.json new file mode 100644 index 000000000000..61f95c5f29dd --- /dev/null +++ b/.changes/1.32.26.json @@ -0,0 +1,7 @@ +[ + { + "category": "``inspector2``", + "description": "This release adds support for CIS scans on EC2 instances.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.27.json b/.changes/1.32.27.json new file mode 100644 index 000000000000..7d910fe6f2d7 --- /dev/null +++ b/.changes/1.32.27.json @@ -0,0 +1,27 @@ +[ + { + "category": "``ec2``", + "description": "Introduced a new clientToken request parameter on CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter allows idempotent operations on the APIs.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "Documentation updates for Amazon ECS.", + "type": "api-change" + }, + { + "category": "``outposts``", + "description": "DeviceSerialNumber parameter is now optional in StartConnection API", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for Aurora Limitless Database.", + "type": "api-change" + }, + { + "category": "``storagegateway``", + "description": "Add DeprecationDate and SoftwareVersion to response of ListGateways.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.28.json b/.changes/1.32.28.json new file mode 100644 index 000000000000..714df0b502d4 --- /dev/null +++ b/.changes/1.32.28.json @@ -0,0 +1,12 @@ +[ + { + "category": "``acm-pca``", + "description": "AWS Private CA now supports an option to omit the CDP extension from issued certificates, when CRL revocation is enabled.", + "type": "api-change" + }, + { + "category": "``lightsail``", + "description": "This release adds support for IPv6-only instance plans.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.29.json b/.changes/1.32.29.json new file mode 100644 index 000000000000..25d336a208a6 --- /dev/null +++ b/.changes/1.32.29.json @@ -0,0 +1,17 @@ +[ + { + "category": "``connect``", + "description": "Update list and string length limits for predefined attributes.", + "type": "api-change" + }, + { + "category": "``inspector2``", + "description": "This release adds ECR container image scanning based on their lastRecordedPullTime.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker Automatic Model Tuning now provides an API to programmatically delete tuning jobs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.3.json b/.changes/1.32.3.json new file mode 100644 index 000000000000..1b6803499a19 --- /dev/null +++ b/.changes/1.32.3.json @@ -0,0 +1,22 @@ +[ + { + "category": "``cognito-idp``", + "description": "Amazon Cognito now supports trigger versions that define the fields in the request sent to pre token generation Lambda triggers.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Add support for EKS Cluster Access Management.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "A docs-only release to add missing entities to the API reference.", + "type": "api-change" + }, + { + "category": "``route53resolver``", + "description": "Add DOH protocols in resolver endpoints.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.30.json b/.changes/1.32.30.json new file mode 100644 index 000000000000..b28c45faea4d --- /dev/null +++ b/.changes/1.32.30.json @@ -0,0 +1,32 @@ +[ + { + "category": "``autoscaling``", + "description": "EC2 Auto Scaling customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type.", + "type": "api-change" + }, + { + "category": "``comprehend``", + "description": "Comprehend PII analysis now supports Spanish input documents.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "EC2 Fleet customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type.", + "type": "api-change" + }, + { + "category": "``mwaa``", + "description": "This release adds MAINTENANCE environment status for Amazon MWAA environments.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Introduced support for the InsufficientDBInstanceCapacityFault error in the RDS RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods. This provides enhanced error handling, ensuring a more robust experience.", + "type": "api-change" + }, + { + "category": "``snowball``", + "description": "Modified description of createaddress to include direction to add path when providing a JSON file.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.31.json b/.changes/1.32.31.json new file mode 100644 index 000000000000..37ce9cdad396 --- /dev/null +++ b/.changes/1.32.31.json @@ -0,0 +1,12 @@ +[ + { + "category": "``datazone``", + "description": "Add new skipDeletionCheck to DeleteDomain. Add new skipDeletionCheck to DeleteProject which also automatically deletes dependent objects", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "Update the SDKs for text changes in the APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.32.json b/.changes/1.32.32.json new file mode 100644 index 000000000000..d967ec1f5d3f --- /dev/null +++ b/.changes/1.32.32.json @@ -0,0 +1,22 @@ +[ + { + "category": "``cloudformation``", + "description": "CloudFormation IaC generator allows you to scan existing resources in your account and select resources to generate a template for a new or existing CloudFormation stack.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "Update elbv2 command to latest version", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Update page size limits for GetJobRuns and GetTriggers APIs.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "This release adds an optional Duration parameter to StateManager Associations. This allows customers to specify how long an apply-only-on-cron association execution should run. Once the specified Duration is out all the ongoing cancellable commands or automations are cancelled.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.33.json b/.changes/1.32.33.json new file mode 100644 index 000000000000..71b69a9a30a9 --- /dev/null +++ b/.changes/1.32.33.json @@ -0,0 +1,27 @@ +[ + { + "category": "``cognito-idp``", + "description": "Added CreateIdentityProvider and UpdateIdentityProvider details for new SAML IdP features", + "type": "api-change" + }, + { + "category": "``ivs``", + "description": "This release introduces a new resource Playback Restriction Policy which can be used to geo-restrict or domain-restrict channel stream playback when associated with a channel. New APIs to support this resource were introduced in the form of Create/Delete/Get/Update/List.", + "type": "api-change" + }, + { + "category": "``managedblockchain-query``", + "description": "This release adds support for transactions that have not reached finality. It also removes support for the status property from the response of the GetTransaction operation. You can use the confirmationStatus and executionStatus properties to determine the status of the transaction.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release includes support for broadcast-mixed audio description tracks.", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Adding new APIs in SDK for Amazon Neptune Analytics. These APIs include operations to execute, cancel, list queries and get the graph summary.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.34.json b/.changes/1.32.34.json new file mode 100644 index 000000000000..efd8ec17a611 --- /dev/null +++ b/.changes/1.32.34.json @@ -0,0 +1,17 @@ +[ + { + "category": "``dynamodb``", + "description": "Any number of users can execute up to 50 concurrent restores (any type of restore) in a given account.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker Canvas adds GenerativeAiSettings support for CanvasAppSettings.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.35.json b/.changes/1.32.35.json new file mode 100644 index 000000000000..2930ae40b146 --- /dev/null +++ b/.changes/1.32.35.json @@ -0,0 +1,12 @@ +[ + { + "category": "``glue``", + "description": "Introduce Catalog Encryption Role within Glue Data Catalog Settings. Introduce SASL/PLAIN as an authentication method for Glue Kafka connections", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added definitions of various WorkSpace states", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.36.json b/.changes/1.32.36.json new file mode 100644 index 000000000000..52c9c6d166d6 --- /dev/null +++ b/.changes/1.32.36.json @@ -0,0 +1,32 @@ +[ + { + "category": "``appsync``", + "description": "Support for environment variables in AppSync GraphQL APIs", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release is a documentation only update to address customer issues.", + "type": "api-change" + }, + { + "category": "``es``", + "description": "This release adds clear visibility to the customers on the changes that they make on the domain.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "This release adds a new field, logGroupArn, to the response of the logs:DescribeLogGroups action.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release adds clear visibility to the customers on the changes that they make on the domain.", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "You can now delete an API key that you've created for use with your CAPTCHA JavaScript integration API.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.37.json b/.changes/1.32.37.json new file mode 100644 index 000000000000..bddd6c0067bc --- /dev/null +++ b/.changes/1.32.37.json @@ -0,0 +1,17 @@ +[ + { + "category": "``datasync``", + "description": "AWS DataSync now supports manifests for specifying files or objects to transfer.", + "type": "api-change" + }, + { + "category": "``lexv2-models``", + "description": "Update lexv2-models command to latest version", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "LisRecommendations API to fetch Amazon Redshift Advisor recommendations.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.38.json b/.changes/1.32.38.json new file mode 100644 index 000000000000..6af93ed26b6e --- /dev/null +++ b/.changes/1.32.38.json @@ -0,0 +1,17 @@ +[ + { + "category": "``codepipeline``", + "description": "Add ability to execute pipelines with new parallel & queued execution modes and add support for triggers with filtering on branches and file paths.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "General Interactions for Visuals; Waterfall Chart Color Configuration; Documentation Update", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "This release introduces User-Decoupling feature. This feature allows Workspaces Core customers to provision workspaces without providing users. CreateWorkspaces and DescribeWorkspaces APIs will now take a new optional parameter \"WorkspaceName\".", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.39.json b/.changes/1.32.39.json new file mode 100644 index 000000000000..d4e5a2db0408 --- /dev/null +++ b/.changes/1.32.39.json @@ -0,0 +1,37 @@ +[ + { + "category": "``amp``", + "description": "Overall documentation updates.", + "type": "api-change" + }, + { + "category": "``batch``", + "description": "This feature allows Batch to support configuration of repository credentials for jobs running on ECS", + "type": "api-change" + }, + { + "category": "``braket``", + "description": "Creating a job will result in DeviceOfflineException when using an offline device, and DeviceRetiredException when using a retired device.", + "type": "api-change" + }, + { + "category": "``cost-optimization-hub``", + "description": "Adding includeMemberAccounts field to the response of ListEnrollmentStatuses API.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "Documentation only update for Amazon ECS.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "This release allows AWS IoT Core users to enable Online Certificate Status Protocol (OCSP) Stapling for TLS X.509 Server Certificates when creating and updating AWS IoT Domain Configurations with Custom Domain.", + "type": "api-change" + }, + { + "category": "``pricing``", + "description": "Add Throttling Exception to all APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.4.json b/.changes/1.32.4.json new file mode 100644 index 000000000000..0434a22e151e --- /dev/null +++ b/.changes/1.32.4.json @@ -0,0 +1,32 @@ +[ + { + "category": "``appsync``", + "description": "This release adds additional configurations on GraphQL APIs for limits on query depth, resolver count, and introspection", + "type": "api-change" + }, + { + "category": "``chime-sdk-meetings``", + "description": "Add meeting features to specify a maximum camera resolution, a maximum content sharing resolution, and a maximum number of attendees for a given meeting.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Provision BYOIPv4 address ranges and advertise them by specifying the network border groups option in Los Angeles, Phoenix and Dallas AWS Local Zones.", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "Added support for FSx for OpenZFS on-demand data replication across AWS accounts and/or regions.Added the IncludeShared attribute for DescribeSnapshots.Added the CopyStrategy attribute for OpenZFSVolumeConfiguration.", + "type": "api-change" + }, + { + "category": "``marketplace-catalog``", + "description": "AWS Marketplace now supports a new API, BatchDescribeEntities, which returns metadata and content for multiple entities.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "RDS - The release adds two new APIs: DescribeDBRecommendations and ModifyDBRecommendation", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.40.json b/.changes/1.32.40.json new file mode 100644 index 000000000000..891861c84509 --- /dev/null +++ b/.changes/1.32.40.json @@ -0,0 +1,22 @@ +[ + { + "category": "``appsync``", + "description": "Adds support for new options on GraphqlAPIs, Resolvers and Data Sources for emitting Amazon CloudWatch metrics for enhanced monitoring of AppSync APIs.", + "type": "api-change" + }, + { + "category": "``cloudwatch``", + "description": "Update cloudwatch command to latest version", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Adding a new option \"parameters\" for data plane api ExecuteQuery to support running parameterized query via SDK.", + "type": "api-change" + }, + { + "category": "``route53domains``", + "description": "This release adds bill contact support for RegisterDomain, TransferDomain, UpdateDomainContact and GetDomainDetail API.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.41.json b/.changes/1.32.41.json new file mode 100644 index 000000000000..be959b19359c --- /dev/null +++ b/.changes/1.32.41.json @@ -0,0 +1,27 @@ +[ + { + "category": "``lightsail``", + "description": "This release adds support to upgrade the major version of a database.", + "type": "api-change" + }, + { + "category": "``marketplace-catalog``", + "description": "AWS Marketplace Catalog API now supports setting intent on requests", + "type": "api-change" + }, + { + "category": "``resource-explorer-2``", + "description": "Resource Explorer now uses newly supported IPv4 'amazonaws.com' endpoints by default.", + "type": "api-change" + }, + { + "category": "``securitylake``", + "description": "Documentation updates for Security Lake", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.42.json b/.changes/1.32.42.json new file mode 100644 index 000000000000..838287835d56 --- /dev/null +++ b/.changes/1.32.42.json @@ -0,0 +1,17 @@ +[ + { + "category": "``controltower``", + "description": "Adds support for new Baseline and EnabledBaseline APIs for automating multi-account governance.", + "type": "api-change" + }, + { + "category": "``lookoutequipment``", + "description": "This feature allows customers to see pointwise model diagnostics results for their models.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "This release adds the metadata-boosting feature, which allows customers to easily fine-tune the underlying ranking of retrieved RAG passages in order to optimize Q&A answer relevance. It also adds new feedback reasons for the PutFeedback API.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.43.json b/.changes/1.32.43.json new file mode 100644 index 000000000000..deab1e863228 --- /dev/null +++ b/.changes/1.32.43.json @@ -0,0 +1,52 @@ +[ + { + "category": "``artifact``", + "description": "This is the initial SDK release for AWS Artifact. AWS Artifact provides on-demand access to compliance and third-party compliance reports. This release includes access to List and Get reports, along with their metadata. This release also includes access to AWS Artifact notifications settings.", + "type": "api-change" + }, + { + "category": "``codepipeline``", + "description": "Add ability to override timeout on action level.", + "type": "api-change" + }, + { + "category": "``detective``", + "description": "Doc only updates for content enhancement", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Marked fields IpAddressV4, PrivateIpAddress, Email as Sensitive.", + "type": "api-change" + }, + { + "category": "``healthlake``", + "description": "This release adds a new response parameter, JobProgressReport, to the DescribeFHIRImportJob and ListFHIRImportJobs API operation. JobProgressReport provides details on the progress of the import job on the server.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "Adds additional supported instance types.", + "type": "api-change" + }, + { + "category": "``polly``", + "description": "Amazon Polly adds 1 new voice - Burcu (tr-TR)", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release adds a new API UpdateClusterSoftware for SageMaker HyperPod. This API allows users to patch HyperPod clusters with latest platform softwares.", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Doc only update for Secrets Manager", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.44.json b/.changes/1.32.44.json new file mode 100644 index 000000000000..d673c4647827 --- /dev/null +++ b/.changes/1.32.44.json @@ -0,0 +1,32 @@ +[ + { + "category": "``connectparticipant``", + "description": "Doc only update to GetTranscript API reference guide to inform users about presence of events in the chat transcript.", + "type": "api-change" + }, + { + "category": "``emr``", + "description": "adds fine grained control over Unhealthy Node Replacement to Amazon ElasticMapReduce", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "This release adds support for Data Message Extraction for decompressed CloudWatch logs, and to use a custom file extension or time zone for S3 destinations.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Documentation-only updates for Lambda to clarify a number of existing actions and properties.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Doc only update for a valid option in DB parameter group", + "type": "api-change" + }, + { + "category": "``sns``", + "description": "This release marks phone numbers as sensitive inputs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.45.json b/.changes/1.32.45.json new file mode 100644 index 000000000000..33a08f2d8710 --- /dev/null +++ b/.changes/1.32.45.json @@ -0,0 +1,32 @@ +[ + { + "category": "``amplify``", + "description": "This release contains API changes that enable users to configure their Amplify domains with their own custom SSL/TLS certificate.", + "type": "api-change" + }, + { + "category": "``chatbot``", + "description": "This release adds support for AWS Chatbot. You can now monitor, operate, and troubleshoot your AWS resources with interactive ChatOps using the AWS SDK.", + "type": "api-change" + }, + { + "category": "``config``", + "description": "Documentation updates for the AWS Config CLI", + "type": "api-change" + }, + { + "category": "``ivs``", + "description": "Changed description for latencyMode in Create/UpdateChannel and Channel/ChannelSummary.", + "type": "api-change" + }, + { + "category": "``keyspaces``", + "description": "Documentation updates for Amazon Keyspaces", + "type": "api-change" + }, + { + "category": "``mediatailor``", + "description": "MediaTailor: marking #AdBreak.OffsetMillis as required.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.46.json b/.changes/1.32.46.json new file mode 100644 index 000000000000..542930fb3fad --- /dev/null +++ b/.changes/1.32.46.json @@ -0,0 +1,17 @@ +[ + { + "category": "``dynamodb``", + "description": "Publishing quick fix for doc only update.", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "This release updates a few Firehose related APIs.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add .NET 8 (dotnet8) Runtime support to AWS Lambda.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.47.json b/.changes/1.32.47.json new file mode 100644 index 000000000000..e88f7ee6bd23 --- /dev/null +++ b/.changes/1.32.47.json @@ -0,0 +1,22 @@ +[ + { + "category": "``iotevents``", + "description": "Increase the maximum length of descriptions for Inputs, Detector Models, and Alarm Models", + "type": "api-change" + }, + { + "category": "``lookoutequipment``", + "description": "This release adds a field exposing model quality to read APIs for models. It also adds a model quality field to the API response when creating an inference scheduler.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "MediaLive now supports the ability to restart pipelines in a running channel.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "This release adds support for sharing Systems Manager parameters with other AWS accounts.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.48.json b/.changes/1.32.48.json new file mode 100644 index 000000000000..e4e4792e3902 --- /dev/null +++ b/.changes/1.32.48.json @@ -0,0 +1,12 @@ +[ + { + "category": "``internetmonitor``", + "description": "This release adds IPv4 prefixes to health events", + "type": "api-change" + }, + { + "category": "``kinesisvideo``", + "description": "Increasing NextToken parameter length restriction for List APIs from 512 to 1024.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.49.json b/.changes/1.32.49.json new file mode 100644 index 000000000000..bf75e728e24d --- /dev/null +++ b/.changes/1.32.49.json @@ -0,0 +1,22 @@ +[ + { + "category": "``appsync``", + "description": "Documentation only updates for AppSync", + "type": "api-change" + }, + { + "category": "``qldb``", + "description": "Clarify possible values for KmsKeyArn and EncryptionDescription.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Add pattern and length based validations for DBShardGroupIdentifier", + "type": "api-change" + }, + { + "category": "``rum``", + "description": "Doc-only update for new RUM metrics that were added", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.5.json b/.changes/1.32.5.json new file mode 100644 index 000000000000..832c2e3680fa --- /dev/null +++ b/.changes/1.32.5.json @@ -0,0 +1,37 @@ +[ + { + "category": "``appstream``", + "description": "This release introduces configurable clipboard, allowing admins to specify the maximum length of text that can be copied by the users from their device to the remote session and vice-versa.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Add support for cluster insights, new EKS capability that surfaces potentially upgrade impacting issues.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "This release 1) introduces a new API: GetOrganizationStatistics , and 2) adds a new UsageStatisticType TOP_ACCOUNTS_BY_FEATURE for GetUsageStatistics API", + "type": "api-change" + }, + { + "category": "``managedblockchain-query``", + "description": "Adding Confirmation Status and Execution Status to GetTransaction Response.", + "type": "api-change" + }, + { + "category": "``mediatailor``", + "description": "Adds the ability to configure time shifting on MediaTailor channels using the TimeShiftConfiguration field", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "Amazon Route 53 now supports the Canada West (Calgary) Region (ca-west-1) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region.", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.50.json b/.changes/1.32.50.json new file mode 100644 index 000000000000..415aae1edb5e --- /dev/null +++ b/.changes/1.32.50.json @@ -0,0 +1,22 @@ +[ + { + "category": "``apigateway``", + "description": "Documentation updates for Amazon API Gateway.", + "type": "api-change" + }, + { + "category": "``drs``", + "description": "Added volume status to DescribeSourceServer replicated volumes.", + "type": "api-change" + }, + { + "category": "``kafkaconnect``", + "description": "Adds support for tagging, with new TagResource, UntagResource and ListTagsForResource APIs to manage tags and updates to existing APIs to allow tag on create. This release also adds support for the new DeleteWorkerConfiguration API.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for gp3 data volumes for Multi-AZ DB Clusters.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.51.json b/.changes/1.32.51.json new file mode 100644 index 000000000000..a74456e872eb --- /dev/null +++ b/.changes/1.32.51.json @@ -0,0 +1,7 @@ +[ + { + "category": "``amplifyuibuilder``", + "description": "We have added the ability to tag resources after they are created", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.52.json b/.changes/1.32.52.json new file mode 100644 index 000000000000..ec83519201c6 --- /dev/null +++ b/.changes/1.32.52.json @@ -0,0 +1,32 @@ +[ + { + "category": "``batch``", + "description": "This release adds Batch support for configuration of multicontainer jobs in ECS, Fargate, and EKS. This support is available for all types of jobs, including both array jobs and multi-node parallel jobs.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "This release adds support to override search strategy performed by the Retrieve and RetrieveAndGenerate APIs for Amazon Bedrock Agents", + "type": "api-change" + }, + { + "category": "``ce``", + "description": "This release introduces the new API 'GetApproximateUsageRecords', which retrieves estimated usage records for hourly granularity or resource-level data at daily granularity.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release increases the range of MaxResults for GetNetworkInsightsAccessScopeAnalysisFindings to 1,000.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "This release reduces the maximum results returned per query invocation from 500 to 100 for the SearchIndex API. This change has no implications as long as the API is invoked until the nextToken is NULL.", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "AWS WAF now supports configurable time windows for request aggregation with rate-based rules. Customers can now select time windows of 1 minute, 2 minutes or 10 minutes, in addition to the previously supported 5 minutes.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.53.json b/.changes/1.32.53.json new file mode 100644 index 000000000000..f567a0fd027e --- /dev/null +++ b/.changes/1.32.53.json @@ -0,0 +1,37 @@ +[ + { + "category": "``docdb-elastic``", + "description": "Launched Elastic Clusters Readable Secondaries, Start/Stop, Configurable Shard Instance count, Automatic Backups and Snapshot Copying", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Added support for new AL2023 AMIs to the supported AMITypes.", + "type": "api-change" + }, + { + "category": "``lexv2-models``", + "description": "This release makes AMAZON.QnAIntent generally available in Amazon Lex. This generative AI feature leverages large language models available through Amazon Bedrock to automate frequently asked questions (FAQ) experience for end-users.", + "type": "api-change" + }, + { + "category": "``migrationhuborchestrator``", + "description": "Adds new CreateTemplate, UpdateTemplate and DeleteTemplate APIs.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "TooltipTarget for Combo chart visuals; ColumnConfiguration limit increase to 2000; Documentation Update", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adds support for ModelDataSource in Model Packages to support unzipped models. Adds support to specify SourceUri for models which allows registration of models without mandating a container for hosting. Using SourceUri, customers can decouple the model from hosting information during registration.", + "type": "api-change" + }, + { + "category": "``securitylake``", + "description": "Add capability to update the Data Lake's MetaStoreManager Role in order to perform required data lake updates to use Iceberg table format in their data lake or update the role for any other reason.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.54.json b/.changes/1.32.54.json new file mode 100644 index 000000000000..ccdc3c35c9c5 --- /dev/null +++ b/.changes/1.32.54.json @@ -0,0 +1,17 @@ +[ + { + "category": "``accessanalyzer``", + "description": "Fixed a typo in description field.", + "type": "api-change" + }, + { + "category": "``autoscaling``", + "description": "With this release, Amazon EC2 Auto Scaling groups, EC2 Fleet, and Spot Fleet improve the default price protection behavior of attribute-based instance type selection of Spot Instances, to consistently select from a wide range of instance types.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "With this release, Amazon EC2 Auto Scaling groups, EC2 Fleet, and Spot Fleet improve the default price protection behavior of attribute-based instance type selection of Spot Instances, to consistently select from a wide range of instance types.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.55.json b/.changes/1.32.55.json new file mode 100644 index 000000000000..b5ee836ab726 --- /dev/null +++ b/.changes/1.32.55.json @@ -0,0 +1,17 @@ +[ + { + "category": "``cloudformation``", + "description": "Add DetailedStatus field to DescribeStackEvents and DescribeStacks APIs", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "Added support for creating FSx for NetApp ONTAP file systems with up to 12 HA pairs, delivering up to 72 GB/s of read throughput and 12 GB/s of write throughput.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "Documentation update for AWS Organizations", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.56.json b/.changes/1.32.56.json new file mode 100644 index 000000000000..e484795af5fa --- /dev/null +++ b/.changes/1.32.56.json @@ -0,0 +1,22 @@ +[ + { + "category": "``apigateway``", + "description": "Documentation updates for Amazon API Gateway", + "type": "api-change" + }, + { + "category": "``chatbot``", + "description": "Minor update to documentation.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "This release contains an endpoint addition", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "Adds support for providing custom headers within SendEmail and SendBulkEmail for SESv2.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.57.json b/.changes/1.32.57.json new file mode 100644 index 000000000000..4fbb934cfba2 --- /dev/null +++ b/.changes/1.32.57.json @@ -0,0 +1,32 @@ +[ + { + "category": "``dynamodb``", + "description": "Doc only updates for DynamoDB documentation", + "type": "api-change" + }, + { + "category": "``imagebuilder``", + "description": "Add PENDING status to Lifecycle Execution resource status. Add StartTime and EndTime to ListLifecycleExecutionResource API response.", + "type": "api-change" + }, + { + "category": "``mwaa``", + "description": "Amazon MWAA adds support for Apache Airflow v2.8.1.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updated the input of CreateDBCluster and ModifyDBCluster to support setting CA certificates. Updated the output of DescribeDBCluster to show current CA certificate setting value.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Update for documentation only. Covers port ranges, definition updates for data sharing, and definition updates to cluster-snapshot documentation.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Deprecating details in favor of configuration for GetIdentitySource and ListIdentitySources APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.58.json b/.changes/1.32.58.json new file mode 100644 index 000000000000..850c139090ce --- /dev/null +++ b/.changes/1.32.58.json @@ -0,0 +1,47 @@ +[ + { + "category": "``appconfig``", + "description": "AWS AppConfig now supports dynamic parameters, which enhance the functionality of AppConfig Extensions by allowing you to provide parameter values to your Extensions at the time you deploy your configuration.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds an optional parameter to RegisterImage and CopyImage APIs to support tagging AMIs at the time of creation.", + "type": "api-change" + }, + { + "category": "``grafana``", + "description": "Adds support for the new GrafanaToken as part of the Amazon Managed Grafana Enterprise plugins upgrade to associate your AWS account with a Grafana Labs account.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Documentation updates for AWS Lambda", + "type": "api-change" + }, + { + "category": "``payment-cryptography-data``", + "description": "AWS Payment Cryptography EMV Decrypt Feature Release", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for io2 storage for Multi-AZ DB clusters", + "type": "api-change" + }, + { + "category": "``snowball``", + "description": "Doc-only update for change to EKS-Anywhere ordering.", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "You can increase the max request body inspection size for some regional resources. The size setting is in the web ACL association config. Also, the AWSManagedRulesBotControlRuleSet EnableMachineLearning setting now takes a Boolean instead of a primitive boolean type, for languages like Java.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added note for user decoupling", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.59.json b/.changes/1.32.59.json new file mode 100644 index 000000000000..ed313f95b0a9 --- /dev/null +++ b/.changes/1.32.59.json @@ -0,0 +1,37 @@ +[ + { + "category": "``batch``", + "description": "This release adds JobStateTimeLimitActions setting to the Job Queue API. It allows you to configure an action Batch can take for a blocking job in front of the queue after the defined period of time. The new parameter applies for ECS, EKS, and FARGATE Job Queues.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Documentation update for Bedrock Runtime Agent", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "Added exceptions to CreateTrail, DescribeTrails, and ListImportFailures APIs.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "This release adds support for a new webhook event: PULL_REQUEST_CLOSED.", + "type": "api-change" + }, + { + "category": "``cognito-idp``", + "description": "Add ConcurrentModificationException to SetUserPoolMfaConfig", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Add RDS Provisioned and Serverless Usage types", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "Added DES_EDE3_CBC to the list of supported encryption algorithms for messages sent with an AS2 connector.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.6.json b/.changes/1.32.6.json new file mode 100644 index 000000000000..432bd78c7c4a --- /dev/null +++ b/.changes/1.32.6.json @@ -0,0 +1,52 @@ +[ + { + "category": "``amp``", + "description": "This release updates Amazon Managed Service for Prometheus APIs to support customer managed KMS keys.", + "type": "api-change" + }, + { + "category": "``appintegrations``", + "description": "The Amazon AppIntegrations service adds DeleteApplication API for deleting applications, and updates APIs to support third party applications reacting to workspace events and make data requests to Amazon Connect for agent and contact events.", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "This release introduces Amazon Aurora as a vector store on Knowledge Bases for Amazon Bedrock", + "type": "api-change" + }, + { + "category": "``codecommit``", + "description": "AWS CodeCommit now supports customer managed keys from AWS Key Management Service. UpdateRepositoryEncryptionKey is added for updating the key configuration. CreateRepository, GetRepository, BatchGetRepositories are updated with new input or output parameters.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Adds APIs to manage User Proficiencies and Predefined Attributes. Enhances StartOutboundVoiceContact API input. Introduces SearchContacts API. Enhances DescribeContact API. Adds an API to update Routing Attributes in QueuePriority and QueueTimeAdjustmentSeconds.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "MediaLive now supports the ability to configure the audio that an AWS Elemental Link UHD device produces, when the device is configured as the source for a flow in AWS Elemental MediaConnect.", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Adds Waiters for successful creation and deletion of Graph, Graph Snapshot, Import Task and Private Endpoints for Neptune Analytics", + "type": "api-change" + }, + { + "category": "``rds-data``", + "description": "This release adds support for using RDS Data API with Aurora PostgreSQL Serverless v2 and provisioned DB clusters.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for using RDS Data API with Aurora PostgreSQL Serverless v2 and provisioned DB clusters.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker Training now provides model training container access for debugging purposes. Amazon SageMaker Search now provides the ability to use visibility conditions to limit resource access to a single domain or multiple domains.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.60.json b/.changes/1.32.60.json new file mode 100644 index 000000000000..14d03743f88f --- /dev/null +++ b/.changes/1.32.60.json @@ -0,0 +1,17 @@ +[ + { + "category": "``codestar-connections``", + "description": "Added a sync configuration enum to disable publishing of deployment status to source providers (PublishDeploymentStatus). Added a sync configuration enum (TriggerStackUpdateOn) to only trigger changes.", + "type": "api-change" + }, + { + "category": "``elasticache``", + "description": "Revisions to API text that are now to be carried over to SDK text, changing usages of \"SFO\" in code examples to \"us-west-1\", and some other typos.", + "type": "api-change" + }, + { + "category": "``mediapackagev2``", + "description": "This release enables customers to safely update their MediaPackage v2 channel groups, channels and origin endpoints using entity tags.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.61.json b/.changes/1.32.61.json new file mode 100644 index 000000000000..7c5c887b74e2 --- /dev/null +++ b/.changes/1.32.61.json @@ -0,0 +1,27 @@ +[ + { + "category": "``cloudformation``", + "description": "CloudFormation documentation update for March, 2024", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release increases MaxResults limit to 500 in request for SearchUsers, SearchQueues and SearchRoutingProfiles APIs of Amazon Connect.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Documentation updates for Amazon EC2.", + "type": "api-change" + }, + { + "category": "``kafka``", + "description": "Added support for specifying the starting position of topic replication in MSK-Replicator.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "March 2024 doc-only updates for Systems Manager.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.62.json b/.changes/1.32.62.json new file mode 100644 index 000000000000..a803ad48d10f --- /dev/null +++ b/.changes/1.32.62.json @@ -0,0 +1,17 @@ +[ + { + "category": "``ivs-realtime``", + "description": "adds support for multiple new composition layout configuration options (grid, pip)", + "type": "api-change" + }, + { + "category": "``kinesisanalyticsv2``", + "description": "Support new RuntimeEnvironmentUpdate parameter within UpdateApplication API allowing callers to change the Flink version upon which their application runs.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "This release makes the default option for S3 on Outposts request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT).", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.63.json b/.changes/1.32.63.json new file mode 100644 index 000000000000..23754b39883c --- /dev/null +++ b/.changes/1.32.63.json @@ -0,0 +1,37 @@ +[ + { + "category": "``amplify``", + "description": "Documentation updates for Amplify. Identifies the APIs available only to apps created using Amplify Gen 1.", + "type": "api-change" + }, + { + "category": "``ec2-instance-connect``", + "description": "This release includes a new exception type \"SerialConsoleSessionUnsupportedException\" for SendSerialConsoleSSHPublicKey API.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "This release allows you to configure HTTP client keep-alive duration for communication between clients and Application Load Balancers.", + "type": "api-change" + }, + { + "category": "``fis``", + "description": "This release adds support for previewing target resources before running a FIS experiment. It also adds resource ARNs for actions, experiments, and experiment templates to API responses.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for EBCDIC collation for RDS for Db2.", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Doc only update for Secrets Manager", + "type": "api-change" + }, + { + "category": "``timestream-influxdb``", + "description": "This is the initial SDK release for Amazon Timestream for InfluxDB. Amazon Timestream for InfluxDB is a new time-series database engine that makes it easy for application developers and DevOps teams to run InfluxDB databases on AWS for near real-time time-series applications using open source APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.64.json b/.changes/1.32.64.json new file mode 100644 index 000000000000..b87c1269ed3a --- /dev/null +++ b/.changes/1.32.64.json @@ -0,0 +1,42 @@ +[ + { + "category": "``backup``", + "description": "This release introduces a boolean attribute ManagedByAWSBackupOnly as part of ListRecoveryPointsByResource api to filter the recovery points based on ownership. This attribute can be used to filter out the recovery points protected by AWSBackup.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "AWS CodeBuild now supports overflow behavior on Reserved Capacity.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release adds Hierarchy based Access Control fields to Security Profile public APIs and adds support for UserAttributeFilter to SearchUsers API.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Add media accelerator and neuron device information on the describe instance types API.", + "type": "api-change" + }, + { + "category": "``kinesisanalyticsv2``", + "description": "Support for Flink 1.18 in Managed Service for Apache Flink", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Documentation updates for Amazon S3.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adds m6i, m6id, m7i, c6i, c6id, c7i, r6i r6id, r7i, p5 instance type support to Sagemaker Notebook Instances and miscellaneous wording fixes for previous Sagemaker documentation.", + "type": "api-change" + }, + { + "category": "``workspaces-thin-client``", + "description": "Removed unused parameter kmsKeyArn from UpdateDeviceRequest", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.65.json b/.changes/1.32.65.json new file mode 100644 index 000000000000..47d5ac3ffa7a --- /dev/null +++ b/.changes/1.32.65.json @@ -0,0 +1,32 @@ +[ + { + "category": "``cloudformation``", + "description": "This release supports for a new API ListStackSetAutoDeploymentTargets, which provider auto-deployment configuration as a describable resource. Customers can now view the specific combinations of regions and OUs that are being auto-deployed.", + "type": "api-change" + }, + { + "category": "``kms``", + "description": "Adds the ability to use the default policy name by omitting the policyName parameter in calls to PutKeyPolicy and GetKeyPolicy", + "type": "api-change" + }, + { + "category": "``mediatailor``", + "description": "This release adds support to allow customers to show different content within a channel depending on metadata associated with the viewer.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release launches the ModifyIntegration API and support for data filtering for zero-ETL Integrations.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Fix two issues with response root node names.", + "type": "api-change" + }, + { + "category": "``timestream-query``", + "description": "Documentation updates, March 2024", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.66.json b/.changes/1.32.66.json new file mode 100644 index 000000000000..642121ab4a58 --- /dev/null +++ b/.changes/1.32.66.json @@ -0,0 +1,27 @@ +[ + { + "category": "``cloudformation``", + "description": "Documentation update, March 2024. Corrects some formatting.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds the new DescribeMacHosts API operation for getting information about EC2 Mac Dedicated Hosts. Users can now see the latest macOS versions that their underlying Apple Mac can support without needing to be updated.", + "type": "api-change" + }, + { + "category": "``finspace``", + "description": "Adding new attributes readWrite and onDemand to dataview models for Database Maintenance operations.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Update LogSamples field in Anomaly model to be a list of LogEvent", + "type": "api-change" + }, + { + "category": "``managedblockchain-query``", + "description": "Introduces a new API for Amazon Managed Blockchain Query: ListFilteredTransactionEvents.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.67.json b/.changes/1.32.67.json new file mode 100644 index 000000000000..dad364377532 --- /dev/null +++ b/.changes/1.32.67.json @@ -0,0 +1,32 @@ +[ + { + "category": "``accessanalyzer``", + "description": "This release adds support for policy validation and external access findings for DynamoDB tables and streams. IAM Access Analyzer helps you author functional and secure resource-based policies and identify cross-account access. Updated service API, documentation, and paginators.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "This release adds support for new webhook events (RELEASED and PRERELEASED) and filter types (TAG_NAME and RELEASE_NAME).", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release updates the *InstanceStorageConfig APIs to support a new ResourceType: REAL_TIME_CONTACT_ANALYSIS_CHAT_SEGMENTS. Use this resource type to enable streaming for real-time analysis of chat contacts and to associate a Kinesis stream where real-time analysis chat segments will be published.", + "type": "api-change" + }, + { + "category": "``dynamodb``", + "description": "This release introduces 3 new APIs ('GetResourcePolicy', 'PutResourcePolicy' and 'DeleteResourcePolicy') and modifies the existing 'CreateTable' API for the resource-based policy support. It also modifies several APIs to accept a 'TableArn' for the 'TableName' parameter.", + "type": "api-change" + }, + { + "category": "``managedblockchain-query``", + "description": "AMB Query: update GetTransaction to include transactionId as input", + "type": "api-change" + }, + { + "category": "``savingsplans``", + "description": "Introducing the Savings Plans Return feature enabling customers to return their Savings Plans within 7 days of purchase.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.68.json b/.changes/1.32.68.json new file mode 100644 index 000000000000..d83e3262e8ce --- /dev/null +++ b/.changes/1.32.68.json @@ -0,0 +1,7 @@ +[ + { + "category": "``codeartifact``", + "description": "This release adds Package groups to CodeArtifact so you can more conveniently configure package origin controls for multiple packages.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.69.json b/.changes/1.32.69.json new file mode 100644 index 000000000000..0cdf3565c284 --- /dev/null +++ b/.changes/1.32.69.json @@ -0,0 +1,27 @@ +[ + { + "category": "``firehose``", + "description": "Updates Amazon Firehose documentation for message regarding Enforcing Tags IAM Policy.", + "type": "api-change" + }, + { + "category": "``kendra``", + "description": "Documentation update, March 2024. Corrects some docs for Amazon Kendra.", + "type": "api-change" + }, + { + "category": "``pricing``", + "description": "Add ResourceNotFoundException to ListPriceLists and GetPriceListFileUrl APIs", + "type": "api-change" + }, + { + "category": "``rolesanywhere``", + "description": "This release relaxes constraints on the durationSeconds request parameter for the *Profile APIs that support it. This parameter can now take on values that go up to 43200.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Added new resource detail object to ASFF, including resource for LastKnownExploitAt", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.7.json b/.changes/1.32.7.json new file mode 100644 index 000000000000..dcbaa56c4871 --- /dev/null +++ b/.changes/1.32.7.json @@ -0,0 +1,42 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Adding Claude 2.1 support to Bedrock Agents", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "This release adds additional configurations for Query Session Context on the following APIs: GetUnfilteredTableMetadata, GetUnfilteredPartitionMetadata, GetUnfilteredPartitionsMetadata.", + "type": "api-change" + }, + { + "category": "``lakeformation``", + "description": "This release adds additional configurations on GetTemporaryGlueTableCredentials for Query Session Context.", + "type": "api-change" + }, + { + "category": "``mediaconnect``", + "description": "This release adds the DescribeSourceMetadata API. This API can be used to view the stream information of the flow's source.", + "type": "api-change" + }, + { + "category": "``networkmonitor``", + "description": "CloudWatch Network Monitor is a new service within CloudWatch that will help network administrators and operators continuously monitor network performance metrics such as round-trip-time and packet loss between their AWS-hosted applications and their on-premises locations.", + "type": "api-change" + }, + { + "category": "``omics``", + "description": "Provides minor corrections and an updated description of APIs.", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Update endpoint rules and examples.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.70.json b/.changes/1.32.70.json new file mode 100644 index 000000000000..9f4700fe8ea7 --- /dev/null +++ b/.changes/1.32.70.json @@ -0,0 +1,37 @@ +[ + { + "category": "``codebuild``", + "description": "Supporting GitLab and GitLab Self Managed as source types in AWS CodeBuild.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Added support for ModifyInstanceMetadataDefaults and GetInstanceMetadataDefaults to set Instance Metadata Service account defaults", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "Documentation only update for Amazon ECS.", + "type": "api-change" + }, + { + "category": "``emr-containers``", + "description": "This release increases the number of supported job template parameters from 20 to 100.", + "type": "api-change" + }, + { + "category": "``globalaccelerator``", + "description": "AWS Global Accelerator now supports cross-account sharing for bring your own IP addresses.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "Exposing TileMedia H265 options", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Introduced support for the following new instance types on SageMaker Studio for JupyterLab and CodeEditor applications: m6i, m6id, m7i, c6i, c6id, c7i, r6i, r6id, r7i, and p5", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.71.json b/.changes/1.32.71.json new file mode 100644 index 000000000000..fcff2a0846ae --- /dev/null +++ b/.changes/1.32.71.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bedrock-agent-runtime``", + "description": "This release adds support to customize prompts sent through the RetrieveAndGenerate API in Agents for Amazon Bedrock.", + "type": "api-change" + }, + { + "category": "``ce``", + "description": "Adds support for backfill of cost allocation tags, with new StartCostAllocationTagBackfill and ListCostAllocationTagBackfillHistory API.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Documentation updates for Elastic Compute Cloud (EC2).", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This is a documentation update for Amazon ECS.", + "type": "api-change" + }, + { + "category": "``finspace``", + "description": "Add new operation delete-kx-cluster-node and add status parameter to list-kx-cluster-node operation.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.72.json b/.changes/1.32.72.json new file mode 100644 index 000000000000..9c55dd5de88d --- /dev/null +++ b/.changes/1.32.72.json @@ -0,0 +1,27 @@ +[ + { + "category": "``batch``", + "description": "This feature allows AWS Batch to support configuration of imagePullSecrets and allowPrivilegeEscalation for jobs running on EKS", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "This changes introduces metadata documents statistics and also updates the documentation for bedrock agent.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "This release introduces filtering support on Retrieve and RetrieveAndGenerate APIs.", + "type": "api-change" + }, + { + "category": "``elasticache``", + "description": "Added minimum capacity to Amazon ElastiCache Serverless. This feature allows customer to ensure minimum capacity even without current load", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Documentation updates for Secrets Manager", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.73.json b/.changes/1.32.73.json new file mode 100644 index 000000000000..a7d402e1799a --- /dev/null +++ b/.changes/1.32.73.json @@ -0,0 +1,42 @@ +[ + { + "category": "``codecatalyst``", + "description": "This release adds support for understanding pending changes to subscriptions by including two new response parameters for the GetSubscription API for Amazon CodeCatalyst.", + "type": "api-change" + }, + { + "category": "``compute-optimizer``", + "description": "This release enables AWS Compute Optimizer to analyze and generate recommendations with a new customization preference, Memory Utilization.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Amazon EC2 C7gd, M7gd and R7gd metal instances with up to 3.8 TB of local NVMe-based SSD block-level storage have up to 45% improved real-time NVMe storage performance than comparable Graviton2-based instances.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Add multiple customer error code to handle customer caused failure when managing EKS node groups", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Add EC2 support for GuardDuty Runtime Monitoring auto management.", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Update ImportTaskCancelled waiter to evaluate task state correctly and minor documentation changes.", + "type": "api-change" + }, + { + "category": "``oam``", + "description": "This release adds support for sharing AWS::InternetMonitor::Monitor resources.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Amazon QuickSight: Adds support for setting up VPC Endpoint restrictions for accessing QuickSight Website.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.74.json b/.changes/1.32.74.json new file mode 100644 index 000000000000..5d7ba6088835 --- /dev/null +++ b/.changes/1.32.74.json @@ -0,0 +1,47 @@ +[ + { + "category": "``b2bi``", + "description": "Supporting new EDI X12 transaction sets for X12 versions 4010, 4030, and 5010.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "Add new fleet status code for Reserved Capacity.", + "type": "api-change" + }, + { + "category": "``codeconnections``", + "description": "Duplicating the CodeStar Connections service into the new, rebranded AWS CodeConnections service.", + "type": "api-change" + }, + { + "category": "``internetmonitor``", + "description": "This release adds support to allow customers to track cross account monitors through ListMonitor, GetMonitor, ListHealthEvents, GetHealthEvent, StartQuery APIs.", + "type": "api-change" + }, + { + "category": "``iotwireless``", + "description": "Add support for retrieving key historical and live metrics for LoRaWAN devices and gateways", + "type": "api-change" + }, + { + "category": "``marketplace-catalog``", + "description": "This release enhances the ListEntities API to support ResaleAuthorizationId filter and sort for OfferEntity in the request and the addition of a ResaleAuthorizationId field in the response of OfferSummary.", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Add the new API Start-Import-Task for Amazon Neptune Analytics.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release adds support for custom images for the CodeEditor App on SageMaker Studio", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Add parameter to validate source and destination S3 URIs to the ``mv`` command.", + "type": "enhancement" + } +] \ No newline at end of file diff --git a/.changes/1.32.75.json b/.changes/1.32.75.json new file mode 100644 index 000000000000..fc898464baf2 --- /dev/null +++ b/.changes/1.32.75.json @@ -0,0 +1,27 @@ +[ + { + "category": "``cloudwatch``", + "description": "This release adds support for CloudWatch Anomaly Detection on cross-account metrics. SingleMetricAnomalyDetector and MetricDataQuery inputs to Anomaly Detection APIs now take an optional AccountId field.", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "This release supports the feature of AI recommendations for descriptions to enrich the business data catalog in Amazon DataZone.", + "type": "api-change" + }, + { + "category": "``deadline``", + "description": "AWS Deadline Cloud is a new fully managed service that helps customers set up, deploy, and scale rendering projects in minutes, so they can improve the efficiency of their rendering pipelines and take on more projects.", + "type": "api-change" + }, + { + "category": "``emr``", + "description": "This release fixes a broken link in the documentation.", + "type": "api-change" + }, + { + "category": "``lightsail``", + "description": "This release adds support to upgrade the TLS version of the distribution.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.76.json b/.changes/1.32.76.json new file mode 100644 index 000000000000..3e5f516f83f9 --- /dev/null +++ b/.changes/1.32.76.json @@ -0,0 +1,27 @@ +[ + { + "category": "``ecs``", + "description": "Documentation only update for Amazon ECS.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Adding View related fields to responses of read-only Table APIs.", + "type": "api-change" + }, + { + "category": "``ivschat``", + "description": "Doc-only update. Changed \"Resources\" to \"Key Concepts\" in docs and updated text.", + "type": "api-change" + }, + { + "category": "``rolesanywhere``", + "description": "This release increases the limit on the roleArns request parameter for the *Profile APIs that support it. This parameter can now take up to 250 role ARNs.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Documentation updates for AWS Security Hub", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.77.json b/.changes/1.32.77.json new file mode 100644 index 000000000000..1a0899f7bdbc --- /dev/null +++ b/.changes/1.32.77.json @@ -0,0 +1,47 @@ +[ + { + "category": "``cleanroomsml``", + "description": "The release includes a public SDK for AWS Clean Rooms ML APIs, making them globally available to developers worldwide.", + "type": "api-change" + }, + { + "category": "``cloudformation``", + "description": "This release would return a new field - PolicyAction in cloudformation's existed DescribeChangeSetResponse, showing actions we are going to apply on the physical resource (e.g., Delete, Retain) according to the user's template", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "This release supports the feature of dataQuality to enrich asset with dataQualityResult in Amazon DataZone.", + "type": "api-change" + }, + { + "category": "``docdb``", + "description": "This release adds Global Cluster Switchover capability which enables you to change your global cluster's primary AWS Region, the region that serves writes, while preserving the replication between all regions in the global cluster.", + "type": "api-change" + }, + { + "category": "``groundstation``", + "description": "This release adds visibilityStartTime and visibilityEndTime to DescribeContact and ListContacts responses.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add Ruby 3.3 (ruby3.3) support to AWS Lambda", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "Cmaf Ingest outputs are now supported in Media Live", + "type": "api-change" + }, + { + "category": "``medical-imaging``", + "description": "SearchImageSets API now supports following enhancements - Additional support for searching on UpdatedAt and SeriesInstanceUID - Support for searching existing filters between dates/times - Support for sorting the search result by Ascending/Descending - Additional parameters returned in the response", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "Add ability to specify Security Policies for SFTP Connectors", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.78.json b/.changes/1.32.78.json new file mode 100644 index 000000000000..1d78ad13f8ed --- /dev/null +++ b/.changes/1.32.78.json @@ -0,0 +1,32 @@ +[ + { + "category": "``b2bi``", + "description": "Adding support for X12 5010 HIPAA EDI version and associated transaction sets.", + "type": "api-change" + }, + { + "category": "``cleanrooms``", + "description": "Feature: New schemaStatusDetails field to the existing Schema object that displays a status on Schema API responses to show whether a schema is queryable or not. New BatchGetSchemaAnalysisRule API to retrieve multiple schemaAnalysisRules using a single API call.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Amazon EC2 G6 instances powered by NVIDIA L4 Tensor Core GPUs can be used for a wide range of graphics-intensive and machine learning use cases. Gr6 instances also feature NVIDIA L4 GPUs and can be used for graphics workloads with higher memory requirements.", + "type": "api-change" + }, + { + "category": "``emr-containers``", + "description": "This release adds support for integration with EKS AccessEntry APIs to enable automatic Cluster Access for EMR on EKS.", + "type": "api-change" + }, + { + "category": "``ivs``", + "description": "API update to include an SRT ingest endpoint and passphrase for all channels.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Adds GroupConfiguration field to Identity Source API's", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.79.json b/.changes/1.32.79.json new file mode 100644 index 000000000000..e79fb9166034 --- /dev/null +++ b/.changes/1.32.79.json @@ -0,0 +1,17 @@ +[ + { + "category": "``quicksight``", + "description": "Adding IAMIdentityCenterInstanceArn parameter to CreateAccountSubscription", + "type": "api-change" + }, + { + "category": "``resource-groups``", + "description": "Added a new QueryErrorCode RESOURCE_TYPE_NOT_SUPPORTED that is returned by the ListGroupResources operation if the group query contains unsupported resource types.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Adding BatchIsAuthorizedWithToken API which supports multiple authorization requests against a PolicyStore given a bearer token.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.8.json b/.changes/1.32.8.json new file mode 100644 index 000000000000..27af75a41724 --- /dev/null +++ b/.changes/1.32.8.json @@ -0,0 +1,12 @@ +[ + { + "category": "``iam``", + "description": "Documentation updates for AWS Identity and Access Management (IAM).", + "type": "api-change" + }, + { + "category": "``endpoint-rules``", + "description": "Update endpoint-rules command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.80.json b/.changes/1.32.80.json new file mode 100644 index 000000000000..457cae71a55f --- /dev/null +++ b/.changes/1.32.80.json @@ -0,0 +1,17 @@ +[ + { + "category": "``controlcatalog``", + "description": "This is the initial SDK release for AWS Control Catalog, a central catalog for AWS managed controls. This release includes 3 new APIs - ListDomains, ListObjectives, and ListCommonControls - that vend high-level data to categorize controls across the AWS platform.", + "type": "api-change" + }, + { + "category": "``mgn``", + "description": "Added USE_SOURCE as default option to LaunchConfigurationTemplate bootMode parameter.", + "type": "api-change" + }, + { + "category": "``networkmonitor``", + "description": "Updated the allowed monitorName length for CloudWatch Network Monitor.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.81.json b/.changes/1.32.81.json new file mode 100644 index 000000000000..5d1b11aafba6 --- /dev/null +++ b/.changes/1.32.81.json @@ -0,0 +1,22 @@ +[ + { + "category": "``codebuild``", + "description": "Add new webhook filter types for GitHub webhooks", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release includes support for bringing your own fonts to use for burn-in or DVB-Sub captioning workflows.", + "type": "api-change" + }, + { + "category": "``pinpoint``", + "description": "The OrchestrationSendingRoleArn has been added to the email channel and is used to send emails from campaigns or journeys.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for specifying the CA certificate to use for the new db instance when restoring from db snapshot, restoring from s3, restoring to point in time, and creating a db instance read replica.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.82.json b/.changes/1.32.82.json new file mode 100644 index 000000000000..1b20c4d43710 --- /dev/null +++ b/.changes/1.32.82.json @@ -0,0 +1,37 @@ +[ + { + "category": "``cleanrooms``", + "description": "AWS Clean Rooms Differential Privacy is now fully available. Differential privacy protects against user-identification attempts.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release adds new Submit Auto Evaluation Action for Amazon Connect Rules.", + "type": "api-change" + }, + { + "category": "``networkmonitor``", + "description": "Examples were added to CloudWatch Network Monitor commands.", + "type": "api-change" + }, + { + "category": "``qconnect``", + "description": "This release adds a new QiC public API updateSession and updates an existing QiC public API createSession", + "type": "api-change" + }, + { + "category": "``rekognition``", + "description": "Added support for ContentType to content moderation detections.", + "type": "api-change" + }, + { + "category": "``supplychain``", + "description": "This release includes API SendDataIntegrationEvent for AWS Supply Chain", + "type": "api-change" + }, + { + "category": "``workspaces-thin-client``", + "description": "Adding tags field to SoftwareSet. Removing tags fields from Summary objects. Changing the list of exceptions in tagging APIs. Fixing an issue where the SDK returns empty tags in Get APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.83.json b/.changes/1.32.83.json new file mode 100644 index 000000000000..099c75803f1d --- /dev/null +++ b/.changes/1.32.83.json @@ -0,0 +1,52 @@ +[ + { + "category": "``batch``", + "description": "This release adds the task properties field to attempt details and the name field on EKS container detail.", + "type": "api-change" + }, + { + "category": "``cloudfront``", + "description": "CloudFront origin access control extends support to AWS Lambda function URLs and AWS Elemental MediaPackage v2 origins.", + "type": "api-change" + }, + { + "category": "``cloudwatch``", + "description": "This release adds support for Metric Characteristics for CloudWatch Anomaly Detection. Anomaly Detector now takes Metric Characteristics object with Periodic Spikes boolean field that tells Anomaly Detection that spikes that repeat at the same time every week are part of the expected pattern.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "Support access tokens for Bitbucket sources", + "type": "api-change" + }, + { + "category": "``iam``", + "description": "For CreateOpenIDConnectProvider API, the ThumbprintList parameter is no longer required.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "AWS Elemental MediaLive introduces workflow monitor, a new feature that enables the visualization and monitoring of your media workflows. Create signal maps of your existing workflows and monitor them by creating notification and monitoring template groups.", + "type": "api-change" + }, + { + "category": "``omics``", + "description": "This release adds support for retrieval of S3 direct access metadata on sequence stores and read sets, and adds support for SHA256up and SHA512up HealthOmics ETags.", + "type": "api-change" + }, + { + "category": "``pipes``", + "description": "LogConfiguration ARN validation fixes", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for Standard Edition 2 support in RDS Custom for Oracle.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "Documentation updates for Amazon S3-control.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.84.json b/.changes/1.32.84.json new file mode 100644 index 000000000000..f8be2a981810 --- /dev/null +++ b/.changes/1.32.84.json @@ -0,0 +1,57 @@ +[ + { + "category": "``cloudformation``", + "description": "Adding support for the new parameter \"IncludePropertyValues\" in the CloudFormation DescribeChangeSet API. When this parameter is included, the DescribeChangeSet response will include more detailed information such as before and after values for the resource properties that will change.", + "type": "api-change" + }, + { + "category": "``config``", + "description": "Updates documentation for AWS Config", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Modifying request for GetUnfilteredTableMetadata for view-related fields.", + "type": "api-change" + }, + { + "category": "``healthlake``", + "description": "Added new CREATE_FAILED status for data stores. Added new errorCause to DescribeFHIRDatastore API and ListFHIRDatastores API response for additional insights into data store creation and deletion workflows.", + "type": "api-change" + }, + { + "category": "``iotfleethub``", + "description": "Documentation updates for AWS IoT Fleet Hub to clarify that Fleet Hub supports organization instance of IAM Identity Center.", + "type": "api-change" + }, + { + "category": "``kms``", + "description": "This feature supports the ability to specify a custom rotation period for automatic key rotations, the ability to perform on-demand key rotations, and visibility into your key material rotations.", + "type": "api-change" + }, + { + "category": "``mediatailor``", + "description": "Added InsertionMode to PlaybackConfigurations. This setting controls whether players can use stitched or guided ad insertion. The default for players that do not specify an insertion mode is stitched.", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Update to API documentation to resolve customer reported issues.", + "type": "api-change" + }, + { + "category": "``outposts``", + "description": "This release adds EXPEDITORS as a valid shipment carrier.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Adds support for Amazon Redshift DescribeClusterSnapshots API to include Snapshot ARN response field.", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "This change releases support for importing self signed certificates to the Transfer Family for sending outbound file transfers over TLS/HTTPS.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.85.json b/.changes/1.32.85.json new file mode 100644 index 000000000000..e3a4b2e911c9 --- /dev/null +++ b/.changes/1.32.85.json @@ -0,0 +1,47 @@ +[ + { + "category": "``bedrock-agent``", + "description": "For Create Agent API, the agentResourceRoleArn parameter is no longer required.", + "type": "api-change" + }, + { + "category": "``emr-serverless``", + "description": "This release adds support for shuffle optimized disks that allow larger disk sizes and higher IOPS to efficiently run shuffle heavy workloads.", + "type": "api-change" + }, + { + "category": "``entityresolution``", + "description": "Cross Account Resource Support .", + "type": "api-change" + }, + { + "category": "``iotwireless``", + "description": "Add PublicGateways in the GetWirelessStatistics call response, indicating the LoRaWAN public network accessed by the device.", + "type": "api-change" + }, + { + "category": "``lakeformation``", + "description": "This release adds Lake Formation managed RAM support for the 4 APIs - \"DescribeLakeFormationIdentityCenterConfiguration\", \"CreateLakeFormationIdentityCenterConfiguration\", \"DescribeLakeFormationIdentityCenterConfiguration\", and \"DeleteLakeFormationIdentityCenterConfiguration\"", + "type": "api-change" + }, + { + "category": "``m2``", + "description": "Adding new ListBatchJobRestartPoints API and support for restart batch job.", + "type": "api-change" + }, + { + "category": "``mediapackagev2``", + "description": "Dash v2 is a MediaPackage V2 feature to support egressing on DASH manifest format.", + "type": "api-change" + }, + { + "category": "``outposts``", + "description": "This release adds new APIs to allow customers to configure their Outpost capacity at order-time.", + "type": "api-change" + }, + { + "category": "``wellarchitected``", + "description": "AWS Well-Architected now has a Connector for Jira to allow customers to efficiently track workload risks and improvement efforts and create closed-loop mechanisms.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.86.json b/.changes/1.32.86.json new file mode 100644 index 000000000000..2027f6e2258c --- /dev/null +++ b/.changes/1.32.86.json @@ -0,0 +1,12 @@ +[ + { + "category": "``ec2``", + "description": "Documentation updates for Elastic Compute Cloud (EC2).", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "This release adds support for IAM Identity Center (IDC) as the identity gateway for Q Business. It also allows users to provide an explicit intent for Q Business to identify how the Chat request should be handled.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.87.json b/.changes/1.32.87.json new file mode 100644 index 000000000000..f47de4744968 --- /dev/null +++ b/.changes/1.32.87.json @@ -0,0 +1,37 @@ +[ + { + "category": "``drs``", + "description": "Outpost ARN added to Source Server and Recovery Instance", + "type": "api-change" + }, + { + "category": "``emr-serverless``", + "description": "This release adds the capability to publish detailed Spark engine metrics to Amazon Managed Service for Prometheus (AMP) for enhanced monitoring for Spark jobs.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Added IPv6Address fields for local and remote IP addresses", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "This release adds support for the Cross Sheet Filter and Control features, and support for warnings in asset imports for any permitted errors encountered during execution", + "type": "api-change" + }, + { + "category": "``rolesanywhere``", + "description": "This release introduces the PutAttributeMapping and DeleteAttributeMapping APIs. IAM Roles Anywhere now provides the capability to define a set of mapping rules, allowing customers to specify which data is extracted from their X.509 end-entity certificates.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Removed deprecated enum values and updated API documentation.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Adds new APIs for managing and sharing WorkSpaces BYOL configuration across accounts.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.88.json b/.changes/1.32.88.json new file mode 100644 index 000000000000..304ee0af710c --- /dev/null +++ b/.changes/1.32.88.json @@ -0,0 +1,17 @@ +[ + { + "category": "``glue``", + "description": "Adding RowFilter in the response for GetUnfilteredTableMetadata API", + "type": "api-change" + }, + { + "category": "``internetmonitor``", + "description": "This update introduces the GetInternetEvent and ListInternetEvents APIs, which provide access to internet events displayed on the Amazon CloudWatch Internet Weather Map.", + "type": "api-change" + }, + { + "category": "``personalize``", + "description": "This releases auto training capability while creating a solution and automatically syncing latest solution versions when creating/updating a campaign", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.89.json b/.changes/1.32.89.json new file mode 100644 index 000000000000..d3e9395eaa3f --- /dev/null +++ b/.changes/1.32.89.json @@ -0,0 +1,42 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Releasing the support for simplified configuration and return of control", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Releasing the support for simplified configuration and return of control", + "type": "api-change" + }, + { + "category": "``payment-cryptography``", + "description": "Adding support to TR-31/TR-34 exports for optional headers, allowing customers to add additional metadata (such as key version and KSN) when exporting keys from the service.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Updates description of schedule field for scheduled actions.", + "type": "api-change" + }, + { + "category": "``route53profiles``", + "description": "Route 53 Profiles allows you to apply a central DNS configuration across many VPCs regardless of account.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release adds support for Real-Time Collaboration and Shared Space for JupyterLab App on SageMaker Studio.", + "type": "api-change" + }, + { + "category": "``servicediscovery``", + "description": "This release adds examples to several Cloud Map actions.", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "Adding new API to support remote directory listing using SFTP connector", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.9.json b/.changes/1.32.9.json new file mode 100644 index 000000000000..6377322bd5e8 --- /dev/null +++ b/.changes/1.32.9.json @@ -0,0 +1,7 @@ +[ + { + "category": "``emr``", + "description": "Update emr command to latest version", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.90.json b/.changes/1.32.90.json new file mode 100644 index 000000000000..cc469dab089e --- /dev/null +++ b/.changes/1.32.90.json @@ -0,0 +1,47 @@ +[ + { + "category": "``bedrock``", + "description": "This release introduces Model Evaluation and Guardrails for Amazon Bedrock.", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "Introducing the ability to create multiple data sources per knowledge base, specify S3 buckets as data sources from external accounts, and exposing levers to define the deletion behavior of the underlying vector store data.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "This release introduces zero-setup file upload support for the RetrieveAndGenerate API. This allows you to chat with your data without setting up a Knowledge Base.", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "This release introduces Guardrails for Amazon Bedrock.", + "type": "api-change" + }, + { + "category": "``ce``", + "description": "Added additional metadata that might be applicable to your reservation recommendations.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release introduces EC2 AMI Deregistration Protection, a new AMI property that can be enabled by customers to protect an AMI against an unintended deregistration. This release also enables the AMI owners to view the AMI 'LastLaunchedTime' in DescribeImages API.", + "type": "api-change" + }, + { + "category": "``pi``", + "description": "Clarifies how aggregation works for GetResourceMetrics in the Performance Insights API.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Fix the example ARN for ModifyActivityStreamRequest", + "type": "api-change" + }, + { + "category": "``workspaces-web``", + "description": "Added InstanceType and MaxConcurrentSessions parameters on CreatePortal and UpdatePortal Operations as well as the ability to read Customer Managed Key & Additional Encryption Context parameters on supported resources (Portal, BrowserSettings, UserSettings, IPAccessSettings)", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.91.json b/.changes/1.32.91.json new file mode 100644 index 000000000000..206733b9fd8c --- /dev/null +++ b/.changes/1.32.91.json @@ -0,0 +1,32 @@ +[ + { + "category": "``datasync``", + "description": "This change allows users to disable and enable the schedules associated with their tasks.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Launching capability for customers to enable or disable automatic assignment of public IPv4 addresses to their network interface", + "type": "api-change" + }, + { + "category": "``emr-containers``", + "description": "EMRonEKS Service support for SecurityConfiguration enforcement for Spark Jobs.", + "type": "api-change" + }, + { + "category": "``entityresolution``", + "description": "Support Batch Unique IDs Deletion.", + "type": "api-change" + }, + { + "category": "``gamelift``", + "description": "Amazon GameLift releases container fleets support for public preview. Deploy Linux-based containerized game server software for hosting on Amazon GameLift.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "Add SSM DescribeInstanceProperties API to public AWS SDK.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.92.json b/.changes/1.32.92.json new file mode 100644 index 000000000000..bcd750c38770 --- /dev/null +++ b/.changes/1.32.92.json @@ -0,0 +1,32 @@ +[ + { + "category": "``appsync``", + "description": "UpdateGraphQLAPI documentation update and datasource introspection secret arn update", + "type": "api-change" + }, + { + "category": "``fms``", + "description": "AWS Firewall Manager adds support for network ACL policies to manage Amazon Virtual Private Cloud (VPC) network access control lists (ACLs) for accounts in your organization.", + "type": "api-change" + }, + { + "category": "``ivs``", + "description": "Bug Fix: IVS does not support arns with the `svs` prefix", + "type": "api-change" + }, + { + "category": "``ivs-realtime``", + "description": "Bug Fix: IVS Real Time does not support ARNs using the `svs` prefix.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for setting local time zones for RDS for Db2 DB instances.", + "type": "api-change" + }, + { + "category": "``stepfunctions``", + "description": "Add new ValidateStateMachineDefinition operation, which performs syntax checking on the definition of a Amazon States Language (ASL) state machine.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.93.json b/.changes/1.32.93.json new file mode 100644 index 000000000000..d8e2190b9108 --- /dev/null +++ b/.changes/1.32.93.json @@ -0,0 +1,42 @@ +[ + { + "category": "``codepipeline``", + "description": "Add ability to manually and automatically roll back a pipeline stage to a previously successful execution.", + "type": "api-change" + }, + { + "category": "``cognito-idp``", + "description": "Add LimitExceededException to SignUp errors", + "type": "api-change" + }, + { + "category": "``connectcampaigns``", + "description": "This release adds support for specifying if Answering Machine should wait for prompt sound.", + "type": "api-change" + }, + { + "category": "``marketplace-entitlement``", + "description": "Releasing minor endpoint updates.", + "type": "api-change" + }, + { + "category": "``oam``", + "description": "This release introduces support for Source Accounts to define which Metrics and Logs to share with the Monitoring Account", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "SupportsLimitlessDatabase field added to describe-db-engine-versions to indicate whether the DB engine version supports Aurora Limitless Database.", + "type": "api-change" + }, + { + "category": "``support``", + "description": "Releasing minor endpoint updates.", + "type": "api-change" + }, + { + "category": "dependency", + "description": "Bump upper bound of colorama to <0.4.7; fixes `#7086 `__", + "type": "enhancement" + } +] \ No newline at end of file diff --git a/.changes/1.32.94.json b/.changes/1.32.94.json new file mode 100644 index 000000000000..375938b849a7 --- /dev/null +++ b/.changes/1.32.94.json @@ -0,0 +1,32 @@ +[ + { + "category": "``amplify``", + "description": "Updating max results limit for listing any resources (Job, Artifacts, Branch, BackendResources, DomainAssociation) to 50 with the exception of list apps that where max results can be up to 100.", + "type": "api-change" + }, + { + "category": "``connectcases``", + "description": "This feature releases DeleteField, DeletedLayout, and DeleteTemplate API's", + "type": "api-change" + }, + { + "category": "``inspector2``", + "description": "Update Inspector2 to include new Agentless API parameters.", + "type": "api-change" + }, + { + "category": "``timestream-query``", + "description": "This change allows users to update and describe account settings associated with their accounts.", + "type": "api-change" + }, + { + "category": "``transcribe``", + "description": "This update provides error messaging for generative call summarization in Transcribe Call Analytics", + "type": "api-change" + }, + { + "category": "``trustedadvisor``", + "description": "This release adds the BatchUpdateRecommendationResourceExclusion API to support batch updates of Recommendation Resource exclusion statuses and introduces a new exclusion status filter to the ListRecommendationResources and ListOrganizationRecommendationResources APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.95.json b/.changes/1.32.95.json new file mode 100644 index 000000000000..1f12d4ef16ec --- /dev/null +++ b/.changes/1.32.95.json @@ -0,0 +1,57 @@ +[ + { + "category": "``chime-sdk-voice``", + "description": "Due to changes made by the Amazon Alexa service, GetSipMediaApplicationAlexaSkillConfiguration and PutSipMediaApplicationAlexaSkillConfiguration APIs are no longer available for use. For more information, refer to the Alexa Smart Properties page.", + "type": "api-change" + }, + { + "category": "``codeartifact``", + "description": "Add support for the Ruby package format.", + "type": "api-change" + }, + { + "category": "``fms``", + "description": "AWS Firewall Manager now supports the network firewall service stream exception policy feature for accounts within your organization.", + "type": "api-change" + }, + { + "category": "``omics``", + "description": "Add support for workflow sharing and dynamic run storage", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release enables customers to create Route53 A and AAAA alias record types to point custom endpoint domain to OpenSearch domain's dualstack search endpoint.", + "type": "api-change" + }, + { + "category": "``pinpoint-sms-voice-v2``", + "description": "Amazon Pinpoint has added two new features Multimedia services (MMS) and protect configurations. Use the three new MMS APIs to send media messages to a mobile phone which includes image, audio, text, or video files. Use the ten new protect configurations APIs to block messages to specific countries.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "This is a general availability (GA) release of Amazon Q Business. Q Business enables employees in an enterprise to get comprehensive answers to complex questions and take actions through a unified, intuitive web-based chat experience - using an enterprise's existing content, data, and systems.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "New Q embedding supporting Generative Q&A", + "type": "api-change" + }, + { + "category": "``route53resolver``", + "description": "Release of FirewallDomainRedirectionAction parameter on the Route 53 DNS Firewall Rule. This allows customers to configure a DNS Firewall rule to inspect all the domains in the DNS redirection chain (default) , such as CNAME, ALIAS, DNAME, etc., or just the first domain and trust the rest.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker Training now supports the use of attribute-based access control (ABAC) roles for training job execution roles. Amazon SageMaker Inference now supports G6 instance types.", + "type": "api-change" + }, + { + "category": "``signer``", + "description": "Documentation updates for AWS Signer. Adds cross-account signing constraint and definitions for cross-account actions.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.96.json b/.changes/1.32.96.json new file mode 100644 index 000000000000..1220bb89f4a0 --- /dev/null +++ b/.changes/1.32.96.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bedrock-agent``", + "description": "This release adds support for using MongoDB Atlas as a vector store when creating a knowledge base.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Documentation updates for Amazon EC2.", + "type": "api-change" + }, + { + "category": "``personalize-runtime``", + "description": "This release adds support for a Reason attribute for predicted items generated by User-Personalization-v2.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Updated CreateMembers API request with limits.", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "Fixes ListContacts and ListImportJobs APIs to use POST instead of GET.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.97.json b/.changes/1.32.97.json new file mode 100644 index 000000000000..149e4fb069e0 --- /dev/null +++ b/.changes/1.32.97.json @@ -0,0 +1,22 @@ +[ + { + "category": "``dynamodb``", + "description": "This release adds support to specify an optional, maximum OnDemandThroughput for DynamoDB tables and global secondary indexes in the CreateTable or UpdateTable APIs. You can also override the OnDemandThroughput settings by calling the ImportTable, RestoreFromPointInTime, or RestoreFromBackup APIs.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release includes a new API for retrieving the public endorsement key of the EC2 instance's Nitro Trusted Platform Module (NitroTPM).", + "type": "api-change" + }, + { + "category": "``personalize``", + "description": "This releases ability to delete users and their data, including their metadata and interactions data, from a dataset group.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Update Redshift Serverless List Scheduled Actions Output Response to include Namespace Name.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.98.json b/.changes/1.32.98.json new file mode 100644 index 000000000000..83aa3e34652c --- /dev/null +++ b/.changes/1.32.98.json @@ -0,0 +1,37 @@ +[ + { + "category": "``bedrock-agent``", + "description": "This release adds support for using Provisioned Throughput with Bedrock Agents.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release adds 5 new APIs for managing attachments: StartAttachedFileUpload, CompleteAttachedFileUpload, GetAttachedFile, BatchGetAttachedFileMetadata, DeleteAttachedFile. These APIs can be used to programmatically upload and download attachments to Connect resources, like cases.", + "type": "api-change" + }, + { + "category": "``connectcases``", + "description": "This feature supports the release of Files related items", + "type": "api-change" + }, + { + "category": "``datasync``", + "description": "Updated guidance on using private or self-signed certificate authorities (CAs) with AWS DataSync object storage locations.", + "type": "api-change" + }, + { + "category": "``inspector2``", + "description": "This release adds CSV format to GetCisScanReport for Inspector v2", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker Inference now supports m6i, c6i, r6i, m7i, c7i, r7i and g5 instance types for Batch Transform Jobs", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "Adds support for specifying replacement headers per BulkEmailEntry in SendBulkEmail in SESv2.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.32.99.json b/.changes/1.32.99.json new file mode 100644 index 000000000000..bb520f410a1b --- /dev/null +++ b/.changes/1.32.99.json @@ -0,0 +1,7 @@ +[ + { + "category": "``medialive``", + "description": "AWS Elemental MediaLive now supports configuring how SCTE 35 passthrough triggers segment breaks in HLS and MediaPackage output groups. Previously, messages triggered breaks in all these output groups. The new option is to trigger segment breaks only in groups that have SCTE 35 passthrough enabled.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.0.json b/.changes/1.33.0.json new file mode 100644 index 000000000000..178c89ff57e5 --- /dev/null +++ b/.changes/1.33.0.json @@ -0,0 +1,27 @@ +[ + { + "category": "``amplify``", + "description": "This doc-only update identifies fields that are specific to Gen 1 and Gen 2 applications.", + "type": "api-change" + }, + { + "category": "``batch``", + "description": "This release adds support for the AWS Batch GetJobQueueSnapshot API operation.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Adds support for EKS add-ons pod identity associations integration", + "type": "api-change" + }, + { + "category": "``iottwinmaker``", + "description": "Support RESET_VALUE UpdateType for PropertyUpdates to reset property value to default or null", + "type": "api-change" + }, + { + "category": "logs start-live-tail", + "description": "Adds support for starting a live tail streaming session for one or more log groups.", + "type": "feature" + } +] \ No newline at end of file diff --git a/.changes/1.33.1.json b/.changes/1.33.1.json new file mode 100644 index 000000000000..2c5fcc1c7b31 --- /dev/null +++ b/.changes/1.33.1.json @@ -0,0 +1,22 @@ +[ + { + "category": "``ec2``", + "description": "U7i instances with up to 32 TiB of DDR5 memory and 896 vCPUs are now available. C7i-flex instances are launched and are lower-priced variants of the Amazon EC2 C7i instances that offer a baseline level of CPU performance with the ability to scale up to the full compute performance 95% of the time.", + "type": "api-change" + }, + { + "category": "``pipes``", + "description": "This release adds Timestream for LiveAnalytics as a supported target in EventBridge Pipes", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Extend DescribeClusterNode response with private DNS hostname and IP address, and placement information about availability zone and availability zone ID.", + "type": "api-change" + }, + { + "category": "``taxsettings``", + "description": "Initial release of AWS Tax Settings API", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.10.json b/.changes/1.33.10.json new file mode 100644 index 000000000000..123c80200acf --- /dev/null +++ b/.changes/1.33.10.json @@ -0,0 +1,52 @@ +[ + { + "category": "``acm-pca``", + "description": "Doc-only update that adds name constraints as an allowed extension for ImportCertificateAuthorityCertificate.", + "type": "api-change" + }, + { + "category": "``batch``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "AWS CodeBuild now supports global and organization GitHub webhooks", + "type": "api-change" + }, + { + "category": "``cognito-idp``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``ds``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``efs``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "This release introduces a new feature, Usage profiles. Usage profiles allow the AWS Glue admin to create different profiles for various classes of users within the account, enforcing limits and defaults for jobs and sessions.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release includes support for creating I-frame only video segments for DASH trick play.", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Doc only update for Secrets Manager", + "type": "api-change" + }, + { + "category": "``waf``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.11.json b/.changes/1.33.11.json new file mode 100644 index 000000000000..a2c2ddc2d838 --- /dev/null +++ b/.changes/1.33.11.json @@ -0,0 +1,52 @@ +[ + { + "category": "``bedrock-runtime``", + "description": "This release adds support for using Guardrails with the Converse and ConverseStream APIs.", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``config``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "This release adds support to surface async fargate customer errors from async path to customer through describe-fargate-profile API response.", + "type": "api-change" + }, + { + "category": "``lightsail``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``polly``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``rekognition``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Launched a new feature in SageMaker to provide managed MLflow Tracking Servers for customers to track ML experiments. This release also adds a new capability of attaching additional storage to SageMaker HyperPod cluster instances.", + "type": "api-change" + }, + { + "category": "``shield``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``snowball``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.12.json b/.changes/1.33.12.json new file mode 100644 index 000000000000..4ca212f92a40 --- /dev/null +++ b/.changes/1.33.12.json @@ -0,0 +1,32 @@ +[ + { + "category": "``artifact``", + "description": "This release adds an acceptanceType field to the ReportSummary structure (used in the ListReports API response).", + "type": "api-change" + }, + { + "category": "``athena``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``cur``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``directconnect``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``elastictranscoder``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release enables customers to use JSON Web Tokens (JWT) for authentication on their Amazon OpenSearch Service domains.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.13.json b/.changes/1.33.13.json new file mode 100644 index 000000000000..bb7c0df1ae24 --- /dev/null +++ b/.changes/1.33.13.json @@ -0,0 +1,47 @@ +[ + { + "category": "``bedrock-runtime``", + "description": "This release adds document support to Converse and ConverseStream APIs", + "type": "api-change" + }, + { + "category": "``codeartifact``", + "description": "Add support for the Cargo package format.", + "type": "api-change" + }, + { + "category": "``compute-optimizer``", + "description": "This release enables AWS Compute Optimizer to analyze and generate optimization recommendations for Amazon RDS MySQL and RDS PostgreSQL.", + "type": "api-change" + }, + { + "category": "``cost-optimization-hub``", + "description": "This release enables AWS Cost Optimization Hub to show cost optimization recommendations for Amazon RDS MySQL and RDS PostgreSQL.", + "type": "api-change" + }, + { + "category": "``dynamodb``", + "description": "Doc-only update for DynamoDB. Fixed Important note in 6 Global table APIs - CreateGlobalTable, DescribeGlobalTable, DescribeGlobalTableSettings, ListGlobalTables, UpdateGlobalTable, and UpdateGlobalTableSettings.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Fix Glue paginators for Jobs, JobRuns, Triggers, Blueprints and Workflows.", + "type": "api-change" + }, + { + "category": "``ivs-realtime``", + "description": "IVS Real-Time now offers customers the ability to record individual stage participants to S3.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adds support for model references in Hub service, and adds support for cross-account access of Hubs", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Documentation updates for Security Hub", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.14.json b/.changes/1.33.14.json new file mode 100644 index 000000000000..13608c1230ff --- /dev/null +++ b/.changes/1.33.14.json @@ -0,0 +1,32 @@ +[ + { + "category": "``bedrock-runtime``", + "description": "Increases Converse API's document name length", + "type": "api-change" + }, + { + "category": "``customer-profiles``", + "description": "This release includes changes to ProfileObjectType APIs, adds functionality top set and get capacity for profile object types.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Fix EC2 multi-protocol info in models.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Allow enable/disable Q Apps when creating/updating a Q application; Return the Q Apps enablement information when getting a Q application.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "Add sensitive trait to SSM IPAddress property for CloudTrail redaction", + "type": "api-change" + }, + { + "category": "``workspaces-web``", + "description": "Added ability to enable DeepLinking functionality on a Portal via UserSettings as well as added support for IdentityProvider resource tagging.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.15.json b/.changes/1.33.15.json new file mode 100644 index 000000000000..dc596151dfa1 --- /dev/null +++ b/.changes/1.33.15.json @@ -0,0 +1,22 @@ +[ + { + "category": "``autoscaling``", + "description": "Doc only update for Auto Scaling's TargetTrackingMetricDataQuery", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release is for the launch of the new u7ib-12tb.224xlarge, R8g, c7gn.metal and mac2-m1ultra.metal instance types", + "type": "api-change" + }, + { + "category": "``networkmanager``", + "description": "This is model changes & documentation update for the Asynchronous Error Reporting feature for AWS Cloud WAN. This feature allows customers to view errors that occur while their resources are being provisioned, enabling customers to fix their resources without needing external support.", + "type": "api-change" + }, + { + "category": "``workspaces-thin-client``", + "description": "This release adds the deviceCreationTags field to CreateEnvironment API input, UpdateEnvironment API input and GetEnvironment API output.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.16.json b/.changes/1.33.16.json new file mode 100644 index 000000000000..ddc52d381f08 --- /dev/null +++ b/.changes/1.33.16.json @@ -0,0 +1,27 @@ +[ + { + "category": "``controltower``", + "description": "Added ListLandingZoneOperations API.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Added support for disabling unmanaged addons during cluster creation.", + "type": "api-change" + }, + { + "category": "``ivs-realtime``", + "description": "IVS Real-Time now offers customers the ability to upload public keys for customer vended participant tokens.", + "type": "api-change" + }, + { + "category": "``kinesisanalyticsv2``", + "description": "This release adds support for new ListApplicationOperations and DescribeApplicationOperation APIs. It adds a new configuration to enable system rollbacks, adds field ApplicationVersionCreateTimestamp for clarity and improves support for pagination for APIs.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release adds support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains, and provides visibility into the current state of the setup or tear-down.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.17.json b/.changes/1.33.17.json new file mode 100644 index 000000000000..a2071cef608e --- /dev/null +++ b/.changes/1.33.17.json @@ -0,0 +1,57 @@ +[ + { + "category": "``application-autoscaling``", + "description": "Amazon WorkSpaces customers can now use Application Auto Scaling to automatically scale the number of virtual desktops in a WorkSpaces pool.", + "type": "api-change" + }, + { + "category": "``chime-sdk-media-pipelines``", + "description": "Added Amazon Transcribe multi language identification to Chime SDK call analytics. Enabling customers sending single stream audio to generate call recordings using Chime SDK call analytics", + "type": "api-change" + }, + { + "category": "``cloudfront``", + "description": "Doc only update for CloudFront that fixes customer-reported issue", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "This release supports the data lineage feature of business data catalog in Amazon DataZone.", + "type": "api-change" + }, + { + "category": "``elasticache``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``mq``", + "description": "This release makes the EngineVersion field optional for both broker and configuration and uses the latest available version by default. The AutoMinorVersionUpgrade field is also now optional for broker creation and defaults to 'true'.", + "type": "api-change" + }, + { + "category": "``qconnect``", + "description": "Adds CreateContentAssociation, ListContentAssociations, GetContentAssociation, and DeleteContentAssociation APIs.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Adding support for Repeating Sections, Nested Filters", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for TAZ export to S3.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Add capability for Admins to customize Studio experience for the user by showing or hiding Apps and MLTools.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added support for WorkSpaces Pools.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.18.json b/.changes/1.33.18.json new file mode 100644 index 000000000000..b1e0c5319ac6 --- /dev/null +++ b/.changes/1.33.18.json @@ -0,0 +1,47 @@ +[ + { + "category": "``acm-pca``", + "description": "Added CCPC_LEVEL_1_OR_HIGHER KeyStorageSecurityStandard and SM2 KeyAlgorithm and SM3WITHSM2 SigningAlgorithm for China regions.", + "type": "api-change" + }, + { + "category": "``cloudhsmv2``", + "description": "Added 3 new APIs to support backup sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added BackupArn to the output of the DescribeBackups API. Added support for BackupArn in the CreateCluster API.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release supports showing PreferredAgentRouting step via DescribeContact API.", + "type": "api-change" + }, + { + "category": "``emr``", + "description": "This release provides the support for new allocation strategies i.e. CAPACITY_OPTIMIZED_PRIORITIZED for Spot and PRIORITIZED for On-Demand by taking input of priority value for each instance type for instance fleet clusters.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Added AttributesToGet parameter to Glue GetDatabases, allowing caller to limit output to include only the database name.", + "type": "api-change" + }, + { + "category": "``kinesisanalyticsv2``", + "description": "Support for Flink 1.19 in Managed Service for Apache Flink", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release removes support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains.", + "type": "api-change" + }, + { + "category": "``pi``", + "description": "Noting that the filter db.sql.db_id isn't available for RDS for SQL Server DB instances.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added support for Red Hat Enterprise Linux 8 on Amazon WorkSpaces Personal.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.19.json b/.changes/1.33.19.json new file mode 100644 index 000000000000..f2d23906e7f0 --- /dev/null +++ b/.changes/1.33.19.json @@ -0,0 +1,52 @@ +[ + { + "category": "``apigateway``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``cognito-identity``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Authentication profiles are Amazon Connect resources (in gated preview) that allow you to configure authentication settings for users in your contact center. This release adds support for new ListAuthenticationProfiles, DescribeAuthenticationProfile and UpdateAuthenticationProfile APIs.", + "type": "api-change" + }, + { + "category": "``docdb``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Updates EKS managed node groups to support EC2 Capacity Blocks for ML", + "type": "api-change" + }, + { + "category": "``payment-cryptography``", + "description": "Added further restrictions on logging of potentially sensitive inputs and outputs.", + "type": "api-change" + }, + { + "category": "``payment-cryptography-data``", + "description": "Adding support for dynamic keys for encrypt, decrypt, re-encrypt and translate pin functions. With this change, customers can use one-time TR-31 keys directly in dataplane operations without the need to first import them into the service.", + "type": "api-change" + }, + { + "category": "``stepfunctions``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``swf``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "JSON body inspection: Update documentation to clarify that JSON parsing doesn't include full validation.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.2.json b/.changes/1.33.2.json new file mode 100644 index 000000000000..37f6a1e3f974 --- /dev/null +++ b/.changes/1.33.2.json @@ -0,0 +1,22 @@ +[ + { + "category": "``globalaccelerator``", + "description": "This release contains a new optional ip-addresses input field for the update accelerator and update custom routing accelerator apis. This input enables consumers to replace IPv4 addresses on existing accelerators with addresses provided in the input.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "AWS Glue now supports native SaaS connectivity: Salesforce connector available now", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Added new params copySource and key to copyObject API for supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API functionality.", + "type": "api-change" + }, + { + "category": "emr customization", + "description": "Update the EC2 service principal when creating the trust policy for EMR default roles to always be ec2.amazonaws.com.", + "type": "bugfix" + } +] \ No newline at end of file diff --git a/.changes/1.33.20.json b/.changes/1.33.20.json new file mode 100644 index 000000000000..2d5a97ed612d --- /dev/null +++ b/.changes/1.33.20.json @@ -0,0 +1,17 @@ +[ + { + "category": "``ec2``", + "description": "Documentation updates for Elastic Compute Cloud (EC2).", + "type": "api-change" + }, + { + "category": "``fms``", + "description": "Increases Customer API's ManagedServiceData length", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Added response overrides to Head Object requests.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.21.json b/.changes/1.33.21.json new file mode 100644 index 000000000000..1f9ab9a47f3f --- /dev/null +++ b/.changes/1.33.21.json @@ -0,0 +1,27 @@ +[ + { + "category": "``application-autoscaling``", + "description": "Doc only update for Application Auto Scaling that fixes resource name.", + "type": "api-change" + }, + { + "category": "``directconnect``", + "description": "This update includes documentation for support of new native 400 GBps ports for Direct Connect.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "Added a new reason under ConstraintViolationException in RegisterDelegatedAdministrator API to prevent registering suspended accounts as delegated administrator of a service.", + "type": "api-change" + }, + { + "category": "``rekognition``", + "description": "This release adds support for tagging projects and datasets with the CreateProject and CreateDataset APIs.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Fix create workspace bundle RootStorage/UserStorage to accept non null values", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.22.json b/.changes/1.33.22.json new file mode 100644 index 000000000000..05d5e01a9178 --- /dev/null +++ b/.changes/1.33.22.json @@ -0,0 +1,22 @@ +[ + { + "category": "``acm``", + "description": "Documentation updates, including fixes for xml formatting, broken links, and ListCertificates description.", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "This release for Amazon ECR makes change to bring the SDK into sync with the API.", + "type": "api-change" + }, + { + "category": "``payment-cryptography-data``", + "description": "Added further restrictions on logging of potentially sensitive inputs and outputs.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Add personalization to Q Applications. Customers can enable or disable personalization when creating or updating a Q application with the personalization configuration.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.23.json b/.changes/1.33.23.json new file mode 100644 index 000000000000..385d82697998 --- /dev/null +++ b/.changes/1.33.23.json @@ -0,0 +1,52 @@ +[ + { + "category": "``codedeploy``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``devicefarm``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``dms``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``elasticbeanstalk``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``es``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``gamelift``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``qapps``", + "description": "This is a general availability (GA) release of Amazon Q Apps, a capability of Amazon Q Business. Q Apps leverages data sources your company has provided to enable users to build, share, and customize apps within your organization.", + "type": "api-change" + }, + { + "category": "``route53resolver``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``ses``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.24.json b/.changes/1.33.24.json new file mode 100644 index 000000000000..35ab99cbfaf5 --- /dev/null +++ b/.changes/1.33.24.json @@ -0,0 +1,22 @@ +[ + { + "category": "``datazone``", + "description": "This release deprecates dataProductItem field from SearchInventoryResultItem, along with some unused DataProduct shapes", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "Adds support for FSx for NetApp ONTAP 2nd Generation file systems, and FSx for OpenZFS Single AZ HA file systems.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release adds support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains, and provides visibility into the current state of the setup or tear-down.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release 1/ enables optimization jobs that allows customers to perform Ahead-of-time compilation and quantization. 2/ allows customers to control access to Amazon Q integration in SageMaker Studio. 3/ enables AdditionalModelDataSources for CreateModel action.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.25.json b/.changes/1.33.25.json new file mode 100644 index 000000000000..432c34ff857b --- /dev/null +++ b/.changes/1.33.25.json @@ -0,0 +1,52 @@ +[ + { + "category": "``batch``", + "description": "This feature allows AWS Batch Jobs with EKS container orchestration type to be run as Multi-Node Parallel Jobs.", + "type": "api-change" + }, + { + "category": "``bedrock``", + "description": "Add support for contextual grounding check for Guardrails for Amazon Bedrock.", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "Introduces new data sources and chunking strategies for Knowledge bases, advanced parsing logic using FMs, session summary generation, and code interpretation (preview) for Claude V3 Sonnet and Haiku models. Also introduces Prompt Flows (preview) to link prompts, foundational models, and resources.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Introduces query decomposition, enhanced Agents integration with Knowledge bases, session summary generation, and code interpretation (preview) for Claude V3 Sonnet and Haiku models. Also introduces Prompt Flows (preview) to link prompts, foundational models, and resources for end-to-end solutions.", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Add support for contextual grounding check and ApplyGuardrail API for Guardrails for Amazon Bedrock.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Add parameters to enable provisioning IPAM BYOIPv4 space at a Local Zone Network Border Group level", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Add recipe step support for recipe node", + "type": "api-change" + }, + { + "category": "``groundstation``", + "description": "Documentation update specifying OEM ephemeris units of measurement", + "type": "api-change" + }, + { + "category": "``license-manager-linux-subscriptions``", + "description": "Add support for third party subscription providers, starting with RHEL subscriptions through Red Hat Subscription Manager (RHSM). Additionally, add support for tagging subscription provider resources, and detect when an instance has more than one Linux subscription and notify the customer.", + "type": "api-change" + }, + { + "category": "``mediaconnect``", + "description": "AWS Elemental MediaConnect introduces the ability to disable outputs. Disabling an output allows you to keep the output attached to the flow, but stop streaming to the output destination. A disabled output does not incur data transfer costs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.26.json b/.changes/1.33.26.json new file mode 100644 index 000000000000..f0fc3b2a4cc3 --- /dev/null +++ b/.changes/1.33.26.json @@ -0,0 +1,27 @@ +[ + { + "category": "``acm-pca``", + "description": "Minor refactoring of C2J model for AWS Private CA", + "type": "api-change" + }, + { + "category": "``arc-zonal-shift``", + "description": "Adds the option to subscribe to get notifications when a zonal autoshift occurs in a region.", + "type": "api-change" + }, + { + "category": "``globalaccelerator``", + "description": "This feature adds exceptions to the Customer API to avoid throwing Internal Service errors", + "type": "api-change" + }, + { + "category": "``pinpoint``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Vega ally control options and Support for Reviewed Answers in Topics", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.27.json b/.changes/1.33.27.json new file mode 100644 index 000000000000..fca532be9e20 --- /dev/null +++ b/.changes/1.33.27.json @@ -0,0 +1,62 @@ +[ + { + "category": "``acm-pca``", + "description": "Fix broken waiters for the acm-pca client. Waiters broke in version 1.13.144 of the Boto3 SDK.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Amazon Connect expands search API coverage for additional resources. Search for hierarchy groups by name, ID, tag, or other criteria (new endpoint). Search for agent statuses by name, ID, tag, or other criteria (new endpoint). Search for users by their assigned proficiencies (enhanced endpoint)", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Amazon VPC IP Address Manager (IPAM) now supports Bring-Your-Own-IP (BYOIP) for IP addresses registered with any Internet Registry. This feature uses DNS TXT records to validate ownership of a public IP address range.", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "This release 1) Add configurable buffering hints for Snowflake as destination. 2) Add ReadFromTimestamp for MSK As Source. Firehose will start reading data from MSK Cluster using offset associated with this timestamp. 3) Gated public beta release to add Apache Iceberg tables as destination.", + "type": "api-change" + }, + { + "category": "``ivschat``", + "description": "Documentation update for IVS Chat API Reference.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "AWS Elemental MediaLive now supports the SRT protocol via the new SRT Caller input type.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation to specify an eventual consistency model for DescribePendingMaintenanceActions.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "SageMaker Training supports R5, T3 and R5D instances family. And SageMaker Processing supports G5 and R5D instances family.", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Doc only update for Secrets Manager", + "type": "api-change" + }, + { + "category": "``taxsettings``", + "description": "Set default endpoint for aws partition. Requests from all regions in aws partition will be forward to us-east-1 endpoint.", + "type": "api-change" + }, + { + "category": "``timestream-query``", + "description": "Doc-only update for TimestreamQuery. Added guidance about the accepted valid value for the QueryPricingModel parameter.", + "type": "api-change" + }, + { + "category": "``workspaces-thin-client``", + "description": "Documentation update for WorkSpaces Thin Client.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.28.json b/.changes/1.33.28.json new file mode 100644 index 000000000000..5073c0103cda --- /dev/null +++ b/.changes/1.33.28.json @@ -0,0 +1,22 @@ +[ + { + "category": "``datazone``", + "description": "This release adds 1/ support of register S3 locations of assets in AWS Lake Formation hybrid access mode for DefaultDataLake blueprint. 2/ support of CRUD operations for Asset Filters.", + "type": "api-change" + }, + { + "category": "``ivs``", + "description": "Documentation update for IVS Low Latency API Reference.", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Amazon Neptune Analytics provides new options for customers to start with smaller graphs at a lower cost. CreateGraph, CreaateGraphImportTask, UpdateGraph and StartImportTask APIs will now allow 32 and 64 for `provisioned-memory`", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Adds dualstack support for Redshift Serverless workgroup.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.29.json b/.changes/1.33.29.json new file mode 100644 index 000000000000..e3a1fa4d4ee8 --- /dev/null +++ b/.changes/1.33.29.json @@ -0,0 +1,37 @@ +[ + { + "category": "``appsync``", + "description": "Adding support for paginators in AppSync list APIs", + "type": "api-change" + }, + { + "category": "``cleanrooms``", + "description": "This release adds AWS Entity Resolution integration to associate ID namespaces & ID mapping workflow resources as part of ID namespace association and ID mapping table in AWS Clean Rooms. It also introduces a new ID_MAPPING_TABLE analysis rule to manage the protection on ID mapping table.", + "type": "api-change" + }, + { + "category": "``cleanroomsml``", + "description": "Adds SQL query as the source of seed audience for audience generation job.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Added PostContactSummary segment type on ListRealTimeContactAnalysisSegmentsV2 API", + "type": "api-change" + }, + { + "category": "``connect-contact-lens``", + "description": "Added PostContactSummary segment type on ListRealTimeContactAnalysisSegments API", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "This release removes the deprecated dataProductItem field from Search API output.", + "type": "api-change" + }, + { + "category": "``entityresolution``", + "description": "Support First Party ID Mapping", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.3.json b/.changes/1.33.3.json new file mode 100644 index 000000000000..fd366e3d6ea7 --- /dev/null +++ b/.changes/1.33.3.json @@ -0,0 +1,47 @@ +[ + { + "category": "``account``", + "description": "This release adds 3 new APIs (AcceptPrimaryEmailUpdate, GetPrimaryEmail, and StartPrimaryEmailUpdate) used to centrally manage the root user email address of member accounts within an AWS organization.", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "Adds integration with Secrets Manager for Redshift, Splunk, HttpEndpoint, and Snowflake destinations", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "This release adds support to increase metadata performance on FSx for Lustre file systems beyond the default level provisioned when a file system is created. This can be done by specifying MetadataConfiguration during the creation of Persistent_2 file systems or by updating it on demand.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "This release adds support for creating and updating Glue Data Catalog Views.", + "type": "api-change" + }, + { + "category": "``iotwireless``", + "description": "Adds support for wireless device to be in Conflict FUOTA Device Status due to a FUOTA Task, so it couldn't be attached to a new one.", + "type": "api-change" + }, + { + "category": "``location``", + "description": "Added two new APIs, VerifyDevicePosition and ForecastGeofenceEvents. Added support for putting larger geofences up to 100,000 vertices with Geobuf fields.", + "type": "api-change" + }, + { + "category": "``sns``", + "description": "Doc-only update for SNS. These changes include customer-reported issues and TXC3 updates.", + "type": "api-change" + }, + { + "category": "``sqs``", + "description": "Doc only updates for SQS. These updates include customer-reported issues and TCX3 modifications.", + "type": "api-change" + }, + { + "category": "``storagegateway``", + "description": "Adds SoftwareUpdatePreferences to DescribeMaintenanceStartTime and UpdateMaintenanceStartTime, a structure which contains AutomaticUpdatePolicy.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.30.json b/.changes/1.33.30.json new file mode 100644 index 000000000000..b21c0f196406 --- /dev/null +++ b/.changes/1.33.30.json @@ -0,0 +1,32 @@ +[ + { + "category": "``cleanrooms``", + "description": "Three enhancements to the AWS Clean Rooms: Disallowed Output Columns, Flexible Result Receivers, SQL as a Seed", + "type": "api-change" + }, + { + "category": "``dynamodb``", + "description": "DynamoDB doc only update for July", + "type": "api-change" + }, + { + "category": "``iotsitewise``", + "description": "Adds support for creating SiteWise Edge gateways that run on a Siemens Industrial Edge Device.", + "type": "api-change" + }, + { + "category": "``mediapackagev2``", + "description": "This release adds support for Irdeto DRM encryption in DASH manifests.", + "type": "api-change" + }, + { + "category": "``medical-imaging``", + "description": "CopyImageSet API adds copying selected instances between image sets, and overriding inconsistent metadata with a force parameter. UpdateImageSetMetadata API enables reverting to prior versions; updates to Study, Series, and SOP Instance UIDs; and updates to private elements, with a force parameter.", + "type": "api-change" + }, + { + "category": "``pinpoint-sms-voice-v2``", + "description": "Update for rebrand to AWS End User Messaging SMS and Voice.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.31.json b/.changes/1.33.31.json new file mode 100644 index 000000000000..fc8c3beefa06 --- /dev/null +++ b/.changes/1.33.31.json @@ -0,0 +1,62 @@ +[ + { + "category": "``application-autoscaling``", + "description": "Application Auto Scaling is now more responsive to the changes in demand of your SageMaker Inference endpoints. To get started, create or update a Target Tracking policy based on High Resolution CloudWatch metrics.", + "type": "api-change" + }, + { + "category": "``application-signals``", + "description": "CloudWatch Application Signals now supports application logs correlation with traces and operational health metrics of applications running on EC2 instances. Users can view the most relevant telemetry to troubleshoot application health anomalies such as spikes in latency, errors, and availability.", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Provides ServiceUnavailableException error message", + "type": "api-change" + }, + { + "category": "``codecommit``", + "description": "CreateRepository API now throws OperationNotAllowedException when the account has been restricted from creating a repository.", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "Introduces GetEnvironmentCredentials operation to SDK", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "EC2 Fleet now supports using custom identifiers to reference Amazon Machine Images (AMI) in launch requests that are configured to choose from a diversified list of instance types.", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "API and documentation updates for Amazon ECR, adding support for creating, updating, describing and deleting ECR Repository Creation Template.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "This release adds support for EKS cluster to manage extended support.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "This release adds support for sharing trust stores across accounts and organizations through integration with AWS Resource Access Manager.", + "type": "api-change" + }, + { + "category": "``network-firewall``", + "description": "You can now log events that are related to TLS inspection, in addition to the existing alert and flow logging.", + "type": "api-change" + }, + { + "category": "``outposts``", + "description": "Adding default vCPU information to GetOutpostSupportedInstanceTypes and GetOutpostInstanceTypes responses", + "type": "api-change" + }, + { + "category": "``stepfunctions``", + "description": "This release adds support to customer managed KMS key encryption in AWS Step Functions.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.32.json b/.changes/1.33.32.json new file mode 100644 index 000000000000..a108a41228c2 --- /dev/null +++ b/.changes/1.33.32.json @@ -0,0 +1,12 @@ +[ + { + "category": "``elasticache``", + "description": "Renaming full service name as it appears in developer documentation.", + "type": "api-change" + }, + { + "category": "``memorydb``", + "description": "Renaming full service name as it appears in developer documentation.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.33.json b/.changes/1.33.33.json new file mode 100644 index 000000000000..7a1f455181e1 --- /dev/null +++ b/.changes/1.33.33.json @@ -0,0 +1,62 @@ +[ + { + "category": "``appstream``", + "description": "Added support for Red Hat Enterprise Linux 8 on Amazon AppStream 2.0", + "type": "api-change" + }, + { + "category": "``autoscaling``", + "description": "Increase the length limit for VPCZoneIdentifier from 2047 to 5000", + "type": "api-change" + }, + { + "category": "``codepipeline``", + "description": "AWS CodePipeline V2 type pipelines now support stage level conditions to enable development teams to safely release changes that meet quality and compliance requirements.", + "type": "api-change" + }, + { + "category": "``elasticache``", + "description": "Doc only update for changes to deletion API.", + "type": "api-change" + }, + { + "category": "``elb``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``events``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``lexv2-models``", + "description": "This release adds new capabilities to the AMAZON.QnAIntent: Custom prompting, Guardrails integration and ExactResponse support for Bedrock Knowledge Base.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``rolesanywhere``", + "description": "IAM RolesAnywhere now supports custom role session name on the CreateSession. This release adds the acceptRoleSessionName option to a profile to control whether a role session name will be accepted in a session request with a given profile.", + "type": "api-change" + }, + { + "category": "``tnb``", + "description": "This release adds Network Service Update, through which customers will be able to update their instantiated networks to a new network package. See the documentation for limitations. The release also enhances the Get network operation API to return parameter overrides used during the operation.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Removing multi-session as it isn't supported for pools", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Disable usage of mb command with S3 Express directory buckets.", + "type": "bugfix" + } +] \ No newline at end of file diff --git a/.changes/1.33.34.json b/.changes/1.33.34.json new file mode 100644 index 000000000000..5b8075bf5739 --- /dev/null +++ b/.changes/1.33.34.json @@ -0,0 +1,47 @@ +[ + { + "category": "``bedrock``", + "description": "API and Documentation for Bedrock Model Copy feature. This feature lets you share and copy a custom model from one region to another or one account to another.", + "type": "api-change" + }, + { + "category": "``controlcatalog``", + "description": "AWS Control Tower provides two new public APIs controlcatalog:ListControls and controlcatalog:GetControl under controlcatalog service namespace, which enable customers to programmatically retrieve control metadata of available controls.", + "type": "api-change" + }, + { + "category": "``controltower``", + "description": "Updated Control Tower service documentation for controlcatalog control ARN support with existing Control Tower public APIs", + "type": "api-change" + }, + { + "category": "``iam``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``memorydb``", + "description": "Doc only update for changes to deletion API.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for specifying optional MinACU parameter in CreateDBShardGroup and ModifyDBShardGroup API. DBShardGroup response will contain MinACU if specified.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release adds support for Amazon EMR Serverless applications in SageMaker Studio for running data processing jobs.", + "type": "api-change" + }, + { + "category": "``ssm-quicksetup``", + "description": "This release adds API support for the QuickSetup feature of AWS Systems Manager", + "type": "api-change" + }, + { + "category": "``support``", + "description": "Doc only updates to CaseDetails", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.35.json b/.changes/1.33.35.json new file mode 100644 index 000000000000..232e845ab014 --- /dev/null +++ b/.changes/1.33.35.json @@ -0,0 +1,27 @@ +[ + { + "category": "``cloudwatch``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``kinesis``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``resiliencehub``", + "description": "Customers are presented with the grouping recommendations and can determine if the recommendations are accurate and apply to their case. This feature simplifies onboarding by organizing resources into appropriate AppComponents.", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``waf-regional``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.36.json b/.changes/1.33.36.json new file mode 100644 index 000000000000..e639f03e1e0d --- /dev/null +++ b/.changes/1.33.36.json @@ -0,0 +1,22 @@ +[ + { + "category": "``datazone``", + "description": "This releases Data Product feature. Data Products allow grouping data assets into cohesive, self-contained units for ease of publishing for data producers, and ease of finding and accessing for data consumers.", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "Released two new APIs along with documentation updates. The GetAccountSetting API is used to view the current basic scan type version setting for your registry, while the PutAccountSetting API is used to update the basic scan type version for your registry.", + "type": "api-change" + }, + { + "category": "``kinesis-video-webrtc-storage``", + "description": "Add JoinStorageSessionAsViewer API", + "type": "api-change" + }, + { + "category": "``pi``", + "description": "Added a description for the Dimension db.sql.tokenized_id on the DimensionGroup data type page.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.37.json b/.changes/1.33.37.json new file mode 100644 index 000000000000..dafb64b9b144 --- /dev/null +++ b/.changes/1.33.37.json @@ -0,0 +1,22 @@ +[ + { + "category": "``bedrock-agent-runtime``", + "description": "Introduce model invocation output traces for orchestration traces, which contain the model's raw response and usage.", + "type": "api-change" + }, + { + "category": "``cognito-idp``", + "description": "Advanced security feature updates to include password history and log export for Cognito user pools.", + "type": "api-change" + }, + { + "category": "``cost-optimization-hub``", + "description": "This release adds savings percentage support to the ListRecommendationSummaries API.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added support for BYOL_GRAPHICS_G4DN_WSP IngestionProcess", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.38.json b/.changes/1.33.38.json new file mode 100644 index 000000000000..a9ca9e241a9d --- /dev/null +++ b/.changes/1.33.38.json @@ -0,0 +1,12 @@ +[ + { + "category": "``appintegrations``", + "description": "Updated CreateDataIntegration and CreateDataIntegrationAssociation API to support bulk data export from Amazon Connect Customer Profiles to the customer S3 bucket.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Introducing AWS Glue Data Quality anomaly detection, a new functionality that uses ML-based solutions to detect data anomalies users have not explicitly defined rules for.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.39.json b/.changes/1.33.39.json new file mode 100644 index 000000000000..a6cc4b5e12f4 --- /dev/null +++ b/.changes/1.33.39.json @@ -0,0 +1,22 @@ +[ + { + "category": "``cognito-idp``", + "description": "Added support for threat protection for custom authentication in Amazon Cognito user pools.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release fixes a regression in number of access control tags that are allowed to be added to a security profile in Amazon Connect. You can now add up to four access control tags on a single security profile.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Launch of private IPv6 addressing for VPCs and Subnets. VPC IPAM supports the planning and monitoring of private IPv6 usage.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "This release adds support to retrieve the validation status when creating or updating Glue Data Catalog Views. Also added is support for BasicCatalogTarget partition keys.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.4.json b/.changes/1.33.4.json new file mode 100644 index 000000000000..211f72fb642e --- /dev/null +++ b/.changes/1.33.4.json @@ -0,0 +1,27 @@ +[ + { + "category": "``auditmanager``", + "description": "New feature: common controls. When creating custom controls, you can now use pre-grouped AWS data sources based on common compliance themes. Also, the awsServices parameter is deprecated because we now manage services in scope for you. If used, the input is ignored and an empty list is returned.", + "type": "api-change" + }, + { + "category": "``b2bi``", + "description": "Added exceptions to B2Bi List operations and ConflictException to B2Bi StartTransformerJob operation. Also made capabilities field explicitly required when creating a Partnership.", + "type": "api-change" + }, + { + "category": "``codepipeline``", + "description": "CodePipeline now supports overriding S3 Source Object Key during StartPipelineExecution, as part of Source Overrides.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release introduces a new optional parameter: InferenceAmiVersion, in ProductionVariant.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "This release adds OpenIdConnect (OIDC) configuration support for IdentitySources, allowing for external IDPs to be used in authorization requests.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.40.json b/.changes/1.33.40.json new file mode 100644 index 000000000000..21456a4c20f1 --- /dev/null +++ b/.changes/1.33.40.json @@ -0,0 +1,17 @@ +[ + { + "category": "``cognito-idp``", + "description": "Fixed a description of AdvancedSecurityAdditionalFlows in Amazon Cognito user pool configuration.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release supports adding RoutingCriteria via UpdateContactRoutingData public API.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "Systems Manager doc-only updates for August 2024.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.41.json b/.changes/1.33.41.json new file mode 100644 index 000000000000..6bcd6a839c31 --- /dev/null +++ b/.changes/1.33.41.json @@ -0,0 +1,37 @@ +[ + { + "category": "``compute-optimizer``", + "description": "Doc only update for Compute Optimizer that fixes several customer-reported issues relating to ECS finding classifications", + "type": "api-change" + }, + { + "category": "``config``", + "description": "Documentation update for the OrganizationConfigRuleName regex pattern.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds new capabilities to manage On-Demand Capacity Reservations including the ability to split your reservation, move capacity between reservations, and modify the instance eligibility of your reservation.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Added support for new AL2023 GPU AMIs to the supported AMITypes.", + "type": "api-change" + }, + { + "category": "``groundstation``", + "description": "Updating documentation for OEMEphemeris to link to AWS Ground Station User Guide", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "AWS Elemental MediaLive now supports now supports editing the PID values for a Multiplex.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Releasing large data support as part of CreateAutoMLJobV2 in SageMaker Autopilot and CreateDomain API for SageMaker Canvas.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.42.json b/.changes/1.33.42.json new file mode 100644 index 000000000000..e9d58feca774 --- /dev/null +++ b/.changes/1.33.42.json @@ -0,0 +1,27 @@ +[ + { + "category": "``amplify``", + "description": "Add a new field \"cacheConfig\" that enables users to configure the CDN cache settings for an App", + "type": "api-change" + }, + { + "category": "``appstream``", + "description": "This release includes following new APIs: CreateThemeForStack, DescribeThemeForStack, UpdateThemeForStack, DeleteThemeForStack to support custom branding programmatically.", + "type": "api-change" + }, + { + "category": "``fis``", + "description": "This release adds support for additional error information on experiment failure. It adds the error code, location, and account id on relevant failures to the GetExperiment and ListExperiment API responses.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Add AttributesToGet parameter support for Glue GetTables", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Amazon Neptune Analytics provides a new option for customers to load data into a graph using the RDF (Resource Description Framework) NTRIPLES format. When loading NTRIPLES files, use the value `convertToIri` for the `blankNodeHandling` parameter.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.43.json b/.changes/1.33.43.json new file mode 100644 index 000000000000..1ecba0d08a40 --- /dev/null +++ b/.changes/1.33.43.json @@ -0,0 +1,7 @@ +[ + { + "category": "``codebuild``", + "description": "AWS CodeBuild now supports using Secrets Manager to store git credentials and using multiple source credentials in a single project.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.44.json b/.changes/1.33.44.json new file mode 100644 index 000000000000..03313bbe4a51 --- /dev/null +++ b/.changes/1.33.44.json @@ -0,0 +1,22 @@ +[ + { + "category": "``docdb``", + "description": "This release adds Global Cluster Failover capability which enables you to change your global cluster's primary AWS region, the region that serves writes, during a regional outage. Performing a failover action preserves your Global Cluster setup.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release introduces a new ContainerDefinition configuration to support the customer-managed keys for ECS container restart feature.", + "type": "api-change" + }, + { + "category": "``iam``", + "description": "Make the LastUsedDate field in the GetAccessKeyLastUsed response optional. This may break customers who only call the API for access keys with a valid LastUsedDate. This fixes a deserialization issue for access keys without a LastUsedDate, because the field was marked as required but could be null.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Amazon Simple Storage Service / Features : Adds support for pagination in the S3 ListBuckets API.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.5.json b/.changes/1.33.5.json new file mode 100644 index 000000000000..5e768982a854 --- /dev/null +++ b/.changes/1.33.5.json @@ -0,0 +1,17 @@ +[ + { + "category": "``application-signals``", + "description": "This is the initial SDK release for Amazon CloudWatch Application Signals. Amazon CloudWatch Application Signals provides curated application performance monitoring for developers to monitor and troubleshoot application health using pre-built dashboards and Service Level Objectives.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release introduces a new cluster configuration to support the customer-managed keys for ECS managed storage encryption.", + "type": "api-change" + }, + { + "category": "``imagebuilder``", + "description": "This release updates the regex pattern for Image Builder ARNs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.6.json b/.changes/1.33.6.json new file mode 100644 index 000000000000..0144a29417a7 --- /dev/null +++ b/.changes/1.33.6.json @@ -0,0 +1,27 @@ +[ + { + "category": "``accessanalyzer``", + "description": "IAM Access Analyzer now provides policy recommendations to help resolve unused permissions for IAM roles and users. Additionally, IAM Access Analyzer now extends its custom policy checks to detect when IAM policies grant public access or access to critical resources ahead of deployments.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Added API support for GuardDuty Malware Protection for S3.", + "type": "api-change" + }, + { + "category": "``networkmanager``", + "description": "This is model changes & documentation update for Service Insertion feature for AWS Cloud WAN. This feature allows insertion of AWS/3rd party security services on Cloud WAN. This allows to steer inter/intra segment traffic via security appliances and provide visibility to the route updates.", + "type": "api-change" + }, + { + "category": "``pca-connector-scep``", + "description": "Connector for SCEP allows you to use a managed, cloud CA to enroll mobile devices and networking gear. SCEP is a widely-adopted protocol used by mobile device management (MDM) solutions for enrolling mobile devices. With the connector, you can use AWS Private CA with popular MDM solutions.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Introduced Scope and AuthenticationRequestExtraParams to SageMaker Workforce OIDC configuration; this allows customers to modify these options for their private Workforce IdP integration. Model Registry Cross-account model package groups are discoverable.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.7.json b/.changes/1.33.7.json new file mode 100644 index 000000000000..0867baca8b24 --- /dev/null +++ b/.changes/1.33.7.json @@ -0,0 +1,37 @@ +[ + { + "category": "``apptest``", + "description": "AWS Mainframe Modernization Application Testing is an AWS Mainframe Modernization service feature that automates functional equivalence testing for mainframe application modernization and migration to AWS, and regression testing.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Tagging support for Traffic Mirroring FilterRule resource", + "type": "api-change" + }, + { + "category": "``osis``", + "description": "SDK changes for self-managed vpc endpoint to OpenSearch ingestion pipelines.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Updates to remove DC1 and DS2 node types.", + "type": "api-change" + }, + { + "category": "``secretsmanager``", + "description": "Introducing RotationToken parameter for PutSecretValue API", + "type": "api-change" + }, + { + "category": "``securitylake``", + "description": "This release updates request validation regex to account for non-commercial aws partitions.", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "This release adds support for Amazon EventBridge as an email sending events destination.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.8.json b/.changes/1.33.8.json new file mode 100644 index 000000000000..f2f6b12bad9e --- /dev/null +++ b/.changes/1.33.8.json @@ -0,0 +1,27 @@ +[ + { + "category": "``cloudhsmv2``", + "description": "Added support for hsm type hsm2m.medium. Added supported for creating a cluster in FIPS or NON_FIPS mode.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "This release adds support for configuration of evaluation method for composite rules in Glue Data Quality rulesets.", + "type": "api-change" + }, + { + "category": "``iotwireless``", + "description": "Add RoamingDeviceSNR and RoamingDeviceRSSI to Customer Metrics.", + "type": "api-change" + }, + { + "category": "``kms``", + "description": "This feature allows customers to use their keys stored in KMS to derive a shared secret which can then be used to establish a secured channel for communication, provide proof of possession, or establish trust with other parties.", + "type": "api-change" + }, + { + "category": "``mediapackagev2``", + "description": "This release adds support for CMAF ingest (DASH-IF live media ingest protocol interface 1)", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.33.9.json b/.changes/1.33.9.json new file mode 100644 index 000000000000..bf1b45b7bc3c --- /dev/null +++ b/.changes/1.33.9.json @@ -0,0 +1,27 @@ +[ + { + "category": "``datazone``", + "description": "This release introduces a new default service blueprint for custom environment creation.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Documentation updates for Amazon EC2.", + "type": "api-change" + }, + { + "category": "``macie2``", + "description": "This release adds support for managing the status of automated sensitive data discovery for individual accounts in an organization, and determining whether individual S3 buckets are included in the scope of the analyses.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release adds the ability to search for historical job records within the management console using a search box and/or via the SDK/CLI with partial string matching search on input file name.", + "type": "api-change" + }, + { + "category": "``route53domains``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.0.json b/.changes/1.34.0.json new file mode 100644 index 000000000000..cb4a18d67474 --- /dev/null +++ b/.changes/1.34.0.json @@ -0,0 +1,32 @@ +[ + { + "category": "``batch``", + "description": "Improvements of integration between AWS Batch and EC2.", + "type": "api-change" + }, + { + "category": "``inspector2``", + "description": "Update the correct format of key and values for resource tags", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Amazon QuickSight launches Customer Managed Key (CMK) encryption for Data Source metadata", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Introduce Endpoint and EndpointConfig Arns in sagemaker:ListPipelineExecutionSteps API response", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "Marking use case description field of account details as deprecated.", + "type": "api-change" + }, + { + "category": "``codeartifact``", + "description": "Update login command error message.", + "type": "enhancement" + } +] \ No newline at end of file diff --git a/.changes/1.34.1.json b/.changes/1.34.1.json new file mode 100644 index 000000000000..445c1a3aeba4 --- /dev/null +++ b/.changes/1.34.1.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bedrock``", + "description": "Amazon Bedrock Batch Inference/ Model Invocation is a feature which allows customers to asynchronously run inference on a large set of records/files stored in S3.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "AWS CodeBuild now supports creating fleets with macOS platform for running builds.", + "type": "api-change" + }, + { + "category": "``deadline``", + "description": "This release adds additional search fields and provides sorting by multiple fields.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Release Lambda FunctionRecursiveConfig, enabling customers to turn recursive loop detection on or off on individual functions. This release adds two new APIs, GetFunctionRecursionConfig and PutFunctionRecursionConfig.", + "type": "api-change" + }, + { + "category": "``ssm-sap``", + "description": "Add new attributes to the outputs of GetApplication and GetDatabase APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.10.json b/.changes/1.34.10.json new file mode 100644 index 000000000000..5a70eb323e98 --- /dev/null +++ b/.changes/1.34.10.json @@ -0,0 +1,22 @@ +[ + { + "category": "``backup``", + "description": "The latest update introduces two new attributes, VaultType and VaultState, to the DescribeBackupVault and ListBackupVaults APIs. The VaultState attribute reflects the current status of the vault, while the VaultType attribute indicates the specific category of the vault.", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "Amazon DataZone now adds new governance capabilities of Domain Units for organization within your Data Domains, and Authorization Policies for tighter controls.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "This release introduces a new optional parameter: Entity, in PutLogEvents request", + "type": "api-change" + }, + { + "category": "``redshift-data``", + "description": "The release include the new Redshift DataAPI feature for session use, customer execute query with --session-keep-alive-seconds parameter and can submit follow-up queries to same sessions with returned`session-id`", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.11.json b/.changes/1.34.11.json new file mode 100644 index 000000000000..f51f352bd7f3 --- /dev/null +++ b/.changes/1.34.11.json @@ -0,0 +1,37 @@ +[ + { + "category": "``connect``", + "description": "Release ReplicaConfiguration as part of DescribeInstance", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "Add support to let data publisher specify a subset of the data asset that a subscriber will have access to based on the asset filters provided, when accepting a subscription request.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "This release adds support for configuring TCP idle timeout on NLB and GWLB listeners.", + "type": "api-change" + }, + { + "category": "``mediaconnect``", + "description": "AWS Elemental MediaConnect introduces thumbnails for Flow source monitoring. Thumbnails provide still image previews of the live content feeding your MediaConnect Flow allowing you to easily verify that your source is operating as expected.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "Added MinQP as a Rate Control option for H264 and H265 encodes.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker now supports automatic mounting of a user's home folder in the Amazon Elastic File System (EFS) associated with the SageMaker Studio domain to their Studio Spaces to enable users to share data between their own private spaces.", + "type": "api-change" + }, + { + "category": "``timestream-influxdb``", + "description": "Timestream for InfluxDB now supports compute scaling and deployment type conversion. This release adds the DbInstanceType and DeploymentType parameters to the UpdateDbInstance API.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.12.json b/.changes/1.34.12.json new file mode 100644 index 000000000000..5cba34828bf2 --- /dev/null +++ b/.changes/1.34.12.json @@ -0,0 +1,32 @@ +[ + { + "category": "``appsync``", + "description": "Adds new logging levels (INFO and DEBUG) for additional log output control", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "Add support for user metadata inside PromptVariant.", + "type": "api-change" + }, + { + "category": "``finspace``", + "description": "Updates Finspace documentation for smaller instances.", + "type": "api-change" + }, + { + "category": "``fis``", + "description": "This release adds safety levers, a new mechanism to stop all running experiments and prevent new experiments from starting.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Update to support new APIs for delivery of logs from AWS services.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "Amazon Simple Storage Service /S3 Access Grants / Features : This release launches new Access Grants API - ListCallerAccessGrants.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.13.json b/.changes/1.34.13.json new file mode 100644 index 000000000000..ab4e0c5d5c0d --- /dev/null +++ b/.changes/1.34.13.json @@ -0,0 +1,32 @@ +[ + { + "category": "``application-signals``", + "description": "Amazon CloudWatch Application Signals now supports creating Service Level Objectives using a new calculation type. Users can now create SLOs which are configured with request-based SLIs to help meet their specific business requirements.", + "type": "api-change" + }, + { + "category": "``codepipeline``", + "description": "Updates to add recent notes to APIs and to replace example S3 bucket names globally.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Amazon Connect Custom Vocabulary now supports Catalan (Spain), Danish (Denmark), Dutch (Netherlands), Finnish (Finland), Indonesian (Indonesia), Malay (Malaysia), Norwegian Bokmal (Norway), Polish (Poland), Swedish (Sweden), and Tagalog/Filipino (Philippines).", + "type": "api-change" + }, + { + "category": "``gamelift``", + "description": "Amazon GameLift provides additional events for tracking the fleet creation process.", + "type": "api-change" + }, + { + "category": "``kinesisanalyticsv2``", + "description": "Support for Flink 1.20 in Managed Service for Apache Flink", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker now supports idle shutdown of JupyterLab and CodeEditor applications on SageMaker Studio.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.14.json b/.changes/1.34.14.json new file mode 100644 index 000000000000..500f5a6ec5bb --- /dev/null +++ b/.changes/1.34.14.json @@ -0,0 +1,7 @@ +[ + { + "category": "``qapps``", + "description": "Adds UpdateLibraryItemMetadata api to change status of app for admin verification feature and returns isVerified field in any api returning the app or library item.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.15.json b/.changes/1.34.15.json new file mode 100644 index 000000000000..b6a59055f0d9 --- /dev/null +++ b/.changes/1.34.15.json @@ -0,0 +1,32 @@ +[ + { + "category": "``dynamodb``", + "description": "Doc-only update for DynamoDB. Added information about async behavior for TagResource and UntagResource APIs and updated the description of ResourceInUseException.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "Add paginators for the ELBv2 DescribeListenerCertificates and DescribeRules APIs. Fix broken waiter for the ELBv2 DescribeLoadBalancers API.", + "type": "api-change" + }, + { + "category": "``ivs-realtime``", + "description": "IVS Real-Time now offers customers the ability to broadcast to Stages using RTMP(S).", + "type": "api-change" + }, + { + "category": "``kafka``", + "description": "Amazon MSK Replicator can now replicate data to identically named topics between MSK clusters within the same AWS Region or across different AWS Regions.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon Sagemaker supports orchestrating SageMaker HyperPod clusters with Amazon EKS", + "type": "api-change" + }, + { + "category": "``sagemaker-runtime``", + "description": "AWS SageMaker Runtime feature: Add sticky routing to support stateful inference models.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.16.json b/.changes/1.34.16.json new file mode 100644 index 000000000000..469de838a27f --- /dev/null +++ b/.changes/1.34.16.json @@ -0,0 +1,22 @@ +[ + { + "category": "``chime-sdk-voice``", + "description": "Documentation-only update that clarifies the ValidateE911Address action of the Amazon Chime SDK Voice APIs.", + "type": "api-change" + }, + { + "category": "``cognito-identity``", + "description": "This release adds sensitive trait to some required shapes.", + "type": "api-change" + }, + { + "category": "``pipes``", + "description": "This release adds support for customer managed KMS keys in Amazon EventBridge Pipe", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Documentation update for Security Hub", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.17.json b/.changes/1.34.17.json new file mode 100644 index 000000000000..654201bd16f6 --- /dev/null +++ b/.changes/1.34.17.json @@ -0,0 +1,32 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Amazon Bedrock Knowledge Bases now supports using inference profiles to increase throughput and improve resilience.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Amazon Bedrock Knowledge Bases now supports using inference profiles to increase throughput and improve resilience.", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "Added KMS_DSSE to EncryptionType", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Add support for new statistic types in GetFindingsStatistics.", + "type": "api-change" + }, + { + "category": "``lexv2-models``", + "description": "Support new Polly voice engines in VoiceSettings: long-form and generative", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "Adds AV1 Codec support, SRT ouputs, and MediaLive Anywhere support.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.18.json b/.changes/1.34.18.json new file mode 100644 index 000000000000..ee801b19b93f --- /dev/null +++ b/.changes/1.34.18.json @@ -0,0 +1,42 @@ +[ + { + "category": "``cognito-idp``", + "description": "Added email MFA option to user pools with advanced security features.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "Correct incorrectly mapped error in ELBv2 waiters", + "type": "api-change" + }, + { + "category": "``emr``", + "description": "Update APIs to allow modification of ODCR options, allocation strategy, and InstanceTypeConfigs on running InstanceFleet clusters.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "AWS Glue is introducing two new optimizers for Apache Iceberg tables: snapshot retention and orphan file deletion. Customers can enable these optimizers and customize their configurations to perform daily maintenance tasks on their Iceberg tables based on their specific requirements.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release includes support for dynamic video overlay workflows, including picture-in-picture and squeezeback", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for the os-upgrade pending maintenance action for Amazon Aurora DB clusters.", + "type": "api-change" + }, + { + "category": "``storagegateway``", + "description": "The S3 File Gateway now supports DSSE-KMS encryption. A new parameter EncryptionType is added to these APIs: CreateSmbFileShare, CreateNfsFileShare, UpdateSmbFileShare, UpdateNfsFileShare, DescribeSmbFileShares, DescribeNfsFileShares. Also, in favor of EncryptionType, KmsEncrypted is deprecated.", + "type": "api-change" + }, + { + "category": "``synthetics``", + "description": "This release introduces two features. The first is tag replication, which allows for the propagation of canary tags onto Synthetics related resources, such as Lambda functions. The second is a limit increase in canary name length, which has now been increased from 21 to 255 characters.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.19.json b/.changes/1.34.19.json new file mode 100644 index 000000000000..30c7713c5b32 --- /dev/null +++ b/.changes/1.34.19.json @@ -0,0 +1,17 @@ +[ + { + "category": "``amplify``", + "description": "Doc only update to Amplify to explain platform setting for Next.js 14 SSG only applications", + "type": "api-change" + }, + { + "category": "``ivs``", + "description": "Updates to all tags descriptions.", + "type": "api-change" + }, + { + "category": "``ivschat``", + "description": "Updates to all tags descriptions.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.2.json b/.changes/1.34.2.json new file mode 100644 index 000000000000..d61655d0d72e --- /dev/null +++ b/.changes/1.34.2.json @@ -0,0 +1,17 @@ +[ + { + "category": "``ecs``", + "description": "Documentation only release to address various tickets", + "type": "api-change" + }, + { + "category": "``opensearchserverless``", + "description": "Added FailureCode and FailureMessage to BatchGetCollectionResponse for BatchGetVPCEResponse for non-Active Collection and VPCE.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Amazon Simple Storage Service / Features : Add support for conditional writes for PutObject and CompleteMultipartUpload APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.20.json b/.changes/1.34.20.json new file mode 100644 index 000000000000..ad11cc51f9f9 --- /dev/null +++ b/.changes/1.34.20.json @@ -0,0 +1,32 @@ +[ + { + "category": "``bedrock``", + "description": "This feature adds cross account s3 bucket and VPC support to ModelInvocation jobs. To use a cross account bucket, pass in the accountId of the bucket to s3BucketOwner in the ModelInvocationJobInputDataConfig or ModelInvocationJobOutputDataConfig.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "This release adds additional enhancements to AWS IoT Device Management Software Package Catalog and Jobs. It also adds SBOM support in Software Package Version.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "Removing the ON_PREMISE enum from the input settings field.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "Doc only update for AWS Organizations that fixes several customer-reported issues", + "type": "api-change" + }, + { + "category": "``pca-connector-scep``", + "description": "This is a general availability (GA) release of Connector for SCEP, a feature of AWS Private CA. Connector for SCEP links your SCEP-enabled and mobile device management systems to AWS Private CA for digital signature installation and certificate management.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Launching Global Cluster tagging.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.21.json b/.changes/1.34.21.json new file mode 100644 index 000000000000..53907cc5739c --- /dev/null +++ b/.changes/1.34.21.json @@ -0,0 +1,32 @@ +[ + { + "category": "``codebuild``", + "description": "GitLab Enhancements - Add support for Self-Hosted GitLab runners in CodeBuild. Add group webhooks", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "The `DescribeImageScanning` API now includes `fixAvailable`, `exploitAvailable`, and `fixedInVersion` fields to provide more detailed information about the availability of fixes, exploits, and fixed versions for identified image vulnerabilities.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This is a documentation only release to address various tickets.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Support for JSON resource-based policies and block public access", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation with configuration information about the BYOL model for RDS for Db2.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "Support for additional levels of cross-account, cross-Region organizational units in Automation. Various documentation updates.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.22.json b/.changes/1.34.22.json new file mode 100644 index 000000000000..938a1835e817 --- /dev/null +++ b/.changes/1.34.22.json @@ -0,0 +1,37 @@ +[ + { + "category": "``ce``", + "description": "This release extends the GetReservationPurchaseRecommendation API to support recommendations for Amazon DynamoDB reservations.", + "type": "api-change" + }, + { + "category": "``ds``", + "description": "Added new APIs for enabling, disabling, and describing access to the AWS Directory Service Data API", + "type": "api-change" + }, + { + "category": "``ds-data``", + "description": "Added new AWS Directory Service Data API, enabling you to manage data stored in AWS Directory Service directories. This includes APIs for creating, reading, updating, and deleting directory users, groups, and group memberships.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Add `launchType` and `sourceIPs` fields to GuardDuty findings.", + "type": "api-change" + }, + { + "category": "``mailmanager``", + "description": "Introduce a new RuleSet condition evaluation, where customers can set up a StringExpression with a MimeHeader condition. This condition will perform the necessary validation based on the X-header provided by customers.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation with information upgrading snapshots with unsupported engine versions for RDS for MySQL and RDS for PostgreSQL.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Added SSE-KMS support for directory buckets.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.23.json b/.changes/1.34.23.json new file mode 100644 index 000000000000..089432ac9cbc --- /dev/null +++ b/.changes/1.34.23.json @@ -0,0 +1,42 @@ +[ + { + "category": "``codeconnections``", + "description": "This release adds the PullRequestComment field to CreateSyncConfiguration API input, UpdateSyncConfiguration API input, GetSyncConfiguration API output and ListSyncConfiguration API output", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "This change is for releasing TestConnection api SDK model", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Tagging support for Lambda event source mapping, and code signing configuration resources.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release provides support for additional DRM configurations per SPEKE Version 2.0.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "Adds Bandwidth Reduction Filtering for HD AVC and HEVC encodes, multiplex container settings.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "QuickSight: 1. Add new API - ListFoldersForResource. 2. Commit mode adds visibility configuration of Apply button on multi-select controls for authors.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Introduced support for G6e instance types on SageMaker Studio for JupyterLab and CodeEditor applications.", + "type": "api-change" + }, + { + "category": "``workspaces-web``", + "description": "WorkSpaces Secure Browser now enables Administrators to view and manage end-user browsing sessions via Session Management APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.24.json b/.changes/1.34.24.json new file mode 100644 index 000000000000..ea8d84927015 --- /dev/null +++ b/.changes/1.34.24.json @@ -0,0 +1,32 @@ +[ + { + "category": "``dynamodb``", + "description": "Generate account endpoint for DynamoDB requests when the account ID is available", + "type": "api-change" + }, + { + "category": "``neptune``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker now supports using manifest files to specify the location of uncompressed model artifacts within Model Packages", + "type": "api-change" + }, + { + "category": "``sagemaker-metrics``", + "description": "This release introduces support for the SageMaker Metrics BatchGetMetrics API.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Releasing new ErrorCodes for SysPrep failures during ImageImport and CreateImage process", + "type": "api-change" + }, + { + "category": "paginator", + "description": "Add warning when a non-positive value is provided for the max-items pagination parameter.", + "type": "enhancement" + } +] \ No newline at end of file diff --git a/.changes/1.34.25.json b/.changes/1.34.25.json new file mode 100644 index 000000000000..26891b23a5a7 --- /dev/null +++ b/.changes/1.34.25.json @@ -0,0 +1,42 @@ +[ + { + "category": "``apigateway``", + "description": "Documentation updates for Amazon API Gateway", + "type": "api-change" + }, + { + "category": "``athena``", + "description": "List/Get/Update/Delete/CreateDataCatalog now integrate with AWS Glue connections. Users can create a Glue connection through Athena or use a Glue connection to define their Athena federated parameters.", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "Amazon Bedrock Prompt Flows and Prompt Management now supports using inference profiles to increase throughput and improve resilience.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Amazon EC2 G6e instances powered by NVIDIA L40S Tensor Core GPUs are the most cost-efficient GPU instances for deploying generative AI models and the highest performance GPU instances for spatial computing workloads.", + "type": "api-change" + }, + { + "category": "``emr-serverless``", + "description": "This release adds support for job concurrency and queuing configuration at Application level.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Added AthenaProperties parameter to Glue Connections, allowing Athena to store service specific properties on Glue Connections.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Support ComputeRedundancy parameter in ModifyDBShardGroup API. Add DBShardGroupArn in DBShardGroup API response. Remove InvalidMaxAcuFault from CreateDBShardGroup and ModifyDBShardGroup API. Both API will throw InvalidParameterValueException for invalid ACU configuration.", + "type": "api-change" + }, + { + "category": "``resource-explorer-2``", + "description": "AWS Resource Explorer released ListResources feature which allows customers to list all indexed AWS resources within a view.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.26.json b/.changes/1.34.26.json new file mode 100644 index 000000000000..7a847d1b276d --- /dev/null +++ b/.changes/1.34.26.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bedrock``", + "description": "Add support for Cross Region Inference in Bedrock Model Evaluations.", + "type": "api-change" + }, + { + "category": "``budgets``", + "description": "Releasing minor partitional endpoint updates", + "type": "api-change" + }, + { + "category": "``kinesis``", + "description": "This release includes support to add tags when creating a stream", + "type": "api-change" + }, + { + "category": "``pinpoint-sms-voice-v2``", + "description": "AWS End User Messaging SMS-Voice V2 has added support for resource policies. Use the three new APIs to create, view, edit, and delete resource policies.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adding `HiddenInstanceTypes` and `HiddenSageMakerImageVersionAliases` attribute to SageMaker API", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.27.json b/.changes/1.34.27.json new file mode 100644 index 000000000000..49b22905de81 --- /dev/null +++ b/.changes/1.34.27.json @@ -0,0 +1,17 @@ +[ + { + "category": "``cloudtrail``", + "description": "Doc-only update for CloudTrail network activity events release (in preview)", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Updates to documentation for the transit gateway security group referencing feature.", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "Doc-only update to address Lustre S3 hard-coded names.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.28.json b/.changes/1.34.28.json new file mode 100644 index 000000000000..5b9026c80bb3 --- /dev/null +++ b/.changes/1.34.28.json @@ -0,0 +1,32 @@ +[ + { + "category": "``chatbot``", + "description": "Return State and StateReason fields for Chatbot Channel Configurations.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Reverting Lambda resource-based policy and block public access APIs.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "Add support for policy operations on the CHATBOT_POLICY policy type.", + "type": "api-change" + }, + { + "category": "``pcs``", + "description": "AWS PCS API documentation - Edited the description of the iamInstanceProfileArn parameter of the CreateComputeNodeGroup and UpdateComputeNodeGroup actions; edited the description of the SlurmCustomSetting data type to list the supported parameters for clusters and compute node groups.", + "type": "api-change" + }, + { + "category": "``rds-data``", + "description": "Documentation update for RDS Data API to reflect support for Aurora MySQL Serverless v2 and Provisioned DB clusters.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adding `TagPropagation` attribute to Sagemaker API", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.29.json b/.changes/1.34.29.json new file mode 100644 index 000000000000..1a94c8937e3c --- /dev/null +++ b/.changes/1.34.29.json @@ -0,0 +1,22 @@ +[ + { + "category": "``customer-profiles``", + "description": "Introduces optional RoleArn parameter for PutIntegration request and includes RoleArn in the response of PutIntegration, GetIntegration and ListIntegrations", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Adding personalization in QuickSight data stories. Admins can enable or disable personalization through QuickSight settings.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Documentation updates for AWS Security Hub", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "This release adds support for engagement tracking over Https using custom domains.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.3.json b/.changes/1.34.3.json new file mode 100644 index 000000000000..ab0c3ed3a803 --- /dev/null +++ b/.changes/1.34.3.json @@ -0,0 +1,32 @@ +[ + { + "category": "``ec2``", + "description": "DescribeInstanceStatus now returns health information on EBS volumes attached to Nitro instances", + "type": "api-change" + }, + { + "category": "``entityresolution``", + "description": "Increase the mapping attributes in Schema to 35.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Add optional field JobRunQueuingEnabled to CreateJob and UpdateJob APIs.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Release FilterCriteria encryption for Lambda EventSourceMapping, enabling customers to encrypt their filter criteria using a customer-owned KMS key.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Security Hub documentation and definition updates", + "type": "api-change" + }, + { + "category": "``ses``", + "description": "Enable email receiving customers to provide SES with access to their S3 buckets via an IAM role for \"Deliver to S3 Action\"", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.30.json b/.changes/1.34.30.json new file mode 100644 index 000000000000..eed962933e7a --- /dev/null +++ b/.changes/1.34.30.json @@ -0,0 +1,42 @@ +[ + { + "category": "``bedrock``", + "description": "Add support for custom models via provisioned throughput for Bedrock Model Evaluation", + "type": "api-change" + }, + { + "category": "``clouddirectory``", + "description": "Add examples for API operations in model.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Amazon Connect introduces StartOutboundChatContact API allowing customers to initiate outbound chat contacts", + "type": "api-change" + }, + { + "category": "``pricing``", + "description": "Add examples for API operations in model.", + "type": "api-change" + }, + { + "category": "``resource-groups``", + "description": "This update includes new APIs to support application groups and to allow users to manage resource tag-sync tasks in applications.", + "type": "api-change" + }, + { + "category": "``supplychain``", + "description": "Release DataLakeDataset, DataIntegrationFlow and ResourceTagging APIs for AWS Supply Chain", + "type": "api-change" + }, + { + "category": "``timestream-influxdb``", + "description": "Timestream for InfluxDB now supports port configuration and additional customer-modifiable InfluxDB v2 parameters. This release adds Port to the CreateDbInstance and UpdateDbInstance API, and additional InfluxDB v2 parameters to the CreateDbParameterGroup API.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Add examples for API operations in model.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.31.json b/.changes/1.34.31.json new file mode 100644 index 000000000000..2525d56f5bd3 --- /dev/null +++ b/.changes/1.34.31.json @@ -0,0 +1,17 @@ +[ + { + "category": "``bedrock-agent``", + "description": "This release adds support to stop an ongoing ingestion job using the StopIngestionJob API in Agents for Amazon Bedrock.", + "type": "api-change" + }, + { + "category": "``codeartifact``", + "description": "Add support for the dual stack endpoints.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release provides additional support for enabling Aurora Limitless Database DB clusters.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.32.json b/.changes/1.34.32.json new file mode 100644 index 000000000000..393c404ad69e --- /dev/null +++ b/.changes/1.34.32.json @@ -0,0 +1,47 @@ +[ + { + "category": "``appstream``", + "description": "Added support for Automatic Time Zone Redirection on Amazon AppStream 2.0", + "type": "api-change" + }, + { + "category": "``b2bi``", + "description": "Added and updated APIs to support outbound EDI transformations", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Added raw model response and usage metrics to PreProcessing and PostProcessing Trace", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Added new fields to Amazon Bedrock Guardrails trace", + "type": "api-change" + }, + { + "category": "``iotdeviceadvisor``", + "description": "Add clientToken attribute and implement idempotency for CreateSuiteDefinition.", + "type": "api-change" + }, + { + "category": "``ivs-realtime``", + "description": "Adds new Stage Health EventErrorCodes applicable to RTMP(S) broadcasts. Bug Fix: Enforces that EncoderConfiguration Video height and width must be even-number values.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "This release introduces a header representing the minimum object size limit for Lifecycle transitions.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "releasing builtinlcc to public", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "WSP is being rebranded to become DCV.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.33.json b/.changes/1.34.33.json new file mode 100644 index 000000000000..8eddc8abe88a --- /dev/null +++ b/.changes/1.34.33.json @@ -0,0 +1,37 @@ +[ + { + "category": "``codepipeline``", + "description": "AWS CodePipeline introduces Commands action that enables you to easily run shell commands as part of your pipeline execution.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Public GetMetricDataV2 Grouping increase from 3 to 4", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release includes a new API for modifying instance cpu-options after launch.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "This release adds support for Custom Authentication with X.509 Client Certificates, support for Custom Client Certificate validation, and support for selecting application protocol and authentication type without requiring TLS ALPN for customer's AWS IoT Domain Configurations.", + "type": "api-change" + }, + { + "category": "``marketplace-reporting``", + "description": "The AWS Marketplace Reporting service introduces the GetBuyerDashboard API. This API returns a dashboard that provides visibility into your organization's AWS Marketplace agreements and associated spend across the AWS accounts in your organization.", + "type": "api-change" + }, + { + "category": "``mediapackagev2``", + "description": "Added support for ClipStartTime on the FilterConfiguration object on OriginEndpoint manifest settings objects. Added support for EXT-X-START tags on produced HLS child playlists.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "QuickSight: Add support for exporting and importing folders in AssetBundle APIs", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.4.json b/.changes/1.34.4.json new file mode 100644 index 000000000000..92bc4cf3c7d2 --- /dev/null +++ b/.changes/1.34.4.json @@ -0,0 +1,32 @@ +[ + { + "category": "``autoscaling``", + "description": "Amazon EC2 Auto Scaling now provides EBS health check to manage EC2 instance replacement", + "type": "api-change" + }, + { + "category": "``bedrock``", + "description": "Amazon Bedrock Evaluation BatchDeleteEvaluationJob API allows customers to delete evaluation jobs under terminated evaluation job statuses - Stopped, Failed, or Completed. Customers can submit a batch of 25 evaluation jobs to be deleted at once.", + "type": "api-change" + }, + { + "category": "``emr-containers``", + "description": "Correct endpoint for FIPS is configured for US Gov Regions.", + "type": "api-change" + }, + { + "category": "``inspector2``", + "description": "Add enums for Agentless scan statuses and EC2 enablement error states", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Explicit query for authors and dashboard viewing sharing for embedded users", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "Amazon Route 53 now supports the Asia Pacific (Malaysia) Region (ap-southeast-5) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.5.json b/.changes/1.34.5.json new file mode 100644 index 000000000000..eb7dbc9063f4 --- /dev/null +++ b/.changes/1.34.5.json @@ -0,0 +1,32 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Releasing the support for Action User Confirmation.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Releasing the support for Action User Confirmation.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "Added support for the MAC_ARM environment type for CodeBuild fleets.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "Releasing minor partitional endpoint updates.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Amazon QBusiness: Enable support for SAML and OIDC federation through AWS IAM Identity Provider integration.", + "type": "api-change" + }, + { + "category": "``supplychain``", + "description": "Update API documentation to clarify the event SLA as well as the data model expectations", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.6.json b/.changes/1.34.6.json new file mode 100644 index 000000000000..9f3c3d3791eb --- /dev/null +++ b/.changes/1.34.6.json @@ -0,0 +1,12 @@ +[ + { + "category": "``iotsitewise``", + "description": "AWS IoT SiteWise now supports versioning for asset models. It enables users to retrieve active version of their asset model and perform asset model writes with optimistic lock.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "This release adds support for creating and managing directories that use AWS IAM Identity Center as user identity source. Such directories can be used to create non-Active Directory domain joined WorkSpaces Personal.Updated RegisterWorkspaceDirectory and DescribeWorkspaceDirectories APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.7.json b/.changes/1.34.7.json new file mode 100644 index 000000000000..2286f048a1b7 --- /dev/null +++ b/.changes/1.34.7.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bedrock``", + "description": "Amazon Bedrock SDK updates for Inference Profile.", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Amazon Bedrock SDK updates for Inference Profile.", + "type": "api-change" + }, + { + "category": "``chatbot``", + "description": "Update documentation to be consistent with the API docs", + "type": "api-change" + }, + { + "category": "``omics``", + "description": "Adds data provenance to import jobs from read sets and references", + "type": "api-change" + }, + { + "category": "``polly``", + "description": "Amazon Polly adds 2 new voices: Jitka (cs-CZ) and Sabrina (de-CH).", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.8.json b/.changes/1.34.8.json new file mode 100644 index 000000000000..dc1fa3a8e2ab --- /dev/null +++ b/.changes/1.34.8.json @@ -0,0 +1,37 @@ +[ + { + "category": "``appconfig``", + "description": "This release adds support for deletion protection, which is a safety guardrail to prevent the unintentional deletion of a recently used AWS AppConfig Configuration Profile or Environment. This also includes a change to increase the maximum length of the Name parameter in UpdateConfigurationProfile.", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "Update regex to include dot character to be consistent with IAM role creation in the authorized principal field for create and update subscription target.", + "type": "api-change" + }, + { + "category": "``devicefarm``", + "description": "This release removed support for Calabash, UI Automation, Built-in Explorer, remote access record, remote access replay, and web performance profile framework in ScheduleRun API.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Amazon VPC IP Address Manager (IPAM) now allows customers to provision IPv4 CIDR blocks and allocate Elastic IP Addresses directly from IPAM pools with public IPv4 space", + "type": "api-change" + }, + { + "category": "``internetmonitor``", + "description": "Adds new querying types to show overall traffic suggestion information for monitors", + "type": "api-change" + }, + { + "category": "``pcs``", + "description": "Introducing AWS Parallel Computing Service (AWS PCS), a new service makes it easy to setup and manage high performance computing (HPC) clusters, and build scientific and engineering models at virtually any scale on AWS.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Documentation-only update that clarifies the StartWorkspaces and StopWorkspaces actions, and a few other minor edits.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.34.9.json b/.changes/1.34.9.json new file mode 100644 index 000000000000..465fa7380599 --- /dev/null +++ b/.changes/1.34.9.json @@ -0,0 +1,32 @@ +[ + { + "category": "``bedrock-agent-runtime``", + "description": "Lifting the maximum length on Bedrock KnowledgeBase RetrievalFilter array", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Add support for imported-model in invokeModel and InvokeModelWithResponseStream.", + "type": "api-change" + }, + { + "category": "``personalize``", + "description": "This releases ability to update automatic training scheduler for customer solutions", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Increased Character Limit for Dataset Calculation Field expressions", + "type": "api-change" + }, + { + "category": "``stepfunctions``", + "description": "This release adds support for static analysis to ValidateStateMachineDefinition API, which can now return optional WARNING diagnostics for semantic errors on the definition of an Amazon States Language (ASL) state machine.", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "The minimum request rate for a rate-based rule is now 10. Before this, it was 100.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.0.json b/.changes/1.35.0.json new file mode 100644 index 000000000000..7d44da228401 --- /dev/null +++ b/.changes/1.35.0.json @@ -0,0 +1,17 @@ +[ + { + "category": "``ec2``", + "description": "Documentation updates for Amazon EC2.", + "type": "api-change" + }, + { + "category": "``iot-data``", + "description": "Add v2 smoke tests and smithy smokeTests trait for SDK testing.", + "type": "api-change" + }, + { + "category": "s3", + "description": "Adds ``--checksum-mode`` and ``--checksum-algorithm`` parameters to high-level ``s3`` commands.", + "type": "feature" + } +] \ No newline at end of file diff --git a/.changes/1.35.1.json b/.changes/1.35.1.json new file mode 100644 index 000000000000..a21f8e18cac0 --- /dev/null +++ b/.changes/1.35.1.json @@ -0,0 +1,22 @@ +[ + { + "category": "``deadline``", + "description": "Add support for using the template from a previous job during job creation and listing parameter definitions for a job.", + "type": "api-change" + }, + { + "category": "``marketplace-reporting``", + "description": "Documentation-only update for AWS Marketplace Reporting API.", + "type": "api-change" + }, + { + "category": "``qconnect``", + "description": "This release adds support for the following capabilities: Configuration of the Gen AI system via AIAgent and AIPrompts. Integration support for Bedrock Knowledge Base.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Add validation pattern to S3KeyPrefix on the EnableLogging API", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.10.json b/.changes/1.35.10.json new file mode 100644 index 000000000000..e81481e2b296 --- /dev/null +++ b/.changes/1.35.10.json @@ -0,0 +1,27 @@ +[ + { + "category": "``athena``", + "description": "Removing FEDERATED from Create/List/Delete/GetDataCatalog API", + "type": "api-change" + }, + { + "category": "``bedrock``", + "description": "Adding converse support to CMI API's", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Added converse support for custom imported models", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "Adding the following project member designations: PROJECT_CATALOG_VIEWER, PROJECT_CATALOG_CONSUMER and PROJECT_CATALOG_STEWARD in the CreateProjectMembership API and PROJECT_CATALOG_STEWARD designation in the AddPolicyGrant API.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "RequestSpotInstances and RequestSpotFleet feature release.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.11.json b/.changes/1.35.11.json new file mode 100644 index 000000000000..d7d172253221 --- /dev/null +++ b/.changes/1.35.11.json @@ -0,0 +1,47 @@ +[ + { + "category": "``application-insights``", + "description": "This feature enables customers to specify SNS Topic ARN. CloudWatch Application Insights (CWAI) will utilize this ARN to send problem notifications.", + "type": "api-change" + }, + { + "category": "``autoscaling``", + "description": "Adds support for removing the PlacementGroup setting on an Auto Scaling Group through the UpdateAutoScalingGroup API.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Knowledge Bases for Amazon Bedrock now supports custom prompts and model parameters in the orchestrationConfiguration of the RetrieveAndGenerate API. The modelArn field accepts Custom Models and Imported Models ARNs.", + "type": "api-change" + }, + { + "category": "``dms``", + "description": "Added support for tagging in StartReplicationTaskAssessmentRun API and introduced IsLatestTaskAssessmentRun and ResultStatistic fields for enhanced tracking and assessment result statistics.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Amazon EC2 now allows you to create network interfaces with just the EFA driver and no ENA driver by specifying the network interface type as efa-only.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "This release adds support for Amazon Application Recovery Controller (ARC) zonal shift and zonal autoshift with EKS that enhances the resiliency of multi-AZ cluster environments", + "type": "api-change" + }, + { + "category": "``fms``", + "description": "Update AWS WAF policy - add the option to retrofit existing web ACLs instead of creating all new web ACLs.", + "type": "api-change" + }, + { + "category": "``payment-cryptography-data``", + "description": "Adding new API to generate authenticated scripts for EMV pin change use cases.", + "type": "api-change" + }, + { + "category": "``wafv2``", + "description": "Add a property to WebACL to indicate whether it's been retrofitted by Firewall Manager.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.12.json b/.changes/1.35.12.json new file mode 100644 index 000000000000..4266ceb370bd --- /dev/null +++ b/.changes/1.35.12.json @@ -0,0 +1,32 @@ +[ + { + "category": "``bedrock-runtime``", + "description": "Updating invoke regex to support imported models for converse API", + "type": "api-change" + }, + { + "category": "``imagebuilder``", + "description": "Add macOS platform and instance placement options", + "type": "api-change" + }, + { + "category": "``m2``", + "description": "Add AuthSecretsManagerArn optional parameter to batch job APIs, expand batch parameter limits, and introduce clientToken constraints.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Global clusters now expose the Endpoint attribute as one of its fields. It is a Read/Write endpoint for the global cluster which resolves to the Global Cluster writer instance.", + "type": "api-change" + }, + { + "category": "``repostspace``", + "description": "Adds the BatchAddRole and BatchRemoveRole APIs.", + "type": "api-change" + }, + { + "category": "``timestream-query``", + "description": "This release adds support for Query Insights, a feature that provides details of query execution, enabling users to identify areas for improvement to optimize their queries, resulting in improved query performance and lower query costs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.13.json b/.changes/1.35.13.json new file mode 100644 index 000000000000..a4eff790a41b --- /dev/null +++ b/.changes/1.35.13.json @@ -0,0 +1,32 @@ +[ + { + "category": "``bedrock``", + "description": "Doc updates for supporting converse", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Amazon Connect Service Feature: Add support to start screen sharing for a web calling contact.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Amazon EC2 X8g, C8g and M8g instances are powered by AWS Graviton4 processors. X8g provide the lowest cost per GiB of memory among Graviton4 instances. C8g provide the best price performance for compute-intensive workloads. M8g provide the best price performance in for general purpose workloads.", + "type": "api-change" + }, + { + "category": "``mwaa``", + "description": "Introducing InvokeRestApi which allows users to invoke the Apache Airflow REST API on the webserver with the specified inputs.", + "type": "api-change" + }, + { + "category": "``payment-cryptography``", + "description": "Add support for ECC P-256 and P-384 Keys.", + "type": "api-change" + }, + { + "category": "``payment-cryptography-data``", + "description": "Add ECDH support on PIN operations.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.14.json b/.changes/1.35.14.json new file mode 100644 index 000000000000..3c60b1225964 --- /dev/null +++ b/.changes/1.35.14.json @@ -0,0 +1,32 @@ +[ + { + "category": "``appconfig``", + "description": "This release improves deployment safety by granting customers the ability to REVERT completed deployments, to the last known good state.In the StopDeployment API revert case the status of a COMPLETE deployment will be REVERTED. AppConfig only allows a revert within 72 hours of deployment completion.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release includes a new API to describe some details of the Amazon Machine Images (AMIs) that were used to launch EC2 instances, even if those AMIs are no longer available for use.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release adds support for EBS volumes attached to Amazon ECS Windows tasks running on EC2 instances.", + "type": "api-change" + }, + { + "category": "``pcs``", + "description": "Documentation update: added the default value of the Slurm configuration parameter scaleDownIdleTimeInSeconds to its description.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Add a new field in chat response. This field can be used to support nested schemas in array fields", + "type": "api-change" + }, + { + "category": "shorthand", + "description": "Improve performance when parsing invalid shorthand syntax.", + "type": "bugfix" + } +] \ No newline at end of file diff --git a/.changes/1.35.15.json b/.changes/1.35.15.json new file mode 100644 index 000000000000..e57b9a2eb758 --- /dev/null +++ b/.changes/1.35.15.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Add support of new model types for Bedrock Agents, Adding inference profile support for Flows and Prompt Management, Adding new field to configure additional inference configurations for Flows and Prompt Management", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "AWS CodeBuild now supports automatically retrying failed builds", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add TagsError field in Lambda GetFunctionResponse. The TagsError field contains details related to errors retrieving tags.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Adding inferred token name for dynamic tokens in Anomalies.", + "type": "api-change" + }, + { + "category": "``supplychain``", + "description": "API doc updates, and also support showing error message on a failed instance", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.16.json b/.changes/1.35.16.json new file mode 100644 index 000000000000..65fda3365348 --- /dev/null +++ b/.changes/1.35.16.json @@ -0,0 +1,22 @@ +[ + { + "category": "``mediapackagev2``", + "description": "MediaPackage V2 Live to VOD Harvester is a MediaPackage V2 feature, which is used to export content from an origin endpoint to a S3 bucket.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "Adds support for provisioning dedicated coordinator nodes. Coordinator nodes can be specified using the new NodeOptions parameter in ClusterConfig.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for Enhanced Monitoring and Performance Insights when restoring Aurora Limitless Database DB clusters. It also adds support for the os-upgrade pending maintenance action.", + "type": "api-change" + }, + { + "category": "``storagegateway``", + "description": "Documentation update: Amazon FSx File Gateway will no longer be available to new customers.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.17.json b/.changes/1.35.17.json new file mode 100644 index 000000000000..2a2ef4e1a663 --- /dev/null +++ b/.changes/1.35.17.json @@ -0,0 +1,37 @@ +[ + { + "category": "``bedrock``", + "description": "Update Application Inference Profile", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Update Application Inference Profile", + "type": "api-change" + }, + { + "category": "``cleanrooms``", + "description": "This release adds the option for customers to configure analytics engine when creating a collaboration, and introduces the new SPARK analytics engine type in addition to maintaining the legacy CLEAN_ROOMS_SQL engine type.", + "type": "api-change" + }, + { + "category": "``iotfleetwise``", + "description": "Updated BatchCreateVehicle and BatchUpdateVehicle APIs: LimitExceededException has been added and the maximum number of vehicles in a batch has been set to 10 explicitly", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Added support for new optional baseline parameter in the UpdateAnomaly API. For UpdateAnomaly requests with baseline set to True, The anomaly behavior is then treated as baseline behavior. However, more severe occurrences of this behavior will still be reported as anomalies.", + "type": "api-change" + }, + { + "category": "``redshift-data``", + "description": "Adding a new API GetStatementResultV2 that supports CSV formatted results from ExecuteStatement and BatchExecuteStatement calls.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adding `notebook-al2-v3` as allowed value to SageMaker NotebookInstance PlatformIdentifier attribute", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.18.json b/.changes/1.35.18.json new file mode 100644 index 000000000000..6b685c5fcd83 --- /dev/null +++ b/.changes/1.35.18.json @@ -0,0 +1,87 @@ +[ + { + "category": "``appsync``", + "description": "This release adds support for AppSync Event APIs.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Updated the public documentation for the UserIdentityInfo object to accurately reflect the character limits for the FirstName and LastName fields, which were previously listed as 1-100 characters.", + "type": "api-change" + }, + { + "category": "``datasync``", + "description": "AWS DataSync now supports Enhanced mode tasks. This task mode supports transfer of virtually unlimited numbers of objects with enhanced metrics, more detailed logs, and higher performance than Basic mode. This mode currently supports transfers between Amazon S3 locations.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds two new capabilities to VPC Security Groups: Security Group VPC Associations and Shared Security Groups.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release supports service deployments and service revisions which provide a comprehensive view of your Amazon ECS service history.", + "type": "api-change" + }, + { + "category": "``geo-maps``", + "description": "Release of Amazon Location Maps API. Maps enables you to build digital maps that showcase your locations, visualize your data, and unlock insights to drive your business", + "type": "api-change" + }, + { + "category": "``geo-places``", + "description": "Release of Amazon Location Places API. Places enables you to quickly search, display, and filter places, businesses, and locations based on proximity, category, and name", + "type": "api-change" + }, + { + "category": "``geo-routes``", + "description": "Release of Amazon Location Routes API. Routes enables you to plan efficient routes and streamline deliveries by leveraging real-time traffic, vehicle restrictions, and turn-by-turn directions.", + "type": "api-change" + }, + { + "category": "``keyspaces``", + "description": "Adds support for interacting with user-defined types (UDTs) through the following new operations: Create-Type, Delete-Type, List-Types, Get-Type.", + "type": "api-change" + }, + { + "category": "``network-firewall``", + "description": "AWS Network Firewall now supports configuring TCP idle timeout", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This release introduces the new OpenSearch user interface (Dashboards), a new web-based application that can be associated with multiple data sources across OpenSearch managed clusters, serverless collections, and Amazon S3, so that users can gain a comprehensive insights in an unified interface.", + "type": "api-change" + }, + { + "category": "``opensearchserverless``", + "description": "Neo Integration via IAM Identity Center (IdC)", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "This release launches S3 event integrations to create and manage integrations from an Amazon S3 source into an Amazon Redshift database.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Adds and updates API members for the Redshift Serverless AI-driven scaling and optimization feature using the price-performance target setting.", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "This release adds support for TLSA, SSHFP, SVCB, and HTTPS record types.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Added support for Model Registry Staging construct. Users can define series of stages that models can progress through for model workflows and lifecycle. This simplifies tracking and managing models as they transition through development, testing, and production stages.", + "type": "api-change" + }, + { + "category": "``workmail``", + "description": "This release adds support for Multi-Factor Authentication (MFA) and Personal Access Tokens through integration with AWS IAM Identity Center.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.19.json b/.changes/1.35.19.json new file mode 100644 index 000000000000..bbb193551a72 --- /dev/null +++ b/.changes/1.35.19.json @@ -0,0 +1,37 @@ +[ + { + "category": "``amp``", + "description": "Added support for UpdateScraper API, to enable updating collector configuration in-place", + "type": "api-change" + }, + { + "category": "``autoscaling``", + "description": "Adds bake time for Auto Scaling group Instance Refresh", + "type": "api-change" + }, + { + "category": "``batch``", + "description": "Add `podNamespace` to `EksAttemptDetail` and `containerID` to `EksAttemptContainerDetail`.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "Add UDP support for AWS PrivateLink and dual-stack Network Load Balancers", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Add schedule support for AWS Glue column statistics", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "SageMaker HyperPod adds scale-down at instance level via BatchDeleteClusterNodes API and group level via UpdateCluster API. SageMaker Training exposes secondary job status in TrainingJobSummary from ListTrainingJobs API. SageMaker now supports G6, G6e, P5e instances for HyperPod and Training.", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "This release enables customers to provide the email template content in the SESv2 SendEmail and SendBulkEmail APIs instead of the name or the ARN of a stored email template.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.2.json b/.changes/1.35.2.json new file mode 100644 index 000000000000..672f7eec55d2 --- /dev/null +++ b/.changes/1.35.2.json @@ -0,0 +1,17 @@ +[ + { + "category": "``elasticache``", + "description": "AWS ElastiCache SDK now supports using APIs with newly launched Valkey engine. Please refer to updated AWS ElastiCache public documentation for detailed information on API usage.", + "type": "api-change" + }, + { + "category": "``memorydb``", + "description": "Amazon MemoryDB SDK now supports all APIs for newly launched Valkey engine. Please refer to the updated Amazon MemoryDB public documentation for detailed information on API usage.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Adds logic to gracefully handle invalid timestamps returned in the Expires header.", + "type": "enhancement" + } +] \ No newline at end of file diff --git a/.changes/1.35.20.json b/.changes/1.35.20.json new file mode 100644 index 000000000000..a9a810894b06 --- /dev/null +++ b/.changes/1.35.20.json @@ -0,0 +1,22 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Amazon Bedrock Knowledge Bases now supports using application inference profiles to increase throughput and improve resilience.", + "type": "api-change" + }, + { + "category": "``docdb-elastic``", + "description": "Amazon DocumentDB Elastic Clusters adds support for pending maintenance actions feature with APIs GetPendingMaintenanceAction, ListPendingMaintenanceActions and ApplyPendingMaintenanceAction", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "This release introduces an improvement in PutLogEvents", + "type": "api-change" + }, + { + "category": "``taxsettings``", + "description": "Add support for supplemental tax registrations via these new APIs: PutSupplementalTaxRegistration, ListSupplementalTaxRegistrations, and DeleteSupplementalTaxRegistration.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.21.json b/.changes/1.35.21.json new file mode 100644 index 000000000000..8fa134dc0871 --- /dev/null +++ b/.changes/1.35.21.json @@ -0,0 +1,32 @@ +[ + { + "category": "``codebuild``", + "description": "AWS CodeBuild now adds additional compute types for reserved capacity fleet.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "GuardDuty RDS Protection expands support for Amazon Aurora PostgreSQL Limitless Databases.", + "type": "api-change" + }, + { + "category": "``lakeformation``", + "description": "API changes for new named tag expressions feature.", + "type": "api-change" + }, + { + "category": "``qapps``", + "description": "Introduces category apis in AmazonQApps. Web experience users use Categories to tag and filter library items.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "Fix ListStorageLensConfigurations and ListStorageLensGroups deserialization for Smithy SDKs.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Adding BatchGetPolicy API which supports the retrieval of multiple policies across multiple policy stores within a single request.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.22.json b/.changes/1.35.22.json new file mode 100644 index 000000000000..55b680dad2a3 --- /dev/null +++ b/.changes/1.35.22.json @@ -0,0 +1,42 @@ +[ + { + "category": "``autoscaling``", + "description": "Auto Scaling groups now support the ability to strictly balance instances across Availability Zones by configuring the AvailabilityZoneDistribution parameter. If balanced-only is configured for a group, launches will always be attempted in the under scaled Availability Zone even if it is unhealthy.", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "Add prompt support for chat template configuration and agent generative AI resource. Add support for configuring an optional guardrail in Prompt and Knowledge Base nodes in Prompt Flows. Add API to validate flow definition", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Add Prompt management support to Bedrock runtime APIs: Converse, ConverseStream, InvokeModel, InvokeModelWithStreamingResponse", + "type": "api-change" + }, + { + "category": "``cleanrooms``", + "description": "This release introduces support for Custom Models in AWS Clean Rooms ML.", + "type": "api-change" + }, + { + "category": "``cleanroomsml``", + "description": "This release introduces support for Custom Models in AWS Clean Rooms ML.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Add Client Credentials based OAuth support for Snowflake and Starburst", + "type": "api-change" + }, + { + "category": "``resource-explorer-2``", + "description": "Add GetManagedView, ListManagedViews APIs.", + "type": "api-change" + }, + { + "category": "``synthetics``", + "description": "Add support to toggle if a canary will automatically delete provisioned canary resources such as Lambda functions and layers when a canary is deleted. This behavior can be controlled via the new ProvisionedResourceCleanup property exposed in the CreateCanary and UpdateCanary APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.23.json b/.changes/1.35.23.json new file mode 100644 index 000000000000..b6060207d0bb --- /dev/null +++ b/.changes/1.35.23.json @@ -0,0 +1,47 @@ +[ + { + "category": "``batch``", + "description": "This feature allows override LaunchTemplates to be specified in an AWS Batch Compute Environment.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "This release adds trace functionality to Bedrock Prompt Flows", + "type": "api-change" + }, + { + "category": "``chime-sdk-media-pipelines``", + "description": "Added support for Media Capture Pipeline and Media Concatenation Pipeline for customer managed server side encryption. Now Media Capture Pipeline can use IAM sink role to get access to KMS key and encrypt/decrypt recorded artifacts. KMS key ID can also be supplied with encryption context.", + "type": "api-change" + }, + { + "category": "``controlcatalog``", + "description": "AWS Control Catalog GetControl public API returns additional data in output, including Implementation and Parameters", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Adds new error code `Ec2InstanceTypeDoesNotExist` for Amazon EKS managed node groups", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "Amazon Data Firehose / Features : Adds support for a new DeliveryStreamType, DatabaseAsSource. DatabaseAsSource hoses allow customers to stream CDC events from their RDS and Amazon EC2 hosted databases, running MySQL and PostgreSQL database engines, to Iceberg Table destinations.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "This release adds support for using AWS KMS customer managed keys to encrypt AWS Lambda .zip deployment packages.", + "type": "api-change" + }, + { + "category": "``pinpoint-sms-voice-v2``", + "description": "Added the RequiresAuthenticationTimestamp field to the RegistrationVersionStatusHistory data type.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Adds S3 path option to pass group member list for PutGroup API.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.24.json b/.changes/1.35.24.json new file mode 100644 index 000000000000..e89e0359049e --- /dev/null +++ b/.changes/1.35.24.json @@ -0,0 +1,27 @@ +[ + { + "category": "``cloudfront``", + "description": "No API changes from previous release. This release migrated the model to Smithy keeping all features unchanged.", + "type": "api-change" + }, + { + "category": "``inspector2``", + "description": "Adds support for filePath filter.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add Python 3.13 (python3.13) support to AWS Lambda", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "Adds Support for new AssociatePackages and DissociatePackages API in Amazon OpenSearch Service that allows association and dissociation operations to be carried out on multiple packages at the same time.", + "type": "api-change" + }, + { + "category": "``outposts``", + "description": "This release updates StartCapacityTask to allow an active Outpost to be modified. It also adds a new API to list all running EC2 instances on the Outpost.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.3.json b/.changes/1.35.3.json new file mode 100644 index 000000000000..041b8caf7976 --- /dev/null +++ b/.changes/1.35.3.json @@ -0,0 +1,7 @@ +[ + { + "category": "``codepipeline``", + "description": "AWS CodePipeline introduces a Compute category", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.4.json b/.changes/1.35.4.json new file mode 100644 index 000000000000..06247d72fee0 --- /dev/null +++ b/.changes/1.35.4.json @@ -0,0 +1,57 @@ +[ + { + "category": "``acm-pca``", + "description": "Documentation updates for AWS Private CA.", + "type": "api-change" + }, + { + "category": "``dms``", + "description": "Introduces DescribeDataMigrations, CreateDataMigration, ModifyDataMigration, DeleteDataMigration, StartDataMigration, StopDataMigration operations to SDK. Provides FailedDependencyFault error message.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds support for assigning the billing of shared Amazon EC2 On-Demand Capacity Reservations.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This is a documentation only release that updates to documentation to let customers know that Amazon Elastic Inference is no longer available.", + "type": "api-change" + }, + { + "category": "``elastic-inference``", + "description": "Elastic Inference - Documentation update to add service shutdown notice.", + "type": "api-change" + }, + { + "category": "``iotfleetwise``", + "description": "Refine campaign related API validations", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Support for 16 m-NCU graphs available through account allowlisting", + "type": "api-change" + }, + { + "category": "``outposts``", + "description": "Adding new \"DELIVERED\" enum value for Outposts Order status", + "type": "api-change" + }, + { + "category": "``route53resolver``", + "description": "Route 53 Resolver Forwarding Rules can now include a server name indication (SNI) in the target address for rules that use the DNS-over-HTTPS (DoH) protocol. When a DoH-enabled Outbound Resolver Endpoint forwards a request to a DoH server, it will provide the SNI in the TLS handshake.", + "type": "api-change" + }, + { + "category": "``socialmessaging``", + "description": "This release for AWS End User Messaging includes a public SDK, providing a suite of APIs that enable sending WhatsApp messages to end users.", + "type": "api-change" + }, + { + "category": "``timestream-influxdb``", + "description": "This release updates our regex based validation rules in regards to valid DbInstance and DbParameterGroup name.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.5.json b/.changes/1.35.5.json new file mode 100644 index 000000000000..22b588d5a46d --- /dev/null +++ b/.changes/1.35.5.json @@ -0,0 +1,27 @@ +[ + { + "category": "``appflow``", + "description": "Doc only updates for clarification around OAuth2GrantType for Salesforce.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "Add zonal_shift.config.enabled attribute. Add new AdministrativeOverride construct in the describe-target-health API response to include information about the override status applied to a target.", + "type": "api-change" + }, + { + "category": "``emr``", + "description": "This release provides new parameter \"Context\" in instance fleet clusters.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Added a new field for network connection details.", + "type": "api-change" + }, + { + "category": "``robomaker``", + "description": "Documentation update: added support notices to each API action.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.6.json b/.changes/1.35.6.json new file mode 100644 index 000000000000..5bcd920b80d9 --- /dev/null +++ b/.changes/1.35.6.json @@ -0,0 +1,27 @@ +[ + { + "category": "``codepipeline``", + "description": "AWS CodePipeline V2 type pipelines now support automatically retrying failed stages and skipping stage for failed entry conditions.", + "type": "api-change" + }, + { + "category": "``mailmanager``", + "description": "Mail Manager support for viewing and exporting metadata of archived messages.", + "type": "api-change" + }, + { + "category": "``securitylake``", + "description": "This release updates request validation regex for resource ARNs.", + "type": "api-change" + }, + { + "category": "``supplychain``", + "description": "This release adds AWS Supply Chain instance management functionality. Specifically adding CreateInstance, DeleteInstance, GetInstance, ListInstances, and UpdateInstance APIs.", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "This release enables customers using SFTP connectors to query the transfer status of their files to meet their monitoring needs as well as orchestrate post transfer actions.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.7.json b/.changes/1.35.7.json new file mode 100644 index 000000000000..63505bbc274d --- /dev/null +++ b/.changes/1.35.7.json @@ -0,0 +1,42 @@ +[ + { + "category": "``amplify``", + "description": "Added sourceUrlType field to StartDeployment request", + "type": "api-change" + }, + { + "category": "``cloudformation``", + "description": "Documentation update for AWS CloudFormation API Reference.", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "Enable proxy for reserved capacity fleet.", + "type": "api-change" + }, + { + "category": "``ivs``", + "description": "On a channel that you own, you can now replace an ongoing stream with a new stream by streaming up with the priority parameter appended to the stream key.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Amazon Q Business now supports embedding the Amazon Q Business web experience on third-party websites.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "This release launches the CreateIntegration, DeleteIntegration, DescribeIntegrations and ModifyIntegration APIs to create and manage Amazon Redshift Zero-ETL Integrations.", + "type": "api-change" + }, + { + "category": "``resiliencehub``", + "description": "AWS Resilience Hub now integrates with the myApplications platform, enabling customers to easily assess the resilience of applications defined in myApplications. The new Resiliency widget provides visibility into application resilience and actionable recommendations for improvement.", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "This release adds support for email maximum delivery seconds that allows senders to control the time within which their emails are attempted for delivery.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.8.json b/.changes/1.35.8.json new file mode 100644 index 000000000000..4e3bc4f046f7 --- /dev/null +++ b/.changes/1.35.8.json @@ -0,0 +1,7 @@ +[ + { + "category": "``s3``", + "description": "Add support for the new optional bucket-region and prefix query parameters in the ListBuckets API. For ListBuckets requests that express pagination, Amazon S3 will now return both the bucket names and associated AWS regions in the response.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.35.9.json b/.changes/1.35.9.json new file mode 100644 index 000000000000..dd363221a2f7 --- /dev/null +++ b/.changes/1.35.9.json @@ -0,0 +1,42 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Removing support for topK property in PromptModelInferenceConfiguration object, Making PromptTemplateConfiguration property as required, Limiting the maximum PromptVariant to 1", + "type": "api-change" + }, + { + "category": "``dataexchange``", + "description": "This release adds Data Grant support, through which customers can programmatically create data grants to share with other AWS accounts and accept data grants from other AWS accounts.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This is an Amazon ECS documentation only update to address tickets.", + "type": "api-change" + }, + { + "category": "``pinpoint-sms-voice-v2``", + "description": "Added the registrations status of REQUIRES_AUTHENTICATION", + "type": "api-change" + }, + { + "category": "``pipes``", + "description": "This release adds validation to require specifying a SecurityGroup and Subnets in the Vpc object under PipesSourceSelfManagedKafkaParameters. It also adds support for iso-e, iso-f, and other non-commercial partitions in ARN parameters.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Add StartDashboardSnapshotJobSchedule API. RestoreAnalysis now supports restoring analysis to folders.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for TAZ IAM support", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Updated the DomainName pattern for Active Directory", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.0.json b/.changes/1.36.0.json new file mode 100644 index 000000000000..658ef9b3cc7e --- /dev/null +++ b/.changes/1.36.0.json @@ -0,0 +1,37 @@ +[ + { + "category": "``codebuild``", + "description": "AWS CodeBuild now supports non-containerized Linux and Windows builds on Reserved Capacity.", + "type": "api-change" + }, + { + "category": "``controltower``", + "description": "Added ResetEnabledControl API.", + "type": "api-change" + }, + { + "category": "``fis``", + "description": "This release adds support for generating experiment reports with the experiment report configuration", + "type": "api-change" + }, + { + "category": "``gamelift``", + "description": "Amazon GameLift releases container fleets support for general availability. Deploy Linux-based containerized game server software for hosting on Amazon GameLift.", + "type": "api-change" + }, + { + "category": "``payment-cryptography``", + "description": "Updated ListAliases API with KeyArn filter.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation for Amazon RDS Extended Support for Amazon Aurora MySQL.", + "type": "api-change" + }, + { + "category": "shorthand", + "description": "Adds support to shorthand syntax for loading parameters from files via the ``@=`` assignment operator.", + "type": "feature" + } +] \ No newline at end of file diff --git a/.changes/1.36.1.json b/.changes/1.36.1.json new file mode 100644 index 000000000000..9b70a99abcbc --- /dev/null +++ b/.changes/1.36.1.json @@ -0,0 +1,52 @@ +[ + { + "category": "``accessanalyzer``", + "description": "This release adds support for policy validation and external access findings for resource control policies (RCP). IAM Access Analyzer helps you author functional and secure RCPs and awareness that a RCP may restrict external access. Updated service API, documentation, and paginators.", + "type": "api-change" + }, + { + "category": "``application-signals``", + "description": "Amazon CloudWatch Application Signals now supports creating Service Level Objectives with burn rates. Users can now create or update SLOs with burn rate configurations to meet their specific business requirements.", + "type": "api-change" + }, + { + "category": "``b2bi``", + "description": "This release adds a GenerateMapping API to allow generation of JSONata or XSLT transformer code based on input and output samples.", + "type": "api-change" + }, + { + "category": "``billing``", + "description": "Today, AWS announces the general availability of ListBillingViews API in the AWS SDKs, to enable AWS Billing Conductor (ABC) users to create proforma Cost and Usage Reports (CUR) programmatically.", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "This release adds a new API GenerateQuery that generates a query from a natural language prompt about the event data in your event data store. This operation uses generative artificial intelligence (generative AI) to produce a ready-to-use SQL query from the prompt.", + "type": "api-change" + }, + { + "category": "``dynamodb``", + "description": "This release includes supports the new WarmThroughput feature for DynamoDB. You can now provide an optional WarmThroughput attribute for CreateTable or UpdateTable APIs to pre-warm your table or global secondary index. You can also use DescribeTable to see the latest WarmThroughput value.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds the source AMI details in DescribeImages API", + "type": "api-change" + }, + { + "category": "``internetmonitor``", + "description": "Add new query type Routing_Suggestions regarding querying interface", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release adds support for ARN inputs in the Kantar credentials secrets name field and the MSPR field to the manifests for PlayReady DRM protected outputs.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "Add support for policy operations on the Resource Control Polices.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.10.json b/.changes/1.36.10.json new file mode 100644 index 000000000000..28000710a77e --- /dev/null +++ b/.changes/1.36.10.json @@ -0,0 +1,17 @@ +[ + { + "category": "``directconnect``", + "description": "Update DescribeDirectConnectGatewayAssociations API to return associated core network information if a Direct Connect gateway is attached to a Cloud WAN core network.", + "type": "api-change" + }, + { + "category": "``networkmanager``", + "description": "This release adds native Direct Connect integration on Cloud WAN enabling customers to directly attach their Direct Connect gateways to Cloud WAN without the need for an intermediate Transit Gateway.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Amazon Simple Storage Service / Features: Add support for ETag based conditional writes in PutObject and CompleteMultiPartUpload APIs to prevent unintended object modifications.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.11.json b/.changes/1.36.11.json new file mode 100644 index 000000000000..020c56230736 --- /dev/null +++ b/.changes/1.36.11.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Custom Orchestration API release for AWSBedrockAgents.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Custom Orchestration and Streaming configurations API release for AWSBedrockAgents.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Enables access to ValueMap and ValueInteger types for SegmentAttributes and fixes deserialization bug for DescribeContactFlow in AmazonConnect Public API", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Adds support for Time-based Copy for EBS Snapshots and Cross Region PrivateLink. Time-based Copy ensures that EBS Snapshots are copied within and across AWS Regions in a specified timeframe. Cross Region PrivateLink enables customers to connect to VPC endpoint services hosted in other AWS Regions.", + "type": "api-change" + }, + { + "category": "``qapps``", + "description": "Private sharing, file upload and data collection feature support for Q Apps", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.12.json b/.changes/1.36.12.json new file mode 100644 index 000000000000..528a12728534 --- /dev/null +++ b/.changes/1.36.12.json @@ -0,0 +1,22 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Add support for specifying embeddingDataType, either FLOAT32 or BINARY", + "type": "api-change" + }, + { + "category": "``config``", + "description": "AWS Config adds support for service-linked recorders, a new type of Config recorder managed by AWS services to record specific subsets of resource configuration data and functioning independently from customer managed AWS Config recorders.", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "This release adds EFA support to increase FSx for Lustre file systems' throughput performance to a single client instance. This can be done by specifying EfaEnabled=true at the time of creation of Persistent_2 file systems.", + "type": "api-change" + }, + { + "category": "``observabilityadmin``", + "description": "Amazon CloudWatch Observability Admin adds the ability to audit telemetry configuration for AWS resources in customers AWS Accounts and Organizations. The release introduces new APIs to turn on/off the new experience, which supports discovering supported AWS resources and their state of telemetry.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.13.json b/.changes/1.36.13.json new file mode 100644 index 000000000000..f9293ba5d512 --- /dev/null +++ b/.changes/1.36.13.json @@ -0,0 +1,152 @@ +[ + { + "category": "``bedrock``", + "description": "Add support for Knowledge Base Evaluations & LLM as a judge", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "This release introduces APIs to upload documents directly into a Knowledge Base", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "This release introduces a new Rerank API to leverage reranking models (with integration into Knowledge Bases); APIs to upload documents directly into Knowledge Base; RetrieveAndGenerateStream API for streaming response; Guardrails on Retrieve API; and ability to automatically generate filters", + "type": "api-change" + }, + { + "category": "``chime-sdk-voice``", + "description": "This release adds supports for enterprises to integrate Amazon Connect with other voice systems. It supports directly transferring voice calls and metadata without using the public telephone network. It also supports real-time and post-call analytics.", + "type": "api-change" + }, + { + "category": "``cleanrooms``", + "description": "This release allows customers and their partners to easily collaborate with data stored in Snowflake and Amazon Athena, without having to move or share their underlying data among collaborators.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Adds support for WhatsApp Business messaging, IVR call recording, enabling Contact Lens for existing on-premise contact centers and telephony platforms, and enabling telephony and IVR migration to Amazon Connect independent of their contact center agents.", + "type": "api-change" + }, + { + "category": "``connectcampaignsv2``", + "description": "Amazon Connect Outbound Campaigns V2 / Features : Adds support for Event-Triggered Campaigns.", + "type": "api-change" + }, + { + "category": "``customer-profiles``", + "description": "This release introduces Event Trigger APIs as part of Amazon Connect Customer Profiles service.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Adds support for declarative policies that allow you to enforce desired configuration across an AWS organization through configuring account attributes. Adds support for Allowed AMIs that allows you to limit the use of AMIs in AWS accounts. Adds support for connectivity over non-HTTP protocols.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release adds support for Container Insights with Enhanced Observability for Amazon ECS.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Added support for Auto Mode Clusters, Hybrid Nodes, and specifying computeTypes in the DescribeAddonVersions API.", + "type": "api-change" + }, + { + "category": "``events``", + "description": "Call private APIs by configuring Connections with VPC connectivity through PrivateLink and VPC Lattice", + "type": "api-change" + }, + { + "category": "``fsx``", + "description": "FSx API changes to support the public launch of the Amazon FSx Intelligent Tiering for OpenZFS storage class.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Add new Multi Domain Correlation findings.", + "type": "api-change" + }, + { + "category": "``imagebuilder``", + "description": "Added support for EC2 Image Builder's integration with AWS Marketplace for Marketplace components.", + "type": "api-change" + }, + { + "category": "``invoicing``", + "description": "AWS Invoice Configuration allows you to receive separate AWS invoices based on your organizational needs. You can use the AWS SDKs to manage Invoice Units and programmatically fetch the information of the invoice receiver.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Adds PutIntegration, GetIntegration, ListIntegrations and DeleteIntegration APIs. Adds QueryLanguage support to StartQuery, GetQueryResults, DescribeQueries, DescribeQueryDefinitions, and PutQueryDefinition APIs.", + "type": "api-change" + }, + { + "category": "``memorydb``", + "description": "Amazon MemoryDB SDK now supports all APIs for Multi-Region. Please refer to the updated Amazon MemoryDB public documentation for detailed information on API usage.", + "type": "api-change" + }, + { + "category": "``networkflowmonitor``", + "description": "This release adds documentation for a new feature in Amazon CloudWatch called Network Flow Monitor. You can use Network Flow Monitor to get near real-time metrics, including retransmissions and data transferred, for your actual workloads.", + "type": "api-change" + }, + { + "category": "``opensearch``", + "description": "This feature introduces support for CRUDL APIs, enabling the creation and management of Connected data sources.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "Add support for policy operations on the DECLARATIVE_POLICY_EC2 policy type.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Amazon Q Business now supports capabilities to extract insights and answer questions from visual elements embedded within documents, a browser extension for Google Chrome, Mozilla Firefox, and Microsoft Edge, and attachments across conversations.", + "type": "api-change" + }, + { + "category": "``qconnect``", + "description": "This release adds following capabilities: Configuring safeguards via AIGuardrails for Q in Connect inferencing, and APIs to support Q&A self-service use cases", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Amazon RDS supports CloudWatch Database Insights. You can use the SDK to create, modify, and describe the DatabaseInsightsMode for your DB instances and clusters.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Amazon S3 introduces support for AWS Dedicated Local Zones", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "Amazon S3 introduces support for AWS Dedicated Local Zones", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Add new Multi Domain Correlation findings.", + "type": "api-change" + }, + { + "category": "``security-ir``", + "description": "AWS Security Incident Response is a purpose-built security incident solution designed to help customers prepare for, respond to, and recover from security incidents.", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "AWS Transfer Family now offers Web apps that enables simple and secure access to data stored in Amazon S3.", + "type": "api-change" + }, + { + "category": "``vpc-lattice``", + "description": "Lattice APIs that allow sharing and access of VPC resources across accounts.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.14.json b/.changes/1.36.14.json new file mode 100644 index 000000000000..8cc093c5fcc5 --- /dev/null +++ b/.changes/1.36.14.json @@ -0,0 +1,17 @@ +[ + { + "category": "``bedrock-runtime``", + "description": "Add an API parameter that allows customers to set performance configuration for invoking a model.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "It allows customers to pass CRC64NVME as a header in S3 Batch Operations copy requests", + "type": "api-change" + }, + { + "category": "``socialmessaging``", + "description": "Added support for passing role arn corresponding to the supported event destination", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.15.json b/.changes/1.36.15.json new file mode 100644 index 000000000000..8403e5d0976a --- /dev/null +++ b/.changes/1.36.15.json @@ -0,0 +1,92 @@ +[ + { + "category": "``athena``", + "description": "Add FEDERATED type to CreateDataCatalog. This creates Athena Data Catalog, AWS Lambda connector, and AWS Glue connection. Create/DeleteDataCatalog returns DataCatalog. Add Status, ConnectionType, and Error to DataCatalog and DataCatalogSummary. Add DeleteCatalogOnly to delete Athena Catalog only.", + "type": "api-change" + }, + { + "category": "``bedrock``", + "description": "Tagging support for Async Invoke resources. Added support for Distillation in CreateModelCustomizationJob API. Support for videoDataDeliveryEnabled flag in invocation logging.", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "Releasing SDK for Multi-Agent Collaboration.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Releasing SDK for multi agent collaboration", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Added support for Async Invoke Operations Start, List and Get. Support for invocation logs with `requestMetadata` field in Converse, ConverseStream, Invoke and InvokeStream. Video content blocks in Converse/ConverseStream accept raw bytes or S3 URI.", + "type": "api-change" + }, + { + "category": "``cloudwatch``", + "description": "Support for configuring AiOps investigation as alarm action", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "Adds support for Connections, ProjectProfiles, and JobRuns APIs. Supports the new Lineage feature at GA. Adjusts optionality of a parameter for DataSource and SubscriptionTarget APIs which may adjust types in some clients.", + "type": "api-change" + }, + { + "category": "``dsql``", + "description": "Add new API operations for Amazon Aurora DSQL. Amazon Aurora DSQL is a serverless, distributed SQL database with virtually unlimited scale, highest availability, and zero infrastructure management.", + "type": "api-change" + }, + { + "category": "``dynamodb``", + "description": "This change adds support for global tables with multi-Region strong consistency (in preview). The UpdateTable API now supports a new attribute MultiRegionConsistency to set consistency when creating global tables. The DescribeTable output now optionally includes the MultiRegionConsistency attribute.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "This release includes(1)Zero-ETL integration to ingest data from 3P SaaS and DynamoDB to Redshift/Redlake (2)new properties on Connections to enable reuse; new connection APIs for retrieve/preview metadata (3)support of CRUD operations for Multi-catalog (4)support of automatic statistics collections", + "type": "api-change" + }, + { + "category": "``lakeformation``", + "description": "This release added two new LakeFormation Permissions (CREATE_CATALOG, SUPER_USER) and added Id field for CatalogResource. It also added new conditon and expression field.", + "type": "api-change" + }, + { + "category": "``qapps``", + "description": "Add support for 11 new plugins as action cards to help automate repetitive tasks and improve productivity.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Amazon Q Business now supports customization options for your web experience, 11 new Plugins, and QuickSight support. Amazon Q index allows software providers to enrich their native generative AI experiences with their customer's enterprise knowledge and user context spanning multiple applications.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "This release includes API needed to support for Unstructured Data in Q in QuickSight Q&A (IDC).", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Adds support for Amazon Redshift RegisterNamespace and DeregisterNamespace APIs to share data to AWS Glue Data Catalog.", + "type": "api-change" + }, + { + "category": "``redshift-serverless``", + "description": "Adds support for the ListManagedWorkgroups API to get an overview of existing managed workgroups.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Amazon S3 Metadata stores object metadata in read-only, fully managed Apache Iceberg metadata tables that you can query. You can create metadata table configurations for S3 general purpose buckets.", + "type": "api-change" + }, + { + "category": "``s3tables``", + "description": "Amazon S3 Tables deliver the first cloud object store with built-in open table format support, and the easiest way to store tabular data at scale.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.16.json b/.changes/1.36.16.json new file mode 100644 index 000000000000..9d5a3c902a07 --- /dev/null +++ b/.changes/1.36.16.json @@ -0,0 +1,42 @@ +[ + { + "category": "``bedrock``", + "description": "Introduced two APIs ListPromptRouters and GetPromptRouter for Intelligent Prompt Router feature. Add support for Bedrock Guardrails image content filter. New Bedrock Marketplace feature enabling a wider range of bedrock compatible models with self-hosted capability.", + "type": "api-change" + }, + { + "category": "``bedrock-agent``", + "description": "This release introduces the ability to generate SQL using natural language, through a new GenerateQuery API (with native integration into Knowledge Bases); ability to ingest and retrieve images through Bedrock Data Automation; and ability to create a Knowledge Base backed by Kendra GenAI Index.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "This release introduces the ability to generate SQL using natural language, through a new GenerateQuery API (with native integration into Knowledge Bases); ability to ingest and retrieve images through Bedrock Data Automation; and ability to create a Knowledge Base backed by Kendra GenAI Index.", + "type": "api-change" + }, + { + "category": "``bedrock-data-automation``", + "description": "Release Bedrock Data Automation SDK", + "type": "api-change" + }, + { + "category": "``bedrock-data-automation-runtime``", + "description": "Release Bedrock Data Automation Runtime SDK", + "type": "api-change" + }, + { + "category": "``bedrock-runtime``", + "description": "Added support for Intelligent Prompt Router in Invoke, InvokeStream, Converse and ConverseStream. Add support for Bedrock Guardrails image content filter. New Bedrock Marketplace feature enabling a wider range of bedrock compatible models with self-hosted capability.", + "type": "api-change" + }, + { + "category": "``kendra``", + "description": "This release adds GenAI Index in Amazon Kendra for Retrieval Augmented Generation (RAG) and intelligent search. With the Kendra GenAI Index, customers get high retrieval accuracy powered by the latest information retrieval technologies and semantic models.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Amazon SageMaker HyperPod launched task governance to help customers maximize accelerator utilization for model development and flexible training plans to meet training timelines and budget while reducing weeks of training time. AI apps from AWS partner is now available in SageMaker.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.17.json b/.changes/1.36.17.json new file mode 100644 index 000000000000..1f5e70543cd7 --- /dev/null +++ b/.changes/1.36.17.json @@ -0,0 +1,12 @@ +[ + { + "category": "``partnercentral-selling``", + "description": "Introducing the preview of new partner central selling APIs designed to transform how AWS partners collaborate and co-sell with multiple partners. This enables multiple partners to seamlessly engage and jointly pursue customer opportunities, fostering a new era of collaborative selling.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "This release removes the deprecated UserId and UserGroups fields from SearchRelevantContent api's request parameters.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.18.json b/.changes/1.36.18.json new file mode 100644 index 000000000000..364f8c259c66 --- /dev/null +++ b/.changes/1.36.18.json @@ -0,0 +1,37 @@ +[ + { + "category": "``appsync``", + "description": "Provides description of new Amazon Bedrock runtime datasource.", + "type": "api-change" + }, + { + "category": "``cognito-idp``", + "description": "Change `CustomDomainConfig` from a required to an optional parameter for the `UpdateUserPoolDomain` operation.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release includes a new API for modifying instance network-performance-options after launch.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This is a documentation only update to address various tickets for Amazon ECS.", + "type": "api-change" + }, + { + "category": "``keyspaces``", + "description": "Amazon Keyspaces: adding the list of IAM actions required by the UpdateKeyspace API.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "H265 outputs now support disabling the deblocking filter.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added text to clarify case-sensitivity", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.19.json b/.changes/1.36.19.json new file mode 100644 index 000000000000..a923cbfc3413 --- /dev/null +++ b/.changes/1.36.19.json @@ -0,0 +1,32 @@ +[ + { + "category": "``application-autoscaling``", + "description": "Doc only update for AAS Predictive Scaling policy configuration API.", + "type": "api-change" + }, + { + "category": "``bcm-pricing-calculator``", + "description": "Updated condition key inference from Workload Estimate, Bill Scenario, and Bill Estimate resources. Updated documentation links.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Add support for Push Notifications for Amazon Connect chat. With Push Notifications enabled an alert could be sent to customers about new messages even when they aren't actively using the mobile application.", + "type": "api-change" + }, + { + "category": "``finspace``", + "description": "Update KxCommandLineArgument value parameter regex to allow for spaces and semicolons", + "type": "api-change" + }, + { + "category": "``ivs-realtime``", + "description": "IVS Real-Time now offers customers the ability to customize thumbnails recording mode and interval for both Individual Participant Recording (IPR) and Server-Side Compositions (SSC).", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "Introduces support for creating DEED (Deterministic Easy-DKIM) identities.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.2.json b/.changes/1.36.2.json new file mode 100644 index 000000000000..987df1336ecf --- /dev/null +++ b/.changes/1.36.2.json @@ -0,0 +1,67 @@ +[ + { + "category": "``accessanalyzer``", + "description": "Expand analyzer configuration capabilities for unused access analyzers. Unused access analyzer configurations now support the ability to exclude accounts and resource tags from analysis providing more granular control over the scope of analysis.", + "type": "api-change" + }, + { + "category": "``cloudcontrol``", + "description": "Added support for CloudFormation Hooks with Cloud Control API. The GetResourceRequestStatus API response now includes an optional HooksProgressEvent and HooksRequestToken parameter for Hooks Invocation Progress as part of resource operation with Cloud Control.", + "type": "api-change" + }, + { + "category": "``deadline``", + "description": "Adds support for select GPU accelerated instance types when creating new service-managed fleets.", + "type": "api-change" + }, + { + "category": "``iam``", + "description": "This release includes support for five new APIs and changes to existing APIs that give AWS Organizations customers the ability to use temporary root credentials, targeted to member accounts in the organization.", + "type": "api-change" + }, + { + "category": "``iotwireless``", + "description": "New FuotaTask resource type to enable logging for your FUOTA tasks. A ParticipatingGatewaysforMulticast parameter to choose the list of gateways to receive the multicast downlink message and the transmission interval between them. Descriptor field which will be sent to devices during FUOTA transfer.", + "type": "api-change" + }, + { + "category": "``ivs``", + "description": "IVS now offers customers the ability to stream multitrack video to Channels.", + "type": "api-change" + }, + { + "category": "``license-manager-user-subscriptions``", + "description": "New and updated API operations to support License Included User-based Subscription of Microsoft Remote Desktop Services (RDS).", + "type": "api-change" + }, + { + "category": "``partnercentral-selling``", + "description": "Announcing AWS Partner Central API for Selling: This service launch Introduces new APIs for co-selling opportunity management and related functions. Key features include notifications, a dynamic sandbox for testing, and streamlined validations.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "This release adds APIs for Custom Permissions management in QuickSight, and APIs to support QuickSight Branding.", + "type": "api-change" + }, + { + "category": "``redshift``", + "description": "Adds support for Amazon Redshift S3AccessGrants", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "This release updates the ListBuckets API Reference documentation in support of the new 10,000 general purpose bucket default quota on all AWS accounts. To increase your bucket quota from 10,000 to up to 1 million buckets, simply request a quota increase via Service Quotas.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Add support for Neuron instance types [ trn1/trn1n/inf2 ] on SageMaker Notebook Instances Platform.", + "type": "api-change" + }, + { + "category": "``sts``", + "description": "This release introduces the new API 'AssumeRoot', which returns short-term credentials that you can use to perform privileged tasks.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.20.json b/.changes/1.36.20.json new file mode 100644 index 000000000000..309912d52732 --- /dev/null +++ b/.changes/1.36.20.json @@ -0,0 +1,42 @@ +[ + { + "category": "``artifact``", + "description": "Add support for listing active customer agreements for the calling AWS Account.", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "Doc-only updates for CloudTrail.", + "type": "api-change" + }, + { + "category": "``cognito-idp``", + "description": "Updated descriptions for some API operations and parameters, corrected some errors in Cognito user pools", + "type": "api-change" + }, + { + "category": "``controlcatalog``", + "description": "Minor documentation updates to the content of ImplementationDetails object part of the Control Catalog GetControl API", + "type": "api-change" + }, + { + "category": "``emr-serverless``", + "description": "This release adds support for accessing system profile logs in Lake Formation-enabled jobs.", + "type": "api-change" + }, + { + "category": "``mgh``", + "description": "API and documentation updates for AWS MigrationHub related to adding support for listing migration task updates and associating, disassociating and listing source resources", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "Introduces support for multi-region endpoint.", + "type": "api-change" + }, + { + "category": "``timestream-influxdb``", + "description": "Adds networkType parameter to CreateDbInstance API which allows IPv6 support to the InfluxDB endpoint", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.21.json b/.changes/1.36.21.json new file mode 100644 index 000000000000..39bc4239bbbc --- /dev/null +++ b/.changes/1.36.21.json @@ -0,0 +1,27 @@ +[ + { + "category": "``connect``", + "description": "Configure holidays and other overrides to hours of operation in advance. During contact handling, Amazon Connect automatically checks for overrides and provides customers with an appropriate flow path. After an override period passes call center automatically reverts to standard hours of operation.", + "type": "api-change" + }, + { + "category": "``dms``", + "description": "Add parameters to support for kerberos authentication. Add parameter for disabling the Unicode source filter with PostgreSQL settings. Add parameter to use large integer value with Kinesis/Kafka settings.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "To support customer-managed encryption in Data Quality to allow customers encrypt data with their own KMS key, we will add a DataQualityEncryption field to the SecurityConfiguration API where customers can provide their KMS keys.", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Improved descriptions for certain APIs.", + "type": "api-change" + }, + { + "category": "``route53domains``", + "description": "This release includes the following API updates: added the enumeration type RESTORE_DOMAIN to the OperationType; constrained the Price attribute to non-negative values; updated the LangCode to allow 2 or 3 alphabetical characters.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.22.json b/.changes/1.36.22.json new file mode 100644 index 000000000000..1e068976db97 --- /dev/null +++ b/.changes/1.36.22.json @@ -0,0 +1,37 @@ +[ + { + "category": "``cloudhsmv2``", + "description": "Add support for Dual-Stack hsm2m.medium clusters. The customers will now be able to create hsm2m.medium clusters having both IPv4 and IPv6 connection capabilities by specifying a new param called NetworkType=DUALSTACK during cluster creation.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds GroupId to the response for DeleteSecurityGroup.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Add NodeRepairConfig in CreateNodegroupRequest and UpdateNodegroupConfigRequest", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Limit PutIntegration IntegrationName and ListIntegrations IntegrationNamePrefix parameters to 50 characters", + "type": "api-change" + }, + { + "category": "``mediaconnect``", + "description": "AWS Elemental MediaConnect Gateway now supports Source Specific Multicast (SSM) for ingress bridges. This enables you to specify a source IP address in addition to a multicast IP when creating or updating an ingress bridge source.", + "type": "api-change" + }, + { + "category": "``networkmanager``", + "description": "There was a sentence fragment in UpdateDirectConnectGatewayAttachment that was causing customer confusion as to whether it's an incomplete sentence or if it was a typo. Removed the fragment.", + "type": "api-change" + }, + { + "category": "``servicediscovery``", + "description": "AWS Cloud Map now supports service-level attributes, allowing you to associate custom metadata directly with services. These attributes can be retrieved, updated, and deleted using the new GetServiceAttributes, UpdateServiceAttributes, and DeleteServiceAttributes API calls.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.23.json b/.changes/1.36.23.json new file mode 100644 index 000000000000..4361c9732a39 --- /dev/null +++ b/.changes/1.36.23.json @@ -0,0 +1,32 @@ +[ + { + "category": "``cloud9``", + "description": "Added information about Ubuntu 18.04 will be removed from the available imageIds for Cloud9 because Ubuntu 18.04 has ended standard support on May 31, 2023.", + "type": "api-change" + }, + { + "category": "``dlm``", + "description": "This release adds support for Local Zones in Amazon Data Lifecycle Manager EBS snapshot lifecycle policies.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds support for EBS local snapshots in AWS Dedicated Local Zones, which allows you to store snapshots of EBS volumes locally in Dedicated Local Zones.", + "type": "api-change" + }, + { + "category": "``greengrassv2``", + "description": "Add support for runtime in GetCoreDevice and ListCoreDevices APIs.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "AWS Elemental MediaLive adds three new features: MediaPackage v2 endpoint support for live stream delivery, KLV metadata passthrough in CMAF Ingest output groups, and Metadata Name Modifier in CMAF Ingest output groups for customizing metadata track names in output streams.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for the \"MYSQL_CACHING_SHA2_PASSWORD\" enum value for RDS Proxy ClientPasswordAuthType.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.24.json b/.changes/1.36.24.json new file mode 100644 index 000000000000..45fb0379d44a --- /dev/null +++ b/.changes/1.36.24.json @@ -0,0 +1,52 @@ +[ + { + "category": "``account``", + "description": "Update endpoint configuration.", + "type": "api-change" + }, + { + "category": "``backup``", + "description": "Add Support for Backup Indexing", + "type": "api-change" + }, + { + "category": "``backupsearch``", + "description": "Add support for searching backups", + "type": "api-change" + }, + { + "category": "``batch``", + "description": "This feature allows AWS Batch on Amazon EKS to support configuration of Pod Annotations, overriding Namespace on which the Batch job's Pod runs on, and allows Subpath and Persistent Volume claim to be set for AWS Batch on Amazon EKS jobs.", + "type": "api-change" + }, + { + "category": "``cleanroomsml``", + "description": "Add support for SQL compute configuration for StartAudienceGenerationJob API.", + "type": "api-change" + }, + { + "category": "``cloudfront``", + "description": "Adds support for OriginReadTimeout and OriginKeepaliveTimeout to create CloudFront Distributions with VPC Origins.", + "type": "api-change" + }, + { + "category": "``codepipeline``", + "description": "AWS CodePipeline V2 type pipelines now support Managed Compute Rule.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "Added support for enableFaultInjection task definition parameter which can be used to enable Fault Injection feature on ECS tasks.", + "type": "api-change" + }, + { + "category": "``m2``", + "description": "This release adds support for AWS Mainframe Modernization(M2) Service to allow specifying network type(ipv4, dual) for the environment instances. For dual network type, m2 environment applications will serve both IPv4 and IPv6 requests, whereas for ipv4 it will serve only IPv4 requests.", + "type": "api-change" + }, + { + "category": "``synthetics``", + "description": "Add support to toggle outbound IPv6 traffic on canaries connected to dualstack subnets. This behavior can be controlled via the new Ipv6AllowedForDualStack parameter of the VpcConfig input object in CreateCanary and UpdateCanary APIs.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.25.json b/.changes/1.36.25.json new file mode 100644 index 000000000000..8caed448506a --- /dev/null +++ b/.changes/1.36.25.json @@ -0,0 +1,52 @@ +[ + { + "category": "``amplify``", + "description": "Added WAF Configuration to Amplify Apps", + "type": "api-change" + }, + { + "category": "``budgets``", + "description": "Releasing minor partition endpoint updates", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release adds support for the UpdateParticipantAuthentication API used for customer authentication within Amazon Connect chats.", + "type": "api-change" + }, + { + "category": "``connectparticipant``", + "description": "This release adds support for the GetAuthenticationUrl and CancelParticipantAuthentication APIs used for customer authentication within Amazon Connect chats. There are also minor updates to the GetAttachment API.", + "type": "api-change" + }, + { + "category": "``datasync``", + "description": "AWS DataSync introduces the ability to update attributes for in-cloud locations.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "Release connectivity status query API which is a dedicated high throughput(TPS) API to query a specific device's most recent connectivity state and metadata.", + "type": "api-change" + }, + { + "category": "``mwaa``", + "description": "Added support for Apache Airflow version 2.10.3 to MWAA.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Add support for PerformanceConfiguration attribute to Dataset entity. Allow PerformanceConfiguration specification in CreateDataset and UpdateDataset APIs.", + "type": "api-change" + }, + { + "category": "``resiliencehub``", + "description": "AWS Resilience Hub now automatically detects already configured CloudWatch alarms and FIS experiments as part of the assessment process and returns the discovered resources in the corresponding list API responses. It also allows you to include or exclude test recommendations for an AppComponent.", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "Added AS2 agreement configurations to control filename preservation and message signing enforcement. Added AS2 connector configuration to preserve content type from S3 objects.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.26.json b/.changes/1.36.26.json new file mode 100644 index 000000000000..2021a6c778c8 --- /dev/null +++ b/.changes/1.36.26.json @@ -0,0 +1,32 @@ +[ + { + "category": "``appstream``", + "description": "Added support for Rocky Linux 8 on Amazon AppStream 2.0", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release adds support for inserting timecode tracks into MP4 container outputs.", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "MediaLive is releasing ListVersions api", + "type": "api-change" + }, + { + "category": "``qconnect``", + "description": "Amazon Q in Connect enables agents to ask Q for assistance in multiple languages and Q will provide answers and recommended step-by-step guides in those languages. Qs default language is English (United States) and you can switch this by setting the locale configuration on the AI Agent.", + "type": "api-change" + }, + { + "category": "``ssm-sap``", + "description": "AWS Systems Manager for SAP added support for registration and discovery of distributed ABAP applications", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added AWS Global Accelerator (AGA) support for WorkSpaces Personal.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.27.json b/.changes/1.36.27.json new file mode 100644 index 000000000000..d5659e162e80 --- /dev/null +++ b/.changes/1.36.27.json @@ -0,0 +1,62 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Support for custom user agent and max web pages crawled for web connector. Support app only credentials for SharePoint connector. Increase agents memory duration limit to 365 days. Support to specify max number of session summaries to include in agent invocation context.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "bedrock agents now supports long term memory and performance configs. Invokeflow supports performance configs. RetrieveAndGenerate performance configs", + "type": "api-change" + }, + { + "category": "``bedrock-data-automation``", + "description": "Documentation update for Amazon Bedrock Data Automation", + "type": "api-change" + }, + { + "category": "``bedrock-data-automation-runtime``", + "description": "Documentation update for Amazon Bedrock Data Automation Runtime", + "type": "api-change" + }, + { + "category": "``billing``", + "description": "Added new API's for defining and fetching Billing Views.", + "type": "api-change" + }, + { + "category": "``ce``", + "description": "Support for retrieving cost, usage, and forecast for billing view.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "This release supports adding NotAttributeCondition and Range to the RoutingCriteria object.", + "type": "api-change" + }, + { + "category": "``docdb``", + "description": "Support AWS Secret Manager managed password for AWS DocumentDB instance-based cluster.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "This release expands the catalog of upgrade insight checks", + "type": "api-change" + }, + { + "category": "``macie2``", + "description": "This release adds support for identifying S3 general purpose buckets that exceed the Amazon Macie quota for preventative control monitoring.", + "type": "api-change" + }, + { + "category": "``outposts``", + "description": "Add CS8365C as a supported power connector for Outpost sites.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release adds support for c6i, m6i and r6i instance on SageMaker Hyperpod and trn1 instances in batch", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.28.json b/.changes/1.36.28.json new file mode 100644 index 000000000000..c3153f7f8aff --- /dev/null +++ b/.changes/1.36.28.json @@ -0,0 +1,22 @@ +[ + { + "category": "``ecr``", + "description": "Documentation update for ECR GetAccountSetting and PutAccountSetting APIs.", + "type": "api-change" + }, + { + "category": "``ecr-public``", + "description": "Add support for Dualstack endpoints", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "This release adds support for DescribeClusterVersions API that provides important information about Kubernetes versions along with end of support dates", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Add IncludeRoot parameters to GetCatalogs API to return root catalog.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.29.json b/.changes/1.36.29.json new file mode 100644 index 000000000000..99ad69fa9b70 --- /dev/null +++ b/.changes/1.36.29.json @@ -0,0 +1,22 @@ +[ + { + "category": "``bcm-pricing-calculator``", + "description": "Added ConflictException to DeleteBillEstimate.", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "Add support for Dualstack Endpoints", + "type": "api-change" + }, + { + "category": "``network-firewall``", + "description": "Dual-stack endpoints are now supported.", + "type": "api-change" + }, + { + "category": "``securityhub``", + "description": "Documentation updates for AWS Security Hub", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.3.json b/.changes/1.36.3.json new file mode 100644 index 000000000000..148fc5a18c47 --- /dev/null +++ b/.changes/1.36.3.json @@ -0,0 +1,7 @@ +[ + { + "category": "``partnercentral-selling``", + "description": "Announcing AWS Partner Central API for Selling: This service launch Introduces new APIs for co-selling opportunity management and related functions. Key features include notifications, a dynamic sandbox for testing, and streamlined validations.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.30.json b/.changes/1.36.30.json new file mode 100644 index 000000000000..5de6390c0f0f --- /dev/null +++ b/.changes/1.36.30.json @@ -0,0 +1,7 @@ +[ + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation to correct various descriptions.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.31.json b/.changes/1.36.31.json new file mode 100644 index 000000000000..2b2057ebd861 --- /dev/null +++ b/.changes/1.36.31.json @@ -0,0 +1,12 @@ +[ + { + "category": "``ecr``", + "description": "Restoring custom endpoint functionality for ECR", + "type": "api-change" + }, + { + "category": "``ecr-public``", + "description": "Restoring custom endpoint functionality for ECR Public", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.32.json b/.changes/1.36.32.json new file mode 100644 index 000000000000..c4af0e67dfc0 --- /dev/null +++ b/.changes/1.36.32.json @@ -0,0 +1,37 @@ +[ + { + "category": "``appsync``", + "description": "Modify UpdateGraphQLAPI operation and flag authenticationType as required.", + "type": "api-change" + }, + { + "category": "``gamelift``", + "description": "Amazon GameLift releases a new game session shutdown feature. Use the Amazon GameLift console or AWS CLI to terminate an in-progress game session that's entered a bad state or is no longer needed.", + "type": "api-change" + }, + { + "category": "``mediaconnect``", + "description": "AWS Elemental MediaConnect now supports Content Quality Analysis for enhanced source stream monitoring. This enables you to track specific audio and video metrics in transport stream source flows, ensuring your content meets quality standards.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release adds support for the AVC3 codec and fixes an alignment issue with Japanese vertical captions.", + "type": "api-change" + }, + { + "category": "``organizations``", + "description": "Added ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED to ConstraintViolationException for the EnableAllFeatures operation.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adding ETag information with Model Artifacts for Model Registry", + "type": "api-change" + }, + { + "category": "``sqs``", + "description": "In-flight message typo fix from 20k to 120k.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.33.json b/.changes/1.36.33.json new file mode 100644 index 000000000000..51e9cc532bd9 --- /dev/null +++ b/.changes/1.36.33.json @@ -0,0 +1,17 @@ +[ + { + "category": "``ecs``", + "description": "Adding SDK reference examples for Amazon ECS operations.", + "type": "api-change" + }, + { + "category": "``route53domains``", + "description": "Doc only update for Route 53 Domains that fixes several customer-reported issues", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "This change is only for updating the model regexp of CopySource which is not for validation but only for documentation and user guide change.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.34.json b/.changes/1.36.34.json new file mode 100644 index 000000000000..9cf6cd8cf0b0 --- /dev/null +++ b/.changes/1.36.34.json @@ -0,0 +1,12 @@ +[ + { + "category": "``iotsecuretunneling``", + "description": "Adds dualstack endpoint support for IoT Secure Tunneling", + "type": "api-change" + }, + { + "category": "``supplychain``", + "description": "Allow vanity DNS domain when creating a new ASC instance", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.35.json b/.changes/1.36.35.json new file mode 100644 index 000000000000..824d663c08db --- /dev/null +++ b/.changes/1.36.35.json @@ -0,0 +1,22 @@ +[ + { + "category": "``cloudhsmv2``", + "description": "Adds support to ModifyCluster for modifying a Cluster's Hsm Type.", + "type": "api-change" + }, + { + "category": "``dynamodb``", + "description": "This release makes Amazon DynamoDB point-in-time-recovery (PITR) to be configurable. You can set PITR recovery period for each table individually to between 1 and 35 days.", + "type": "api-change" + }, + { + "category": "``imagebuilder``", + "description": "This release adds support for importing images from ISO disk files. Added new ImportDiskImage API operation.", + "type": "api-change" + }, + { + "category": "``s3 ls``", + "description": "Expose low-level ``ListBuckets` parameters ``Prefix`` and ``BucketRegion`` to high-level ``s3 ls`` command as ``--bucket-name-prefix`` and ``--bucket-region``.", + "type": "enhancement" + } +] \ No newline at end of file diff --git a/.changes/1.36.36.json b/.changes/1.36.36.json new file mode 100644 index 000000000000..689a15015b8d --- /dev/null +++ b/.changes/1.36.36.json @@ -0,0 +1,17 @@ +[ + { + "category": "``rds``", + "description": "Updates Amazon RDS documentation to clarify the RestoreDBClusterToPointInTime description.", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "Amazon Route 53 now supports the Asia Pacific (Thailand) Region (ap-southeast-7) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Adds support for IPv6 for SageMaker HyperPod cluster nodes.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.37.json b/.changes/1.36.37.json new file mode 100644 index 000000000000..776885cb0a99 --- /dev/null +++ b/.changes/1.36.37.json @@ -0,0 +1,17 @@ +[ + { + "category": "``codebuild``", + "description": "AWS CodeBuild Now Supports BuildBatch in Reserved Capacity and Lambda", + "type": "api-change" + }, + { + "category": "``compute-optimizer``", + "description": "This release expands AWS Compute Optimizer rightsizing recommendation support for Amazon EC2 Auto Scaling groups to include those with scaling policies and multiple instance types.", + "type": "api-change" + }, + { + "category": "``fms``", + "description": "AWS Firewall Manager now lets you combine multiple resource tags using the logical AND operator or the logical OR operator.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.38.json b/.changes/1.36.38.json new file mode 100644 index 000000000000..db30622d861a --- /dev/null +++ b/.changes/1.36.38.json @@ -0,0 +1,17 @@ +[ + { + "category": "``redshift``", + "description": "Additions to the PubliclyAccessible and Encrypted parameters clarifying what the defaults are.", + "type": "api-change" + }, + { + "category": "``securitylake``", + "description": "Doc only update for ServiceName that fixes several customer-reported issues", + "type": "api-change" + }, + { + "category": "``sts``", + "description": "Fixed typos in the descriptions.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.39.json b/.changes/1.36.39.json new file mode 100644 index 000000000000..d5042c05fe8c --- /dev/null +++ b/.changes/1.36.39.json @@ -0,0 +1,27 @@ +[ + { + "category": "``artifact``", + "description": "Support resolving regional API calls to partition's leader region endpoint.", + "type": "api-change" + }, + { + "category": "``bedrock``", + "description": "With this release, Bedrock Evaluation will now support latency-optimized inference for foundation models.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Add support for DisconnectOnSessionTimeout flag in CreateClientVpnEndpoint and ModifyClientVpnEndpoint requests and DescribeClientVpnEndpoints responses", + "type": "api-change" + }, + { + "category": "``kafkaconnect``", + "description": "Support updating connector configuration via UpdateConnector API. Release Operations API to monitor the status of the connector operation.", + "type": "api-change" + }, + { + "category": "``transcribe``", + "description": "This update provides tagging support for Transcribe's Call Analytics Jobs and Call Analytics Categories.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.4.json b/.changes/1.36.4.json new file mode 100644 index 000000000000..70b58aaa73c2 --- /dev/null +++ b/.changes/1.36.4.json @@ -0,0 +1,42 @@ +[ + { + "category": "``cloudwatch``", + "description": "Adds support for adding related Entity information to metrics ingested through PutMetricData.", + "type": "api-change" + }, + { + "category": "``connectcampaignsv2``", + "description": "Added Amazon Connect Outbound Campaigns V2 SDK.", + "type": "api-change" + }, + { + "category": "``datasync``", + "description": "Doc-only updates and enhancements related to creating DataSync tasks and describing task executions.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Remove non-functional enum variants for FleetCapacityReservationUsageStrategy", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "This release allows AWS IoT Core users to enrich MQTT messages with propagating attributes, to associate a thing to a connection, and to enable Online Certificate Status Protocol (OCSP) stapling for TLS X.509 server certificates through private endpoints.", + "type": "api-change" + }, + { + "category": "``outposts``", + "description": "You can now purchase AWS Outposts rack or server capacity for a 5-year term with one of the following payment options: All Upfront, Partial Upfront, and No Upfront.", + "type": "api-change" + }, + { + "category": "``pinpoint-sms-voice-v2``", + "description": "Use rule overrides to always allow or always block messages to specific phone numbers. Use message feedback to monitor if a customer interacts with your message.", + "type": "api-change" + }, + { + "category": "``route53resolver``", + "description": "Route 53 Resolver DNS Firewall Advanced Rules allows you to monitor and block suspicious DNS traffic based on anomalies detected in the queries, such as DNS tunneling and Domain Generation Algorithms (DGAs).", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.40.json b/.changes/1.36.40.json new file mode 100644 index 000000000000..b791ac137e72 --- /dev/null +++ b/.changes/1.36.40.json @@ -0,0 +1,12 @@ +[ + { + "category": "``gamelift``", + "description": "Amazon GameLift releases a new game session placement feature: PriorityConfigurationOverride. You can now override how a game session queue prioritizes placement locations for a single StartGameSessionPlacement request.", + "type": "api-change" + }, + { + "category": "``route53``", + "description": "Amazon Route 53 now supports the Mexico (Central) Region (mx-central-1) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.5.json b/.changes/1.36.5.json new file mode 100644 index 000000000000..1a997f87ccac --- /dev/null +++ b/.changes/1.36.5.json @@ -0,0 +1,57 @@ +[ + { + "category": "``appconfig``", + "description": "AWS AppConfig has added a new extension action point, AT_DEPLOYMENT_TICK, to support third-party monitors to trigger an automatic rollback during a deployment.", + "type": "api-change" + }, + { + "category": "``autoscaling``", + "description": "Amazon EC2 Auto Scaling now supports Amazon Application Recovery Controller (ARC) zonal shift and zonal autoshift to help you quickly recover an impaired application from failures in an Availability Zone (AZ).", + "type": "api-change" + }, + { + "category": "``cloudformation``", + "description": "This release adds a new API, ListHookResults, that allows retrieving CloudFormation Hooks invocation results for hooks invoked during a create change set operation or Cloud Control API operation", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Adds CreateContactFlowVersion and ListContactFlowVersions APIs to create and view the versions of a contact flow.", + "type": "api-change" + }, + { + "category": "``customer-profiles``", + "description": "This release introduces Segmentation APIs and new Calculated Attribute Event Filters as part of Amazon Connect Customer Profiles service.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Adding request and response elements for managed resources.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release adds support for adding VPC Lattice configurations in ECS CreateService/UpdateService APIs. The configuration allows for associating VPC Lattice target groups with ECS Services.", + "type": "api-change" + }, + { + "category": "``iotsitewise``", + "description": "The release introduces a generative AI Assistant in AWS IoT SiteWise. It includes: 1) InvokeAssistant API - Invoke the Assistant to get alarm summaries and ask questions. 2) Dataset APIs - Manage knowledge base configuration for the Assistant. 3) Portal APIs enhancement - Manage AI-aware dashboards.", + "type": "api-change" + }, + { + "category": "``qconnect``", + "description": "This release introduces MessageTemplate as a resource in Amazon Q in Connect, along with APIs to create, read, search, update, and delete MessageTemplate resources.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Add support for the automatic pause/resume feature of Aurora Serverless v2.", + "type": "api-change" + }, + { + "category": "``rds-data``", + "description": "Add support for the automatic pause/resume feature of Aurora Serverless v2.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.6.json b/.changes/1.36.6.json new file mode 100644 index 000000000000..eeec8dccb826 --- /dev/null +++ b/.changes/1.36.6.json @@ -0,0 +1,47 @@ +[ + { + "category": "``b2bi``", + "description": "Add new X12 transactions sets and versions", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release adds VPC Block Public Access (VPC BPA), a new declarative control which blocks resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release introduces support for configuring the version consistency feature for individual containers defined within a task definition. The configuration allows to specify whether ECS should resolve the container image tag specified in the container definition to an image digest.", + "type": "api-change" + }, + { + "category": "``efs``", + "description": "Add support for the new parameters in EFS replication APIs", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "AWS Glue Data Catalog now enhances managed table optimizations of Apache Iceberg tables that can be accessed only from a specific Amazon Virtual Private Cloud (VPC) environment.", + "type": "api-change" + }, + { + "category": "``keyspaces``", + "description": "Amazon Keyspaces Multi-Region Replication: Adds support to add new regions to multi and single-region keyspaces.", + "type": "api-change" + }, + { + "category": "``mwaa``", + "description": "Amazon MWAA now supports a new environment class, mw1.micro, ideal for workloads requiring fewer resources than mw1.small. This class supports a single instance of each Airflow component: Scheduler, Worker, and Webserver.", + "type": "api-change" + }, + { + "category": "``taxsettings``", + "description": "Release Tax Inheritance APIs, Tax Exemption APIs, and functionality update for some existing Tax Registration APIs", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Releasing new ErrorCodes for Image Validation failure during CreateWorkspaceImage process", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.7.json b/.changes/1.36.7.json new file mode 100644 index 000000000000..855bee29fc28 --- /dev/null +++ b/.changes/1.36.7.json @@ -0,0 +1,102 @@ +[ + { + "category": "``autoscaling``", + "description": "With this release, customers can prioritize launching instances into ODCRs using targets from ASGs or Launch Templates. Customers can express their baseline instances' CPU-performance in attribute-based Instance Requirements configuration by referencing an instance family that meets their needs.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Releasing new Prompt Optimization to enhance your prompts for improved performance", + "type": "api-change" + }, + { + "category": "``cloudfront``", + "description": "Add support for gRPC, VPC origins, and Anycast IP Lists. Allow LoggingConfig IncludeCookies to be set regardless of whether the LoggingConfig is enabled.", + "type": "api-change" + }, + { + "category": "``compute-optimizer``", + "description": "This release enables AWS Compute Optimizer to analyze and generate optimization recommendations for Amazon Aurora database instances. It also enables Compute Optimizer to identify idle Amazon EC2 instances, Amazon EBS volumes, Amazon ECS services running on Fargate, and Amazon RDS databases.", + "type": "api-change" + }, + { + "category": "``controltower``", + "description": "Adds support for child enabled baselines which allow you to see the enabled baseline status for individual accounts.", + "type": "api-change" + }, + { + "category": "``cost-optimization-hub``", + "description": "This release adds action type \"Delete\" to the GetRecommendation, ListRecommendations and ListRecommendationSummaries APIs to support new EBS and ECS recommendations with action type \"Delete\".", + "type": "api-change" + }, + { + "category": "``datazone``", + "description": "This release supports Metadata Enforcement Rule feature for Create Subscription Request action.", + "type": "api-change" + }, + { + "category": "``discovery``", + "description": "Add support to import data from commercially available discovery tools without file manipulation.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "With this release, customers can express their desire to launch instances only in an ODCR or ODCR group rather than OnDemand capacity. Customers can express their baseline instances' CPU-performance in attribute-based Instance Requirements configuration by referencing an instance family.", + "type": "api-change" + }, + { + "category": "``ecs``", + "description": "This release adds support for the Availability Zone rebalancing feature on Amazon ECS.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "This release adds support for configuring Load balancer Capacity Unit reservations", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add Node 22.x (node22.x) support to AWS Lambda", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release adds the ability to reconfigure concurrent job settings for existing queues and create queues with custom concurrent job settings.", + "type": "api-change" + }, + { + "category": "``mediapackagev2``", + "description": "MediaPackage v2 now supports the Media Quality Confidence Score (MQCS) published from MediaLive. Customers can control input switching based on the MQCS and publishing HTTP Headers for the MQCS via the API.", + "type": "api-change" + }, + { + "category": "``omics``", + "description": "Enabling call caching feature that allows customers to reuse previously computed results from a set of completed tasks in a new workflow run.", + "type": "api-change" + }, + { + "category": "``rbin``", + "description": "This release adds support for exclusion tags for Recycle Bin, which allows you to identify resources that are to be excluded, or ignored, by a Region-level retention rule.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "This release adds support for scale storage on the DB instance using a Blue/Green Deployment.", + "type": "api-change" + }, + { + "category": "``timestream-query``", + "description": "This release adds support for Provisioning Timestream Compute Units (TCUs), a new feature that allows provisioning dedicated compute resources for your queries, providing predictable and cost-effective query performance.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added support for Rocky Linux 8 on Amazon WorkSpaces Personal.", + "type": "api-change" + }, + { + "category": "``workspaces-web``", + "description": "Added data protection settings with support for inline data redaction.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.8.json b/.changes/1.36.8.json new file mode 100644 index 000000000000..fb331f935765 --- /dev/null +++ b/.changes/1.36.8.json @@ -0,0 +1,112 @@ +[ + { + "category": "``apigateway``", + "description": "Added support for custom domain names for private APIs.", + "type": "api-change" + }, + { + "category": "``application-autoscaling``", + "description": "Application Auto Scaling now supports Predictive Scaling to proactively increase the desired capacity ahead of predicted demand, ensuring improved availability and responsiveness for customers' applications. This feature is currently only made available for Amazon ECS Service scalable targets.", + "type": "api-change" + }, + { + "category": "``appsync``", + "description": "Add support for the Amazon Bedrock Runtime.", + "type": "api-change" + }, + { + "category": "``ce``", + "description": "This release introduces three new APIs that enable you to estimate the cost, coverage, and utilization impact of Savings Plans you plan to purchase. The three APIs are StartCommitmentPurchaseAnalysis, GetCommitmentPurchaseAnalysis, and ListCommitmentPurchaseAnalyses.", + "type": "api-change" + }, + { + "category": "``cloudfront``", + "description": "Adds support for Origin Selection between EMPv2 origins based on media quality score.", + "type": "api-change" + }, + { + "category": "``cloudtrail``", + "description": "This release introduces new APIs for creating and managing CloudTrail Lake dashboards. It also adds support for resource-based policies on CloudTrail EventDataStore and Dashboard resource.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Adds support for requesting future-dated Capacity Reservations with a minimum commitment duration, enabling IPAM for organizational units within AWS Organizations, reserving EC2 Capacity Blocks that start in 30 minutes, and extending the end date of existing Capacity Blocks.", + "type": "api-change" + }, + { + "category": "``elasticache``", + "description": "Added support to modify the engine type for existing ElastiCache Users and User Groups. Customers can now modify the engine type from redis to valkey.", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "This feature adds support for enabling zonal shift on cross-zone enabled Application Load Balancer, as well as modifying HTTP request and response headers.", + "type": "api-change" + }, + { + "category": "``health``", + "description": "Adds metadata property to an AffectedEntity.", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "General Availability (GA) release of AWS IoT Device Management - Commands, to trigger light-weight remote actions on targeted devices", + "type": "api-change" + }, + { + "category": "``iotfleetwise``", + "description": "AWS IoT FleetWise now includes campaign parameters to store and forward data, configure MQTT topic as a data destination, and collect diagnostic trouble code data. It includes APIs for network agnostic data collection using custom decoding interfaces, and monitoring the last known state of vehicles.", + "type": "api-change" + }, + { + "category": "``iot-jobs-data``", + "description": "General Availability (GA) release of AWS IoT Device Management - Commands, to trigger light-weight remote actions on targeted devices", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Adds support for metrics for event source mappings for AWS Lambda", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Adds \"Create field indexes to improve query performance and reduce scan volume\" and \"Transform logs during ingestion\". Updates documentation for \"PutLogEvents with Entity\".", + "type": "api-change" + }, + { + "category": "``notifications``", + "description": "This release adds support for AWS User Notifications. You can now configure and view notifications from AWS services in a central location using the AWS SDK.", + "type": "api-change" + }, + { + "category": "``notificationscontacts``", + "description": "This release adds support for AWS User Notifications Contacts. You can now configure and view email contacts for AWS User Notifications using the AWS SDK.", + "type": "api-change" + }, + { + "category": "``resiliencehub``", + "description": "AWS Resilience Hub's new summary view visually represents applications' resilience through charts, enabling efficient resilience management. It provides a consolidated view of the app portfolio's resilience state and allows data export for custom stakeholder reporting.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Add support for conditional deletes for the S3 DeleteObject and DeleteObjects APIs. Add support for write offset bytes option used to append to objects with the S3 PutObject API.", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "Added support for providing high-level overviews of managed nodes and previewing the potential impact of a runbook execution.", + "type": "api-change" + }, + { + "category": "``ssm-quicksetup``", + "description": "Add methods that retrieve details about deployed configurations: ListConfigurations, GetConfiguration", + "type": "api-change" + }, + { + "category": "``xray``", + "description": "AWS X-Ray introduces Transaction Search APIs, enabling span ingestion into CloudWatch Logs for high-scale trace data indexing. These APIs support span-level queries, trace graph generation, and metric correlation for deeper application insights.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.36.9.json b/.changes/1.36.9.json new file mode 100644 index 000000000000..2053793705e5 --- /dev/null +++ b/.changes/1.36.9.json @@ -0,0 +1,107 @@ +[ + { + "category": "``autoscaling``", + "description": "Now, Amazon EC2 Auto Scaling customers can enable target tracking policies to take quicker scaling decisions, enhancing their application performance and EC2 utilization. To get started, specify target tracking to monitor a metric that is available on Amazon CloudWatch at seconds-level interval.", + "type": "api-change" + }, + { + "category": "``bcm-pricing-calculator``", + "description": "Initial release of the AWS Billing and Cost Management Pricing Calculator API.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "InvokeInlineAgent API release to help invoke runtime agents without any dependency on preconfigured agents.", + "type": "api-change" + }, + { + "category": "``ce``", + "description": "This release adds the Impact field(contains Contribution field) to the GetAnomalies API response under RootCause", + "type": "api-change" + }, + { + "category": "``chatbot``", + "description": "Adds support for programmatic management of custom actions and aliases which can be associated with channel configurations.", + "type": "api-change" + }, + { + "category": "``codepipeline``", + "description": "AWS CodePipeline V2 type pipelines now support ECRBuildAndPublish and InspectorScan actions.", + "type": "api-change" + }, + { + "category": "``cognito-idp``", + "description": "Add support for users to sign up and sign in without passwords, using email and SMS OTPs and Passkeys. Add support for Passkeys based on WebAuthn. Add support for enhanced branding customization for hosted authentication pages with Amazon Cognito Managed Login. Add feature tiers with new pricing.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Amazon Connect Service Feature: Add APIs for Amazon Connect Email Channel", + "type": "api-change" + }, + { + "category": "``elbv2``", + "description": "This release adds support for advertising trusted CA certificate names in associated trust stores.", + "type": "api-change" + }, + { + "category": "``emr``", + "description": "Advanced Scaling in Amazon EMR Managed Scaling", + "type": "api-change" + }, + { + "category": "``inspector2``", + "description": "Extend inspector2 service model to include ServiceQuotaExceededException.", + "type": "api-change" + }, + { + "category": "``lambda``", + "description": "Add ProvisionedPollerConfig to Lambda event-source-mapping API.", + "type": "api-change" + }, + { + "category": "``mailmanager``", + "description": "Added new \"DeliverToQBusiness\" rule action to MailManager RulesSet for ingesting email data into Amazon Q Business customer applications", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Add 4 new APIs to support new Export features, allowing Parquet and CSV formats. Add new arguments in Import APIs to support Parquet import. Add a new query \"neptune.read\" to run algorithms without loading data into database", + "type": "api-change" + }, + { + "category": "``omics``", + "description": "This release adds support for resource policy based cross account S3 access to sequence store read sets.", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "This release includes: Update APIs to support Image, Layer Map, font customization, and Plugin Visual. Add Identity center related information in ListNamsespace API. Update API for restrictedFolder support in topics and add API for SearchTopics, Describe/Update DashboardsQA Configration.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release adds APIs for new features for SageMaker endpoint to scale down to zero instances, native support for multi-adapter inference, and endpoint scaling improvements.", + "type": "api-change" + }, + { + "category": "``ses``", + "description": "This release adds support for starting email contacts in your Amazon Connect instance as an email receiving action.", + "type": "api-change" + }, + { + "category": "``sns``", + "description": "ArchivePolicy attribute added to Archive and Replay feature", + "type": "api-change" + }, + { + "category": "``stepfunctions``", + "description": "Add support for variables and JSONata in TestState, GetExecutionHistory, DescribeStateMachine, and DescribeStateMachineForExecution", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "While integrating WSP-DCV rebrand, a few mentions were erroneously renamed from WSP to DCV. This release reverts those mentions back to WSP.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.0.json b/.changes/1.37.0.json new file mode 100644 index 000000000000..e585c5c9293e --- /dev/null +++ b/.changes/1.37.0.json @@ -0,0 +1,62 @@ +[ + { + "category": "``apigateway``", + "description": "Documentation updates for Amazon API Gateway", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Now supports streaming for inline agents.", + "type": "api-change" + }, + { + "category": "``cognito-identity``", + "description": "corrects the dual-stack endpoint configuration", + "type": "api-change" + }, + { + "category": "``partnercentral-selling``", + "description": "Add Tagging support for ResourceSnapshotJob resources", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "This change enhances integrity protections for new SDK requests to S3. S3 SDKs now support the CRC64NVME checksum algorithm, full object checksums for multipart S3 objects, and new default integrity protections for S3 requests.", + "type": "api-change" + }, + { + "category": "``security-ir``", + "description": "Increase minimum length of Threat Actor IP 'userAgent' to 1.", + "type": "api-change" + }, + { + "category": "``sesv2``", + "description": "This release introduces a new recommendation in Virtual Deliverability Manager Advisor, which detects elevated complaint rates for customer sending identities.", + "type": "api-change" + }, + { + "category": "``workspaces``", + "description": "Added GeneralPurpose.4xlarge & GeneralPurpose.8xlarge ComputeTypes.", + "type": "api-change" + }, + { + "category": "``workspaces-thin-client``", + "description": "Mark type in MaintenanceWindow as required.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "The S3 client attempts to validate response checksums for all S3 API operations that support checksums. However, if the SDK has not implemented the specified checksum algorithm then this validation is skipped. Checksum validation behavior can be configured using the ``when_supported`` and ``when_required`` options - in code using the ``response_checksum_validation`` parameter for ``botocore.config.Config``, in the shared AWS config file using ``response_checksum_validation``, or as an env variable using ``AWS_RESPONSE_CHECKSUM_VALIDATION``.", + "type": "feature" + }, + { + "category": "``s3``", + "description": "Added support for the CRC64NVME checksum algorithm in the S3 client through the optional AWS CRT (``awscrt``) dependency.", + "type": "feature" + }, + { + "category": "``s3``", + "description": "S3 client behavior is updated to always calculate a CRC32 checksum by default for operations that support it (such as PutObject or UploadPart), or require it (such as DeleteObjects). Checksum behavior can be configured using ``when_supported`` and ``when_required`` options - in code using the ``request_checksum_calculation`` parameter for ``botocore.config.Config``, in the shared AWS config file using ``request_checksum_calculation``, or as an env variable using ``AWS_REQUEST_CHECKSUM_CALCULATION``. Note: Botocore will no longer automatically compute and populate the Content-MD5 header.", + "type": "feature" + } +] \ No newline at end of file diff --git a/.changes/1.37.1.json b/.changes/1.37.1.json new file mode 100644 index 000000000000..2e77650de0f0 --- /dev/null +++ b/.changes/1.37.1.json @@ -0,0 +1,12 @@ +[ + { + "category": "``ecs``", + "description": "The release addresses Amazon ECS documentation tickets.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Added support for ml.trn1.32xlarge instance type in Reserved Capacity Offering", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.10.json b/.changes/1.37.10.json new file mode 100644 index 000000000000..c8ecdf706555 --- /dev/null +++ b/.changes/1.37.10.json @@ -0,0 +1,42 @@ +[ + { + "category": "``appstream``", + "description": "Add support for managing admin consent requirement on selected domains for OneDrive Storage Connectors in AppStream2.0.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "Add a 'reason' field to InternalServerException", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "Temporarily updating dualstack endpoint support", + "type": "api-change" + }, + { + "category": "``ecr-public``", + "description": "Temporarily updating dualstack endpoint support", + "type": "api-change" + }, + { + "category": "``mediatailor``", + "description": "Adds options for configuring how MediaTailor conditions ads before inserting them into the content stream. Based on the new settings, MediaTailor will either transcode ads to match the content stream as it has in the past, or it will insert ads without first transcoding them.", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Added APIs to manage QBusiness user subscriptions", + "type": "api-change" + }, + { + "category": "``s3tables``", + "description": "You can now use the CreateTable API operation to create tables with schemas by adding an optional metadata argument.", + "type": "api-change" + }, + { + "category": "``verifiedpermissions``", + "description": "Adds Cedar JSON format support for entities and context data in authorization requests", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.11.json b/.changes/1.37.11.json new file mode 100644 index 000000000000..40166a6a5c04 --- /dev/null +++ b/.changes/1.37.11.json @@ -0,0 +1,32 @@ +[ + { + "category": "``amp``", + "description": "Add support for sending metrics to cross account and CMCK AMP workspaces through RoleConfiguration on Create/Update Scraper.", + "type": "api-change" + }, + { + "category": "``bedrock-agent-runtime``", + "description": "This change is to deprecate the existing citation field under RetrieveAndGenerateStream API response in lieu of GeneratedResponsePart and RetrievedReferences", + "type": "api-change" + }, + { + "category": "``codebuild``", + "description": "Added support for CodeBuild self-hosted Buildkite runner builds", + "type": "api-change" + }, + { + "category": "``geo-routes``", + "description": "The OptimizeWaypoints API now supports 50 waypoints per request (20 with constraints like AccessHours or AppointmentTime). It adds waypoint clustering via Clustering and ClusteringIndex for better optimization. Also, total distance validation is removed for greater flexibility.", + "type": "api-change" + }, + { + "category": "``rds``", + "description": "Updates to Aurora MySQL and Aurora PostgreSQL API pages with instance log type in the create and modify DB Cluster.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "This release introduces a new valid value in InstanceType parameter: p5en.48xlarge, in ProductionVariant.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.12.json b/.changes/1.37.12.json new file mode 100644 index 000000000000..2cb82857eefb --- /dev/null +++ b/.changes/1.37.12.json @@ -0,0 +1,7 @@ +[ + { + "category": "``mediatailor``", + "description": "Add support for CloudWatch Vended Logs which allows for delivery of customer logs to CloudWatch Logs, S3, or Firehose.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.13.json b/.changes/1.37.13.json new file mode 100644 index 000000000000..b021503cc9c3 --- /dev/null +++ b/.changes/1.37.13.json @@ -0,0 +1,32 @@ +[ + { + "category": "``datasync``", + "description": "Doc-only update to provide more information on using Kerberos authentication with SMB locations.", + "type": "api-change" + }, + { + "category": "``dms``", + "description": "Introduces TargetDataSettings with the TablePreparationMode option available for data migrations.", + "type": "api-change" + }, + { + "category": "``iam``", + "description": "This release adds support for accepting encrypted SAML assertions. Customers can now configure their identity provider to encrypt the SAML assertions it sends to IAM.", + "type": "api-change" + }, + { + "category": "``neptune-graph``", + "description": "Added argument to `list-export` to filter by graph ID", + "type": "api-change" + }, + { + "category": "``qbusiness``", + "description": "Adds functionality to enable/disable a new Q Business Chat orchestration feature. If enabled, Q Business can orchestrate over datasources and plugins without the need for customers to select specific chat modes.", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "IPv6 support for Hyperpod clusters", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.14.json b/.changes/1.37.14.json new file mode 100644 index 000000000000..2b14e6c30cfc --- /dev/null +++ b/.changes/1.37.14.json @@ -0,0 +1,7 @@ +[ + { + "category": "``rds``", + "description": "Documentation updates to clarify the description for the parameter AllocatedStorage for the DB cluster data type, the description for the parameter DeleteAutomatedBackups for the DeleteDBCluster API operation, and removing an outdated note for the CreateDBParameterGroup API operation.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.15.json b/.changes/1.37.15.json new file mode 100644 index 000000000000..073945b45f6c --- /dev/null +++ b/.changes/1.37.15.json @@ -0,0 +1,22 @@ +[ + { + "category": "``cloudformation``", + "description": "We added 5 new stack refactoring APIs: CreateStackRefactor, ExecuteStackRefactor, ListStackRefactors, DescribeStackRefactor, ListStackRefactorActions.", + "type": "api-change" + }, + { + "category": "``connectcases``", + "description": "This release adds the ability to conditionally require fields on a template. Check public documentation for more information.", + "type": "api-change" + }, + { + "category": "``cost-optimization-hub``", + "description": "This release enables AWS Cost Optimization Hub to show cost optimization recommendations for Amazon Auto Scaling Groups, including those with single and mixed instance types.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Updated list of the valid AWS Region values for the LocationConstraint parameter for general purpose buckets.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.16.json b/.changes/1.37.16.json new file mode 100644 index 000000000000..68ff1d3c6f60 --- /dev/null +++ b/.changes/1.37.16.json @@ -0,0 +1,27 @@ +[ + { + "category": "``ecr``", + "description": "Adds support to handle the new basic scanning daily quota.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Introduce versionStatus field to take place of status field in EKS DescribeClusterVersions API", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release adds support for Animated GIF output, forced chroma sample positioning metadata, and Extensible Wave Container format", + "type": "api-change" + }, + { + "category": "``pi``", + "description": "Adds documentation for dimension groups and dimensions to analyze locks for Database Insights.", + "type": "api-change" + }, + { + "category": "``transcribe``", + "description": "This release adds support for the Clinical Note Template Customization feature for the AWS HealthScribe APIs within Amazon Transcribe.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.17.json b/.changes/1.37.17.json new file mode 100644 index 000000000000..825530a91c69 --- /dev/null +++ b/.changes/1.37.17.json @@ -0,0 +1,22 @@ +[ + { + "category": "``apigatewayv2``", + "description": "Documentation updates for Amazon API Gateway", + "type": "api-change" + }, + { + "category": "``cloudfront``", + "description": "Doc-only update that adds defaults for CloudFront VpcOriginEndpointConfig values.", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Updated the CreateContact API documentation to indicate that it only applies to EMAIL contacts.", + "type": "api-change" + }, + { + "category": "``dms``", + "description": "New vendors for DMS Data Providers: DB2 LUW and DB2 for z/OS", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.2.json b/.changes/1.37.2.json new file mode 100644 index 000000000000..b39c72d4d2f8 --- /dev/null +++ b/.changes/1.37.2.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bedrock-runtime``", + "description": "Allow hyphens in tool name for Converse and ConverseStream APIs", + "type": "api-change" + }, + { + "category": "``detective``", + "description": "Doc only update for Detective documentation.", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "Release u7i-6tb.112xlarge, u7i-8tb.112xlarge, u7inh-32tb.480xlarge, p5e.48xlarge, p5en.48xlarge, f2.12xlarge, f2.48xlarge, trn2.48xlarge instance types.", + "type": "api-change" + }, + { + "category": "``notifications``", + "description": "Added support for Managed Notifications, integration with AWS Organization and added aggregation summaries for Aggregate Notifications", + "type": "api-change" + }, + { + "category": "``sagemaker``", + "description": "Correction of docs for \"Added support for ml.trn1.32xlarge instance type in Reserved Capacity Offering\"", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.3.json b/.changes/1.37.3.json new file mode 100644 index 000000000000..94029600af68 --- /dev/null +++ b/.changes/1.37.3.json @@ -0,0 +1,42 @@ +[ + { + "category": "``batch``", + "description": "Documentation-only update: clarified the description of the shareDecaySeconds parameter of the FairsharePolicy data type, clarified the description of the priority parameter of the JobQueueDetail data type.", + "type": "api-change" + }, + { + "category": "``cognito-idp``", + "description": "corrects the dual-stack endpoint configuration for cognitoidp", + "type": "api-change" + }, + { + "category": "``connect``", + "description": "Added DeleteContactFlowVersion API and the CAMPAIGN flow type", + "type": "api-change" + }, + { + "category": "``emr-serverless``", + "description": "Increasing entryPoint in SparkSubmit to accept longer script paths. New limit is 4kb.", + "type": "api-change" + }, + { + "category": "``iotsitewise``", + "description": "AWS IoT SiteWise now supports ingestion and querying of Null (all data types) and NaN (double type) values of bad or uncertain data quality. New partial error handling prevents data loss during ingestion. Enabled by default for new customers; existing customers can opt-in.", + "type": "api-change" + }, + { + "category": "``logs``", + "description": "Documentation-only update to address doc errors", + "type": "api-change" + }, + { + "category": "``quicksight``", + "description": "Added `DigitGroupingStyle` in ThousandsSeparator to allow grouping by `LAKH`( Indian Grouping system ) currency. Support LAKH and `CRORE` currency types in Column Formatting.", + "type": "api-change" + }, + { + "category": "``sns``", + "description": "This release adds support for the topic attribute FifoThroughputScope for SNS FIFO topics. For details, see the documentation history in the Amazon Simple Notification Service Developer Guide.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.4.json b/.changes/1.37.4.json new file mode 100644 index 000000000000..9142e622e669 --- /dev/null +++ b/.changes/1.37.4.json @@ -0,0 +1,22 @@ +[ + { + "category": "``bedrock-agent-runtime``", + "description": "Adds multi-turn input support for an Agent node in an Amazon Bedrock Flow", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Docs Update for timeout changes", + "type": "api-change" + }, + { + "category": "``medialive``", + "description": "AWS Elemental MediaLive adds a new feature, ID3 segment tagging, in CMAF Ingest output groups. It allows customers to insert ID3 tags into every output segment, controlled by a newly added channel schedule action Id3SegmentTagging.", + "type": "api-change" + }, + { + "category": "``workspaces-thin-client``", + "description": "Rename WorkSpaces Web to WorkSpaces Secure Browser", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.5.json b/.changes/1.37.5.json new file mode 100644 index 000000000000..80c9496ad909 --- /dev/null +++ b/.changes/1.37.5.json @@ -0,0 +1,7 @@ +[ + { + "category": "``ec2``", + "description": "Added \"future\" allocation type for future dated capacity reservation", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.6.json b/.changes/1.37.6.json new file mode 100644 index 000000000000..e57e3527f4da --- /dev/null +++ b/.changes/1.37.6.json @@ -0,0 +1,32 @@ +[ + { + "category": "``cloudtrail``", + "description": "This release introduces the SearchSampleQueries API that allows users to search for CloudTrail Lake sample queries.", + "type": "api-change" + }, + { + "category": "``eks``", + "description": "Adds support for UpdateStrategies in EKS Managed Node Groups.", + "type": "api-change" + }, + { + "category": "``healthlake``", + "description": "Added new authorization strategy value 'SMART_ON_FHIR' for CreateFHIRDatastore API to support Smart App 2.0", + "type": "api-change" + }, + { + "category": "``ssm``", + "description": "Systems Manager doc-only update for January, 2025.", + "type": "api-change" + }, + { + "category": "``sso-oidc``", + "description": "Fixed typos in the descriptions.", + "type": "api-change" + }, + { + "category": "``transfer``", + "description": "Added CustomDirectories as a new directory option for storing inbound AS2 messages, MDN files and Status files.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.7.json b/.changes/1.37.7.json new file mode 100644 index 000000000000..aa1b97abae8f --- /dev/null +++ b/.changes/1.37.7.json @@ -0,0 +1,22 @@ +[ + { + "category": "``bedrock-agent``", + "description": "Add support for the prompt caching feature for Bedrock Prompt Management", + "type": "api-change" + }, + { + "category": "``iot``", + "description": "Raised the documentParameters size limit to 30 KB for AWS IoT Device Management - Jobs.", + "type": "api-change" + }, + { + "category": "``mediaconvert``", + "description": "This release adds support for dynamic audio configuration and the ability to disable the deblocking filter for h265 encodes.", + "type": "api-change" + }, + { + "category": "``s3control``", + "description": "Minor fix to ARN validation for Lambda functions passed to S3 Batch Operations", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.8.json b/.changes/1.37.8.json new file mode 100644 index 000000000000..e68e5acbb29b --- /dev/null +++ b/.changes/1.37.8.json @@ -0,0 +1,32 @@ +[ + { + "category": "``appsync``", + "description": "Add stash and outErrors to EvaluateCode/EvaluateMappingTemplate response", + "type": "api-change" + }, + { + "category": "``datasync``", + "description": "AWS DataSync now supports the Kerberos authentication protocol for SMB locations.", + "type": "api-change" + }, + { + "category": "``deadline``", + "description": "feature: Deadline: Add support for limiting the concurrent usage of external resources, like floating licenses, using limits and the ability to constrain the maximum number of workers that work on a job", + "type": "api-change" + }, + { + "category": "``ec2``", + "description": "This release changes the CreateFleet CLI and SDK's such that if you do not specify a client token, a randomly generated token is used for the request to ensure idempotency.", + "type": "api-change" + }, + { + "category": "``firehose``", + "description": "For AppendOnly streams, Firehose will automatically scale to match your throughput.", + "type": "api-change" + }, + { + "category": "``timestream-influxdb``", + "description": "Adds 'allocatedStorage' parameter to UpdateDbInstance API that allows increasing the database instance storage size and 'dbStorageType' parameter to UpdateDbInstance API that allows changing the storage type of the database instance", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/1.37.9.json b/.changes/1.37.9.json new file mode 100644 index 000000000000..b24ad64671b9 --- /dev/null +++ b/.changes/1.37.9.json @@ -0,0 +1,27 @@ +[ + { + "category": "``bcm-pricing-calculator``", + "description": "Added ConflictException error type in DeleteBillScenario, BatchDeleteBillScenarioCommitmentModification, BatchDeleteBillScenarioUsageModification, BatchUpdateBillScenarioUsageModification, and BatchUpdateBillScenarioCommitmentModification API operations.", + "type": "api-change" + }, + { + "category": "``ecr``", + "description": "Add support for Dualstack and Dualstack-with-FIPS Endpoints", + "type": "api-change" + }, + { + "category": "``ecr-public``", + "description": "Add support for Dualstack Endpoints", + "type": "api-change" + }, + { + "category": "``mailmanager``", + "description": "This release includes a new feature for Amazon SES Mail Manager which allows customers to specify known addresses and domains and make use of those in traffic policies and rules actions to distinguish between known and unknown entries.", + "type": "api-change" + }, + { + "category": "``s3``", + "description": "Change the type of MpuObjectSize in CompleteMultipartUploadRequest from int to long.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.github/ISSUE_TEMPLATE/bug-report.yml b/.github/ISSUE_TEMPLATE/bug-report.yml index 6a1235a7db26..3d1162d17c2e 100644 --- a/.github/ISSUE_TEMPLATE/bug-report.yml +++ b/.github/ISSUE_TEMPLATE/bug-report.yml @@ -12,6 +12,14 @@ body: description: What is the problem? A clear and concise description of the bug. validations: required: true + - type: checkboxes + id: regression + attributes: + label: Regression Issue + description: What is a regression? If it worked in a previous version but doesn't in the latest version, it's considered a regression. In this case, please provide specific version number in the report. + options: + - label: Select this option if this issue appears to be a regression. + required: false - type: textarea id: expected attributes: diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 22e8ed7b57d5..6945426981e5 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,6 +10,16 @@ updates: - dependency-name: "*" update-types: ["version-update:semver-patch"] + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "sunday" + target-branch: "gh-pages" + ignore: + - dependency-name: "*" + update-types: ["version-update:semver-patch"] + - package-ecosystem: "pip" directory: "/" open-pull-requests-limit: 10 @@ -51,3 +61,21 @@ updates: - dependency-name: "pyyaml" - dependency-name: "wheel" - dependency-name: "rsa" + + - package-ecosystem: "pip" + directory: "/" + open-pull-requests-limit: 10 + schedule: + interval: "weekly" + day: "sunday" + target-branch: "gh-pages" + labels: + - "dependencies" + - "gh-pages" + allow: + - dependency-name: "Sphinx" + - dependency-name: "furo" + - dependency-name: "myst-parser" + - dependency-name: "sphinx-lint" + - dependency-name: "sphinx-copybutton" + - dependency-name: "sphinx-inline-tabs" diff --git a/.github/workflows/changelog.yml b/.github/workflows/changelog.yml index edf94bab9c07..af1387b06cba 100644 --- a/.github/workflows/changelog.yml +++ b/.github/workflows/changelog.yml @@ -51,7 +51,7 @@ jobs: ref: ${{ github.event.inputs.ref }} - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: "3.11" - name: Create changelog diff --git a/.github/workflows/closed-issue-message.yml b/.github/workflows/closed-issue-message.yml index 4788c53cd2ac..6ab5db076912 100644 --- a/.github/workflows/closed-issue-message.yml +++ b/.github/workflows/closed-issue-message.yml @@ -6,11 +6,10 @@ jobs: auto_comment: runs-on: ubuntu-latest steps: - - uses: aws-actions/closed-issue-message@v1 + - uses: aws-actions/closed-issue-message@v2 with: # These inputs are both required repo-token: "${{ secrets.GITHUB_TOKEN }}" message: | - ### ⚠️COMMENT VISIBILITY WARNING⚠️ - Comments on closed issues are hard for our team to see. - If you need more assistance, please open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so. + This issue is now closed. Comments on closed issues are hard for our team to see. + If you need more assistance, please open a new issue that references this one. diff --git a/.github/workflows/doc-pr-cherry-pick.yml b/.github/workflows/doc-pr-cherry-pick.yml new file mode 100644 index 000000000000..508c4f15a6be --- /dev/null +++ b/.github/workflows/doc-pr-cherry-pick.yml @@ -0,0 +1,71 @@ +name: Cherry-Pick PR to v2 + +on: + workflow_dispatch: + inputs: + pr_number: + description: 'PR number to cherry-pick' + type: string + required: true + +jobs: + cherry_pick_and_create_pr: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2 + with: + fetch-depth: 0 + + - name: Configure Git + run: | + git config user.name "aws-sdk-python-automation" + git config user.email "github-aws-sdk-python-automation@amazon.com" + + - name: Get PR commits + id: get_commits + run: | + gh pr checkout $PR_NUMBER + PR_COMMITS=$(gh pr view $PR_NUMBER --json commits --jq '.commits[].oid') + echo "PR_COMMITS<> "$GITHUB_OUTPUT" + echo "$PR_COMMITS" >> "$GITHUB_OUTPUT" + echo "EOF" >> "$GITHUB_OUTPUT" + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PR_NUMBER: ${{ github.event.inputs.pr_number }} + + - name: Create new branch and cherry-pick commits + id: create_branch + run: | + git fetch origin v2 + NEW_BRANCH="v2-sync-pr-$PR_NUMBER" + git checkout -b $NEW_BRANCH origin/v2 + for commit in $PR_COMMITS; do + git cherry-pick $commit + done + git push origin $NEW_BRANCH + echo "NEW_BRANCH=$NEW_BRANCH" >> $GITHUB_OUTPUT + env: + PR_NUMBER: ${{ github.event.inputs.pr_number }} + PR_COMMITS: ${{ steps.get_commits.outputs.PR_COMMITS}} + + - name: Create new PR + run: | + PR_TITLE=$(gh pr view $PR_NUMBER --json title --jq '.title') + PR_BODY=$(cat << EOF + This PR cherry-picks the commits from #$PR_NUMBER to the v2 branch. + + Please complete the following checklist before merging: + + - [ ] Verify that the original PR (#$PR_NUMBER) is approved + - [ ] Verify that this merge to v2 is appropriate + + By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice. + + EOF + ) + gh pr create --title "[V2] $PR_TITLE" --body "$PR_BODY" --base v2 --head $NEW_BRANCH + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PR_NUMBER: ${{ github.event.inputs.pr_number }} + NEW_BRANCH: ${{ steps.create_branch.outputs.NEW_BRANCH}} diff --git a/.github/workflows/issue-regression-labeler.yml b/.github/workflows/issue-regression-labeler.yml new file mode 100644 index 000000000000..840a832b707f --- /dev/null +++ b/.github/workflows/issue-regression-labeler.yml @@ -0,0 +1,33 @@ +# Apply potential regression label on issues +name: issue-regression-label +on: + issues: + types: [opened, edited] +permissions: read-all +jobs: + add-regression-label: + runs-on: ubuntu-latest + permissions: + issues: write + steps: + - name: Fetch template body + id: check_regression + uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + TEMPLATE_BODY: ${{ github.event.issue.body }} + with: + script: | + const regressionPattern = /\[x\] Select this option if this issue appears to be a regression\./i; + const template = `${process.env.TEMPLATE_BODY}` + const match = regressionPattern.test(template); + core.setOutput('is_regression', match); + - name: Manage regression label + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + if [ "${{ steps.check_regression.outputs.is_regression }}" == "true" ]; then + gh issue edit ${{ github.event.issue.number }} --add-label "potential-regression" -R ${{ github.repository }} + else + gh issue edit ${{ github.event.issue.number }} --remove-label "potential-regression" -R ${{ github.repository }} + fi diff --git a/.github/workflows/run-dep-tests.yml b/.github/workflows/run-dep-tests.yml new file mode 100644 index 000000000000..3ef275a63fe9 --- /dev/null +++ b/.github/workflows/run-dep-tests.yml @@ -0,0 +1,27 @@ +name: Run dependency tests + +on: + push: + pull_request: + branches-ignore: [ master ] + +jobs: + build: + + runs-on: ${{ matrix.os }} + strategy: + fail-fast: false + matrix: + python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"] + os: [ubuntu-latest, macOS-latest, windows-latest] + + steps: + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c + with: + python-version: ${{ matrix.python-version }} + - name: Install dependencies + run: python scripts/ci/install + - name: Run tests + run: python scripts/ci/run-dep-tests diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 3b1553b1f75c..de97def56012 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -12,13 +12,13 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.7", "3.8", "3.9", "3.10", "3.11"] + python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"] os: [ubuntu-latest, macOS-latest, windows-latest] steps: - uses: actions/checkout@v4 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Install dependencies @@ -30,6 +30,6 @@ jobs: - name: Run checks run: python scripts/ci/run-check - name: codecov - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v5 with: directory: tests diff --git a/.github/workflows/stale_community_prs.yml b/.github/workflows/stale_community_prs.yml index 59db8c4e7d51..b2d96702025b 100644 --- a/.github/workflows/stale_community_prs.yml +++ b/.github/workflows/stale_community_prs.yml @@ -5,7 +5,7 @@ jobs: stale-implementation-stage: runs-on: ubuntu-latest steps: - - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 + - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 with: debug-only: true repo-token: ${{ secrets.GITHUB_TOKEN }} @@ -25,7 +25,7 @@ jobs: stale-review-stage: runs-on: ubuntu-latest steps: - - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 + - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 with: debug-only: true repo-token: ${{ secrets.GITHUB_TOKEN }} @@ -43,7 +43,7 @@ jobs: labels-to-add-when-unstale: responded exempt-pr-labels: responded,maintainers # Forces PRs to be skipped if these are not removed by maintainers. close-pr-label: DONTUSE - - uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 + - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 with: debug-only: true repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/stale_issue.yml b/.github/workflows/stale_issue.yml index a01c0c1d5c06..8e523b47b432 100644 --- a/.github/workflows/stale_issue.yml +++ b/.github/workflows/stale_issue.yml @@ -21,7 +21,7 @@ jobs: # These labels are required stale-issue-label: closing-soon - exempt-issue-labels: automation-exempt, help wanted, bug, confusing-error, community + exempt-issue-labels: automation-exempt, help wanted, confusing-error, community response-requested-label: response-requested # Don't set closed-for-staleness label to skip closing very old issues @@ -29,8 +29,8 @@ jobs: closed-for-staleness-label: closed-for-staleness # Issue timing - days-before-stale: 5 - days-before-close: 2 + days-before-stale: 10 + days-before-close: 4 # If you don't want to mark a issue as being ancient based on a # threshold of "upvotes", you can set this here. An "upvote" is diff --git a/.github/workflows/update-lockfiles.yml b/.github/workflows/update-lockfiles.yml index d79e1e540582..1f80debfd943 100644 --- a/.github/workflows/update-lockfiles.yml +++ b/.github/workflows/update-lockfiles.yml @@ -35,7 +35,7 @@ jobs: with: ref: ${{ github.event.inputs.ref }} - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 000000000000..09390283b367 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,26 @@ +exclude: "\ + ^(\ + .github|\ + .changes|\ + docs/|\ + awscli/examples|\ + CHANGELOG.rst\ + )" +repos: + - repo: 'https://github.com/pre-commit/pre-commit-hooks' + rev: v4.5.0 + hooks: + - id: check-yaml + - id: end-of-file-fixer + - id: trailing-whitespace + - repo: 'https://github.com/PyCQA/isort' + rev: 5.12.0 + hooks: + - id: isort + - repo: https://github.com/astral-sh/ruff-pre-commit + rev: v0.4.8 + hooks: + - id: ruff + args: [ --fix ] + - id: ruff-format + diff --git a/CHANGELOG.rst b/CHANGELOG.rst index b5b0446234a2..4fe931b7584a 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -2,6 +2,3763 @@ CHANGELOG ========= +1.37.17 +======= + +* api-change:``apigatewayv2``: Documentation updates for Amazon API Gateway +* api-change:``cloudfront``: Doc-only update that adds defaults for CloudFront VpcOriginEndpointConfig values. +* api-change:``connect``: Updated the CreateContact API documentation to indicate that it only applies to EMAIL contacts. +* api-change:``dms``: New vendors for DMS Data Providers: DB2 LUW and DB2 for z/OS + + +1.37.16 +======= + +* api-change:``ecr``: Adds support to handle the new basic scanning daily quota. +* api-change:``eks``: Introduce versionStatus field to take place of status field in EKS DescribeClusterVersions API +* api-change:``mediaconvert``: This release adds support for Animated GIF output, forced chroma sample positioning metadata, and Extensible Wave Container format +* api-change:``pi``: Adds documentation for dimension groups and dimensions to analyze locks for Database Insights. +* api-change:``transcribe``: This release adds support for the Clinical Note Template Customization feature for the AWS HealthScribe APIs within Amazon Transcribe. + + +1.37.15 +======= + +* api-change:``cloudformation``: We added 5 new stack refactoring APIs: CreateStackRefactor, ExecuteStackRefactor, ListStackRefactors, DescribeStackRefactor, ListStackRefactorActions. +* api-change:``connectcases``: This release adds the ability to conditionally require fields on a template. Check public documentation for more information. +* api-change:``cost-optimization-hub``: This release enables AWS Cost Optimization Hub to show cost optimization recommendations for Amazon Auto Scaling Groups, including those with single and mixed instance types. +* api-change:``s3``: Updated list of the valid AWS Region values for the LocationConstraint parameter for general purpose buckets. + + +1.37.14 +======= + +* api-change:``rds``: Documentation updates to clarify the description for the parameter AllocatedStorage for the DB cluster data type, the description for the parameter DeleteAutomatedBackups for the DeleteDBCluster API operation, and removing an outdated note for the CreateDBParameterGroup API operation. + + +1.37.13 +======= + +* api-change:``datasync``: Doc-only update to provide more information on using Kerberos authentication with SMB locations. +* api-change:``dms``: Introduces TargetDataSettings with the TablePreparationMode option available for data migrations. +* api-change:``iam``: This release adds support for accepting encrypted SAML assertions. Customers can now configure their identity provider to encrypt the SAML assertions it sends to IAM. +* api-change:``neptune-graph``: Added argument to `list-export` to filter by graph ID +* api-change:``qbusiness``: Adds functionality to enable/disable a new Q Business Chat orchestration feature. If enabled, Q Business can orchestrate over datasources and plugins without the need for customers to select specific chat modes. +* api-change:``sagemaker``: IPv6 support for Hyperpod clusters + + +1.37.12 +======= + +* api-change:``mediatailor``: Add support for CloudWatch Vended Logs which allows for delivery of customer logs to CloudWatch Logs, S3, or Firehose. + + +1.37.11 +======= + +* api-change:``amp``: Add support for sending metrics to cross account and CMCK AMP workspaces through RoleConfiguration on Create/Update Scraper. +* api-change:``bedrock-agent-runtime``: This change is to deprecate the existing citation field under RetrieveAndGenerateStream API response in lieu of GeneratedResponsePart and RetrievedReferences +* api-change:``codebuild``: Added support for CodeBuild self-hosted Buildkite runner builds +* api-change:``geo-routes``: The OptimizeWaypoints API now supports 50 waypoints per request (20 with constraints like AccessHours or AppointmentTime). It adds waypoint clustering via Clustering and ClusteringIndex for better optimization. Also, total distance validation is removed for greater flexibility. +* api-change:``rds``: Updates to Aurora MySQL and Aurora PostgreSQL API pages with instance log type in the create and modify DB Cluster. +* api-change:``sagemaker``: This release introduces a new valid value in InstanceType parameter: p5en.48xlarge, in ProductionVariant. + + +1.37.10 +======= + +* api-change:``appstream``: Add support for managing admin consent requirement on selected domains for OneDrive Storage Connectors in AppStream2.0. +* api-change:``bedrock-agent-runtime``: Add a 'reason' field to InternalServerException +* api-change:``ecr``: Temporarily updating dualstack endpoint support +* api-change:``ecr-public``: Temporarily updating dualstack endpoint support +* api-change:``mediatailor``: Adds options for configuring how MediaTailor conditions ads before inserting them into the content stream. Based on the new settings, MediaTailor will either transcode ads to match the content stream as it has in the past, or it will insert ads without first transcoding them. +* api-change:``qbusiness``: Added APIs to manage QBusiness user subscriptions +* api-change:``s3tables``: You can now use the CreateTable API operation to create tables with schemas by adding an optional metadata argument. +* api-change:``verifiedpermissions``: Adds Cedar JSON format support for entities and context data in authorization requests + + +1.37.9 +====== + +* api-change:``bcm-pricing-calculator``: Added ConflictException error type in DeleteBillScenario, BatchDeleteBillScenarioCommitmentModification, BatchDeleteBillScenarioUsageModification, BatchUpdateBillScenarioUsageModification, and BatchUpdateBillScenarioCommitmentModification API operations. +* api-change:``ecr``: Add support for Dualstack and Dualstack-with-FIPS Endpoints +* api-change:``ecr-public``: Add support for Dualstack Endpoints +* api-change:``mailmanager``: This release includes a new feature for Amazon SES Mail Manager which allows customers to specify known addresses and domains and make use of those in traffic policies and rules actions to distinguish between known and unknown entries. +* api-change:``s3``: Change the type of MpuObjectSize in CompleteMultipartUploadRequest from int to long. + + +1.37.8 +====== + +* api-change:``appsync``: Add stash and outErrors to EvaluateCode/EvaluateMappingTemplate response +* api-change:``datasync``: AWS DataSync now supports the Kerberos authentication protocol for SMB locations. +* api-change:``deadline``: feature: Deadline: Add support for limiting the concurrent usage of external resources, like floating licenses, using limits and the ability to constrain the maximum number of workers that work on a job +* api-change:``ec2``: This release changes the CreateFleet CLI and SDK's such that if you do not specify a client token, a randomly generated token is used for the request to ensure idempotency. +* api-change:``firehose``: For AppendOnly streams, Firehose will automatically scale to match your throughput. +* api-change:``timestream-influxdb``: Adds 'allocatedStorage' parameter to UpdateDbInstance API that allows increasing the database instance storage size and 'dbStorageType' parameter to UpdateDbInstance API that allows changing the storage type of the database instance + + +1.37.7 +====== + +* api-change:``bedrock-agent``: Add support for the prompt caching feature for Bedrock Prompt Management +* api-change:``iot``: Raised the documentParameters size limit to 30 KB for AWS IoT Device Management - Jobs. +* api-change:``mediaconvert``: This release adds support for dynamic audio configuration and the ability to disable the deblocking filter for h265 encodes. +* api-change:``s3control``: Minor fix to ARN validation for Lambda functions passed to S3 Batch Operations + + +1.37.6 +====== + +* api-change:``cloudtrail``: This release introduces the SearchSampleQueries API that allows users to search for CloudTrail Lake sample queries. +* api-change:``eks``: Adds support for UpdateStrategies in EKS Managed Node Groups. +* api-change:``healthlake``: Added new authorization strategy value 'SMART_ON_FHIR' for CreateFHIRDatastore API to support Smart App 2.0 +* api-change:``ssm``: Systems Manager doc-only update for January, 2025. +* api-change:``sso-oidc``: Fixed typos in the descriptions. +* api-change:``transfer``: Added CustomDirectories as a new directory option for storing inbound AS2 messages, MDN files and Status files. + + +1.37.5 +====== + +* api-change:``ec2``: Added "future" allocation type for future dated capacity reservation + + +1.37.4 +====== + +* api-change:``bedrock-agent-runtime``: Adds multi-turn input support for an Agent node in an Amazon Bedrock Flow +* api-change:``glue``: Docs Update for timeout changes +* api-change:``medialive``: AWS Elemental MediaLive adds a new feature, ID3 segment tagging, in CMAF Ingest output groups. It allows customers to insert ID3 tags into every output segment, controlled by a newly added channel schedule action Id3SegmentTagging. +* api-change:``workspaces-thin-client``: Rename WorkSpaces Web to WorkSpaces Secure Browser + + +1.37.3 +====== + +* api-change:``batch``: Documentation-only update: clarified the description of the shareDecaySeconds parameter of the FairsharePolicy data type, clarified the description of the priority parameter of the JobQueueDetail data type. +* api-change:``cognito-idp``: corrects the dual-stack endpoint configuration for cognitoidp +* api-change:``connect``: Added DeleteContactFlowVersion API and the CAMPAIGN flow type +* api-change:``emr-serverless``: Increasing entryPoint in SparkSubmit to accept longer script paths. New limit is 4kb. +* api-change:``iotsitewise``: AWS IoT SiteWise now supports ingestion and querying of Null (all data types) and NaN (double type) values of bad or uncertain data quality. New partial error handling prevents data loss during ingestion. Enabled by default for new customers; existing customers can opt-in. +* api-change:``logs``: Documentation-only update to address doc errors +* api-change:``quicksight``: Added `DigitGroupingStyle` in ThousandsSeparator to allow grouping by `LAKH`( Indian Grouping system ) currency. Support LAKH and `CRORE` currency types in Column Formatting. +* api-change:``sns``: This release adds support for the topic attribute FifoThroughputScope for SNS FIFO topics. For details, see the documentation history in the Amazon Simple Notification Service Developer Guide. + + +1.37.2 +====== + +* api-change:``bedrock-runtime``: Allow hyphens in tool name for Converse and ConverseStream APIs +* api-change:``detective``: Doc only update for Detective documentation. +* api-change:``ec2``: Release u7i-6tb.112xlarge, u7i-8tb.112xlarge, u7inh-32tb.480xlarge, p5e.48xlarge, p5en.48xlarge, f2.12xlarge, f2.48xlarge, trn2.48xlarge instance types. +* api-change:``notifications``: Added support for Managed Notifications, integration with AWS Organization and added aggregation summaries for Aggregate Notifications +* api-change:``sagemaker``: Correction of docs for "Added support for ml.trn1.32xlarge instance type in Reserved Capacity Offering" + + +1.37.1 +====== + +* api-change:``ecs``: The release addresses Amazon ECS documentation tickets. +* api-change:``sagemaker``: Added support for ml.trn1.32xlarge instance type in Reserved Capacity Offering + + +1.37.0 +====== + +* api-change:``apigateway``: Documentation updates for Amazon API Gateway +* api-change:``bedrock-agent-runtime``: Now supports streaming for inline agents. +* api-change:``cognito-identity``: corrects the dual-stack endpoint configuration +* api-change:``partnercentral-selling``: Add Tagging support for ResourceSnapshotJob resources +* api-change:``s3``: This change enhances integrity protections for new SDK requests to S3. S3 SDKs now support the CRC64NVME checksum algorithm, full object checksums for multipart S3 objects, and new default integrity protections for S3 requests. +* api-change:``security-ir``: Increase minimum length of Threat Actor IP 'userAgent' to 1. +* api-change:``sesv2``: This release introduces a new recommendation in Virtual Deliverability Manager Advisor, which detects elevated complaint rates for customer sending identities. +* api-change:``workspaces``: Added GeneralPurpose.4xlarge & GeneralPurpose.8xlarge ComputeTypes. +* api-change:``workspaces-thin-client``: Mark type in MaintenanceWindow as required. +* feature:``s3``: The S3 client attempts to validate response checksums for all S3 API operations that support checksums. However, if the SDK has not implemented the specified checksum algorithm then this validation is skipped. Checksum validation behavior can be configured using the ``when_supported`` and ``when_required`` options - in code using the ``response_checksum_validation`` parameter for ``botocore.config.Config``, in the shared AWS config file using ``response_checksum_validation``, or as an env variable using ``AWS_RESPONSE_CHECKSUM_VALIDATION``. +* feature:``s3``: Added support for the CRC64NVME checksum algorithm in the S3 client through the optional AWS CRT (``awscrt``) dependency. +* feature:``s3``: S3 client behavior is updated to always calculate a CRC32 checksum by default for operations that support it (such as PutObject or UploadPart), or require it (such as DeleteObjects). Checksum behavior can be configured using ``when_supported`` and ``when_required`` options - in code using the ``request_checksum_calculation`` parameter for ``botocore.config.Config``, in the shared AWS config file using ``request_checksum_calculation``, or as an env variable using ``AWS_REQUEST_CHECKSUM_CALCULATION``. Note: Botocore will no longer automatically compute and populate the Content-MD5 header. + + +1.36.40 +======= + +* api-change:``gamelift``: Amazon GameLift releases a new game session placement feature: PriorityConfigurationOverride. You can now override how a game session queue prioritizes placement locations for a single StartGameSessionPlacement request. +* api-change:``route53``: Amazon Route 53 now supports the Mexico (Central) Region (mx-central-1) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region + + +1.36.39 +======= + +* api-change:``artifact``: Support resolving regional API calls to partition's leader region endpoint. +* api-change:``bedrock``: With this release, Bedrock Evaluation will now support latency-optimized inference for foundation models. +* api-change:``ec2``: Add support for DisconnectOnSessionTimeout flag in CreateClientVpnEndpoint and ModifyClientVpnEndpoint requests and DescribeClientVpnEndpoints responses +* api-change:``kafkaconnect``: Support updating connector configuration via UpdateConnector API. Release Operations API to monitor the status of the connector operation. +* api-change:``transcribe``: This update provides tagging support for Transcribe's Call Analytics Jobs and Call Analytics Categories. + + +1.36.38 +======= + +* api-change:``redshift``: Additions to the PubliclyAccessible and Encrypted parameters clarifying what the defaults are. +* api-change:``securitylake``: Doc only update for ServiceName that fixes several customer-reported issues +* api-change:``sts``: Fixed typos in the descriptions. + + +1.36.37 +======= + +* api-change:``codebuild``: AWS CodeBuild Now Supports BuildBatch in Reserved Capacity and Lambda +* api-change:``compute-optimizer``: This release expands AWS Compute Optimizer rightsizing recommendation support for Amazon EC2 Auto Scaling groups to include those with scaling policies and multiple instance types. +* api-change:``fms``: AWS Firewall Manager now lets you combine multiple resource tags using the logical AND operator or the logical OR operator. + + +1.36.36 +======= + +* api-change:``rds``: Updates Amazon RDS documentation to clarify the RestoreDBClusterToPointInTime description. +* api-change:``route53``: Amazon Route 53 now supports the Asia Pacific (Thailand) Region (ap-southeast-7) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region +* api-change:``sagemaker``: Adds support for IPv6 for SageMaker HyperPod cluster nodes. + + +1.36.35 +======= + +* api-change:``cloudhsmv2``: Adds support to ModifyCluster for modifying a Cluster's Hsm Type. +* api-change:``dynamodb``: This release makes Amazon DynamoDB point-in-time-recovery (PITR) to be configurable. You can set PITR recovery period for each table individually to between 1 and 35 days. +* api-change:``imagebuilder``: This release adds support for importing images from ISO disk files. Added new ImportDiskImage API operation. +* enhancement:``s3 ls``: Expose low-level ``ListBuckets` parameters ``Prefix`` and ``BucketRegion`` to high-level ``s3 ls`` command as ``--bucket-name-prefix`` and ``--bucket-region``. + + +1.36.34 +======= + +* api-change:``iotsecuretunneling``: Adds dualstack endpoint support for IoT Secure Tunneling +* api-change:``supplychain``: Allow vanity DNS domain when creating a new ASC instance + + +1.36.33 +======= + +* api-change:``ecs``: Adding SDK reference examples for Amazon ECS operations. +* api-change:``route53domains``: Doc only update for Route 53 Domains that fixes several customer-reported issues +* api-change:``s3``: This change is only for updating the model regexp of CopySource which is not for validation but only for documentation and user guide change. + + +1.36.32 +======= + +* api-change:``appsync``: Modify UpdateGraphQLAPI operation and flag authenticationType as required. +* api-change:``gamelift``: Amazon GameLift releases a new game session shutdown feature. Use the Amazon GameLift console or AWS CLI to terminate an in-progress game session that's entered a bad state or is no longer needed. +* api-change:``mediaconnect``: AWS Elemental MediaConnect now supports Content Quality Analysis for enhanced source stream monitoring. This enables you to track specific audio and video metrics in transport stream source flows, ensuring your content meets quality standards. +* api-change:``mediaconvert``: This release adds support for the AVC3 codec and fixes an alignment issue with Japanese vertical captions. +* api-change:``organizations``: Added ALL_FEATURES_MIGRATION_ORGANIZATION_SIZE_LIMIT_EXCEEDED to ConstraintViolationException for the EnableAllFeatures operation. +* api-change:``sagemaker``: Adding ETag information with Model Artifacts for Model Registry +* api-change:``sqs``: In-flight message typo fix from 20k to 120k. + + +1.36.31 +======= + +* api-change:``ecr``: Restoring custom endpoint functionality for ECR +* api-change:``ecr-public``: Restoring custom endpoint functionality for ECR Public + + +1.36.30 +======= + +* api-change:``rds``: Updates Amazon RDS documentation to correct various descriptions. + + +1.36.29 +======= + +* api-change:``bcm-pricing-calculator``: Added ConflictException to DeleteBillEstimate. +* api-change:``ecr``: Add support for Dualstack Endpoints +* api-change:``network-firewall``: Dual-stack endpoints are now supported. +* api-change:``securityhub``: Documentation updates for AWS Security Hub + + +1.36.28 +======= + +* api-change:``ecr``: Documentation update for ECR GetAccountSetting and PutAccountSetting APIs. +* api-change:``ecr-public``: Add support for Dualstack endpoints +* api-change:``eks``: This release adds support for DescribeClusterVersions API that provides important information about Kubernetes versions along with end of support dates +* api-change:``glue``: Add IncludeRoot parameters to GetCatalogs API to return root catalog. + + +1.36.27 +======= + +* api-change:``bedrock-agent``: Support for custom user agent and max web pages crawled for web connector. Support app only credentials for SharePoint connector. Increase agents memory duration limit to 365 days. Support to specify max number of session summaries to include in agent invocation context. +* api-change:``bedrock-agent-runtime``: bedrock agents now supports long term memory and performance configs. Invokeflow supports performance configs. RetrieveAndGenerate performance configs +* api-change:``bedrock-data-automation``: Documentation update for Amazon Bedrock Data Automation +* api-change:``bedrock-data-automation-runtime``: Documentation update for Amazon Bedrock Data Automation Runtime +* api-change:``billing``: Added new API's for defining and fetching Billing Views. +* api-change:``ce``: Support for retrieving cost, usage, and forecast for billing view. +* api-change:``connect``: This release supports adding NotAttributeCondition and Range to the RoutingCriteria object. +* api-change:``docdb``: Support AWS Secret Manager managed password for AWS DocumentDB instance-based cluster. +* api-change:``eks``: This release expands the catalog of upgrade insight checks +* api-change:``macie2``: This release adds support for identifying S3 general purpose buckets that exceed the Amazon Macie quota for preventative control monitoring. +* api-change:``outposts``: Add CS8365C as a supported power connector for Outpost sites. +* api-change:``sagemaker``: This release adds support for c6i, m6i and r6i instance on SageMaker Hyperpod and trn1 instances in batch + + +1.36.26 +======= + +* api-change:``appstream``: Added support for Rocky Linux 8 on Amazon AppStream 2.0 +* api-change:``mediaconvert``: This release adds support for inserting timecode tracks into MP4 container outputs. +* api-change:``medialive``: MediaLive is releasing ListVersions api +* api-change:``qconnect``: Amazon Q in Connect enables agents to ask Q for assistance in multiple languages and Q will provide answers and recommended step-by-step guides in those languages. Qs default language is English (United States) and you can switch this by setting the locale configuration on the AI Agent. +* api-change:``ssm-sap``: AWS Systems Manager for SAP added support for registration and discovery of distributed ABAP applications +* api-change:``workspaces``: Added AWS Global Accelerator (AGA) support for WorkSpaces Personal. + + +1.36.25 +======= + +* api-change:``amplify``: Added WAF Configuration to Amplify Apps +* api-change:``budgets``: Releasing minor partition endpoint updates +* api-change:``connect``: This release adds support for the UpdateParticipantAuthentication API used for customer authentication within Amazon Connect chats. +* api-change:``connectparticipant``: This release adds support for the GetAuthenticationUrl and CancelParticipantAuthentication APIs used for customer authentication within Amazon Connect chats. There are also minor updates to the GetAttachment API. +* api-change:``datasync``: AWS DataSync introduces the ability to update attributes for in-cloud locations. +* api-change:``iot``: Release connectivity status query API which is a dedicated high throughput(TPS) API to query a specific device's most recent connectivity state and metadata. +* api-change:``mwaa``: Added support for Apache Airflow version 2.10.3 to MWAA. +* api-change:``quicksight``: Add support for PerformanceConfiguration attribute to Dataset entity. Allow PerformanceConfiguration specification in CreateDataset and UpdateDataset APIs. +* api-change:``resiliencehub``: AWS Resilience Hub now automatically detects already configured CloudWatch alarms and FIS experiments as part of the assessment process and returns the discovered resources in the corresponding list API responses. It also allows you to include or exclude test recommendations for an AppComponent. +* api-change:``transfer``: Added AS2 agreement configurations to control filename preservation and message signing enforcement. Added AS2 connector configuration to preserve content type from S3 objects. + + +1.36.24 +======= + +* api-change:``account``: Update endpoint configuration. +* api-change:``backup``: Add Support for Backup Indexing +* api-change:``backupsearch``: Add support for searching backups +* api-change:``batch``: This feature allows AWS Batch on Amazon EKS to support configuration of Pod Annotations, overriding Namespace on which the Batch job's Pod runs on, and allows Subpath and Persistent Volume claim to be set for AWS Batch on Amazon EKS jobs. +* api-change:``cleanroomsml``: Add support for SQL compute configuration for StartAudienceGenerationJob API. +* api-change:``cloudfront``: Adds support for OriginReadTimeout and OriginKeepaliveTimeout to create CloudFront Distributions with VPC Origins. +* api-change:``codepipeline``: AWS CodePipeline V2 type pipelines now support Managed Compute Rule. +* api-change:``ecs``: Added support for enableFaultInjection task definition parameter which can be used to enable Fault Injection feature on ECS tasks. +* api-change:``m2``: This release adds support for AWS Mainframe Modernization(M2) Service to allow specifying network type(ipv4, dual) for the environment instances. For dual network type, m2 environment applications will serve both IPv4 and IPv6 requests, whereas for ipv4 it will serve only IPv4 requests. +* api-change:``synthetics``: Add support to toggle outbound IPv6 traffic on canaries connected to dualstack subnets. This behavior can be controlled via the new Ipv6AllowedForDualStack parameter of the VpcConfig input object in CreateCanary and UpdateCanary APIs. + + +1.36.23 +======= + +* api-change:``cloud9``: Added information about Ubuntu 18.04 will be removed from the available imageIds for Cloud9 because Ubuntu 18.04 has ended standard support on May 31, 2023. +* api-change:``dlm``: This release adds support for Local Zones in Amazon Data Lifecycle Manager EBS snapshot lifecycle policies. +* api-change:``ec2``: This release adds support for EBS local snapshots in AWS Dedicated Local Zones, which allows you to store snapshots of EBS volumes locally in Dedicated Local Zones. +* api-change:``greengrassv2``: Add support for runtime in GetCoreDevice and ListCoreDevices APIs. +* api-change:``medialive``: AWS Elemental MediaLive adds three new features: MediaPackage v2 endpoint support for live stream delivery, KLV metadata passthrough in CMAF Ingest output groups, and Metadata Name Modifier in CMAF Ingest output groups for customizing metadata track names in output streams. +* api-change:``rds``: This release adds support for the "MYSQL_CACHING_SHA2_PASSWORD" enum value for RDS Proxy ClientPasswordAuthType. + + +1.36.22 +======= + +* api-change:``cloudhsmv2``: Add support for Dual-Stack hsm2m.medium clusters. The customers will now be able to create hsm2m.medium clusters having both IPv4 and IPv6 connection capabilities by specifying a new param called NetworkType=DUALSTACK during cluster creation. +* api-change:``ec2``: This release adds GroupId to the response for DeleteSecurityGroup. +* api-change:``eks``: Add NodeRepairConfig in CreateNodegroupRequest and UpdateNodegroupConfigRequest +* api-change:``logs``: Limit PutIntegration IntegrationName and ListIntegrations IntegrationNamePrefix parameters to 50 characters +* api-change:``mediaconnect``: AWS Elemental MediaConnect Gateway now supports Source Specific Multicast (SSM) for ingress bridges. This enables you to specify a source IP address in addition to a multicast IP when creating or updating an ingress bridge source. +* api-change:``networkmanager``: There was a sentence fragment in UpdateDirectConnectGatewayAttachment that was causing customer confusion as to whether it's an incomplete sentence or if it was a typo. Removed the fragment. +* api-change:``servicediscovery``: AWS Cloud Map now supports service-level attributes, allowing you to associate custom metadata directly with services. These attributes can be retrieved, updated, and deleted using the new GetServiceAttributes, UpdateServiceAttributes, and DeleteServiceAttributes API calls. + + +1.36.21 +======= + +* api-change:``connect``: Configure holidays and other overrides to hours of operation in advance. During contact handling, Amazon Connect automatically checks for overrides and provides customers with an appropriate flow path. After an override period passes call center automatically reverts to standard hours of operation. +* api-change:``dms``: Add parameters to support for kerberos authentication. Add parameter for disabling the Unicode source filter with PostgreSQL settings. Add parameter to use large integer value with Kinesis/Kafka settings. +* api-change:``glue``: To support customer-managed encryption in Data Quality to allow customers encrypt data with their own KMS key, we will add a DataQualityEncryption field to the SecurityConfiguration API where customers can provide their KMS keys. +* api-change:``guardduty``: Improved descriptions for certain APIs. +* api-change:``route53domains``: This release includes the following API updates: added the enumeration type RESTORE_DOMAIN to the OperationType; constrained the Price attribute to non-negative values; updated the LangCode to allow 2 or 3 alphabetical characters. + + +1.36.20 +======= + +* api-change:``artifact``: Add support for listing active customer agreements for the calling AWS Account. +* api-change:``cloudtrail``: Doc-only updates for CloudTrail. +* api-change:``cognito-idp``: Updated descriptions for some API operations and parameters, corrected some errors in Cognito user pools +* api-change:``controlcatalog``: Minor documentation updates to the content of ImplementationDetails object part of the Control Catalog GetControl API +* api-change:``emr-serverless``: This release adds support for accessing system profile logs in Lake Formation-enabled jobs. +* api-change:``mgh``: API and documentation updates for AWS MigrationHub related to adding support for listing migration task updates and associating, disassociating and listing source resources +* api-change:``sesv2``: Introduces support for multi-region endpoint. +* api-change:``timestream-influxdb``: Adds networkType parameter to CreateDbInstance API which allows IPv6 support to the InfluxDB endpoint + + +1.36.19 +======= + +* api-change:``application-autoscaling``: Doc only update for AAS Predictive Scaling policy configuration API. +* api-change:``bcm-pricing-calculator``: Updated condition key inference from Workload Estimate, Bill Scenario, and Bill Estimate resources. Updated documentation links. +* api-change:``connect``: Add support for Push Notifications for Amazon Connect chat. With Push Notifications enabled an alert could be sent to customers about new messages even when they aren't actively using the mobile application. +* api-change:``finspace``: Update KxCommandLineArgument value parameter regex to allow for spaces and semicolons +* api-change:``ivs-realtime``: IVS Real-Time now offers customers the ability to customize thumbnails recording mode and interval for both Individual Participant Recording (IPR) and Server-Side Compositions (SSC). +* api-change:``sesv2``: Introduces support for creating DEED (Deterministic Easy-DKIM) identities. + + +1.36.18 +======= + +* api-change:``appsync``: Provides description of new Amazon Bedrock runtime datasource. +* api-change:``cognito-idp``: Change `CustomDomainConfig` from a required to an optional parameter for the `UpdateUserPoolDomain` operation. +* api-change:``ec2``: This release includes a new API for modifying instance network-performance-options after launch. +* api-change:``ecs``: This is a documentation only update to address various tickets for Amazon ECS. +* api-change:``keyspaces``: Amazon Keyspaces: adding the list of IAM actions required by the UpdateKeyspace API. +* api-change:``medialive``: H265 outputs now support disabling the deblocking filter. +* api-change:``workspaces``: Added text to clarify case-sensitivity + + +1.36.17 +======= + +* api-change:``partnercentral-selling``: Introducing the preview of new partner central selling APIs designed to transform how AWS partners collaborate and co-sell with multiple partners. This enables multiple partners to seamlessly engage and jointly pursue customer opportunities, fostering a new era of collaborative selling. +* api-change:``qbusiness``: This release removes the deprecated UserId and UserGroups fields from SearchRelevantContent api's request parameters. + + +1.36.16 +======= + +* api-change:``bedrock``: Introduced two APIs ListPromptRouters and GetPromptRouter for Intelligent Prompt Router feature. Add support for Bedrock Guardrails image content filter. New Bedrock Marketplace feature enabling a wider range of bedrock compatible models with self-hosted capability. +* api-change:``bedrock-agent``: This release introduces the ability to generate SQL using natural language, through a new GenerateQuery API (with native integration into Knowledge Bases); ability to ingest and retrieve images through Bedrock Data Automation; and ability to create a Knowledge Base backed by Kendra GenAI Index. +* api-change:``bedrock-agent-runtime``: This release introduces the ability to generate SQL using natural language, through a new GenerateQuery API (with native integration into Knowledge Bases); ability to ingest and retrieve images through Bedrock Data Automation; and ability to create a Knowledge Base backed by Kendra GenAI Index. +* api-change:``bedrock-data-automation``: Release Bedrock Data Automation SDK +* api-change:``bedrock-data-automation-runtime``: Release Bedrock Data Automation Runtime SDK +* api-change:``bedrock-runtime``: Added support for Intelligent Prompt Router in Invoke, InvokeStream, Converse and ConverseStream. Add support for Bedrock Guardrails image content filter. New Bedrock Marketplace feature enabling a wider range of bedrock compatible models with self-hosted capability. +* api-change:``kendra``: This release adds GenAI Index in Amazon Kendra for Retrieval Augmented Generation (RAG) and intelligent search. With the Kendra GenAI Index, customers get high retrieval accuracy powered by the latest information retrieval technologies and semantic models. +* api-change:``sagemaker``: Amazon SageMaker HyperPod launched task governance to help customers maximize accelerator utilization for model development and flexible training plans to meet training timelines and budget while reducing weeks of training time. AI apps from AWS partner is now available in SageMaker. + + +1.36.15 +======= + +* api-change:``athena``: Add FEDERATED type to CreateDataCatalog. This creates Athena Data Catalog, AWS Lambda connector, and AWS Glue connection. Create/DeleteDataCatalog returns DataCatalog. Add Status, ConnectionType, and Error to DataCatalog and DataCatalogSummary. Add DeleteCatalogOnly to delete Athena Catalog only. +* api-change:``bedrock``: Tagging support for Async Invoke resources. Added support for Distillation in CreateModelCustomizationJob API. Support for videoDataDeliveryEnabled flag in invocation logging. +* api-change:``bedrock-agent``: Releasing SDK for Multi-Agent Collaboration. +* api-change:``bedrock-agent-runtime``: Releasing SDK for multi agent collaboration +* api-change:``bedrock-runtime``: Added support for Async Invoke Operations Start, List and Get. Support for invocation logs with `requestMetadata` field in Converse, ConverseStream, Invoke and InvokeStream. Video content blocks in Converse/ConverseStream accept raw bytes or S3 URI. +* api-change:``cloudwatch``: Support for configuring AiOps investigation as alarm action +* api-change:``datazone``: Adds support for Connections, ProjectProfiles, and JobRuns APIs. Supports the new Lineage feature at GA. Adjusts optionality of a parameter for DataSource and SubscriptionTarget APIs which may adjust types in some clients. +* api-change:``dsql``: Add new API operations for Amazon Aurora DSQL. Amazon Aurora DSQL is a serverless, distributed SQL database with virtually unlimited scale, highest availability, and zero infrastructure management. +* api-change:``dynamodb``: This change adds support for global tables with multi-Region strong consistency (in preview). The UpdateTable API now supports a new attribute MultiRegionConsistency to set consistency when creating global tables. The DescribeTable output now optionally includes the MultiRegionConsistency attribute. +* api-change:``glue``: This release includes(1)Zero-ETL integration to ingest data from 3P SaaS and DynamoDB to Redshift/Redlake (2)new properties on Connections to enable reuse; new connection APIs for retrieve/preview metadata (3)support of CRUD operations for Multi-catalog (4)support of automatic statistics collections +* api-change:``lakeformation``: This release added two new LakeFormation Permissions (CREATE_CATALOG, SUPER_USER) and added Id field for CatalogResource. It also added new conditon and expression field. +* api-change:``qapps``: Add support for 11 new plugins as action cards to help automate repetitive tasks and improve productivity. +* api-change:``qbusiness``: Amazon Q Business now supports customization options for your web experience, 11 new Plugins, and QuickSight support. Amazon Q index allows software providers to enrich their native generative AI experiences with their customer's enterprise knowledge and user context spanning multiple applications. +* api-change:``quicksight``: This release includes API needed to support for Unstructured Data in Q in QuickSight Q&A (IDC). +* api-change:``redshift``: Adds support for Amazon Redshift RegisterNamespace and DeregisterNamespace APIs to share data to AWS Glue Data Catalog. +* api-change:``redshift-serverless``: Adds support for the ListManagedWorkgroups API to get an overview of existing managed workgroups. +* api-change:``s3``: Amazon S3 Metadata stores object metadata in read-only, fully managed Apache Iceberg metadata tables that you can query. You can create metadata table configurations for S3 general purpose buckets. +* api-change:``s3tables``: Amazon S3 Tables deliver the first cloud object store with built-in open table format support, and the easiest way to store tabular data at scale. + + +1.36.14 +======= + +* api-change:``bedrock-runtime``: Add an API parameter that allows customers to set performance configuration for invoking a model. +* api-change:``s3control``: It allows customers to pass CRC64NVME as a header in S3 Batch Operations copy requests +* api-change:``socialmessaging``: Added support for passing role arn corresponding to the supported event destination + + +1.36.13 +======= + +* api-change:``bedrock``: Add support for Knowledge Base Evaluations & LLM as a judge +* api-change:``bedrock-agent``: This release introduces APIs to upload documents directly into a Knowledge Base +* api-change:``bedrock-agent-runtime``: This release introduces a new Rerank API to leverage reranking models (with integration into Knowledge Bases); APIs to upload documents directly into Knowledge Base; RetrieveAndGenerateStream API for streaming response; Guardrails on Retrieve API; and ability to automatically generate filters +* api-change:``chime-sdk-voice``: This release adds supports for enterprises to integrate Amazon Connect with other voice systems. It supports directly transferring voice calls and metadata without using the public telephone network. It also supports real-time and post-call analytics. +* api-change:``cleanrooms``: This release allows customers and their partners to easily collaborate with data stored in Snowflake and Amazon Athena, without having to move or share their underlying data among collaborators. +* api-change:``connect``: Adds support for WhatsApp Business messaging, IVR call recording, enabling Contact Lens for existing on-premise contact centers and telephony platforms, and enabling telephony and IVR migration to Amazon Connect independent of their contact center agents. +* api-change:``connectcampaignsv2``: Amazon Connect Outbound Campaigns V2 / Features : Adds support for Event-Triggered Campaigns. +* api-change:``customer-profiles``: This release introduces Event Trigger APIs as part of Amazon Connect Customer Profiles service. +* api-change:``ec2``: Adds support for declarative policies that allow you to enforce desired configuration across an AWS organization through configuring account attributes. Adds support for Allowed AMIs that allows you to limit the use of AMIs in AWS accounts. Adds support for connectivity over non-HTTP protocols. +* api-change:``ecs``: This release adds support for Container Insights with Enhanced Observability for Amazon ECS. +* api-change:``eks``: Added support for Auto Mode Clusters, Hybrid Nodes, and specifying computeTypes in the DescribeAddonVersions API. +* api-change:``events``: Call private APIs by configuring Connections with VPC connectivity through PrivateLink and VPC Lattice +* api-change:``fsx``: FSx API changes to support the public launch of the Amazon FSx Intelligent Tiering for OpenZFS storage class. +* api-change:``guardduty``: Add new Multi Domain Correlation findings. +* api-change:``imagebuilder``: Added support for EC2 Image Builder's integration with AWS Marketplace for Marketplace components. +* api-change:``invoicing``: AWS Invoice Configuration allows you to receive separate AWS invoices based on your organizational needs. You can use the AWS SDKs to manage Invoice Units and programmatically fetch the information of the invoice receiver. +* api-change:``logs``: Adds PutIntegration, GetIntegration, ListIntegrations and DeleteIntegration APIs. Adds QueryLanguage support to StartQuery, GetQueryResults, DescribeQueries, DescribeQueryDefinitions, and PutQueryDefinition APIs. +* api-change:``memorydb``: Amazon MemoryDB SDK now supports all APIs for Multi-Region. Please refer to the updated Amazon MemoryDB public documentation for detailed information on API usage. +* api-change:``networkflowmonitor``: This release adds documentation for a new feature in Amazon CloudWatch called Network Flow Monitor. You can use Network Flow Monitor to get near real-time metrics, including retransmissions and data transferred, for your actual workloads. +* api-change:``opensearch``: This feature introduces support for CRUDL APIs, enabling the creation and management of Connected data sources. +* api-change:``organizations``: Add support for policy operations on the DECLARATIVE_POLICY_EC2 policy type. +* api-change:``qbusiness``: Amazon Q Business now supports capabilities to extract insights and answer questions from visual elements embedded within documents, a browser extension for Google Chrome, Mozilla Firefox, and Microsoft Edge, and attachments across conversations. +* api-change:``qconnect``: This release adds following capabilities: Configuring safeguards via AIGuardrails for Q in Connect inferencing, and APIs to support Q&A self-service use cases +* api-change:``rds``: Amazon RDS supports CloudWatch Database Insights. You can use the SDK to create, modify, and describe the DatabaseInsightsMode for your DB instances and clusters. +* api-change:``s3``: Amazon S3 introduces support for AWS Dedicated Local Zones +* api-change:``s3control``: Amazon S3 introduces support for AWS Dedicated Local Zones +* api-change:``securityhub``: Add new Multi Domain Correlation findings. +* api-change:``security-ir``: AWS Security Incident Response is a purpose-built security incident solution designed to help customers prepare for, respond to, and recover from security incidents. +* api-change:``transfer``: AWS Transfer Family now offers Web apps that enables simple and secure access to data stored in Amazon S3. +* api-change:``vpc-lattice``: Lattice APIs that allow sharing and access of VPC resources across accounts. + + +1.36.12 +======= + +* api-change:``bedrock-agent``: Add support for specifying embeddingDataType, either FLOAT32 or BINARY +* api-change:``config``: AWS Config adds support for service-linked recorders, a new type of Config recorder managed by AWS services to record specific subsets of resource configuration data and functioning independently from customer managed AWS Config recorders. +* api-change:``fsx``: This release adds EFA support to increase FSx for Lustre file systems' throughput performance to a single client instance. This can be done by specifying EfaEnabled=true at the time of creation of Persistent_2 file systems. +* api-change:``observabilityadmin``: Amazon CloudWatch Observability Admin adds the ability to audit telemetry configuration for AWS resources in customers AWS Accounts and Organizations. The release introduces new APIs to turn on/off the new experience, which supports discovering supported AWS resources and their state of telemetry. + + +1.36.11 +======= + +* api-change:``bedrock-agent``: Custom Orchestration API release for AWSBedrockAgents. +* api-change:``bedrock-agent-runtime``: Custom Orchestration and Streaming configurations API release for AWSBedrockAgents. +* api-change:``connect``: Enables access to ValueMap and ValueInteger types for SegmentAttributes and fixes deserialization bug for DescribeContactFlow in AmazonConnect Public API +* api-change:``ec2``: Adds support for Time-based Copy for EBS Snapshots and Cross Region PrivateLink. Time-based Copy ensures that EBS Snapshots are copied within and across AWS Regions in a specified timeframe. Cross Region PrivateLink enables customers to connect to VPC endpoint services hosted in other AWS Regions. +* api-change:``qapps``: Private sharing, file upload and data collection feature support for Q Apps + + +1.36.10 +======= + +* api-change:``directconnect``: Update DescribeDirectConnectGatewayAssociations API to return associated core network information if a Direct Connect gateway is attached to a Cloud WAN core network. +* api-change:``networkmanager``: This release adds native Direct Connect integration on Cloud WAN enabling customers to directly attach their Direct Connect gateways to Cloud WAN without the need for an intermediate Transit Gateway. +* api-change:``s3``: Amazon Simple Storage Service / Features: Add support for ETag based conditional writes in PutObject and CompleteMultiPartUpload APIs to prevent unintended object modifications. + + +1.36.9 +====== + +* api-change:``autoscaling``: Now, Amazon EC2 Auto Scaling customers can enable target tracking policies to take quicker scaling decisions, enhancing their application performance and EC2 utilization. To get started, specify target tracking to monitor a metric that is available on Amazon CloudWatch at seconds-level interval. +* api-change:``bcm-pricing-calculator``: Initial release of the AWS Billing and Cost Management Pricing Calculator API. +* api-change:``bedrock-agent-runtime``: InvokeInlineAgent API release to help invoke runtime agents without any dependency on preconfigured agents. +* api-change:``ce``: This release adds the Impact field(contains Contribution field) to the GetAnomalies API response under RootCause +* api-change:``chatbot``: Adds support for programmatic management of custom actions and aliases which can be associated with channel configurations. +* api-change:``codepipeline``: AWS CodePipeline V2 type pipelines now support ECRBuildAndPublish and InspectorScan actions. +* api-change:``cognito-idp``: Add support for users to sign up and sign in without passwords, using email and SMS OTPs and Passkeys. Add support for Passkeys based on WebAuthn. Add support for enhanced branding customization for hosted authentication pages with Amazon Cognito Managed Login. Add feature tiers with new pricing. +* api-change:``connect``: Amazon Connect Service Feature: Add APIs for Amazon Connect Email Channel +* api-change:``elbv2``: This release adds support for advertising trusted CA certificate names in associated trust stores. +* api-change:``emr``: Advanced Scaling in Amazon EMR Managed Scaling +* api-change:``inspector2``: Extend inspector2 service model to include ServiceQuotaExceededException. +* api-change:``lambda``: Add ProvisionedPollerConfig to Lambda event-source-mapping API. +* api-change:``mailmanager``: Added new "DeliverToQBusiness" rule action to MailManager RulesSet for ingesting email data into Amazon Q Business customer applications +* api-change:``neptune-graph``: Add 4 new APIs to support new Export features, allowing Parquet and CSV formats. Add new arguments in Import APIs to support Parquet import. Add a new query "neptune.read" to run algorithms without loading data into database +* api-change:``omics``: This release adds support for resource policy based cross account S3 access to sequence store read sets. +* api-change:``quicksight``: This release includes: Update APIs to support Image, Layer Map, font customization, and Plugin Visual. Add Identity center related information in ListNamsespace API. Update API for restrictedFolder support in topics and add API for SearchTopics, Describe/Update DashboardsQA Configration. +* api-change:``sagemaker``: This release adds APIs for new features for SageMaker endpoint to scale down to zero instances, native support for multi-adapter inference, and endpoint scaling improvements. +* api-change:``ses``: This release adds support for starting email contacts in your Amazon Connect instance as an email receiving action. +* api-change:``sns``: ArchivePolicy attribute added to Archive and Replay feature +* api-change:``stepfunctions``: Add support for variables and JSONata in TestState, GetExecutionHistory, DescribeStateMachine, and DescribeStateMachineForExecution +* api-change:``workspaces``: While integrating WSP-DCV rebrand, a few mentions were erroneously renamed from WSP to DCV. This release reverts those mentions back to WSP. + + +1.36.8 +====== + +* api-change:``apigateway``: Added support for custom domain names for private APIs. +* api-change:``application-autoscaling``: Application Auto Scaling now supports Predictive Scaling to proactively increase the desired capacity ahead of predicted demand, ensuring improved availability and responsiveness for customers' applications. This feature is currently only made available for Amazon ECS Service scalable targets. +* api-change:``appsync``: Add support for the Amazon Bedrock Runtime. +* api-change:``ce``: This release introduces three new APIs that enable you to estimate the cost, coverage, and utilization impact of Savings Plans you plan to purchase. The three APIs are StartCommitmentPurchaseAnalysis, GetCommitmentPurchaseAnalysis, and ListCommitmentPurchaseAnalyses. +* api-change:``cloudfront``: Adds support for Origin Selection between EMPv2 origins based on media quality score. +* api-change:``cloudtrail``: This release introduces new APIs for creating and managing CloudTrail Lake dashboards. It also adds support for resource-based policies on CloudTrail EventDataStore and Dashboard resource. +* api-change:``ec2``: Adds support for requesting future-dated Capacity Reservations with a minimum commitment duration, enabling IPAM for organizational units within AWS Organizations, reserving EC2 Capacity Blocks that start in 30 minutes, and extending the end date of existing Capacity Blocks. +* api-change:``elasticache``: Added support to modify the engine type for existing ElastiCache Users and User Groups. Customers can now modify the engine type from redis to valkey. +* api-change:``elbv2``: This feature adds support for enabling zonal shift on cross-zone enabled Application Load Balancer, as well as modifying HTTP request and response headers. +* api-change:``health``: Adds metadata property to an AffectedEntity. +* api-change:``iot``: General Availability (GA) release of AWS IoT Device Management - Commands, to trigger light-weight remote actions on targeted devices +* api-change:``iotfleetwise``: AWS IoT FleetWise now includes campaign parameters to store and forward data, configure MQTT topic as a data destination, and collect diagnostic trouble code data. It includes APIs for network agnostic data collection using custom decoding interfaces, and monitoring the last known state of vehicles. +* api-change:``iot-jobs-data``: General Availability (GA) release of AWS IoT Device Management - Commands, to trigger light-weight remote actions on targeted devices +* api-change:``lambda``: Adds support for metrics for event source mappings for AWS Lambda +* api-change:``logs``: Adds "Create field indexes to improve query performance and reduce scan volume" and "Transform logs during ingestion". Updates documentation for "PutLogEvents with Entity". +* api-change:``notifications``: This release adds support for AWS User Notifications. You can now configure and view notifications from AWS services in a central location using the AWS SDK. +* api-change:``notificationscontacts``: This release adds support for AWS User Notifications Contacts. You can now configure and view email contacts for AWS User Notifications using the AWS SDK. +* api-change:``resiliencehub``: AWS Resilience Hub's new summary view visually represents applications' resilience through charts, enabling efficient resilience management. It provides a consolidated view of the app portfolio's resilience state and allows data export for custom stakeholder reporting. +* api-change:``s3``: Add support for conditional deletes for the S3 DeleteObject and DeleteObjects APIs. Add support for write offset bytes option used to append to objects with the S3 PutObject API. +* api-change:``ssm``: Added support for providing high-level overviews of managed nodes and previewing the potential impact of a runbook execution. +* api-change:``ssm-quicksetup``: Add methods that retrieve details about deployed configurations: ListConfigurations, GetConfiguration +* api-change:``xray``: AWS X-Ray introduces Transaction Search APIs, enabling span ingestion into CloudWatch Logs for high-scale trace data indexing. These APIs support span-level queries, trace graph generation, and metric correlation for deeper application insights. + + +1.36.7 +====== + +* api-change:``autoscaling``: With this release, customers can prioritize launching instances into ODCRs using targets from ASGs or Launch Templates. Customers can express their baseline instances' CPU-performance in attribute-based Instance Requirements configuration by referencing an instance family that meets their needs. +* api-change:``bedrock-agent-runtime``: Releasing new Prompt Optimization to enhance your prompts for improved performance +* api-change:``cloudfront``: Add support for gRPC, VPC origins, and Anycast IP Lists. Allow LoggingConfig IncludeCookies to be set regardless of whether the LoggingConfig is enabled. +* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and generate optimization recommendations for Amazon Aurora database instances. It also enables Compute Optimizer to identify idle Amazon EC2 instances, Amazon EBS volumes, Amazon ECS services running on Fargate, and Amazon RDS databases. +* api-change:``controltower``: Adds support for child enabled baselines which allow you to see the enabled baseline status for individual accounts. +* api-change:``cost-optimization-hub``: This release adds action type "Delete" to the GetRecommendation, ListRecommendations and ListRecommendationSummaries APIs to support new EBS and ECS recommendations with action type "Delete". +* api-change:``datazone``: This release supports Metadata Enforcement Rule feature for Create Subscription Request action. +* api-change:``discovery``: Add support to import data from commercially available discovery tools without file manipulation. +* api-change:``ec2``: With this release, customers can express their desire to launch instances only in an ODCR or ODCR group rather than OnDemand capacity. Customers can express their baseline instances' CPU-performance in attribute-based Instance Requirements configuration by referencing an instance family. +* api-change:``ecs``: This release adds support for the Availability Zone rebalancing feature on Amazon ECS. +* api-change:``elbv2``: This release adds support for configuring Load balancer Capacity Unit reservations +* api-change:``lambda``: Add Node 22.x (node22.x) support to AWS Lambda +* api-change:``mediaconvert``: This release adds the ability to reconfigure concurrent job settings for existing queues and create queues with custom concurrent job settings. +* api-change:``mediapackagev2``: MediaPackage v2 now supports the Media Quality Confidence Score (MQCS) published from MediaLive. Customers can control input switching based on the MQCS and publishing HTTP Headers for the MQCS via the API. +* api-change:``omics``: Enabling call caching feature that allows customers to reuse previously computed results from a set of completed tasks in a new workflow run. +* api-change:``rbin``: This release adds support for exclusion tags for Recycle Bin, which allows you to identify resources that are to be excluded, or ignored, by a Region-level retention rule. +* api-change:``rds``: This release adds support for scale storage on the DB instance using a Blue/Green Deployment. +* api-change:``timestream-query``: This release adds support for Provisioning Timestream Compute Units (TCUs), a new feature that allows provisioning dedicated compute resources for your queries, providing predictable and cost-effective query performance. +* api-change:``workspaces``: Added support for Rocky Linux 8 on Amazon WorkSpaces Personal. +* api-change:``workspaces-web``: Added data protection settings with support for inline data redaction. + + +1.36.6 +====== + +* api-change:``b2bi``: Add new X12 transactions sets and versions +* api-change:``ec2``: This release adds VPC Block Public Access (VPC BPA), a new declarative control which blocks resources in VPCs and subnets that you own in a Region from reaching or being reached from the internet through internet gateways and egress-only internet gateways. +* api-change:``ecs``: This release introduces support for configuring the version consistency feature for individual containers defined within a task definition. The configuration allows to specify whether ECS should resolve the container image tag specified in the container definition to an image digest. +* api-change:``efs``: Add support for the new parameters in EFS replication APIs +* api-change:``glue``: AWS Glue Data Catalog now enhances managed table optimizations of Apache Iceberg tables that can be accessed only from a specific Amazon Virtual Private Cloud (VPC) environment. +* api-change:``keyspaces``: Amazon Keyspaces Multi-Region Replication: Adds support to add new regions to multi and single-region keyspaces. +* api-change:``mwaa``: Amazon MWAA now supports a new environment class, mw1.micro, ideal for workloads requiring fewer resources than mw1.small. This class supports a single instance of each Airflow component: Scheduler, Worker, and Webserver. +* api-change:``taxsettings``: Release Tax Inheritance APIs, Tax Exemption APIs, and functionality update for some existing Tax Registration APIs +* api-change:``workspaces``: Releasing new ErrorCodes for Image Validation failure during CreateWorkspaceImage process + + +1.36.5 +====== + +* api-change:``appconfig``: AWS AppConfig has added a new extension action point, AT_DEPLOYMENT_TICK, to support third-party monitors to trigger an automatic rollback during a deployment. +* api-change:``autoscaling``: Amazon EC2 Auto Scaling now supports Amazon Application Recovery Controller (ARC) zonal shift and zonal autoshift to help you quickly recover an impaired application from failures in an Availability Zone (AZ). +* api-change:``cloudformation``: This release adds a new API, ListHookResults, that allows retrieving CloudFormation Hooks invocation results for hooks invoked during a create change set operation or Cloud Control API operation +* api-change:``connect``: Adds CreateContactFlowVersion and ListContactFlowVersions APIs to create and view the versions of a contact flow. +* api-change:``customer-profiles``: This release introduces Segmentation APIs and new Calculated Attribute Event Filters as part of Amazon Connect Customer Profiles service. +* api-change:``ec2``: Adding request and response elements for managed resources. +* api-change:``ecs``: This release adds support for adding VPC Lattice configurations in ECS CreateService/UpdateService APIs. The configuration allows for associating VPC Lattice target groups with ECS Services. +* api-change:``iotsitewise``: The release introduces a generative AI Assistant in AWS IoT SiteWise. It includes: 1) InvokeAssistant API - Invoke the Assistant to get alarm summaries and ask questions. 2) Dataset APIs - Manage knowledge base configuration for the Assistant. 3) Portal APIs enhancement - Manage AI-aware dashboards. +* api-change:``qconnect``: This release introduces MessageTemplate as a resource in Amazon Q in Connect, along with APIs to create, read, search, update, and delete MessageTemplate resources. +* api-change:``rds``: Add support for the automatic pause/resume feature of Aurora Serverless v2. +* api-change:``rds-data``: Add support for the automatic pause/resume feature of Aurora Serverless v2. + + +1.36.4 +====== + +* api-change:``cloudwatch``: Adds support for adding related Entity information to metrics ingested through PutMetricData. +* api-change:``connectcampaignsv2``: Added Amazon Connect Outbound Campaigns V2 SDK. +* api-change:``datasync``: Doc-only updates and enhancements related to creating DataSync tasks and describing task executions. +* api-change:``ec2``: Remove non-functional enum variants for FleetCapacityReservationUsageStrategy +* api-change:``iot``: This release allows AWS IoT Core users to enrich MQTT messages with propagating attributes, to associate a thing to a connection, and to enable Online Certificate Status Protocol (OCSP) stapling for TLS X.509 server certificates through private endpoints. +* api-change:``outposts``: You can now purchase AWS Outposts rack or server capacity for a 5-year term with one of the following payment options: All Upfront, Partial Upfront, and No Upfront. +* api-change:``pinpoint-sms-voice-v2``: Use rule overrides to always allow or always block messages to specific phone numbers. Use message feedback to monitor if a customer interacts with your message. +* api-change:``route53resolver``: Route 53 Resolver DNS Firewall Advanced Rules allows you to monitor and block suspicious DNS traffic based on anomalies detected in the queries, such as DNS tunneling and Domain Generation Algorithms (DGAs). + + +1.36.3 +====== + +* api-change:``partnercentral-selling``: Announcing AWS Partner Central API for Selling: This service launch Introduces new APIs for co-selling opportunity management and related functions. Key features include notifications, a dynamic sandbox for testing, and streamlined validations. + + +1.36.2 +====== + +* api-change:``accessanalyzer``: Expand analyzer configuration capabilities for unused access analyzers. Unused access analyzer configurations now support the ability to exclude accounts and resource tags from analysis providing more granular control over the scope of analysis. +* api-change:``cloudcontrol``: Added support for CloudFormation Hooks with Cloud Control API. The GetResourceRequestStatus API response now includes an optional HooksProgressEvent and HooksRequestToken parameter for Hooks Invocation Progress as part of resource operation with Cloud Control. +* api-change:``deadline``: Adds support for select GPU accelerated instance types when creating new service-managed fleets. +* api-change:``iam``: This release includes support for five new APIs and changes to existing APIs that give AWS Organizations customers the ability to use temporary root credentials, targeted to member accounts in the organization. +* api-change:``iotwireless``: New FuotaTask resource type to enable logging for your FUOTA tasks. A ParticipatingGatewaysforMulticast parameter to choose the list of gateways to receive the multicast downlink message and the transmission interval between them. Descriptor field which will be sent to devices during FUOTA transfer. +* api-change:``ivs``: IVS now offers customers the ability to stream multitrack video to Channels. +* api-change:``license-manager-user-subscriptions``: New and updated API operations to support License Included User-based Subscription of Microsoft Remote Desktop Services (RDS). +* api-change:``partnercentral-selling``: Announcing AWS Partner Central API for Selling: This service launch Introduces new APIs for co-selling opportunity management and related functions. Key features include notifications, a dynamic sandbox for testing, and streamlined validations. +* api-change:``quicksight``: This release adds APIs for Custom Permissions management in QuickSight, and APIs to support QuickSight Branding. +* api-change:``redshift``: Adds support for Amazon Redshift S3AccessGrants +* api-change:``s3``: This release updates the ListBuckets API Reference documentation in support of the new 10,000 general purpose bucket default quota on all AWS accounts. To increase your bucket quota from 10,000 to up to 1 million buckets, simply request a quota increase via Service Quotas. +* api-change:``sagemaker``: Add support for Neuron instance types [ trn1/trn1n/inf2 ] on SageMaker Notebook Instances Platform. +* api-change:``sts``: This release introduces the new API 'AssumeRoot', which returns short-term credentials that you can use to perform privileged tasks. + + +1.36.1 +====== + +* api-change:``accessanalyzer``: This release adds support for policy validation and external access findings for resource control policies (RCP). IAM Access Analyzer helps you author functional and secure RCPs and awareness that a RCP may restrict external access. Updated service API, documentation, and paginators. +* api-change:``application-signals``: Amazon CloudWatch Application Signals now supports creating Service Level Objectives with burn rates. Users can now create or update SLOs with burn rate configurations to meet their specific business requirements. +* api-change:``b2bi``: This release adds a GenerateMapping API to allow generation of JSONata or XSLT transformer code based on input and output samples. +* api-change:``billing``: Today, AWS announces the general availability of ListBillingViews API in the AWS SDKs, to enable AWS Billing Conductor (ABC) users to create proforma Cost and Usage Reports (CUR) programmatically. +* api-change:``cloudtrail``: This release adds a new API GenerateQuery that generates a query from a natural language prompt about the event data in your event data store. This operation uses generative artificial intelligence (generative AI) to produce a ready-to-use SQL query from the prompt. +* api-change:``dynamodb``: This release includes supports the new WarmThroughput feature for DynamoDB. You can now provide an optional WarmThroughput attribute for CreateTable or UpdateTable APIs to pre-warm your table or global secondary index. You can also use DescribeTable to see the latest WarmThroughput value. +* api-change:``ec2``: This release adds the source AMI details in DescribeImages API +* api-change:``internetmonitor``: Add new query type Routing_Suggestions regarding querying interface +* api-change:``mediaconvert``: This release adds support for ARN inputs in the Kantar credentials secrets name field and the MSPR field to the manifests for PlayReady DRM protected outputs. +* api-change:``organizations``: Add support for policy operations on the Resource Control Polices. + + +1.36.0 +====== + +* api-change:``codebuild``: AWS CodeBuild now supports non-containerized Linux and Windows builds on Reserved Capacity. +* api-change:``controltower``: Added ResetEnabledControl API. +* api-change:``fis``: This release adds support for generating experiment reports with the experiment report configuration +* api-change:``gamelift``: Amazon GameLift releases container fleets support for general availability. Deploy Linux-based containerized game server software for hosting on Amazon GameLift. +* api-change:``payment-cryptography``: Updated ListAliases API with KeyArn filter. +* api-change:``rds``: Updates Amazon RDS documentation for Amazon RDS Extended Support for Amazon Aurora MySQL. +* feature:shorthand: Adds support to shorthand syntax for loading parameters from files via the ``@=`` assignment operator. + + +1.35.24 +======= + +* api-change:``cloudfront``: No API changes from previous release. This release migrated the model to Smithy keeping all features unchanged. +* api-change:``inspector2``: Adds support for filePath filter. +* api-change:``lambda``: Add Python 3.13 (python3.13) support to AWS Lambda +* api-change:``opensearch``: Adds Support for new AssociatePackages and DissociatePackages API in Amazon OpenSearch Service that allows association and dissociation operations to be carried out on multiple packages at the same time. +* api-change:``outposts``: This release updates StartCapacityTask to allow an active Outpost to be modified. It also adds a new API to list all running EC2 instances on the Outpost. + + +1.35.23 +======= + +* api-change:``batch``: This feature allows override LaunchTemplates to be specified in an AWS Batch Compute Environment. +* api-change:``bedrock-agent-runtime``: This release adds trace functionality to Bedrock Prompt Flows +* api-change:``chime-sdk-media-pipelines``: Added support for Media Capture Pipeline and Media Concatenation Pipeline for customer managed server side encryption. Now Media Capture Pipeline can use IAM sink role to get access to KMS key and encrypt/decrypt recorded artifacts. KMS key ID can also be supplied with encryption context. +* api-change:``controlcatalog``: AWS Control Catalog GetControl public API returns additional data in output, including Implementation and Parameters +* api-change:``eks``: Adds new error code `Ec2InstanceTypeDoesNotExist` for Amazon EKS managed node groups +* api-change:``firehose``: Amazon Data Firehose / Features : Adds support for a new DeliveryStreamType, DatabaseAsSource. DatabaseAsSource hoses allow customers to stream CDC events from their RDS and Amazon EC2 hosted databases, running MySQL and PostgreSQL database engines, to Iceberg Table destinations. +* api-change:``lambda``: This release adds support for using AWS KMS customer managed keys to encrypt AWS Lambda .zip deployment packages. +* api-change:``pinpoint-sms-voice-v2``: Added the RequiresAuthenticationTimestamp field to the RegistrationVersionStatusHistory data type. +* api-change:``qbusiness``: Adds S3 path option to pass group member list for PutGroup API. + + +1.35.22 +======= + +* api-change:``autoscaling``: Auto Scaling groups now support the ability to strictly balance instances across Availability Zones by configuring the AvailabilityZoneDistribution parameter. If balanced-only is configured for a group, launches will always be attempted in the under scaled Availability Zone even if it is unhealthy. +* api-change:``bedrock-agent``: Add prompt support for chat template configuration and agent generative AI resource. Add support for configuring an optional guardrail in Prompt and Knowledge Base nodes in Prompt Flows. Add API to validate flow definition +* api-change:``bedrock-runtime``: Add Prompt management support to Bedrock runtime APIs: Converse, ConverseStream, InvokeModel, InvokeModelWithStreamingResponse +* api-change:``cleanrooms``: This release introduces support for Custom Models in AWS Clean Rooms ML. +* api-change:``cleanroomsml``: This release introduces support for Custom Models in AWS Clean Rooms ML. +* api-change:``quicksight``: Add Client Credentials based OAuth support for Snowflake and Starburst +* api-change:``resource-explorer-2``: Add GetManagedView, ListManagedViews APIs. +* api-change:``synthetics``: Add support to toggle if a canary will automatically delete provisioned canary resources such as Lambda functions and layers when a canary is deleted. This behavior can be controlled via the new ProvisionedResourceCleanup property exposed in the CreateCanary and UpdateCanary APIs. + + +1.35.21 +======= + +* api-change:``codebuild``: AWS CodeBuild now adds additional compute types for reserved capacity fleet. +* api-change:``guardduty``: GuardDuty RDS Protection expands support for Amazon Aurora PostgreSQL Limitless Databases. +* api-change:``lakeformation``: API changes for new named tag expressions feature. +* api-change:``qapps``: Introduces category apis in AmazonQApps. Web experience users use Categories to tag and filter library items. +* api-change:``s3control``: Fix ListStorageLensConfigurations and ListStorageLensGroups deserialization for Smithy SDKs. +* api-change:``verifiedpermissions``: Adding BatchGetPolicy API which supports the retrieval of multiple policies across multiple policy stores within a single request. + + +1.35.20 +======= + +* api-change:``bedrock-agent``: Amazon Bedrock Knowledge Bases now supports using application inference profiles to increase throughput and improve resilience. +* api-change:``docdb-elastic``: Amazon DocumentDB Elastic Clusters adds support for pending maintenance actions feature with APIs GetPendingMaintenanceAction, ListPendingMaintenanceActions and ApplyPendingMaintenanceAction +* api-change:``logs``: This release introduces an improvement in PutLogEvents +* api-change:``taxsettings``: Add support for supplemental tax registrations via these new APIs: PutSupplementalTaxRegistration, ListSupplementalTaxRegistrations, and DeleteSupplementalTaxRegistration. + + +1.35.19 +======= + +* api-change:``amp``: Added support for UpdateScraper API, to enable updating collector configuration in-place +* api-change:``autoscaling``: Adds bake time for Auto Scaling group Instance Refresh +* api-change:``batch``: Add `podNamespace` to `EksAttemptDetail` and `containerID` to `EksAttemptContainerDetail`. +* api-change:``elbv2``: Add UDP support for AWS PrivateLink and dual-stack Network Load Balancers +* api-change:``glue``: Add schedule support for AWS Glue column statistics +* api-change:``sagemaker``: SageMaker HyperPod adds scale-down at instance level via BatchDeleteClusterNodes API and group level via UpdateCluster API. SageMaker Training exposes secondary job status in TrainingJobSummary from ListTrainingJobs API. SageMaker now supports G6, G6e, P5e instances for HyperPod and Training. +* api-change:``sesv2``: This release enables customers to provide the email template content in the SESv2 SendEmail and SendBulkEmail APIs instead of the name or the ARN of a stored email template. + + +1.35.18 +======= + +* api-change:``appsync``: This release adds support for AppSync Event APIs. +* api-change:``connect``: Updated the public documentation for the UserIdentityInfo object to accurately reflect the character limits for the FirstName and LastName fields, which were previously listed as 1-100 characters. +* api-change:``datasync``: AWS DataSync now supports Enhanced mode tasks. This task mode supports transfer of virtually unlimited numbers of objects with enhanced metrics, more detailed logs, and higher performance than Basic mode. This mode currently supports transfers between Amazon S3 locations. +* api-change:``ec2``: This release adds two new capabilities to VPC Security Groups: Security Group VPC Associations and Shared Security Groups. +* api-change:``ecs``: This release supports service deployments and service revisions which provide a comprehensive view of your Amazon ECS service history. +* api-change:``geo-maps``: Release of Amazon Location Maps API. Maps enables you to build digital maps that showcase your locations, visualize your data, and unlock insights to drive your business +* api-change:``geo-places``: Release of Amazon Location Places API. Places enables you to quickly search, display, and filter places, businesses, and locations based on proximity, category, and name +* api-change:``geo-routes``: Release of Amazon Location Routes API. Routes enables you to plan efficient routes and streamline deliveries by leveraging real-time traffic, vehicle restrictions, and turn-by-turn directions. +* api-change:``keyspaces``: Adds support for interacting with user-defined types (UDTs) through the following new operations: Create-Type, Delete-Type, List-Types, Get-Type. +* api-change:``network-firewall``: AWS Network Firewall now supports configuring TCP idle timeout +* api-change:``opensearch``: This release introduces the new OpenSearch user interface (Dashboards), a new web-based application that can be associated with multiple data sources across OpenSearch managed clusters, serverless collections, and Amazon S3, so that users can gain a comprehensive insights in an unified interface. +* api-change:``opensearchserverless``: Neo Integration via IAM Identity Center (IdC) +* api-change:``redshift``: This release launches S3 event integrations to create and manage integrations from an Amazon S3 source into an Amazon Redshift database. +* api-change:``redshift-serverless``: Adds and updates API members for the Redshift Serverless AI-driven scaling and optimization feature using the price-performance target setting. +* api-change:``route53``: This release adds support for TLSA, SSHFP, SVCB, and HTTPS record types. +* api-change:``sagemaker``: Added support for Model Registry Staging construct. Users can define series of stages that models can progress through for model workflows and lifecycle. This simplifies tracking and managing models as they transition through development, testing, and production stages. +* api-change:``workmail``: This release adds support for Multi-Factor Authentication (MFA) and Personal Access Tokens through integration with AWS IAM Identity Center. + + +1.35.17 +======= + +* api-change:``bedrock``: Update Application Inference Profile +* api-change:``bedrock-runtime``: Update Application Inference Profile +* api-change:``cleanrooms``: This release adds the option for customers to configure analytics engine when creating a collaboration, and introduces the new SPARK analytics engine type in addition to maintaining the legacy CLEAN_ROOMS_SQL engine type. +* api-change:``iotfleetwise``: Updated BatchCreateVehicle and BatchUpdateVehicle APIs: LimitExceededException has been added and the maximum number of vehicles in a batch has been set to 10 explicitly +* api-change:``logs``: Added support for new optional baseline parameter in the UpdateAnomaly API. For UpdateAnomaly requests with baseline set to True, The anomaly behavior is then treated as baseline behavior. However, more severe occurrences of this behavior will still be reported as anomalies. +* api-change:``redshift-data``: Adding a new API GetStatementResultV2 that supports CSV formatted results from ExecuteStatement and BatchExecuteStatement calls. +* api-change:``sagemaker``: Adding `notebook-al2-v3` as allowed value to SageMaker NotebookInstance PlatformIdentifier attribute + + +1.35.16 +======= + +* api-change:``mediapackagev2``: MediaPackage V2 Live to VOD Harvester is a MediaPackage V2 feature, which is used to export content from an origin endpoint to a S3 bucket. +* api-change:``opensearch``: Adds support for provisioning dedicated coordinator nodes. Coordinator nodes can be specified using the new NodeOptions parameter in ClusterConfig. +* api-change:``rds``: This release adds support for Enhanced Monitoring and Performance Insights when restoring Aurora Limitless Database DB clusters. It also adds support for the os-upgrade pending maintenance action. +* api-change:``storagegateway``: Documentation update: Amazon FSx File Gateway will no longer be available to new customers. + + +1.35.15 +======= + +* api-change:``bedrock-agent``: Add support of new model types for Bedrock Agents, Adding inference profile support for Flows and Prompt Management, Adding new field to configure additional inference configurations for Flows and Prompt Management +* api-change:``codebuild``: AWS CodeBuild now supports automatically retrying failed builds +* api-change:``lambda``: Add TagsError field in Lambda GetFunctionResponse. The TagsError field contains details related to errors retrieving tags. +* api-change:``logs``: Adding inferred token name for dynamic tokens in Anomalies. +* api-change:``supplychain``: API doc updates, and also support showing error message on a failed instance + + +1.35.14 +======= + +* api-change:``appconfig``: This release improves deployment safety by granting customers the ability to REVERT completed deployments, to the last known good state.In the StopDeployment API revert case the status of a COMPLETE deployment will be REVERTED. AppConfig only allows a revert within 72 hours of deployment completion. +* api-change:``ec2``: This release includes a new API to describe some details of the Amazon Machine Images (AMIs) that were used to launch EC2 instances, even if those AMIs are no longer available for use. +* api-change:``ecs``: This release adds support for EBS volumes attached to Amazon ECS Windows tasks running on EC2 instances. +* api-change:``pcs``: Documentation update: added the default value of the Slurm configuration parameter scaleDownIdleTimeInSeconds to its description. +* api-change:``qbusiness``: Add a new field in chat response. This field can be used to support nested schemas in array fields +* bugfix:shorthand: Improve performance when parsing invalid shorthand syntax. + + +1.35.13 +======= + +* api-change:``bedrock``: Doc updates for supporting converse +* api-change:``connect``: Amazon Connect Service Feature: Add support to start screen sharing for a web calling contact. +* api-change:``ec2``: Amazon EC2 X8g, C8g and M8g instances are powered by AWS Graviton4 processors. X8g provide the lowest cost per GiB of memory among Graviton4 instances. C8g provide the best price performance for compute-intensive workloads. M8g provide the best price performance in for general purpose workloads. +* api-change:``mwaa``: Introducing InvokeRestApi which allows users to invoke the Apache Airflow REST API on the webserver with the specified inputs. +* api-change:``payment-cryptography``: Add support for ECC P-256 and P-384 Keys. +* api-change:``payment-cryptography-data``: Add ECDH support on PIN operations. + + +1.35.12 +======= + +* api-change:``bedrock-runtime``: Updating invoke regex to support imported models for converse API +* api-change:``imagebuilder``: Add macOS platform and instance placement options +* api-change:``m2``: Add AuthSecretsManagerArn optional parameter to batch job APIs, expand batch parameter limits, and introduce clientToken constraints. +* api-change:``rds``: Global clusters now expose the Endpoint attribute as one of its fields. It is a Read/Write endpoint for the global cluster which resolves to the Global Cluster writer instance. +* api-change:``repostspace``: Adds the BatchAddRole and BatchRemoveRole APIs. +* api-change:``timestream-query``: This release adds support for Query Insights, a feature that provides details of query execution, enabling users to identify areas for improvement to optimize their queries, resulting in improved query performance and lower query costs. + + +1.35.11 +======= + +* api-change:``application-insights``: This feature enables customers to specify SNS Topic ARN. CloudWatch Application Insights (CWAI) will utilize this ARN to send problem notifications. +* api-change:``autoscaling``: Adds support for removing the PlacementGroup setting on an Auto Scaling Group through the UpdateAutoScalingGroup API. +* api-change:``bedrock-agent-runtime``: Knowledge Bases for Amazon Bedrock now supports custom prompts and model parameters in the orchestrationConfiguration of the RetrieveAndGenerate API. The modelArn field accepts Custom Models and Imported Models ARNs. +* api-change:``dms``: Added support for tagging in StartReplicationTaskAssessmentRun API and introduced IsLatestTaskAssessmentRun and ResultStatistic fields for enhanced tracking and assessment result statistics. +* api-change:``ec2``: Amazon EC2 now allows you to create network interfaces with just the EFA driver and no ENA driver by specifying the network interface type as efa-only. +* api-change:``eks``: This release adds support for Amazon Application Recovery Controller (ARC) zonal shift and zonal autoshift with EKS that enhances the resiliency of multi-AZ cluster environments +* api-change:``fms``: Update AWS WAF policy - add the option to retrofit existing web ACLs instead of creating all new web ACLs. +* api-change:``payment-cryptography-data``: Adding new API to generate authenticated scripts for EMV pin change use cases. +* api-change:``wafv2``: Add a property to WebACL to indicate whether it's been retrofitted by Firewall Manager. + + +1.35.10 +======= + +* api-change:``athena``: Removing FEDERATED from Create/List/Delete/GetDataCatalog API +* api-change:``bedrock``: Adding converse support to CMI API's +* api-change:``bedrock-runtime``: Added converse support for custom imported models +* api-change:``datazone``: Adding the following project member designations: PROJECT_CATALOG_VIEWER, PROJECT_CATALOG_CONSUMER and PROJECT_CATALOG_STEWARD in the CreateProjectMembership API and PROJECT_CATALOG_STEWARD designation in the AddPolicyGrant API. +* api-change:``ec2``: RequestSpotInstances and RequestSpotFleet feature release. + + +1.35.9 +====== + +* api-change:``bedrock-agent``: Removing support for topK property in PromptModelInferenceConfiguration object, Making PromptTemplateConfiguration property as required, Limiting the maximum PromptVariant to 1 +* api-change:``dataexchange``: This release adds Data Grant support, through which customers can programmatically create data grants to share with other AWS accounts and accept data grants from other AWS accounts. +* api-change:``ecs``: This is an Amazon ECS documentation only update to address tickets. +* api-change:``pinpoint-sms-voice-v2``: Added the registrations status of REQUIRES_AUTHENTICATION +* api-change:``pipes``: This release adds validation to require specifying a SecurityGroup and Subnets in the Vpc object under PipesSourceSelfManagedKafkaParameters. It also adds support for iso-e, iso-f, and other non-commercial partitions in ARN parameters. +* api-change:``quicksight``: Add StartDashboardSnapshotJobSchedule API. RestoreAnalysis now supports restoring analysis to folders. +* api-change:``rds``: Updates Amazon RDS documentation for TAZ IAM support +* api-change:``workspaces``: Updated the DomainName pattern for Active Directory + + +1.35.8 +====== + +* api-change:``s3``: Add support for the new optional bucket-region and prefix query parameters in the ListBuckets API. For ListBuckets requests that express pagination, Amazon S3 will now return both the bucket names and associated AWS regions in the response. + + +1.35.7 +====== + +* api-change:``amplify``: Added sourceUrlType field to StartDeployment request +* api-change:``cloudformation``: Documentation update for AWS CloudFormation API Reference. +* api-change:``codebuild``: Enable proxy for reserved capacity fleet. +* api-change:``ivs``: On a channel that you own, you can now replace an ongoing stream with a new stream by streaming up with the priority parameter appended to the stream key. +* api-change:``qbusiness``: Amazon Q Business now supports embedding the Amazon Q Business web experience on third-party websites. +* api-change:``redshift``: This release launches the CreateIntegration, DeleteIntegration, DescribeIntegrations and ModifyIntegration APIs to create and manage Amazon Redshift Zero-ETL Integrations. +* api-change:``resiliencehub``: AWS Resilience Hub now integrates with the myApplications platform, enabling customers to easily assess the resilience of applications defined in myApplications. The new Resiliency widget provides visibility into application resilience and actionable recommendations for improvement. +* api-change:``sesv2``: This release adds support for email maximum delivery seconds that allows senders to control the time within which their emails are attempted for delivery. + + +1.35.6 +====== + +* api-change:``codepipeline``: AWS CodePipeline V2 type pipelines now support automatically retrying failed stages and skipping stage for failed entry conditions. +* api-change:``mailmanager``: Mail Manager support for viewing and exporting metadata of archived messages. +* api-change:``securitylake``: This release updates request validation regex for resource ARNs. +* api-change:``supplychain``: This release adds AWS Supply Chain instance management functionality. Specifically adding CreateInstance, DeleteInstance, GetInstance, ListInstances, and UpdateInstance APIs. +* api-change:``transfer``: This release enables customers using SFTP connectors to query the transfer status of their files to meet their monitoring needs as well as orchestrate post transfer actions. + + +1.35.5 +====== + +* api-change:``appflow``: Doc only updates for clarification around OAuth2GrantType for Salesforce. +* api-change:``elbv2``: Add zonal_shift.config.enabled attribute. Add new AdministrativeOverride construct in the describe-target-health API response to include information about the override status applied to a target. +* api-change:``emr``: This release provides new parameter "Context" in instance fleet clusters. +* api-change:``guardduty``: Added a new field for network connection details. +* api-change:``robomaker``: Documentation update: added support notices to each API action. + + +1.35.4 +====== + +* api-change:``acm-pca``: Documentation updates for AWS Private CA. +* api-change:``dms``: Introduces DescribeDataMigrations, CreateDataMigration, ModifyDataMigration, DeleteDataMigration, StartDataMigration, StopDataMigration operations to SDK. Provides FailedDependencyFault error message. +* api-change:``ec2``: This release adds support for assigning the billing of shared Amazon EC2 On-Demand Capacity Reservations. +* api-change:``ecs``: This is a documentation only release that updates to documentation to let customers know that Amazon Elastic Inference is no longer available. +* api-change:``elastic-inference``: Elastic Inference - Documentation update to add service shutdown notice. +* api-change:``iotfleetwise``: Refine campaign related API validations +* api-change:``neptune-graph``: Support for 16 m-NCU graphs available through account allowlisting +* api-change:``outposts``: Adding new "DELIVERED" enum value for Outposts Order status +* api-change:``route53resolver``: Route 53 Resolver Forwarding Rules can now include a server name indication (SNI) in the target address for rules that use the DNS-over-HTTPS (DoH) protocol. When a DoH-enabled Outbound Resolver Endpoint forwards a request to a DoH server, it will provide the SNI in the TLS handshake. +* api-change:``socialmessaging``: This release for AWS End User Messaging includes a public SDK, providing a suite of APIs that enable sending WhatsApp messages to end users. +* api-change:``timestream-influxdb``: This release updates our regex based validation rules in regards to valid DbInstance and DbParameterGroup name. + + +1.35.3 +====== + +* api-change:``codepipeline``: AWS CodePipeline introduces a Compute category + + +1.35.2 +====== + +* api-change:``elasticache``: AWS ElastiCache SDK now supports using APIs with newly launched Valkey engine. Please refer to updated AWS ElastiCache public documentation for detailed information on API usage. +* api-change:``memorydb``: Amazon MemoryDB SDK now supports all APIs for newly launched Valkey engine. Please refer to the updated Amazon MemoryDB public documentation for detailed information on API usage. +* enhancement:``s3``: Adds logic to gracefully handle invalid timestamps returned in the Expires header. + + +1.35.1 +====== + +* api-change:``deadline``: Add support for using the template from a previous job during job creation and listing parameter definitions for a job. +* api-change:``marketplace-reporting``: Documentation-only update for AWS Marketplace Reporting API. +* api-change:``qconnect``: This release adds support for the following capabilities: Configuration of the Gen AI system via AIAgent and AIPrompts. Integration support for Bedrock Knowledge Base. +* api-change:``redshift``: Add validation pattern to S3KeyPrefix on the EnableLogging API + + +1.35.0 +====== + +* api-change:``ec2``: Documentation updates for Amazon EC2. +* api-change:``iot-data``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* feature:s3: Adds ``--checksum-mode`` and ``--checksum-algorithm`` parameters to high-level ``s3`` commands. + + +1.34.33 +======= + +* api-change:``codepipeline``: AWS CodePipeline introduces Commands action that enables you to easily run shell commands as part of your pipeline execution. +* api-change:``connect``: Public GetMetricDataV2 Grouping increase from 3 to 4 +* api-change:``ec2``: This release includes a new API for modifying instance cpu-options after launch. +* api-change:``iot``: This release adds support for Custom Authentication with X.509 Client Certificates, support for Custom Client Certificate validation, and support for selecting application protocol and authentication type without requiring TLS ALPN for customer's AWS IoT Domain Configurations. +* api-change:``marketplace-reporting``: The AWS Marketplace Reporting service introduces the GetBuyerDashboard API. This API returns a dashboard that provides visibility into your organization's AWS Marketplace agreements and associated spend across the AWS accounts in your organization. +* api-change:``mediapackagev2``: Added support for ClipStartTime on the FilterConfiguration object on OriginEndpoint manifest settings objects. Added support for EXT-X-START tags on produced HLS child playlists. +* api-change:``quicksight``: QuickSight: Add support for exporting and importing folders in AssetBundle APIs + + +1.34.32 +======= + +* api-change:``appstream``: Added support for Automatic Time Zone Redirection on Amazon AppStream 2.0 +* api-change:``b2bi``: Added and updated APIs to support outbound EDI transformations +* api-change:``bedrock-agent-runtime``: Added raw model response and usage metrics to PreProcessing and PostProcessing Trace +* api-change:``bedrock-runtime``: Added new fields to Amazon Bedrock Guardrails trace +* api-change:``iotdeviceadvisor``: Add clientToken attribute and implement idempotency for CreateSuiteDefinition. +* api-change:``ivs-realtime``: Adds new Stage Health EventErrorCodes applicable to RTMP(S) broadcasts. Bug Fix: Enforces that EncoderConfiguration Video height and width must be even-number values. +* api-change:``s3``: This release introduces a header representing the minimum object size limit for Lifecycle transitions. +* api-change:``sagemaker``: releasing builtinlcc to public +* api-change:``workspaces``: WSP is being rebranded to become DCV. + + +1.34.31 +======= + +* api-change:``bedrock-agent``: This release adds support to stop an ongoing ingestion job using the StopIngestionJob API in Agents for Amazon Bedrock. +* api-change:``codeartifact``: Add support for the dual stack endpoints. +* api-change:``rds``: This release provides additional support for enabling Aurora Limitless Database DB clusters. + + +1.34.30 +======= + +* api-change:``bedrock``: Add support for custom models via provisioned throughput for Bedrock Model Evaluation +* api-change:``clouddirectory``: Add examples for API operations in model. +* api-change:``connect``: Amazon Connect introduces StartOutboundChatContact API allowing customers to initiate outbound chat contacts +* api-change:``pricing``: Add examples for API operations in model. +* api-change:``resource-groups``: This update includes new APIs to support application groups and to allow users to manage resource tag-sync tasks in applications. +* api-change:``supplychain``: Release DataLakeDataset, DataIntegrationFlow and ResourceTagging APIs for AWS Supply Chain +* api-change:``timestream-influxdb``: Timestream for InfluxDB now supports port configuration and additional customer-modifiable InfluxDB v2 parameters. This release adds Port to the CreateDbInstance and UpdateDbInstance API, and additional InfluxDB v2 parameters to the CreateDbParameterGroup API. +* api-change:``verifiedpermissions``: Add examples for API operations in model. + + +1.34.29 +======= + +* api-change:``customer-profiles``: Introduces optional RoleArn parameter for PutIntegration request and includes RoleArn in the response of PutIntegration, GetIntegration and ListIntegrations +* api-change:``quicksight``: Adding personalization in QuickSight data stories. Admins can enable or disable personalization through QuickSight settings. +* api-change:``securityhub``: Documentation updates for AWS Security Hub +* api-change:``sesv2``: This release adds support for engagement tracking over Https using custom domains. + + +1.34.28 +======= + +* api-change:``chatbot``: Return State and StateReason fields for Chatbot Channel Configurations. +* api-change:``lambda``: Reverting Lambda resource-based policy and block public access APIs. +* api-change:``organizations``: Add support for policy operations on the CHATBOT_POLICY policy type. +* api-change:``pcs``: AWS PCS API documentation - Edited the description of the iamInstanceProfileArn parameter of the CreateComputeNodeGroup and UpdateComputeNodeGroup actions; edited the description of the SlurmCustomSetting data type to list the supported parameters for clusters and compute node groups. +* api-change:``rds-data``: Documentation update for RDS Data API to reflect support for Aurora MySQL Serverless v2 and Provisioned DB clusters. +* api-change:``sagemaker``: Adding `TagPropagation` attribute to Sagemaker API + + +1.34.27 +======= + +* api-change:``cloudtrail``: Doc-only update for CloudTrail network activity events release (in preview) +* api-change:``ec2``: Updates to documentation for the transit gateway security group referencing feature. +* api-change:``fsx``: Doc-only update to address Lustre S3 hard-coded names. + + +1.34.26 +======= + +* api-change:``bedrock``: Add support for Cross Region Inference in Bedrock Model Evaluations. +* api-change:``budgets``: Releasing minor partitional endpoint updates +* api-change:``kinesis``: This release includes support to add tags when creating a stream +* api-change:``pinpoint-sms-voice-v2``: AWS End User Messaging SMS-Voice V2 has added support for resource policies. Use the three new APIs to create, view, edit, and delete resource policies. +* api-change:``sagemaker``: Adding `HiddenInstanceTypes` and `HiddenSageMakerImageVersionAliases` attribute to SageMaker API + + +1.34.25 +======= + +* api-change:``apigateway``: Documentation updates for Amazon API Gateway +* api-change:``athena``: List/Get/Update/Delete/CreateDataCatalog now integrate with AWS Glue connections. Users can create a Glue connection through Athena or use a Glue connection to define their Athena federated parameters. +* api-change:``bedrock-agent``: Amazon Bedrock Prompt Flows and Prompt Management now supports using inference profiles to increase throughput and improve resilience. +* api-change:``ec2``: Amazon EC2 G6e instances powered by NVIDIA L40S Tensor Core GPUs are the most cost-efficient GPU instances for deploying generative AI models and the highest performance GPU instances for spatial computing workloads. +* api-change:``emr-serverless``: This release adds support for job concurrency and queuing configuration at Application level. +* api-change:``glue``: Added AthenaProperties parameter to Glue Connections, allowing Athena to store service specific properties on Glue Connections. +* api-change:``rds``: Support ComputeRedundancy parameter in ModifyDBShardGroup API. Add DBShardGroupArn in DBShardGroup API response. Remove InvalidMaxAcuFault from CreateDBShardGroup and ModifyDBShardGroup API. Both API will throw InvalidParameterValueException for invalid ACU configuration. +* api-change:``resource-explorer-2``: AWS Resource Explorer released ListResources feature which allows customers to list all indexed AWS resources within a view. + + +1.34.24 +======= + +* api-change:``dynamodb``: Generate account endpoint for DynamoDB requests when the account ID is available +* api-change:``neptune``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``sagemaker``: Amazon SageMaker now supports using manifest files to specify the location of uncompressed model artifacts within Model Packages +* api-change:``sagemaker-metrics``: This release introduces support for the SageMaker Metrics BatchGetMetrics API. +* api-change:``workspaces``: Releasing new ErrorCodes for SysPrep failures during ImageImport and CreateImage process +* enhancement:paginator: Add warning when a non-positive value is provided for the max-items pagination parameter. + + +1.34.23 +======= + +* api-change:``codeconnections``: This release adds the PullRequestComment field to CreateSyncConfiguration API input, UpdateSyncConfiguration API input, GetSyncConfiguration API output and ListSyncConfiguration API output +* api-change:``glue``: This change is for releasing TestConnection api SDK model +* api-change:``lambda``: Tagging support for Lambda event source mapping, and code signing configuration resources. +* api-change:``mediaconvert``: This release provides support for additional DRM configurations per SPEKE Version 2.0. +* api-change:``medialive``: Adds Bandwidth Reduction Filtering for HD AVC and HEVC encodes, multiplex container settings. +* api-change:``quicksight``: QuickSight: 1. Add new API - ListFoldersForResource. 2. Commit mode adds visibility configuration of Apply button on multi-select controls for authors. +* api-change:``sagemaker``: Introduced support for G6e instance types on SageMaker Studio for JupyterLab and CodeEditor applications. +* api-change:``workspaces-web``: WorkSpaces Secure Browser now enables Administrators to view and manage end-user browsing sessions via Session Management APIs. + + +1.34.22 +======= + +* api-change:``ce``: This release extends the GetReservationPurchaseRecommendation API to support recommendations for Amazon DynamoDB reservations. +* api-change:``ds``: Added new APIs for enabling, disabling, and describing access to the AWS Directory Service Data API +* api-change:``ds-data``: Added new AWS Directory Service Data API, enabling you to manage data stored in AWS Directory Service directories. This includes APIs for creating, reading, updating, and deleting directory users, groups, and group memberships. +* api-change:``guardduty``: Add `launchType` and `sourceIPs` fields to GuardDuty findings. +* api-change:``mailmanager``: Introduce a new RuleSet condition evaluation, where customers can set up a StringExpression with a MimeHeader condition. This condition will perform the necessary validation based on the X-header provided by customers. +* api-change:``rds``: Updates Amazon RDS documentation with information upgrading snapshots with unsupported engine versions for RDS for MySQL and RDS for PostgreSQL. +* api-change:``s3``: Added SSE-KMS support for directory buckets. + + +1.34.21 +======= + +* api-change:``codebuild``: GitLab Enhancements - Add support for Self-Hosted GitLab runners in CodeBuild. Add group webhooks +* api-change:``ecr``: The `DescribeImageScanning` API now includes `fixAvailable`, `exploitAvailable`, and `fixedInVersion` fields to provide more detailed information about the availability of fixes, exploits, and fixed versions for identified image vulnerabilities. +* api-change:``ecs``: This is a documentation only release to address various tickets. +* api-change:``lambda``: Support for JSON resource-based policies and block public access +* api-change:``rds``: Updates Amazon RDS documentation with configuration information about the BYOL model for RDS for Db2. +* api-change:``ssm``: Support for additional levels of cross-account, cross-Region organizational units in Automation. Various documentation updates. + + +1.34.20 +======= + +* api-change:``bedrock``: This feature adds cross account s3 bucket and VPC support to ModelInvocation jobs. To use a cross account bucket, pass in the accountId of the bucket to s3BucketOwner in the ModelInvocationJobInputDataConfig or ModelInvocationJobOutputDataConfig. +* api-change:``iot``: This release adds additional enhancements to AWS IoT Device Management Software Package Catalog and Jobs. It also adds SBOM support in Software Package Version. +* api-change:``medialive``: Removing the ON_PREMISE enum from the input settings field. +* api-change:``organizations``: Doc only update for AWS Organizations that fixes several customer-reported issues +* api-change:``pca-connector-scep``: This is a general availability (GA) release of Connector for SCEP, a feature of AWS Private CA. Connector for SCEP links your SCEP-enabled and mobile device management systems to AWS Private CA for digital signature installation and certificate management. +* api-change:``rds``: Launching Global Cluster tagging. + + +1.34.19 +======= + +* api-change:``amplify``: Doc only update to Amplify to explain platform setting for Next.js 14 SSG only applications +* api-change:``ivs``: Updates to all tags descriptions. +* api-change:``ivschat``: Updates to all tags descriptions. + + +1.34.18 +======= + +* api-change:``cognito-idp``: Added email MFA option to user pools with advanced security features. +* api-change:``elbv2``: Correct incorrectly mapped error in ELBv2 waiters +* api-change:``emr``: Update APIs to allow modification of ODCR options, allocation strategy, and InstanceTypeConfigs on running InstanceFleet clusters. +* api-change:``glue``: AWS Glue is introducing two new optimizers for Apache Iceberg tables: snapshot retention and orphan file deletion. Customers can enable these optimizers and customize their configurations to perform daily maintenance tasks on their Iceberg tables based on their specific requirements. +* api-change:``mediaconvert``: This release includes support for dynamic video overlay workflows, including picture-in-picture and squeezeback +* api-change:``rds``: This release adds support for the os-upgrade pending maintenance action for Amazon Aurora DB clusters. +* api-change:``storagegateway``: The S3 File Gateway now supports DSSE-KMS encryption. A new parameter EncryptionType is added to these APIs: CreateSmbFileShare, CreateNfsFileShare, UpdateSmbFileShare, UpdateNfsFileShare, DescribeSmbFileShares, DescribeNfsFileShares. Also, in favor of EncryptionType, KmsEncrypted is deprecated. +* api-change:``synthetics``: This release introduces two features. The first is tag replication, which allows for the propagation of canary tags onto Synthetics related resources, such as Lambda functions. The second is a limit increase in canary name length, which has now been increased from 21 to 255 characters. + + +1.34.17 +======= + +* api-change:``bedrock-agent``: Amazon Bedrock Knowledge Bases now supports using inference profiles to increase throughput and improve resilience. +* api-change:``bedrock-agent-runtime``: Amazon Bedrock Knowledge Bases now supports using inference profiles to increase throughput and improve resilience. +* api-change:``ecr``: Added KMS_DSSE to EncryptionType +* api-change:``guardduty``: Add support for new statistic types in GetFindingsStatistics. +* api-change:``lexv2-models``: Support new Polly voice engines in VoiceSettings: long-form and generative +* api-change:``medialive``: Adds AV1 Codec support, SRT ouputs, and MediaLive Anywhere support. + + +1.34.16 +======= + +* api-change:``chime-sdk-voice``: Documentation-only update that clarifies the ValidateE911Address action of the Amazon Chime SDK Voice APIs. +* api-change:``cognito-identity``: This release adds sensitive trait to some required shapes. +* api-change:``pipes``: This release adds support for customer managed KMS keys in Amazon EventBridge Pipe +* api-change:``securityhub``: Documentation update for Security Hub + + +1.34.15 +======= + +* api-change:``dynamodb``: Doc-only update for DynamoDB. Added information about async behavior for TagResource and UntagResource APIs and updated the description of ResourceInUseException. +* api-change:``elbv2``: Add paginators for the ELBv2 DescribeListenerCertificates and DescribeRules APIs. Fix broken waiter for the ELBv2 DescribeLoadBalancers API. +* api-change:``ivs-realtime``: IVS Real-Time now offers customers the ability to broadcast to Stages using RTMP(S). +* api-change:``kafka``: Amazon MSK Replicator can now replicate data to identically named topics between MSK clusters within the same AWS Region or across different AWS Regions. +* api-change:``sagemaker``: Amazon Sagemaker supports orchestrating SageMaker HyperPod clusters with Amazon EKS +* api-change:``sagemaker-runtime``: AWS SageMaker Runtime feature: Add sticky routing to support stateful inference models. + + +1.34.14 +======= + +* api-change:``qapps``: Adds UpdateLibraryItemMetadata api to change status of app for admin verification feature and returns isVerified field in any api returning the app or library item. + + +1.34.13 +======= + +* api-change:``application-signals``: Amazon CloudWatch Application Signals now supports creating Service Level Objectives using a new calculation type. Users can now create SLOs which are configured with request-based SLIs to help meet their specific business requirements. +* api-change:``codepipeline``: Updates to add recent notes to APIs and to replace example S3 bucket names globally. +* api-change:``connect``: Amazon Connect Custom Vocabulary now supports Catalan (Spain), Danish (Denmark), Dutch (Netherlands), Finnish (Finland), Indonesian (Indonesia), Malay (Malaysia), Norwegian Bokmal (Norway), Polish (Poland), Swedish (Sweden), and Tagalog/Filipino (Philippines). +* api-change:``gamelift``: Amazon GameLift provides additional events for tracking the fleet creation process. +* api-change:``kinesisanalyticsv2``: Support for Flink 1.20 in Managed Service for Apache Flink +* api-change:``sagemaker``: Amazon SageMaker now supports idle shutdown of JupyterLab and CodeEditor applications on SageMaker Studio. + + +1.34.12 +======= + +* api-change:``appsync``: Adds new logging levels (INFO and DEBUG) for additional log output control +* api-change:``bedrock-agent``: Add support for user metadata inside PromptVariant. +* api-change:``finspace``: Updates Finspace documentation for smaller instances. +* api-change:``fis``: This release adds safety levers, a new mechanism to stop all running experiments and prevent new experiments from starting. +* api-change:``logs``: Update to support new APIs for delivery of logs from AWS services. +* api-change:``s3control``: Amazon Simple Storage Service /S3 Access Grants / Features : This release launches new Access Grants API - ListCallerAccessGrants. + + +1.34.11 +======= + +* api-change:``connect``: Release ReplicaConfiguration as part of DescribeInstance +* api-change:``datazone``: Add support to let data publisher specify a subset of the data asset that a subscriber will have access to based on the asset filters provided, when accepting a subscription request. +* api-change:``elbv2``: This release adds support for configuring TCP idle timeout on NLB and GWLB listeners. +* api-change:``mediaconnect``: AWS Elemental MediaConnect introduces thumbnails for Flow source monitoring. Thumbnails provide still image previews of the live content feeding your MediaConnect Flow allowing you to easily verify that your source is operating as expected. +* api-change:``medialive``: Added MinQP as a Rate Control option for H264 and H265 encodes. +* api-change:``sagemaker``: Amazon SageMaker now supports automatic mounting of a user's home folder in the Amazon Elastic File System (EFS) associated with the SageMaker Studio domain to their Studio Spaces to enable users to share data between their own private spaces. +* api-change:``timestream-influxdb``: Timestream for InfluxDB now supports compute scaling and deployment type conversion. This release adds the DbInstanceType and DeploymentType parameters to the UpdateDbInstance API. + + +1.34.10 +======= + +* api-change:``backup``: The latest update introduces two new attributes, VaultType and VaultState, to the DescribeBackupVault and ListBackupVaults APIs. The VaultState attribute reflects the current status of the vault, while the VaultType attribute indicates the specific category of the vault. +* api-change:``datazone``: Amazon DataZone now adds new governance capabilities of Domain Units for organization within your Data Domains, and Authorization Policies for tighter controls. +* api-change:``logs``: This release introduces a new optional parameter: Entity, in PutLogEvents request +* api-change:``redshift-data``: The release include the new Redshift DataAPI feature for session use, customer execute query with --session-keep-alive-seconds parameter and can submit follow-up queries to same sessions with returned`session-id` + + +1.34.9 +====== + +* api-change:``bedrock-agent-runtime``: Lifting the maximum length on Bedrock KnowledgeBase RetrievalFilter array +* api-change:``bedrock-runtime``: Add support for imported-model in invokeModel and InvokeModelWithResponseStream. +* api-change:``personalize``: This releases ability to update automatic training scheduler for customer solutions +* api-change:``quicksight``: Increased Character Limit for Dataset Calculation Field expressions +* api-change:``stepfunctions``: This release adds support for static analysis to ValidateStateMachineDefinition API, which can now return optional WARNING diagnostics for semantic errors on the definition of an Amazon States Language (ASL) state machine. +* api-change:``wafv2``: The minimum request rate for a rate-based rule is now 10. Before this, it was 100. + + +1.34.8 +====== + +* api-change:``appconfig``: This release adds support for deletion protection, which is a safety guardrail to prevent the unintentional deletion of a recently used AWS AppConfig Configuration Profile or Environment. This also includes a change to increase the maximum length of the Name parameter in UpdateConfigurationProfile. +* api-change:``datazone``: Update regex to include dot character to be consistent with IAM role creation in the authorized principal field for create and update subscription target. +* api-change:``devicefarm``: This release removed support for Calabash, UI Automation, Built-in Explorer, remote access record, remote access replay, and web performance profile framework in ScheduleRun API. +* api-change:``ec2``: Amazon VPC IP Address Manager (IPAM) now allows customers to provision IPv4 CIDR blocks and allocate Elastic IP Addresses directly from IPAM pools with public IPv4 space +* api-change:``internetmonitor``: Adds new querying types to show overall traffic suggestion information for monitors +* api-change:``pcs``: Introducing AWS Parallel Computing Service (AWS PCS), a new service makes it easy to setup and manage high performance computing (HPC) clusters, and build scientific and engineering models at virtually any scale on AWS. +* api-change:``workspaces``: Documentation-only update that clarifies the StartWorkspaces and StopWorkspaces actions, and a few other minor edits. + + +1.34.7 +====== + +* api-change:``bedrock``: Amazon Bedrock SDK updates for Inference Profile. +* api-change:``bedrock-runtime``: Amazon Bedrock SDK updates for Inference Profile. +* api-change:``chatbot``: Update documentation to be consistent with the API docs +* api-change:``omics``: Adds data provenance to import jobs from read sets and references +* api-change:``polly``: Amazon Polly adds 2 new voices: Jitka (cs-CZ) and Sabrina (de-CH). + + +1.34.6 +====== + +* api-change:``iotsitewise``: AWS IoT SiteWise now supports versioning for asset models. It enables users to retrieve active version of their asset model and perform asset model writes with optimistic lock. +* api-change:``workspaces``: This release adds support for creating and managing directories that use AWS IAM Identity Center as user identity source. Such directories can be used to create non-Active Directory domain joined WorkSpaces Personal.Updated RegisterWorkspaceDirectory and DescribeWorkspaceDirectories APIs. + + +1.34.5 +====== + +* api-change:``bedrock-agent``: Releasing the support for Action User Confirmation. +* api-change:``bedrock-agent-runtime``: Releasing the support for Action User Confirmation. +* api-change:``codebuild``: Added support for the MAC_ARM environment type for CodeBuild fleets. +* api-change:``organizations``: Releasing minor partitional endpoint updates. +* api-change:``qbusiness``: Amazon QBusiness: Enable support for SAML and OIDC federation through AWS IAM Identity Provider integration. +* api-change:``supplychain``: Update API documentation to clarify the event SLA as well as the data model expectations + + +1.34.4 +====== + +* api-change:``autoscaling``: Amazon EC2 Auto Scaling now provides EBS health check to manage EC2 instance replacement +* api-change:``bedrock``: Amazon Bedrock Evaluation BatchDeleteEvaluationJob API allows customers to delete evaluation jobs under terminated evaluation job statuses - Stopped, Failed, or Completed. Customers can submit a batch of 25 evaluation jobs to be deleted at once. +* api-change:``emr-containers``: Correct endpoint for FIPS is configured for US Gov Regions. +* api-change:``inspector2``: Add enums for Agentless scan statuses and EC2 enablement error states +* api-change:``quicksight``: Explicit query for authors and dashboard viewing sharing for embedded users +* api-change:``route53``: Amazon Route 53 now supports the Asia Pacific (Malaysia) Region (ap-southeast-5) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region. + + +1.34.3 +====== + +* api-change:``ec2``: DescribeInstanceStatus now returns health information on EBS volumes attached to Nitro instances +* api-change:``entityresolution``: Increase the mapping attributes in Schema to 35. +* api-change:``glue``: Add optional field JobRunQueuingEnabled to CreateJob and UpdateJob APIs. +* api-change:``lambda``: Release FilterCriteria encryption for Lambda EventSourceMapping, enabling customers to encrypt their filter criteria using a customer-owned KMS key. +* api-change:``securityhub``: Security Hub documentation and definition updates +* api-change:``ses``: Enable email receiving customers to provide SES with access to their S3 buckets via an IAM role for "Deliver to S3 Action" + + +1.34.2 +====== + +* api-change:``ecs``: Documentation only release to address various tickets +* api-change:``opensearchserverless``: Added FailureCode and FailureMessage to BatchGetCollectionResponse for BatchGetVPCEResponse for non-Active Collection and VPCE. +* api-change:``s3``: Amazon Simple Storage Service / Features : Add support for conditional writes for PutObject and CompleteMultipartUpload APIs. + + +1.34.1 +====== + +* api-change:``bedrock``: Amazon Bedrock Batch Inference/ Model Invocation is a feature which allows customers to asynchronously run inference on a large set of records/files stored in S3. +* api-change:``codebuild``: AWS CodeBuild now supports creating fleets with macOS platform for running builds. +* api-change:``deadline``: This release adds additional search fields and provides sorting by multiple fields. +* api-change:``lambda``: Release Lambda FunctionRecursiveConfig, enabling customers to turn recursive loop detection on or off on individual functions. This release adds two new APIs, GetFunctionRecursionConfig and PutFunctionRecursionConfig. +* api-change:``ssm-sap``: Add new attributes to the outputs of GetApplication and GetDatabase APIs. + + +1.34.0 +====== + +* api-change:``batch``: Improvements of integration between AWS Batch and EC2. +* api-change:``inspector2``: Update the correct format of key and values for resource tags +* api-change:``quicksight``: Amazon QuickSight launches Customer Managed Key (CMK) encryption for Data Source metadata +* api-change:``sagemaker``: Introduce Endpoint and EndpointConfig Arns in sagemaker:ListPipelineExecutionSteps API response +* api-change:``sesv2``: Marking use case description field of account details as deprecated. +* enhancement:``codeartifact``: Update login command error message. + + +1.33.44 +======= + +* api-change:``docdb``: This release adds Global Cluster Failover capability which enables you to change your global cluster's primary AWS region, the region that serves writes, during a regional outage. Performing a failover action preserves your Global Cluster setup. +* api-change:``ecs``: This release introduces a new ContainerDefinition configuration to support the customer-managed keys for ECS container restart feature. +* api-change:``iam``: Make the LastUsedDate field in the GetAccessKeyLastUsed response optional. This may break customers who only call the API for access keys with a valid LastUsedDate. This fixes a deserialization issue for access keys without a LastUsedDate, because the field was marked as required but could be null. +* api-change:``s3``: Amazon Simple Storage Service / Features : Adds support for pagination in the S3 ListBuckets API. + + +1.33.43 +======= + +* api-change:``codebuild``: AWS CodeBuild now supports using Secrets Manager to store git credentials and using multiple source credentials in a single project. + + +1.33.42 +======= + +* api-change:``amplify``: Add a new field "cacheConfig" that enables users to configure the CDN cache settings for an App +* api-change:``appstream``: This release includes following new APIs: CreateThemeForStack, DescribeThemeForStack, UpdateThemeForStack, DeleteThemeForStack to support custom branding programmatically. +* api-change:``fis``: This release adds support for additional error information on experiment failure. It adds the error code, location, and account id on relevant failures to the GetExperiment and ListExperiment API responses. +* api-change:``glue``: Add AttributesToGet parameter support for Glue GetTables +* api-change:``neptune-graph``: Amazon Neptune Analytics provides a new option for customers to load data into a graph using the RDF (Resource Description Framework) NTRIPLES format. When loading NTRIPLES files, use the value `convertToIri` for the `blankNodeHandling` parameter. + + +1.33.41 +======= + +* api-change:``compute-optimizer``: Doc only update for Compute Optimizer that fixes several customer-reported issues relating to ECS finding classifications +* api-change:``config``: Documentation update for the OrganizationConfigRuleName regex pattern. +* api-change:``ec2``: This release adds new capabilities to manage On-Demand Capacity Reservations including the ability to split your reservation, move capacity between reservations, and modify the instance eligibility of your reservation. +* api-change:``eks``: Added support for new AL2023 GPU AMIs to the supported AMITypes. +* api-change:``groundstation``: Updating documentation for OEMEphemeris to link to AWS Ground Station User Guide +* api-change:``medialive``: AWS Elemental MediaLive now supports now supports editing the PID values for a Multiplex. +* api-change:``sagemaker``: Releasing large data support as part of CreateAutoMLJobV2 in SageMaker Autopilot and CreateDomain API for SageMaker Canvas. + + +1.33.40 +======= + +* api-change:``cognito-idp``: Fixed a description of AdvancedSecurityAdditionalFlows in Amazon Cognito user pool configuration. +* api-change:``connect``: This release supports adding RoutingCriteria via UpdateContactRoutingData public API. +* api-change:``ssm``: Systems Manager doc-only updates for August 2024. + + +1.33.39 +======= + +* api-change:``cognito-idp``: Added support for threat protection for custom authentication in Amazon Cognito user pools. +* api-change:``connect``: This release fixes a regression in number of access control tags that are allowed to be added to a security profile in Amazon Connect. You can now add up to four access control tags on a single security profile. +* api-change:``ec2``: Launch of private IPv6 addressing for VPCs and Subnets. VPC IPAM supports the planning and monitoring of private IPv6 usage. +* api-change:``glue``: This release adds support to retrieve the validation status when creating or updating Glue Data Catalog Views. Also added is support for BasicCatalogTarget partition keys. + + +1.33.38 +======= + +* api-change:``appintegrations``: Updated CreateDataIntegration and CreateDataIntegrationAssociation API to support bulk data export from Amazon Connect Customer Profiles to the customer S3 bucket. +* api-change:``glue``: Introducing AWS Glue Data Quality anomaly detection, a new functionality that uses ML-based solutions to detect data anomalies users have not explicitly defined rules for. + + +1.33.37 +======= + +* api-change:``bedrock-agent-runtime``: Introduce model invocation output traces for orchestration traces, which contain the model's raw response and usage. +* api-change:``cognito-idp``: Advanced security feature updates to include password history and log export for Cognito user pools. +* api-change:``cost-optimization-hub``: This release adds savings percentage support to the ListRecommendationSummaries API. +* api-change:``workspaces``: Added support for BYOL_GRAPHICS_G4DN_WSP IngestionProcess + + +1.33.36 +======= + +* api-change:``datazone``: This releases Data Product feature. Data Products allow grouping data assets into cohesive, self-contained units for ease of publishing for data producers, and ease of finding and accessing for data consumers. +* api-change:``ecr``: Released two new APIs along with documentation updates. The GetAccountSetting API is used to view the current basic scan type version setting for your registry, while the PutAccountSetting API is used to update the basic scan type version for your registry. +* api-change:``kinesis-video-webrtc-storage``: Add JoinStorageSessionAsViewer API +* api-change:``pi``: Added a description for the Dimension db.sql.tokenized_id on the DimensionGroup data type page. + + +1.33.35 +======= + +* api-change:``cloudwatch``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``kinesis``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``resiliencehub``: Customers are presented with the grouping recommendations and can determine if the recommendations are accurate and apply to their case. This feature simplifies onboarding by organizing resources into appropriate AppComponents. +* api-change:``route53``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``waf-regional``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. + + +1.33.34 +======= + +* api-change:``bedrock``: API and Documentation for Bedrock Model Copy feature. This feature lets you share and copy a custom model from one region to another or one account to another. +* api-change:``controlcatalog``: AWS Control Tower provides two new public APIs controlcatalog:ListControls and controlcatalog:GetControl under controlcatalog service namespace, which enable customers to programmatically retrieve control metadata of available controls. +* api-change:``controltower``: Updated Control Tower service documentation for controlcatalog control ARN support with existing Control Tower public APIs +* api-change:``iam``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``memorydb``: Doc only update for changes to deletion API. +* api-change:``rds``: This release adds support for specifying optional MinACU parameter in CreateDBShardGroup and ModifyDBShardGroup API. DBShardGroup response will contain MinACU if specified. +* api-change:``sagemaker``: This release adds support for Amazon EMR Serverless applications in SageMaker Studio for running data processing jobs. +* api-change:``ssm-quicksetup``: This release adds API support for the QuickSetup feature of AWS Systems Manager +* api-change:``support``: Doc only updates to CaseDetails + + +1.33.33 +======= + +* api-change:``appstream``: Added support for Red Hat Enterprise Linux 8 on Amazon AppStream 2.0 +* api-change:``autoscaling``: Increase the length limit for VPCZoneIdentifier from 2047 to 5000 +* api-change:``codepipeline``: AWS CodePipeline V2 type pipelines now support stage level conditions to enable development teams to safely release changes that meet quality and compliance requirements. +* api-change:``elasticache``: Doc only update for changes to deletion API. +* api-change:``elb``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``events``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``lexv2-models``: This release adds new capabilities to the AMAZON.QnAIntent: Custom prompting, Guardrails integration and ExactResponse support for Bedrock Knowledge Base. +* api-change:``logs``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``rolesanywhere``: IAM RolesAnywhere now supports custom role session name on the CreateSession. This release adds the acceptRoleSessionName option to a profile to control whether a role session name will be accepted in a session request with a given profile. +* api-change:``tnb``: This release adds Network Service Update, through which customers will be able to update their instantiated networks to a new network package. See the documentation for limitations. The release also enhances the Get network operation API to return parameter overrides used during the operation. +* api-change:``workspaces``: Removing multi-session as it isn't supported for pools +* bugfix:``s3``: Disable usage of mb command with S3 Express directory buckets. + + +1.33.32 +======= + +* api-change:``elasticache``: Renaming full service name as it appears in developer documentation. +* api-change:``memorydb``: Renaming full service name as it appears in developer documentation. + + +1.33.31 +======= + +* api-change:``application-autoscaling``: Application Auto Scaling is now more responsive to the changes in demand of your SageMaker Inference endpoints. To get started, create or update a Target Tracking policy based on High Resolution CloudWatch metrics. +* api-change:``application-signals``: CloudWatch Application Signals now supports application logs correlation with traces and operational health metrics of applications running on EC2 instances. Users can view the most relevant telemetry to troubleshoot application health anomalies such as spikes in latency, errors, and availability. +* api-change:``bedrock-runtime``: Provides ServiceUnavailableException error message +* api-change:``codecommit``: CreateRepository API now throws OperationNotAllowedException when the account has been restricted from creating a repository. +* api-change:``datazone``: Introduces GetEnvironmentCredentials operation to SDK +* api-change:``ec2``: EC2 Fleet now supports using custom identifiers to reference Amazon Machine Images (AMI) in launch requests that are configured to choose from a diversified list of instance types. +* api-change:``ecr``: API and documentation updates for Amazon ECR, adding support for creating, updating, describing and deleting ECR Repository Creation Template. +* api-change:``eks``: This release adds support for EKS cluster to manage extended support. +* api-change:``elbv2``: This release adds support for sharing trust stores across accounts and organizations through integration with AWS Resource Access Manager. +* api-change:``network-firewall``: You can now log events that are related to TLS inspection, in addition to the existing alert and flow logging. +* api-change:``outposts``: Adding default vCPU information to GetOutpostSupportedInstanceTypes and GetOutpostInstanceTypes responses +* api-change:``stepfunctions``: This release adds support to customer managed KMS key encryption in AWS Step Functions. + + +1.33.30 +======= + +* api-change:``cleanrooms``: Three enhancements to the AWS Clean Rooms: Disallowed Output Columns, Flexible Result Receivers, SQL as a Seed +* api-change:``dynamodb``: DynamoDB doc only update for July +* api-change:``iotsitewise``: Adds support for creating SiteWise Edge gateways that run on a Siemens Industrial Edge Device. +* api-change:``mediapackagev2``: This release adds support for Irdeto DRM encryption in DASH manifests. +* api-change:``medical-imaging``: CopyImageSet API adds copying selected instances between image sets, and overriding inconsistent metadata with a force parameter. UpdateImageSetMetadata API enables reverting to prior versions; updates to Study, Series, and SOP Instance UIDs; and updates to private elements, with a force parameter. +* api-change:``pinpoint-sms-voice-v2``: Update for rebrand to AWS End User Messaging SMS and Voice. + + +1.33.29 +======= + +* api-change:``appsync``: Adding support for paginators in AppSync list APIs +* api-change:``cleanrooms``: This release adds AWS Entity Resolution integration to associate ID namespaces & ID mapping workflow resources as part of ID namespace association and ID mapping table in AWS Clean Rooms. It also introduces a new ID_MAPPING_TABLE analysis rule to manage the protection on ID mapping table. +* api-change:``cleanroomsml``: Adds SQL query as the source of seed audience for audience generation job. +* api-change:``connect``: Added PostContactSummary segment type on ListRealTimeContactAnalysisSegmentsV2 API +* api-change:``connect-contact-lens``: Added PostContactSummary segment type on ListRealTimeContactAnalysisSegments API +* api-change:``datazone``: This release removes the deprecated dataProductItem field from Search API output. +* api-change:``entityresolution``: Support First Party ID Mapping + + +1.33.28 +======= + +* api-change:``datazone``: This release adds 1/ support of register S3 locations of assets in AWS Lake Formation hybrid access mode for DefaultDataLake blueprint. 2/ support of CRUD operations for Asset Filters. +* api-change:``ivs``: Documentation update for IVS Low Latency API Reference. +* api-change:``neptune-graph``: Amazon Neptune Analytics provides new options for customers to start with smaller graphs at a lower cost. CreateGraph, CreaateGraphImportTask, UpdateGraph and StartImportTask APIs will now allow 32 and 64 for `provisioned-memory` +* api-change:``redshift-serverless``: Adds dualstack support for Redshift Serverless workgroup. + + +1.33.27 +======= + +* api-change:``acm-pca``: Fix broken waiters for the acm-pca client. Waiters broke in version 1.13.144 of the Boto3 SDK. +* api-change:``connect``: Amazon Connect expands search API coverage for additional resources. Search for hierarchy groups by name, ID, tag, or other criteria (new endpoint). Search for agent statuses by name, ID, tag, or other criteria (new endpoint). Search for users by their assigned proficiencies (enhanced endpoint) +* api-change:``ec2``: Amazon VPC IP Address Manager (IPAM) now supports Bring-Your-Own-IP (BYOIP) for IP addresses registered with any Internet Registry. This feature uses DNS TXT records to validate ownership of a public IP address range. +* api-change:``firehose``: This release 1) Add configurable buffering hints for Snowflake as destination. 2) Add ReadFromTimestamp for MSK As Source. Firehose will start reading data from MSK Cluster using offset associated with this timestamp. 3) Gated public beta release to add Apache Iceberg tables as destination. +* api-change:``ivschat``: Documentation update for IVS Chat API Reference. +* api-change:``medialive``: AWS Elemental MediaLive now supports the SRT protocol via the new SRT Caller input type. +* api-change:``rds``: Updates Amazon RDS documentation to specify an eventual consistency model for DescribePendingMaintenanceActions. +* api-change:``sagemaker``: SageMaker Training supports R5, T3 and R5D instances family. And SageMaker Processing supports G5 and R5D instances family. +* api-change:``secretsmanager``: Doc only update for Secrets Manager +* api-change:``taxsettings``: Set default endpoint for aws partition. Requests from all regions in aws partition will be forward to us-east-1 endpoint. +* api-change:``timestream-query``: Doc-only update for TimestreamQuery. Added guidance about the accepted valid value for the QueryPricingModel parameter. +* api-change:``workspaces-thin-client``: Documentation update for WorkSpaces Thin Client. + + +1.33.26 +======= + +* api-change:``acm-pca``: Minor refactoring of C2J model for AWS Private CA +* api-change:``arc-zonal-shift``: Adds the option to subscribe to get notifications when a zonal autoshift occurs in a region. +* api-change:``globalaccelerator``: This feature adds exceptions to the Customer API to avoid throwing Internal Service errors +* api-change:``pinpoint``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``quicksight``: Vega ally control options and Support for Reviewed Answers in Topics + + +1.33.25 +======= + +* api-change:``batch``: This feature allows AWS Batch Jobs with EKS container orchestration type to be run as Multi-Node Parallel Jobs. +* api-change:``bedrock``: Add support for contextual grounding check for Guardrails for Amazon Bedrock. +* api-change:``bedrock-agent``: Introduces new data sources and chunking strategies for Knowledge bases, advanced parsing logic using FMs, session summary generation, and code interpretation (preview) for Claude V3 Sonnet and Haiku models. Also introduces Prompt Flows (preview) to link prompts, foundational models, and resources. +* api-change:``bedrock-agent-runtime``: Introduces query decomposition, enhanced Agents integration with Knowledge bases, session summary generation, and code interpretation (preview) for Claude V3 Sonnet and Haiku models. Also introduces Prompt Flows (preview) to link prompts, foundational models, and resources for end-to-end solutions. +* api-change:``bedrock-runtime``: Add support for contextual grounding check and ApplyGuardrail API for Guardrails for Amazon Bedrock. +* api-change:``ec2``: Add parameters to enable provisioning IPAM BYOIPv4 space at a Local Zone Network Border Group level +* api-change:``glue``: Add recipe step support for recipe node +* api-change:``groundstation``: Documentation update specifying OEM ephemeris units of measurement +* api-change:``license-manager-linux-subscriptions``: Add support for third party subscription providers, starting with RHEL subscriptions through Red Hat Subscription Manager (RHSM). Additionally, add support for tagging subscription provider resources, and detect when an instance has more than one Linux subscription and notify the customer. +* api-change:``mediaconnect``: AWS Elemental MediaConnect introduces the ability to disable outputs. Disabling an output allows you to keep the output attached to the flow, but stop streaming to the output destination. A disabled output does not incur data transfer costs. + + +1.33.24 +======= + +* api-change:``datazone``: This release deprecates dataProductItem field from SearchInventoryResultItem, along with some unused DataProduct shapes +* api-change:``fsx``: Adds support for FSx for NetApp ONTAP 2nd Generation file systems, and FSx for OpenZFS Single AZ HA file systems. +* api-change:``opensearch``: This release adds support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains, and provides visibility into the current state of the setup or tear-down. +* api-change:``sagemaker``: This release 1/ enables optimization jobs that allows customers to perform Ahead-of-time compilation and quantization. 2/ allows customers to control access to Amazon Q integration in SageMaker Studio. 3/ enables AdditionalModelDataSources for CreateModel action. + + +1.33.23 +======= + +* api-change:``codedeploy``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``devicefarm``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``dms``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``elasticbeanstalk``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``es``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``firehose``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``gamelift``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``qapps``: This is a general availability (GA) release of Amazon Q Apps, a capability of Amazon Q Business. Q Apps leverages data sources your company has provided to enable users to build, share, and customize apps within your organization. +* api-change:``route53resolver``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``ses``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. + + +1.33.22 +======= + +* api-change:``acm``: Documentation updates, including fixes for xml formatting, broken links, and ListCertificates description. +* api-change:``ecr``: This release for Amazon ECR makes change to bring the SDK into sync with the API. +* api-change:``payment-cryptography-data``: Added further restrictions on logging of potentially sensitive inputs and outputs. +* api-change:``qbusiness``: Add personalization to Q Applications. Customers can enable or disable personalization when creating or updating a Q application with the personalization configuration. + + +1.33.21 +======= + +* api-change:``application-autoscaling``: Doc only update for Application Auto Scaling that fixes resource name. +* api-change:``directconnect``: This update includes documentation for support of new native 400 GBps ports for Direct Connect. +* api-change:``organizations``: Added a new reason under ConstraintViolationException in RegisterDelegatedAdministrator API to prevent registering suspended accounts as delegated administrator of a service. +* api-change:``rekognition``: This release adds support for tagging projects and datasets with the CreateProject and CreateDataset APIs. +* api-change:``workspaces``: Fix create workspace bundle RootStorage/UserStorage to accept non null values + + +1.33.20 +======= + +* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2). +* api-change:``fms``: Increases Customer API's ManagedServiceData length +* api-change:``s3``: Added response overrides to Head Object requests. + + +1.33.19 +======= + +* api-change:``apigateway``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``cognito-identity``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``connect``: Authentication profiles are Amazon Connect resources (in gated preview) that allow you to configure authentication settings for users in your contact center. This release adds support for new ListAuthenticationProfiles, DescribeAuthenticationProfile and UpdateAuthenticationProfile APIs. +* api-change:``docdb``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``eks``: Updates EKS managed node groups to support EC2 Capacity Blocks for ML +* api-change:``payment-cryptography``: Added further restrictions on logging of potentially sensitive inputs and outputs. +* api-change:``payment-cryptography-data``: Adding support for dynamic keys for encrypt, decrypt, re-encrypt and translate pin functions. With this change, customers can use one-time TR-31 keys directly in dataplane operations without the need to first import them into the service. +* api-change:``stepfunctions``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``swf``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``wafv2``: JSON body inspection: Update documentation to clarify that JSON parsing doesn't include full validation. + + +1.33.18 +======= + +* api-change:``acm-pca``: Added CCPC_LEVEL_1_OR_HIGHER KeyStorageSecurityStandard and SM2 KeyAlgorithm and SM3WITHSM2 SigningAlgorithm for China regions. +* api-change:``cloudhsmv2``: Added 3 new APIs to support backup sharing: GetResourcePolicy, PutResourcePolicy, and DeleteResourcePolicy. Added BackupArn to the output of the DescribeBackups API. Added support for BackupArn in the CreateCluster API. +* api-change:``connect``: This release supports showing PreferredAgentRouting step via DescribeContact API. +* api-change:``emr``: This release provides the support for new allocation strategies i.e. CAPACITY_OPTIMIZED_PRIORITIZED for Spot and PRIORITIZED for On-Demand by taking input of priority value for each instance type for instance fleet clusters. +* api-change:``glue``: Added AttributesToGet parameter to Glue GetDatabases, allowing caller to limit output to include only the database name. +* api-change:``kinesisanalyticsv2``: Support for Flink 1.19 in Managed Service for Apache Flink +* api-change:``opensearch``: This release removes support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains. +* api-change:``pi``: Noting that the filter db.sql.db_id isn't available for RDS for SQL Server DB instances. +* api-change:``workspaces``: Added support for Red Hat Enterprise Linux 8 on Amazon WorkSpaces Personal. + + +1.33.17 +======= + +* api-change:``application-autoscaling``: Amazon WorkSpaces customers can now use Application Auto Scaling to automatically scale the number of virtual desktops in a WorkSpaces pool. +* api-change:``chime-sdk-media-pipelines``: Added Amazon Transcribe multi language identification to Chime SDK call analytics. Enabling customers sending single stream audio to generate call recordings using Chime SDK call analytics +* api-change:``cloudfront``: Doc only update for CloudFront that fixes customer-reported issue +* api-change:``datazone``: This release supports the data lineage feature of business data catalog in Amazon DataZone. +* api-change:``elasticache``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``mq``: This release makes the EngineVersion field optional for both broker and configuration and uses the latest available version by default. The AutoMinorVersionUpgrade field is also now optional for broker creation and defaults to 'true'. +* api-change:``qconnect``: Adds CreateContentAssociation, ListContentAssociations, GetContentAssociation, and DeleteContentAssociation APIs. +* api-change:``quicksight``: Adding support for Repeating Sections, Nested Filters +* api-change:``rds``: Updates Amazon RDS documentation for TAZ export to S3. +* api-change:``sagemaker``: Add capability for Admins to customize Studio experience for the user by showing or hiding Apps and MLTools. +* api-change:``workspaces``: Added support for WorkSpaces Pools. + + +1.33.16 +======= + +* api-change:``controltower``: Added ListLandingZoneOperations API. +* api-change:``eks``: Added support for disabling unmanaged addons during cluster creation. +* api-change:``ivs-realtime``: IVS Real-Time now offers customers the ability to upload public keys for customer vended participant tokens. +* api-change:``kinesisanalyticsv2``: This release adds support for new ListApplicationOperations and DescribeApplicationOperation APIs. It adds a new configuration to enable system rollbacks, adds field ApplicationVersionCreateTimestamp for clarity and improves support for pagination for APIs. +* api-change:``opensearch``: This release adds support for enabling or disabling Natural Language Query Processing feature for Amazon OpenSearch Service domains, and provides visibility into the current state of the setup or tear-down. + + +1.33.15 +======= + +* api-change:``autoscaling``: Doc only update for Auto Scaling's TargetTrackingMetricDataQuery +* api-change:``ec2``: This release is for the launch of the new u7ib-12tb.224xlarge, R8g, c7gn.metal and mac2-m1ultra.metal instance types +* api-change:``networkmanager``: This is model changes & documentation update for the Asynchronous Error Reporting feature for AWS Cloud WAN. This feature allows customers to view errors that occur while their resources are being provisioned, enabling customers to fix their resources without needing external support. +* api-change:``workspaces-thin-client``: This release adds the deviceCreationTags field to CreateEnvironment API input, UpdateEnvironment API input and GetEnvironment API output. + + +1.33.14 +======= + +* api-change:``bedrock-runtime``: Increases Converse API's document name length +* api-change:``customer-profiles``: This release includes changes to ProfileObjectType APIs, adds functionality top set and get capacity for profile object types. +* api-change:``ec2``: Fix EC2 multi-protocol info in models. +* api-change:``qbusiness``: Allow enable/disable Q Apps when creating/updating a Q application; Return the Q Apps enablement information when getting a Q application. +* api-change:``ssm``: Add sensitive trait to SSM IPAddress property for CloudTrail redaction +* api-change:``workspaces-web``: Added ability to enable DeepLinking functionality on a Portal via UserSettings as well as added support for IdentityProvider resource tagging. + + +1.33.13 +======= + +* api-change:``bedrock-runtime``: This release adds document support to Converse and ConverseStream APIs +* api-change:``codeartifact``: Add support for the Cargo package format. +* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and generate optimization recommendations for Amazon RDS MySQL and RDS PostgreSQL. +* api-change:``cost-optimization-hub``: This release enables AWS Cost Optimization Hub to show cost optimization recommendations for Amazon RDS MySQL and RDS PostgreSQL. +* api-change:``dynamodb``: Doc-only update for DynamoDB. Fixed Important note in 6 Global table APIs - CreateGlobalTable, DescribeGlobalTable, DescribeGlobalTableSettings, ListGlobalTables, UpdateGlobalTable, and UpdateGlobalTableSettings. +* api-change:``glue``: Fix Glue paginators for Jobs, JobRuns, Triggers, Blueprints and Workflows. +* api-change:``ivs-realtime``: IVS Real-Time now offers customers the ability to record individual stage participants to S3. +* api-change:``sagemaker``: Adds support for model references in Hub service, and adds support for cross-account access of Hubs +* api-change:``securityhub``: Documentation updates for Security Hub + + +1.33.12 +======= + +* api-change:``artifact``: This release adds an acceptanceType field to the ReportSummary structure (used in the ListReports API response). +* api-change:``athena``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``cur``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``directconnect``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``elastictranscoder``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``opensearch``: This release enables customers to use JSON Web Tokens (JWT) for authentication on their Amazon OpenSearch Service domains. + + +1.33.11 +======= + +* api-change:``bedrock-runtime``: This release adds support for using Guardrails with the Converse and ConverseStream APIs. +* api-change:``cloudtrail``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``config``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``eks``: This release adds support to surface async fargate customer errors from async path to customer through describe-fargate-profile API response. +* api-change:``lightsail``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``polly``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``rekognition``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``sagemaker``: Launched a new feature in SageMaker to provide managed MLflow Tracking Servers for customers to track ML experiments. This release also adds a new capability of attaching additional storage to SageMaker HyperPod cluster instances. +* api-change:``shield``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``snowball``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. + + +1.33.10 +======= + +* api-change:``acm-pca``: Doc-only update that adds name constraints as an allowed extension for ImportCertificateAuthorityCertificate. +* api-change:``batch``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``codebuild``: AWS CodeBuild now supports global and organization GitHub webhooks +* api-change:``cognito-idp``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``ds``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``efs``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``glue``: This release introduces a new feature, Usage profiles. Usage profiles allow the AWS Glue admin to create different profiles for various classes of users within the account, enforcing limits and defaults for jobs and sessions. +* api-change:``mediaconvert``: This release includes support for creating I-frame only video segments for DASH trick play. +* api-change:``secretsmanager``: Doc only update for Secrets Manager +* api-change:``waf``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. + + +1.33.9 +====== + +* api-change:``datazone``: This release introduces a new default service blueprint for custom environment creation. +* api-change:``ec2``: Documentation updates for Amazon EC2. +* api-change:``macie2``: This release adds support for managing the status of automated sensitive data discovery for individual accounts in an organization, and determining whether individual S3 buckets are included in the scope of the analyses. +* api-change:``mediaconvert``: This release adds the ability to search for historical job records within the management console using a search box and/or via the SDK/CLI with partial string matching search on input file name. +* api-change:``route53domains``: Add v2 smoke tests and smithy smokeTests trait for SDK testing. + + +1.33.8 +====== + +* api-change:``cloudhsmv2``: Added support for hsm type hsm2m.medium. Added supported for creating a cluster in FIPS or NON_FIPS mode. +* api-change:``glue``: This release adds support for configuration of evaluation method for composite rules in Glue Data Quality rulesets. +* api-change:``iotwireless``: Add RoamingDeviceSNR and RoamingDeviceRSSI to Customer Metrics. +* api-change:``kms``: This feature allows customers to use their keys stored in KMS to derive a shared secret which can then be used to establish a secured channel for communication, provide proof of possession, or establish trust with other parties. +* api-change:``mediapackagev2``: This release adds support for CMAF ingest (DASH-IF live media ingest protocol interface 1) + + +1.33.7 +====== + +* api-change:``apptest``: AWS Mainframe Modernization Application Testing is an AWS Mainframe Modernization service feature that automates functional equivalence testing for mainframe application modernization and migration to AWS, and regression testing. +* api-change:``ec2``: Tagging support for Traffic Mirroring FilterRule resource +* api-change:``osis``: SDK changes for self-managed vpc endpoint to OpenSearch ingestion pipelines. +* api-change:``redshift``: Updates to remove DC1 and DS2 node types. +* api-change:``secretsmanager``: Introducing RotationToken parameter for PutSecretValue API +* api-change:``securitylake``: This release updates request validation regex to account for non-commercial aws partitions. +* api-change:``sesv2``: This release adds support for Amazon EventBridge as an email sending events destination. + + +1.33.6 +====== + +* api-change:``accessanalyzer``: IAM Access Analyzer now provides policy recommendations to help resolve unused permissions for IAM roles and users. Additionally, IAM Access Analyzer now extends its custom policy checks to detect when IAM policies grant public access or access to critical resources ahead of deployments. +* api-change:``guardduty``: Added API support for GuardDuty Malware Protection for S3. +* api-change:``networkmanager``: This is model changes & documentation update for Service Insertion feature for AWS Cloud WAN. This feature allows insertion of AWS/3rd party security services on Cloud WAN. This allows to steer inter/intra segment traffic via security appliances and provide visibility to the route updates. +* api-change:``pca-connector-scep``: Connector for SCEP allows you to use a managed, cloud CA to enroll mobile devices and networking gear. SCEP is a widely-adopted protocol used by mobile device management (MDM) solutions for enrolling mobile devices. With the connector, you can use AWS Private CA with popular MDM solutions. +* api-change:``sagemaker``: Introduced Scope and AuthenticationRequestExtraParams to SageMaker Workforce OIDC configuration; this allows customers to modify these options for their private Workforce IdP integration. Model Registry Cross-account model package groups are discoverable. + + +1.33.5 +====== + +* api-change:``application-signals``: This is the initial SDK release for Amazon CloudWatch Application Signals. Amazon CloudWatch Application Signals provides curated application performance monitoring for developers to monitor and troubleshoot application health using pre-built dashboards and Service Level Objectives. +* api-change:``ecs``: This release introduces a new cluster configuration to support the customer-managed keys for ECS managed storage encryption. +* api-change:``imagebuilder``: This release updates the regex pattern for Image Builder ARNs. + + +1.33.4 +====== + +* api-change:``auditmanager``: New feature: common controls. When creating custom controls, you can now use pre-grouped AWS data sources based on common compliance themes. Also, the awsServices parameter is deprecated because we now manage services in scope for you. If used, the input is ignored and an empty list is returned. +* api-change:``b2bi``: Added exceptions to B2Bi List operations and ConflictException to B2Bi StartTransformerJob operation. Also made capabilities field explicitly required when creating a Partnership. +* api-change:``codepipeline``: CodePipeline now supports overriding S3 Source Object Key during StartPipelineExecution, as part of Source Overrides. +* api-change:``sagemaker``: This release introduces a new optional parameter: InferenceAmiVersion, in ProductionVariant. +* api-change:``verifiedpermissions``: This release adds OpenIdConnect (OIDC) configuration support for IdentitySources, allowing for external IDPs to be used in authorization requests. + + +1.33.3 +====== + +* api-change:``account``: This release adds 3 new APIs (AcceptPrimaryEmailUpdate, GetPrimaryEmail, and StartPrimaryEmailUpdate) used to centrally manage the root user email address of member accounts within an AWS organization. +* api-change:``firehose``: Adds integration with Secrets Manager for Redshift, Splunk, HttpEndpoint, and Snowflake destinations +* api-change:``fsx``: This release adds support to increase metadata performance on FSx for Lustre file systems beyond the default level provisioned when a file system is created. This can be done by specifying MetadataConfiguration during the creation of Persistent_2 file systems or by updating it on demand. +* api-change:``glue``: This release adds support for creating and updating Glue Data Catalog Views. +* api-change:``iotwireless``: Adds support for wireless device to be in Conflict FUOTA Device Status due to a FUOTA Task, so it couldn't be attached to a new one. +* api-change:``location``: Added two new APIs, VerifyDevicePosition and ForecastGeofenceEvents. Added support for putting larger geofences up to 100,000 vertices with Geobuf fields. +* api-change:``sns``: Doc-only update for SNS. These changes include customer-reported issues and TXC3 updates. +* api-change:``sqs``: Doc only updates for SQS. These updates include customer-reported issues and TCX3 modifications. +* api-change:``storagegateway``: Adds SoftwareUpdatePreferences to DescribeMaintenanceStartTime and UpdateMaintenanceStartTime, a structure which contains AutomaticUpdatePolicy. + + +1.33.2 +====== + +* api-change:``globalaccelerator``: This release contains a new optional ip-addresses input field for the update accelerator and update custom routing accelerator apis. This input enables consumers to replace IPv4 addresses on existing accelerators with addresses provided in the input. +* api-change:``glue``: AWS Glue now supports native SaaS connectivity: Salesforce connector available now +* api-change:``s3``: Added new params copySource and key to copyObject API for supporting S3 Access Grants plugin. These changes will not change any of the existing S3 API functionality. +* bugfix:emr customization: Update the EC2 service principal when creating the trust policy for EMR default roles to always be ec2.amazonaws.com. + + +1.33.1 +====== + +* api-change:``ec2``: U7i instances with up to 32 TiB of DDR5 memory and 896 vCPUs are now available. C7i-flex instances are launched and are lower-priced variants of the Amazon EC2 C7i instances that offer a baseline level of CPU performance with the ability to scale up to the full compute performance 95% of the time. +* api-change:``pipes``: This release adds Timestream for LiveAnalytics as a supported target in EventBridge Pipes +* api-change:``sagemaker``: Extend DescribeClusterNode response with private DNS hostname and IP address, and placement information about availability zone and availability zone ID. +* api-change:``taxsettings``: Initial release of AWS Tax Settings API + + +1.33.0 +====== + +* api-change:``amplify``: This doc-only update identifies fields that are specific to Gen 1 and Gen 2 applications. +* api-change:``batch``: This release adds support for the AWS Batch GetJobQueueSnapshot API operation. +* api-change:``eks``: Adds support for EKS add-ons pod identity associations integration +* api-change:``iottwinmaker``: Support RESET_VALUE UpdateType for PropertyUpdates to reset property value to default or null +* feature:logs start-live-tail: Adds support for starting a live tail streaming session for one or more log groups. + + +1.32.117 +======== + +* api-change:``codebuild``: AWS CodeBuild now supports Self-hosted GitHub Actions runners for Github Enterprise +* api-change:``codeguru-security``: This release includes minor model updates and documentation updates. +* api-change:``elasticache``: Update to attributes of TestFailover and minor revisions. +* api-change:``launch-wizard``: This release adds support for describing workload deployment specifications, deploying additional workload types, and managing tags for Launch Wizard resources with API operations. + + +1.32.116 +======== + +* api-change:``acm``: add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``bedrock-agent``: With this release, Knowledge bases for Bedrock adds support for Titan Text Embedding v2. +* api-change:``bedrock-runtime``: This release adds Converse and ConverseStream APIs to Bedrock Runtime +* api-change:``cloudtrail``: CloudTrail Lake returns PartitionKeys in the GetEventDataStore API response. Events are grouped into partitions based on these keys for better query performance. For example, the calendarday key groups events by day, while combining the calendarday key with the hour key groups them by day and hour. +* api-change:``connect``: Adding associatedQueueIds as a SearchCriteria and response field to the SearchRoutingProfiles API +* api-change:``emr-serverless``: The release adds support for spark structured streaming. +* api-change:``rds``: Updates Amazon RDS documentation for Aurora Postgres DBname. +* api-change:``sagemaker``: Adds Model Card information as a new component to Model Package. Autopilot launches algorithm selection for TimeSeries modality to generate AutoML candidates per algorithm. +* bugfix:``ssm start-session``: Only provide profile name to session-manager-plugin if provided using --profile flag + + +1.32.115 +======== + +* api-change:``athena``: Throwing validation errors on CreateNotebook with Name containing `/`,`:`,`\` +* api-change:``codebuild``: AWS CodeBuild now supports manually creating GitHub webhooks +* api-change:``connect``: This release includes changes to DescribeContact API's response by including ConnectedToSystemTimestamp, RoutingCriteria, Customer, Campaign, AnsweringMachineDetectionStatus, CustomerVoiceActivity, QualityMetrics, DisconnectDetails, and SegmentAttributes information from a contact in Amazon Connect. +* api-change:``glue``: Add optional field JobMode to CreateJob and UpdateJob APIs. +* api-change:``securityhub``: Add ROOT type for TargetType model + + +1.32.114 +======== + +* api-change:``dynamodb``: Doc-only update for DynamoDB. Specified the IAM actions needed to authorize a user to create a table with a resource-based policy. +* api-change:``ec2``: Providing support to accept BgpAsnExtended attribute +* api-change:``kafka``: Adds ControllerNodeInfo in ListNodes response to support Raft mode for MSK +* api-change:``swf``: This release adds new APIs for deleting activity type and workflow type resources. + + +1.32.113 +======== + +* api-change:``dynamodb``: Documentation only updates for DynamoDB. +* api-change:``iotfleetwise``: AWS IoT FleetWise now supports listing vehicles with attributes filter, ListVehicles API is updated to support additional attributes filter. +* api-change:``managedblockchain``: This is a minor documentation update to address the impact of the shut down of the Goerli and Polygon networks. + + +1.32.112 +======== + +* api-change:``emr-serverless``: This release adds the capability to run interactive workloads using Apache Livy Endpoint. +* api-change:``opsworks``: Documentation-only update for OpsWorks Stacks. + + +1.32.111 +======== + +* api-change:``chatbot``: This change adds support for tagging Chatbot configurations. +* api-change:``cloudformation``: Added DeletionMode FORCE_DELETE_STACK for deleting a stack that is stuck in DELETE_FAILED state due to resource deletion failure. +* api-change:``kms``: This release includes feature to import customer's asymmetric (RSA, ECC and SM2) and HMAC keys into KMS in China. +* api-change:``opensearch``: This release adds support for enabling or disabling a data source configured as part of Zero-ETL integration with Amazon S3, by setting its status. +* api-change:``wafv2``: You can now use Security Lake to collect web ACL traffic data. + + +1.32.110 +======== + +* api-change:``cloudfront``: Model update; no change to SDK functionality. +* api-change:``glue``: Add Maintenance window to CreateJob and UpdateJob APIs and JobRun response. Add a new Job Run State for EXPIRED. +* api-change:``lightsail``: This release adds support for Amazon Lightsail instances to switch between dual-stack or IPv4 only and IPv6-only public IP address types. +* api-change:``mailmanager``: This release includes a new Amazon SES feature called Mail Manager, which is a set of email gateway capabilities designed to help customers strengthen their organization's email infrastructure, simplify email workflow management, and streamline email compliance control. +* api-change:``pi``: Performance Insights added a new input parameter called AuthorizedActions to support the fine-grained access feature. Performance Insights also restricted the acceptable input characters. +* api-change:``rds``: Updates Amazon RDS documentation for Db2 license through AWS Marketplace. +* api-change:``storagegateway``: Added new SMBSecurityStrategy enum named MandatoryEncryptionNoAes128, new mode enforces encryption and disables AES 128-bit algorithums. + + +1.32.109 +======== + +* api-change:``bedrock-agent``: This release adds support for using Guardrails with Bedrock Agents. +* api-change:``bedrock-agent-runtime``: This release adds support for using Guardrails with Bedrock Agents. +* api-change:``controltower``: Added ListControlOperations API and filtering support for ListEnabledControls API. Updates also includes added metadata for enabled controls and control operations. +* api-change:``osis``: Add support for creating an OpenSearch Ingestion pipeline that is attached to a provided VPC. Add information about the destinations of an OpenSearch Ingestion pipeline to the GetPipeline and ListPipelines APIs. +* api-change:``rds``: This release adds support for EngineLifecycleSupport on DBInstances, DBClusters, and GlobalClusters. +* api-change:``secretsmanager``: add v2 smoke tests and smithy smokeTests trait for SDK testing + + +1.32.108 +======== + +* api-change:``application-autoscaling``: add v2 smoke tests and smithy smokeTests trait for SDK testing. +* api-change:``codebuild``: Aws CodeBuild now supports 36 hours build timeout +* api-change:``elbv2``: This release adds dualstack-without-public-ipv4 IP address type for ALB. +* api-change:``lakeformation``: Introduces a new API, GetDataLakePrincipal, that returns the identity of the invoking principal +* api-change:``transfer``: Enable use of CloudFormation traits in Smithy model to improve generated CloudFormation schema from the Smithy API model. + + +1.32.107 +======== + +* api-change:``acm-pca``: This release adds support for waiters to fail on AccessDeniedException when having insufficient permissions +* api-change:``connect``: Adding Contact Flow metrics to the GetMetricDataV2 API +* api-change:``kafka``: AWS MSK support for Broker Removal. +* api-change:``mwaa``: Amazon MWAA now supports Airflow web server auto scaling to automatically handle increased demand from REST APIs, Command Line Interface (CLI), or more Airflow User Interface (UI) users. Customers can specify maximum and minimum web server instances during environment creation and update workflow. +* api-change:``quicksight``: This release adds DescribeKeyRegistration and UpdateKeyRegistration APIs to manage QuickSight Customer Managed Keys (CMK). +* api-change:``sagemaker``: Introduced WorkerAccessConfiguration to SageMaker Workteam. This allows customers to configure resource access for workers in a workteam. +* api-change:``secretsmanager``: Documentation updates for AWS Secrets Manager + + +1.32.106 +======== + +* api-change:``bedrock-agent-runtime``: Updating Bedrock Knowledge Base Metadata & Filters feature with two new filters listContains and stringContains +* api-change:``codebuild``: CodeBuild Reserved Capacity VPC Support +* api-change:``datasync``: Task executions now display a CANCELLING status when an execution is in the process of being cancelled. +* api-change:``grafana``: This release adds new ServiceAccount and ServiceAccountToken APIs. +* api-change:``medical-imaging``: Added support for importing medical imaging data from Amazon S3 buckets across accounts and regions. +* api-change:``securityhub``: Documentation-only update for AWS Security Hub + + +1.32.105 +======== + +* api-change:``connect``: Amazon Connect provides enhanced search capabilities for flows & flow modules on the Connect admin website and programmatically using APIs. You can search for flows and flow modules by name, description, type, status, and tags, to filter and identify a specific flow in your Connect instances. +* api-change:``s3``: Updated a few x-id in the http uri traits + + +1.32.104 +======== + +* api-change:``events``: Amazon EventBridge introduces KMS customer-managed key (CMK) encryption support for custom and partner events published on EventBridge Event Bus (including default bus) and UpdateEventBus API. +* api-change:``vpc-lattice``: This release adds TLS Passthrough support. It also increases max number of target group per rule to 10. + + +1.32.103 +======== + +* api-change:``discovery``: add v2 smoke tests and smithy smokeTests trait for SDK testing +* api-change:``greengrassv2``: Mark ComponentVersion in ComponentDeploymentSpecification as required. +* api-change:``sagemaker``: Introduced support for G6 instance types on Sagemaker Notebook Instances and on SageMaker Studio for JupyterLab and CodeEditor applications. +* api-change:``sso-oidc``: Updated request parameters for PKCE support. + + +1.32.102 +======== + +* api-change:``bedrock-agent-runtime``: This release adds support to provide guardrail configuration and modify inference parameters that are then used in RetrieveAndGenerate API in Agents for Amazon Bedrock. +* api-change:``pinpoint``: This release adds support for specifying email message headers for Email Templates, Campaigns, Journeys and Send Messages. +* api-change:``route53resolver``: Update the DNS Firewall settings to correct a spelling issue. +* api-change:``ssm-sap``: Added support for application-aware start/stop of SAP applications running on EC2 instances, with SSM for SAP +* api-change:``verifiedpermissions``: Adds policy effect and actions fields to Policy API's. + + +1.32.101 +======== + +* api-change:``cognito-idp``: Add EXTERNAL_PROVIDER enum value to UserStatusType. +* api-change:``ec2``: Adding Precision Hardware Clock (PHC) to public API DescribeInstanceTypes +* api-change:``ecr``: This release adds pull through cache rules support for GitLab container registry in Amazon ECR. +* api-change:``fms``: The policy scope resource tag is always a string value, either a non-empty string or an empty string. +* api-change:``polly``: Add new engine - generative - that builds the most expressive conversational voices. +* api-change:``sqs``: This release adds MessageSystemAttributeNames to ReceiveMessageRequest to replace AttributeNames. + + +1.32.100 +======== + +* api-change:``b2bi``: Documentation update to clarify the MappingTemplate definition. +* api-change:``budgets``: This release adds tag support for budgets and budget actions. +* api-change:``resiliencehub``: AWS Resilience Hub has expanded its drift detection capabilities by introducing a new type of drift detection - application resource drift. This new enhancement detects changes, such as the addition or deletion of resources within the application's input sources. +* api-change:``route53profiles``: Doc only update for Route 53 profiles that fixes some link issues + + +1.32.99 +======= + +* api-change:``medialive``: AWS Elemental MediaLive now supports configuring how SCTE 35 passthrough triggers segment breaks in HLS and MediaPackage output groups. Previously, messages triggered breaks in all these output groups. The new option is to trigger segment breaks only in groups that have SCTE 35 passthrough enabled. + + +1.32.98 +======= + +* api-change:``bedrock-agent``: This release adds support for using Provisioned Throughput with Bedrock Agents. +* api-change:``connect``: This release adds 5 new APIs for managing attachments: StartAttachedFileUpload, CompleteAttachedFileUpload, GetAttachedFile, BatchGetAttachedFileMetadata, DeleteAttachedFile. These APIs can be used to programmatically upload and download attachments to Connect resources, like cases. +* api-change:``connectcases``: This feature supports the release of Files related items +* api-change:``datasync``: Updated guidance on using private or self-signed certificate authorities (CAs) with AWS DataSync object storage locations. +* api-change:``inspector2``: This release adds CSV format to GetCisScanReport for Inspector v2 +* api-change:``sagemaker``: Amazon SageMaker Inference now supports m6i, c6i, r6i, m7i, c7i, r7i and g5 instance types for Batch Transform Jobs +* api-change:``sesv2``: Adds support for specifying replacement headers per BulkEmailEntry in SendBulkEmail in SESv2. + + +1.32.97 +======= + +* api-change:``dynamodb``: This release adds support to specify an optional, maximum OnDemandThroughput for DynamoDB tables and global secondary indexes in the CreateTable or UpdateTable APIs. You can also override the OnDemandThroughput settings by calling the ImportTable, RestoreFromPointInTime, or RestoreFromBackup APIs. +* api-change:``ec2``: This release includes a new API for retrieving the public endorsement key of the EC2 instance's Nitro Trusted Platform Module (NitroTPM). +* api-change:``personalize``: This releases ability to delete users and their data, including their metadata and interactions data, from a dataset group. +* api-change:``redshift-serverless``: Update Redshift Serverless List Scheduled Actions Output Response to include Namespace Name. + + +1.32.96 +======= + +* api-change:``bedrock-agent``: This release adds support for using MongoDB Atlas as a vector store when creating a knowledge base. +* api-change:``ec2``: Documentation updates for Amazon EC2. +* api-change:``personalize-runtime``: This release adds support for a Reason attribute for predicted items generated by User-Personalization-v2. +* api-change:``securityhub``: Updated CreateMembers API request with limits. +* api-change:``sesv2``: Fixes ListContacts and ListImportJobs APIs to use POST instead of GET. + + +1.32.95 +======= + +* api-change:``chime-sdk-voice``: Due to changes made by the Amazon Alexa service, GetSipMediaApplicationAlexaSkillConfiguration and PutSipMediaApplicationAlexaSkillConfiguration APIs are no longer available for use. For more information, refer to the Alexa Smart Properties page. +* api-change:``codeartifact``: Add support for the Ruby package format. +* api-change:``fms``: AWS Firewall Manager now supports the network firewall service stream exception policy feature for accounts within your organization. +* api-change:``omics``: Add support for workflow sharing and dynamic run storage +* api-change:``opensearch``: This release enables customers to create Route53 A and AAAA alias record types to point custom endpoint domain to OpenSearch domain's dualstack search endpoint. +* api-change:``pinpoint-sms-voice-v2``: Amazon Pinpoint has added two new features Multimedia services (MMS) and protect configurations. Use the three new MMS APIs to send media messages to a mobile phone which includes image, audio, text, or video files. Use the ten new protect configurations APIs to block messages to specific countries. +* api-change:``qbusiness``: This is a general availability (GA) release of Amazon Q Business. Q Business enables employees in an enterprise to get comprehensive answers to complex questions and take actions through a unified, intuitive web-based chat experience - using an enterprise's existing content, data, and systems. +* api-change:``quicksight``: New Q embedding supporting Generative Q&A +* api-change:``route53resolver``: Release of FirewallDomainRedirectionAction parameter on the Route 53 DNS Firewall Rule. This allows customers to configure a DNS Firewall rule to inspect all the domains in the DNS redirection chain (default) , such as CNAME, ALIAS, DNAME, etc., or just the first domain and trust the rest. +* api-change:``sagemaker``: Amazon SageMaker Training now supports the use of attribute-based access control (ABAC) roles for training job execution roles. Amazon SageMaker Inference now supports G6 instance types. +* api-change:``signer``: Documentation updates for AWS Signer. Adds cross-account signing constraint and definitions for cross-account actions. + + +1.32.94 +======= + +* api-change:``amplify``: Updating max results limit for listing any resources (Job, Artifacts, Branch, BackendResources, DomainAssociation) to 50 with the exception of list apps that where max results can be up to 100. +* api-change:``connectcases``: This feature releases DeleteField, DeletedLayout, and DeleteTemplate API's +* api-change:``inspector2``: Update Inspector2 to include new Agentless API parameters. +* api-change:``timestream-query``: This change allows users to update and describe account settings associated with their accounts. +* api-change:``transcribe``: This update provides error messaging for generative call summarization in Transcribe Call Analytics +* api-change:``trustedadvisor``: This release adds the BatchUpdateRecommendationResourceExclusion API to support batch updates of Recommendation Resource exclusion statuses and introduces a new exclusion status filter to the ListRecommendationResources and ListOrganizationRecommendationResources APIs. + + +1.32.93 +======= + +* api-change:``codepipeline``: Add ability to manually and automatically roll back a pipeline stage to a previously successful execution. +* api-change:``cognito-idp``: Add LimitExceededException to SignUp errors +* api-change:``connectcampaigns``: This release adds support for specifying if Answering Machine should wait for prompt sound. +* api-change:``marketplace-entitlement``: Releasing minor endpoint updates. +* api-change:``oam``: This release introduces support for Source Accounts to define which Metrics and Logs to share with the Monitoring Account +* api-change:``rds``: SupportsLimitlessDatabase field added to describe-db-engine-versions to indicate whether the DB engine version supports Aurora Limitless Database. +* api-change:``support``: Releasing minor endpoint updates. +* enhancement:dependency: Bump upper bound of colorama to <0.4.7; fixes `#7086 `__ + + +1.32.92 +======= + +* api-change:``appsync``: UpdateGraphQLAPI documentation update and datasource introspection secret arn update +* api-change:``fms``: AWS Firewall Manager adds support for network ACL policies to manage Amazon Virtual Private Cloud (VPC) network access control lists (ACLs) for accounts in your organization. +* api-change:``ivs``: Bug Fix: IVS does not support arns with the `svs` prefix +* api-change:``ivs-realtime``: Bug Fix: IVS Real Time does not support ARNs using the `svs` prefix. +* api-change:``rds``: Updates Amazon RDS documentation for setting local time zones for RDS for Db2 DB instances. +* api-change:``stepfunctions``: Add new ValidateStateMachineDefinition operation, which performs syntax checking on the definition of a Amazon States Language (ASL) state machine. + + +1.32.91 +======= + +* api-change:``datasync``: This change allows users to disable and enable the schedules associated with their tasks. +* api-change:``ec2``: Launching capability for customers to enable or disable automatic assignment of public IPv4 addresses to their network interface +* api-change:``emr-containers``: EMRonEKS Service support for SecurityConfiguration enforcement for Spark Jobs. +* api-change:``entityresolution``: Support Batch Unique IDs Deletion. +* api-change:``gamelift``: Amazon GameLift releases container fleets support for public preview. Deploy Linux-based containerized game server software for hosting on Amazon GameLift. +* api-change:``ssm``: Add SSM DescribeInstanceProperties API to public AWS SDK. + + +1.32.90 +======= + +* api-change:``bedrock``: This release introduces Model Evaluation and Guardrails for Amazon Bedrock. +* api-change:``bedrock-agent``: Introducing the ability to create multiple data sources per knowledge base, specify S3 buckets as data sources from external accounts, and exposing levers to define the deletion behavior of the underlying vector store data. +* api-change:``bedrock-agent-runtime``: This release introduces zero-setup file upload support for the RetrieveAndGenerate API. This allows you to chat with your data without setting up a Knowledge Base. +* api-change:``bedrock-runtime``: This release introduces Guardrails for Amazon Bedrock. +* api-change:``ce``: Added additional metadata that might be applicable to your reservation recommendations. +* api-change:``ec2``: This release introduces EC2 AMI Deregistration Protection, a new AMI property that can be enabled by customers to protect an AMI against an unintended deregistration. This release also enables the AMI owners to view the AMI 'LastLaunchedTime' in DescribeImages API. +* api-change:``pi``: Clarifies how aggregation works for GetResourceMetrics in the Performance Insights API. +* api-change:``rds``: Fix the example ARN for ModifyActivityStreamRequest +* api-change:``workspaces-web``: Added InstanceType and MaxConcurrentSessions parameters on CreatePortal and UpdatePortal Operations as well as the ability to read Customer Managed Key & Additional Encryption Context parameters on supported resources (Portal, BrowserSettings, UserSettings, IPAccessSettings) + + +1.32.89 +======= + +* api-change:``bedrock-agent``: Releasing the support for simplified configuration and return of control +* api-change:``bedrock-agent-runtime``: Releasing the support for simplified configuration and return of control +* api-change:``payment-cryptography``: Adding support to TR-31/TR-34 exports for optional headers, allowing customers to add additional metadata (such as key version and KSN) when exporting keys from the service. +* api-change:``redshift-serverless``: Updates description of schedule field for scheduled actions. +* api-change:``route53profiles``: Route 53 Profiles allows you to apply a central DNS configuration across many VPCs regardless of account. +* api-change:``sagemaker``: This release adds support for Real-Time Collaboration and Shared Space for JupyterLab App on SageMaker Studio. +* api-change:``servicediscovery``: This release adds examples to several Cloud Map actions. +* api-change:``transfer``: Adding new API to support remote directory listing using SFTP connector + + +1.32.88 +======= + +* api-change:``glue``: Adding RowFilter in the response for GetUnfilteredTableMetadata API +* api-change:``internetmonitor``: This update introduces the GetInternetEvent and ListInternetEvents APIs, which provide access to internet events displayed on the Amazon CloudWatch Internet Weather Map. +* api-change:``personalize``: This releases auto training capability while creating a solution and automatically syncing latest solution versions when creating/updating a campaign + + +1.32.87 +======= + +* api-change:``drs``: Outpost ARN added to Source Server and Recovery Instance +* api-change:``emr-serverless``: This release adds the capability to publish detailed Spark engine metrics to Amazon Managed Service for Prometheus (AMP) for enhanced monitoring for Spark jobs. +* api-change:``guardduty``: Added IPv6Address fields for local and remote IP addresses +* api-change:``quicksight``: This release adds support for the Cross Sheet Filter and Control features, and support for warnings in asset imports for any permitted errors encountered during execution +* api-change:``rolesanywhere``: This release introduces the PutAttributeMapping and DeleteAttributeMapping APIs. IAM Roles Anywhere now provides the capability to define a set of mapping rules, allowing customers to specify which data is extracted from their X.509 end-entity certificates. +* api-change:``sagemaker``: Removed deprecated enum values and updated API documentation. +* api-change:``workspaces``: Adds new APIs for managing and sharing WorkSpaces BYOL configuration across accounts. + + +1.32.86 +======= + +* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2). +* api-change:``qbusiness``: This release adds support for IAM Identity Center (IDC) as the identity gateway for Q Business. It also allows users to provide an explicit intent for Q Business to identify how the Chat request should be handled. + + +1.32.85 +======= + +* api-change:``bedrock-agent``: For Create Agent API, the agentResourceRoleArn parameter is no longer required. +* api-change:``emr-serverless``: This release adds support for shuffle optimized disks that allow larger disk sizes and higher IOPS to efficiently run shuffle heavy workloads. +* api-change:``entityresolution``: Cross Account Resource Support . +* api-change:``iotwireless``: Add PublicGateways in the GetWirelessStatistics call response, indicating the LoRaWAN public network accessed by the device. +* api-change:``lakeformation``: This release adds Lake Formation managed RAM support for the 4 APIs - "DescribeLakeFormationIdentityCenterConfiguration", "CreateLakeFormationIdentityCenterConfiguration", "DescribeLakeFormationIdentityCenterConfiguration", and "DeleteLakeFormationIdentityCenterConfiguration" +* api-change:``m2``: Adding new ListBatchJobRestartPoints API and support for restart batch job. +* api-change:``mediapackagev2``: Dash v2 is a MediaPackage V2 feature to support egressing on DASH manifest format. +* api-change:``outposts``: This release adds new APIs to allow customers to configure their Outpost capacity at order-time. +* api-change:``wellarchitected``: AWS Well-Architected now has a Connector for Jira to allow customers to efficiently track workload risks and improvement efforts and create closed-loop mechanisms. + + +1.32.84 +======= + +* api-change:``cloudformation``: Adding support for the new parameter "IncludePropertyValues" in the CloudFormation DescribeChangeSet API. When this parameter is included, the DescribeChangeSet response will include more detailed information such as before and after values for the resource properties that will change. +* api-change:``config``: Updates documentation for AWS Config +* api-change:``glue``: Modifying request for GetUnfilteredTableMetadata for view-related fields. +* api-change:``healthlake``: Added new CREATE_FAILED status for data stores. Added new errorCause to DescribeFHIRDatastore API and ListFHIRDatastores API response for additional insights into data store creation and deletion workflows. +* api-change:``iotfleethub``: Documentation updates for AWS IoT Fleet Hub to clarify that Fleet Hub supports organization instance of IAM Identity Center. +* api-change:``kms``: This feature supports the ability to specify a custom rotation period for automatic key rotations, the ability to perform on-demand key rotations, and visibility into your key material rotations. +* api-change:``mediatailor``: Added InsertionMode to PlaybackConfigurations. This setting controls whether players can use stitched or guided ad insertion. The default for players that do not specify an insertion mode is stitched. +* api-change:``neptune-graph``: Update to API documentation to resolve customer reported issues. +* api-change:``outposts``: This release adds EXPEDITORS as a valid shipment carrier. +* api-change:``redshift``: Adds support for Amazon Redshift DescribeClusterSnapshots API to include Snapshot ARN response field. +* api-change:``transfer``: This change releases support for importing self signed certificates to the Transfer Family for sending outbound file transfers over TLS/HTTPS. + + +1.32.83 +======= + +* api-change:``batch``: This release adds the task properties field to attempt details and the name field on EKS container detail. +* api-change:``cloudfront``: CloudFront origin access control extends support to AWS Lambda function URLs and AWS Elemental MediaPackage v2 origins. +* api-change:``cloudwatch``: This release adds support for Metric Characteristics for CloudWatch Anomaly Detection. Anomaly Detector now takes Metric Characteristics object with Periodic Spikes boolean field that tells Anomaly Detection that spikes that repeat at the same time every week are part of the expected pattern. +* api-change:``codebuild``: Support access tokens for Bitbucket sources +* api-change:``iam``: For CreateOpenIDConnectProvider API, the ThumbprintList parameter is no longer required. +* api-change:``medialive``: AWS Elemental MediaLive introduces workflow monitor, a new feature that enables the visualization and monitoring of your media workflows. Create signal maps of your existing workflows and monitor them by creating notification and monitoring template groups. +* api-change:``omics``: This release adds support for retrieval of S3 direct access metadata on sequence stores and read sets, and adds support for SHA256up and SHA512up HealthOmics ETags. +* api-change:``pipes``: LogConfiguration ARN validation fixes +* api-change:``rds``: Updates Amazon RDS documentation for Standard Edition 2 support in RDS Custom for Oracle. +* api-change:``s3control``: Documentation updates for Amazon S3-control. + + +1.32.82 +======= + +* api-change:``cleanrooms``: AWS Clean Rooms Differential Privacy is now fully available. Differential privacy protects against user-identification attempts. +* api-change:``connect``: This release adds new Submit Auto Evaluation Action for Amazon Connect Rules. +* api-change:``networkmonitor``: Examples were added to CloudWatch Network Monitor commands. +* api-change:``qconnect``: This release adds a new QiC public API updateSession and updates an existing QiC public API createSession +* api-change:``rekognition``: Added support for ContentType to content moderation detections. +* api-change:``supplychain``: This release includes API SendDataIntegrationEvent for AWS Supply Chain +* api-change:``workspaces-thin-client``: Adding tags field to SoftwareSet. Removing tags fields from Summary objects. Changing the list of exceptions in tagging APIs. Fixing an issue where the SDK returns empty tags in Get APIs. + + +1.32.81 +======= + +* api-change:``codebuild``: Add new webhook filter types for GitHub webhooks +* api-change:``mediaconvert``: This release includes support for bringing your own fonts to use for burn-in or DVB-Sub captioning workflows. +* api-change:``pinpoint``: The OrchestrationSendingRoleArn has been added to the email channel and is used to send emails from campaigns or journeys. +* api-change:``rds``: This release adds support for specifying the CA certificate to use for the new db instance when restoring from db snapshot, restoring from s3, restoring to point in time, and creating a db instance read replica. + + +1.32.80 +======= + +* api-change:``controlcatalog``: This is the initial SDK release for AWS Control Catalog, a central catalog for AWS managed controls. This release includes 3 new APIs - ListDomains, ListObjectives, and ListCommonControls - that vend high-level data to categorize controls across the AWS platform. +* api-change:``mgn``: Added USE_SOURCE as default option to LaunchConfigurationTemplate bootMode parameter. +* api-change:``networkmonitor``: Updated the allowed monitorName length for CloudWatch Network Monitor. + + +1.32.79 +======= + +* api-change:``quicksight``: Adding IAMIdentityCenterInstanceArn parameter to CreateAccountSubscription +* api-change:``resource-groups``: Added a new QueryErrorCode RESOURCE_TYPE_NOT_SUPPORTED that is returned by the ListGroupResources operation if the group query contains unsupported resource types. +* api-change:``verifiedpermissions``: Adding BatchIsAuthorizedWithToken API which supports multiple authorization requests against a PolicyStore given a bearer token. + + +1.32.78 +======= + +* api-change:``b2bi``: Adding support for X12 5010 HIPAA EDI version and associated transaction sets. +* api-change:``cleanrooms``: Feature: New schemaStatusDetails field to the existing Schema object that displays a status on Schema API responses to show whether a schema is queryable or not. New BatchGetSchemaAnalysisRule API to retrieve multiple schemaAnalysisRules using a single API call. +* api-change:``ec2``: Amazon EC2 G6 instances powered by NVIDIA L4 Tensor Core GPUs can be used for a wide range of graphics-intensive and machine learning use cases. Gr6 instances also feature NVIDIA L4 GPUs and can be used for graphics workloads with higher memory requirements. +* api-change:``emr-containers``: This release adds support for integration with EKS AccessEntry APIs to enable automatic Cluster Access for EMR on EKS. +* api-change:``ivs``: API update to include an SRT ingest endpoint and passphrase for all channels. +* api-change:``verifiedpermissions``: Adds GroupConfiguration field to Identity Source API's + + +1.32.77 +======= + +* api-change:``cleanroomsml``: The release includes a public SDK for AWS Clean Rooms ML APIs, making them globally available to developers worldwide. +* api-change:``cloudformation``: This release would return a new field - PolicyAction in cloudformation's existed DescribeChangeSetResponse, showing actions we are going to apply on the physical resource (e.g., Delete, Retain) according to the user's template +* api-change:``datazone``: This release supports the feature of dataQuality to enrich asset with dataQualityResult in Amazon DataZone. +* api-change:``docdb``: This release adds Global Cluster Switchover capability which enables you to change your global cluster's primary AWS Region, the region that serves writes, while preserving the replication between all regions in the global cluster. +* api-change:``groundstation``: This release adds visibilityStartTime and visibilityEndTime to DescribeContact and ListContacts responses. +* api-change:``lambda``: Add Ruby 3.3 (ruby3.3) support to AWS Lambda +* api-change:``medialive``: Cmaf Ingest outputs are now supported in Media Live +* api-change:``medical-imaging``: SearchImageSets API now supports following enhancements - Additional support for searching on UpdatedAt and SeriesInstanceUID - Support for searching existing filters between dates/times - Support for sorting the search result by Ascending/Descending - Additional parameters returned in the response +* api-change:``transfer``: Add ability to specify Security Policies for SFTP Connectors + + +1.32.76 +======= + +* api-change:``ecs``: Documentation only update for Amazon ECS. +* api-change:``glue``: Adding View related fields to responses of read-only Table APIs. +* api-change:``ivschat``: Doc-only update. Changed "Resources" to "Key Concepts" in docs and updated text. +* api-change:``rolesanywhere``: This release increases the limit on the roleArns request parameter for the *Profile APIs that support it. This parameter can now take up to 250 role ARNs. +* api-change:``securityhub``: Documentation updates for AWS Security Hub + + +1.32.75 +======= + +* api-change:``cloudwatch``: This release adds support for CloudWatch Anomaly Detection on cross-account metrics. SingleMetricAnomalyDetector and MetricDataQuery inputs to Anomaly Detection APIs now take an optional AccountId field. +* api-change:``datazone``: This release supports the feature of AI recommendations for descriptions to enrich the business data catalog in Amazon DataZone. +* api-change:``deadline``: AWS Deadline Cloud is a new fully managed service that helps customers set up, deploy, and scale rendering projects in minutes, so they can improve the efficiency of their rendering pipelines and take on more projects. +* api-change:``emr``: This release fixes a broken link in the documentation. +* api-change:``lightsail``: This release adds support to upgrade the TLS version of the distribution. + + +1.32.74 +======= + +* api-change:``b2bi``: Supporting new EDI X12 transaction sets for X12 versions 4010, 4030, and 5010. +* api-change:``codebuild``: Add new fleet status code for Reserved Capacity. +* api-change:``codeconnections``: Duplicating the CodeStar Connections service into the new, rebranded AWS CodeConnections service. +* api-change:``internetmonitor``: This release adds support to allow customers to track cross account monitors through ListMonitor, GetMonitor, ListHealthEvents, GetHealthEvent, StartQuery APIs. +* api-change:``iotwireless``: Add support for retrieving key historical and live metrics for LoRaWAN devices and gateways +* api-change:``marketplace-catalog``: This release enhances the ListEntities API to support ResaleAuthorizationId filter and sort for OfferEntity in the request and the addition of a ResaleAuthorizationId field in the response of OfferSummary. +* api-change:``neptune-graph``: Add the new API Start-Import-Task for Amazon Neptune Analytics. +* api-change:``sagemaker``: This release adds support for custom images for the CodeEditor App on SageMaker Studio +* enhancement:``s3``: Add parameter to validate source and destination S3 URIs to the ``mv`` command. + + +1.32.73 +======= + +* api-change:``codecatalyst``: This release adds support for understanding pending changes to subscriptions by including two new response parameters for the GetSubscription API for Amazon CodeCatalyst. +* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and generate recommendations with a new customization preference, Memory Utilization. +* api-change:``ec2``: Amazon EC2 C7gd, M7gd and R7gd metal instances with up to 3.8 TB of local NVMe-based SSD block-level storage have up to 45% improved real-time NVMe storage performance than comparable Graviton2-based instances. +* api-change:``eks``: Add multiple customer error code to handle customer caused failure when managing EKS node groups +* api-change:``guardduty``: Add EC2 support for GuardDuty Runtime Monitoring auto management. +* api-change:``neptune-graph``: Update ImportTaskCancelled waiter to evaluate task state correctly and minor documentation changes. +* api-change:``oam``: This release adds support for sharing AWS::InternetMonitor::Monitor resources. +* api-change:``quicksight``: Amazon QuickSight: Adds support for setting up VPC Endpoint restrictions for accessing QuickSight Website. + + +1.32.72 +======= + +* api-change:``batch``: This feature allows AWS Batch to support configuration of imagePullSecrets and allowPrivilegeEscalation for jobs running on EKS +* api-change:``bedrock-agent``: This changes introduces metadata documents statistics and also updates the documentation for bedrock agent. +* api-change:``bedrock-agent-runtime``: This release introduces filtering support on Retrieve and RetrieveAndGenerate APIs. +* api-change:``elasticache``: Added minimum capacity to Amazon ElastiCache Serverless. This feature allows customer to ensure minimum capacity even without current load +* api-change:``secretsmanager``: Documentation updates for Secrets Manager + + +1.32.71 +======= + +* api-change:``bedrock-agent-runtime``: This release adds support to customize prompts sent through the RetrieveAndGenerate API in Agents for Amazon Bedrock. +* api-change:``ce``: Adds support for backfill of cost allocation tags, with new StartCostAllocationTagBackfill and ListCostAllocationTagBackfillHistory API. +* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2). +* api-change:``ecs``: This is a documentation update for Amazon ECS. +* api-change:``finspace``: Add new operation delete-kx-cluster-node and add status parameter to list-kx-cluster-node operation. + + +1.32.70 +======= + +* api-change:``codebuild``: Supporting GitLab and GitLab Self Managed as source types in AWS CodeBuild. +* api-change:``ec2``: Added support for ModifyInstanceMetadataDefaults and GetInstanceMetadataDefaults to set Instance Metadata Service account defaults +* api-change:``ecs``: Documentation only update for Amazon ECS. +* api-change:``emr-containers``: This release increases the number of supported job template parameters from 20 to 100. +* api-change:``globalaccelerator``: AWS Global Accelerator now supports cross-account sharing for bring your own IP addresses. +* api-change:``medialive``: Exposing TileMedia H265 options +* api-change:``sagemaker``: Introduced support for the following new instance types on SageMaker Studio for JupyterLab and CodeEditor applications: m6i, m6id, m7i, c6i, c6id, c7i, r6i, r6id, r7i, and p5 + + +1.32.69 +======= + +* api-change:``firehose``: Updates Amazon Firehose documentation for message regarding Enforcing Tags IAM Policy. +* api-change:``kendra``: Documentation update, March 2024. Corrects some docs for Amazon Kendra. +* api-change:``pricing``: Add ResourceNotFoundException to ListPriceLists and GetPriceListFileUrl APIs +* api-change:``rolesanywhere``: This release relaxes constraints on the durationSeconds request parameter for the *Profile APIs that support it. This parameter can now take on values that go up to 43200. +* api-change:``securityhub``: Added new resource detail object to ASFF, including resource for LastKnownExploitAt + + +1.32.68 +======= + +* api-change:``codeartifact``: This release adds Package groups to CodeArtifact so you can more conveniently configure package origin controls for multiple packages. + + +1.32.67 +======= + +* api-change:``accessanalyzer``: This release adds support for policy validation and external access findings for DynamoDB tables and streams. IAM Access Analyzer helps you author functional and secure resource-based policies and identify cross-account access. Updated service API, documentation, and paginators. +* api-change:``codebuild``: This release adds support for new webhook events (RELEASED and PRERELEASED) and filter types (TAG_NAME and RELEASE_NAME). +* api-change:``connect``: This release updates the *InstanceStorageConfig APIs to support a new ResourceType: REAL_TIME_CONTACT_ANALYSIS_CHAT_SEGMENTS. Use this resource type to enable streaming for real-time analysis of chat contacts and to associate a Kinesis stream where real-time analysis chat segments will be published. +* api-change:``dynamodb``: This release introduces 3 new APIs ('GetResourcePolicy', 'PutResourcePolicy' and 'DeleteResourcePolicy') and modifies the existing 'CreateTable' API for the resource-based policy support. It also modifies several APIs to accept a 'TableArn' for the 'TableName' parameter. +* api-change:``managedblockchain-query``: AMB Query: update GetTransaction to include transactionId as input +* api-change:``savingsplans``: Introducing the Savings Plans Return feature enabling customers to return their Savings Plans within 7 days of purchase. + + +1.32.66 +======= + +* api-change:``cloudformation``: Documentation update, March 2024. Corrects some formatting. +* api-change:``ec2``: This release adds the new DescribeMacHosts API operation for getting information about EC2 Mac Dedicated Hosts. Users can now see the latest macOS versions that their underlying Apple Mac can support without needing to be updated. +* api-change:``finspace``: Adding new attributes readWrite and onDemand to dataview models for Database Maintenance operations. +* api-change:``logs``: Update LogSamples field in Anomaly model to be a list of LogEvent +* api-change:``managedblockchain-query``: Introduces a new API for Amazon Managed Blockchain Query: ListFilteredTransactionEvents. + + +1.32.65 +======= + +* api-change:``cloudformation``: This release supports for a new API ListStackSetAutoDeploymentTargets, which provider auto-deployment configuration as a describable resource. Customers can now view the specific combinations of regions and OUs that are being auto-deployed. +* api-change:``kms``: Adds the ability to use the default policy name by omitting the policyName parameter in calls to PutKeyPolicy and GetKeyPolicy +* api-change:``mediatailor``: This release adds support to allow customers to show different content within a channel depending on metadata associated with the viewer. +* api-change:``rds``: This release launches the ModifyIntegration API and support for data filtering for zero-ETL Integrations. +* api-change:``s3``: Fix two issues with response root node names. +* api-change:``timestream-query``: Documentation updates, March 2024 + + +1.32.64 +======= + +* api-change:``backup``: This release introduces a boolean attribute ManagedByAWSBackupOnly as part of ListRecoveryPointsByResource api to filter the recovery points based on ownership. This attribute can be used to filter out the recovery points protected by AWSBackup. +* api-change:``codebuild``: AWS CodeBuild now supports overflow behavior on Reserved Capacity. +* api-change:``connect``: This release adds Hierarchy based Access Control fields to Security Profile public APIs and adds support for UserAttributeFilter to SearchUsers API. +* api-change:``ec2``: Add media accelerator and neuron device information on the describe instance types API. +* api-change:``kinesisanalyticsv2``: Support for Flink 1.18 in Managed Service for Apache Flink +* api-change:``s3``: Documentation updates for Amazon S3. +* api-change:``sagemaker``: Adds m6i, m6id, m7i, c6i, c6id, c7i, r6i r6id, r7i, p5 instance type support to Sagemaker Notebook Instances and miscellaneous wording fixes for previous Sagemaker documentation. +* api-change:``workspaces-thin-client``: Removed unused parameter kmsKeyArn from UpdateDeviceRequest + + +1.32.63 +======= + +* api-change:``amplify``: Documentation updates for Amplify. Identifies the APIs available only to apps created using Amplify Gen 1. +* api-change:``ec2-instance-connect``: This release includes a new exception type "SerialConsoleSessionUnsupportedException" for SendSerialConsoleSSHPublicKey API. +* api-change:``elbv2``: This release allows you to configure HTTP client keep-alive duration for communication between clients and Application Load Balancers. +* api-change:``fis``: This release adds support for previewing target resources before running a FIS experiment. It also adds resource ARNs for actions, experiments, and experiment templates to API responses. +* api-change:``rds``: Updates Amazon RDS documentation for EBCDIC collation for RDS for Db2. +* api-change:``secretsmanager``: Doc only update for Secrets Manager +* api-change:``timestream-influxdb``: This is the initial SDK release for Amazon Timestream for InfluxDB. Amazon Timestream for InfluxDB is a new time-series database engine that makes it easy for application developers and DevOps teams to run InfluxDB databases on AWS for near real-time time-series applications using open source APIs. + + +1.32.62 +======= + +* api-change:``ivs-realtime``: adds support for multiple new composition layout configuration options (grid, pip) +* api-change:``kinesisanalyticsv2``: Support new RuntimeEnvironmentUpdate parameter within UpdateApplication API allowing callers to change the Flink version upon which their application runs. +* api-change:``s3``: This release makes the default option for S3 on Outposts request signing to use the SigV4A algorithm when using AWS Common Runtime (CRT). + + +1.32.61 +======= + +* api-change:``cloudformation``: CloudFormation documentation update for March, 2024 +* api-change:``connect``: This release increases MaxResults limit to 500 in request for SearchUsers, SearchQueues and SearchRoutingProfiles APIs of Amazon Connect. +* api-change:``ec2``: Documentation updates for Amazon EC2. +* api-change:``kafka``: Added support for specifying the starting position of topic replication in MSK-Replicator. +* api-change:``ssm``: March 2024 doc-only updates for Systems Manager. + + +1.32.60 +======= + +* api-change:``codestar-connections``: Added a sync configuration enum to disable publishing of deployment status to source providers (PublishDeploymentStatus). Added a sync configuration enum (TriggerStackUpdateOn) to only trigger changes. +* api-change:``elasticache``: Revisions to API text that are now to be carried over to SDK text, changing usages of "SFO" in code examples to "us-west-1", and some other typos. +* api-change:``mediapackagev2``: This release enables customers to safely update their MediaPackage v2 channel groups, channels and origin endpoints using entity tags. + + +1.32.59 +======= + +* api-change:``batch``: This release adds JobStateTimeLimitActions setting to the Job Queue API. It allows you to configure an action Batch can take for a blocking job in front of the queue after the defined period of time. The new parameter applies for ECS, EKS, and FARGATE Job Queues. +* api-change:``bedrock-agent-runtime``: Documentation update for Bedrock Runtime Agent +* api-change:``cloudtrail``: Added exceptions to CreateTrail, DescribeTrails, and ListImportFailures APIs. +* api-change:``codebuild``: This release adds support for a new webhook event: PULL_REQUEST_CLOSED. +* api-change:``cognito-idp``: Add ConcurrentModificationException to SetUserPoolMfaConfig +* api-change:``guardduty``: Add RDS Provisioned and Serverless Usage types +* api-change:``transfer``: Added DES_EDE3_CBC to the list of supported encryption algorithms for messages sent with an AS2 connector. + + +1.32.58 +======= + +* api-change:``appconfig``: AWS AppConfig now supports dynamic parameters, which enhance the functionality of AppConfig Extensions by allowing you to provide parameter values to your Extensions at the time you deploy your configuration. +* api-change:``ec2``: This release adds an optional parameter to RegisterImage and CopyImage APIs to support tagging AMIs at the time of creation. +* api-change:``grafana``: Adds support for the new GrafanaToken as part of the Amazon Managed Grafana Enterprise plugins upgrade to associate your AWS account with a Grafana Labs account. +* api-change:``lambda``: Documentation updates for AWS Lambda +* api-change:``payment-cryptography-data``: AWS Payment Cryptography EMV Decrypt Feature Release +* api-change:``rds``: Updates Amazon RDS documentation for io2 storage for Multi-AZ DB clusters +* api-change:``snowball``: Doc-only update for change to EKS-Anywhere ordering. +* api-change:``wafv2``: You can increase the max request body inspection size for some regional resources. The size setting is in the web ACL association config. Also, the AWSManagedRulesBotControlRuleSet EnableMachineLearning setting now takes a Boolean instead of a primitive boolean type, for languages like Java. +* api-change:``workspaces``: Added note for user decoupling + + +1.32.57 +======= + +* api-change:``dynamodb``: Doc only updates for DynamoDB documentation +* api-change:``imagebuilder``: Add PENDING status to Lifecycle Execution resource status. Add StartTime and EndTime to ListLifecycleExecutionResource API response. +* api-change:``mwaa``: Amazon MWAA adds support for Apache Airflow v2.8.1. +* api-change:``rds``: Updated the input of CreateDBCluster and ModifyDBCluster to support setting CA certificates. Updated the output of DescribeDBCluster to show current CA certificate setting value. +* api-change:``redshift``: Update for documentation only. Covers port ranges, definition updates for data sharing, and definition updates to cluster-snapshot documentation. +* api-change:``verifiedpermissions``: Deprecating details in favor of configuration for GetIdentitySource and ListIdentitySources APIs. + + +1.32.56 +======= + +* api-change:``apigateway``: Documentation updates for Amazon API Gateway +* api-change:``chatbot``: Minor update to documentation. +* api-change:``organizations``: This release contains an endpoint addition +* api-change:``sesv2``: Adds support for providing custom headers within SendEmail and SendBulkEmail for SESv2. + + +1.32.55 +======= + +* api-change:``cloudformation``: Add DetailedStatus field to DescribeStackEvents and DescribeStacks APIs +* api-change:``fsx``: Added support for creating FSx for NetApp ONTAP file systems with up to 12 HA pairs, delivering up to 72 GB/s of read throughput and 12 GB/s of write throughput. +* api-change:``organizations``: Documentation update for AWS Organizations + + +1.32.54 +======= + +* api-change:``accessanalyzer``: Fixed a typo in description field. +* api-change:``autoscaling``: With this release, Amazon EC2 Auto Scaling groups, EC2 Fleet, and Spot Fleet improve the default price protection behavior of attribute-based instance type selection of Spot Instances, to consistently select from a wide range of instance types. +* api-change:``ec2``: With this release, Amazon EC2 Auto Scaling groups, EC2 Fleet, and Spot Fleet improve the default price protection behavior of attribute-based instance type selection of Spot Instances, to consistently select from a wide range of instance types. + + +1.32.53 +======= + +* api-change:``docdb-elastic``: Launched Elastic Clusters Readable Secondaries, Start/Stop, Configurable Shard Instance count, Automatic Backups and Snapshot Copying +* api-change:``eks``: Added support for new AL2023 AMIs to the supported AMITypes. +* api-change:``lexv2-models``: This release makes AMAZON.QnAIntent generally available in Amazon Lex. This generative AI feature leverages large language models available through Amazon Bedrock to automate frequently asked questions (FAQ) experience for end-users. +* api-change:``migrationhuborchestrator``: Adds new CreateTemplate, UpdateTemplate and DeleteTemplate APIs. +* api-change:``quicksight``: TooltipTarget for Combo chart visuals; ColumnConfiguration limit increase to 2000; Documentation Update +* api-change:``sagemaker``: Adds support for ModelDataSource in Model Packages to support unzipped models. Adds support to specify SourceUri for models which allows registration of models without mandating a container for hosting. Using SourceUri, customers can decouple the model from hosting information during registration. +* api-change:``securitylake``: Add capability to update the Data Lake's MetaStoreManager Role in order to perform required data lake updates to use Iceberg table format in their data lake or update the role for any other reason. + + +1.32.52 +======= + +* api-change:``batch``: This release adds Batch support for configuration of multicontainer jobs in ECS, Fargate, and EKS. This support is available for all types of jobs, including both array jobs and multi-node parallel jobs. +* api-change:``bedrock-agent-runtime``: This release adds support to override search strategy performed by the Retrieve and RetrieveAndGenerate APIs for Amazon Bedrock Agents +* api-change:``ce``: This release introduces the new API 'GetApproximateUsageRecords', which retrieves estimated usage records for hourly granularity or resource-level data at daily granularity. +* api-change:``ec2``: This release increases the range of MaxResults for GetNetworkInsightsAccessScopeAnalysisFindings to 1,000. +* api-change:``iot``: This release reduces the maximum results returned per query invocation from 500 to 100 for the SearchIndex API. This change has no implications as long as the API is invoked until the nextToken is NULL. +* api-change:``wafv2``: AWS WAF now supports configurable time windows for request aggregation with rate-based rules. Customers can now select time windows of 1 minute, 2 minutes or 10 minutes, in addition to the previously supported 5 minutes. + + +1.32.51 +======= + +* api-change:``amplifyuibuilder``: We have added the ability to tag resources after they are created + + +1.32.50 +======= + +* api-change:``apigateway``: Documentation updates for Amazon API Gateway. +* api-change:``drs``: Added volume status to DescribeSourceServer replicated volumes. +* api-change:``kafkaconnect``: Adds support for tagging, with new TagResource, UntagResource and ListTagsForResource APIs to manage tags and updates to existing APIs to allow tag on create. This release also adds support for the new DeleteWorkerConfiguration API. +* api-change:``rds``: This release adds support for gp3 data volumes for Multi-AZ DB Clusters. + + +1.32.49 +======= + +* api-change:``appsync``: Documentation only updates for AppSync +* api-change:``qldb``: Clarify possible values for KmsKeyArn and EncryptionDescription. +* api-change:``rds``: Add pattern and length based validations for DBShardGroupIdentifier +* api-change:``rum``: Doc-only update for new RUM metrics that were added + + +1.32.48 +======= + +* api-change:``internetmonitor``: This release adds IPv4 prefixes to health events +* api-change:``kinesisvideo``: Increasing NextToken parameter length restriction for List APIs from 512 to 1024. + + +1.32.47 +======= + +* api-change:``iotevents``: Increase the maximum length of descriptions for Inputs, Detector Models, and Alarm Models +* api-change:``lookoutequipment``: This release adds a field exposing model quality to read APIs for models. It also adds a model quality field to the API response when creating an inference scheduler. +* api-change:``medialive``: MediaLive now supports the ability to restart pipelines in a running channel. +* api-change:``ssm``: This release adds support for sharing Systems Manager parameters with other AWS accounts. + + +1.32.46 +======= + +* api-change:``dynamodb``: Publishing quick fix for doc only update. +* api-change:``firehose``: This release updates a few Firehose related APIs. +* api-change:``lambda``: Add .NET 8 (dotnet8) Runtime support to AWS Lambda. + + +1.32.45 +======= + +* api-change:``amplify``: This release contains API changes that enable users to configure their Amplify domains with their own custom SSL/TLS certificate. +* api-change:``chatbot``: This release adds support for AWS Chatbot. You can now monitor, operate, and troubleshoot your AWS resources with interactive ChatOps using the AWS SDK. +* api-change:``config``: Documentation updates for the AWS Config CLI +* api-change:``ivs``: Changed description for latencyMode in Create/UpdateChannel and Channel/ChannelSummary. +* api-change:``keyspaces``: Documentation updates for Amazon Keyspaces +* api-change:``mediatailor``: MediaTailor: marking #AdBreak.OffsetMillis as required. + + +1.32.44 +======= + +* api-change:``connectparticipant``: Doc only update to GetTranscript API reference guide to inform users about presence of events in the chat transcript. +* api-change:``emr``: adds fine grained control over Unhealthy Node Replacement to Amazon ElasticMapReduce +* api-change:``firehose``: This release adds support for Data Message Extraction for decompressed CloudWatch logs, and to use a custom file extension or time zone for S3 destinations. +* api-change:``lambda``: Documentation-only updates for Lambda to clarify a number of existing actions and properties. +* api-change:``rds``: Doc only update for a valid option in DB parameter group +* api-change:``sns``: This release marks phone numbers as sensitive inputs. + + +1.32.43 +======= + +* api-change:``artifact``: This is the initial SDK release for AWS Artifact. AWS Artifact provides on-demand access to compliance and third-party compliance reports. This release includes access to List and Get reports, along with their metadata. This release also includes access to AWS Artifact notifications settings. +* api-change:``codepipeline``: Add ability to override timeout on action level. +* api-change:``detective``: Doc only updates for content enhancement +* api-change:``guardduty``: Marked fields IpAddressV4, PrivateIpAddress, Email as Sensitive. +* api-change:``healthlake``: This release adds a new response parameter, JobProgressReport, to the DescribeFHIRImportJob and ListFHIRImportJobs API operation. JobProgressReport provides details on the progress of the import job on the server. +* api-change:``opensearch``: Adds additional supported instance types. +* api-change:``polly``: Amazon Polly adds 1 new voice - Burcu (tr-TR) +* api-change:``sagemaker``: This release adds a new API UpdateClusterSoftware for SageMaker HyperPod. This API allows users to patch HyperPod clusters with latest platform softwares. +* api-change:``secretsmanager``: Doc only update for Secrets Manager +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.32.42 +======= + +* api-change:``controltower``: Adds support for new Baseline and EnabledBaseline APIs for automating multi-account governance. +* api-change:``lookoutequipment``: This feature allows customers to see pointwise model diagnostics results for their models. +* api-change:``qbusiness``: This release adds the metadata-boosting feature, which allows customers to easily fine-tune the underlying ranking of retrieved RAG passages in order to optimize Q&A answer relevance. It also adds new feedback reasons for the PutFeedback API. + + +1.32.41 +======= + +* api-change:``lightsail``: This release adds support to upgrade the major version of a database. +* api-change:``marketplace-catalog``: AWS Marketplace Catalog API now supports setting intent on requests +* api-change:``resource-explorer-2``: Resource Explorer now uses newly supported IPv4 'amazonaws.com' endpoints by default. +* api-change:``securitylake``: Documentation updates for Security Lake +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.32.40 +======= + +* api-change:``appsync``: Adds support for new options on GraphqlAPIs, Resolvers and Data Sources for emitting Amazon CloudWatch metrics for enhanced monitoring of AppSync APIs. +* api-change:``cloudwatch``: Update cloudwatch command to latest version +* api-change:``neptune-graph``: Adding a new option "parameters" for data plane api ExecuteQuery to support running parameterized query via SDK. +* api-change:``route53domains``: This release adds bill contact support for RegisterDomain, TransferDomain, UpdateDomainContact and GetDomainDetail API. + + +1.32.39 +======= + +* api-change:``amp``: Overall documentation updates. +* api-change:``batch``: This feature allows Batch to support configuration of repository credentials for jobs running on ECS +* api-change:``braket``: Creating a job will result in DeviceOfflineException when using an offline device, and DeviceRetiredException when using a retired device. +* api-change:``cost-optimization-hub``: Adding includeMemberAccounts field to the response of ListEnrollmentStatuses API. +* api-change:``ecs``: Documentation only update for Amazon ECS. +* api-change:``iot``: This release allows AWS IoT Core users to enable Online Certificate Status Protocol (OCSP) Stapling for TLS X.509 Server Certificates when creating and updating AWS IoT Domain Configurations with Custom Domain. +* api-change:``pricing``: Add Throttling Exception to all APIs. + + +1.32.38 +======= + +* api-change:``codepipeline``: Add ability to execute pipelines with new parallel & queued execution modes and add support for triggers with filtering on branches and file paths. +* api-change:``quicksight``: General Interactions for Visuals; Waterfall Chart Color Configuration; Documentation Update +* api-change:``workspaces``: This release introduces User-Decoupling feature. This feature allows Workspaces Core customers to provision workspaces without providing users. CreateWorkspaces and DescribeWorkspaces APIs will now take a new optional parameter "WorkspaceName". + + +1.32.37 +======= + +* api-change:``datasync``: AWS DataSync now supports manifests for specifying files or objects to transfer. +* api-change:``lexv2-models``: Update lexv2-models command to latest version +* api-change:``redshift``: LisRecommendations API to fetch Amazon Redshift Advisor recommendations. + + +1.32.36 +======= + +* api-change:``appsync``: Support for environment variables in AppSync GraphQL APIs +* api-change:``ecs``: This release is a documentation only update to address customer issues. +* api-change:``es``: This release adds clear visibility to the customers on the changes that they make on the domain. +* api-change:``logs``: This release adds a new field, logGroupArn, to the response of the logs:DescribeLogGroups action. +* api-change:``opensearch``: This release adds clear visibility to the customers on the changes that they make on the domain. +* api-change:``wafv2``: You can now delete an API key that you've created for use with your CAPTCHA JavaScript integration API. + + +1.32.35 +======= + +* api-change:``glue``: Introduce Catalog Encryption Role within Glue Data Catalog Settings. Introduce SASL/PLAIN as an authentication method for Glue Kafka connections +* api-change:``workspaces``: Added definitions of various WorkSpace states + + +1.32.34 +======= + +* api-change:``dynamodb``: Any number of users can execute up to 50 concurrent restores (any type of restore) in a given account. +* api-change:``sagemaker``: Amazon SageMaker Canvas adds GenerativeAiSettings support for CanvasAppSettings. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.32.33 +======= + +* api-change:``cognito-idp``: Added CreateIdentityProvider and UpdateIdentityProvider details for new SAML IdP features +* api-change:``ivs``: This release introduces a new resource Playback Restriction Policy which can be used to geo-restrict or domain-restrict channel stream playback when associated with a channel. New APIs to support this resource were introduced in the form of Create/Delete/Get/Update/List. +* api-change:``managedblockchain-query``: This release adds support for transactions that have not reached finality. It also removes support for the status property from the response of the GetTransaction operation. You can use the confirmationStatus and executionStatus properties to determine the status of the transaction. +* api-change:``mediaconvert``: This release includes support for broadcast-mixed audio description tracks. +* api-change:``neptune-graph``: Adding new APIs in SDK for Amazon Neptune Analytics. These APIs include operations to execute, cancel, list queries and get the graph summary. + + +1.32.32 +======= + +* api-change:``cloudformation``: CloudFormation IaC generator allows you to scan existing resources in your account and select resources to generate a template for a new or existing CloudFormation stack. +* api-change:``elbv2``: Update elbv2 command to latest version +* api-change:``glue``: Update page size limits for GetJobRuns and GetTriggers APIs. +* api-change:``ssm``: This release adds an optional Duration parameter to StateManager Associations. This allows customers to specify how long an apply-only-on-cron association execution should run. Once the specified Duration is out all the ongoing cancellable commands or automations are cancelled. + + +1.32.31 +======= + +* api-change:``datazone``: Add new skipDeletionCheck to DeleteDomain. Add new skipDeletionCheck to DeleteProject which also automatically deletes dependent objects +* api-change:``route53``: Update the SDKs for text changes in the APIs. + + +1.32.30 +======= + +* api-change:``autoscaling``: EC2 Auto Scaling customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type. +* api-change:``comprehend``: Comprehend PII analysis now supports Spanish input documents. +* api-change:``ec2``: EC2 Fleet customers who use attribute based instance-type selection can now intuitively define their Spot instances price protection limit as a percentage of the lowest priced On-Demand instance type. +* api-change:``mwaa``: This release adds MAINTENANCE environment status for Amazon MWAA environments. +* api-change:``rds``: Introduced support for the InsufficientDBInstanceCapacityFault error in the RDS RestoreDBClusterFromSnapshot and RestoreDBClusterToPointInTime API methods. This provides enhanced error handling, ensuring a more robust experience. +* api-change:``snowball``: Modified description of createaddress to include direction to add path when providing a JSON file. + + +1.32.29 +======= + +* api-change:``connect``: Update list and string length limits for predefined attributes. +* api-change:``inspector2``: This release adds ECR container image scanning based on their lastRecordedPullTime. +* api-change:``sagemaker``: Amazon SageMaker Automatic Model Tuning now provides an API to programmatically delete tuning jobs. + + +1.32.28 +======= + +* api-change:``acm-pca``: AWS Private CA now supports an option to omit the CDP extension from issued certificates, when CRL revocation is enabled. +* api-change:``lightsail``: This release adds support for IPv6-only instance plans. + + +1.32.27 +======= + +* api-change:``ec2``: Introduced a new clientToken request parameter on CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter allows idempotent operations on the APIs. +* api-change:``ecs``: Documentation updates for Amazon ECS. +* api-change:``outposts``: DeviceSerialNumber parameter is now optional in StartConnection API +* api-change:``rds``: This release adds support for Aurora Limitless Database. +* api-change:``storagegateway``: Add DeprecationDate and SoftwareVersion to response of ListGateways. + + +1.32.26 +======= + +* api-change:``inspector2``: This release adds support for CIS scans on EC2 instances. + + +1.32.25 +======= + +* bugfix:``s3 sync``: Disable S3 Express support for s3 sync command + + +1.32.24 +======= + +* api-change:``appconfigdata``: Fix FIPS Endpoints in aws-us-gov. +* api-change:``cloud9``: Doc-only update around removing AL1 from list of available AMIs for Cloud9 +* api-change:``cloudfront-keyvaluestore``: This release improves upon the DescribeKeyValueStore API by returning two additional fields, Status of the KeyValueStore and the FailureReason in case of failures during creation of KeyValueStore. +* api-change:``connectcases``: This release adds the ability to view audit history on a case and introduces a new parameter, performedBy, for CreateCase and UpdateCase API's. +* api-change:``ec2``: Documentation updates for Amazon EC2. +* api-change:``ecs``: This release adds support for Transport Layer Security (TLS) and Configurable Timeout to ECS Service Connect. TLS facilitates privacy and data security for inter-service communications, while Configurable Timeout allows customized per-request timeout and idle timeout for Service Connect services. +* api-change:``finspace``: Allow customer to set zip default through command line arguments. +* api-change:``organizations``: Doc only update for quota increase change +* api-change:``rds``: Introduced support for the InsufficientDBInstanceCapacityFault error in the RDS CreateDBCluster API method. This provides enhanced error handling, ensuring a more robust experience when creating database clusters with insufficient instance capacity. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.32.23 +======= + +* api-change:``athena``: Introducing new NotebookS3LocationUri parameter to Athena ImportNotebook API. Payload is no longer required and either Payload or NotebookS3LocationUri needs to be provided (not both) for a successful ImportNotebook API call. If both are provided, an InvalidRequestException will be thrown. +* api-change:``codebuild``: Release CodeBuild Reserved Capacity feature +* api-change:``dynamodb``: This release adds support for including ApproximateCreationDateTimePrecision configurations in EnableKinesisStreamingDestination API, adds the same as an optional field in the response of DescribeKinesisStreamingDestination, and adds support for a new UpdateKinesisStreamingDestination API. +* api-change:``qconnect``: Increased Quick Response name max length to 100 + + +1.32.22 +======= + +* api-change:``b2bi``: Increasing TestMapping inputFileContent file size limit to 5MB and adding file size limit 250KB for TestParsing input file. This release also includes exposing InternalServerException for Tag APIs. +* api-change:``cloudtrail``: This release adds a new API ListInsightsMetricData to retrieve metric data from CloudTrail Insights. +* api-change:``connect``: GetMetricDataV2 now supports 3 groupings +* api-change:``drs``: Removed invalid and unnecessary default values. +* api-change:``firehose``: Allow support for Snowflake as a Kinesis Data Firehose delivery destination. +* api-change:``sagemaker-featurestore-runtime``: Increase BatchGetRecord limits from 10 items to 100 items + + +1.32.21 +======= + +* api-change:``dynamodb``: Updating note for enabling streams for UpdateTable. +* api-change:``keyspaces``: This release adds support for Multi-Region Replication with provisioned tables, and Keyspaces auto scaling APIs + + +1.32.20 +======= + +* api-change:``iot``: Revert release of LogTargetTypes +* api-change:``iotfleetwise``: Updated APIs: SignalNodeType query parameter has been added to ListSignalCatalogNodesRequest and ListVehiclesResponse has been extended with attributes field. +* api-change:``macie2``: This release adds support for analyzing Amazon S3 objects that are encrypted using dual-layer server-side encryption with AWS KMS keys (DSSE-KMS). It also adds support for reporting DSSE-KMS details in statistics and metadata about encryption settings for S3 buckets and objects. +* api-change:``payment-cryptography``: Provide an additional option for key exchange using RSA wrap/unwrap in addition to tr-34/tr-31 in ImportKey and ExportKey operations. Added new key usage (type) TR31_M1_ISO_9797_1_MAC_KEY, for use with Generate/VerifyMac dataplane operations with ISO9797 Algorithm 1 MAC calculations. +* api-change:``personalize-runtime``: Documentation updates for Amazon Personalize +* api-change:``personalize``: Documentation updates for Amazon Personalize. +* api-change:``rekognition``: This release adds ContentType and TaxonomyLevel attributes to DetectModerationLabels and GetMediaAnalysisJob API responses. +* api-change:``securityhub``: Documentation updates for AWS Security Hub + + +1.32.19 +======= + +* api-change:``sagemaker``: This release will have ValidationException thrown if certain invalid app types are provided. The release will also throw ValidationException if more than 10 account ids are provided in VpcOnlyTrustedAccounts. + + +1.32.18 +======= + +* api-change:``connect``: Supervisor Barge for Chat is now supported through the MonitorContact API. +* api-change:``connectparticipant``: Introduce new Supervisor participant role +* api-change:``location``: Location SDK documentation update. Added missing fonts to the MapConfiguration data type. Updated note for the SubMunicipality property in the place data type. +* api-change:``mwaa``: This Amazon MWAA feature release includes new fields in CreateWebLoginToken response model. The new fields IamIdentity and AirflowIdentity will let you match identifications, as the Airflow identity length is currently hashed to 64 characters. +* api-change:``s3control``: S3 On Outposts team adds dualstack endpoints support for S3Control and S3Outposts API calls. +* api-change:``supplychain``: This release includes APIs CreateBillOfMaterialsImportJob and GetBillOfMaterialsImportJob. +* api-change:``transfer``: AWS Transfer Family now supports static IP addresses for SFTP & AS2 connectors and for async MDNs on AS2 servers. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.32.17 +======= + +* api-change:``ec2``: This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks. +* api-change:``ecs``: This release adds support for adding an ElasticBlockStorage volume configurations in ECS RunTask/StartTask/CreateService/UpdateService APIs. The configuration allows for attaching EBS volumes to ECS Tasks. +* api-change:``events``: Update events command to latest version +* api-change:``iot``: Add ConflictException to Update APIs of AWS IoT Software Package Catalog +* api-change:``iotfleetwise``: The following dataTypes have been removed: CUSTOMER_DECODED_INTERFACE in NetworkInterfaceType; CUSTOMER_DECODED_SIGNAL_INFO_IS_NULL in SignalDecoderFailureReason; CUSTOMER_DECODED_SIGNAL_NETWORK_INTERFACE_INFO_IS_NULL in NetworkInterfaceFailureReason; CUSTOMER_DECODED_SIGNAL in SignalDecoderType +* api-change:``secretsmanager``: Doc only update for Secrets Manager +* api-change:``workspaces``: Added AWS Workspaces RebootWorkspaces API - Extended Reboot documentation update + + +1.32.16 +======= + +* api-change:``connectcampaigns``: Minor pattern updates for Campaign and Dial Request API fields. +* api-change:``location``: This release adds API support for custom layers for the maps service APIs: CreateMap, UpdateMap, DescribeMap. +* api-change:``logs``: Add support for account level subscription filter policies to PutAccountPolicy, DescribeAccountPolicies, and DeleteAccountPolicy APIs. Additionally, PutAccountPolicy has been modified with new optional "selectionCriteria" parameter for resource selection. +* api-change:``qconnect``: QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. +* api-change:``redshift-serverless``: Updates to ConfigParameter for RSS workgroup, removal of use_fips_ssl +* api-change:``route53``: Route53 now supports geoproximity routing in AWS regions +* api-change:``wisdom``: QueryAssistant and GetRecommendations will be discontinued starting June 1, 2024. To receive generative responses after March 1, 2024 you will need to create a new Assistant in the Connect console and integrate the Amazon Q in Connect JavaScript library (amazon-q-connectjs) into your applications. + + +1.32.15 +======= + +* api-change:``codebuild``: Aws CodeBuild now supports new compute type BUILD_GENERAL1_XLARGE +* api-change:``ec2``: Amazon EC2 R7iz bare metal instances are powered by custom 4th generation Intel Xeon Scalable processors. +* api-change:``route53resolver``: This release adds support for query type configuration on firewall rules that enables customers for granular action (ALLOW, ALERT, BLOCK) by DNS query type. + + +1.32.14 +======= + +* api-change:``connect``: Minor trait updates for User APIs +* api-change:``kms``: Documentation updates for AWS Key Management Service (KMS). +* api-change:``redshift-serverless``: use_fips_ssl and require_ssl parameter support for Workgroup, UpdateWorkgroup, and CreateWorkgroup + + +1.32.13 +======= + +* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config in November and December 2023. +* api-change:``docdb``: Adding PerformanceInsightsEnabled and PerformanceInsightsKMSKeyId fields to DescribeDBInstances Response. +* api-change:``ecs``: This release adds support for managed instance draining which facilitates graceful termination of Amazon ECS instances. +* api-change:``es``: This release adds support for new or existing Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward secrecy cipher suites for domain endpoints. +* api-change:``lightsail``: This release adds support to set up an HTTPS endpoint on an instance. +* api-change:``opensearch``: This release adds support for new or existing Amazon OpenSearch domains to enable TLS 1.3 or TLS 1.2 with perfect forward secrecy cipher suites for domain endpoints. +* api-change:``sagemaker``: Adding support for provisioned throughput mode for SageMaker Feature Groups +* api-change:``servicecatalog``: Added Idempotency token support to Service Catalog AssociateServiceActionWithProvisioningArtifact, DisassociateServiceActionFromProvisioningArtifact, DeleteServiceAction API +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.32.12 +======= + +* api-change:``connect``: Amazon Connect, Contact Lens Evaluation API increase evaluation notes max length to 3072. +* api-change:``mediaconvert``: This release includes video engine updates including HEVC improvements, support for ingesting VP9 encoded video in MP4 containers, and support for user-specified 3D LUTs. + + +1.32.11 +======= + +* api-change:``apprunner``: AWS App Runner adds Python 3.11 and Node.js 18 runtimes. +* api-change:``location``: This release introduces a new parameter to bypasses an API key's expiry conditions and delete the key. +* api-change:``quicksight``: Add LinkEntityArn support for different partitions; Add UnsupportedUserEditionException in UpdateDashboardLinks API; Add support for New Reader Experience Topics + + +1.32.10 +======= + +* api-change:``codestar-connections``: New integration with the GitLab self-managed provider type. +* api-change:``kinesis-video-archived-media``: NoDataRetentionException thrown when GetImages requested for a Stream that does not retain data (that is, has a DataRetentionInHours of 0). +* api-change:``sagemaker``: Amazon SageMaker Studio now supports Docker access from within app container + + +1.32.9 +====== + +* api-change:``emr``: Update emr command to latest version + + +1.32.8 +====== + +* api-change:``iam``: Documentation updates for AWS Identity and Access Management (IAM). +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.32.7 +====== + +* api-change:``bedrock-agent``: Adding Claude 2.1 support to Bedrock Agents +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version +* api-change:``glue``: This release adds additional configurations for Query Session Context on the following APIs: GetUnfilteredTableMetadata, GetUnfilteredPartitionMetadata, GetUnfilteredPartitionsMetadata. +* api-change:``lakeformation``: This release adds additional configurations on GetTemporaryGlueTableCredentials for Query Session Context. +* api-change:``mediaconnect``: This release adds the DescribeSourceMetadata API. This API can be used to view the stream information of the flow's source. +* api-change:``networkmonitor``: CloudWatch Network Monitor is a new service within CloudWatch that will help network administrators and operators continuously monitor network performance metrics such as round-trip-time and packet loss between their AWS-hosted applications and their on-premises locations. +* api-change:``omics``: Provides minor corrections and an updated description of APIs. +* api-change:``secretsmanager``: Update endpoint rules and examples. + + +1.32.6 +====== + +* api-change:``amp``: This release updates Amazon Managed Service for Prometheus APIs to support customer managed KMS keys. +* api-change:``appintegrations``: The Amazon AppIntegrations service adds DeleteApplication API for deleting applications, and updates APIs to support third party applications reacting to workspace events and make data requests to Amazon Connect for agent and contact events. +* api-change:``bedrock-agent``: This release introduces Amazon Aurora as a vector store on Knowledge Bases for Amazon Bedrock +* api-change:``codecommit``: AWS CodeCommit now supports customer managed keys from AWS Key Management Service. UpdateRepositoryEncryptionKey is added for updating the key configuration. CreateRepository, GetRepository, BatchGetRepositories are updated with new input or output parameters. +* api-change:``connect``: Adds APIs to manage User Proficiencies and Predefined Attributes. Enhances StartOutboundVoiceContact API input. Introduces SearchContacts API. Enhances DescribeContact API. Adds an API to update Routing Attributes in QueuePriority and QueueTimeAdjustmentSeconds. +* api-change:``medialive``: MediaLive now supports the ability to configure the audio that an AWS Elemental Link UHD device produces, when the device is configured as the source for a flow in AWS Elemental MediaConnect. +* api-change:``neptune-graph``: Adds Waiters for successful creation and deletion of Graph, Graph Snapshot, Import Task and Private Endpoints for Neptune Analytics +* api-change:``rds-data``: This release adds support for using RDS Data API with Aurora PostgreSQL Serverless v2 and provisioned DB clusters. +* api-change:``rds``: This release adds support for using RDS Data API with Aurora PostgreSQL Serverless v2 and provisioned DB clusters. +* api-change:``sagemaker``: Amazon SageMaker Training now provides model training container access for debugging purposes. Amazon SageMaker Search now provides the ability to use visibility conditions to limit resource access to a single domain or multiple domains. + + +1.32.5 +====== + +* api-change:``appstream``: This release introduces configurable clipboard, allowing admins to specify the maximum length of text that can be copied by the users from their device to the remote session and vice-versa. +* api-change:``eks``: Add support for cluster insights, new EKS capability that surfaces potentially upgrade impacting issues. +* api-change:``guardduty``: This release 1) introduces a new API: GetOrganizationStatistics , and 2) adds a new UsageStatisticType TOP_ACCOUNTS_BY_FEATURE for GetUsageStatistics API +* api-change:``managedblockchain-query``: Adding Confirmation Status and Execution Status to GetTransaction Response. +* api-change:``mediatailor``: Adds the ability to configure time shifting on MediaTailor channels using the TimeShiftConfiguration field +* api-change:``route53``: Amazon Route 53 now supports the Canada West (Calgary) Region (ca-west-1) for latency records, geoproximity records, and private DNS for Amazon VPCs in that region. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.32.4 +====== + +* api-change:``appsync``: This release adds additional configurations on GraphQL APIs for limits on query depth, resolver count, and introspection +* api-change:``chime-sdk-meetings``: Add meeting features to specify a maximum camera resolution, a maximum content sharing resolution, and a maximum number of attendees for a given meeting. +* api-change:``ec2``: Provision BYOIPv4 address ranges and advertise them by specifying the network border groups option in Los Angeles, Phoenix and Dallas AWS Local Zones. +* api-change:``fsx``: Added support for FSx for OpenZFS on-demand data replication across AWS accounts and/or regions.Added the IncludeShared attribute for DescribeSnapshots.Added the CopyStrategy attribute for OpenZFSVolumeConfiguration. +* api-change:``marketplace-catalog``: AWS Marketplace now supports a new API, BatchDescribeEntities, which returns metadata and content for multiple entities. +* api-change:``rds``: RDS - The release adds two new APIs: DescribeDBRecommendations and ModifyDBRecommendation + + +1.32.3 +====== + +* api-change:``cognito-idp``: Amazon Cognito now supports trigger versions that define the fields in the request sent to pre token generation Lambda triggers. +* api-change:``eks``: Add support for EKS Cluster Access Management. +* api-change:``quicksight``: A docs-only release to add missing entities to the API reference. +* api-change:``route53resolver``: Add DOH protocols in resolver endpoints. + + +1.32.2 +====== + +* enhancement:``cloudformation package``: Add support for intrinsic Fn:ForEach (fixes `#8075 `__) +* api-change:``cloud9``: Updated Cloud9 API documentation for AL2023 release +* api-change:``connect``: Adds relatedContactId field to StartOutboundVoiceContact API input. Introduces PauseContact API and ResumeContact API for Task contacts. Adds pause duration, number of pauses, timestamps for last paused and resumed events to DescribeContact API response. Adds new Rule type and new Rule action. +* api-change:``connectcases``: Increase number of fields that can be included in CaseEventIncludedData from 50 to 200 +* api-change:``kms``: Documentation updates for AWS Key Management Service +* api-change:``rds``: Updates Amazon RDS documentation by adding code examples +* api-change:``sagemaker``: This release 1) introduces a new API: DeleteCompilationJob , and 2) adds InfraCheckConfig for Create/Describe training job API + + +1.32.1 +====== + +* api-change:``appstream``: This release includes support for images of Windows Server 2022 platform. +* api-change:``b2bi``: Documentation updates for AWS B2B Data Interchange +* api-change:``billingconductor``: Billing Conductor is releasing a new API, GetBillingGroupCostReport, which provides the ability to retrieve/view the Billing Group Cost Report broken down by attributes for a specific billing group. +* api-change:``connect``: This release adds support for more granular billing using tags (key:value pairs) +* api-change:``controltower``: Documentation updates for AWS Control Tower. +* api-change:``firehose``: This release, 1) adds configurable buffering hints for the Splunk destination, and 2) reduces the minimum configurable buffering interval for supported destinations +* api-change:``gamelift``: Amazon GameLift adds the ability to add and update the game properties of active game sessions. +* api-change:``iot``: This release adds the ability to self-manage certificate signing in AWS IoT Core fleet provisioning using the new certificate provider resource. +* api-change:``neptune-graph``: This is the initial SDK release for Amazon Neptune Analytics +* api-change:``opensearch``: Updating documentation for Amazon OpenSearch Service support for new zero-ETL integration with Amazon S3. +* api-change:``quicksight``: Update Dashboard Links support; SingleAxisOptions support; Scatterplot Query limit support. +* api-change:``workspaces``: Updated note to ensure customers understand running modes. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.32.0 +====== + +* feature:Python: End of support for Python 3.7 +* api-change:``drs``: Adding AgentVersion to SourceServer and RecoveryInstance structures +* feature:Python: End of support for Python 3.7 + + +1.31.13 +======= + +* api-change:``imagebuilder``: This release adds the Image Workflows feature to give more flexibility and control over the image building and testing process. +* api-change:``location``: This release 1) adds sub-municipality field in Places API for searching and getting places information, and 2) allows optimizing route calculation based on expected arrival time. +* api-change:``logs``: This release introduces the StartLiveTail API to tail ingested logs in near real time. + + +1.31.12 +======= + +* api-change:``neptune``: This release adds a new parameter configuration setting to the Neptune cluster related APIs that can be leveraged to switch between the underlying supported storage modes. +* api-change:``pinpoint``: This release includes Amazon Pinpoint API documentation updates pertaining to campaign message sending rate limits. +* api-change:``securityhub``: Added new resource detail objects to ASFF, including resources for AwsDynamoDbTable, AwsEc2ClientVpnEndpoint, AwsMskCluster, AwsS3AccessPoint, AwsS3Bucket +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.31.11 +======= + +* api-change:``cloudwatch``: Update cloudwatch command to latest version +* api-change:``ec2``: M2 Mac instances are built on Apple M2 Mac mini computers. I4i instances are powered by 3rd generation Intel Xeon Scalable processors. C7i compute optimized, M7i general purpose and R7i memory optimized instances are powered by custom 4th Generation Intel Xeon Scalable processors. +* api-change:``finspace``: Releasing Scaling Group, Dataview, and Volume APIs + + +1.31.10 +======= + +* api-change:``codedeploy``: This release adds support for two new CodeDeploy features: 1) zonal deployments for Amazon EC2 in-place deployments, 2) deployments triggered by Auto Scaling group termination lifecycle hook events. + + +1.31.9 +====== + +* api-change:``backup``: AWS Backup - Features: Add VaultType to the output of DescribeRecoveryPoint, ListRecoveryPointByBackupVault API and add ResourceType to the input of ListRestoreJobs API +* api-change:``comprehend``: Documentation updates for Trust and Safety features. +* api-change:``connect``: Releasing Tagging Support for Instance Management APIS +* api-change:``ec2``: Releasing the new cpuManufacturer attribute within the DescribeInstanceTypes API response which notifies our customers with information on who the Manufacturer is for the processor attached to the instance, for example: Intel. +* api-change:``payment-cryptography``: AWS Payment Cryptography IPEK feature release + + +1.31.8 +====== + +* api-change:``athena``: Adding IdentityCenter enabled request for interactive query +* api-change:``cleanroomsml``: Updated service title from cleanroomsml to CleanRoomsML. +* api-change:``cloudformation``: Documentation update, December 2023 +* api-change:``ec2``: Adds A10G, T4G, and H100 as accelerator name options and Habana as an accelerator manufacturer option for attribute based selection + + +1.31.7 +====== + +* api-change:``billingconductor``: This release adds the ability to specify a linked account of the billing group for the custom line item resource. +* api-change:``braket``: This release enhances service support to create quantum tasks and hybrid jobs associated with Braket Direct Reservations. +* api-change:``cloud9``: This release adds the requirement to include the imageId parameter in the CreateEnvironmentEC2 API call. +* api-change:``cloudformation``: Including UPDATE_* states as a success status for CreateStack waiter. +* api-change:``finspace``: Release General Purpose type clusters +* api-change:``medialive``: Adds support for custom color correction on channels using 3D LUT files. +* api-change:``servicecatalog-appregistry``: Documentation-only updates for Dawn +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.31.6 +====== + +* api-change:``qconnect``: This release adds the PutFeedback API and allows providing feedback against the specified assistant for the specified target. +* api-change:``rbin``: Added resource identifier in the output and updated error handling. +* api-change:``verifiedpermissions``: Adds description field to PolicyStore API's and namespaces field to GetSchema. + + +1.31.5 +====== + +* api-change:``arc-zonal-shift``: This release adds a new capability, zonal autoshift. You can configure zonal autoshift so that AWS shifts traffic for a resource away from an Availability Zone, on your behalf, when AWS determines that there is an issue that could potentially affect customers in the Availability Zone. +* api-change:``glue``: Adds observation and analyzer support to the GetDataQualityResult and BatchGetDataQualityResult APIs. +* api-change:``sagemaker``: This release adds support for 1/ Code Editor, based on Code-OSS, Visual Studio Code Open Source, a new fully managed IDE option in SageMaker Studio 2/ JupyterLab, a new fully managed JupyterLab IDE experience in SageMaker Studio + + +1.31.4 +====== + +* api-change:``marketplace-agreement``: The AWS Marketplace Agreement Service provides an API interface that helps AWS Marketplace sellers manage their agreements, including listing, filtering, and viewing details about their agreements. +* api-change:``marketplace-catalog``: This release enhances the ListEntities API to support new entity type-specific strongly typed filters in the request and entity type-specific strongly typed summaries in the response. +* api-change:``marketplace-deployment``: AWS Marketplace Deployment is a new service that provides essential features that facilitate the deployment of software, data, and services procured through AWS Marketplace. +* api-change:``redshift-serverless``: This release adds the following support for Amazon Redshift Serverless: 1) cross-account cross-VPCs, 2) copying snapshots across Regions, 3) scheduling snapshot creation, and 4) restoring tables from a recovery point. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.31.3 +====== + +* api-change:``application-autoscaling``: Amazon SageMaker customers can now use Application Auto Scaling to automatically scale the number of Inference Component copies across an endpoint to meet the varying demand of their workloads. +* api-change:``cleanrooms``: AWS Clean Rooms now provides differential privacy to protect against user-identification attempts and machine learning modeling to allow two parties to identify similar users in their data. +* api-change:``cleanroomsml``: Public Preview SDK release of AWS Clean Rooms ML APIs +* api-change:``opensearch``: Launching Amazon OpenSearch Service support for new zero-ETL integration with Amazon S3. Customers can now manage their direct query data sources to Amazon S3 programatically +* api-change:``opensearchserverless``: Amazon OpenSearch Serverless collections support an additional attribute called standby-replicas. This allows to specify whether a collection should have redundancy enabled. +* api-change:``sagemaker-runtime``: Update sagemaker-runtime command to latest version +* api-change:``sagemaker``: This release adds following support 1/ Improved SDK tooling for model deployment. 2/ New Inference Component based features to lower inference costs and latency 3/ SageMaker HyperPod management. 4/ Additional parameters for FM Fine Tuning in Autopilot +* api-change:``sts``: Documentation updates for AWS Security Token Service. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.31.2 +====== + +* api-change:``accessanalyzer``: This release adds support for external access findings for S3 directory buckets to help you easily identify cross-account access. Updated service API, documentation, and paginators. +* api-change:``bedrock``: This release adds support for customization types, model life cycle status and minor versions/aliases for model identifiers. +* api-change:``bedrock-agent``: This release introduces Agents for Amazon Bedrock +* api-change:``bedrock-agent-runtime``: This release introduces Agents for Amazon Bedrock Runtime +* api-change:``bedrock-runtime``: This release adds support for minor versions/aliases for invoke model identifier. +* api-change:``connect``: Added support for following capabilities: Amazon Connect's in-app, web, and video calling. Two-way SMS integrations. Contact Lens real-time chat analytics feature. Amazon Connect Analytics Datalake capability. Capability to configure real time chat rules. +* api-change:``customer-profiles``: This release introduces DetectProfileObjectType API to auto generate object type mapping. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version +* api-change:``qbusiness``: Amazon Q - a generative AI powered application that your employees can use to ask questions and get answers from knowledge spread across disparate content repositories, summarize reports, write articles, take actions, and much more - all within their company's connected content repositories. +* api-change:``qconnect``: Amazon Q in Connect, an LLM-enhanced evolution of Amazon Connect Wisdom. This release adds generative AI support to Amazon Q Connect QueryAssistant and GetRecommendations APIs. +* api-change:``s3``: Adds support for S3 Express One Zone. +* api-change:``s3control``: Adds support for S3 Express One Zone, and InvocationSchemaVersion 2.0 for S3 Batch Operations. + + +1.31.1 +====== + +* api-change:``elasticache``: Launching Amazon ElastiCache Serverless that enables you to create a cache in under a minute without any capacity management. ElastiCache Serverless monitors the cache's memory, CPU, and network usage and scales both vertically and horizontally to support your application's requirements. + + +1.31.0 +====== + +* api-change:``appsync``: This update enables introspection of Aurora cluster databases using the RDS Data API +* api-change:``b2bi``: This is the initial SDK release for AWS B2B Data Interchange. +* api-change:``backup``: AWS Backup now supports restore testing, a new feature that allows customers to automate restore testing and validating their backups. Additionally, this release adds support for EBS Snapshots Archive tier. +* api-change:``controltower``: This release adds the following support: 1. The EnableControl API can configure controls that are configurable. 2. The GetEnabledControl API shows the configured parameters on an enabled control. 3. The new UpdateEnabledControl API can change parameters on an enabled control. +* api-change:``efs``: Update efs command to latest version +* api-change:``fis``: AWS FIS adds support for multi-account experiments & empty target resolution. This release also introduces the CreateTargetAccountConfiguration API that allows experiments across multiple AWS accounts, and the ListExperimentResolvedTargets API to list target details. +* api-change:``glue``: add observations support to DQ CodeGen config model + update document for connectiontypes supported by ConnectorData entities +* api-change:``rds``: Updates Amazon RDS documentation for support for RDS for Db2. +* api-change:``securityhub``: Adds and updates APIs to support central configuration. This feature allows the Security Hub delegated administrator to configure Security Hub for their entire AWS Org across multiple regions from a home Region. With this release, findings also include account name and application metadata. +* api-change:``transcribe``: This release adds support for AWS HealthScribe APIs within Amazon Transcribe +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version +* feature:Versioning: With the release of Botocore 1.33.0, Boto3 and Botocore will share the same version number. + + +1.30.7 +====== + +* api-change:``accessanalyzer``: IAM Access Analyzer now continuously monitors IAM roles and users in your AWS account or organization to generate findings for unused access. Additionally, IAM Access Analyzer now provides custom policy checks to validate that IAM policies adhere to your security standards ahead of deployments. +* api-change:``amp``: This release adds support for the Amazon Managed Service for Prometheus collector, a fully managed, agentless Prometheus metrics scraping capability. +* api-change:``bcm-data-exports``: Users can create, read, update, delete Exports of billing and cost management data. Users can get details of Export Executions and details of Tables for exporting. Tagging support is provided for Exports +* api-change:``cloudtrail``: CloudTrail Lake now supports federating event data stores. giving users the ability to run queries against their event data using Amazon Athena. +* api-change:``codestar-connections``: This release adds support for the CloudFormation Git sync feature. Git sync enables updating a CloudFormation stack from a template stored in a Git repository. +* api-change:``compute-optimizer``: This release enables AWS Compute Optimizer to analyze and generate recommendations with customization and discounts preferences. +* api-change:``config``: Support Periodic Recording for Configuration Recorder +* api-change:``controltower``: Add APIs to create and manage a landing zone. +* api-change:``cost-optimization-hub``: This release launches Cost Optimization Hub, a new AWS Billing and Cost Management feature that helps you consolidate and prioritize cost optimization recommendations across your AWS Organizations member accounts and AWS Regions, so that you can get the most out of your AWS spend. +* api-change:``detective``: Added new APIs in Detective to support resource investigations +* api-change:``ecs``: Adds a new 'type' property to the Setting structure. Adds a new AccountSetting - guardDutyActivate for ECS. +* api-change:``efs``: Update efs command to latest version +* api-change:``eks``: This release adds support for EKS Pod Identity feature. EKS Pod Identity makes it easy for customers to obtain IAM permissions for the applications running in their EKS clusters. +* api-change:``eks-auth``: This release adds support for EKS Pod Identity feature. EKS Pod Identity makes it easy for customers to obtain IAM permissions for their applications running in the EKS clusters. +* api-change:``elbv2``: Update elbv2 command to latest version +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version +* api-change:``freetier``: This is the initial SDK release for the AWS Free Tier GetFreeTierUsage API +* api-change:``fsx``: Added support for FSx for ONTAP scale-out file systems and FlexGroup volumes. Added the HAPairs field and ThroughputCapacityPerHAPair for filesystem. Added AggregateConfiguration (containing Aggregates and ConstituentsPerAggregate) and SizeInBytes for volume. +* api-change:``guardduty``: Add support for Runtime Monitoring for ECS and ECS-EC2. +* api-change:``iotfleetwise``: AWS IoT FleetWise introduces new APIs for vision system data, such as data collected from cameras, radars, and lidars. You can now model and decode complex data types. +* api-change:``lakeformation``: This release adds four new APIs "DescribeLakeFormationIdentityCenterConfiguration", "CreateLakeFormationIdentityCenterConfiguration", "DescribeLakeFormationIdentityCenterConfiguration", and "DeleteLakeFormationIdentityCenterConfiguration", and also updates the corresponding documentation. +* api-change:``lexv2-models``: Update lexv2-models command to latest version +* api-change:``lexv2-runtime``: Update lexv2-runtime command to latest version +* api-change:``logs``: Added APIs to Create, Update, Get, List and Delete LogAnomalyDetectors and List and Update Anomalies in Detector. Added LogGroupClass attribute for LogGroups to classify loggroup as Standard loggroup with all capabilities or InfrequentAccess loggroup with limited capabilities. +* api-change:``managedblockchain``: Add optional NetworkType property to Accessor APIs +* api-change:``personalize``: Enables metadata in recommendations, recommendations with themes, and next best action recommendations +* api-change:``personalize-events``: This release enables PutActions and PutActionInteractions +* api-change:``personalize-runtime``: Enables metadata in recommendations and next best action recommendations +* api-change:``quicksight``: This release launches new APIs for trusted identity propagation setup and supports creating datasources using trusted identity propagation as authentication method for QuickSight accounts configured with IAM Identity Center. +* api-change:``redshift``: This release adds support for multi-data warehouse writes through data sharing. +* api-change:``repostspace``: Initial release of AWS re:Post Private +* api-change:``s3``: Adding new params - Key and Prefix, to S3 API operations for supporting S3 Access Grants. Note - These updates will not change any of the existing S3 API functionality. +* api-change:``s3control``: Introduce Amazon S3 Access Grants, a new S3 access control feature that maps identities in directories such as Active Directory, or AWS Identity and Access Management (IAM) Principals, to datasets in S3. +* api-change:``secretsmanager``: AWS Secrets Manager has released the BatchGetSecretValue API, which allows customers to fetch up to 20 Secrets with a single request using a list of secret names or filters. +* api-change:``securityhub``: Adds and updates APIs to support customizable security controls. This feature allows Security Hub customers to provide custom parameters for security controls. With this release, findings for controls that support custom parameters will include the parameters used to generate the findings. +* api-change:``stepfunctions``: Update stepfunctions command to latest version +* api-change:``transcribe``: This release adds support for transcriptions from audio sources in 64 new languages and introduces generative call summarization in Transcribe Call Analytics (Post call) +* api-change:``workspaces``: The release introduces Multi-Region Resilience one-way data replication that allows you to replicate data from your primary WorkSpace to a standby WorkSpace in another AWS Region. DescribeWorkspaces now returns the status of data replication. +* api-change:``workspaces-thin-client``: Initial release of Amazon WorkSpaces Thin Client + + +1.30.6 +====== + +* api-change:``kinesis``: This release adds support for resource based policies on streams and consumers. +* api-change:``s3control``: Amazon S3 Batch Operations now manages buckets or prefixes in a single step. +* api-change:``sagemaker``: This feature adds the end user license agreement status as a model access configuration parameter. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.30.5 +====== + +* api-change:``cloudfront-keyvaluestore``: This release adds support for CloudFront KeyValueStore, a globally managed key value datastore associated with CloudFront Functions. +* api-change:``cloudfront``: This release adds support for CloudFront KeyValueStore, a globally managed key value datastore associated with CloudFront Functions. +* api-change:``ec2``: Documentation updates for Amazon EC2. +* api-change:``inspector-scan``: This release adds support for the new Amazon Inspector Scan API. The new Inspector Scan API can synchronously scan SBOMs adhering to the CycloneDX v1.5 format. +* api-change:``iotsitewise``: Adds 1/ user-defined unique identifier for asset and model metadata, 2/ asset model components, and 3/ query API for asset metadata and telemetry data. Supports 4/ multi variate anomaly detection using Amazon Lookout for Equipment, 5/ warm storage tier, and 6/ buffered ingestion of time series data. +* api-change:``iottwinmaker``: This release adds following support. 1. New APIs for metadata bulk operations. 2. Modify the component type API to support composite component types - nesting component types within one another. 3. New list APIs for components and properties. 4. Support the larger scope digital twin modeling. +* api-change:``s3``: Add support for automatic date based partitioning in S3 Server Access Logs. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.30.4 +====== + +* api-change:``codestar-connections``: This release updates a few CodeStar Connections related APIs. +* api-change:``docdb``: Amazon DocumentDB updates for new cluster storage configuration: Amazon DocumentDB I/O-Optimized. +* api-change:``ec2``: This release adds support for Security group referencing over Transit gateways, enabling you to simplify Security group management and control of instance-to-instance traffic across VPCs that are connected by Transit gateway. + + +1.30.3 +====== + +* enhancement:``ssm`` Session Manager: Pass StartSession API response as environment variable to session-manager-plugin +* api-change:``appmesh``: Change the default value of these fields from 0 to null: MaxConnections, MaxPendingRequests, MaxRequests, HealthCheckThreshold, PortNumber, and HealthCheckPolicy -> port. Users are not expected to perceive the change, except that badRequestException is thrown when required fields missing configured. +* api-change:``athena``: Adding SerivicePreProcessing time metric +* api-change:``cloud9``: A minor doc only update related to changing the date of an API change. +* api-change:``cloudformation``: This release adds a new flag ImportExistingResources to CreateChangeSet. Specify this parameter on a CREATE- or UPDATE-type change set to import existing resources with custom names instead of recreating them. +* api-change:``codepipeline``: CodePipeline now supports overriding source revisions to achieve manual re-deploy of a past revision +* api-change:``codestar-connections``: This release adds support for the CloudFormation Git sync feature. Git sync enables updating a CloudFormation stack from a template stored in a Git repository. +* api-change:``connect``: This release adds WISDOM_QUICK_RESPONSES as new IntegrationType of Connect IntegrationAssociation resource and bug fixes. +* api-change:``dlm``: Added support for SAP HANA in Amazon Data Lifecycle Manager EBS snapshot lifecycle policies with pre and post scripts. +* api-change:``ec2``: This release adds new features for Amazon VPC IP Address Manager (IPAM) Allowing a choice between Free and Advanced Tiers, viewing public IP address insights across regions and in Amazon Cloudwatch, use IPAM to plan your subnet IPs within a VPC and bring your own autonomous system number to IPAM. +* api-change:``ecr``: Documentation and operational updates for Amazon ECR, adding support for pull through cache rules for upstream registries that require authentication. +* api-change:``emr``: Update emr command to latest version +* api-change:``events``: Update events command to latest version +* api-change:``internetmonitor``: Adds new querying capabilities for running data queries on a monitor +* api-change:``ivs``: type & defaulting refinement to various range properties +* api-change:``ivschat``: type & defaulting refinement to various range properties +* api-change:``kinesisvideo``: Docs only build to bring up-to-date with public docs. +* api-change:``location``: Remove default value and allow nullable for request parameters having minimum value larger than zero. +* api-change:``medialive``: MediaLive has now added support for per-output static image overlay. +* api-change:``mgn``: Removed invalid and unnecessary default values. +* api-change:``osis``: Add support for enabling a persistent buffer when creating or updating an OpenSearch Ingestion pipeline. Add tags to Pipeline and PipelineSummary response models. +* api-change:``pipes``: TargetParameters now properly supports BatchJobParameters.ArrayProperties.Size and BatchJobParameters.RetryStrategy.Attempts being optional, and EcsTaskParameters.Overrides.EphemeralStorage.SizeInGiB now properly required when setting EphemeralStorage +* api-change:``rds``: This release adds support for option groups and replica enhancements to Amazon RDS Custom. +* api-change:``redshift-serverless``: Updated SDK for Amazon Redshift Serverless, which provides the ability to configure a connection with IAM Identity Center to manage user and group access to databases. +* api-change:``redshift``: Updated SDK for Amazon Redshift, which you can use to configure a connection with IAM Identity Center to manage access to databases. With these, you can create a connection through a managed application. You can also change a managed application, delete it, or get information about an existing one. +* api-change:``s3``: Removes all default 0 values for numbers and false values for booleans +* api-change:``sso-admin``: Improves support for configuring RefreshToken and TokenExchange grants on applications. +* api-change:``sso-oidc``: Adding support for `sso-oauth:CreateTokenWithIAM`. +* api-change:``sts``: API updates for the AWS Security Token Service +* api-change:``trustedadvisor``: AWS Trusted Advisor introduces new APIs to enable you to programmatically access Trusted Advisor best practice checks, recommendations, and prioritized recommendations. Trusted Advisor APIs enable you to integrate Trusted Advisor with your operational tools to automate your workloads. +* api-change:``verifiedpermissions``: Adding BatchIsAuthorized API which supports multiple authorization requests against a PolicyStore +* api-change:``wisdom``: This release adds QuickResponse as a new Wisdom resource and Wisdom APIs for import, create, read, search, update and delete QuickResponse resources. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.30.2 +====== + +* api-change:``codecatalyst``: This release includes updates to the Dev Environment APIs to include an optional vpcConnectionName parameter that supports using Dev Environments with Amazon VPC. +* api-change:``dlm``: This release adds support for Amazon Data Lifecycle Manager default policies for EBS snapshots and EBS-backed AMIs. +* api-change:``ec2``: Enable use of tenant-specific PublicSigningKeyUrl from device trust providers and onboard jumpcloud as a new device trust provider. +* api-change:``fsx``: Enables customers to update their PerUnitStorageThroughput on their Lustre file systems. +* api-change:``glue``: Introduces new column statistics APIs to support statistics generation for tables within the Glue Data Catalog. +* api-change:``imagebuilder``: This release adds the Image Lifecycle Management feature to automate the process of deprecating, disabling and deleting outdated images and their associated resources. +* api-change:``iot``: GA release the ability to index and search devices based on their GeoLocation data. With GeoQueries you can narrow your search to retrieve devices located in the desired geographic boundary. +* api-change:``ivs-realtime``: This release introduces server side composition and recording for stages. +* api-change:``kafka``: Added a new API response field which determines if there is an action required from the customer regarding their cluster. +* api-change:``lambda``: Adds support for logging configuration in Lambda Functions. Customers will have more control how their function logs are captured and to which cloud watch log group they are delivered also. +* api-change:``macie2``: This release adds support for configuring Macie to assume an IAM role when retrieving sample occurrences of sensitive data reported by findings. +* api-change:``mediapackage``: DRM_TOP_LEVEL_COMPACT allows placing content protection elements at the MPD level and referenced at the AdaptationSet level +* api-change:``pinpoint-sms-voice-v2``: Amazon Pinpoint now offers additional operations as part of version 2 of the SMS and voice APIs. This release includes 26 new APIs to create and manage phone number registrations, add verified destination numbers, and request sender IDs. +* api-change:``polly``: Add new engine - long-form - dedicated for longer content, such as news articles, training materials, or marketing videos. +* api-change:``quicksight``: Custom permission support for QuickSight roles; Three new datasources STARBURST, TRINO, BIGQUERY; Lenient mode changes the default behavior to allow for exporting and importing with certain UI allowed errors, Support for permissions and tags export and import. +* api-change:``sagemaker``: Amazon SageMaker Studio now supports Trainium instance types - trn1.2xlarge, trn1.32xlarge, trn1n.32xlarge. +* api-change:``ssm-incidents``: Introduces new APIs ListIncidentFindings and BatchGetIncidentFindings to use findings related to an incident. +* api-change:``ssm``: This release introduces the ability to filter automation execution steps which have parent steps. In addition, runbook variable information is returned by GetAutomationExecution and parent step information is returned by the DescribeAutomationStepExecutions API. +* api-change:``sso-admin``: Instances bound to a single AWS account, API operations for managing instances and applications, and assignments to applications are now supported. Trusted identity propagation is also supported, with new API operations for managing trusted token issuers and application grants and scopes. +* api-change:``transfer``: Introduced S3StorageOptions for servers to enable directory listing optimizations and added Type fields to logical directory mappings. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.30.1 +====== + +* api-change:``autoscaling``: This release introduces Instance Maintenance Policy, a new EC2 Auto Scaling capability that allows customers to define whether instances are launched before or after existing instances are terminated during instance replacement operations. +* api-change:``cloudtrail``: The Lake Repricing feature lets customers configure a BillingMode for an event data store. The BillingMode determines the cost for ingesting and storing events and the default and maximum retention period for the event data store. +* api-change:``codecatalyst``: This release adds functionality for retrieving information about workflows and workflow runs and starting workflow runs in Amazon CodeCatalyst. +* api-change:``ec2``: AWS EBS now supports Snapshot Lock, giving users the ability to lock an EBS Snapshot to prohibit deletion of the snapshot. This release introduces the LockSnapshot, UnlockSnapshot & DescribeLockedSnapshots APIs to manage lock configuration for snapshots. The release also includes the dl2q_24xlarge. +* api-change:``finspace-data``: Adding deprecated trait to APIs in this name space. +* api-change:``finspace``: Adding deprecated trait on Dataset Browser Environment APIs +* api-change:``lambda``: Add Java 21 (java21) support to AWS Lambda +* api-change:``mwaa``: This Amazon MWAA release adds support for customer-managed VPC endpoints. This lets you choose whether to create, and manage your environment's VPC endpoints, or to have Amazon MWAA create, and manage them for you. +* api-change:``rds``: Updates Amazon RDS documentation for support for upgrading RDS for MySQL snapshots from version 5.7 to version 8.0. +* api-change:``redshift``: The custom domain name SDK for Amazon Redshift provisioned clusters is updated with additional required parameters for modify and delete operations. Additionally, users can provide domain names with longer top-level domains. +* api-change:``s3control``: Add 5 APIs to create, update, get, list, delete S3 Storage Lens group(eg. CreateStorageLensGroup), 3 APIs for tagging(TagResource,UntagResource,ListTagsForResource), and update to StorageLensConfiguration to allow metrics to be aggregated on Storage Lens groups. +* api-change:``ssm-sap``: Update the default value of MaxResult to 50. + + +1.30.0 +====== + +* api-change:``backup``: AWS Backup - Features: Provide Job Summary for your backup activity. +* api-change:``cleanrooms``: This feature provides the ability for the collaboration creator to configure either the member who can run queries or a different member in the collaboration to be billed for query compute costs. +* api-change:``connect``: Introducing SegmentAttributes parameter for StartChatContact API +* api-change:``glue``: Introduces new storage optimization APIs to support automatic compaction of Apache Iceberg tables. +* api-change:``iot``: This release introduces new attributes in API CreateSecurityProfile, UpdateSecurityProfile and DescribeSecurityProfile to support management of Metrics Export for AWS IoT Device Defender Detect. +* api-change:``lambda``: Add Python 3.12 (python3.12) support to AWS Lambda +* api-change:``mediatailor``: Removed unnecessary default values. +* api-change:``pipes``: Added support (via new LogConfiguration field in CreatePipe and UpdatePipe APIs) for logging to Amazon CloudWatch Logs, Amazon Simple Storage Service (Amazon S3), and Amazon Kinesis Data Firehose +* api-change:``resource-explorer-2``: Resource Explorer supports multi-account search. You can now use Resource Explorer to search and discover resources across AWS accounts within your organization or organizational unit. +* api-change:``sagemaker``: This release makes Model Registry Inference Specification fields as not required. +* api-change:``signer``: Documentation updates for AWS Signer +* api-change:``stepfunctions``: Update stepfunctions command to latest version +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version +* feature:ContainerProvider: Added Support for EKS container credentials + + +1.29.85 +======= + +* api-change:``dataexchange``: Removed Required trait for DataSet.OriginDetails.ProductId. +* api-change:``dms``: Added new Db2 LUW Target endpoint with related endpoint settings. New executeTimeout endpoint setting for mysql endpoint. New ReplicationDeprovisionTime field for serverless describe-replications. +* api-change:``ec2``: Adds the new EC2 DescribeInstanceTopology API, which you can use to retrieve the network topology of your running instances on select platform types to determine their relative proximity to each other. +* api-change:``ecs``: Adds a Client Token parameter to the ECS RunTask API. The Client Token parameter allows for idempotent RunTask requests. +* api-change:``emr``: Update emr command to latest version +* api-change:``servicecatalog-appregistry``: When the customer associates a resource collection to their application with this new feature, then a new application tag will be applied to all supported resources that are part of that collection. This allows customers to more easily find the application that is associated with those resources. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.29.84 +======= + +* api-change:``controltower``: AWS Control Tower supports tagging for enabled controls. This release introduces TagResource, UntagResource and ListTagsForResource APIs to manage tags in existing enabled controls. It updates EnabledControl API to tag resources at creation time. +* api-change:``cur``: This release adds support for tagging and customers can now tag report definitions. Additionally, ReportStatus is now added to report definition to show when the last delivered time stamp and if it succeeded or not. +* api-change:``ec2``: EC2 adds API updates to enable ENA Express at instance launch time. +* api-change:``fms``: Adds optimizeUnassociatedWebACL flag to ManagedServiceData, updates third-party firewall examples, and other minor documentation updates. +* api-change:``marketplace-entitlement``: Update marketplace-entitlement command to latest version +* api-change:``mediaconvert``: This release includes the ability to specify any input source as the primary input for corresponding follow modes, and allows users to specify fit and fill behaviors without resizing content. +* api-change:``rds``: Updates Amazon RDS documentation for zero-ETL integrations. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.29.83 +======= + +* api-change:``cloudformation``: Added new ConcurrencyMode feature for AWS CloudFormation StackSets for faster deployments to target accounts. +* api-change:``cloudtrail``: The Insights in Lake feature lets customers enable CloudTrail Insights on a source CloudTrail Lake event data store and create a destination event data store to collect Insights events based on unusual management event activity in the source event data store. +* api-change:``comprehend``: This release adds support for toxicity detection and prompt safety classification. +* api-change:``connect``: This release adds the ability to integrate customer lambda functions with Connect attachments for scanning and updates the ListIntegrationAssociations API to support filtering on IntegrationArn. +* api-change:``ec2``: AWS EBS now supports Block Public Access for EBS Snapshots. This release introduces the EnableSnapshotBlockPublicAccess, DisableSnapshotBlockPublicAccess and GetSnapshotBlockPublicAccessState APIs to manage account-level public access settings for EBS Snapshots in an AWS Region. +* api-change:``eks``: Adding EKS Anywhere subscription related operations. +* api-change:``lambda``: Add Custom runtime on Amazon Linux 2023 (provided.al2023) support to AWS Lambda. +* api-change:``logs``: Update to support new APIs for delivery of logs from AWS services. +* api-change:``omics``: Support UBAM filetype for Omics Storage and make referenceArn optional +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.29.82 +======= + +* api-change:``sqs``: This release enables customers to call SQS using AWS JSON-1.0 protocol and bug fix. + + +1.29.81 +======= + +* api-change:``connect``: This release clarifies in our public documentation that InstanceId is a requirement for SearchUsers API requests. +* api-change:``connectcases``: This release adds the ability to add/view comment authors through CreateRelatedItem and SearchRelatedItems API. For more information see https://docs.aws.amazon.com/cases/latest/APIReference/Welcome.html +* api-change:``datasync``: This change allows for 0 length access keys and secret keys for object storage locations. Users can now pass in empty string credentials. +* api-change:``guardduty``: Added API support for new GuardDuty EKS Audit Log finding types. +* api-change:``lambda``: Add Node 20 (nodejs20.x) support to AWS Lambda. +* api-change:``lexv2-models``: Update lexv2-models command to latest version +* api-change:``omics``: Adding Run UUID and Run Output URI: GetRun and StartRun API response has two new fields "uuid" and "runOutputUri". +* api-change:``rds``: This Amazon RDS release adds support for patching the OS of an RDS Custom for Oracle DB instance. You can now upgrade the database or operating system using the modify-db-instance command. +* api-change:``redshift-serverless``: Added a new parameter in the workgroup that helps you control your cost for compute resources. This feature provides a ceiling for RPUs that Amazon Redshift Serverless can scale up to. When automatic compute scaling is required, having a higher value for MaxRPU can enhance query throughput. +* api-change:``resiliencehub``: AWS Resilience Hub enhances Resiliency Score, providing actionable recommendations to improve application resilience. Amazon Elastic Kubernetes Service (EKS) operational recommendations have been added to help improve the resilience posture of your applications. +* api-change:``sqs``: This release enables customers to call SQS using AWS JSON-1.0 protocol. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.29.80 +======= + +* bugfix:``help``: Relax line length limit for rendered ``help`` pages +* api-change:``dataexchange``: Updated SendDataSetNotificationRequest Comment to be maximum length 4096. +* api-change:``dlm``: Added support for pre and post scripts in Amazon Data Lifecycle Manager EBS snapshot lifecycle policies. +* api-change:``rds``: This Amazon RDS release adds support for the multi-tenant configuration. In this configuration, an RDS DB instance can contain multiple tenant databases. In RDS for Oracle, a tenant database is a pluggable database (PDB). +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.29.79 +======= + +* api-change:``ce``: This release extends the GetReservationPurchaseRecommendation API to support recommendations for Amazon MemoryDB reservations. +* api-change:``codebuild``: AWS CodeBuild now supports AWS Lambda compute. +* api-change:``connect``: Added new API that allows Amazon Connect Outbound Campaigns to create contacts in Amazon Connect when ingesting your dial requests. +* api-change:``docdb``: Update the input of CreateDBInstance and ModifyDBInstance to support setting CA Certificates. Update the output of DescribeDBInstance and DescribeDBEngineVersions to show current and supported CA certificates. +* api-change:``iam``: Add partitional endpoint for iso-e. +* api-change:``mwaa``: This release adds support for Apache Airflow version 2.7.2. This version release includes support for deferrable operators and triggers. +* api-change:``polly``: Amazon Polly adds new US English voices - Danielle and Gregory. Danielle and Gregory are available as Neural voices only. +* api-change:``route53``: Add partitional endpoints for iso-e and iso-f. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.29.78 +======= + +* api-change:``config``: Updated ResourceType enum with new resource types onboarded by AWS Config in October 2023. +* api-change:``connect``: Amazon Connect Chat introduces Create Persistent Contact Association API, allowing customers to choose when to resume previous conversations from previous chats, eliminating the need to repeat themselves and allowing agents to provide personalized service with access to entire conversation history. +* api-change:``iotwireless``: Added LoRaWAN version 1.0.4 support +* api-change:``launch-wizard``: AWS Launch Wizard is a service that helps reduce the time it takes to deploy applications to the cloud while providing a guided deployment experience. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.29.77 +======= + +* api-change:``apprunner``: AWS App Runner now supports using dual-stack address type for the public endpoint of your incoming traffic. +* api-change:``connect``: GetMetricDataV2 API: Update to include new metrics PERCENT_NON_TALK_TIME, PERCENT_TALK_TIME, PERCENT_TALK_TIME_AGENT, PERCENT_TALK_TIME_CUSTOMER +* api-change:``gamelift``: Amazon GameLift adds support for shared credentials, which allows applications that are deployed on managed EC2 fleets to interact with other AWS resources. +* api-change:``glue``: This release introduces Google BigQuery Source and Target in AWS Glue CodeGenConfigurationNode. +* api-change:``network-firewall``: This release introduces the stateless rule analyzer, which enables you to analyze your stateless rules for asymmetric routing. +* api-change:``quicksight``: This release introduces Float Decimal Type as SubType in QuickSight SPICE datasets and Custom week start and Custom timezone options in Analysis and Dashboard +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.29.76 +======= + +* api-change:``connect``: Adds the BatchGetFlowAssociation API which returns flow associations (flow-resource) corresponding to the list of resourceArns supplied in the request. This release also adds IsDefault, LastModifiedRegion and LastModifiedTime fields to the responses of several Describe and List APIs. +* api-change:``globalaccelerator``: Global Accelerator now support accelerators with cross account endpoints. +* api-change:``rds``: This release adds support for customized networking resources to Amazon RDS Custom. +* api-change:``redshift``: Added support for Multi-AZ deployments for Provisioned RA3 clusters that provide 99.99% SLA availability. +* api-change:``sagemaker``: Support for batch transform input in Model dashboard + + +1.29.75 +======= + +* api-change:``amplify``: Add backend field to CreateBranch and UpdateBranch requests. Add pagination support for ListApps, ListDomainAssociations, ListBranches, and ListJobs +* api-change:``application-insights``: Automate attaching managed policies +* api-change:``ec2``: Capacity Blocks for ML are a new EC2 purchasing option for reserving GPU instances on a future date to support short duration machine learning (ML) workloads. Capacity Blocks automatically place instances close together inside Amazon EC2 UltraClusters for low-latency, high-throughput networking. +* api-change:``m2``: Added name filter ability for ListDataSets API, added ForceUpdate for Updating environment and BatchJob submission using S3BatchJobIdentifier +* api-change:``neptunedata``: Minor change to not retry CancelledByUserException +* api-change:``translate``: Added support for Brevity translation settings feature. + + +1.29.74 +======= + +* api-change:``connect``: This release adds InstanceId field for phone number APIs. +* api-change:``dataexchange``: We added a new API action: SendDataSetNotification. +* api-change:``datasync``: Platform version changes to support AL1 deprecation initiative. +* api-change:``finspace``: Introducing new API UpdateKxClusterCodeConfiguration, introducing new cache types for clusters and introducing new deployment modes for updating clusters. +* api-change:``mediapackagev2``: This feature allows customers to create a combination of manifest filtering, startover and time delay configuration that applies to all egress requests by default. +* api-change:``rds``: This release launches the CreateIntegration, DeleteIntegration, and DescribeIntegrations APIs to manage zero-ETL Integrations. +* api-change:``redshift-serverless``: Added support for custom domain names for Amazon Redshift Serverless workgroups. This feature enables customers to create a custom domain name and use ACM to generate fully secure connections to it. +* api-change:``resiliencehub``: Introduced the ability to filter applications by their last assessment date and time and have included metrics for the application's estimated workload Recovery Time Objective (RTO) and estimated workload Recovery Point Objective (RPO). +* api-change:``s3outposts``: Updated ListOutpostsWithS3 API response to include S3OutpostArn for use with AWS RAM. +* api-change:``wisdom``: This release added necessary API documents on creating a Wisdom knowledge base to integrate with S3. + + +1.29.73 +======= + +* api-change:``emr``: Update emr command to latest version +* api-change:``neptune``: Update TdeCredentialPassword type to SensitiveString +* api-change:``pinpoint``: Updated documentation to describe the case insensitivity for EndpointIds. +* api-change:``redshift``: added support to create a dual stack cluster +* api-change:``wafv2``: Updates the descriptions for the calls that manage web ACL associations, to provide information for customer-managed IAM policies. + + +1.29.72 +======= + +* api-change:``appstream``: This release introduces multi-session fleets, allowing customers to provision more than one user session on a single fleet instance. +* api-change:``ec2``: Launching GetSecurityGroupsForVpc API. This API gets security groups that can be associated by the AWS account making the request with network interfaces in the specified VPC. +* api-change:``network-firewall``: Network Firewall now supports inspection of outbound SSL/TLS traffic. +* api-change:``opensearch``: You can specify ipv4 or dualstack IPAddressType for cluster endpoints. If you specify IPAddressType as dualstack, the new endpoint will be visible under the 'EndpointV2' parameter and will support IPv4 and IPv6 requests. Whereas, the 'Endpoint' will continue to serve IPv4 requests. +* api-change:``redshift``: Add Redshift APIs GetResourcePolicy, DeleteResourcePolicy, PutResourcePolicy and DescribeInboundIntegrations for the new Amazon Redshift Zero-ETL integration feature, which can be used to control data ingress into Redshift namespace, and view inbound integrations. +* api-change:``sagemaker``: Amazon Sagemaker Autopilot now supports Text Generation jobs. +* api-change:``sns``: Message Archiving and Replay is now supported in Amazon SNS for FIFO topics. +* api-change:``ssm-sap``: AWS Systems Manager for SAP added support for registration and discovery of SAP ABAP applications +* api-change:``transfer``: No API changes from previous release. This release migrated the model to Smithy keeping all features unchanged. +* api-change:``endpoint-rules``: Update endpoint-rules command to latest version + + +1.29.71 +======= + +* api-change:``connectcases``: Increase maximum length of CommentBody to 3000, and increase maximum length of StringValue to 1500 +* api-change:``groundstation``: This release will allow KMS alias names to be used when creating Mission Profiles +* api-change:``iam``: Updates to GetAccessKeyLastUsed action to replace NoSuchEntity error with AccessDeniedException error. + + +1.29.70 +======= + +* api-change:``codepipeline``: Add ability to trigger pipelines from git tags, define variables at pipeline level and new pipeline type V2. +* api-change:``ec2``: This release updates the documentation for InstanceInterruptionBehavior and HibernationOptionsRequest to more accurately describe the behavior of these two parameters when using Spot hibernation. +* api-change:``eks``: Added support for Cluster Subnet and Security Group mutability. +* api-change:``iam``: Add the partitional endpoint for IAM in iso-f. +* api-change:``migrationhub-config``: This release introduces DeleteHomeRegionControl API that customers can use to delete the Migration Hub Home Region configuration +* api-change:``migrationhubstrategy``: This release introduces multi-data-source feature in Migration Hub Strategy Recommendations. This feature now supports vCenter as a data source to fetch inventory in addition to ADS and Import from file workflow that is currently supported with MHSR collector. +* api-change:``opensearchserverless``: This release includes the following new APIs: CreateLifecyclePolicy, UpdateLifecyclePolicy, BatchGetLifecyclePolicy, DeleteLifecyclePolicy, ListLifecyclePolicies and BatchGetEffectiveLifecyclePolicy to support the data lifecycle management feature. + + +1.29.69 +======= + +* api-change:``marketplacecommerceanalytics``: The StartSupportDataExport operation has been deprecated as part of the Product Support Connection deprecation. As of December 2022, Product Support Connection is no longer supported. +* api-change:``networkmanager``: This release adds API support for Tunnel-less Connect (NoEncap Protocol) for AWS Cloud WAN +* api-change:``redshift-serverless``: This release adds support for customers to see the patch version and workgroup version in Amazon Redshift Serverless. +* api-change:``rekognition``: Amazon Rekognition introduces StartMediaAnalysisJob, GetMediaAnalysisJob, and ListMediaAnalysisJobs operations to run a bulk analysis of images with a Detect Moderation model. + + +1.29.68 +======= + +* api-change:``appconfig``: Update KmsKeyIdentifier constraints to support AWS KMS multi-Region keys. +* api-change:``appintegrations``: Updated ScheduleConfig to be an optional input to CreateDataIntegration to support event driven downloading of files from sources such as Amazon s3 using Amazon Connect AppIntegrations. +* api-change:``connect``: This release adds support for updating phone number metadata, such as phone number description. +* api-change:``discovery``: This release introduces three new APIs: StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents. +* api-change:``medical-imaging``: Updates on documentation links +* api-change:``ssm``: This release introduces a new API: DeleteOpsItem. This allows deletion of an OpsItem. + + +1.29.67 +======= + +* api-change:``ec2``: Amazon EC2 C7a instances, powered by 4th generation AMD EPYC processors, are ideal for high performance, compute-intensive workloads such as high performance computing. Amazon EC2 R7i instances are next-generation memory optimized and powered by custom 4th Generation Intel Xeon Scalable processors. +* api-change:``managedblockchain-query``: This release adds support for Ethereum Sepolia network +* api-change:``neptunedata``: Doc changes to add IAM action mappings for the data actions. +* api-change:``omics``: This change enables customers to retrieve failure reasons with detailed status messages for their failed runs +* api-change:``opensearch``: Added Cluster Administrative options for node restart, opensearch process restart and opensearch dashboard restart for Multi-AZ without standby domains +* api-change:``quicksight``: This release adds the following: 1) Trino and Starburst Database Connectors 2) Custom total for tables and pivot tables 3) Enable restricted folders 4) Add rolling dates for time equality filters 5) Refine DataPathValue and introduce DataPathType 6) Add SeriesType to ReferenceLineDataConfiguration +* api-change:``secretsmanager``: Documentation updates for Secrets Manager +* api-change:``servicecatalog``: Introduce support for EXTERNAL product and provisioning artifact type in CreateProduct and CreateProvisioningArtifact APIs. +* api-change:``verifiedpermissions``: Improving Amazon Verified Permissions Create experience +* api-change:``workspaces``: Documentation updates for WorkSpaces + + +1.29.66 +======= + +* api-change:``cloud9``: Update to imageId parameter behavior and dates updated. +* api-change:``dynamodb``: Updating descriptions for several APIs. +* api-change:``kendra``: Changes for a new feature in Amazon Kendra's Query API to Collapse/Expand query results +* api-change:``rds``: This release adds support for upgrading the storage file system configuration on the DB instance using a blue/green deployment or a read replica. +* api-change:``wisdom``: This release adds an max limit of 25 recommendation ids for NotifyRecommendationsReceived API. + + +1.29.65 +======= + +* api-change:``codepipeline``: Add retryMode ALL_ACTIONS to RetryStageExecution API that retries a failed stage starting from first action in the stage +* api-change:``discovery``: This release introduces three new APIs: StartBatchDeleteConfigurationTask, DescribeBatchDeleteConfigurationTask, and BatchDeleteAgents. +* api-change:``ecs``: Documentation only updates to address Amazon ECS tickets. +* api-change:``globalaccelerator``: Fixed error where ListCustomRoutingEndpointGroups did not have a paginator +* api-change:``guardduty``: Add domainWithSuffix finding field to dnsRequestAction +* api-change:``kafka``: AWS Managed Streaming for Kafka is launching MSK Replicator, a new feature that enables customers to reliably replicate data across Amazon MSK clusters in same or different AWS regions. You can now use SDK to create, list, describe, delete, update, and manage tags of MSK Replicators. +* api-change:``route53-recovery-cluster``: Adds Owner field to ListRoutingControls API. +* api-change:``route53-recovery-control-config``: Adds permissions for GetResourcePolicy to support returning details about AWS Resource Access Manager resource policies for shared resources. + + +1.29.64 +======= + +* api-change:``cloudformation``: SDK and documentation updates for UpdateReplacePolicy +* api-change:``drs``: Updated exsiting API to allow AWS Elastic Disaster Recovery support of launching recovery into existing EC2 instances. +* api-change:``entityresolution``: This launch expands our matching techniques to include provider-based matching to help customer match, link, and enhance records with minimal data movement. With data service providers, we have removed the need for customers to build bespoke integrations,. +* api-change:``managedblockchain-query``: This release introduces two new APIs: GetAssetContract and ListAssetContracts. This release also adds support for Bitcoin Testnet. +* api-change:``mediapackagev2``: This release allows customers to manage MediaPackage v2 resource using CloudFormation. +* api-change:``opensearch``: This release allows customers to list and associate optional plugin packages with compatible Amazon OpenSearch Service clusters for enhanced functionality. +* api-change:``redshift-serverless``: Added support for managing credentials of serverless namespace admin using AWS Secrets Manager. +* api-change:``redshift``: Added support for managing credentials of provisioned cluster admin using AWS Secrets Manager. +* api-change:``sesv2``: This release provides enhanced visibility into your SES identity verification status. This will offer you more actionable insights, enabling you to promptly address any verification-related issues. +* api-change:``transfer``: Documentation updates for AWS Transfer Family +* api-change:``xray``: This releases enhances GetTraceSummaries API to support new TimeRangeType Service to query trace summaries by segment end time. + + +1.29.63 +======= + +* api-change:``auditmanager``: This release introduces a new limit to the awsAccounts parameter. When you create or update an assessment, there is now a limit of 200 AWS accounts that can be specified in the assessment scope. +* api-change:``autoscaling``: Update the NotificationMetadata field to only allow visible ascii characters. Add paginators to DescribeInstanceRefreshes, DescribeLoadBalancers, and DescribeLoadBalancerTargetGroups +* api-change:``config``: Add enums for resource types supported by Config +* api-change:``controltower``: Added new EnabledControl resource details to ListEnabledControls API and added new GetEnabledControl API. +* api-change:``customer-profiles``: Adds sensitive trait to various shapes in Customer Profiles Calculated Attribute API model. +* api-change:``ec2``: This release adds Ubuntu Pro as a supported platform for On-Demand Capacity Reservations and adds support for setting an Amazon Machine Image (AMI) to disabled state. Disabling the AMI makes it private if it was previously shared, and prevents new EC2 instance launches from it. +* api-change:``elbv2``: Update elbv2 command to latest version +* api-change:``glue``: Extending version control support to GitLab and Bitbucket from AWSGlue +* api-change:``inspector2``: Add MacOs ec2 platform support +* api-change:``ivs-realtime``: Update GetParticipant to return additional metadata. +* api-change:``lambda``: Adds support for Lambda functions to access Dual-Stack subnets over IPv6, via an opt-in flag in CreateFunction and UpdateFunctionConfiguration APIs +* api-change:``location``: This release adds endpoint updates for all AWS Location resource operations. +* api-change:``machinelearning``: This release marks Password field as sensitive +* api-change:``pricing``: Documentation updates for Price List +* api-change:``rds``: This release adds support for adding a dedicated log volume to open-source RDS instances. +* api-change:``rekognition``: Amazon Rekognition introduces support for Custom Moderation. This allows the enhancement of accuracy for detect moderation labels operations by creating custom adapters tuned on customer data. +* api-change:``sagemaker``: Amazon SageMaker Canvas adds KendraSettings and DirectDeploySettings support for CanvasAppSettings +* api-change:``textract``: This release adds 9 new APIs for adapter and adapter version management, 3 new APIs for tagging, and updates AnalyzeDocument and StartDocumentAnalysis API parameters for using adapters. +* api-change:``transcribe``: This release is to enable m4a format to customers +* api-change:``workspaces``: Updated the CreateWorkspaces action documentation to clarify that the PCoIP protocol is only available for Windows bundles. + + +1.29.62 +======= + +* api-change:``ec2``: Documentation updates for Elastic Compute Cloud (EC2). +* api-change:``fsx``: After performing steps to repair the Active Directory configuration of a file system, use this action to initiate the process of attempting to recover to the file system. +* api-change:``marketplace-catalog``: This release adds support for Document type as an alternative for stringified JSON for StartChangeSet, DescribeChangeSet and DescribeEntity APIs +* api-change:``quicksight``: NullOption in FilterListConfiguration; Dataset schema/table max length increased; Support total placement for pivot table visual; Lenient mode relaxes the validation to create resources with definition; Data sources can be added to folders; Redshift data sources support IAM Role-based authentication +* api-change:``transfer``: This release updates the max character limit of PreAuthenticationLoginBanner and PostAuthenticationLoginBanner to 4096 characters + + +1.29.61 +======= + +* api-change:``omics``: Add Etag Support for Omics Storage in ListReadSets and GetReadSetMetadata API +* api-change:``rds``: Updates Amazon RDS documentation for corrections and minor improvements. +* api-change:``route53``: Add hostedzonetype filter to ListHostedZones API. +* api-change:``securityhub``: Added new resource detail objects to ASFF, including resources for AwsEventsEventbus, AwsEventsEndpoint, AwsDmsEndpoint, AwsDmsReplicationTask, AwsDmsReplicationInstance, AwsRoute53HostedZone, and AwsMskCluster +* api-change:``storagegateway``: Add SoftwareVersion to response of DescribeGatewayInformation. +* api-change:``workspaces``: This release introduces Manage applications. This feature allows users to manage their WorkSpaces applications by associating or disassociating their WorkSpaces with applications. The DescribeWorkspaces API will now additionally return OperatingSystemName in its responses. + + +1.29.60 +======= + +* api-change:``appconfig``: AWS AppConfig introduces KMS customer-managed key (CMK) encryption support for data saved to AppConfig's hosted configuration store. +* api-change:``datazone``: Initial release of Amazon DataZone +* api-change:``mediatailor``: Updates DescribeVodSource to include a list of ad break opportunities in the response +* api-change:``mgn``: This release includes the following new APIs: ListConnectors, CreateConnector, UpdateConnector, DeleteConnector and UpdateSourceServer to support the source action framework feature. +* api-change:``sagemaker``: Adding support for AdditionalS3DataSource, a data source used for training or inference that is in addition to the input dataset or model data. + + +1.29.59 +======= + +* api-change:``connect``: GetMetricDataV2 API: Update to include new metrics CONTACTS_RESOLVED_IN_X , AVG_HOLD_TIME_ALL_CONTACTS , AVG_RESOLUTION_TIME , ABANDONMENT_RATE , AGENT_NON_RESPONSE_WITHOUT_CUSTOMER_ABANDONS with added features: Interval Period, TimeZone, Negate MetricFilters, Extended date time range. +* api-change:``location``: Amazon Location Service adds support for bounding polygon queries. Additionally, the GeofenceCount field has been added to the DescribeGeofenceCollection API response. +* api-change:``mediaconvert``: This release adds the ability to replace video frames without modifying the audio essence. +* api-change:``oam``: This release adds support for sharing AWS::ApplicationInsights::Application resources. +* api-change:``sagemaker``: This release allows users to run Selective Execution in SageMaker Pipelines without SourcePipelineExecutionArn if selected steps do not have any dependent steps. +* api-change:``wellarchitected``: AWS Well-Architected now supports Review Templates that allows you to create templates with pre-filled answers for Well-Architected and Custom Lens best practices. + + +1.29.58 +======= + +* api-change:``bedrock-runtime``: Add model timeout exception for InvokeModelWithResponseStream API and update validator for invoke model identifier. +* api-change:``bedrock``: Provisioned throughput feature with Amazon and third-party base models, and update validators for model identifier and taggable resource ARNs. +* api-change:``ec2``: Introducing Amazon EC2 R7iz instances with 3.9 GHz sustained all-core turbo frequency and deliver up to 20% better performance than previous generation z1d instances. +* api-change:``managedblockchain``: Remove Rinkeby as option from Ethereum APIs +* api-change:``rds``: Adds DefaultCertificateForNewLaunches field in the DescribeCertificates API response. +* api-change:``sso``: Fix FIPS Endpoints in aws-us-gov. +* api-change:``sts``: STS API updates for assumeRole +* api-change:``transfer``: Documentation updates for AWS Transfer Family + + +1.29.57 +======= + +* api-change:``bedrock``: Model Invocation logging added to enable or disable logs in customer account. Model listing and description support added. Provisioned Throughput feature added. Custom model support added for creating custom models. Also includes list, and delete functions for custom model. +* api-change:``bedrock-runtime``: Run Inference: Added support to run the inference on models. Includes set of APIs for running inference in streaming and non-streaming mode. +* api-change:``budgets``: Update DescribeBudgets and DescribeBudgetNotificationsForAccount MaxResults limit to 1000. +* api-change:``ec2``: Adds support for Customer Managed Key encryption for Amazon Verified Access resources +* api-change:``iotfleetwise``: AWS IoT FleetWise now supports encryption through a customer managed AWS KMS key. The PutEncryptionConfiguration and GetEncryptionConfiguration APIs were added. +* api-change:``sagemaker``: Online store feature groups supports Standard and InMemory tier storage types for low latency storage for real-time data retrieval. The InMemory tier supports collection types List, Set, and Vector. +* api-change:``sagemaker-featurestore-runtime``: Feature Store supports read/write of records with collection type features. +* api-change:``wafv2``: Correct and improve the documentation for the FieldToMatch option JA3 fingerprint. + + +1.29.56 +======= + +* api-change:``cognito-idp``: The UserPoolType Status field is no longer used. +* api-change:``firehose``: Features : Adding support for new data ingestion source to Kinesis Firehose - AWS Managed Services Kafka. +* api-change:``iot``: Added support for IoT Rules Engine Kafka Action Headers +* api-change:``textract``: This release adds new feature - Layout to Analyze Document API which can automatically extract layout elements such as titles, paragraphs, headers, section headers, lists, page numbers, footers, table areas, key-value areas and figure areas and order the elements as a human would read. + + +1.29.55 +======= + +* api-change:``appintegrations``: The Amazon AppIntegrations service adds a set of APIs (in preview) to manage third party applications to be used in Amazon Connect agent workspace. +* api-change:``apprunner``: This release allows an App Runner customer to specify a custom source directory to run the build & start command. This change allows App Runner to support monorepo based repositories +* api-change:``codedeploy``: CodeDeploy now supports In-place and Blue/Green EC2 deployments with multiple Classic Load Balancers and multiple Target Groups. +* api-change:``connect``: This release updates a set of Amazon Connect APIs that provides the ability to integrate third party applications in the Amazon Connect agent workspace. +* api-change:``dynamodb``: Amazon DynamoDB now supports Incremental Export as an enhancement to the existing Export Table +* api-change:``ec2``: The release includes AWS verified access to support FIPs compliance in North America regions +* api-change:``lakeformation``: This release adds three new API support "CreateLakeFormationOptIn", "DeleteLakeFormationOptIn" and "ListLakeFormationOptIns", and also updates the corresponding documentation. +* api-change:``pinpoint``: Update documentation for RemoveAttributes to more accurately reflect its behavior when attributes are deleted. +* api-change:``s3``: This release adds a new field COMPLETED to the ReplicationStatus Enum. You can now use this field to validate the replication status of S3 objects using the AWS SDK. + + +1.29.54 +======= + +* api-change:``amplifyuibuilder``: Support for generating code that is compatible with future versions of amplify project dependencies. +* api-change:``chime-sdk-media-pipelines``: Adds support for sending WebRTC audio to Amazon Kineses Video Streams. +* api-change:``emr-serverless``: This release adds support for application-wide default job configurations. +* api-change:``finspace-data``: Adding sensitive trait to attributes. Change max SessionDuration from 720 to 60. Correct "ApiAccess" attribute to "apiAccess" to maintain consistency between APIs. +* api-change:``quicksight``: Added ability to tag users upon creation. +* api-change:``ssm``: This release updates the enum values for ResourceType in SSM DescribeInstanceInformation input and ConnectionStatus in GetConnectionStatus output. +* api-change:``wafv2``: You can now perform an exact match against the web request's JA3 fingerprint. + + +1.29.53 +======= + +* api-change:``braket``: This release adds support to view the device queue depth (the number of queued quantum tasks and hybrid jobs on a device) and queue position for a quantum task and hybrid job. +* api-change:``dms``: new vendors for DMS CSF: MongoDB, MariaDB, DocumentDb and Redshift +* api-change:``ec2``: EC2 M2 Pro Mac instances are powered by Apple M2 Pro Mac Mini computers featuring 12 core CPU, 19 core GPU, 32 GiB of memory, and 16 core Apple Neural Engine and uniquely enabled by the AWS Nitro System through high-speed Thunderbolt connections. +* api-change:``efs``: Update efs command to latest version +* api-change:``guardduty``: Add `EKS_CLUSTER_NAME` to filter and sort key. +* api-change:``mediaconvert``: This release supports the creation of of audio-only tracks in CMAF output groups. + + 1.29.52 ======= diff --git a/MANIFEST.in b/MANIFEST.in index 7295cf117791..34fb540e8276 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -2,6 +2,7 @@ include README.rst include LICENSE.txt include requirements.txt include UPGRADE_PY3.md +include .pre-commit-config.yaml recursive-include awscli/examples *.rst *.txt recursive-include awscli/data *.json recursive-include awscli/topics *.rst *.json diff --git a/README.rst b/README.rst index 2a45287e969c..709b1a7f1df3 100644 --- a/README.rst +++ b/README.rst @@ -26,23 +26,22 @@ Requirements The aws-cli package works on Python versions: -- 3.7.x and greater - 3.8.x and greater - 3.9.x and greater - 3.10.x and greater - 3.11.x and greater +- 3.12.x and greater Notices ~~~~~~~ -On 2021-01-15, deprecation for Python 2.7 was announced and support was dropped -on 2021-07-15. To avoid disruption, customers using the AWS CLI on Python 2.7 may -need to upgrade their version of Python or pin the version of the AWS CLI. For -more information, see this `blog post `__. - On 2022-05-30, support for Python 3.6 was ended. This follows the Python Software Foundation `end of support `__ for the runtime which occurred on 2021-12-23. + +On 2023-12-13, support for Python 3.7 was ended. This follows the +Python Software Foundation `end of support `__ +for the runtime which occurred on 2023-06-27. For more information, see this `blog post `__. *Attention!* @@ -158,7 +157,7 @@ this: aws_secret_access_key=MYSECRETKEY [testing] - aws_access_key_id=MYACCESKEY + aws_access_key_id=MYACCESSKEY aws_secret_access_key=MYSECRETKEY and place it in ``~/.aws/credentials`` (or in diff --git a/UPGRADE_PY3.md b/UPGRADE_PY3.md index 1b3aec08d6dd..a2ed2f39bc3f 100644 --- a/UPGRADE_PY3.md +++ b/UPGRADE_PY3.md @@ -15,7 +15,7 @@ v1. You can upgrade to the AWS CLI v2 to avoid these deprecations in the future. ---- ## Timeline -Going forward, customers using the CLI v1 should transition to using Python 3, with Python 3.7 becoming +Going forward, customers using the CLI v1 should transition to using Python 3, with Python 3.8 becoming the minimum by the end of the transition. The deprecation dates for the affected versions of Python are: |Python version|Deprecation date| @@ -23,6 +23,7 @@ the minimum by the end of the transition. The deprecation dates for the affected | Python 2.7| 7/15/2021| | Python 3.4 and 3.5| 2/1/2021| | Python 3.6| 5/30/2022| +| Python 3.7| 12/13/2023| ## Impact on the AWS CLI @@ -48,7 +49,7 @@ $ aws --version aws-cli/1.18.191 Python/2.7.18 Darwin/19.6.0 botocore/1.19.31 ``` -If the second portion of the version string, starting with **Python/** isn’t Python/3.7.x +If the second portion of the version string, starting with **Python/** isn’t Python/3.8.x or higher, you should review the options below. ### Installing CLI with Python 3 @@ -61,7 +62,7 @@ Otherwise, upgrading Python versions isn’t difficult. 1. To begin, uninstall your existing copy of the AWS CLI. You can find instructions in the [CLI v1 installation guide](https://docs.aws.amazon.com/cli/latest/userguide/install-linux.html). -2. Now we’ll install Python 3.7 or later. You can get Python from +2. Now we’ll install Python 3.8 or later. You can get Python from [Python.org](https://www.python.org/downloads) or using your local package manager. In this example, we’ll use a recent version, Python 3.8.7, to ensure the longest support window. 3. Next, depending on your installation method, the new Python installation should be available at @@ -88,7 +89,7 @@ $ python awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws 7. If you wish, you may verify that the newly installed copy of the AWS CLI tool, **aws**, is using the correct version of Python. The **aws --version** command reports the **aws** tool's version number, followed by the version of Python it's running under, then the operating system -version and the version of botocore. As long as the Python version is at least 3.7, +version and the version of botocore. As long as the Python version is at least 3.8, you're ready to go: ```bash $ aws --version diff --git a/awscli/__init__.py b/awscli/__init__.py index b7ddafb6a27b..4657529279ed 100644 --- a/awscli/__init__.py +++ b/awscli/__init__.py @@ -15,9 +15,10 @@ ---- A Universal Command Line Environment for Amazon Web Services. """ + import os -__version__ = '1.29.52' +__version__ = '1.37.17' # # Get our data path to be added to botocore's search path @@ -40,8 +41,16 @@ } -SCALAR_TYPES = set([ - 'string', 'float', 'integer', 'long', 'boolean', 'double', - 'blob', 'timestamp' -]) +SCALAR_TYPES = set( + [ + 'string', + 'float', + 'integer', + 'long', + 'boolean', + 'double', + 'blob', + 'timestamp', + ] +) COMPLEX_TYPES = set(['structure', 'map', 'list']) diff --git a/awscli/__main__.py b/awscli/__main__.py index 7d49ba7f871c..63263a3cb831 100644 --- a/awscli/__main__.py +++ b/awscli/__main__.py @@ -16,6 +16,5 @@ from awscli.clidriver import main - if __name__ == "__main__": sys.exit(main()) diff --git a/awscli/alias.py b/awscli/alias.py index 697fa4322857..29014051ff2e 100644 --- a/awscli/alias.py +++ b/awscli/alias.py @@ -17,11 +17,10 @@ from botocore.configloader import raw_config_parse -from awscli.compat import compat_shell_quote from awscli.commands import CLICommand +from awscli.compat import compat_shell_quote from awscli.utils import emit_top_level_args_parsed_event - LOG = logging.getLogger(__name__) @@ -29,10 +28,13 @@ class InvalidAliasException(Exception): pass -class AliasLoader(object): - def __init__(self, - alias_filename=os.path.expanduser( - os.path.join('~', '.aws', 'cli', 'alias'))): +class AliasLoader: + def __init__( + self, + alias_filename=os.path.expanduser( + os.path.join('~', '.aws', 'cli', 'alias') + ), + ): """Interface for loading and interacting with alias file :param alias_filename: The name of the file to load aliases from. @@ -47,8 +49,7 @@ def _build_aliases(self): def _load_aliases(self): if os.path.exists(self._filename): - return raw_config_parse( - self._filename, parse_subsections=False) + return raw_config_parse(self._filename, parse_subsections=False) return {'toplevel': {}} def _cleanup_alias_values(self, aliases): @@ -63,7 +64,7 @@ def get_aliases(self): return self._aliases.get('toplevel', {}) -class AliasCommandInjector(object): +class AliasCommandInjector: def __init__(self, session, alias_loader): """Injects alias commands for a command table @@ -77,22 +78,26 @@ def __init__(self, session, alias_loader): self._alias_loader = alias_loader def inject_aliases(self, command_table, parser): - for alias_name, alias_value in \ - self._alias_loader.get_aliases().items(): + for ( + alias_name, + alias_value, + ) in self._alias_loader.get_aliases().items(): if alias_value.startswith('!'): alias_cmd = ExternalAliasCommand(alias_name, alias_value) else: service_alias_cmd_args = [ - alias_name, alias_value, self._session, command_table, - parser + alias_name, + alias_value, + self._session, + command_table, + parser, ] # If the alias name matches something already in the # command table provide the command it is about # to clobber as a possible reference that it will # need to proxy to. if alias_name in command_table: - service_alias_cmd_args.append( - command_table[alias_name]) + service_alias_cmd_args.append(command_table[alias_name]) alias_cmd = ServiceAliasCommand(*service_alias_cmd_args) command_table[alias_name] = alias_cmd @@ -126,13 +131,17 @@ def name(self, value): class ServiceAliasCommand(BaseAliasCommand): - UNSUPPORTED_GLOBAL_PARAMETERS = [ - 'debug', - 'profile' - ] - - def __init__(self, alias_name, alias_value, session, command_table, - parser, shadow_proxy_command=None): + UNSUPPORTED_GLOBAL_PARAMETERS = ('debug', 'profile') + + def __init__( + self, + alias_name, + alias_value, + session, + command_table, + parser, + shadow_proxy_command=None, + ): """Command for a `toplevel` subcommand alias :type alias_name: string @@ -163,7 +172,7 @@ def __init__(self, alias_name, alias_value, session, command_table, to this command as opposed to proxy to itself in the command table """ - super(ServiceAliasCommand, self).__init__(alias_name, alias_value) + super().__init__(alias_name, alias_value) self._session = session self._command_table = command_table self._parser = parser @@ -172,14 +181,18 @@ def __init__(self, alias_name, alias_value, session, command_table, def __call__(self, args, parsed_globals): alias_args = self._get_alias_args() parsed_alias_args, remaining = self._parser.parse_known_args( - alias_args) + alias_args + ) self._update_parsed_globals(parsed_alias_args, parsed_globals) # Take any of the remaining arguments that were not parsed out and # prepend them to the remaining args provided to the alias. remaining.extend(args) LOG.debug( 'Alias %r passing on arguments: %r to %r command', - self._alias_name, remaining, parsed_alias_args.command) + self._alias_name, + remaining, + parsed_alias_args.command, + ) # Pass the update remaining args and global args to the service command # the alias proxied to. command = self._command_table[parsed_alias_args.command] @@ -190,9 +203,9 @@ def __call__(self, args, parsed_globals): # a built-in command. if shadow_name == parsed_alias_args.command: LOG.debug( - 'Using shadowed command object: %s ' - 'for alias: %s', self._shadow_proxy_command, - self._alias_name + 'Using shadowed command object: %s for alias: %s', + self._shadow_proxy_command, + self._alias_name, ) command = self._shadow_proxy_command return command(remaining, parsed_globals) @@ -202,21 +215,23 @@ def _get_alias_args(self): alias_args = shlex.split(self._alias_value) except ValueError as e: raise InvalidAliasException( - 'Value of alias "%s" could not be parsed. ' - 'Received error: %s when parsing:\n%s' % ( - self._alias_name, e, self._alias_value) + f'Value of alias "{self._alias_name}" could not be parsed. ' + f'Received error: {e} when parsing:\n{self._alias_value}' ) alias_args = [arg.strip(os.linesep) for arg in alias_args] LOG.debug( 'Expanded subcommand alias %r with value: %r to: %r', - self._alias_name, self._alias_value, alias_args + self._alias_name, + self._alias_value, + alias_args, ) return alias_args def _update_parsed_globals(self, parsed_alias_args, parsed_globals): global_params_to_update = self._get_global_parameters_to_update( - parsed_alias_args) + parsed_alias_args + ) # Emit the top level args parsed event to ensure all possible # customizations that typically get applied are applied to the # global parameters provided in the alias before updating @@ -241,9 +256,10 @@ def _get_global_parameters_to_update(self, parsed_alias_args): if self._parser.get_default(parsed_param) != value: if parsed_param in self.UNSUPPORTED_GLOBAL_PARAMETERS: raise InvalidAliasException( - 'Global parameter "--%s" detected in alias "%s" ' - 'which is not support in subcommand aliases.' % ( - parsed_param, self._alias_name)) + f'Global parameter "--{parsed_param}" detected in alias ' + f'"{self._alias_name}" which is not supported in ' + 'subcommand aliases.' + ) else: global_params_to_update.append(parsed_param) return global_params_to_update @@ -272,12 +288,13 @@ def __init__(self, alias_name, alias_value, invoker=subprocess.call): self._invoker = invoker def __call__(self, args, parsed_globals): - command_components = [ - self._alias_value[1:] - ] + command_components = [self._alias_value[1:]] command_components.extend(compat_shell_quote(a) for a in args) command = ' '.join(command_components) LOG.debug( 'Using external alias %r with value: %r to run: %r', - self._alias_name, self._alias_value, command) + self._alias_name, + self._alias_value, + command, + ) return self._invoker(command, shell=True) diff --git a/awscli/argparser.py b/awscli/argparser.py index 126b27f8e1e9..c50634e469da 100644 --- a/awscli/argparser.py +++ b/awscli/argparser.py @@ -12,10 +12,8 @@ # language governing permissions and limitations under the License. import argparse import sys -from awscli.compat import six from difflib import get_close_matches - AWS_CLI_V2_MESSAGE = ( 'Note: AWS CLI version 2, the latest major version ' 'of the AWS CLI, is now stable and recommended for general ' @@ -46,9 +44,10 @@ class CommandAction(argparse.Action): are dynamically retrieved from the keys of the referenced command table """ + def __init__(self, option_strings, dest, command_table, **kwargs): self.command_table = command_table - super(CommandAction, self).__init__( + super().__init__( option_strings, dest, choices=self.choices, **kwargs ) @@ -84,9 +83,9 @@ def _check_value(self, action, value): # converted value must be one of the choices (if specified) if action.choices is not None and value not in action.choices: msg = ['Invalid choice, valid choices are:\n'] - for i in range(len(action.choices))[::self.ChoicesPerLine]: + for i in range(len(action.choices))[:: self.ChoicesPerLine]: current = [] - for choice in action.choices[i:i+self.ChoicesPerLine]: + for choice in action.choices[i : i + self.ChoicesPerLine]: current.append('%-40s' % choice) msg.append(' | '.join(current)) possible = get_close_matches(value, action.choices, cutoff=0.8) @@ -98,7 +97,9 @@ def _check_value(self, action, value): raise argparse.ArgumentError(action, '\n'.join(msg)) def parse_known_args(self, args, namespace=None): - parsed, remaining = super(CLIArgParser, self).parse_known_args(args, namespace) + parsed, remaining = super().parse_known_args( + args, namespace + ) terminal_encoding = getattr(sys.stdin, 'encoding', 'utf-8') if terminal_encoding is None: # In some cases, sys.stdin won't have an encoding set, @@ -106,12 +107,12 @@ def parse_known_args(self, args, namespace=None): # default to utf-8. terminal_encoding = 'utf-8' for arg, value in vars(parsed).items(): - if isinstance(value, six.binary_type): + if isinstance(value, bytes): setattr(parsed, arg, value.decode(terminal_encoding)) elif isinstance(value, list): encoded = [] for v in value: - if isinstance(v, six.binary_type): + if isinstance(v, bytes): encoded.append(v.decode(terminal_encoding)) else: encoded.append(v) @@ -122,15 +123,22 @@ def parse_known_args(self, args, namespace=None): class MainArgParser(CLIArgParser): Formatter = argparse.RawTextHelpFormatter - def __init__(self, command_table, version_string, - description, argument_table, prog=None): - super(MainArgParser, self).__init__( + def __init__( + self, + command_table, + version_string, + description, + argument_table, + prog=None, + ): + super().__init__( formatter_class=self.Formatter, add_help=False, conflict_handler='resolve', description=description, usage=USAGE, - prog=prog) + prog=prog, + ) self._build(command_table, version_string, argument_table) def _create_choice_help(self, choices): @@ -143,27 +151,32 @@ def _build(self, command_table, version_string, argument_table): for argument_name in argument_table: argument = argument_table[argument_name] argument.add_to_parser(self) - self.add_argument('--version', action="version", - version=version_string, - help='Display the version of this tool') - self.add_argument('command', action=CommandAction, - command_table=command_table) + self.add_argument( + '--version', + action="version", + version=version_string, + help='Display the version of this tool', + ) + self.add_argument( + 'command', action=CommandAction, command_table=command_table + ) class ServiceArgParser(CLIArgParser): - def __init__(self, operations_table, service_name): - super(ServiceArgParser, self).__init__( + super().__init__( formatter_class=argparse.RawTextHelpFormatter, add_help=False, conflict_handler='resolve', - usage=USAGE) + usage=USAGE, + ) self._build(operations_table) self._service_name = service_name def _build(self, operations_table): - self.add_argument('operation', action=CommandAction, - command_table=operations_table) + self.add_argument( + 'operation', action=CommandAction, command_table=operations_table + ) class ArgTableArgParser(CLIArgParser): @@ -173,11 +186,12 @@ def __init__(self, argument_table, command_table=None): # command_table is an optional subcommand_table. If it's passed # in, then we'll update the argparse to parse a 'subcommand' argument # and populate the choices field with the command table keys. - super(ArgTableArgParser, self).__init__( + super().__init__( formatter_class=self.Formatter, add_help=False, usage=USAGE, - conflict_handler='resolve') + conflict_handler='resolve', + ) if command_table is None: command_table = {} self._build(argument_table, command_table) @@ -187,8 +201,12 @@ def _build(self, argument_table, command_table): argument = argument_table[arg_name] argument.add_to_parser(self) if command_table: - self.add_argument('subcommand', action=CommandAction, - command_table=command_table, nargs='?') + self.add_argument( + 'subcommand', + action=CommandAction, + command_table=command_table, + nargs='?', + ) def parse_known_args(self, args, namespace=None): if len(args) == 1 and args[0] == 'help': @@ -196,5 +214,6 @@ def parse_known_args(self, args, namespace=None): namespace.help = 'help' return namespace, [] else: - return super(ArgTableArgParser, self).parse_known_args( - args, namespace) + return super().parse_known_args( + args, namespace + ) diff --git a/awscli/argprocess.py b/awscli/argprocess.py index 5cd418ce2606..14bc648e3edd 100644 --- a/awscli/argprocess.py +++ b/awscli/argprocess.py @@ -11,19 +11,19 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. """Module for processing CLI args.""" -import os + import logging -from awscli.compat import six +import os from botocore.compat import OrderedDict, json +from botocore.utils import is_json_value_header -from awscli import SCALAR_TYPES, COMPLEX_TYPES -from awscli import shorthand +from awscli import COMPLEX_TYPES, SCALAR_TYPES, shorthand from awscli.utils import ( - find_service_and_method_in_event_name, is_document_type, - is_document_type_container + find_service_and_method_in_event_name, + is_document_type, + is_document_type_container, ) -from botocore.utils import is_json_value_header LOG = logging.getLogger('awscli.argprocess') @@ -41,9 +41,8 @@ def __init__(self, cli_name, message): :param message: The error message to display to the user. """ - full_message = ("Error parsing parameter '%s': %s" % - (cli_name, message)) - super(ParamError, self).__init__(full_message) + full_message = "Error parsing parameter '%s': %s" % (cli_name, message) + super().__init__(full_message) self.cli_name = cli_name self.message = message @@ -56,16 +55,18 @@ class ParamUnknownKeyError(Exception): def __init__(self, key, valid_keys): valid_keys = ', '.join(valid_keys) full_message = ( - "Unknown key '%s', valid choices " - "are: %s" % (key, valid_keys)) - super(ParamUnknownKeyError, self).__init__(full_message) + f"Unknown key '{key}', valid choices are: {valid_key}" + ) + super().__init__(full_message) class TooComplexError(Exception): pass -def unpack_argument(session, service_name, operation_name, cli_argument, value): +def unpack_argument( + session, service_name, operation_name, cli_argument, value +): """ Unpack an argument's value from the commandline. This is part one of a two step process in handling commandline arguments. Emits the load-cli-arg @@ -77,11 +78,12 @@ def unpack_argument(session, service_name, operation_name, cli_argument, value): param_name = getattr(cli_argument, 'name', 'anonymous') value_override = session.emit_first_non_none_response( - 'load-cli-arg.%s.%s.%s' % (service_name, - operation_name, - param_name), - param=cli_argument, value=value, service_name=service_name, - operation_name=operation_name) + f'load-cli-arg.{service_name}.{operation_name}.{param_name}', + param=cli_argument, + value=value, + service_name=service_name, + operation_name=operation_name, + ) if value_override is not None: value = value_override @@ -103,8 +105,10 @@ def _detect_shape_structure(param, stack): if param.type_name in SCALAR_TYPES: return 'scalar' elif param.type_name == 'structure': - sub_types = [_detect_shape_structure(p, stack) - for p in param.members.values()] + sub_types = [ + _detect_shape_structure(p, stack) + for p in param.members.values() + ] # We're distinguishing between structure(scalar) # and structure(scalars), because for the case of # a single scalar in a structure we can simplify @@ -142,31 +146,33 @@ def unpack_cli_arg(cli_argument, value): :return: The "unpacked" argument than can be sent to the `Operation` object in python. """ - return _unpack_cli_arg(cli_argument.argument_model, value, - cli_argument.cli_name) + return _unpack_cli_arg( + cli_argument.argument_model, value, cli_argument.cli_name + ) def _special_type(model): # check if model is jsonvalue header and that value is serializable - if model.serialization.get('jsonvalue') and \ - model.serialization.get('location') == 'header' and \ - model.type_name == 'string': + if ( + model.serialization.get('jsonvalue') + and model.serialization.get('location') == 'header' + and model.type_name == 'string' + ): return True return False def _unpack_cli_arg(argument_model, value, cli_name): - if is_json_value_header(argument_model) or \ - is_document_type(argument_model): + if is_json_value_header(argument_model) or is_document_type( + argument_model + ): return _unpack_json_cli_arg(argument_model, value, cli_name) elif argument_model.type_name in SCALAR_TYPES: - return unpack_scalar_cli_arg( - argument_model, value, cli_name) + return unpack_scalar_cli_arg(argument_model, value, cli_name) elif argument_model.type_name in COMPLEX_TYPES: - return _unpack_complex_cli_arg( - argument_model, value, cli_name) + return _unpack_complex_cli_arg(argument_model, value, cli_name) else: - return six.text_type(value) + return str(value) def _unpack_json_cli_arg(argument_model, value, cli_name): @@ -174,8 +180,8 @@ def _unpack_json_cli_arg(argument_model, value, cli_name): return json.loads(value, object_pairs_hook=OrderedDict) except ValueError as e: raise ParamError( - cli_name, "Invalid JSON: %s\nJSON received: %s" - % (e, value)) + cli_name, f"Invalid JSON: {e}\nJSON received: {value}" + ) def _unpack_complex_cli_arg(argument_model, value, cli_name): @@ -183,9 +189,9 @@ def _unpack_complex_cli_arg(argument_model, value, cli_name): if type_name == 'structure' or type_name == 'map': if value.lstrip()[0] == '{': return _unpack_json_cli_arg(argument_model, value, cli_name) - raise ParamError(cli_name, "Invalid JSON:\n%s" % value) + raise ParamError(cli_name, f"Invalid JSON:\n{value}") elif type_name == 'list': - if isinstance(value, six.string_types): + if isinstance(value, str): if value.lstrip()[0] == '[': return _unpack_json_cli_arg(argument_model, value, cli_name) elif isinstance(value, list) and len(value) == 1: @@ -199,9 +205,10 @@ def _unpack_complex_cli_arg(argument_model, value, cli_name): # 2. It's possible this is a list of json objects: # --filters '{"Name": ..}' '{"Name": ...}' member_shape_model = argument_model.member - return [_unpack_cli_arg(member_shape_model, v, cli_name) - for v in value] - except (ValueError, TypeError) as e: + return [ + _unpack_cli_arg(member_shape_model, v, cli_name) for v in value + ] + except (ValueError, TypeError): # The list params don't have a name/cli_name attached to them # so they will have bad error messages. We're going to # attach the parent parameter to this error message to provide @@ -212,13 +219,21 @@ def _unpack_complex_cli_arg(argument_model, value, cli_name): def unpack_scalar_cli_arg(argument_model, value, cli_name=''): # Note the cli_name is used strictly for error reporting. It's # not required to use unpack_scalar_cli_arg - if argument_model.type_name == 'integer' or argument_model.type_name == 'long': + if ( + argument_model.type_name == 'integer' + or argument_model.type_name == 'long' + ): return int(value) - elif argument_model.type_name == 'float' or argument_model.type_name == 'double': + elif ( + argument_model.type_name == 'float' + or argument_model.type_name == 'double' + ): # TODO: losing precision on double types return float(value) - elif argument_model.type_name == 'blob' and \ - argument_model.serialization.get('streaming'): + elif ( + argument_model.type_name == 'blob' + and argument_model.serialization.get('streaming') + ): file_path = os.path.expandvars(value) file_path = os.path.expanduser(file_path) if not os.path.isfile(file_path): @@ -226,7 +241,7 @@ def unpack_scalar_cli_arg(argument_model, value, cli_name=''): raise ParamError(cli_name, msg) return open(file_path, 'rb') elif argument_model.type_name == 'boolean': - if isinstance(value, six.string_types) and value.lower() == 'false': + if isinstance(value, str) and value.lower() == 'false': return False return bool(value) else: @@ -257,8 +272,7 @@ def _is_complex_shape(model): return True -class ParamShorthand(object): - +class ParamShorthand: def _uses_old_list_case(self, service_id, operation_name, argument_name): """ Determines whether a given operation for a service needs to use the @@ -266,27 +280,24 @@ def _uses_old_list_case(self, service_id, operation_name, argument_name): a single member. """ cases = { - 'firehose': { - 'put-record-batch': ['records'] - }, + 'firehose': {'put-record-batch': ['records']}, 'workspaces': { 'reboot-workspaces': ['reboot-workspace-requests'], 'rebuild-workspaces': ['rebuild-workspace-requests'], - 'terminate-workspaces': ['terminate-workspace-requests'] + 'terminate-workspaces': ['terminate-workspace-requests'], }, 'elastic-load-balancing': { 'remove-tags': ['tags'], 'describe-instance-health': ['instances'], 'deregister-instances-from-load-balancer': ['instances'], - 'register-instances-with-load-balancer': ['instances'] - } + 'register-instances-with-load-balancer': ['instances'], + }, } cases = cases.get(service_id, {}).get(operation_name, []) return argument_name in cases class ParamShorthandParser(ParamShorthand): - def __init__(self): self._parser = shorthand.ShorthandParser() self._visitor = shorthand.BackCompatVisitor() @@ -322,18 +333,21 @@ def __call__(self, cli_argument, value, event_name, **kwargs): if not self._should_parse_as_shorthand(cli_argument, value): return else: - service_id, operation_name = \ - find_service_and_method_in_event_name(event_name) + service_id, operation_name = find_service_and_method_in_event_name( + event_name + ) return self._parse_as_shorthand( - cli_argument, value, service_id, operation_name) + cli_argument, value, service_id, operation_name + ) - def _parse_as_shorthand(self, cli_argument, value, service_id, - operation_name): + def _parse_as_shorthand( + self, cli_argument, value, service_id, operation_name + ): try: - LOG.debug("Parsing param %s as shorthand", - cli_argument.cli_name) + LOG.debug("Parsing param %s as shorthand", cli_argument.cli_name) handled_value = self._handle_special_cases( - cli_argument, value, service_id, operation_name) + cli_argument, value, service_id, operation_name + ) if handled_value is not None: return handled_value if isinstance(value, list): @@ -358,15 +372,20 @@ def _parse_as_shorthand(self, cli_argument, value, service_id, raise ParamError(cli_argument.cli_name, str(e)) return parsed - def _handle_special_cases(self, cli_argument, value, service_id, - operation_name): + def _handle_special_cases( + self, cli_argument, value, service_id, operation_name + ): # We need to handle a few special cases that the previous # parser handled in order to stay backwards compatible. model = cli_argument.argument_model - if model.type_name == 'list' and \ - model.member.type_name == 'structure' and \ - len(model.member.members) == 1 and \ - self._uses_old_list_case(service_id, operation_name, cli_argument.name): + if ( + model.type_name == 'list' + and model.member.type_name == 'structure' + and len(model.member.members) == 1 + and self._uses_old_list_case( + service_id, operation_name, cli_argument.name + ) + ): # First special case is handling a list of structures # of a single element such as: # @@ -379,11 +398,13 @@ def _handle_special_cases(self, cli_argument, value, service_id, key_name = list(model.member.members.keys())[0] new_values = [{key_name: v} for v in value] return new_values - elif model.type_name == 'structure' and \ - len(model.members) == 1 and \ - 'Value' in model.members and \ - model.members['Value'].type_name == 'string' and \ - '=' not in value: + elif ( + model.type_name == 'structure' + and len(model.members) == 1 + and 'Value' in model.members + and model.members['Value'].type_name == 'string' + and '=' not in value + ): # Second special case is where a structure of a single # value whose member name is "Value" can be specified # as: @@ -401,10 +422,14 @@ def _should_parse_as_shorthand(self, cli_argument, value): check_val = value[0] else: check_val = value - if isinstance(check_val, six.string_types) and check_val.strip().startswith( - ('[', '{')): - LOG.debug("Param %s looks like JSON, not considered for " - "param shorthand.", cli_argument.py_name) + if isinstance(check_val, str) and check_val.strip().startswith( + ('[', '{') + ): + LOG.debug( + "Param %s looks like JSON, not considered for " + "param shorthand.", + cli_argument.py_name, + ) return False model = cli_argument.argument_model return _supports_shorthand_syntax(model) @@ -422,8 +447,9 @@ def supports_shorthand(self, argument_model): return _supports_shorthand_syntax(argument_model) return False - def generate_shorthand_example(self, cli_argument, service_id, - operation_name): + def generate_shorthand_example( + self, cli_argument, service_id, operation_name + ): """Generate documentation for a CLI argument. :type cli_argument: awscli.arguments.BaseCLIArgument @@ -438,7 +464,8 @@ def generate_shorthand_example(self, cli_argument, service_id, """ docstring = self._handle_special_cases( - cli_argument, service_id, operation_name) + cli_argument, service_id, operation_name + ) if docstring is self._DONT_DOC: return None elif docstring: @@ -458,22 +485,27 @@ def generate_shorthand_example(self, cli_argument, service_id, def _handle_special_cases(self, cli_argument, service_id, operation_name): model = cli_argument.argument_model - if model.type_name == 'list' and \ - model.member.type_name == 'structure' and \ - len(model.member.members) == 1 and \ - self._uses_old_list_case( - service_id, operation_name, cli_argument.name): + if ( + model.type_name == 'list' + and model.member.type_name == 'structure' + and len(model.member.members) == 1 + and self._uses_old_list_case( + service_id, operation_name, cli_argument.name + ) + ): member_name = list(model.member.members)[0] # Handle special case where the min/max is exactly one. metadata = model.metadata + cli_name = cli_argument.cli_name if metadata.get('min') == 1 and metadata.get('max') == 1: - return '%s %s1' % (cli_argument.cli_name, member_name) - return '%s %s1 %s2 %s3' % (cli_argument.cli_name, member_name, - member_name, member_name) - elif model.type_name == 'structure' and \ - len(model.members) == 1 and \ - 'Value' in model.members and \ - model.members['Value'].type_name == 'string': + return f'{cli_name} {member_name}1' + return f'{cli_name} {member_name}1 {member_name}2 {member_name}3' + elif ( + model.type_name == 'structure' + and len(model.members) == 1 + and 'Value' in model.members + and model.members['Value'].type_name == 'string' + ): return self._DONT_DOC return '' diff --git a/awscli/arguments.py b/awscli/arguments.py index 06873e94dad9..1c621b865740 100644 --- a/awscli/arguments.py +++ b/awscli/arguments.py @@ -36,15 +36,14 @@ user input and maps the input value to several API parameters. """ + import logging -from botocore import xform_name from botocore.hooks import first_non_none_response from awscli.argprocess import unpack_cli_arg from awscli.schema import SchemaTransformer -from botocore import model - +from botocore import model, xform_name LOG = logging.getLogger('awscli.arguments') @@ -66,7 +65,7 @@ def create_argument_model_from_schema(schema): return arg_shape -class BaseCLIArgument(object): +class BaseCLIArgument: """Interface for CLI argument. This class represents the interface used for representing CLI @@ -203,11 +202,24 @@ class CustomArgument(BaseCLIArgument): """ - def __init__(self, name, help_text='', dest=None, default=None, - action=None, required=None, choices=None, nargs=None, - cli_type_name=None, group_name=None, positional_arg=False, - no_paramfile=False, argument_model=None, synopsis='', - const=None): + def __init__( + self, + name, + help_text='', + dest=None, + default=None, + action=None, + required=None, + choices=None, + nargs=None, + cli_type_name=None, + group_name=None, + positional_arg=False, + no_paramfile=False, + argument_model=None, + synopsis='', + const=None, + ): self._name = name self._help = help_text self._dest = dest @@ -235,8 +247,10 @@ def __init__(self, name, help_text='', dest=None, default=None, # If the top level element is a list then set nargs to # accept multiple values separated by a space. - if self.argument_model is not None and \ - self.argument_model.type_name == 'list': + if ( + self.argument_model is not None + and self.argument_model.type_name == 'list' + ): self._nargs = '+' def _create_scalar_argument_model(self): @@ -337,9 +351,7 @@ def nargs(self): class CLIArgument(BaseCLIArgument): - """Represents a CLI argument that maps to a service parameter. - - """ + """Represents a CLI argument that maps to a service parameter.""" TYPE_MAP = { 'structure': str, @@ -352,12 +364,18 @@ class CLIArgument(BaseCLIArgument): 'long': int, 'boolean': bool, 'double': float, - 'blob': str + 'blob': str, } - def __init__(self, name, argument_model, operation_model, - event_emitter, is_required=False, - serialized_name=None): + def __init__( + self, + name, + argument_model, + operation_model, + event_emitter, + is_required=False, + serialized_name=None, + ): """ :type name: str @@ -433,7 +451,8 @@ def add_to_parser(self, parser): cli_name, help=self.documentation, type=self.cli_type, - required=self.required) + required=self.required, + ) def add_to_params(self, parameters, value): if value is None: @@ -451,16 +470,23 @@ def add_to_params(self, parameters, value): # below. Sometimes this can be more complicated, and subclasses # can customize as they need. unpacked = self._unpack_argument(value) - LOG.debug('Unpacked value of %r for parameter "%s": %r', value, - self.py_name, unpacked) + LOG.debug( + 'Unpacked value of %r for parameter "%s": %r', + value, + self.py_name, + unpacked, + ) parameters[self._serialized_name] = unpacked def _unpack_argument(self, value): service_name = self._operation_model.service_model.service_name operation_name = xform_name(self._operation_model.name, '-') - override = self._emit_first_response('process-cli-arg.%s.%s' % ( - service_name, operation_name), param=self.argument_model, - cli_argument=self, value=value) + override = self._emit_first_response( + f'process-cli-arg.{service_name}.{operation_name}', + param=self.argument_model, + cli_argument=self, + value=value, + ) if override is not None: # A plugin supplied an alternate conversion, # use it instead. @@ -478,13 +504,11 @@ def _emit_first_response(self, name, **kwargs): class ListArgument(CLIArgument): - def add_to_parser(self, parser): cli_name = self.cli_name - parser.add_argument(cli_name, - nargs='*', - type=self.cli_type, - required=self.required) + parser.add_argument( + cli_name, nargs='*', type=self.cli_type, required=self.required + ) class BooleanArgument(CLIArgument): @@ -504,17 +528,27 @@ class BooleanArgument(CLIArgument): """ - def __init__(self, name, argument_model, operation_model, - event_emitter, - is_required=False, action='store_true', dest=None, - group_name=None, default=None, - serialized_name=None): - super(BooleanArgument, self).__init__(name, - argument_model, - operation_model, - event_emitter, - is_required, - serialized_name=serialized_name) + def __init__( + self, + name, + argument_model, + operation_model, + event_emitter, + is_required=False, + action='store_true', + dest=None, + group_name=None, + default=None, + serialized_name=None, + ): + super().__init__( + name, + argument_model, + operation_model, + event_emitter, + is_required, + serialized_name=serialized_name, + ) self._mutex_group = None self._action = action if dest is None: @@ -545,18 +579,25 @@ def add_to_arg_table(self, argument_table): argument_table[self.name] = self negative_name = 'no-%s' % self.name negative_version = self.__class__( - negative_name, self.argument_model, - self._operation_model, self._event_emitter, - action='store_false', dest=self._destination, - group_name=self.group_name, serialized_name=self._serialized_name) + negative_name, + self.argument_model, + self._operation_model, + self._event_emitter, + action='store_false', + dest=self._destination, + group_name=self.group_name, + serialized_name=self._serialized_name, + ) argument_table[negative_name] = negative_version def add_to_parser(self, parser): - parser.add_argument(self.cli_name, - help=self.documentation, - action=self._action, - default=self._default, - dest=self._destination) + parser.add_argument( + self.cli_name, + help=self.documentation, + action=self._action, + default=self._default, + dest=self._destination, + ) @property def group_name(self): diff --git a/awscli/bcdoc/docstringparser.py b/awscli/bcdoc/docstringparser.py index 868bd5d8914b..51cd46e55fae 100644 --- a/awscli/bcdoc/docstringparser.py +++ b/awscli/bcdoc/docstringparser.py @@ -10,10 +10,10 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -from botocore.compat import six +from html.parser import HTMLParser -class DocStringParser(six.moves.html_parser.HTMLParser): +class DocStringParser(HTMLParser): """ A simple HTML parser. Focused on converting the subset of HTML that appears in the documentation strings of the JSON models into @@ -23,20 +23,20 @@ class DocStringParser(six.moves.html_parser.HTMLParser): def __init__(self, doc): self.tree = None self.doc = doc - six.moves.html_parser.HTMLParser.__init__(self) + HTMLParser.__init__(self) def reset(self): - six.moves.html_parser.HTMLParser.reset(self) + HTMLParser.reset(self) self.tree = HTMLTree(self.doc) def feed(self, data): # HTMLParser is an old style class, so the super() method will not work. - six.moves.html_parser.HTMLParser.feed(self, data) + HTMLParser.feed(self, data) self.tree.write() self.tree = HTMLTree(self.doc) def close(self): - six.moves.html_parser.HTMLParser.close(self) + HTMLParser.close(self) # Write if there is anything remaining. self.tree.write() self.tree = HTMLTree(self.doc) @@ -51,12 +51,13 @@ def handle_data(self, data): self.tree.add_data(data) -class HTMLTree(object): +class HTMLTree: """ A tree which handles HTML nodes. Designed to work with a python HTML parser, meaning that the current_node will be the most recently opened tag. When a tag is closed, the current_node moves up to the parent node. """ + def __init__(self, doc): self.doc = doc self.head = StemNode() @@ -93,7 +94,7 @@ def write(self): self.head.write(self.doc) -class Node(object): +class Node: def __init__(self, parent=None): self.parent = parent @@ -103,7 +104,7 @@ def write(self, doc): class StemNode(Node): def __init__(self, parent=None): - super(StemNode, self).__init__(parent) + super().__init__(parent) self.children = [] def add_child(self, child): @@ -122,8 +123,9 @@ class TagNode(StemNode): """ A generic Tag node. It will verify that handlers exist before writing. """ + def __init__(self, tag, attrs=None, parent=None): - super(TagNode, self).__init__(parent) + super().__init__(parent) self.attrs = attrs self.tag = tag @@ -145,11 +147,11 @@ def _write_end(self, doc): class LineItemNode(TagNode): def __init__(self, attrs=None, parent=None): - super(LineItemNode, self).__init__('li', attrs, parent) + super().__init__('li', attrs, parent) def write(self, doc): self._lstrip(self) - super(LineItemNode, self).write(doc) + super().write(doc) def _lstrip(self, node): """ @@ -174,9 +176,10 @@ class DataNode(Node): """ A Node that contains only string data. """ + def __init__(self, data, parent=None): - super(DataNode, self).__init__(parent) - if not isinstance(data, six.string_types): + super().__init__(parent) + if not isinstance(data, str): raise ValueError("Expecting string type, %s given." % type(data)) self.data = data diff --git a/awscli/bcdoc/restdoc.py b/awscli/bcdoc/restdoc.py index cdb6be14dcbc..d194d0e9f0ac 100644 --- a/awscli/bcdoc/restdoc.py +++ b/awscli/bcdoc/restdoc.py @@ -67,6 +67,23 @@ def push_write(self, s): """ self._writes.append(s) + def find_last_write(self, content): + """ + Returns the index of the last occurrence of the content argument + in the stack, or returns None if content is not on the stack. + """ + try: + return len(self._writes) - self._writes[::-1].index(content) - 1 + except ValueError: + return None + + def insert_write(self, index, content): + """ + Inserts the content argument to the stack directly before the + supplied index. + """ + self._writes.insert(index, content) + def getvalue(self): """ Returns the current content of the document as a string. diff --git a/awscli/clidocs.py b/awscli/clidocs.py index 9d8fb9d59159..6fb5c1696d0a 100644 --- a/awscli/clidocs.py +++ b/awscli/clidocs.py @@ -13,7 +13,7 @@ import logging import os import re -from botocore import xform_name + from botocore.model import StringShape from botocore.utils import is_json_value_header @@ -22,21 +22,24 @@ from awscli.bcdoc.docevents import DOC_EVENTS from awscli.topictags import TopicTagDB from awscli.utils import ( - find_service_and_method_in_event_name, is_document_type, - operation_uses_document_types, is_streaming_blob_type, - is_tagged_union_type + find_service_and_method_in_event_name, + is_document_type, + is_streaming_blob_type, + is_tagged_union_type, + operation_uses_document_types, ) LOG = logging.getLogger(__name__) -EXAMPLES_DIR = os.path.join(os.path.dirname(os.path.abspath(__file__)), - 'examples') +EXAMPLES_DIR = os.path.join( + os.path.dirname(os.path.abspath(__file__)), 'examples' +) GLOBAL_OPTIONS_FILE = os.path.join(EXAMPLES_DIR, 'global_options.rst') -GLOBAL_OPTIONS_SYNOPSIS_FILE = os.path.join(EXAMPLES_DIR, - 'global_synopsis.rst') - +GLOBAL_OPTIONS_SYNOPSIS_FILE = os.path.join( + EXAMPLES_DIR, 'global_synopsis.rst' +) -class CLIDocumentEventHandler(object): +class CLIDocumentEventHandler: def __init__(self, help_command): self.help_command = help_command self.register(help_command.session, help_command.event_class) @@ -91,9 +94,11 @@ def unregister(self): handler method will be unregistered for the all events of that type for the specified ``event_class``. """ - self._map_handlers(self.help_command.session, - self.help_command.event_class, - self.help_command.session.unregister) + self._map_handlers( + self.help_command.session, + self.help_command.event_class, + self.help_command.session.unregister, + ) # These are default doc handlers that apply in the general case. @@ -108,7 +113,7 @@ def doc_breadcrumbs(self, help_command, **kwargs): doc.write(' . ') full_cmd_list.append(cmd) full_cmd_name = ' '.join(full_cmd_list) - doc.write(':ref:`%s `' % (cmd, full_cmd_name)) + doc.write(f':ref:`{cmd} `') doc.write(' ]') def doc_title(self, help_command, **kwargs): @@ -117,7 +122,7 @@ def doc_title(self, help_command, **kwargs): reference = help_command.event_class.replace('.', ' ') if reference != 'aws': reference = 'aws ' + reference - doc.writeln('.. _cli:%s:' % reference) + doc.writeln(f'.. _cli:{reference}:') doc.style.h1(help_command.name) def doc_description(self, help_command, **kwargs): @@ -131,7 +136,7 @@ def doc_synopsis_start(self, help_command, **kwargs): doc = help_command.doc doc.style.h2('Synopsis') doc.style.start_codeblock() - doc.writeln('%s' % help_command.name) + doc.writeln(help_command.name) def doc_synopsis_option(self, arg_name, help_command, **kwargs): doc = help_command.doc @@ -141,17 +146,19 @@ def doc_synopsis_option(self, arg_name, help_command, **kwargs): # This arg is already documented so we can move on. return option_str = ' | '.join( - [a.cli_name for a in - self._arg_groups[argument.group_name]]) + a.cli_name for a in self._arg_groups[argument.group_name] + ) self._documented_arg_groups.append(argument.group_name) elif argument.cli_name.startswith('--'): - option_str = '%s ' % argument.cli_name + option_str = f'{argument.cli_name} ' else: - option_str = '<%s>' % argument.cli_name - if not (argument.required - or getattr(argument, '_DOCUMENT_AS_REQUIRED', False)): - option_str = '[%s]' % option_str - doc.writeln('%s' % option_str) + option_str = f'<{argument.cli_name}>' + if not ( + argument.required + or getattr(argument, '_DOCUMENT_AS_REQUIRED', False) + ): + option_str = f'[{option_str}]' + doc.writeln(option_str) def doc_synopsis_end(self, help_command, **kwargs): doc = help_command.doc @@ -177,13 +184,15 @@ def doc_option(self, arg_name, help_command, **kwargs): # This arg is already documented so we can move on. return name = ' | '.join( - ['``%s``' % a.cli_name for a in - self._arg_groups[argument.group_name]]) + f'``{a.cli_name}``' for a in self._arg_groups[argument.group_name] + ) self._documented_arg_groups.append(argument.group_name) else: - name = '``%s``' % argument.cli_name - doc.write('%s (%s)\n' % (name, self._get_argument_type_name( - argument.argument_model, argument.cli_type_name))) + name = f'``{argument.cli_name}``' + argument_type_name = self._get_argument_type_name( + argument.argument_model, argument.cli_type_name + ) + doc.write(f'{name} ({argument_type_name})\n') doc.style.indent() doc.include_doc_string(argument.documentation) if is_streaming_blob_type(argument.argument_model): @@ -210,8 +219,7 @@ def doc_relateditem(self, help_command, related_item, **kwargs): doc = help_command.doc doc.write('* ') doc.style.sphinx_reference_label( - label='cli:%s' % related_item, - text=related_item + label=f'cli:{related_item}', text=related_item ) doc.write('\n') @@ -223,7 +231,7 @@ def _document_enums(self, model, doc): doc.write('Possible values:') doc.style.start_ul() for enum in model.enum: - doc.style.li('``%s``' % enum) + doc.style.li(f'``{enum}``') doc.style.end_ul() def _document_nested_structure(self, model, doc): @@ -231,8 +239,9 @@ def _document_nested_structure(self, model, doc): member_type_name = getattr(model, 'type_name', None) if member_type_name == 'structure': for member_name, member_shape in model.members.items(): - self._doc_member(doc, member_name, member_shape, - stack=[model.name]) + self._doc_member( + doc, member_name, member_shape, stack=[model.name] + ) elif member_type_name == 'list': self._doc_member(doc, '', model.member, stack=[model.name]) elif member_type_name == 'map': @@ -253,19 +262,19 @@ def _doc_member(self, doc, member_name, member_shape, stack): return stack.append(member_shape.name) try: - self._do_doc_member(doc, member_name, - member_shape, stack) + self._do_doc_member(doc, member_name, member_shape, stack) finally: stack.pop() def _do_doc_member(self, doc, member_name, member_shape, stack): docs = member_shape.documentation type_name = self._get_argument_type_name( - member_shape, member_shape.type_name) + member_shape, member_shape.type_name + ) if member_name: - doc.write('%s -> (%s)' % (member_name, type_name)) + doc.write(f'{member_name} -> ({type_name})') else: - doc.write('(%s)' % type_name) + doc.write(f'({type_name})') doc.style.indent() doc.style.new_paragraph() doc.include_doc_string(docs) @@ -290,26 +299,26 @@ def _do_doc_member(self, doc, member_name, member_shape, stack): def _add_streaming_blob_note(self, doc): doc.style.start_note() - msg = ("This argument is of type: streaming blob. " - "Its value must be the path to a file " - "(e.g. ``path/to/file``) and must **not** " - "be prefixed with ``file://`` or ``fileb://``") + msg = ( + "This argument is of type: streaming blob. " + "Its value must be the path to a file " + "(e.g. ``path/to/file``) and must **not** " + "be prefixed with ``file://`` or ``fileb://``" + ) doc.writeln(msg) doc.style.end_note() def _add_tagged_union_note(self, shape, doc): doc.style.start_note() - members_str = ", ".join( - [f'``{key}``' for key in shape.members.keys()] + members_str = ", ".join(f'``{key}``' for key in shape.members.keys()) + doc.writeln( + "This is a Tagged Union structure. Only one of the " + f"following top level keys can be set: {members_str}." ) - msg = ("This is a Tagged Union structure. Only one of the " - f"following top level keys can be set: {members_str}.") - doc.writeln(msg) doc.style.end_note() class ProviderDocumentEventHandler(CLIDocumentEventHandler): - def doc_breadcrumbs(self, help_command, event_name, **kwargs): pass @@ -339,12 +348,10 @@ def doc_subitems_start(self, help_command, **kwargs): def doc_subitem(self, command_name, help_command, **kwargs): doc = help_command.doc - file_name = '%s/index' % command_name - doc.style.tocitem(command_name, file_name=file_name) + doc.style.tocitem(command_name, file_name=f"{command_name}/index") class ServiceDocumentEventHandler(CLIDocumentEventHandler): - # A service document has no synopsis. def doc_synopsis_start(self, help_command, **kwargs): pass @@ -390,15 +397,13 @@ def doc_subitem(self, command_name, help_command, **kwargs): # If the subcommand table has commands in it, # direct the subitem to the command's index because # it has more subcommands to be documented. - if (len(subcommand_table) > 0): - file_name = '%s/index' % command_name - doc.style.tocitem(command_name, file_name=file_name) + if len(subcommand_table) > 0: + doc.style.tocitem(command_name, file_name=f"{command_name}/index") else: doc.style.tocitem(command_name) class OperationDocumentEventHandler(CLIDocumentEventHandler): - AWS_DOC_BASE = 'https://docs.aws.amazon.com/goto/WebAPI' def doc_description(self, help_command, **kwargs): @@ -409,7 +414,6 @@ def doc_description(self, help_command, **kwargs): self._add_webapi_crosslink(help_command) self._add_note_for_document_types_if_used(help_command) - def _add_webapi_crosslink(self, help_command): doc = help_command.doc operation_model = help_command.obj @@ -422,8 +426,7 @@ def _add_webapi_crosslink(self, help_command): return doc.style.new_paragraph() doc.write("See also: ") - link = '%s/%s/%s' % (self.AWS_DOC_BASE, service_uid, - operation_model.name) + link = f'{self.AWS_DOC_BASE}/{service_uid}/{operation_model.name}' doc.style.external_link(title="AWS API Documentation", link=link) doc.writeln('') @@ -431,27 +434,29 @@ def _add_note_for_document_types_if_used(self, help_command): if operation_uses_document_types(help_command.obj): help_command.doc.style.new_paragraph() help_command.doc.writeln( - '``%s`` uses document type values. Document types follow the ' - 'JSON data model where valid values are: strings, numbers, ' - 'booleans, null, arrays, and objects. For command input, ' - 'options and nested parameters that are labeled with the type ' - '``document`` must be provided as JSON. Shorthand syntax does ' - 'not support document types.' % help_command.name + f'``{help_command.name}`` uses document type values. Document ' + 'types follow the JSON data model where valid values are: ' + 'strings, numbers, booleans, null, arrays, and objects. For ' + 'command input, options and nested parameters that are labeled ' + 'with the type ``document`` must be provided as JSON. ' + 'Shorthand syntax does not support document types.' ) - def _json_example_value_name(self, argument_model, include_enum_values=True): + def _json_example_value_name( + self, argument_model, include_enum_values=True + ): # If include_enum_values is True, then the valid enum values # are included as the sample JSON value. if isinstance(argument_model, StringShape): if argument_model.enum and include_enum_values: choices = argument_model.enum - return '|'.join(['"%s"' % c for c in choices]) + return '|'.join(f'"{c}"' for c in choices) else: return '"string"' elif argument_model.type_name == 'boolean': return 'true|false' else: - return '%s' % argument_model.type_name + return argument_model.type_name def _json_example(self, doc, argument_model, stack): if argument_model.name in stack: @@ -471,7 +476,8 @@ def _do_json_example(self, doc, argument_model, stack): if argument_model.type_name == 'list': doc.write('[') if argument_model.member.type_name in SCALAR_TYPES: - doc.write('%s, ...' % self._json_example_value_name(argument_model.member)) + example_name = self._json_example_value_name(argument_model.member) + doc.write(f'{example_name}, ...') else: doc.style.indent() doc.style.new_line() @@ -485,7 +491,7 @@ def _do_json_example(self, doc, argument_model, stack): doc.write('{') doc.style.indent() key_string = self._json_example_value_name(argument_model.key) - doc.write('%s: ' % key_string) + doc.write(f'{key_string}: ') if argument_model.value.type_name in SCALAR_TYPES: doc.write(self._json_example_value_name(argument_model.value)) else: @@ -514,16 +520,16 @@ def _doc_input_structure_members(self, doc, argument_model, stack): member_model = members[member_name] member_type_name = member_model.type_name if member_type_name in SCALAR_TYPES: - doc.write('"%s": %s' % (member_name, - self._json_example_value_name(member_model))) + example_name = self._json_example_value_name(member_model) + doc.write(f'"{member_name}": {example_name}') elif member_type_name == 'structure': - doc.write('"%s": ' % member_name) + doc.write(f'"{member_name}": ') self._json_example(doc, member_model, stack) elif member_type_name == 'map': - doc.write('"%s": ' % member_name) + doc.write(f'"{member_name}": ') self._json_example(doc, member_model, stack) elif member_type_name == 'list': - doc.write('"%s": ' % member_name) + doc.write(f'"{member_name}": ') self._json_example(doc, member_model, stack) if i < len(members) - 1: doc.write(',') @@ -533,8 +539,9 @@ def _doc_input_structure_members(self, doc, argument_model, stack): doc.write('}') def doc_option_example(self, arg_name, help_command, event_name, **kwargs): - service_id, operation_name = \ - find_service_and_method_in_event_name(event_name) + service_id, operation_name = find_service_and_method_in_event_name( + event_name + ) doc = help_command.doc cli_argument = help_command.arg_table[arg_name] if cli_argument.group_name in self._arg_groups: @@ -546,7 +553,8 @@ def doc_option_example(self, arg_name, help_command, event_name, **kwargs): docgen = ParamShorthandDocGen() if docgen.supports_shorthand(cli_argument.argument_model): example_shorthand_syntax = docgen.generate_shorthand_example( - cli_argument, service_id, operation_name) + cli_argument, service_id, operation_name + ) if example_shorthand_syntax is None: # If the shorthand syntax returns a value of None, # this indicates to us that there is no example @@ -560,8 +568,11 @@ def doc_option_example(self, arg_name, help_command, event_name, **kwargs): for example_line in example_shorthand_syntax.splitlines(): doc.writeln(example_line) doc.style.end_codeblock() - if argument_model is not None and argument_model.type_name == 'list' and \ - argument_model.member.type_name in SCALAR_TYPES: + if ( + argument_model is not None + and argument_model.type_name == 'list' + and argument_model.member.type_name in SCALAR_TYPES + ): # A list of scalars is special. While you *can* use # JSON ( ["foo", "bar", "baz"] ), you can also just # use the argparse behavior of space separated lists. @@ -572,8 +583,9 @@ def doc_option_example(self, arg_name, help_command, event_name, **kwargs): doc.write('Syntax') doc.style.start_codeblock() example_type = self._json_example_value_name( - member, include_enum_values=False) - doc.write('%s %s ...' % (example_type, example_type)) + member, include_enum_values=False + ) + doc.write(f'{example_type} {example_type} ...') if isinstance(member, StringShape) and member.enum: # If we have enum values, we can tell the user # exactly what valid values they can provide. @@ -592,7 +604,7 @@ def _write_valid_enums(self, doc, enum_values): doc.style.new_paragraph() doc.write("Where valid values are:\n") for value in enum_values: - doc.write(" %s\n" % value) + doc.write(f" {value}\n") doc.write("\n") def doc_output(self, help_command, event_name, **kwargs): @@ -614,7 +626,8 @@ class TopicListerDocumentEventHandler(CLIDocumentEventHandler): 'the list of topics from the command line, run ``aws help topics``. ' 'To access a specific topic from the command line, run ' '``aws help [topicname]``, where ``topicname`` is the name of the ' - 'topic as it appears in the output from ``aws help topics``.') + 'topic as it appears in the output from ``aws help topics``.' + ) def __init__(self, help_command): self.help_command = help_command @@ -633,8 +646,8 @@ def doc_title(self, help_command, **kwargs): doc = help_command.doc doc.style.new_paragraph() doc.style.link_target_definition( - refname='cli:aws help %s' % self.help_command.name, - link='') + refname=f'cli:aws help {self.help_command.name}', link='' + ) doc.style.h1('AWS CLI Topic Guide') def doc_description(self, help_command, **kwargs): @@ -674,13 +687,13 @@ def doc_subitems_start(self, help_command, **kwargs): # each category. for topic_name in sorted(categories[category_name]): description = self._topic_tag_db.get_tag_single_value( - topic_name, 'description') + topic_name, 'description' + ) doc.write('* ') doc.style.sphinx_reference_label( - label='cli:aws help %s' % topic_name, - text=topic_name + label=f'cli:aws help {topic_name}', text=topic_name ) - doc.write(': %s\n' % description) + doc.write(f': {description}\n') # Add a hidden toctree to make sure everything is connected in # the document. doc.style.hidden_toctree() @@ -689,7 +702,6 @@ def doc_subitems_start(self, help_command, **kwargs): class TopicDocumentEventHandler(TopicListerDocumentEventHandler): - def doc_breadcrumbs(self, help_command, **kwargs): doc = help_command.doc if doc.target != 'man': @@ -697,8 +709,7 @@ def doc_breadcrumbs(self, help_command, **kwargs): doc.style.sphinx_reference_label(label='cli:aws', text='aws') doc.write(' . ') doc.style.sphinx_reference_label( - label='cli:aws help topics', - text='topics' + label='cli:aws help topics', text='topics' ) doc.write(' ]') @@ -706,22 +717,24 @@ def doc_title(self, help_command, **kwargs): doc = help_command.doc doc.style.new_paragraph() doc.style.link_target_definition( - refname='cli:aws help %s' % self.help_command.name, - link='') + refname=f'cli:aws help {self.help_command.name}', link='' + ) title = self._topic_tag_db.get_tag_single_value( - help_command.name, 'title') + help_command.name, 'title' + ) doc.style.h1(title) def doc_description(self, help_command, **kwargs): doc = help_command.doc - topic_filename = os.path.join(self._topic_tag_db.topic_dir, - help_command.name + '.rst') + topic_filename = os.path.join( + self._topic_tag_db.topic_dir, f'{help_command.name}.rst' + ) contents = self._remove_tags_from_content(topic_filename) doc.writeln(contents) doc.style.new_paragraph() def _remove_tags_from_content(self, filename): - with open(filename, 'r') as f: + with open(filename) as f: lines = f.readlines() content_begin_index = 0 @@ -737,7 +750,7 @@ def _remove_tags_from_content(self, filename): def _line_has_tag(self, line): for tag in self._topic_tag_db.valid_tags: - if line.startswith(':' + tag + ':'): + if line.startswith(f':{tag}:'): return True return False @@ -759,7 +772,8 @@ def doc_global_options(self): for arg in help_command.arg_table: argument = help_command.arg_table.get(arg) help_command.doc.writeln( - f"``{argument.cli_name}`` ({argument.cli_type_name})") + f"``{argument.cli_name}`` ({argument.cli_type_name})" + ) help_command.doc.style.indent() help_command.doc.style.new_paragraph() help_command.doc.include_doc_string(argument.documentation) diff --git a/awscli/clidriver.py b/awscli/clidriver.py index d7db5656c720..37c7bc6322c6 100644 --- a/awscli/clidriver.py +++ b/awscli/clidriver.py @@ -10,48 +10,52 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -import sys -import signal import logging +import signal +import sys import botocore.session -from botocore import __version__ as botocore_version -from botocore.hooks import HierarchicalEmitter -from botocore import xform_name -from botocore.compat import copy_kwargs, OrderedDict -from botocore.exceptions import NoCredentialsError -from botocore.exceptions import NoRegionError -from botocore.exceptions import ProfileNotFound +from botocore.compat import OrderedDict, copy_kwargs +from botocore.exceptions import ( + NoCredentialsError, + NoRegionError, + ProfileNotFound, +) from botocore.history import get_global_history_recorder from awscli import EnvironmentVariables, __version__ +from awscli.alias import AliasCommandInjector, AliasLoader +from awscli.argparser import ( + USAGE, + ArgTableArgParser, + MainArgParser, + ServiceArgParser, +) +from awscli.argprocess import unpack_argument +from awscli.arguments import ( + BooleanArgument, + CLIArgument, + CustomArgument, + ListArgument, + UnknownArgumentError, +) +from awscli.commands import CLICommand from awscli.compat import get_stderr_text_writer from awscli.formatter import get_formatter +from awscli.help import ( + OperationHelpCommand, + ProviderHelpCommand, + ServiceHelpCommand, +) from awscli.plugin import load_plugins -from awscli.commands import CLICommand -from awscli.compat import six -from awscli.argparser import MainArgParser -from awscli.argparser import ServiceArgParser -from awscli.argparser import ArgTableArgParser -from awscli.argparser import USAGE -from awscli.help import ProviderHelpCommand -from awscli.help import ServiceHelpCommand -from awscli.help import OperationHelpCommand -from awscli.arguments import CustomArgument -from awscli.arguments import ListArgument -from awscli.arguments import BooleanArgument -from awscli.arguments import CLIArgument -from awscli.arguments import UnknownArgumentError -from awscli.argprocess import unpack_argument -from awscli.alias import AliasLoader -from awscli.alias import AliasCommandInjector -from awscli.utils import emit_top_level_args_parsed_event -from awscli.utils import write_exception - +from awscli.utils import emit_top_level_args_parsed_event, write_exception +from botocore import __version__ as botocore_version +from botocore import xform_name LOG = logging.getLogger('awscli.clidriver') LOG_FORMAT = ( - '%(asctime)s - %(threadName)s - %(name)s - %(levelname)s - %(message)s') + '%(asctime)s - %(threadName)s - %(name)s - %(levelname)s - %(message)s' +) HISTORY_RECORDER = get_global_history_recorder() # Don't remove this line. The idna encoding # is used by getaddrinfo when dealing with unicode hostnames, @@ -62,7 +66,7 @@ # the encodings.idna is imported and registered in the codecs registry, # which will stop the LookupErrors from happening. # See: https://bugs.python.org/issue29288 -u''.encode('idna') +''.encode('idna') def main(): @@ -75,8 +79,10 @@ def main(): def create_clidriver(): session = botocore.session.Session(EnvironmentVariables) _set_user_agent_for_session(session) - load_plugins(session.full_config.get('plugins', {}), - event_hooks=session.get_component('event_emitter')) + load_plugins( + session.full_config.get('plugins', {}), + event_hooks=session.get_component('event_emitter'), + ) driver = CLIDriver(session=session) return driver @@ -87,8 +93,7 @@ def _set_user_agent_for_session(session): session.user_agent_extra = 'botocore/%s' % botocore_version -class CLIDriver(object): - +class CLIDriver: def __init__(self, session=None): if session is None: self.session = botocore.session.get_session(EnvironmentVariables) @@ -127,24 +132,27 @@ def _build_command_table(self): """ command_table = self._build_builtin_commands(self.session) - self.session.emit('building-command-table.main', - command_table=command_table, - session=self.session, - command_object=self) + self.session.emit( + 'building-command-table.main', + command_table=command_table, + session=self.session, + command_object=self, + ) return command_table def _build_builtin_commands(self, session): commands = OrderedDict() services = session.get_available_services() for service_name in services: - commands[service_name] = ServiceCommand(cli_name=service_name, - session=self.session, - service_name=service_name) + commands[service_name] = ServiceCommand( + cli_name=service_name, + session=self.session, + service_name=service_name, + ) return commands def _add_aliases(self, command_table, parser): - injector = AliasCommandInjector( - self.session, self.alias_loader) + injector = AliasCommandInjector(self.session, self.alias_loader) injector.inject_aliases(command_table, parser) def _build_argument_table(self): @@ -157,37 +165,45 @@ def _build_argument_table(self): cli_argument.add_to_arg_table(argument_table) # Then the final step is to send out an event so handlers # can add extra arguments or modify existing arguments. - self.session.emit('building-top-level-params', - argument_table=argument_table) + self.session.emit( + 'building-top-level-params', argument_table=argument_table + ) return argument_table def _create_cli_argument(self, option_name, option_params): return CustomArgument( - option_name, help_text=option_params.get('help', ''), + option_name, + help_text=option_params.get('help', ''), dest=option_params.get('dest'), default=option_params.get('default'), action=option_params.get('action'), required=option_params.get('required'), choices=option_params.get('choices'), - cli_type_name=option_params.get('type')) + cli_type_name=option_params.get('type'), + ) def create_help_command(self): cli_data = self._get_cli_data() - return ProviderHelpCommand(self.session, self._get_command_table(), - self._get_argument_table(), - cli_data.get('description', None), - cli_data.get('synopsis', None), - cli_data.get('help_usage', None)) + return ProviderHelpCommand( + self.session, + self._get_command_table(), + self._get_argument_table(), + cli_data.get('description', None), + cli_data.get('synopsis', None), + cli_data.get('help_usage', None), + ) def _create_parser(self, command_table): # Also add a 'help' command. command_table['help'] = self.create_help_command() cli_data = self._get_cli_data() parser = MainArgParser( - command_table, self.session.user_agent(), + command_table, + self.session.user_agent(), cli_data.get('description', None), self._get_argument_table(), - prog="aws") + prog="aws", + ) return parser def main(self, args=None): @@ -212,7 +228,8 @@ def main(self, args=None): self._handle_top_level_args(parsed_args) self._emit_session_event(parsed_args) HISTORY_RECORDER.record( - 'CLI_VERSION', self.session.user_agent(), 'CLI') + 'CLI_VERSION', self.session.user_agent(), 'CLI' + ) HISTORY_RECORDER.record('CLI_ARGUMENTS', args, 'CLI') return command_table[parsed_args.command](remaining, parsed_args) except UnknownArgumentError as e: @@ -221,13 +238,16 @@ def main(self, args=None): sys.stderr.write("\n") return 255 except NoRegionError as e: - msg = ('%s You can also configure your region by running ' - '"aws configure".' % e) + msg = ( + '%s You can also configure your region by running ' + '"aws configure".' % e + ) self._show_error(msg) return 255 except NoCredentialsError as e: - msg = ('%s. You can configure credentials by running ' - '"aws configure".' % e) + msg = ( + f'{e}. You can configure credentials by running "aws configure".' + ) self._show_error(msg) return 255 except KeyboardInterrupt: @@ -249,8 +269,10 @@ def _emit_session_event(self, parsed_args): # session components to be reset (such as session.profile = foo) # then all the prior registered components would be removed. self.session.emit( - 'session-initialized', session=self.session, - parsed_args=parsed_args) + 'session-initialized', + session=self.session, + parsed_args=parsed_args, + ) def _show_error(self, msg): LOG.debug(msg, exc_info=True) @@ -268,24 +290,28 @@ def _handle_top_level_args(self, args): # Unfortunately, by setting debug mode here, we miss out # on all of the debug events prior to this such as the # loading of plugins, etc. - self.session.set_stream_logger('botocore', logging.DEBUG, - format_string=LOG_FORMAT) - self.session.set_stream_logger('awscli', logging.DEBUG, - format_string=LOG_FORMAT) - self.session.set_stream_logger('s3transfer', logging.DEBUG, - format_string=LOG_FORMAT) - self.session.set_stream_logger('urllib3', logging.DEBUG, - format_string=LOG_FORMAT) + self.session.set_stream_logger( + 'botocore', logging.DEBUG, format_string=LOG_FORMAT + ) + self.session.set_stream_logger( + 'awscli', logging.DEBUG, format_string=LOG_FORMAT + ) + self.session.set_stream_logger( + 's3transfer', logging.DEBUG, format_string=LOG_FORMAT + ) + self.session.set_stream_logger( + 'urllib3', logging.DEBUG, format_string=LOG_FORMAT + ) LOG.debug("CLI version: %s", self.session.user_agent()) LOG.debug("Arguments entered to CLI: %s", sys.argv[1:]) else: - self.session.set_stream_logger(logger_name='awscli', - log_level=logging.ERROR) + self.session.set_stream_logger( + logger_name='awscli', log_level=logging.ERROR + ) class ServiceCommand(CLICommand): - """A service command for the CLI. For example, ``aws ec2 ...`` we'd create a ServiceCommand @@ -344,11 +370,13 @@ def _get_service_model(self): if self._service_model is None: try: api_version = self.session.get_config_variable( - 'api_versions').get(self._service_name, None) + 'api_versions' + ).get(self._service_name, None) except ProfileNotFound: api_version = None self._service_model = self.session.get_service_model( - self._service_name, api_version=api_version) + self._service_name, api_version=api_version + ) return self._service_model def __call__(self, args, parsed_globals): @@ -373,10 +401,12 @@ def _create_command_table(self): operation_model=operation_model, operation_caller=CLIOperationCaller(self.session), ) - self.session.emit('building-command-table.%s' % self._name, - command_table=command_table, - session=self.session, - command_object=self) + self.session.emit( + f'building-command-table.{self._name}', + command_table=command_table, + session=self.session, + command_object=self, + ) self._add_lineage(command_table) return command_table @@ -387,23 +417,25 @@ def _add_lineage(self, command_table): def create_help_command(self): command_table = self._get_command_table() - return ServiceHelpCommand(session=self.session, - obj=self._get_service_model(), - command_table=command_table, - arg_table=None, - event_class='.'.join(self.lineage_names), - name=self._name) + return ServiceHelpCommand( + session=self.session, + obj=self._get_service_model(), + command_table=command_table, + arg_table=None, + event_class='.'.join(self.lineage_names), + name=self._name, + ) def _create_parser(self): command_table = self._get_command_table() # Also add a 'help' command. command_table['help'] = self.create_help_command() return ServiceArgParser( - operations_table=command_table, service_name=self._name) - + operations_table=command_table, service_name=self._name + ) -class ServiceOperation(object): +class ServiceOperation: """A single operation of a service. This class represents a single operation for a service, for @@ -417,8 +449,9 @@ class ServiceOperation(object): } DEFAULT_ARG_CLASS = CLIArgument - def __init__(self, name, parent_name, operation_caller, - operation_model, session): + def __init__( + self, name, parent_name, operation_caller, operation_model, session + ): """ :type name: str @@ -481,10 +514,17 @@ def arg_table(self): def __call__(self, args, parsed_globals): # Once we know we're trying to call a particular operation # of a service we can go ahead and load the parameters. - event = 'before-building-argument-table-parser.%s.%s' % \ - (self._parent_name, self._name) - self._emit(event, argument_table=self.arg_table, args=args, - session=self._session, parsed_globals=parsed_globals) + event = ( + 'before-building-argument-table-parser.' + f'{self._parent_name}.{self._name}' + ) + self._emit( + event, + argument_table=self.arg_table, + args=args, + session=self._session, + parsed_globals=parsed_globals, + ) operation_parser = self._create_operation_parser(self.arg_table) self._add_help(operation_parser) parsed_args, remaining = operation_parser.parse_known_args(args) @@ -495,21 +535,22 @@ def __call__(self, args, parsed_globals): remaining.append(parsed_args.help) if remaining: raise UnknownArgumentError( - "Unknown options: %s" % ', '.join(remaining)) - event = 'operation-args-parsed.%s.%s' % (self._parent_name, - self._name) - self._emit(event, parsed_args=parsed_args, - parsed_globals=parsed_globals) + f"Unknown options: {', '.join(remaining)}" + ) + event = f'operation-args-parsed.{self._parent_name}.{self._name}' + self._emit( + event, parsed_args=parsed_args, parsed_globals=parsed_globals + ) call_parameters = self._build_call_parameters( - parsed_args, self.arg_table) + parsed_args, self.arg_table + ) - event = 'calling-command.%s.%s' % (self._parent_name, - self._name) + event = f'calling-command.{self._parent_name}.{self._name}' override = self._emit_first_non_none_response( event, call_parameters=call_parameters, parsed_args=parsed_args, - parsed_globals=parsed_globals + parsed_globals=parsed_globals, ) # There are two possible values for override. It can be some type # of exception that will be raised if detected or it can represent @@ -530,14 +571,18 @@ def __call__(self, args, parsed_globals): return self._operation_caller.invoke( self._operation_model.service_model.service_name, self._operation_model.name, - call_parameters, parsed_globals) + call_parameters, + parsed_globals, + ) def create_help_command(self): return OperationHelpCommand( self._session, operation_model=self._operation_model, arg_table=self.arg_table, - name=self._name, event_class='.'.join(self.lineage_names)) + name=self._name, + event_class='.'.join(self.lineage_names), + ) def _add_help(self, parser): # The 'help' output is processed a little differently from @@ -567,8 +612,9 @@ def _unpack_arg(self, cli_argument, value): service_name = self._operation_model.service_model.endpoint_prefix operation_name = xform_name(self._name, '-') - return unpack_argument(session, service_name, operation_name, - cli_argument, value) + return unpack_argument( + session, service_name, operation_name, cli_argument, value + ) def _create_argument_table(self): argument_table = OrderedDict() @@ -580,8 +626,9 @@ def _create_argument_table(self): arg_dict = input_shape.members for arg_name, arg_shape in arg_dict.items(): cli_arg_name = xform_name(arg_name, '-') - arg_class = self.ARG_TYPES.get(arg_shape.type_name, - self.DEFAULT_ARG_CLASS) + arg_class = self.ARG_TYPES.get( + arg_shape.type_name, self.DEFAULT_ARG_CLASS + ) is_token = arg_shape.metadata.get('idempotencyToken', False) is_required = arg_name in required_arguments and not is_token event_emitter = self._session.get_component('event_emitter') @@ -591,31 +638,31 @@ def _create_argument_table(self): is_required=is_required, operation_model=self._operation_model, serialized_name=arg_name, - event_emitter=event_emitter) + event_emitter=event_emitter, + ) arg_object.add_to_arg_table(argument_table) LOG.debug(argument_table) - self._emit('building-argument-table.%s.%s' % (self._parent_name, - self._name), - operation_model=self._operation_model, - session=self._session, - command=self, - argument_table=argument_table) + self._emit( + f'building-argument-table.{self._parent_name}.{self._name}', + operation_model=self._operation_model, + session=self._session, + command=self, + argument_table=argument_table, + ) return argument_table def _emit(self, name, **kwargs): return self._session.emit(name, **kwargs) def _emit_first_non_none_response(self, name, **kwargs): - return self._session.emit_first_non_none_response( - name, **kwargs) + return self._session.emit_first_non_none_response(name, **kwargs) def _create_operation_parser(self, arg_table): parser = ArgTableArgParser(arg_table) return parser -class CLIOperationCaller(object): - +class CLIOperationCaller: """Call an AWS operation and format the response.""" def __init__(self, session): @@ -646,27 +693,31 @@ def invoke(self, service_name, operation_name, parameters, parsed_globals): """ client = self._session.create_client( - service_name, region_name=parsed_globals.region, + service_name, + region_name=parsed_globals.region, endpoint_url=parsed_globals.endpoint_url, - verify=parsed_globals.verify_ssl) + verify=parsed_globals.verify_ssl, + ) response = self._make_client_call( - client, operation_name, parameters, parsed_globals) + client, operation_name, parameters, parsed_globals + ) self._display_response(operation_name, response, parsed_globals) return 0 - def _make_client_call(self, client, operation_name, parameters, - parsed_globals): + def _make_client_call( + self, client, operation_name, parameters, parsed_globals + ): py_operation_name = xform_name(operation_name) if client.can_paginate(py_operation_name) and parsed_globals.paginate: paginator = client.get_paginator(py_operation_name) response = paginator.paginate(**parameters) else: response = getattr(client, xform_name(operation_name))( - **parameters) + **parameters + ) return response - def _display_response(self, command_name, response, - parsed_globals): + def _display_response(self, command_name, response, parsed_globals): output = parsed_globals.output if output is None: output = self._session.get_config_variable('output') diff --git a/awscli/commands.py b/awscli/commands.py index c0c9b4477ed2..09951fe3dc4b 100644 --- a/awscli/commands.py +++ b/awscli/commands.py @@ -12,8 +12,7 @@ # language governing permissions and limitations under the License. -class CLICommand(object): - +class CLICommand: """Interface for a CLI command. This class represents a top level CLI command diff --git a/awscli/compat.py b/awscli/compat.py index 2c25aa03dc00..1881c0c7ebe2 100644 --- a/awscli/compat.py +++ b/awscli/compat.py @@ -1,42 +1,45 @@ # Copyright 2012-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved. - +# # Licensed under the Apache License, Version 2.0 (the "License"). You # may not use this file except in compliance with the License. A copy of # the License is located at - +# # http://aws.amazon.com/apache2.0/ - +# # or in the "license" file accompanying this file. This file is # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -import sys -import re -import shlex + +import collections.abc as collections_abc +import contextlib +import io +import locale import os import os.path -import platform -import zipfile +import queue +import re +import shlex import signal -import contextlib +import urllib.parse as urlparse from configparser import RawConfigParser +from urllib.error import URLError +from urllib.request import urlopen -from botocore.compat import six -#import botocore.compat +from botocore.compat import six, OrderedDict -from botocore.compat import OrderedDict +import sys +import zipfile +from functools import partial -# If you ever want to import from the vendored six. Add it here and then -# import from awscli.compat. Also try to keep it in alphabetical order. -# This may get large. -advance_iterator = six.advance_iterator -PY3 = six.PY3 -queue = six.moves.queue -shlex_quote = six.moves.shlex_quote -StringIO = six.StringIO -BytesIO = six.BytesIO -urlopen = six.moves.urllib.request.urlopen -binary_type = six.binary_type +# Backwards compatible definitions from six +PY3 = sys.version_info[0] == 3 +advance_iterator = next +shlex_quote = shlex.quote +StringIO = io.StringIO +BytesIO = io.BytesIO +binary_type = bytes +raw_input = input # Most, but not all, python installations will have zlib. This is required to @@ -44,6 +47,7 @@ # package the files in a zip container. try: import zlib + ZIP_COMPRESSION_MODE = zipfile.ZIP_DEFLATED except ImportError: ZIP_COMPRESSION_MODE = zipfile.ZIP_STORED @@ -68,14 +72,12 @@ class StdinMissingError(Exception): def __init__(self): - message = ( - 'stdin is required for this operation, but is not available.' - ) + message = 'stdin is required for this operation, but is not available.' super(StdinMissingError, self).__init__(message) -class NonTranslatedStdout(object): - """ This context manager sets the line-end translation mode for stdout. +class NonTranslatedStdout: + """This context manager sets the line-end translation mode for stdout. It is deliberately set to binary mode so that `\r` does not get added to the line ending. This can be useful when printing commands where a @@ -85,128 +87,73 @@ class NonTranslatedStdout(object): def __enter__(self): if sys.platform == "win32": import msvcrt - self.previous_mode = msvcrt.setmode(sys.stdout.fileno(), - os.O_BINARY) + + self.previous_mode = msvcrt.setmode( + sys.stdout.fileno(), os.O_BINARY + ) return sys.stdout def __exit__(self, type, value, traceback): if sys.platform == "win32": import msvcrt + msvcrt.setmode(sys.stdout.fileno(), self.previous_mode) def ensure_text_type(s): - if isinstance(s, six.text_type): + if isinstance(s, str): return s - if isinstance(s, six.binary_type): + if isinstance(s, bytes): return s.decode('utf-8') raise ValueError("Expected str, unicode or bytes, received %s." % type(s)) -if six.PY3: - import collections.abc as collections_abc - import locale - import urllib.parse as urlparse - - from urllib.error import URLError - - raw_input = input - - def get_binary_stdin(): - if sys.stdin is None: - raise StdinMissingError() - return sys.stdin.buffer +def get_binary_stdin(): + if sys.stdin is None: + raise StdinMissingError() + return sys.stdin.buffer - def get_binary_stdout(): - return sys.stdout.buffer - def _get_text_writer(stream, errors): - return stream +def get_binary_stdout(): + return sys.stdout.buffer - def compat_open(filename, mode='r', encoding=None): - """Back-port open() that accepts an encoding argument. - In python3 this uses the built in open() and in python2 this - uses the io.open() function. +def _get_text_writer(stream, errors): + return stream - If the file is not being opened in binary mode, then we'll - use locale.getpreferredencoding() to find the preferred - encoding. - """ - if 'b' not in mode: - encoding = locale.getpreferredencoding() - return open(filename, mode, encoding=encoding) - - def bytes_print(statement, stdout=None): - """ - This function is used to write raw bytes to stdout. - """ - if stdout is None: - stdout = sys.stdout - - if getattr(stdout, 'buffer', None): - stdout.buffer.write(statement) - else: - # If it is not possible to write to the standard out buffer. - # The next best option is to decode and write to standard out. - stdout.write(statement.decode('utf-8')) +def bytes_print(statement, stdout=None): + """ + This function is used to write raw bytes to stdout. + """ + if stdout is None: + stdout = sys.stdout -else: - import codecs - import collections as collections_abc - import locale - import io - import urlparse + if getattr(stdout, 'buffer', None): + stdout.buffer.write(statement) + else: + # If it is not possible to write to the standard out buffer. + # The next best option is to decode and write to standard out. + stdout.write(statement.decode('utf-8')) - from urllib2 import URLError - raw_input = raw_input +def compat_open(filename, mode='r', encoding=None, access_permissions=None): + """Back-port open() that accepts an encoding argument. - def get_binary_stdin(): - if sys.stdin is None: - raise StdinMissingError() - return sys.stdin + In python3 this uses the built in open() and in python2 this + uses the io.open() function. - def get_binary_stdout(): - return sys.stdout + If the file is not being opened in binary mode, then we'll + use locale.getpreferredencoding() to find the preferred + encoding. - def _get_text_writer(stream, errors): - # In python3, all the sys.stdout/sys.stderr streams are in text - # mode. This means they expect unicode, and will encode the - # unicode automatically before actually writing to stdout/stderr. - # In python2, that's not the case. In order to provide a consistent - # interface, we can create a wrapper around sys.stdout that will take - # unicode, and automatically encode it to the preferred encoding. - # That way consumers can just call get_text_writer(stream) and write - # unicode to the returned stream. Note that get_text_writer - # just returns the stream in the PY3 section above because python3 - # handles this. - - # We're going to use the preferred encoding, but in cases that there is - # no preferred encoding we're going to fall back to assuming ASCII is - # what we should use. This will currently break the use of - # PYTHONIOENCODING, which would require checking stream.encoding first, - # however, the existing behavior is to only use - # locale.getpreferredencoding() and so in the hope of not breaking what - # is currently working, we will continue to only use that. + """ + opener = os.open + if access_permissions is not None: + opener = partial(os.open, mode=access_permissions) + if 'b' not in mode: encoding = locale.getpreferredencoding() - if encoding is None: - encoding = "ascii" - - return codecs.getwriter(encoding)(stream, errors) - - def compat_open(filename, mode='r', encoding=None): - # See docstring for compat_open in the PY3 section above. - if 'b' not in mode: - encoding = locale.getpreferredencoding() - return io.open(filename, mode, encoding=encoding) - - def bytes_print(statement, stdout=None): - if stdout is None: - stdout = sys.stdout - - stdout.write(statement) + return open(filename, mode, encoding=encoding, opener=opener) def get_stdout_text_writer(): @@ -253,7 +200,7 @@ def compat_shell_quote(s, platform=None): if platform == "win32": return _windows_shell_quote(s) else: - return shlex_quote(s) + return shlex.quote(s) def _windows_shell_quote(s): @@ -365,12 +312,12 @@ def ignore_user_entered_signals(): from platform import linux_distribution except ImportError: _UNIXCONFDIR = '/etc' - def _dist_try_harder(distname, version, id): - """ Tries some special tricks to get the distribution - information in case the default method fails. - Currently supports older SuSE Linux, Caldera OpenLinux and - Slackware Linux distributions. + def _dist_try_harder(distname, version, id): + """Tries some special tricks to get the distribution + information in case the default method fails. + Currently supports older SuSE Linux, Caldera OpenLinux and + Slackware Linux distributions. """ if os.path.exists('/var/adm/inst-log/info'): # SuSE Linux stores distribution information in that file @@ -402,7 +349,7 @@ def _dist_try_harder(distname, version, id): if os.path.isdir('/usr/lib/setup'): # Check for slackware version tag file (thanks to Greg Andruk) verfiles = os.listdir('/usr/lib/setup') - for n in range(len(verfiles)-1, -1, -1): + for n in range(len(verfiles) - 1, -1, -1): if verfiles[n][:14] != 'slack-version-': del verfiles[n] if verfiles: @@ -414,14 +361,13 @@ def _dist_try_harder(distname, version, id): return distname, version, id _release_filename = re.compile(r'(\w+)[-_](release|version)', re.ASCII) - _lsb_release_version = re.compile(r'(.+)' - r' release ' - r'([\d.]+)' - r'[^(]*(?:\((.+)\))?', re.ASCII) - _release_version = re.compile(r'([^0-9]+)' - r'(?: release )?' - r'([\d.]+)' - r'[^(]*(?:\((.+)\))?', re.ASCII) + _lsb_release_version = re.compile( + r'(.+) release ([\d.]+)[^(]*(?:\((.+)\))?', re.ASCII + ) + _release_version = re.compile( + r'([^0-9]+)(?: release )?([\d.]+)[^(]*(?:\((.+)\))?', + re.ASCII, + ) # See also http://www.novell.com/coolsolutions/feature/11251.html # and http://linuxmafia.com/faq/Admin/release-files.html @@ -429,12 +375,24 @@ def _dist_try_harder(distname, version, id): # and http://www.die.net/doc/linux/man/man1/lsb_release.1.html _supported_dists = ( - 'SuSE', 'debian', 'fedora', 'redhat', 'centos', - 'mandrake', 'mandriva', 'rocks', 'slackware', 'yellowdog', 'gentoo', - 'UnitedLinux', 'turbolinux', 'arch', 'mageia') + 'SuSE', + 'debian', + 'fedora', + 'redhat', + 'centos', + 'mandrake', + 'mandriva', + 'rocks', + 'slackware', + 'yellowdog', + 'gentoo', + 'UnitedLinux', + 'turbolinux', + 'arch', + 'mageia', + ) def _parse_release_file(firstline): - # Default to empty 'version' and 'id' strings. Both defaults are used # when 'firstline' is empty. 'id' defaults to empty when an id can not # be deduced. @@ -460,38 +418,43 @@ def _parse_release_file(firstline): id = l[1] return '', version, id - _distributor_id_file_re = re.compile("(?:DISTRIB_ID\s*=)\s*(.*)", re.I) - _release_file_re = re.compile("(?:DISTRIB_RELEASE\s*=)\s*(.*)", re.I) - _codename_file_re = re.compile("(?:DISTRIB_CODENAME\s*=)\s*(.*)", re.I) - - def linux_distribution(distname='', version='', id='', - supported_dists=_supported_dists, - full_distribution_name=1): - return _linux_distribution(distname, version, id, supported_dists, - full_distribution_name) - - def _linux_distribution(distname, version, id, supported_dists, - full_distribution_name): - - """ Tries to determine the name of the Linux OS distribution name. - The function first looks for a distribution release file in - /etc and then reverts to _dist_try_harder() in case no - suitable files are found. - supported_dists may be given to define the set of Linux - distributions to look for. It defaults to a list of currently - supported Linux distributions identified by their release file - name. - If full_distribution_name is true (default), the full - distribution read from the OS is returned. Otherwise the short - name taken from supported_dists is used. - Returns a tuple (distname, version, id) which default to the - args given as parameters. + _distributor_id_file_re = re.compile(r"(?:DISTRIB_ID\s*=)\s*(.*)", re.I) + _release_file_re = re.compile(r"(?:DISTRIB_RELEASE\s*=)\s*(.*)", re.I) + _codename_file_re = re.compile(r"(?:DISTRIB_CODENAME\s*=)\s*(.*)", re.I) + + def linux_distribution( + distname='', + version='', + id='', + supported_dists=_supported_dists, + full_distribution_name=1, + ): + return _linux_distribution( + distname, version, id, supported_dists, full_distribution_name + ) + + def _linux_distribution( + distname, version, id, supported_dists, full_distribution_name + ): + """Tries to determine the name of the Linux OS distribution name. + The function first looks for a distribution release file in + /etc and then reverts to _dist_try_harder() in case no + suitable files are found. + supported_dists may be given to define the set of Linux + distributions to look for. It defaults to a list of currently + supported Linux distributions identified by their release file + name. + If full_distribution_name is true (default), the full + distribution read from the OS is returned. Otherwise the short + name taken from supported_dists is used. + Returns a tuple (distname, version, id) which default to the + args given as parameters. """ # check for the Debian/Ubuntu /etc/lsb-release file first, needed so # that the distribution doesn't get identified as Debian. # https://bugs.python.org/issue9514 try: - with open("/etc/lsb-release", "r") as etclsbrel: + with open("/etc/lsb-release") as etclsbrel: for line in etclsbrel: m = _distributor_id_file_re.search(line) if m: @@ -504,8 +467,8 @@ def _linux_distribution(distname, version, id, supported_dists, _u_id = m.group(1).strip() if _u_distname and _u_version: return (_u_distname, _u_version, _u_id) - except (EnvironmentError, UnboundLocalError): - pass + except (OSError, UnboundLocalError): + pass try: etc = os.listdir(_UNIXCONFDIR) @@ -524,8 +487,11 @@ def _linux_distribution(distname, version, id, supported_dists, return _dist_try_harder(distname, version, id) # Read the first line - with open(os.path.join(_UNIXCONFDIR, file), 'r', - encoding='utf-8', errors='surrogateescape') as f: + with open( + os.path.join(_UNIXCONFDIR, file), + encoding='utf-8', + errors='surrogateescape', + ) as f: firstline = f.readline() _distname, _version, _id = _parse_release_file(firstline) diff --git a/awscli/completer.py b/awscli/completer.py index 44884fd60823..cf08f18fc33a 100755 --- a/awscli/completer.py +++ b/awscli/completer.py @@ -1,24 +1,26 @@ # Copyright 2012-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# # Licensed under the Apache License, Version 2.0 (the "License"). You # may not use this file except in compliance with the License. A copy of # the License is located at - +# # http://aws.amazon.com/apache2.0/ - +# # or in the "license" file accompanying this file. This file is # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -import awscli.clidriver -import sys -import logging + import copy +import logging +import sys -LOG = logging.getLogger(__name__) +import awscli.clidriver +LOG = logging.getLogger(__name__) -class Completer(object): +class Completer: def __init__(self, driver=None): if driver is not None: self.driver = driver @@ -26,7 +28,8 @@ def __init__(self, driver=None): self.driver = awscli.clidriver.create_clidriver() self.main_help = self.driver.create_help_command() self.main_options = self._get_documented_completions( - self.main_help.arg_table) + self.main_help.arg_table + ) def complete(self, cmdline, point=None): if point is None: @@ -46,22 +49,28 @@ def complete(self, cmdline, point=None): return self._complete_provider(current_arg, opts) elif subcmd_name is None: return self._complete_command(cmd_name, cmd, current_arg, opts) - return self._complete_subcommand(subcmd_name, subcmd, current_arg, opts) + return self._complete_subcommand( + subcmd_name, subcmd, current_arg, opts + ) def _complete_command(self, command_name, command_help, current_arg, opts): if current_arg == command_name: if command_help: return self._get_documented_completions( - command_help.command_table) + command_help.command_table + ) elif current_arg.startswith('-'): return self._find_possible_options(current_arg, opts) elif command_help is not None: # See if they have entered a partial command name return self._get_documented_completions( - command_help.command_table, current_arg) + command_help.command_table, current_arg + ) return [] - def _complete_subcommand(self, subcmd_name, subcmd_help, current_arg, opts): + def _complete_subcommand( + self, subcmd_name, subcmd_help, current_arg, opts + ): if current_arg != subcmd_name and current_arg.startswith('-'): return self._find_possible_options(current_arg, opts, subcmd_help) return [] @@ -81,11 +90,13 @@ def _complete_provider(self, current_arg, opts): return self._find_possible_options(current_arg, opts) elif current_arg == 'aws': return self._get_documented_completions( - self.main_help.command_table) + self.main_help.command_table + ) else: # Otherwise, see if they have entered a partial command name return self._get_documented_completions( - self.main_help.command_table, current_arg) + self.main_help.command_table, current_arg + ) def _get_command(self, command_help, command_args): if command_help is not None and command_help.command_table is not None: @@ -112,7 +123,8 @@ def _find_possible_options(self, current_arg, opts, subcmd_help=None): all_options = copy.copy(self.main_options) if subcmd_help is not None: all_options += self._get_documented_completions( - subcmd_help.arg_table) + subcmd_help.arg_table + ) for option in opts: # Look through list of options on cmdline. If there are diff --git a/awscli/customizations/argrename.py b/awscli/customizations/argrename.py index dd4d090de6c5..42e220c8af3d 100644 --- a/awscli/customizations/argrename.py +++ b/awscli/customizations/argrename.py @@ -91,7 +91,6 @@ 'license-manager.get-grant.version': 'grant-version', 'license-manager.delete-grant.version': 'grant-version', 'license-manager.get-license.version': 'license-version', - 'mobile.create-project.region': 'project-region', 'rekognition.create-stream-processor.output': 'stream-processor-output', 'eks.create-cluster.version': 'kubernetes-version', 'eks.update-cluster-version.version': 'kubernetes-version', @@ -106,6 +105,11 @@ 'codepipeline.get-action-type.version': 'action-version', 'ecs.*.no-enable-execute-command': 'disable-execute-command', 'ecs.execute-command.no-interactive': 'non-interactive', + 'controltower.create-landing-zone.version': 'landing-zone-version', + 'controltower.update-landing-zone.version': 'landing-zone-version', + 'glue.get-unfiltered-partition-metadata.region': 'resource-region', + 'glue.get-unfiltered-partitions-metadata.region': 'resource-region', + 'glue.get-unfiltered-table-metadata.region': 'resource-region', } # Same format as ARGUMENT_RENAMES, but instead of renaming the arguments, diff --git a/awscli/customizations/arguments.py b/awscli/customizations/arguments.py index 469f16d258d7..945c19be940c 100644 --- a/awscli/customizations/arguments.py +++ b/awscli/customizations/arguments.py @@ -14,6 +14,7 @@ import re from awscli.arguments import CustomArgument +from awscli.compat import compat_open import jmespath @@ -126,12 +127,20 @@ def save_query(self, parsed, **kwargs): """ if is_parsed_result_successful(parsed): contents = jmespath.search(self.query, parsed) - with open(self.value, 'w') as fp: + with compat_open( + self.value, 'w', access_permissions=self.perm) as fp: # Don't write 'None' to a file -- write ''. if contents is None: fp.write('') else: fp.write(contents) + # Even though the file is opened using the requested mode + # (e.g. 0o600), the mode is only applied if a new file is + # created. This means if the file already exists, its + # permissions will not be changed. So, the os.chmod call is + # retained here to preserve behavior of this argument always + # clobbering a preexisting file's permissions to the desired + # mode. os.chmod(self.value, self.perm) diff --git a/awscli/customizations/awslambda.py b/awscli/customizations/awslambda.py index 17d684295402..d373881a383f 100644 --- a/awscli/customizations/awslambda.py +++ b/awscli/customizations/awslambda.py @@ -14,9 +14,8 @@ import copy from contextlib import closing -from botocore.vendored import six - from awscli.arguments import CustomArgument, CLIArgument +from awscli.compat import BytesIO ERROR_MSG = ( @@ -90,11 +89,11 @@ def _should_contain_zip_content(value): # still try to load the contents as a zip file # to be absolutely sure. value = value.encode('utf-8') - fileobj = six.BytesIO(value) + fileobj = BytesIO(value) try: with closing(zipfile.ZipFile(fileobj)) as f: f.infolist() - except zipfile.BadZipfile: + except zipfile.BadZipFile: raise ValueError(ERROR_MSG) diff --git a/awscli/customizations/cloudformation/artifact_exporter.py b/awscli/customizations/cloudformation/artifact_exporter.py index 9bb150660c02..7fba8dddbba3 100644 --- a/awscli/customizations/cloudformation/artifact_exporter.py +++ b/awscli/customizations/cloudformation/artifact_exporter.py @@ -18,7 +18,6 @@ import contextlib import uuid import shutil -from awscli.compat import six from botocore.utils import set_value_from_jmespath from awscli.compat import urlparse @@ -33,7 +32,7 @@ def is_path_value_valid(path): - return isinstance(path, six.string_types) + return isinstance(path, str) def make_abs_path(directory, path): @@ -70,7 +69,7 @@ def parse_s3_url(url, object_key_property="Key", version_property=None): - if isinstance(url, six.string_types) \ + if isinstance(url, str) \ and url.startswith("s3://"): # Python < 2.7.10 don't parse query parameters from URI with custom @@ -659,7 +658,18 @@ def export(self): self.template_dict = self.export_global_artifacts(self.template_dict) - for resource_id, resource in self.template_dict["Resources"].items(): + self.export_resources(self.template_dict["Resources"]) + + return self.template_dict + + def export_resources(self, resource_dict): + for resource_id, resource in resource_dict.items(): + + if resource_id.startswith("Fn::ForEach::"): + if not isinstance(resource, list) or len(resource) != 3: + raise exceptions.InvalidForEachIntrinsicFunctionError(resource_id=resource_id) + self.export_resources(resource[2]) + continue resource_type = resource.get("Type", None) resource_dict = resource.get("Properties", None) @@ -671,5 +681,3 @@ def export(self): # Export code resources exporter = exporter_class(self.uploader) exporter.export(resource_id, resource_dict, self.template_dir) - - return self.template_dict diff --git a/awscli/customizations/cloudformation/exceptions.py b/awscli/customizations/cloudformation/exceptions.py index a31cf25ea492..b2625cdd27f9 100644 --- a/awscli/customizations/cloudformation/exceptions.py +++ b/awscli/customizations/cloudformation/exceptions.py @@ -53,3 +53,7 @@ class DeployBucketRequiredError(CloudFormationCommandError): "via an S3 Bucket. Please add the --s3-bucket parameter to your " "command. The local template will be copied to that S3 bucket and " "then deployed.") + + +class InvalidForEachIntrinsicFunctionError(CloudFormationCommandError): + fmt = 'The value of {resource_id} has an invalid "Fn::ForEach::" format: Must be a list of three entries' diff --git a/awscli/customizations/cloudformation/yamlhelper.py b/awscli/customizations/cloudformation/yamlhelper.py index d251a41c428d..61603603e669 100644 --- a/awscli/customizations/cloudformation/yamlhelper.py +++ b/awscli/customizations/cloudformation/yamlhelper.py @@ -16,8 +16,6 @@ import yaml from yaml.resolver import ScalarNode, SequenceNode -from awscli.compat import six - def intrinsics_multi_constructor(loader, tag_prefix, node): """ @@ -35,7 +33,7 @@ def intrinsics_multi_constructor(loader, tag_prefix, node): cfntag = prefix + tag - if tag == "GetAtt" and isinstance(node.value, six.string_types): + if tag == "GetAtt" and isinstance(node.value, str): # ShortHand notation for !GetAtt accepts Resource.Attribute format # while the standard notation is to use an array # [Resource, Attribute]. Convert shorthand to standard format diff --git a/awscli/customizations/cloudtrail/validation.py b/awscli/customizations/cloudtrail/validation.py index 6565bbe172e3..fb55f60cf24d 100644 --- a/awscli/customizations/cloudtrail/validation.py +++ b/awscli/customizations/cloudtrail/validation.py @@ -73,16 +73,24 @@ def assert_cloudtrail_arn_is_valid(trail_arn): """Ensures that the arn looks correct. ARNs look like: arn:aws:cloudtrail:us-east-1:123456789012:trail/foo""" - pattern = re.compile('arn:.+:cloudtrail:.+:\d{12}:trail/.+') + pattern = re.compile(r'arn:.+:cloudtrail:.+:\d{12}:trail/.+') if not pattern.match(trail_arn): raise ValueError('Invalid trail ARN provided: %s' % trail_arn) -def create_digest_traverser(cloudtrail_client, organization_client, - s3_client_provider, trail_arn, - trail_source_region=None, on_invalid=None, - on_gap=None, on_missing=None, bucket=None, - prefix=None, account_id=None): +def create_digest_traverser( + cloudtrail_client, + organization_client, + s3_client_provider, + trail_arn, + trail_source_region=None, + on_invalid=None, + on_gap=None, + on_missing=None, + bucket=None, + prefix=None, + account_id=None, +): """Creates a CloudTrail DigestTraverser and its object graph. :type cloudtrail_client: botocore.client.CloudTrail @@ -244,9 +252,16 @@ class DigestProvider(object): dict. This class is not responsible for validation or iterating from one digest to the next. """ - def __init__(self, s3_client_provider, account_id, trail_name, - trail_home_region, trail_source_region=None, - organization_id=None): + + def __init__( + self, + s3_client_provider, + account_id, + trail_name, + trail_home_region, + trail_source_region=None, + organization_id=None, + ): self._client_provider = s3_client_provider self.trail_name = trail_name self.account_id = account_id diff --git a/awscli/customizations/codeartifact/login.py b/awscli/customizations/codeartifact/login.py index d030bcb32eb5..c6816db1e00a 100644 --- a/awscli/customizations/codeartifact/login.py +++ b/awscli/customizations/codeartifact/login.py @@ -38,8 +38,8 @@ def get_relative_expiration_time(remaining): class CommandFailedError(Exception): - def __init__(self, called_process_error): - msg = str(called_process_error) + def __init__(self, called_process_error, auth_token): + msg = str(called_process_error).replace(auth_token, '******') if called_process_error.stderr is not None: msg +=( f' Stderr from command:\n' @@ -105,7 +105,7 @@ def _run_command(self, tool, command, *, ignore_errors=False): ) except subprocess.CalledProcessError as ex: if not ignore_errors: - raise CommandFailedError(ex) + raise CommandFailedError(ex, self.auth_token) except OSError as ex: if ex.errno == errno.ENOENT: raise ValueError( @@ -305,7 +305,7 @@ def login(self, dry_run=False): ) except subprocess.CalledProcessError as e: uni_print('Failed to update the NuGet.Config\n') - raise CommandFailedError(e) + raise CommandFailedError(e, self.auth_token) uni_print(source_configured_message % source_name) self._write_success_message('nuget') @@ -720,12 +720,18 @@ class CodeArtifactLogin(BasicCommand): 'help_text': 'Your CodeArtifact repository name', 'required': True, }, + { + 'name': 'endpoint-type', + 'help_text': 'The type of endpoint you want the tool to interact with', + 'required': False + }, { 'name': 'dry-run', 'action': 'store_true', 'help_text': 'Only print the commands that would be executed ' 'to connect your tool with your repository without ' - 'making any changes to your configuration', + 'making any changes to your configuration. Note that ' + 'this prints the unredacted auth token as part of the output', 'required': False, 'default': False }, @@ -749,6 +755,8 @@ def _get_repository_endpoint( 'repository': parsed_args.repository, 'format': package_format } + if parsed_args.endpoint_type: + kwargs['endpointType'] = parsed_args.endpoint_type if parsed_args.domain_owner: kwargs['domainOwner'] = parsed_args.domain_owner diff --git a/awscli/customizations/codedeploy/push.py b/awscli/customizations/codedeploy/push.py index 046c3b37636d..a7becf87e2a7 100644 --- a/awscli/customizations/codedeploy/push.py +++ b/awscli/customizations/codedeploy/push.py @@ -20,10 +20,9 @@ from botocore.exceptions import ClientError -from awscli.compat import six from awscli.customizations.codedeploy.utils import validate_s3_location from awscli.customizations.commands import BasicCommand -from awscli.compat import ZIP_COMPRESSION_MODE +from awscli.compat import BytesIO, ZIP_COMPRESSION_MODE ONE_MB = 1 << 20 @@ -62,8 +61,8 @@ class Push(BasicCommand): 'revision to be uploaded to Amazon S3. You must specify both ' 'a bucket and a key that represent the Amazon S3 bucket name ' 'and the object key name. Content will be zipped before ' - 'uploading. Use the format s3://\/\' - ) + 'uploading. Use the format s3:///' + ), }, { 'name': 'ignore-hidden-files', @@ -246,7 +245,7 @@ def _multipart_upload_to_s3(self, params, bundle, size_remaining): Key=params.key, UploadId=upload_id, PartNumber=part_num, - Body=six.BytesIO(data) + Body=BytesIO(data) ) multipart_list.append({ 'PartNumber': part_num, diff --git a/awscli/customizations/configure/__init__.py b/awscli/customizations/configure/__init__.py index ea49773888da..46aeed5f53db 100644 --- a/awscli/customizations/configure/__init__.py +++ b/awscli/customizations/configure/__init__.py @@ -11,7 +11,7 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. import string -from botocore.vendored.six.moves import shlex_quote +from awscli.compat import shlex NOT_SET = '' PREDEFINED_SECTION_NAMES = ('preview', 'plugins') @@ -45,5 +45,5 @@ def mask_value(current_value): def profile_to_section(profile_name): """Converts a profile name to a section header to be used in the config.""" if any(c in _WHITESPACE for c in profile_name): - profile_name = shlex_quote(profile_name) + profile_name = shlex.quote(profile_name) return 'profile %s' % profile_name diff --git a/awscli/customizations/configure/get.py b/awscli/customizations/configure/get.py index a8c55f743473..1d48e06fa46d 100644 --- a/awscli/customizations/configure/get.py +++ b/awscli/customizations/configure/get.py @@ -14,7 +14,6 @@ import logging from awscli.customizations.commands import BasicCommand -from awscli.compat import six from . import PREDEFINED_SECTION_NAMES @@ -56,7 +55,7 @@ def _run_main(self, args, parsed_globals): LOG.debug(u'Config value retrieved: %s' % value) - if isinstance(value, six.string_types): + if isinstance(value, str): self._stream.write(value) self._stream.write('\n') return 0 diff --git a/awscli/customizations/configure/list.py b/awscli/customizations/configure/list.py index e70b68dc763e..b703453e34e2 100644 --- a/awscli/customizations/configure/list.py +++ b/awscli/customizations/configure/list.py @@ -20,15 +20,21 @@ class ConfigureListCommand(BasicCommand): NAME = 'list' DESCRIPTION = ( - 'List the AWS CLI configuration data. This command will ' - 'show you the current configuration data. For each configuration ' - 'item, it will show you the value, where the configuration value ' - 'was retrieved, and the configuration variable name. For example, ' + 'Lists the profile, access key, secret key, and region configuration ' + 'information used for the specified profile. For each configuration ' + 'item, it shows the value, where the configuration value ' + 'was retrieved, and the configuration variable name.\n' + '\n' + 'For example, ' 'if you provide the AWS region in an environment variable, this ' - 'command will show you the name of the region you\'ve configured, ' - 'it will tell you that this value came from an environment ' - 'variable, and it will tell you the name of the environment ' + 'command shows you the name of the region you\'ve configured, ' + 'that this value came from an environment ' + 'variable, and the name of the environment ' 'variable.\n' + '\n' + 'For temporary credential methods such as roles and IAM Identity ' + 'Center, this command displays the temporarily cached access key and ' + 'secret access key is displayed.\n' ) SYNOPSIS = 'aws configure list [--profile profile-name]' EXAMPLES = ( diff --git a/awscli/customizations/dynamodb.py b/awscli/customizations/dynamodb.py index 90aaab1d39df..83bd5685f579 100644 --- a/awscli/customizations/dynamodb.py +++ b/awscli/customizations/dynamodb.py @@ -14,8 +14,6 @@ import binascii import logging -from awscli.compat import six - logger = logging.getLogger(__name__) diff --git a/awscli/customizations/ec2/bundleinstance.py b/awscli/customizations/ec2/bundleinstance.py index 37c3461258c8..46c9ae16e673 100644 --- a/awscli/customizations/ec2/bundleinstance.py +++ b/awscli/customizations/ec2/bundleinstance.py @@ -17,8 +17,6 @@ import base64 import datetime -from awscli.compat import six - from awscli.arguments import CustomArgument logger = logging.getLogger('ec2bundleinstance') @@ -132,9 +130,9 @@ def _generate_signature(params): policy = params.get('UploadPolicy') sak = params.get('_SAK') if policy and sak: - policy = base64.b64encode(six.b(policy)).decode('utf-8') + policy = base64.b64encode(policy.encode('latin-1')).decode('utf-8') new_hmac = hmac.new(sak.encode('utf-8'), digestmod=sha1) - new_hmac.update(six.b(policy)) + new_hmac.update(policy.encode('latin-1')) ps = base64.encodebytes(new_hmac.digest()).strip().decode('utf-8') params['UploadPolicySignature'] = ps del params['_SAK'] diff --git a/awscli/customizations/ec2/decryptpassword.py b/awscli/customizations/ec2/decryptpassword.py index 9d110636463d..a62a3493ce6d 100644 --- a/awscli/customizations/ec2/decryptpassword.py +++ b/awscli/customizations/ec2/decryptpassword.py @@ -14,7 +14,6 @@ import os import base64 import rsa -from awscli.compat import six from botocore import model @@ -109,7 +108,7 @@ def _decrypt_password_data(self, parsed, **kwargs): try: with open(self._key_path) as pk_file: pk_contents = pk_file.read() - private_key = rsa.PrivateKey.load_pkcs1(six.b(pk_contents)) + private_key = rsa.PrivateKey.load_pkcs1(pk_contents.encode("latin-1")) value = base64.b64decode(value) value = rsa.decrypt(value, private_key) logger.debug(parsed) diff --git a/awscli/customizations/eks/kubeconfig.py b/awscli/customizations/eks/kubeconfig.py index aeae45bfa1fe..a680384a3153 100644 --- a/awscli/customizations/eks/kubeconfig.py +++ b/awscli/customizations/eks/kubeconfig.py @@ -67,6 +67,13 @@ def has_cluster(self, name): return name in [cluster['name'] for cluster in self.content['clusters'] if 'name' in cluster] + def __eq__(self, other): + return ( + isinstance(other, Kubeconfig) + and self.path == other.path + and self.content == other.content + ) + class KubeconfigValidator(object): def __init__(self): diff --git a/awscli/customizations/emr/argumentschema.py b/awscli/customizations/emr/argumentschema.py index 3c85e7cdd6c6..2022480a56ca 100644 --- a/awscli/customizations/emr/argumentschema.py +++ b/awscli/customizations/emr/argumentschema.py @@ -57,6 +57,41 @@ "description": "Instance group application configurations." } +ONDEMAND_CAPACITY_RESERVATION_OPTIONS_SCHEMA = { + "type": "object", + "properties" : { + "UsageStrategy": { + "type": "string", + "description": "The strategy of whether to use available capacity reservations to fulfill On-Demand capacity.", + "enum": ["use-capacity-reservations-first"] + }, + "CapacityReservationPreference": { + "type": "string", + "description": "The preference of the capacity reservation of the instance.", + "enum": [ + "open", + "none" + ] + }, + "CapacityReservationResourceGroupArn": { + "type": "string", + "description": "The ARN of the capacity reservation resource group in which to run the instance." + } + } +} + +SPOT_ALLOCATION_STRATEGY_SCHEMA = { + "type": "string", + "description": "The strategy to use to launch Spot instance fleets.", + "enum": ["capacity-optimized", "price-capacity-optimized", "lowest-price", "diversified", "capacity-optimized-prioritized"] +} + +ONDEMAND_ALLOCATION_STRATEGY_SCHEMA = { + "type": "string", + "description": "The strategy to use to launch On-Demand instance fleets.", + "enum": ["lowest-price", "prioritized"] +} + INSTANCE_GROUPS_SCHEMA = { "type": "array", "items": { @@ -343,6 +378,11 @@ "type": "string", "description": "The AMI ID of a custom AMI to use when Amazon EMR provisions EC2 instances." }, + "Priority": { + "type": "double", + "description": "The priority at which Amazon EMR launches the EC2 instances with this instance type. " + "Priority starts at 0, which is the highest priority. Amazon EMR considers the highest priority first." + }, "EbsConfiguration": { "type": "object", "description": "EBS configuration that is associated with the instance group.", @@ -406,33 +446,8 @@ "OnDemandSpecification": { "type": "object", "properties": { - "AllocationStrategy": { - "type": "string", - "description": "The strategy to use in launching On-Demand instance fleets.", - "enum": ["lowest-price"] - }, - "CapacityReservationOptions": { - "type": "object", - "properties" : { - "UsageStrategy": { - "type": "string", - "description": "The strategy of whether to use unused Capacity Reservations for fulfilling On-Demand capacity.", - "enum": ["use-capacity-reservations-first"] - }, - "CapacityReservationPreference": { - "type": "string", - "description": "The preference of the instance's Capacity Reservation.", - "enum": [ - "open", - "none" - ] - }, - "CapacityReservationResourceGroupArn": { - "type": "string", - "description": "The ARN of the Capacity Reservation resource group in which to run the instance." - } - } - } + "AllocationStrategy": ONDEMAND_ALLOCATION_STRATEGY_SCHEMA, + "CapacityReservationOptions": ONDEMAND_CAPACITY_RESERVATION_OPTIONS_SCHEMA } }, "SpotSpecification": { @@ -454,11 +469,7 @@ "type": "integer", "description": "Block duration in minutes." }, - "AllocationStrategy": { - "type": "string", - "description": "The strategy to use in launching Spot instance fleets.", - "enum": ["capacity-optimized", "price-capacity-optimized", "lowest-price", "diversified"] - } + "AllocationStrategy": SPOT_ALLOCATION_STRATEGY_SCHEMA } } } @@ -472,7 +483,8 @@ "TimeoutDurationMinutes": { "type" : "integer", "description": "The time, in minutes, after which the resize will be stopped if requested resources are unavailable." - } + }, + "AllocationStrategy": SPOT_ALLOCATION_STRATEGY_SCHEMA } }, "OnDemandResizeSpecification": { @@ -481,10 +493,16 @@ "TimeoutDurationMinutes": { "type" : "integer", "description": "The time, in minutes, after which the resize will be stopped if requested resources are unavailable." - } + }, + "AllocationStrategy": ONDEMAND_ALLOCATION_STRATEGY_SCHEMA, + "CapacityReservationOptions": ONDEMAND_CAPACITY_RESERVATION_OPTIONS_SCHEMA } } } + }, + "Context": { + "type": "string", + "description": "Reserved." } } } @@ -831,6 +849,22 @@ "The parameter is used to split capacity allocation between core and task nodes." } } + }, + "ScalingStrategy": { + "type": "string", + "enum": ["DEFAULT", "ADVANCED"], + "description": + "Determines whether a custom scaling utilization performance index can be set. " + "Possible values include ADVANCED or DEFAULT." + }, + "UtilizationPerformanceIndex": { + "type": "integer", + "description": + "An integer value that represents an advanced scaling strategy. " + "Setting a higher value optimizes for performance. " + "Setting a lower value optimizes for resource conservation. " + "Setting the value to 50 balances performance and resource conservation. " + "Possible values are 1, 25, 50, 75, and 100." } } } diff --git a/awscli/customizations/emr/constants.py b/awscli/customizations/emr/constants.py index 25c18b46ec87..8d2bb51a6bbe 100644 --- a/awscli/customizations/emr/constants.py +++ b/awscli/customizations/emr/constants.py @@ -22,6 +22,7 @@ EMR_AUTOSCALING_ROLE_POLICY_NAME = "AmazonElasticMapReduceforAutoScalingRole" EMR_AUTOSCALING_SERVICE_NAME = "application-autoscaling" EMR_AUTOSCALING_SERVICE_PRINCIPAL = "application-autoscaling.amazonaws.com" +EC2_SERVICE_PRINCIPAL = "ec2.amazonaws.com" # Action on failure CONTINUE = 'CONTINUE' diff --git a/awscli/customizations/emr/createcluster.py b/awscli/customizations/emr/createcluster.py index 7213e13c9e5e..63ad398e1c15 100644 --- a/awscli/customizations/emr/createcluster.py +++ b/awscli/customizations/emr/createcluster.py @@ -78,6 +78,11 @@ class CreateCluster(Command): 'help_text': helptext.TERMINATION_PROTECTED}, {'name': 'no-termination-protected', 'action': 'store_true', 'group_name': 'termination_protected'}, + {'name': 'unhealthy-node-replacement', 'action': 'store_true', + 'group_name': 'unhealthy_node_replacement', + 'help_text': helptext.UNHEALTHY_NODE_REPLACEMENT}, + {'name': 'no-unhealthy-node-replacement', 'action': 'store_true', + 'group_name': 'unhealthy_node_replacement'}, {'name': 'scale-down-behavior', 'help_text': helptext.SCALE_DOWN_BEHAVIOR}, {'name': 'visible-to-all-users', 'action': 'store_true', @@ -116,6 +121,10 @@ class CreateCluster(Command): 'help_text' : helptext.CUSTOM_AMI_ID}, {'name': 'ebs-root-volume-size', 'help_text' : helptext.EBS_ROOT_VOLUME_SIZE}, + {'name': 'ebs-root-volume-iops', + 'help_text' : helptext.EBS_ROOT_VOLUME_IOPS}, + {'name': 'ebs-root-volume-throughput', + 'help_text' : helptext.EBS_ROOT_VOLUME_THROUGHPUT}, {'name': 'repo-upgrade-on-boot', 'help_text' : helptext.REPO_UPGRADE_ON_BOOT}, {'name': 'kerberos-attributes', @@ -190,9 +199,11 @@ def _run_main_command(self, parsed_args, parsed_globals): raise ValueError('aws: error: invalid json argument for ' 'option --configurations') - if (parsed_args.release_label is None and - parsed_args.ami_version is not None): - is_valid_ami_version = re.match('\d?\..*', parsed_args.ami_version) + if ( + parsed_args.release_label is None + and parsed_args.ami_version is not None + ): + is_valid_ami_version = re.match(r'\d?\..*', parsed_args.ami_version) if is_valid_ami_version is None: raise exceptions.InvalidAmiVersionError( ami_version=parsed_args.ami_version) @@ -246,6 +257,14 @@ def _run_main_command(self, parsed_args, parsed_globals): '--termination-protected', parsed_args.no_termination_protected, '--no-termination-protected') + + if (parsed_args.unhealthy_node_replacement or parsed_args.no_unhealthy_node_replacement): + instances_config['UnhealthyNodeReplacement'] = \ + emrutils.apply_boolean_options( + parsed_args.unhealthy_node_replacement, + '--unhealthy-node-replacement', + parsed_args.no_unhealthy_node_replacement, + '--no-unhealthy-node-replacement') if (parsed_args.visible_to_all_users is False and parsed_args.no_visible_to_all_users is False): @@ -343,6 +362,14 @@ def _run_main_command(self, parsed_args, parsed_globals): emrutils.apply_dict( params, 'EbsRootVolumeSize', int(parsed_args.ebs_root_volume_size) ) + if parsed_args.ebs_root_volume_iops is not None: + emrutils.apply_dict( + params, 'EbsRootVolumeIops', int(parsed_args.ebs_root_volume_iops) + ) + if parsed_args.ebs_root_volume_throughput is not None: + emrutils.apply_dict( + params, 'EbsRootVolumeThroughput', int(parsed_args.ebs_root_volume_throughput) + ) if parsed_args.repo_upgrade_on_boot is not None: emrutils.apply_dict( diff --git a/awscli/customizations/emr/createdefaultroles.py b/awscli/customizations/emr/createdefaultroles.py index 164f97354575..11c7c0e0580a 100644 --- a/awscli/customizations/emr/createdefaultroles.py +++ b/awscli/customizations/emr/createdefaultroles.py @@ -24,6 +24,7 @@ from awscli.customizations.emr.command import Command from awscli.customizations.emr.constants import EC2 from awscli.customizations.emr.constants import EC2_ROLE_NAME +from awscli.customizations.emr.constants import EC2_SERVICE_PRINCIPAL from awscli.customizations.emr.constants import ROLE_ARN_PATTERN from awscli.customizations.emr.constants import EMR from awscli.customizations.emr.constants import EMR_ROLE_NAME @@ -64,6 +65,9 @@ def get_role_policy_arn(region, policy_name): def get_service_principal(service, endpoint_host, session=None): + if service == EC2: + return EC2_SERVICE_PRINCIPAL + suffix, region = _get_suffix_and_region_from_endpoint_host(endpoint_host) if session is None: session = botocore.session.Session() @@ -277,7 +281,7 @@ def _create_role_with_role_policy( service_principal.append(get_service_principal( service, self.emr_endpoint_url, self._session)) - LOG.debug(service_principal) + LOG.debug(f'Adding service principal(s) to trust policy: {service_principal}') parameters = {'RoleName': role_name} _assume_role_policy = \ diff --git a/awscli/customizations/emr/exceptions.py b/awscli/customizations/emr/exceptions.py index 678176cb8cac..9aba3d053331 100644 --- a/awscli/customizations/emr/exceptions.py +++ b/awscli/customizations/emr/exceptions.py @@ -259,12 +259,14 @@ class MissingClusterAttributesError(EmrError): """ In the modify-cluster-attributes command, customers need to provide at least one of the following cluster attributes: --visible-to-all-users, - --no-visible-to-all-users, --termination-protected - and --no-termination-protected + --no-visible-to-all-users, --termination-protected, --no-termination-protected, + --auto-terminate and --no-auto-terminate """ fmt = ('aws: error: Must specify one of the following boolean options: ' '--visible-to-all-users|--no-visible-to-all-users, ' - '--termination-protected|--no-termination-protected.') + '--termination-protected|--no-termination-protected, ' + '--auto-terminate|--no-auto-terminate, ' + '--unhealthy-node-replacement|--no-unhealthy-node-replacement.') class InvalidEmrFsArgumentsError(EmrError): diff --git a/awscli/customizations/emr/helptext.py b/awscli/customizations/emr/helptext.py index 067fb12b2223..cf8f587bfa7a 100755 --- a/awscli/customizations/emr/helptext.py +++ b/awscli/customizations/emr/helptext.py @@ -368,6 +368,17 @@ ' in GiB, of the EBS root device volume of the Amazon Linux AMI' ' that is used for each EC2 instance in the cluster.

') +EBS_ROOT_VOLUME_IOPS = ( + '

This option is available only with Amazon EMR version 6.15.0 and later. Specifies the IOPS,' + ' of the EBS root device volume of the Amazon Linux AMI' + ' that is used for each EC2 instance in the cluster.

') + +EBS_ROOT_VOLUME_THROUGHPUT = ( + '

This option is available only with Amazon EMR version 6.15.0 and later. Specifies the throughput,' + ' in MiB/s, of the EBS root device volume of the Amazon Linux AMI' + ' that is used for each EC2 instance in the cluster.

') + + SECURITY_CONFIG = ( '

Specifies the name of a security configuration to use for the cluster.' ' A security configuration defines data encryption settings and' @@ -507,3 +518,7 @@ 'to access the same IAM resources that the step can access. ' 'The execution role can be a cross-account IAM Role.

' ) + +UNHEALTHY_NODE_REPLACEMENT = ( + '

Unhealthy node replacement for an Amazon EMR cluster.

' +) diff --git a/awscli/customizations/emr/instancefleetsutils.py b/awscli/customizations/emr/instancefleetsutils.py index 6c098803dfd1..02d8f0b7a826 100644 --- a/awscli/customizations/emr/instancefleetsutils.py +++ b/awscli/customizations/emr/instancefleetsutils.py @@ -65,6 +65,9 @@ def validate_and_build_instance_fleets(parsed_instance_fleets): if 'OnDemandResizeSpecification' in instanceFleetResizeSpecifications: instance_fleet_config['ResizeSpecifications']['OnDemandResizeSpecification'] = \ instanceFleetResizeSpecifications['OnDemandResizeSpecification'] + + if 'Context' in keys: + instance_fleet_config['Context'] = instance_fleet['Context'] instance_fleets.append(instance_fleet_config) return instance_fleets diff --git a/awscli/customizations/emr/modifyclusterattributes.py b/awscli/customizations/emr/modifyclusterattributes.py index 8581c21e37cd..888dce8489d7 100644 --- a/awscli/customizations/emr/modifyclusterattributes.py +++ b/awscli/customizations/emr/modifyclusterattributes.py @@ -19,8 +19,8 @@ class ModifyClusterAttr(Command): NAME = 'modify-cluster-attributes' - DESCRIPTION = ("Modifies the cluster attributes 'visible-to-all-users' and" - " 'termination-protected'.") + DESCRIPTION = ("Modifies the cluster attributes 'visible-to-all-users', " + " 'termination-protected' and 'unhealthy-node-replacement'.") ARG_TABLE = [ {'name': 'cluster-id', 'required': True, 'help_text': helptext.CLUSTER_ID}, @@ -36,6 +36,18 @@ class ModifyClusterAttr(Command): {'name': 'no-termination-protected', 'required': False, 'action': 'store_true', 'group_name': 'terminate', 'help_text': 'Set termination protection on or off'}, + {'name': 'auto-terminate', 'required': False, 'action': + 'store_true', 'group_name': 'auto_terminate', + 'help_text': 'Set cluster auto terminate after completing all the steps on or off'}, + {'name': 'no-auto-terminate', 'required': False, 'action': + 'store_true', 'group_name': 'auto_terminate', + 'help_text': 'Set cluster auto terminate after completing all the steps on or off'}, + {'name': 'unhealthy-node-replacement', 'required': False, 'action': + 'store_true', 'group_name': 'UnhealthyReplacement', + 'help_text': 'Set Unhealthy Node Replacement on or off'}, + {'name': 'no-unhealthy-node-replacement', 'required': False, 'action': + 'store_true', 'group_name': 'UnhealthyReplacement', + 'help_text': 'Set Unhealthy Node Replacement on or off'}, ] def _run_main_command(self, args, parsed_globals): @@ -48,8 +60,18 @@ def _run_main_command(self, args, parsed_globals): raise exceptions.MutualExclusiveOptionError( option1='--termination-protected', option2='--no-termination-protected') + if (args.auto_terminate and args.no_auto_terminate): + raise exceptions.MutualExclusiveOptionError( + option1='--auto-terminate', + option2='--no-auto-terminate') + if (args.unhealthy_node_replacement and args.no_unhealthy_node_replacement): + raise exceptions.MutualExclusiveOptionError( + option1='--unhealthy-node-replacement', + option2='--no-unhealthy-node-replacement') if not(args.termination_protected or args.no_termination_protected or - args.visible_to_all_users or args.no_visible_to_all_users): + args.visible_to_all_users or args.no_visible_to_all_users or + args.auto_terminate or args.no_auto_terminate or + args.unhealthy_node_replacement or args.no_unhealthy_node_replacement): raise exceptions.MissingClusterAttributesError() if (args.visible_to_all_users or args.no_visible_to_all_users): @@ -69,4 +91,23 @@ def _run_main_command(self, args, parsed_globals): emrutils.call_and_display_response(self._session, 'SetTerminationProtection', parameters, parsed_globals) + + if (args.auto_terminate or args.no_auto_terminate): + auto_terminate = (args.auto_terminate and + not args.no_auto_terminate) + parameters = {'JobFlowIds': [args.cluster_id], + 'KeepJobFlowAliveWhenNoSteps': not auto_terminate} + emrutils.call_and_display_response(self._session, + 'SetKeepJobFlowAliveWhenNoSteps', + parameters, parsed_globals) + + if (args.unhealthy_node_replacement or args.no_unhealthy_node_replacement): + protected = (args.unhealthy_node_replacement and + not args.no_unhealthy_node_replacement) + parameters = {'JobFlowIds': [args.cluster_id], + 'UnhealthyNodeReplacement': protected} + emrutils.call_and_display_response(self._session, + 'SetUnhealthyNodeReplacement', + parameters, parsed_globals) + return 0 diff --git a/awscli/customizations/history/show.py b/awscli/customizations/history/show.py index da8bb84fec1b..771e1678e0f8 100644 --- a/awscli/customizations/history/show.py +++ b/awscli/customizations/history/show.py @@ -19,7 +19,6 @@ import colorama from awscli.table import COLORAMA_KWARGS -from awscli.compat import six from awscli.customizations.history.commands import HistorySubcommand from awscli.customizations.history.filters import RegexFilter @@ -213,7 +212,7 @@ def _display_value(self, value_definition, event_record): self._write_output(formatted_value) def _write_output(self, content): - if isinstance(content, six.text_type): + if isinstance(content, str): content = content.encode('utf-8') self._output.write(content) diff --git a/awscli/customizations/logs/__init__.py b/awscli/customizations/logs/__init__.py new file mode 100644 index 000000000000..d6672092735e --- /dev/null +++ b/awscli/customizations/logs/__init__.py @@ -0,0 +1,9 @@ +from awscli.customizations.logs.startlivetail import StartLiveTailCommand + + +def register_logs_commands(cli): + cli.register('building-command-table.logs', inject_start_live_tail_command) + + +def inject_start_live_tail_command(command_table, session, **kwargs): + command_table['start-live-tail'] = StartLiveTailCommand(session) \ No newline at end of file diff --git a/awscli/customizations/logs/startlivetail.py b/awscli/customizations/logs/startlivetail.py new file mode 100644 index 000000000000..db4adbd354d6 --- /dev/null +++ b/awscli/customizations/logs/startlivetail.py @@ -0,0 +1,289 @@ +# Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You +# may not use this file except in compliance with the License. A copy of +# the License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is +# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF +# ANY KIND, either express or implied. See the License for the specific +# language governing permissions and limitations under the License. +from functools import partial +from threading import Thread +import contextlib +import signal +import sys +import time + +from awscli.compat import get_stdout_text_writer +from awscli.customizations.commands import BasicCommand +from awscli.utils import is_a_tty + + +DESCRIPTION = ( + "Starts a Live Tail streaming session for one or more log groups. " + "A Live Tail session provides a near real-time streaming of " + "log events as they are ingested into selected log groups. " + "A session can go on for a maximum of 3 hours.\n\n" + "You must have logs:StartLiveTail permission to perform this operation. " + "If the log events matching the filters are more than 500 events per second, " + "we sample the events to provide the real-time tailing experience.\n\n" + "If you are using CloudWatch cross-account observability, " + "you can use this operation in a monitoring account and start tailing on " + "Log Group(s) present in the linked source accounts. " + "For more information, see " + "https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html.\n\n" + "Live Tail sessions incur charges by session usage time, per minute. " + "For pricing details, please refer to " + "https://aws.amazon.com/cloudwatch/pricing/." +) + +LIST_SCHEMA = {"type": "array", "items": {"type": "string"}} + +LOG_GROUP_IDENTIFIERS = { + "name": "log-group-identifiers", + "required": True, + "positional_arg": False, + "nargs": "+", + "schema": LIST_SCHEMA, + "help_text": ( + "The Log Group Identifiers are the ARNs for the CloudWatch Logs groups to tail. " + "You can provide up to 10 Log Group Identifiers.\n\n" + "Logs can be filtered by Log Stream(s) by providing " + "--log-stream-names or --log-stream-name-prefixes. " + "If more than one Log Group is provided " + "--log-stream-names and --log-stream-name-prefixes is disabled. " + "--log-stream-names and --log-stream-name-prefixes can't be provided simultaneously.\n\n" + "Note - The Log Group ARN must be in the following format. " + "Replace REGION and ACCOUNT_ID with your Region and account ID. " + "``arn:aws:logs:REGION :ACCOUNT_ID :log-group:LOG_GROUP_NAME``. " + "A ``:*`` after the ARN is prohibited." + "For more information about ARN format, " + 'see CloudWatch Logs resources and operations.' + ), +} + +LOG_STREAM_NAMES = { + "name": "log-stream-names", + "positional_arg": False, + "nargs": "+", + "schema": LIST_SCHEMA, + "help_text": ( + "The list of stream names to filter logs by.\n\n This parameter cannot be " + "specified when --log-stream-name-prefixes are also specified. " + "This parameter cannot be specified when multiple log-group-identifiers are specified" + ), +} + +LOG_STREAM_NAME_PREFIXES = { + "name": "log-stream-name-prefixes", + "positional_arg": False, + "nargs": "+", + "schema": LIST_SCHEMA, + "help_text": ( + "The prefix to filter logs by. Only events from log streams with names beginning " + "with this prefix will be returned. \n\nThis parameter cannot be specified when " + "--log-stream-names is also specified. This parameter cannot be specified when " + "multiple log-group-identifiers are specified" + ), +} + +LOG_EVENT_FILTER_PATTERN = { + "name": "log-event-filter-pattern", + "positional_arg": False, + "cli_type_name": "string", + "help_text": ( + "The filter pattern to use. " + 'See Filter and Pattern Syntax ' + "for details. If not provided, all the events are matched. " + "This option can be used to include or exclude log events patterns. " + "Additionally, when multiple filter patterns are provided, they must be encapsulated by quotes." + ), +} + + +def signal_handler(printer, signum, frame): + printer.interrupt_session = True + + +@contextlib.contextmanager +def handle_signal(printer): + signal_list = [signal.SIGINT, signal.SIGTERM] + if sys.platform != "win32": + signal_list.append(signal.SIGPIPE) + actual_signals = [] + for user_signal in signal_list: + actual_signals.append( + signal.signal(user_signal, partial(signal_handler, printer)) + ) + try: + yield + finally: + for sig, user_signal in enumerate(signal_list): + signal.signal(user_signal, actual_signals[sig]) + + +class LiveTailSessionMetadata: + def __init__(self) -> None: + self._session_start_time = time.time() + self._is_sampled = False + + @property + def session_start_time(self): + return self._session_start_time + + @property + def is_sampled(self): + return self._is_sampled + + def update_metadata(self, session_metadata): + self._is_sampled = session_metadata["sampled"] + + +class PrintOnlyPrinter: + def __init__(self, output, log_events) -> None: + self._output = output + self._log_events = log_events + self.interrupt_session = False + + def _print_log_events(self): + for log_event in self._log_events: + self._output.write(log_event + "\n") + self._output.flush() + + self._log_events.clear() + + def run(self): + try: + while True: + self._print_log_events() + + if self.interrupt_session: + break + + time.sleep(1) + except (BrokenPipeError, KeyboardInterrupt): + pass + + +class PrintOnlyUI: + def __init__(self, output, log_events) -> None: + self._log_events = log_events + self._printer = PrintOnlyPrinter(output, self._log_events) + + def exit(self): + self._printer.interrupt_session = True + + def run(self): + with handle_signal(self._printer): + self._printer.run() + + +class LiveTailLogEventsCollector(Thread): + def __init__( + self, + output, + ui, + response_stream, + log_events: list, + session_metadata: LiveTailSessionMetadata, + ) -> None: + super().__init__() + self._output = output + self._ui = ui + self._response_stream = response_stream + self._log_events = log_events + self._session_metadata = session_metadata + self._exception = None + + def _collect_log_events(self): + try: + for event in self._response_stream: + if not "sessionUpdate" in event: + continue + + session_update = event["sessionUpdate"] + self._session_metadata.update_metadata( + session_update["sessionMetadata"] + ) + logEvents = session_update["sessionResults"] + for logEvent in logEvents: + self._log_events.append(logEvent["message"]) + except Exception as e: + self._exception = e + + self._ui.exit() + + def stop(self): + if self._exception is not None: + self._output.write(str(self._exception) + "\n") + self._output.flush() + + def run(self): + self._collect_log_events() + + +class StartLiveTailCommand(BasicCommand): + NAME = "start-live-tail" + DESCRIPTION = DESCRIPTION + ARG_TABLE = [ + LOG_GROUP_IDENTIFIERS, + LOG_STREAM_NAMES, + LOG_STREAM_NAME_PREFIXES, + LOG_EVENT_FILTER_PATTERN, + ] + + def __init__(self, session): + super(StartLiveTailCommand, self).__init__(session) + self._output = get_stdout_text_writer() + + def _get_client(self, parsed_globals): + return self._session.create_client( + "logs", + region_name=parsed_globals.region, + endpoint_url=parsed_globals.endpoint_url, + verify=parsed_globals.verify_ssl, + ) + + def _get_start_live_tail_kwargs(self, parsed_args): + kwargs = {"logGroupIdentifiers": parsed_args.log_group_identifiers} + + if parsed_args.log_stream_names is not None: + kwargs["logStreamNames"] = parsed_args.log_stream_names + if parsed_args.log_stream_name_prefixes is not None: + kwargs["logStreamNamePrefixes"] = parsed_args.log_stream_name_prefixes + if parsed_args.log_event_filter_pattern is not None: + kwargs["logEventFilterPattern"] = parsed_args.log_event_filter_pattern + + return kwargs + + def _is_color_allowed(self, color): + if color == "on": + return True + elif color == "off": + return False + return is_a_tty() + + def _run_main(self, parsed_args, parsed_globals): + self._client = self._get_client(parsed_globals) + + start_live_tail_kwargs = self._get_start_live_tail_kwargs(parsed_args) + response = self._client.start_live_tail(**start_live_tail_kwargs) + + log_events = [] + session_metadata = LiveTailSessionMetadata() + + ui = PrintOnlyUI(self._output, log_events) + + log_events_collector = LiveTailLogEventsCollector( + self._output, ui, response["responseStream"], log_events, session_metadata + ) + log_events_collector.daemon = True + + log_events_collector.start() + ui.run() + + log_events_collector.stop() + sys.exit(0) diff --git a/awscli/customizations/opsworks.py b/awscli/customizations/opsworks.py index 604109cdf6c7..94d10cd876fc 100644 --- a/awscli/customizations/opsworks.py +++ b/awscli/customizations/opsworks.py @@ -24,7 +24,7 @@ from botocore.exceptions import ClientError -from awscli.compat import shlex_quote, urlopen, ensure_text_type +from awscli.compat import urlopen, ensure_text_type from awscli.customizations.commands import BasicCommand from awscli.customizations.utils import create_client_from_parsed_globals @@ -475,7 +475,7 @@ def ssh(self, args, remote_script): call.append(self._use_address) remote_call = ["/bin/sh", "-c", remote_script] - call.append(" ".join(shlex_quote(word) for word in remote_call)) + call.append(" ".join(shlex.quote(word) for word in remote_call)) subprocess.check_call(call) def _pre_config_document(self, args): diff --git a/awscli/customizations/paginate.py b/awscli/customizations/paginate.py index c1400c5758e3..fe1f3f140112 100644 --- a/awscli/customizations/paginate.py +++ b/awscli/customizations/paginate.py @@ -24,8 +24,10 @@ """ import logging +import sys from functools import partial +from awscli.customizations.utils import uni_print from botocore import xform_name from botocore.exceptions import DataNotFoundError, PaginationError from botocore import model @@ -266,6 +268,11 @@ def __init__(self, name, documentation, parse_type, serialized_name): self._parse_type = parse_type self._required = False + def _emit_non_positive_max_items_warning(self): + uni_print( + "warning: Non-positive values for --max-items may result in undefined behavior.\n", + sys.stderr) + @property def cli_name(self): return '--' + self._name @@ -292,6 +299,8 @@ def add_to_parser(self, parser): def add_to_params(self, parameters, value): if value is not None: + if self._serialized_name == 'MaxItems' and int(value) <= 0: + self._emit_non_positive_max_items_warning() pagination_config = parameters.get('PaginationConfig', {}) pagination_config[self._serialized_name] = value parameters['PaginationConfig'] = pagination_config diff --git a/awscli/customizations/removals.py b/awscli/customizations/removals.py index 853e68785a8b..5add46dc4f81 100644 --- a/awscli/customizations/removals.py +++ b/awscli/customizations/removals.py @@ -39,7 +39,9 @@ def register_removals(event_handler): 'list-bootstrap-actions', 'list-instance-groups', 'set-termination-protection', - 'set-visible-to-all-users']) + 'set-keep-job-flow-alive-when-no-steps', + 'set-visible-to-all-users', + 'set-unhealthy-node-replacement']) cmd_remover.remove(on_event='building-command-table.kinesis', remove_commands=['subscribe-to-shard']) cmd_remover.remove(on_event='building-command-table.lexv2-runtime', @@ -48,6 +50,19 @@ def register_removals(event_handler): remove_commands=['invoke-with-response-stream']) cmd_remover.remove(on_event='building-command-table.sagemaker-runtime', remove_commands=['invoke-endpoint-with-response-stream']) + cmd_remover.remove(on_event='building-command-table.bedrock-runtime', + remove_commands=['invoke-model-with-response-stream', + 'converse-stream']) + cmd_remover.remove(on_event='building-command-table.bedrock-agent-runtime', + remove_commands=['invoke-agent', + 'invoke-flow', + 'invoke-inline-agent', + 'optimize-prompt', + 'retrieve-and-generate-stream']) + cmd_remover.remove(on_event='building-command-table.qbusiness', + remove_commands=['chat']) + cmd_remover.remove(on_event='building-command-table.iotsitewise', + remove_commands=['invoke-assistant']) class CommandRemover(object): diff --git a/awscli/customizations/s3/filegenerator.py b/awscli/customizations/s3/filegenerator.py index ad0ab4f27c62..e98d78c78edb 100644 --- a/awscli/customizations/s3/filegenerator.py +++ b/awscli/customizations/s3/filegenerator.py @@ -21,7 +21,6 @@ from awscli.customizations.s3.utils import find_bucket_key, get_file_stat from awscli.customizations.s3.utils import BucketLister, create_warning, \ find_dest_path_comp_key, EPOCH_TIME -from awscli.compat import six from awscli.compat import queue _open = open @@ -250,7 +249,7 @@ def should_ignore_file_with_decoding_warnings(self, dirname, filename): happens we warn using a FileDecodingError that provides more information into what's going on. """ - if not isinstance(filename, six.text_type): + if not isinstance(filename, str): decoding_error = FileDecodingError(dirname, filename) warning = create_warning(repr(filename), decoding_error.error_message) diff --git a/awscli/customizations/s3/subcommands.py b/awscli/customizations/s3/subcommands.py index 57ed1ea9277c..3f3a2834c6d5 100644 --- a/awscli/customizations/s3/subcommands.py +++ b/awscli/customizations/s3/subcommands.py @@ -15,10 +15,10 @@ import sys from botocore.client import Config +from botocore.utils import is_s3express_bucket, ensure_boolean from dateutil.parser import parse from dateutil.tz import tzlocal -from awscli.compat import six from awscli.compat import queue from awscli.customizations.commands import BasicCommand from awscli.customizations.s3.comparator import Comparator @@ -30,7 +30,8 @@ from awscli.customizations.s3.s3handler import S3TransferHandlerFactory from awscli.customizations.s3.utils import find_bucket_key, AppendFilter, \ find_dest_path_comp_key, human_readable_size, \ - RequestParamsMapper, split_s3_bucket_key, block_unsupported_resources + RequestParamsMapper, split_s3_bucket_key, block_unsupported_resources, \ + S3PathResolver from awscli.customizations.utils import uni_print from awscli.customizations.s3.syncstrategy.base import MissingFileSync, \ SizeAndLastModifiedSync, NeverSync @@ -429,6 +430,58 @@ ) } +VALIDATE_SAME_S3_PATHS = { + 'name': 'validate-same-s3-paths', 'action': 'store_true', + 'help_text': ( + 'Resolves the source and destination S3 URIs to their ' + 'underlying buckets and verifies that the file or object ' + 'is not being moved onto itself. If you are using any type ' + 'of access point ARNs or access point aliases in your S3 URIs, ' + 'we strongly recommended using this parameter to help prevent ' + 'accidental deletions of the source file or object. This ' + 'parameter resolves the underlying buckets of S3 access point ' + 'ARNs and aliases, S3 on Outposts access point ARNs, and ' + 'Multi-Region Access Point ARNs. S3 on Outposts access point ' + 'aliases are not supported. Instead of using this parameter, ' + 'you can set the environment variable ' + '``AWS_CLI_S3_MV_VALIDATE_SAME_S3_PATHS`` to ``true``. ' + 'NOTE: Path validation requires making additional API calls. ' + 'Future updates to this path-validation mechanism might change ' + 'which API calls are made.' + ) +} + +CHECKSUM_MODE = { + 'name': 'checksum-mode', 'choices': ['ENABLED'], + 'help_text': 'To retrieve the checksum, this mode must be enabled. If the object has a ' + 'checksum, it will be verified.' +} + +CHECKSUM_ALGORITHM = { + 'name': 'checksum-algorithm', 'choices': ['CRC64NVME', 'CRC32', 'SHA256', 'SHA1', 'CRC32C'], + 'help_text': 'Indicates the algorithm used to create the checksum for the object.' +} + +BUCKET_NAME_PREFIX = { + 'name': 'bucket-name-prefix', + 'help_text': ( + 'Limits the response to bucket names that begin with the specified ' + 'bucket name prefix.' + ) +} + +BUCKET_REGION = { + 'name': 'bucket-region', + 'help_text': ( + 'Limits the response to buckets that are located in the specified ' + 'Amazon Web Services Region. The Amazon Web Services Region must be ' + 'expressed according to the Amazon Web Services Region code, such as ' + 'us-west-2 for the US West (Oregon) Region. For a list of the valid ' + 'values for all of the Amazon Web Services Regions, see ' + 'https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region' + ) +} + TRANSFER_ARGS = [DRYRUN, QUIET, INCLUDE, EXCLUDE, ACL, FOLLOW_SYMLINKS, NO_FOLLOW_SYMLINKS, NO_GUESS_MIME_TYPE, SSE, SSE_C, SSE_C_KEY, SSE_KMS_KEY_ID, SSE_C_COPY_SOURCE, @@ -437,7 +490,7 @@ CONTENT_DISPOSITION, CONTENT_ENCODING, CONTENT_LANGUAGE, EXPIRES, SOURCE_REGION, ONLY_SHOW_ERRORS, NO_PROGRESS, PAGE_SIZE, IGNORE_GLACIER_WARNINGS, FORCE_GLACIER_TRANSFER, - REQUEST_PAYER] + REQUEST_PAYER, CHECKSUM_MODE, CHECKSUM_ALGORITHM] def get_client(session, region, endpoint_url, verify, config=None): @@ -461,7 +514,8 @@ class ListCommand(S3Command): USAGE = " or NONE" ARG_TABLE = [{'name': 'paths', 'nargs': '?', 'default': 's3://', 'positional_arg': True, 'synopsis': USAGE}, RECURSIVE, - PAGE_SIZE, HUMAN_READABLE, SUMMARIZE, REQUEST_PAYER] + PAGE_SIZE, HUMAN_READABLE, SUMMARIZE, REQUEST_PAYER, + BUCKET_NAME_PREFIX, BUCKET_REGION] def _run_main(self, parsed_args, parsed_globals): super(ListCommand, self)._run_main(parsed_args, parsed_globals) @@ -475,7 +529,11 @@ def _run_main(self, parsed_args, parsed_globals): path = path[5:] bucket, key = find_bucket_key(path) if not bucket: - self._list_all_buckets() + self._list_all_buckets( + parsed_args.page_size, + parsed_args.bucket_name_prefix, + parsed_args.bucket_region, + ) elif parsed_args.dir_op: # Then --recursive was specified. self._list_all_objects_recursive( @@ -539,13 +597,30 @@ def _display_page(self, response_data, use_basename=True): uni_print(print_str) self._at_first_page = False - def _list_all_buckets(self): - response_data = self.client.list_buckets() - buckets = response_data['Buckets'] - for bucket in buckets: - last_mod_str = self._make_last_mod_str(bucket['CreationDate']) - print_str = last_mod_str + ' ' + bucket['Name'] + '\n' - uni_print(print_str) + def _list_all_buckets( + self, + page_size=None, + prefix=None, + bucket_region=None, + ): + paginator = self.client.get_paginator('list_buckets') + paging_args = { + 'PaginationConfig': {'PageSize': page_size} + } + if prefix: + paging_args['Prefix'] = prefix + if bucket_region: + paging_args['BucketRegion'] = bucket_region + + iterator = paginator.paginate(**paging_args) + + for response_data in iterator: + buckets = response_data.get('Buckets', []) + + for bucket in buckets: + last_mod_str = self._make_last_mod_str(bucket['CreationDate']) + print_str = last_mod_str + ' ' + bucket['Name'] + '\n' + uni_print(print_str) def _list_all_objects_recursive(self, bucket, key, page_size=None, request_payer=None): @@ -684,7 +759,9 @@ def _run_main(self, parsed_args, parsed_globals): self._convert_path_args(parsed_args) params = self._build_call_parameters(parsed_args, {}) cmd_params = CommandParameters(self.NAME, params, - self.USAGE) + self.USAGE, + self._session, + parsed_globals) cmd_params.add_region(parsed_globals) cmd_params.add_endpoint_url(parsed_globals) cmd_params.add_verify_ssl(parsed_globals) @@ -714,7 +791,7 @@ def _convert_path_args(self, parsed_args): parsed_args.paths = [parsed_args.paths] for i in range(len(parsed_args.paths)): path = parsed_args.paths[i] - if isinstance(path, six.binary_type): + if isinstance(path, bytes): dec_path = path.decode(sys.getfilesystemencoding()) enc_path = dec_path.encode('utf-8') new_path = enc_path.decode('utf-8') @@ -734,13 +811,13 @@ class CpCommand(S3TransferCommand): class MvCommand(S3TransferCommand): NAME = 'mv' - DESCRIPTION = "Moves a local file or S3 object to " \ - "another location locally or in S3." + DESCRIPTION = BasicCommand.FROM_FILE('s3', 'mv', '_description.rst') USAGE = " or " \ "or " ARG_TABLE = [{'name': 'paths', 'nargs': 2, 'positional_arg': True, 'synopsis': USAGE}] + TRANSFER_ARGS +\ - [METADATA, METADATA_DIRECTIVE, RECURSIVE] + [METADATA, METADATA_DIRECTIVE, RECURSIVE, VALIDATE_SAME_S3_PATHS] + class RmCommand(S3TransferCommand): NAME = 'rm' @@ -777,6 +854,9 @@ def _run_main(self, parsed_args, parsed_globals): raise TypeError("%s\nError: Invalid argument type" % self.USAGE) bucket, _ = split_s3_bucket_key(parsed_args.path) + if is_s3express_bucket(bucket): + raise ValueError("Cannot use mb command with a directory bucket.") + bucket_config = {'LocationConstraint': self.client.meta.region_name} params = {'Bucket': bucket} if self.client.meta.region_name != 'us-east-1': @@ -1122,7 +1202,8 @@ class CommandParameters(object): This class is used to do some initial error based on the parameters and arguments passed to the command line. """ - def __init__(self, cmd, parameters, usage): + def __init__(self, cmd, parameters, usage, + session=None, parsed_globals=None): """ Stores command name and parameters. Ensures that the ``dir_op`` flag is true if a certain command is being used. @@ -1135,6 +1216,8 @@ def __init__(self, cmd, parameters, usage): self.cmd = cmd self.parameters = parameters self.usage = usage + self._session = session + self._parsed_globals = parsed_globals if 'dir_op' not in parameters: self.parameters['dir_op'] = False if 'follow_symlinks' not in parameters: @@ -1166,6 +1249,21 @@ def add_paths(self, paths): self._validate_streaming_paths() self._validate_path_args() self._validate_sse_c_args() + self._validate_not_s3_express_bucket_for_sync() + + def _validate_not_s3_express_bucket_for_sync(self): + if self.cmd == 'sync' and \ + (self._is_s3express_path(self.parameters['src']) or + self._is_s3express_path(self.parameters['dest'])): + raise ValueError( + "Cannot use sync command with a directory bucket." + ) + + def _is_s3express_path(self, path): + if path.startswith("s3://"): + bucket = split_s3_bucket_key(path)[0] + return is_s3express_bucket(bucket) + return False def _validate_streaming_paths(self): self.parameters['is_stream'] = False @@ -1182,9 +1280,23 @@ def _validate_streaming_paths(self): def _validate_path_args(self): # If we're using a mv command, you can't copy the object onto itself. params = self.parameters - if self.cmd == 'mv' and self._same_path(params['src'], params['dest']): - raise ValueError("Cannot mv a file onto itself: '%s' - '%s'" % ( - params['src'], params['dest'])) + if self.cmd == 'mv' and params['paths_type']=='s3s3': + self._raise_if_mv_same_paths(params['src'], params['dest']) + if self._should_validate_same_underlying_s3_paths(): + self._validate_same_underlying_s3_paths() + if self._should_emit_validate_s3_paths_warning(): + self._emit_validate_s3_paths_warning() + + if params.get('checksum_algorithm'): + self._raise_if_paths_type_incorrect_for_param( + CHECKSUM_ALGORITHM['name'], + params['paths_type'], + ['locals3', 's3s3']) + if params.get('checksum_mode'): + self._raise_if_paths_type_incorrect_for_param( + CHECKSUM_MODE['name'], + params['paths_type'], + ['s3local']) # If the user provided local path does not exist, hard fail because # we know that we will not be able to upload the file. @@ -1209,6 +1321,79 @@ def _same_path(self, src, dest): src_base = os.path.basename(src) return src == os.path.join(dest, src_base) + def _same_key(self, src, dest): + _, src_key = split_s3_bucket_key(src) + _, dest_key = split_s3_bucket_key(dest) + return self._same_path(f'/{src_key}', f'/{dest_key}') + + def _validate_same_s3_paths_enabled(self): + validate_env_var = ensure_boolean( + os.environ.get('AWS_CLI_S3_MV_VALIDATE_SAME_S3_PATHS')) + return (self.parameters.get('validate_same_s3_paths') or + validate_env_var) + + def _should_emit_validate_s3_paths_warning(self): + is_same_key = self._same_key( + self.parameters['src'], self.parameters['dest']) + src_has_underlying_path = S3PathResolver.has_underlying_s3_path( + self.parameters['src']) + dest_has_underlying_path = S3PathResolver.has_underlying_s3_path( + self.parameters['dest']) + return (is_same_key and not self._validate_same_s3_paths_enabled() and + (src_has_underlying_path or dest_has_underlying_path)) + + def _emit_validate_s3_paths_warning(self): + msg = ( + "warning: Provided s3 paths may resolve to same underlying " + "s3 object(s) and result in deletion instead of being moved. " + "To resolve and validate underlying s3 paths are not the same, " + "specify the --validate-same-s3-paths flag or set the " + "AWS_CLI_S3_MV_VALIDATE_SAME_S3_PATHS environment variable to true. " + "To resolve s3 outposts access point path, the arn must be " + "used instead of the alias.\n" + ) + uni_print(msg, sys.stderr) + + def _should_validate_same_underlying_s3_paths(self): + is_same_key = self._same_key( + self.parameters['src'], self.parameters['dest']) + return is_same_key and self._validate_same_s3_paths_enabled() + + def _validate_same_underlying_s3_paths(self): + src_paths = S3PathResolver.from_session( + self._session, + self.parameters.get('source_region', self._parsed_globals.region), + self._parsed_globals.verify_ssl + ).resolve_underlying_s3_paths(self.parameters['src']) + dest_paths = S3PathResolver.from_session( + self._session, + self._parsed_globals.region, + self._parsed_globals.verify_ssl + ).resolve_underlying_s3_paths(self.parameters['dest']) + for src_path in src_paths: + for dest_path in dest_paths: + self._raise_if_mv_same_paths(src_path, dest_path) + + def _raise_if_mv_same_paths(self, src, dest): + if self._same_path(src, dest): + raise ValueError( + "Cannot mv a file onto itself: " + f"{self.parameters['src']} - {self.parameters['dest']}" + ) + + def _raise_if_paths_type_incorrect_for_param(self, param, paths_type, allowed_paths): + if paths_type not in allowed_paths: + expected_usage_map = { + 'locals3': ' ', + 's3s3': ' ', + 's3local': ' ', + 's3': '' + } + raise ValueError( + f"Expected {param} parameter to be used with one of following path formats: " + f"{', '.join([expected_usage_map[path] for path in allowed_paths])}. Instead, received {expected_usage_map[paths_type]}." + ) + def _normalize_s3_trailing_slash(self, paths): for i, path in enumerate(paths): if path.startswith('s3://'): diff --git a/awscli/customizations/s3/syncstrategy/delete.py b/awscli/customizations/s3/syncstrategy/delete.py index 35e088cb2dec..9858b264e44c 100644 --- a/awscli/customizations/s3/syncstrategy/delete.py +++ b/awscli/customizations/s3/syncstrategy/delete.py @@ -21,7 +21,8 @@ DELETE = {'name': 'delete', 'action': 'store_true', 'help_text': ( "Files that exist in the destination but not in the source are " - "deleted during sync.")} + "deleted during sync. Note that files excluded by filters are " + "excluded from deletion.")} class DeleteSync(BaseSync): diff --git a/awscli/customizations/s3/transferconfig.py b/awscli/customizations/s3/transferconfig.py index d65d21d5bca5..b533aee4eced 100644 --- a/awscli/customizations/s3/transferconfig.py +++ b/awscli/customizations/s3/transferconfig.py @@ -13,7 +13,6 @@ from s3transfer.manager import TransferConfig from awscli.customizations.s3.utils import human_readable_to_bytes -from awscli.compat import six # If the user does not specify any overrides, # these are the default values we use for the s3 transfer # commands. @@ -64,13 +63,13 @@ def build_config(self, **kwargs): def _convert_human_readable_sizes(self, runtime_config): for attr in self.HUMAN_READABLE_SIZES: value = runtime_config.get(attr) - if value is not None and not isinstance(value, six.integer_types): + if value is not None and not isinstance(value, int): runtime_config[attr] = human_readable_to_bytes(value) def _convert_human_readable_rates(self, runtime_config): for attr in self.HUMAN_READABLE_RATES: value = runtime_config.get(attr) - if value is not None and not isinstance(value, six.integer_types): + if value is not None and not isinstance(value, int): if not value.endswith('B/s'): raise InvalidConfigError( 'Invalid rate: %s. The value must be expressed ' diff --git a/awscli/customizations/s3/utils.py b/awscli/customizations/s3/utils.py index 95a1d75119d9..fab04fc53788 100644 --- a/awscli/customizations/s3/utils.py +++ b/awscli/customizations/s3/utils.py @@ -474,12 +474,14 @@ def map_put_object_params(cls, request_params, cli_params): cls._set_sse_request_params(request_params, cli_params) cls._set_sse_c_request_params(request_params, cli_params) cls._set_request_payer_param(request_params, cli_params) + cls._set_checksum_algorithm_param(request_params, cli_params) @classmethod def map_get_object_params(cls, request_params, cli_params): """Map CLI params to GetObject request params""" cls._set_sse_c_request_params(request_params, cli_params) cls._set_request_payer_param(request_params, cli_params) + cls._set_checksum_mode_param(request_params, cli_params) @classmethod def map_copy_object_params(cls, request_params, cli_params): @@ -492,6 +494,7 @@ def map_copy_object_params(cls, request_params, cli_params): cls._set_sse_c_and_copy_source_request_params( request_params, cli_params) cls._set_request_payer_param(request_params, cli_params) + cls._set_checksum_algorithm_param(request_params, cli_params) @classmethod def map_head_object_params(cls, request_params, cli_params): @@ -534,6 +537,16 @@ def _set_request_payer_param(cls, request_params, cli_params): if cli_params.get('request_payer'): request_params['RequestPayer'] = cli_params['request_payer'] + @classmethod + def _set_checksum_mode_param(cls, request_params, cli_params): + if cli_params.get('checksum_mode'): + request_params['ChecksumMode'] = cli_params['checksum_mode'] + + @classmethod + def _set_checksum_algorithm_param(cls, request_params, cli_params): + if cli_params.get('checksum_algorithm'): + request_params['ChecksumAlgorithm'] = cli_params['checksum_algorithm'] + @classmethod def _set_general_object_params(cls, request_params, cli_params): # Parameters set in this method should be applicable to the following @@ -796,3 +809,114 @@ def read(self, amt=None): return self._fileobj.read() else: return self._fileobj.read(amt) + + +class S3PathResolver: + _S3_ACCESSPOINT_ARN_TO_ACCOUNT_NAME_REGEX = re.compile( + r'^arn:aws.*:s3:[a-z0-9\-]+:(?P[0-9]{12}):accesspoint[:/]' + r'(?P[a-z0-9\-]{3,50})$' + ) + _S3_OUTPOST_ACCESSPOINT_ARN_TO_ACCOUNT_REGEX = re.compile( + r'^arn:aws.*:s3-outposts:[a-z0-9\-]+:(?P[0-9]{12}):outpost/' + r'op-[a-zA-Z0-9]+/accesspoint[:/][a-z0-9\-]{3,50}$' + ) + _S3_MRAP_ARN_TO_ACCOUNT_ALIAS_REGEX = re.compile( + r'^arn:aws:s3::(?P[0-9]{12}):accesspoint[:/]' + r'(?P[a-zA-Z0-9]+\.mrap)$' + ) + + def __init__(self, s3control_client, sts_client): + self._s3control_client = s3control_client + self._sts_client = sts_client + + @classmethod + def has_underlying_s3_path(self, path): + bucket, _ = split_s3_bucket_key(path) + return bool( + self._S3_ACCESSPOINT_ARN_TO_ACCOUNT_NAME_REGEX.match(bucket) or + self._S3_OUTPOST_ACCESSPOINT_ARN_TO_ACCOUNT_REGEX.match(bucket) or + self._S3_MRAP_ARN_TO_ACCOUNT_ALIAS_REGEX.match(bucket) or + bucket.endswith('-s3alias') or bucket.endswith('--op-s3')) + + @classmethod + def from_session(cls, session, region, verify_ssl): + s3control_client = session.create_client( + 's3control', + region_name=region, + verify=verify_ssl, + ) + sts_client = session.create_client( + 'sts', + verify=verify_ssl, + ) + return cls(s3control_client, sts_client) + + def resolve_underlying_s3_paths(self, path): + bucket, key = split_s3_bucket_key(path) + match = self._S3_ACCESSPOINT_ARN_TO_ACCOUNT_NAME_REGEX.match(bucket) + if match: + return self._resolve_accesspoint_arn( + match.group('account'), match.group('name'), key + ) + match = self._S3_OUTPOST_ACCESSPOINT_ARN_TO_ACCOUNT_REGEX.match(bucket) + if match: + return self._resolve_accesspoint_arn( + match.group('account'), bucket, key + ) + match = self._S3_MRAP_ARN_TO_ACCOUNT_ALIAS_REGEX.match(bucket) + if match: + return self._resolve_mrap_alias( + match.group('account'), match.group('alias'), key + ) + if bucket.endswith('-s3alias'): + return self._resolve_accesspoint_alias(bucket, key) + if bucket.endswith('--op-s3'): + raise ValueError( + "Can't resolve underlying bucket name of s3 outposts " + "access point alias. Use arn instead to resolve the " + "bucket name and validate the mv command." + ) + return [path] + + def _resolve_accesspoint_arn(self, account, name, key): + bucket = self._get_access_point_bucket(account, name) + return [f"s3://{bucket}/{key}"] + + def _resolve_accesspoint_alias(self, alias, key): + account = self._get_account_id() + bucket = self._get_access_point_bucket(account, alias) + return [f"s3://{bucket}/{key}"] + + def _resolve_mrap_alias(self, account, alias, key): + buckets = self._get_mrap_buckets(account, alias) + return [f"s3://{bucket}/{key}" for bucket in buckets] + + def _get_access_point_bucket(self, account, name): + return self._s3control_client.get_access_point( + AccountId=account, + Name=name + )['Bucket'] + + def _get_account_id(self): + return self._sts_client.get_caller_identity()['Account'] + + def _get_mrap_buckets(self, account, alias): + next_token = None + while True: + args = {"AccountId": account} + if next_token: + args['NextToken'] = next_token + response = self._s3control_client.list_multi_region_access_points( + **args + ) + for access_point in response['AccessPoints']: + if access_point['Alias'] == alias: + return [ + region["Bucket"] for region in access_point["Regions"] + ] + next_token = response.get('NextToken') + if not next_token: + raise ValueError( + "Couldn't find multi-region access point " + f"with alias {alias} in account {account}" + ) diff --git a/awscli/customizations/s3events.py b/awscli/customizations/s3events.py index 5895a7e7c77c..a0522cb31f06 100644 --- a/awscli/customizations/s3events.py +++ b/awscli/customizations/s3events.py @@ -31,6 +31,12 @@ def register_event_stream_arg(event_handlers): ) +def register_document_expires_string(event_handlers): + event_handlers.register_last( + 'doc-output.s3api', + document_expires_string + ) + def add_event_stream_output_arg(argument_table, operation_model, session, **kwargs): argument_table['outfile'] = S3SelectStreamOutputArgument( @@ -56,6 +62,30 @@ def replace_event_stream_docs(help_command, **kwargs): doc.write("This command generates no output. The selected " "object content is written to the specified outfile.\n") +def document_expires_string(help_command, **kwargs): + doc = help_command.doc + expires_field_idx = doc.find_last_write('Expires -> (timestamp)') + + if expires_field_idx is None: + return + + deprecation_note_and_expires_string = [ + f'\n\n\n{" " * doc.style.indentation * doc.style.indent_width}', + '.. note::', + f'\n\n\n{" " * (doc.style.indentation + 1) * doc.style.indent_width}', + 'This member has been deprecated. Please use `ExpiresString` instead.\n', + f'\n\n{" " * doc.style.indentation * doc.style.indent_width}', + f'\n\n{" " * doc.style.indentation * doc.style.indent_width}', + 'ExpiresString -> (string)\n\n', + '\tThe raw, unparsed value of the ``Expires`` field.', + f'\n\n{" " * doc.style.indentation * doc.style.indent_width}' + ] + + for idx, write in enumerate(deprecation_note_and_expires_string): + # We add 4 to the index of the expires field name because each + # field in the output section consists of exactly 4 elements. + doc.insert_write(expires_field_idx + idx + 4, write) + class S3SelectStreamOutputArgument(CustomArgument): _DOCUMENT_AS_REQUIRED = True diff --git a/awscli/customizations/sessionmanager.py b/awscli/customizations/sessionmanager.py index c33aaca590c7..cfbffe22a298 100644 --- a/awscli/customizations/sessionmanager.py +++ b/awscli/customizations/sessionmanager.py @@ -13,8 +13,10 @@ import logging import json import errno +import os +import re -from subprocess import check_call +from subprocess import check_call, check_output from awscli.compat import ignore_user_entered_signals from awscli.clidriver import ServiceOperation, CLIOperationCaller @@ -44,8 +46,43 @@ def add_custom_start_session(session, command_table, **kwargs): ) -class StartSessionCommand(ServiceOperation): +class VersionRequirement: + WHITESPACE_REGEX = re.compile(r"\s+") + SSM_SESSION_PLUGIN_VERSION_REGEX = re.compile(r"^\d+(\.\d+){0,3}$") + + def __init__(self, min_version): + self.min_version = min_version + + def meets_requirement(self, version): + ssm_plugin_version = self._sanitize_plugin_version(version) + if self._is_valid_version(ssm_plugin_version): + norm_version, norm_min_version = self._normalize( + ssm_plugin_version, self.min_version + ) + return norm_version > norm_min_version + else: + return False + + def _sanitize_plugin_version(self, plugin_version): + return re.sub(self.WHITESPACE_REGEX, "", plugin_version) + + def _is_valid_version(self, plugin_version): + return bool( + self.SSM_SESSION_PLUGIN_VERSION_REGEX.match(plugin_version) + ) + + def _normalize(self, v1, v2): + v1_parts = [int(v) for v in v1.split(".")] + v2_parts = [int(v) for v in v2.split(".")] + while len(v1_parts) != len(v2_parts): + if len(v1_parts) - len(v2_parts) > 0: + v2_parts.append(0) + else: + v1_parts.append(0) + return v1_parts, v2_parts + +class StartSessionCommand(ServiceOperation): def create_help_command(self): help_command = super( StartSessionCommand, self).create_help_command() @@ -55,6 +92,9 @@ def create_help_command(self): class StartSessionCaller(CLIOperationCaller): + LAST_PLUGIN_VERSION_WITHOUT_ENV_VAR = "1.2.497.0" + DEFAULT_SSM_ENV_NAME = "AWS_SSM_START_SESSION_RESPONSE" + def invoke(self, service_name, operation_name, parameters, parsed_globals): client = self._session.create_client( @@ -64,14 +104,41 @@ def invoke(self, service_name, operation_name, parameters, response = client.start_session(**parameters) session_id = response['SessionId'] region_name = client.meta.region_name - # profile_name is used to passed on to session manager plugin + # Profile_name is used to passed on to session manager plugin # to fetch same profile credentials to make an api call in the plugin. - # If no profile is passed then pass on empty string - profile_name = self._session.profile \ - if self._session.profile is not None else '' + # If --profile flag is configured, pass it to Session Manager plugin. + # If not, set empty string. + profile_name = parsed_globals.profile \ + if parsed_globals.profile is not None else '' endpoint_url = client.meta.endpoint_url + ssm_env_name = self.DEFAULT_SSM_ENV_NAME try: + session_parameters = { + "SessionId": response["SessionId"], + "TokenValue": response["TokenValue"], + "StreamUrl": response["StreamUrl"], + } + start_session_response = json.dumps(session_parameters) + + plugin_version = check_output( + ["session-manager-plugin", "--version"], text=True + ) + env = os.environ.copy() + + # Check if this plugin supports passing the start session response + # as an environment variable name. If it does, it will set the + # value to the response from the start_session operation to the env + # variable defined in DEFAULT_SSM_ENV_NAME. If the session plugin + # version is invalid or older than the version defined in + # LAST_PLUGIN_VERSION_WITHOUT_ENV_VAR, it will fall back to + # passing the start_session response directly. + version_requirement = VersionRequirement( + min_version=self.LAST_PLUGIN_VERSION_WITHOUT_ENV_VAR + ) + if version_requirement.meets_requirement(plugin_version): + env[ssm_env_name] = start_session_response + start_session_response = ssm_env_name # ignore_user_entered_signals ignores these signals # because if signals which kills the process are not # captured would kill the foreground process but not the @@ -81,12 +148,13 @@ def invoke(self, service_name, operation_name, parameters, with ignore_user_entered_signals(): # call executable with necessary input check_call(["session-manager-plugin", - json.dumps(response), + start_session_response, region_name, "StartSession", profile_name, json.dumps(parameters), - endpoint_url]) + endpoint_url], env=env) + return 0 except OSError as ex: if ex.errno == errno.ENOENT: diff --git a/awscli/data/cli.json b/awscli/data/cli.json index 9e4a91795d7a..85a2efebf537 100644 --- a/awscli/data/cli.json +++ b/awscli/data/cli.json @@ -17,7 +17,7 @@ }, "no-paginate": { "action": "store_false", - "help": "

Disable automatic pagination.

", + "help": "

Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results.

", "dest": "paginate" }, "output": { diff --git a/awscli/errorhandler.py b/awscli/errorhandler.py index 20f38bac640e..0984cf40aa64 100644 --- a/awscli/errorhandler.py +++ b/awscli/errorhandler.py @@ -16,16 +16,27 @@ class BaseOperationError(Exception): - MSG_TEMPLATE = ("A {error_type} error ({error_code}) occurred " - "when calling the {operation_name} operation: " - "{error_message}") + MSG_TEMPLATE = ( + "A {error_type} error ({error_code}) occurred " + "when calling the {operation_name} operation: " + "{error_message}" + ) - def __init__(self, error_code, error_message, error_type, operation_name, - http_status_code): + def __init__( + self, + error_code, + error_message, + error_type, + operation_name, + http_status_code, + ): msg = self.MSG_TEMPLATE.format( - error_code=error_code, error_message=error_message, - error_type=error_type, operation_name=operation_name) - super(BaseOperationError, self).__init__(msg) + error_code=error_code, + error_message=error_message, + error_type=error_type, + operation_name=operation_name, + ) + super().__init__(msg) self.error_code = error_code self.error_message = error_message self.error_type = error_type @@ -41,7 +52,7 @@ class ServerError(BaseOperationError): pass -class ErrorHandler(object): +class ErrorHandler: """ This class is responsible for handling any HTTP errors that occur when a service operation is called. It is registered for the @@ -59,15 +70,21 @@ def __call__(self, http_response, parsed, model, **kwargs): if http_response.status_code >= 500: error_type = 'server' error_class = ServerError - elif http_response.status_code >= 400 or http_response.status_code == 301: + elif ( + http_response.status_code >= 400 + or http_response.status_code == 301 + ): error_type = 'client' error_class = ClientError if error_class is not None: code, message = self._get_error_code_and_message(parsed) raise error_class( - error_code=code, error_message=message, - error_type=error_type, operation_name=model.name, - http_status_code=http_response.status_code) + error_code=code, + error_message=message, + error_type=error_type, + operation_name=model.name, + http_status_code=http_response.status_code, + ) def _get_error_code_and_message(self, response): code = 'Unknown' diff --git a/awscli/examples/accessanalyzer/apply-archive-rule.rst b/awscli/examples/accessanalyzer/apply-archive-rule.rst new file mode 100644 index 000000000000..0d210ecf81c0 --- /dev/null +++ b/awscli/examples/accessanalyzer/apply-archive-rule.rst @@ -0,0 +1,11 @@ +**To apply an archive rule to existing findings that meet the archive rule criteria** + +The following ``apply-archive-rule`` example applies an archive rule to existing findings that meet the archive rule criteria. :: + + aws accessanalyzer apply-archive-rule \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/UnusedAccess-ConsoleAnalyzer-organization \ + --rule-name MyArchiveRule + +This command produces no output. + +For more information, see `Archive rules `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/cancel-policy-generation.rst b/awscli/examples/accessanalyzer/cancel-policy-generation.rst new file mode 100644 index 000000000000..66a79c993925 --- /dev/null +++ b/awscli/examples/accessanalyzer/cancel-policy-generation.rst @@ -0,0 +1,10 @@ +**To cancel the requested policy generation** + +The following ``cancel-policy-generation`` example cancels the requested policy generation job id. :: + + aws accessanalyzer cancel-policy-generation \ + --job-id 923a56b0-ebb8-4e80-8a3c-a11ccfbcd6f2 + +This command produces no output. + +For more information, see `IAM Access Analyzer policy generation `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/check-access-not-granted.rst b/awscli/examples/accessanalyzer/check-access-not-granted.rst new file mode 100644 index 000000000000..06eb1924c8b3 --- /dev/null +++ b/awscli/examples/accessanalyzer/check-access-not-granted.rst @@ -0,0 +1,36 @@ +**To check whether the specified access isn't allowed by a policy** + +The following ``check-access-not-granted`` example checks whether the specified access isn't allowed by a policy. :: + + aws accessanalyzer check-access-not-granted \ + --policy-document file://myfile.json \ + --access actions="s3:DeleteBucket","s3:GetBucketLocation" \ + --policy-type IDENTITY_POLICY + +Contents of ``myfile.json``:: + + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "s3:GetObject", + "s3:ListBucket" + ], + "Resource": [ + "arn:aws:s3:::amzn-s3-demo-bucket", + "arn:aws:s3:::amzn-s3-demo-bucket/*" + ] + } + ] + } + +Output:: + + { + "result": "PASS", + "message": "The policy document does not grant access to perform one or more of the listed actions." + } + +For more information, see `Previewing access with IAM Access Analyzer APIs `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/check-no-new-access.rst b/awscli/examples/accessanalyzer/check-no-new-access.rst new file mode 100644 index 000000000000..2f339afaa0ee --- /dev/null +++ b/awscli/examples/accessanalyzer/check-no-new-access.rst @@ -0,0 +1,62 @@ +**To check whether new access is allowed for an updated policy when compared to the existing policy** + +The following ``check-no-new-access`` example checks whether new access is allowed for an updated policy when compared to the existing policy. :: + + aws accessanalyzer check-no-new-access \ + --existing-policy-document file://existing-policy.json \ + --new-policy-document file://new-policy.json \ + --policy-type IDENTITY_POLICY + +Contents of ``existing-policy.json``:: + + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "s3:GetObject", + "s3:ListBucket" + ], + "Resource": [ + "arn:aws:s3:::amzn-s3-demo-bucket", + "arn:aws:s3:::amzn-s3-demo-bucket/*" + ] + } + ] + } + +Contents of ``new-policy.json``:: + + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ + "s3:GetObject", + "s3:GetObjectAcl", + "s3:ListBucket" + ], + "Resource": [ + "arn:aws:s3:::amzn-s3-demo-bucket", + "arn:aws:s3:::amzn-s3-demo-bucket/*" + ] + } + ] + } + +Output:: + + { + "result": "FAIL", + "message": "The modified permissions grant new access compared to your existing policy.", + "reasons": [ + { + "description": "New access in the statement with index: 0.", + "statementIndex": 0 + } + ] + } + +For more information, see `Previewing access with IAM Access Analyzer APIs `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/check-no-public-access.rst b/awscli/examples/accessanalyzer/check-no-public-access.rst new file mode 100644 index 000000000000..bcba8b657f69 --- /dev/null +++ b/awscli/examples/accessanalyzer/check-no-public-access.rst @@ -0,0 +1,32 @@ +**To check whether a resource policy can grant public access to the specified resource type** + +The following ``check-no-public-access`` example checks whether a resource policy can grant public access to the specified resource type. :: + + aws accessanalyzer check-no-public-access \ + --policy-document file://check-no-public-access-myfile.json \ + --resource-type AWS::S3::Bucket + +Contents of ``myfile.json``:: + + { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "CheckNoPublicAccess", + "Effect": "Allow", + "Principal": { "AWS": "arn:aws:iam::111122223333:user/JohnDoe" }, + "Action": [ + "s3:GetObject" + ] + } + ] + } + +Output:: + + { + "result": "PASS", + "message": "The resource policy does not grant public access for the given resource type." + } + +For more information, see `Previewing access with IAM Access Analyzer APIs `__ in the *AWS IAM User Guide*. diff --git a/awscli/examples/accessanalyzer/create-access-preview.rst b/awscli/examples/accessanalyzer/create-access-preview.rst new file mode 100644 index 000000000000..2a12685763af --- /dev/null +++ b/awscli/examples/accessanalyzer/create-access-preview.rst @@ -0,0 +1,37 @@ +**To create an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions** + +The following ``create-access-preview`` example creates an access preview that allows you to preview IAM Access Analyzer findings for your resource before deploying resource permissions in your AWS account. :: + + aws accessanalyzer create-access-preview \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account \ + --configurations file://myfile.json + +Contents of ``myfile.json``:: + + { + "arn:aws:s3:::amzn-s3-demo-bucket": { + "s3Bucket": { + "bucketPolicy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":[\"arn:aws:iam::111122223333:root\"]},\"Action\":[\"s3:PutObject\",\"s3:PutObjectAcl\"],\"Resource\":\"arn:aws:s3:::amzn-s3-demo-bucket/*\"}]}", + "bucketPublicAccessBlock": { + "ignorePublicAcls": true, + "restrictPublicBuckets": true + }, + "bucketAclGrants": [ + { + "grantee": { + "id": "79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be" + }, + "permission": "READ" + } + ] + } + } + } + +Output:: + + { + "id": "3c65eb13-6ef9-4629-8919-a32043619e6b" + } + +For more information, see `Previewing access with IAM Access Analyzer APIs `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/create-analyzer.rst b/awscli/examples/accessanalyzer/create-analyzer.rst new file mode 100644 index 000000000000..2dda1c1276bc --- /dev/null +++ b/awscli/examples/accessanalyzer/create-analyzer.rst @@ -0,0 +1,15 @@ +**To create an analyzer** + +The following ``create-analyzer`` example creates an analyzer in your AWS account. :: + + aws accessanalyzer create-analyzer \ + --analyzer-name example \ + --type ACCOUNT + +Output:: + + { + "arn": "arn:aws:access-analyzer:us-east-2:111122223333:analyzer/example" + } + +For more information, see `Getting started with AWS Identity and Access Management Access Analyzer findings `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/create-archive-rule.rst b/awscli/examples/accessanalyzer/create-archive-rule.rst new file mode 100644 index 000000000000..e33b4300fa91 --- /dev/null +++ b/awscli/examples/accessanalyzer/create-archive-rule.rst @@ -0,0 +1,12 @@ +**To create an archive rule for the specified analyzer** + +The following ``create-archive-rule`` example creates an archive rule for the specified analyzer in your AWS account. :: + + aws accessanalyzer create-archive-rule \ + --analyzer-name UnusedAccess-ConsoleAnalyzer-organization \ + --rule-name MyRule \ + --filter '{"resource": {"contains": ["Cognito"]}, "resourceType": {"eq": ["AWS::IAM::Role"]}}' + +This command produces no output. + +For more information, see `Archive rules `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/delete-analyzer.rst b/awscli/examples/accessanalyzer/delete-analyzer.rst new file mode 100644 index 000000000000..f74aabe3ab4e --- /dev/null +++ b/awscli/examples/accessanalyzer/delete-analyzer.rst @@ -0,0 +1,10 @@ +**To delete the specified analyzer** + +The following ``delete-analyzer`` example deletes the specified analyzer in your AWS account. :: + + aws accessanalyzer delete-analyzer \ + --analyzer-name example + +This command produces no output. + +For more information, see `Archive rules `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/delete-archive-rule.rst b/awscli/examples/accessanalyzer/delete-archive-rule.rst new file mode 100644 index 000000000000..ad3a1a3521cf --- /dev/null +++ b/awscli/examples/accessanalyzer/delete-archive-rule.rst @@ -0,0 +1,11 @@ +**To delete the specified archive rule** + +The following ``delete-archive-rule`` example deletes the specified archive rule in your AWS account. :: + + aws accessanalyzer delete-archive-rule \ + --analyzer-name UnusedAccess-ConsoleAnalyzer-organization \ + --rule-name MyRule + +This command produces no output. + +For more information, see `Archive rules `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/get-access-preview.rst b/awscli/examples/accessanalyzer/get-access-preview.rst new file mode 100644 index 000000000000..519f4bbff485 --- /dev/null +++ b/awscli/examples/accessanalyzer/get-access-preview.rst @@ -0,0 +1,39 @@ +**To retrieves information about an access preview for the specified analyzer** + +The following ``get-access-preview`` example retrieves information about an access preview for the specified analyzer in your AWS account. :: + + aws accessanalyzer get-access-preview \ + --access-preview-id 3c65eb13-6ef9-4629-8919-a32043619e6b \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account + +Output:: + + { + "accessPreview": { + "id": "3c65eb13-6ef9-4629-8919-a32043619e6b", + "analyzerArn": "arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account", + "configurations": { + "arn:aws:s3:::amzn-s3-demo-bucket": { + "s3Bucket": { + "bucketPolicy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":[\"arn:aws:iam::111122223333:root\"]},\"Action\":[\"s3:PutObject\",\"s3:PutObjectAcl\"],\"Resource\":\"arn:aws:s3:::amzn-s3-demo-bucket/*\"}]}", + "bucketAclGrants": [ + { + "permission": "READ", + "grantee": { + "id": "79a59df900b949e55d96a1e698fbacedfd6e09d98eacf8f8d5218e7cd47ef2be" + } + } + ], + "bucketPublicAccessBlock": { + "ignorePublicAcls": true, + "restrictPublicBuckets": true + } + } + } + }, + "createdAt": "2024-02-17T00:18:44+00:00", + "status": "COMPLETED" + } + } + +For more information, see `Previewing access with IAM Access Analyzer APIs `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/get-analyzed-resource.rst b/awscli/examples/accessanalyzer/get-analyzed-resource.rst new file mode 100644 index 000000000000..b05ac7fffab9 --- /dev/null +++ b/awscli/examples/accessanalyzer/get-analyzed-resource.rst @@ -0,0 +1,21 @@ +**To retrieve information about a resource that was analyzed** + +The following ``get-analyzed-resource`` example retrieves information about a resource that was analyzed in your AWS account. :: + + aws accessanalyzer get-analyzed-resource \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account \ + --resource-arn arn:aws:s3:::amzn-s3-demo-bucket + +Output:: + + { + "resource": { + "analyzedAt": "2024-02-15T18:01:53.002000+00:00", + "isPublic": false, + "resourceArn": "arn:aws:s3:::amzn-s3-demo-bucket", + "resourceOwnerAccount": "111122223333", + "resourceType": "AWS::S3::Bucket" + } + } + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/get-analyzer.rst b/awscli/examples/accessanalyzer/get-analyzer.rst new file mode 100644 index 000000000000..bcb3fbd3d28a --- /dev/null +++ b/awscli/examples/accessanalyzer/get-analyzer.rst @@ -0,0 +1,25 @@ +**To retrieve information about the specified analyzer** + +The following ``get-analyzer`` example retrieves information about the specified analyzer in your AWS account. :: + + aws accessanalyzer get-analyzer \ + --analyzer-name ConsoleAnalyzer-account + +Output:: + + { + "analyzer": { + "arn": "arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account", + "createdAt": "2019-12-03T07:28:17+00:00", + "lastResourceAnalyzed": "arn:aws:sns:us-west-2:111122223333:config-topic", + "lastResourceAnalyzedAt": "2024-02-15T18:01:53.003000+00:00", + "name": "ConsoleAnalyzer-account", + "status": "ACTIVE", + "tags": { + "auto-delete": "no" + }, + "type": "ACCOUNT" + } + } + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/get-archive-rule.rst b/awscli/examples/accessanalyzer/get-archive-rule.rst new file mode 100644 index 000000000000..c122b5028c01 --- /dev/null +++ b/awscli/examples/accessanalyzer/get-archive-rule.rst @@ -0,0 +1,31 @@ +**To retrieve information about an archive rule** + +The following ``get-archive-rule`` example retrieves information about an archive rule in your AWS account. :: + + aws accessanalyzer get-archive-rule \ + --analyzer-name UnusedAccess-ConsoleAnalyzer-organization \ + --rule-name MyArchiveRule + +Output:: + + { + "archiveRule": { + "createdAt": "2024-02-15T00:49:27+00:00", + "filter": { + "resource": { + "contains": [ + "Cognito" + ] + }, + "resourceType": { + "eq": [ + "AWS::IAM::Role" + ] + } + }, + "ruleName": "MyArchiveRule", + "updatedAt": "2024-02-15T00:49:27+00:00" + } + } + +For more information, see `Archive rules `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/get-finding-v2.rst b/awscli/examples/accessanalyzer/get-finding-v2.rst new file mode 100644 index 000000000000..263b1e9f4d56 --- /dev/null +++ b/awscli/examples/accessanalyzer/get-finding-v2.rst @@ -0,0 +1,40 @@ +**To retrieve information about the specified finding** + +The following ``get-finding-v2`` example etrieves information about the specified finding in your AWS account. :: + + aws accessanalyzer get-finding-v2 \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-organization \ + --id 0910eedb-381e-4e95-adda-0d25c19e6e90 + +Output:: + + { + "findingDetails": [ + { + "externalAccessDetails": { + "action": [ + "sts:AssumeRoleWithWebIdentity" + ], + "condition": { + "cognito-identity.amazonaws.com:aud": "us-west-2:EXAMPLE0-0000-0000-0000-000000000000" + }, + "isPublic": false, + "principal": { + "Federated": "cognito-identity.amazonaws.com" + } + } + } + ], + "resource": "arn:aws:iam::111122223333:role/Cognito_testpoolAuth_Role", + "status": "ACTIVE", + "error": null, + "createdAt": "2021-02-26T21:17:50.905000+00:00", + "resourceType": "AWS::IAM::Role", + "findingType": "ExternalAccess", + "resourceOwnerAccount": "111122223333", + "analyzedAt": "2024-02-16T18:17:47.888000+00:00", + "id": "0910eedb-381e-4e95-adda-0d25c19e6e90", + "updatedAt": "2021-02-26T21:17:50.905000+00:00" + } + +For more information, see `Reviewing findings `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/get-finding.rst b/awscli/examples/accessanalyzer/get-finding.rst new file mode 100644 index 000000000000..098ab7d38254 --- /dev/null +++ b/awscli/examples/accessanalyzer/get-finding.rst @@ -0,0 +1,34 @@ +**To retrieve information about the specified finding** + +The following ``get-finding`` example etrieves information about the specified finding in your AWS account. :: + + aws accessanalyzer get-finding \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-organization \ + --id 0910eedb-381e-4e95-adda-0d25c19e6e90 + +Output:: + + { + "finding": { + "id": "0910eedb-381e-4e95-adda-0d25c19e6e90", + "principal": { + "Federated": "cognito-identity.amazonaws.com" + }, + "action": [ + "sts:AssumeRoleWithWebIdentity" + ], + "resource": "arn:aws:iam::111122223333:role/Cognito_testpoolAuth_Role", + "isPublic": false, + "resourceType": "AWS::IAM::Role", + "condition": { + "cognito-identity.amazonaws.com:aud": "us-west-2:EXAMPLE0-0000-0000-0000-000000000000" + }, + "createdAt": "2021-02-26T21:17:50.905000+00:00", + "analyzedAt": "2024-02-16T18:17:47.888000+00:00", + "updatedAt": "2021-02-26T21:17:50.905000+00:00", + "status": "ACTIVE", + "resourceOwnerAccount": "111122223333" + } + } + +For more information, see `Reviewing findings `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/get-generated-policy.rst b/awscli/examples/accessanalyzer/get-generated-policy.rst new file mode 100644 index 000000000000..de98785749d7 --- /dev/null +++ b/awscli/examples/accessanalyzer/get-generated-policy.rst @@ -0,0 +1,41 @@ +**To retrieve the policy that was generated using the `StartPolicyGeneration` API** + +The following ``get-generated-policy`` example retrieves the policy that was generated using the `StartPolicyGeneration` API in your AWS account. :: + + aws accessanalyzer get-generated-policy \ + --job-id c557dc4a-0338-4489-95dd-739014860ff9 + +Output:: + + { + "generatedPolicyResult": { + "generatedPolicies": [ + { + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"SupportedServiceSid0\",\"Effect\":\"Allow\",\"Action\":[\"access-analyzer:GetAnalyzer\",\"access-analyzer:ListAnalyzers\",\"access-analyzer:ListArchiveRules\",\"access-analyzer:ListFindings\",\"cloudtrail:DescribeTrails\",\"cloudtrail:GetEventDataStore\",\"cloudtrail:GetEventSelectors\",\"cloudtrail:GetInsightSelectors\",\"cloudtrail:GetTrailStatus\",\"cloudtrail:ListChannels\",\"cloudtrail:ListEventDataStores\",\"cloudtrail:ListQueries\",\"cloudtrail:ListTags\",\"cloudtrail:LookupEvents\",\"ec2:DescribeRegions\",\"iam:GetAccountSummary\",\"iam:GetOpenIDConnectProvider\",\"iam:GetRole\",\"iam:ListAccessKeys\",\"iam:ListAccountAliases\",\"iam:ListOpenIDConnectProviders\",\"iam:ListRoles\",\"iam:ListSAMLProviders\",\"kms:ListAliases\",\"s3:GetBucketLocation\",\"s3:ListAllMyBuckets\"],\"Resource\":\"*\"}]}" + } + ], + "properties": { + "cloudTrailProperties": { + "endTime": "2024-02-14T22:44:40+00:00", + "startTime": "2024-02-13T00:30:00+00:00", + "trailProperties": [ + { + "allRegions": true, + "cloudTrailArn": "arn:aws:cloudtrail:us-west-2:111122223333:trail/my-trail", + "regions": [] + } + ] + }, + "isComplete": false, + "principalArn": "arn:aws:iam::111122223333:role/Admin" + } + }, + "jobDetails": { + "completedOn": "2024-02-14T22:47:01+00:00", + "jobId": "c557dc4a-0338-4489-95dd-739014860ff9", + "startedOn": "2024-02-14T22:44:41+00:00", + "status": "SUCCEEDED" + } + } + +For more information, see `IAM Access Analyzer policy generation `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/list-access-preview-findings.rst b/awscli/examples/accessanalyzer/list-access-preview-findings.rst new file mode 100644 index 000000000000..23383c510767 --- /dev/null +++ b/awscli/examples/accessanalyzer/list-access-preview-findings.rst @@ -0,0 +1,39 @@ +**To retrieve a list of access preview findings generated by the specified access preview** + +The following ``list-access-preview-findings`` example retrieves a list of access preview findings generated by the specified access preview in your AWS account. :: + + aws accessanalyzer list-access-preview-findings \ + --access-preview-id 3c65eb13-6ef9-4629-8919-a32043619e6b \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account + +Output:: + + { + "findings": [ + { + "id": "e22fc158-1c87-4c32-9464-e7f405ce8d74", + "principal": { + "AWS": "111122223333" + }, + "action": [ + "s3:PutObject", + "s3:PutObjectAcl" + ], + "condition": {}, + "resource": "arn:aws:s3:::amzn-s3-demo-bucket", + "isPublic": false, + "resourceType": "AWS::S3::Bucket", + "createdAt": "2024-02-17T00:18:46+00:00", + "changeType": "NEW", + "status": "ACTIVE", + "resourceOwnerAccount": "111122223333", + "sources": [ + { + "type": "POLICY" + } + ] + } + ] + } + +For more information, see `Previewing access with IAM Access Analyzer APIs `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/list-access-previews.rst b/awscli/examples/accessanalyzer/list-access-previews.rst new file mode 100644 index 000000000000..ae6417910d3a --- /dev/null +++ b/awscli/examples/accessanalyzer/list-access-previews.rst @@ -0,0 +1,21 @@ +**To retrieve a list of access previews for the specified analyzer** + +The following ``list-access-previews`` example retrieves a list of access previews for the specified analyzer in your AWS account. :: + + aws accessanalyzer list-access-previews \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account + +Output:: + + { + "accessPreviews": [ + { + "id": "3c65eb13-6ef9-4629-8919-a32043619e6b", + "analyzerArn": "arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account", + "createdAt": "2024-02-17T00:18:44+00:00", + "status": "COMPLETED" + } + ] + } + +For more information, see `Previewing access with IAM Access Analyzer APIs `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/list-analyzed-resources.rst b/awscli/examples/accessanalyzer/list-analyzed-resources.rst new file mode 100644 index 000000000000..b8c2726782dd --- /dev/null +++ b/awscli/examples/accessanalyzer/list-analyzed-resources.rst @@ -0,0 +1,36 @@ +**To list the available widgets** + +The following ``list-analyzed-resources`` example lists the available widgets in your AWS account. :: + + aws accessanalyzer list-analyzed-resources \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account \ + --resource-type AWS::IAM::Role + +Output:: + + { + "analyzedResources": [ + { + "resourceArn": "arn:aws:sns:us-west-2:111122223333:Validation-Email", + "resourceOwnerAccount": "111122223333", + "resourceType": "AWS::SNS::Topic" + }, + { + "resourceArn": "arn:aws:sns:us-west-2:111122223333:admin-alerts", + "resourceOwnerAccount": "111122223333", + "resourceType": "AWS::SNS::Topic" + }, + { + "resourceArn": "arn:aws:sns:us-west-2:111122223333:config-topic", + "resourceOwnerAccount": "111122223333", + "resourceType": "AWS::SNS::Topic" + }, + { + "resourceArn": "arn:aws:sns:us-west-2:111122223333:inspector-topic", + "resourceOwnerAccount": "111122223333", + "resourceType": "AWS::SNS::Topic" + } + ] + } + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/list-analyzers.rst b/awscli/examples/accessanalyzer/list-analyzers.rst new file mode 100644 index 000000000000..95b595c7e420 --- /dev/null +++ b/awscli/examples/accessanalyzer/list-analyzers.rst @@ -0,0 +1,48 @@ +**To retrieve a list of analyzers** + +The following ``list-analyzers`` example retrieves a list of analyzers in your AWS account. :: + + aws accessanalyzer list-analyzers + +Output:: + + { + "analyzers": [ + { + "arn": "arn:aws:access-analyzer:us-west-2:111122223333:analyzer/UnusedAccess-ConsoleAnalyzer-organization", + "createdAt": "2024-02-15T00:46:40+00:00", + "name": "UnusedAccess-ConsoleAnalyzer-organization", + "status": "ACTIVE", + "tags": { + "auto-delete": "no" + }, + "type": "ORGANIZATION_UNUSED_ACCESS" + }, + { + "arn": "arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-organization", + "createdAt": "2020-04-25T07:43:28+00:00", + "lastResourceAnalyzed": "arn:aws:s3:::amzn-s3-demo-bucket", + "lastResourceAnalyzedAt": "2024-02-15T21:51:56.517000+00:00", + "name": "ConsoleAnalyzer-organization", + "status": "ACTIVE", + "tags": { + "auto-delete": "no" + }, + "type": "ORGANIZATION" + }, + { + "arn": "arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account", + "createdAt": "2019-12-03T07:28:17+00:00", + "lastResourceAnalyzed": "arn:aws:sns:us-west-2:111122223333:config-topic", + "lastResourceAnalyzedAt": "2024-02-15T18:01:53.003000+00:00", + "name": "ConsoleAnalyzer-account", + "status": "ACTIVE", + "tags": { + "auto-delete": "no" + }, + "type": "ACCOUNT" + } + ] + } + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/list-archive-rules.rst b/awscli/examples/accessanalyzer/list-archive-rules.rst new file mode 100644 index 000000000000..10cdce8af385 --- /dev/null +++ b/awscli/examples/accessanalyzer/list-archive-rules.rst @@ -0,0 +1,44 @@ +**To retrieve a list of archive rules created for the specified analyzer** + +The following ``list-archive-rules`` example retrieves a list of archive rules created for the specified analyzer in your AWS account. :: + + aws accessanalyzer list-archive-rules \ + --analyzer-name UnusedAccess-ConsoleAnalyzer-organization + +Output:: + + { + "archiveRules": [ + { + "createdAt": "2024-02-15T00:49:27+00:00", + "filter": { + "resource": { + "contains": [ + "Cognito" + ] + }, + "resourceType": { + "eq": [ + "AWS::IAM::Role" + ] + } + }, + "ruleName": "MyArchiveRule", + "updatedAt": "2024-02-15T00:49:27+00:00" + }, + { + "createdAt": "2024-02-15T23:27:45+00:00", + "filter": { + "findingType": { + "eq": [ + "UnusedIAMUserAccessKey" + ] + } + }, + "ruleName": "ArchiveRule-56125a39-e517-4ff8-afb1-ef06f58db612", + "updatedAt": "2024-02-15T23:27:45+00:00" + } + ] + } + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/list-findings-v2.rst b/awscli/examples/accessanalyzer/list-findings-v2.rst new file mode 100644 index 000000000000..4d8fc92e0ac9 --- /dev/null +++ b/awscli/examples/accessanalyzer/list-findings-v2.rst @@ -0,0 +1,38 @@ +**To retrieve a list of findings generated by the specified analyzer** + +The following ``list-findings-v2`` example retrieves a list of findings generated by the specified analyzer in your AWS account. This example filters the results to include only IAM roles whose name contains ``Cognito``. :: + + aws accessanalyzer list-findings-v2 \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account \ + --filter '{"resource": {"contains": ["Cognito"]}, "resourceType": {"eq": ["AWS::IAM::Role"]}}' + +Output:: + + { + "findings": [ + { + "analyzedAt": "2024-02-16T18:17:47.888000+00:00", + "createdAt": "2021-02-26T21:17:24.710000+00:00", + "id": "597f3bc2-3adc-4c18-9879-5c4b23485e46", + "resource": "arn:aws:iam::111122223333:role/Cognito_testpoolUnauth_Role", + "resourceType": "AWS::IAM::Role", + "resourceOwnerAccount": "111122223333", + "status": "ACTIVE", + "updatedAt": "2021-02-26T21:17:24.710000+00:00", + "findingType": "ExternalAccess" + }, + { + "analyzedAt": "2024-02-16T18:17:47.888000+00:00", + "createdAt": "2021-02-26T21:17:50.905000+00:00", + "id": "ce0e221a-85b9-4d52-91ff-d7678075442f", + "resource": "arn:aws:iam::111122223333:role/Cognito_testpoolAuth_Role", + "resourceType": "AWS::IAM::Role", + "resourceOwnerAccount": "111122223333", + "status": "ACTIVE", + "updatedAt": "2021-02-26T21:17:50.905000+00:00", + "findingType": "ExternalAccess" + } + ] + } + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/list-findings.rst b/awscli/examples/accessanalyzer/list-findings.rst new file mode 100644 index 000000000000..fb0bb39fdf85 --- /dev/null +++ b/awscli/examples/accessanalyzer/list-findings.rst @@ -0,0 +1,56 @@ +**To retrieve a list of findings generated by the specified analyzer** + +The following ``list-findings`` example retrieves a list of findings generated by the specified analyzer in your AWS account. This example filters the results to include only IAM roles whose name contains ``Cognito``. :: + + aws accessanalyzer list-findings \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account \ + --filter '{"resource": {"contains": ["Cognito"]}, "resourceType": {"eq": ["AWS::IAM::Role"]}}' + +Output:: + + { + "findings": [ + { + "id": "597f3bc2-3adc-4c18-9879-5c4b23485e46", + "principal": { + "Federated": "cognito-identity.amazonaws.com" + }, + "action": [ + "sts:AssumeRoleWithWebIdentity" + ], + "resource": "arn:aws:iam::111122223333:role/Cognito_testpoolUnauth_Role", + "isPublic": false, + "resourceType": "AWS::IAM::Role", + "condition": { + "cognito-identity.amazonaws.com:aud": "us-west-2:EXAMPLE0-0000-0000-0000-000000000000" + }, + "createdAt": "2021-02-26T21:17:24.710000+00:00", + "analyzedAt": "2024-02-16T18:17:47.888000+00:00", + "updatedAt": "2021-02-26T21:17:24.710000+00:00", + "status": "ACTIVE", + "resourceOwnerAccount": "111122223333" + }, + { + "id": "ce0e221a-85b9-4d52-91ff-d7678075442f", + "principal": { + "Federated": "cognito-identity.amazonaws.com" + }, + "action": [ + "sts:AssumeRoleWithWebIdentity" + ], + "resource": "arn:aws:iam::111122223333:role/Cognito_testpoolAuth_Role", + "isPublic": false, + "resourceType": "AWS::IAM::Role", + "condition": { + "cognito-identity.amazonaws.com:aud": "us-west-2:EXAMPLE0-0000-0000-0000-000000000000" + }, + "createdAt": "2021-02-26T21:17:50.905000+00:00", + "analyzedAt": "2024-02-16T18:17:47.888000+00:00", + "updatedAt": "2021-02-26T21:17:50.905000+00:00", + "status": "ACTIVE", + "resourceOwnerAccount": "111122223333" + } + ] + } + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/list-policy-generations.rst b/awscli/examples/accessanalyzer/list-policy-generations.rst new file mode 100644 index 000000000000..dbc87c0279e2 --- /dev/null +++ b/awscli/examples/accessanalyzer/list-policy-generations.rst @@ -0,0 +1,28 @@ +**To list all of the policy generations requested in the last seven days** + +The following ``list-policy-generations`` example lists all of the policy generations requested in the last seven days in your AWS account. :: + + aws accessanalyzer list-policy-generations + +Output:: + + { + "policyGenerations": [ + { + "completedOn": "2024-02-14T23:43:38+00:00", + "jobId": "923a56b0-ebb8-4e80-8a3c-a11ccfbcd6f2", + "principalArn": "arn:aws:iam::111122223333:role/Admin", + "startedOn": "2024-02-14T23:43:02+00:00", + "status": "CANCELED" + }, + { + "completedOn": "2024-02-14T22:47:01+00:00", + "jobId": "c557dc4a-0338-4489-95dd-739014860ff9", + "principalArn": "arn:aws:iam::111122223333:role/Admin", + "startedOn": "2024-02-14T22:44:41+00:00", + "status": "SUCCEEDED" + } + ] + } + +For more information, see `IAM Access Analyzer policy generation `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/list-tags-for-resource.rst b/awscli/examples/accessanalyzer/list-tags-for-resource.rst new file mode 100644 index 000000000000..8223ecc0d11c --- /dev/null +++ b/awscli/examples/accessanalyzer/list-tags-for-resource.rst @@ -0,0 +1,17 @@ +**To retrieve a list of tags applied to the specified resource** + +The following ``list-tags-for-resource`` example retrieves a list of tags applied to the specified resource in your AWS account. :: + + aws accessanalyzer list-tags-for-resource \ + --resource-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account + +Output:: + + { + "tags": { + "Zone-of-trust": "Account", + "Name": "ConsoleAnalyzer" + } + } + +For more information, see `IAM Access Analyzer policy generation `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/start-policy-generation.rst b/awscli/examples/accessanalyzer/start-policy-generation.rst new file mode 100644 index 000000000000..29ccdcacbf1f --- /dev/null +++ b/awscli/examples/accessanalyzer/start-policy-generation.rst @@ -0,0 +1,28 @@ +**To start a policy generation request** + +The following ``start-policy-generation`` example starts a policy generation request in your AWS account. :: + + aws accessanalyzer start-policy-generation \ + --policy-generation-details '{"principalArn":"arn:aws:iam::111122223333:role/Admin"}' \ + --cloud-trail-details file://myfile.json + +Contents of ``myfile.json``:: + + { + "accessRole": "arn:aws:iam::111122223333:role/service-role/AccessAnalyzerMonitorServiceRole", + "startTime": "2024-02-13T00:30:00Z", + "trails": [ + { + "allRegions": true, + "cloudTrailArn": "arn:aws:cloudtrail:us-west-2:111122223333:trail/my-trail" + } + ] + } + +Output:: + + { + "jobId": "c557dc4a-0338-4489-95dd-739014860ff9" + } + +For more information, see `IAM Access Analyzer policy generation `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/start-resource-scan.rst b/awscli/examples/accessanalyzer/start-resource-scan.rst new file mode 100644 index 000000000000..25c9a496b9dd --- /dev/null +++ b/awscli/examples/accessanalyzer/start-resource-scan.rst @@ -0,0 +1,11 @@ +**To immediately start a scan of the policies applied to the specified resource** + +The following ``start-resource-scan`` example mmediately starts a scan of the policies applied to the specified resource in your AWS account. :: + + aws accessanalyzer start-resource-scan \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account \ + --resource-arn arn:aws:iam::111122223333:role/Cognito_testpoolAuth_Role + +This command produces no output. + +For more information, see `IAM Access Analyzer policy generation `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/tag-resource.rst b/awscli/examples/accessanalyzer/tag-resource.rst new file mode 100644 index 000000000000..0c3e66e2a7d2 --- /dev/null +++ b/awscli/examples/accessanalyzer/tag-resource.rst @@ -0,0 +1,11 @@ +**To add a tag to the specified resource** + +The following ``tag-resource`` example adds a tag to the specified resource in your AWS account. :: + + aws accessanalyzer tag-resource \ + --resource-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account \ + --tags Environment=dev,Purpose=testing + +This command produces no output. + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/untag-resource.rst b/awscli/examples/accessanalyzer/untag-resource.rst new file mode 100644 index 000000000000..4b371d1f316c --- /dev/null +++ b/awscli/examples/accessanalyzer/untag-resource.rst @@ -0,0 +1,11 @@ +**To remove tags from the specified resources** + +The following ``untag-resource`` example removes tags from the specified resource in your AWS account. :: + + aws accessanalyzer untag-resource \ + --resource-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/ConsoleAnalyzer-account \ + --tag-keys Environment Purpose + +This command produces no output. + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/update-archive-rule.rst b/awscli/examples/accessanalyzer/update-archive-rule.rst new file mode 100644 index 000000000000..9166288e154c --- /dev/null +++ b/awscli/examples/accessanalyzer/update-archive-rule.rst @@ -0,0 +1,12 @@ +**To update the criteria and values for the specified archive rule** + +The following ``update-archive-rule`` example updates the criteria and values for the specified archive rule in your AWS account. :: + + aws accessanalyzer update-archive-rule \ + --analyzer-name UnusedAccess-ConsoleAnalyzer-organization \ + --rule-name MyArchiveRule \ + --filter '{"resource": {"contains": ["Cognito"]}, "resourceType": {"eq": ["AWS::IAM::Role"]}}' + +This command produces no output. + +For more information, see `Archive rules `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/update-findings.rst b/awscli/examples/accessanalyzer/update-findings.rst new file mode 100644 index 000000000000..64984e2081a6 --- /dev/null +++ b/awscli/examples/accessanalyzer/update-findings.rst @@ -0,0 +1,12 @@ +**To update the status for the specified findings** + +The following ``update-findings`` example updates the status for the specified findings in your AWS account. :: + + aws accessanalyzer update-findings \ + --analyzer-arn arn:aws:access-analyzer:us-west-2:111122223333:analyzer/UnusedAccess-ConsoleAnalyzer-organization \ + --ids 4f319ac3-2e0c-4dc4-bf51-7013a086b6ae 780d586a-2cce-4f72-aff6-359d450e7500 \ + --status ARCHIVED + +This command produces no output. + +For more information, see `Using AWS Identity and Access Management Access Analyzer `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/accessanalyzer/validate-policy.rst b/awscli/examples/accessanalyzer/validate-policy.rst new file mode 100644 index 000000000000..7cefa55d91b0 --- /dev/null +++ b/awscli/examples/accessanalyzer/validate-policy.rst @@ -0,0 +1,204 @@ +**To request the validation of a policy and returns a list of findings** + +The following ``validate-policy`` example requests the validation of a policy and returns a list of findings. The policy in the example is a role trust policy for an Amazon Cognito role used for web identity federation. The findings generated from the trust policy relate to an empty ``Sid`` element value and a mismatched policy principal due to the incorrect assume role action being used, ``sts:AssumeRole``. The correct assume role action for use with Cognito is ``sts:AssumeRoleWithWebIdentity``. :: + + aws accessanalyzer validate-policy \ + --policy-document file://myfile.json \ + --policy-type RESOURCE_POLICY + +Contents of ``myfile.json``:: + + { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "", + "Effect": "Allow", + "Principal": { + "Federated": "cognito-identity.amazonaws.com" + }, + "Action": [ + "sts:AssumeRole", + "sts:TagSession" + ], + "Condition": { + "StringEquals": { + "cognito-identity.amazonaws.com:aud": "us-west-2_EXAMPLE" + } + } + } + ] + } + +Output:: + + { + "findings": [ + { + "findingDetails": "Add a value to the empty string in the Sid element.", + "findingType": "SUGGESTION", + "issueCode": "EMPTY_SID_VALUE", + "learnMoreLink": "https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-suggestion-empty-sid-value", + "locations": [ + { + "path": [ + { + "value": "Statement" + }, + { + "index": 0 + }, + { + "value": "Sid" + } + ], + "span": { + "end": { + "column": 21, + "line": 5, + "offset": 81 + }, + "start": { + "column": 19, + "line": 5, + "offset": 79 + } + } + } + ] + }, + { + "findingDetails": "The sts:AssumeRole action is invalid with the following principal(s): cognito-identity.amazonaws.com. Use a SAML provider principal with the sts:AssumeRoleWithSAML action or use an OIDC provider principal with the sts:AssumeRoleWithWebIdentity action. Ensure the provider is Federated if you use either of the two options.", + "findingType": "ERROR", + "issueCode": "MISMATCHED_ACTION_FOR_PRINCIPAL", + "learnMoreLink": "https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-error-mismatched-action-for-principal", + "locations": [ + { + "path": [ + { + "value": "Statement" + }, + { + "index": 0 + }, + { + "value": "Action" + }, + { + "index": 0 + } + ], + "span": { + "end": { + "column": 32, + "line": 11, + "offset": 274 + }, + "start": { + "column": 16, + "line": 11, + "offset": 258 + } + } + }, + { + "path": [ + { + "value": "Statement" + }, + { + "index": 0 + }, + { + "value": "Principal" + }, + { + "value": "Federated" + } + ], + "span": { + "end": { + "column": 61, + "line": 8, + "offset": 202 + }, + "start": { + "column": 29, + "line": 8, + "offset": 170 + } + } + } + ] + }, + { + "findingDetails": "The following actions: sts:TagSession are not supported by the condition key cognito-identity.amazonaws.com:aud. The condition will not be evaluated for these actions. We recommend that you move these actions to a different statement without this condition key.", + "findingType": "ERROR", + "issueCode": "UNSUPPORTED_ACTION_FOR_CONDITION_KEY", + "learnMoreLink": "https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-reference-policy-checks.html#access-analyzer-reference-policy-checks-error-unsupported-action-for-condition-key", + "locations": [ + { + "path": [ + { + "value": "Statement" + }, + { + "index": 0 + }, + { + "value": "Action" + }, + { + "index": 1 + } + ], + "span": { + "end": { + "column": 32, + "line": 12, + "offset": 308 + }, + "start": { + "column": 16, + "line": 12, + "offset": 292 + } + } + }, + { + "path": [ + { + "value": "Statement" + }, + { + "index": 0 + }, + { + "value": "Condition" + }, + { + "value": "StringEquals" + }, + { + "value": "cognito-identity.amazonaws.com:aud" + } + ], + "span": { + "end": { + "column": 79, + "line": 16, + "offset": 464 + }, + "start": { + "column": 58, + "line": 16, + "offset": 443 + } + } + } + ] + } + ] + } + +For more information, see `Checks for validating policies `__ in the *AWS IAM User Guide*. diff --git a/awscli/examples/alexaforbusiness/create-network-profile.rst b/awscli/examples/alexaforbusiness/create-network-profile.rst deleted file mode 100755 index c8f8b40a61ce..000000000000 --- a/awscli/examples/alexaforbusiness/create-network-profile.rst +++ /dev/null @@ -1,17 +0,0 @@ -**To create a network profile** - -The following ``create-network-profile`` example creates a network profile with the specified details. :: - - aws alexaforbusiness create-network-profile \ - --network-profile-name Network123 \ - --ssid Janenetwork \ - --security-type WPA2_PSK \ - --current-password 12345 - -Output:: - - { - "NetworkProfileArn": "arn:aws:a4b:us-east-1:123456789012:network-profile/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222" - } - -For more information, see `Managing Network Profiles `__ in the *Alexa for Business Administration Guide*. diff --git a/awscli/examples/alexaforbusiness/delete-network-profile.rst b/awscli/examples/alexaforbusiness/delete-network-profile.rst deleted file mode 100755 index 902055d55cfa..000000000000 --- a/awscli/examples/alexaforbusiness/delete-network-profile.rst +++ /dev/null @@ -1,10 +0,0 @@ -**To delete a network profile** - -The following ``delete-network-profile`` example deletes the specified network profile. :: - - aws alexaforbusiness delete-network-profile \ - --network-profile-arn arn:aws:a4b:us-east-1:123456789012:network-profile/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222 - -This command produces no output. - -For more information, see `Managing Network Profiles `__ in the *Alexa for Business Administration Guide*. diff --git a/awscli/examples/alexaforbusiness/get-network-profile.rst b/awscli/examples/alexaforbusiness/get-network-profile.rst deleted file mode 100755 index 56f779c8f356..000000000000 --- a/awscli/examples/alexaforbusiness/get-network-profile.rst +++ /dev/null @@ -1,20 +0,0 @@ -**To get network profile details** - -The following ``get-network-profile`` example retrieves details of the specified network profile. :: - - aws alexaforbusiness get-network-profile \ - --network-profile-arn arn:aws:a4b:us-east-1:123456789012:network-profile/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 - -Output:: - - { - "NetworkProfile": { - "NetworkProfileArn": "arn:aws:a4b:us-east-1:123456789012:network-profile/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222", - "NetworkProfileName": "Networkprofile", - "Ssid": "Janenetwork", - "SecurityType": "WPA2_PSK", - "CurrentPassword": "12345" - } - } - -For more information, see `Managing Network Profiles `__ in the *Alexa for Business Administration Guide*. diff --git a/awscli/examples/alexaforbusiness/search-network-profiles.rst b/awscli/examples/alexaforbusiness/search-network-profiles.rst deleted file mode 100755 index 107afd2a7ca0..000000000000 --- a/awscli/examples/alexaforbusiness/search-network-profiles.rst +++ /dev/null @@ -1,34 +0,0 @@ -**To search network profiles** - -The following ``search-network-profiles`` example lists network profiles that meet a set of filter and sort criteria. In this example, all profiles are listed. :: - - aws alexaforbusiness search-network-profiles - -Output:: - - { - "NetworkProfiles": [ - { - "NetworkProfileArn": "arn:aws:a4b:us-east-1:123456789111:network-profile/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333", - "NetworkProfileName": "Networkprofile1", - "Description": "Personal network", - "Ssid": "Janenetwork", - "SecurityType": "WPA2_PSK" - }, - { - "NetworkProfileArn": "arn:aws:a4b:us-east-1:123456789222:network-profile/a1b2c3d4-5678-90ab-cdef-EXAMPLE44444/a1b2c3d4-5678-90ab-cdef-EXAMPLE55555", - "NetworkProfileName": "Networkprofile2", - "Ssid": "Johnnetwork", - "SecurityType": "WPA2_PSK" - }, - { - "NetworkProfileArn": "arn:aws:a4b:us-east-1:123456789333:network-profile/a1b2c3d4-5678-90ab-cdef-EXAMPLE66666/a1b2c3d4-5678-90ab-cdef-EXAMPLE77777", - "NetworkProfileName": "Networkprofile3", - "Ssid": "Carlosnetwork", - "SecurityType": "WPA2_PSK" - } - ], - "TotalCount": 3 - } - -For more information, see `Managing Network Profiles `__ in the *Alexa for Business Administration Guide*. diff --git a/awscli/examples/alexaforbusiness/update-network-profile.rst b/awscli/examples/alexaforbusiness/update-network-profile.rst deleted file mode 100755 index 0a8f62faf56a..000000000000 --- a/awscli/examples/alexaforbusiness/update-network-profile.rst +++ /dev/null @@ -1,11 +0,0 @@ -**To update a network profile** - -The following ``update-network-profile`` example updates the specified network profile by using the network profile ARN. :: - - aws alexaforbusiness update-network-profile \ - --network-profile-arn arn:aws:a4b:us-east-1:123456789012:network-profile/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 \ - --network-profile-name Networkprofile - -This command produces no output. - -For more information, see `Managing Network Profiles `__ in the *Alexa for Business Administration Guide*. diff --git a/awscli/examples/apigateway/create-authorizer.rst b/awscli/examples/apigateway/create-authorizer.rst index c65cb2714068..de2e6c179445 100644 --- a/awscli/examples/apigateway/create-authorizer.rst +++ b/awscli/examples/apigateway/create-authorizer.rst @@ -1,8 +1,14 @@ -**To create a token based API Gateway Custom Authorizer for the API** +**Example 1: To create a token-based API Gateway Custom Authorizer for the API** -Command:: +The following ``create-authorizer`` example creates a token-based authorizer. :: - aws apigateway create-authorizer --rest-api-id 1234123412 --name 'First_Token_Custom_Authorizer' --type TOKEN --authorizer-uri 'arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:123412341234:function:customAuthFunction/invocations' --identity-source 'method.request.header.Authorization' --authorizer-result-ttl-in-seconds 300 + aws apigateway create-authorizer \ + --rest-api-id 1234123412 \ + --name 'First_Token_Custom_Authorizer' \ + --type TOKEN \ + --authorizer-uri 'arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:123412341234:function:customAuthFunction/invocations' \ + --identity-source 'method.request.header.Authorization' \ + --authorizer-result-ttl-in-seconds 300 Output:: @@ -16,11 +22,16 @@ Output:: "id": "z40xj0" } -**To create a Cognito User Pools based API Gateway Custom Authorizer for the API** +**Example 2: To create a Cognito User Pools based API Gateway Custom Authorizer for the API** -Command:: +The following ``create-authorizer`` example creates a Cognito User Pools based API Gateway Custom Authorizer. :: - aws apigateway create-authorizer --rest-api-id 1234123412 --name 'First_Cognito_Custom_Authorizer' --type COGNITO_USER_POOLS --provider-arns 'arn:aws:cognito-idp:us-east-1:123412341234:userpool/us-east-1_aWcZeQbuD' --identity-source 'method.request.header.Authorization' + aws apigateway create-authorizer \ + --rest-api-id 1234123412 \ + --name 'First_Cognito_Custom_Authorizer' \ + --type COGNITO_USER_POOLS \ + --provider-arns 'arn:aws:cognito-idp:us-east-1:123412341234:userpool/us-east-1_aWcZeQbuD' \ + --identity-source 'method.request.header.Authorization' Output:: @@ -34,3 +45,27 @@ Output:: "type": "COGNITO_USER_POOLS", "id": "5yid1t" } + +**Example 3: To create a request-based API Gateway Custom Authorizer for the API** + +The following ``create-authorizer`` example creates a request-based authorizer. :: + + aws apigateway create-authorizer \ + --rest-api-id 1234123412 \ + --name 'First_Request_Custom_Authorizer' \ + --type REQUEST \ + --authorizer-uri 'arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:123412341234:function:customAuthFunction/invocations' \ + --identity-source 'method.request.header.Authorization,context.accountId' \ + --authorizer-result-ttl-in-seconds 300 + +Output:: + + { + "id": "z40xj0", + "name": "First_Request_Custom_Authorizer", + "type": "REQUEST", + "authType": "custom", + "authorizerUri": "arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:123412341234:function:customAuthFunction/invocations", + "identitySource": "method.request.header.Authorization,context.accountId", + "authorizerResultTtlInSeconds": 300 + } \ No newline at end of file diff --git a/awscli/examples/apigateway/create-domain-name-access-association.rst b/awscli/examples/apigateway/create-domain-name-access-association.rst new file mode 100644 index 000000000000..6f09062431a7 --- /dev/null +++ b/awscli/examples/apigateway/create-domain-name-access-association.rst @@ -0,0 +1,19 @@ +**To create a domain name access association** + +The following ``create-domain-name-access-association`` example creates a domain name access association between a private custom domain name and VPC endpoint. :: + + aws apigateway create-domain-name-access-association \ + --domain-name-arn arn:aws:apigateway:us-west-2:111122223333:/domainnames/my.private.domain.tld+abcd1234 \ + --access-association-source vpce-abcd1234efg \ + --access-association-source-type VPCE + +Output:: + + { + "domainNameAccessAssociationArn": "arn:aws:apigateway:us-west-2:012345678910:/domainnameaccessassociations/domainname/my.private.domain.tld/vpcesource/vpce-abcd1234efg + "accessAssociationSource": "vpce-abcd1234efg", + "accessAssociationSourceType": "VPCE", + "domainNameArn" : "arn:aws:apigateway:us-west-2:111122223333:/domainnames/private.example.com+abcd1234" + } + +For more information, see `Custom domain names for private APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. diff --git a/awscli/examples/apigateway/create-domain-name.rst b/awscli/examples/apigateway/create-domain-name.rst index 96f62d02f541..9970cbf30c25 100644 --- a/awscli/examples/apigateway/create-domain-name.rst +++ b/awscli/examples/apigateway/create-domain-name.rst @@ -1,5 +1,89 @@ -**To create the custom domain name** +**Example 1: To create a public custom domain name** -Command:: +The following ``create-domain-name`` example creates a public custom domain name. :: - aws apigateway create-domain-name --domain-name 'my.domain.tld' --certificate-name 'my.domain.tld cert' --certificate-arn 'arn:aws:acm:us-east-1:012345678910:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3' + aws apigateway create-domain-name \ + --domain-name 'my.domain.tld' \ + --certificate-name 'my.domain.tld cert'\ + --certificate-arn 'arn:aws:acm:us-east-1:012345678910:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3' + +Output:: + + { + "domainName": "my.domain.tld", + "certificateName": "my.domain.tld cert", + "certificateArn": "arn:aws:acm:us-east-1:012345678910:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3", + "certificateUploadDate": "2024-10-08T11:29:49-07:00", + "distributionDomainName": "abcd1234.cloudfront.net", + "distributionHostedZoneId": "Z2FDTNDATAQYW2", + "endpointConfiguration": { + "types": [ + "EDGE" + ] + }, + "domainNameStatus": "AVAILABLE", + "securityPolicy": "TLS_1_2" + } + +For more information, see `Custom domain name for public REST APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. + +**Example 2: To create a private custom domain name** + +The following ``create-domain-name`` example creates a private custom domain name. :: + + aws apigateway create-domain-name \ + --domain-name 'my.private.domain.tld' \ + --certificate-name 'my.domain.tld cert' \ + --certificate-arn 'arn:aws:acm:us-east-1:012345678910:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3' \ + --endpoint-configuration '{"types": ["PRIVATE"]}' \ + --security-policy 'TLS_1_2' \ + --policy file://policy.json + +Contents of ``policy.json``:: + + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": "*", + "Action": "execute-api:Invoke", + "Resource": [ + "execute-api:/*" + ] + }, + { + "Effect": "Deny", + "Principal": "*", + "Action": "execute-api:Invoke", + "Resource": [ + "execute-api:/*" + ], + "Condition" : { + "StringNotEquals": { + "aws:SourceVpce": "vpce-abcd1234efg" + } + } + } + ] + } + +Output:: + + { + "domainName": "my.private.domain.tld", + "domainNameId": "abcd1234", + "domainNameArn": "arn:aws:apigateway:us-east-1:012345678910:/domainnames/my.private.domain.tld+abcd1234", + "certificateArn": "arn:aws:acm:us-east-1:012345678910:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3", + "certificateUploadDate": "2024-09-10T10:31:20-07:00", + "endpointConfiguration": { + "types": [ + "PRIVATE" + ] + }, + "domainNameStatus": "AVAILABLE", + "securityPolicy": "TLS_1_2", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"execute-api:Invoke\",\"Resource\":\"arn:aws:execute-api:us-east-1:012345678910:/domainnames/my.private.domain.tld+abcd1234\"},{\"Effect\":\"Deny\",\"Principal\":\"*\",\"Action\":\"execute-api:Invoke\",\"Resource\":\"arn:aws:execute-api:us-east-1:012345678910:/domainnames/my.private.domain.tld+abcd1234\",\"Condition\":{\"StringNotEquals\":{\"aws:SourceVpc\":\"vpc-1a2b3c4d\"}}}]}" + } + +For more information, see `Custom domain name for public REST APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. diff --git a/awscli/examples/apigateway/delete-domain-name-access-association.rst b/awscli/examples/apigateway/delete-domain-name-access-association.rst new file mode 100644 index 000000000000..a958eff6dd5b --- /dev/null +++ b/awscli/examples/apigateway/delete-domain-name-access-association.rst @@ -0,0 +1,10 @@ +**To delete a domain name access association** + +The following ``delete-domain-name-access-association`` example deletes a domain name access association between a private custom domain name and VPC endpoint. :: + + aws apigateway delete-domain-name-access-association \ + --domain-name-access-association-arn arn:aws:apigateway:us-west-2:012345678910:/domainnameaccessassociations/domainname/my.private.domain.tld/vpcesource/vpce-abcd1234efg + +This command produces no output. + +For more information, see `Custom domain names for private APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. diff --git a/awscli/examples/apigateway/flush-stage-cache.rst b/awscli/examples/apigateway/flush-stage-cache.rst index 3fdae72763f1..57bd049418c6 100644 --- a/awscli/examples/apigateway/flush-stage-cache.rst +++ b/awscli/examples/apigateway/flush-stage-cache.rst @@ -1,5 +1,11 @@ **To flush the cache for an API's stage** -Command:: +The following ``flush-stage-cache`` example flushes the cache of a stage. :: - aws apigateway flush-stage-cache --rest-api-id 1234123412 --stage-name dev + aws apigateway flush-stage-cache \ + --rest-api-id 1234123412 \ + --stage-name dev + +This command produces no output. + +For more information, see `Flush the API stage cache in API Gateway `_ in the *Amazon API Gateway Developer Guide*. diff --git a/awscli/examples/apigateway/get-domain-name-access-associations.rst b/awscli/examples/apigateway/get-domain-name-access-associations.rst new file mode 100644 index 000000000000..a0954fc9f7e8 --- /dev/null +++ b/awscli/examples/apigateway/get-domain-name-access-associations.rst @@ -0,0 +1,42 @@ +**Example 1: To list all domain name access associations** + +The following ``get-domain-name-access-associations`` example lists all domain name access associations. :: + + aws apigateway get-domain-name-access-associations + +Output:: + + { + "items": [ + { + "domainNameAccessAssociationArn": "arn:aws:apigateway:us-west-2:012345678910:/domainnameaccessassociations/domainname/my.private.domain.tld/vpcesource/vpce-abcd1234efg + "accessAssociationSource": "vpce-abcd1234efg", + "accessAssociationSourceType": "VPCE", + "domainNameArn" : "arn:aws:apigateway:us-west-2:111122223333:/domainnames/private.example.com+abcd1234" + } + ] + } + +For more information, see `Custom domain names for private APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. + +**Example 2: To list all domain name access associations owned by this AWS account** + +The following ``get-domain-name-access-associations`` example lists all the domain name access associations owned by the current AWS account. :: + + aws apigateway get-domain-name-access-associations \ + --resource-owner SELF + +Output:: + + { + "items": [ + { + "domainNameAccessAssociationArn": "arn:aws:apigateway:us-west-2:012345678910:/domainnameaccessassociations/domainname/my.private.domain.tld/vpcesource/vpce-abcd1234efg + "accessAssociationSource": "vpce-abcd1234efg", + "accessAssociationSourceType": "VPCE", + "domainNameArn" : "arn:aws:apigateway:us-west-2:111122223333:/domainnames/private.example.com+abcd1234" + } + ] + } + +For more information, see `Custom domain names for private APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. diff --git a/awscli/examples/apigateway/get-domain-name.rst b/awscli/examples/apigateway/get-domain-name.rst index ac87fd04f646..0a53f006c23a 100644 --- a/awscli/examples/apigateway/get-domain-name.rst +++ b/awscli/examples/apigateway/get-domain-name.rst @@ -1,14 +1,45 @@ -**To get information about a custom domain name** +**Example 1: To get information about a public custom domain name** -Command:: +The following ``get-domain-name`` example gets information about a public custom domain name. :: - aws apigateway get-domain-name --domain-name api.domain.tld + aws apigateway get-domain-name \ + --domain-name api.domain.tld Output:: - { - "domainName": "api.domain.tld", - "distributionDomainName": "d1a2f3a4c5o6d.cloudfront.net", - "certificateName": "uploadedCertificate", - "certificateUploadDate": 1462565487 - } + { + "domainName": "api.domain.tld", + "distributionDomainName": "d1a2f3a4c5o6d.cloudfront.net", + "certificateName": "uploadedCertificate", + "certificateUploadDate": 1462565487 + } + +For more information, see `Custom domain name for public REST APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. + +**Example 2: To get information about a private custom domain name** + +The following ``get-domain-name`` example gets information about a private custom domain name. :: + + aws apigateway get-domain-name \ + --domain-name api.private.domain.tld \ + --domain-name-id abcd1234 + +Output:: + + { + "domainName": "my.private.domain.tld", + "domainNameId": "abcd1234", + "domainNameArn": "arn:aws:apigateway:us-east-1:012345678910:/domainnames/my.private.domain.tld+abcd1234", + "certificateArn": "arn:aws:acm:us-east-1:012345678910:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3", + "certificateUploadDate": "2024-09-10T10:31:20-07:00", + "endpointConfiguration": { + "types": [ + "PRIVATE" + ] + }, + "domainNameStatus": "AVAILABLE", + "securityPolicy": "TLS_1_2", + "policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"execute-api:Invoke\",\"Resource\":\"arn:aws:execute-api:us-east-1:012345678910:/domainnames/my.private.domain.tld+abcd1234\"},{\"Effect\":\"Deny\",\"Principal\":\"*\",\"Action\":\"execute-api:Invoke\",\"Resource\":\"arn:aws:execute-api:us-east-1:012345678910:/domainnames/my.private.domain.tld+abcd1234\",\"Condition\":{\"StringNotEquals\":{\"aws:SourceVpc\":\"vpc-1a2b3c4d\"}}}]}" + } + +For more information, see `Custom domain name for public REST APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. diff --git a/awscli/examples/apigateway/get-domain-names.rst b/awscli/examples/apigateway/get-domain-names.rst index b3d2b4a33e2f..fe6444fe6820 100644 --- a/awscli/examples/apigateway/get-domain-names.rst +++ b/awscli/examples/apigateway/get-domain-names.rst @@ -1,18 +1,86 @@ -**To get a list of custom domain names** +**Example 1: To get a list of custom domain names** -Command:: +The following ``get-domain-names`` command gets a list of domain names. :: - aws apigateway get-domain-names + aws apigateway get-domain-names Output:: - { - "items": [ - { - "distributionDomainName": "d9511k3l09bkd.cloudfront.net", - "certificateUploadDate": 1452812505, - "certificateName": "my_custom_domain-certificate", - "domainName": "subdomain.domain.tld" - } - ] - } + { + "items": [ + { + "distributionDomainName": "d9511k3l09bkd.cloudfront.net", + "certificateUploadDate": 1452812505, + "certificateName": "my_custom_domain-certificate", + "domainName": "subdomain.domain.tld" + } + ] + } + +For more information, see `Custom domain names for private APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. + +**Example 2: To get a list of custom domain names owned by this AWS account** + +The following ``get-domain-names`` command gets a list of domain names owned by this AWS account. :: + + aws apigateway get-domain-names \ + --resource-owner SELF + +Output:: + + { + "items": [ + { + "domainName": "my.domain.tld", + "domainNameArn": "arn:aws:apigateway:us-east-1::/domainnames/my.private.domain.tld", + "certificateUploadDate": "2024-08-15T17:02:55-07:00", + "regionalDomainName": "d-abcd1234.execute-api.us-east-1.amazonaws.com", + "regionalHostedZoneId": "Z1UJRXOUMOOFQ8", + "regionalCertificateArn": "arn:aws:acm:us-east-1:012345678910:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3", + "endpointConfiguration": { + "types": [ + "REGIONAL" + ] + }, + "domainNameStatus": "AVAILABLE", + "securityPolicy": "TLS_1_2" + }, + { + "domainName": "my.private.domain.tld", + "domainNameId": "abcd1234", + "domainNameArn": "arn:aws:apigateway:us-east-1:012345678910:/domainnames/my.private.domain.tld+abcd1234", + "certificateArn": "arn:aws:acm:us-east-1:012345678910:certificate/fb1b9770-a305-495d-aefb-27e5e101ff3", + "certificateUploadDate": "2024-11-26T11:44:40-08:00", + "endpointConfiguration": { + "types": [ + "PRIVATE" + ] + }, + "domainNameStatus": "AVAILABLE", + "securityPolicy": "TLS_1_2" + } + ] + } + +For more information, see `Custom domain names for private APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. + +**Example 3: To get a list of custom domain names owned by other AWS accounts that you can create a domain name access association with.** + +The following ``get-domain-names`` command gets a list of domain names owned by other AWS accounts that you have access to create a domain name access association with. :: + + aws apigateway get-domain-names \ + --resource-owner OTHER_ACCOUNTS + +Output:: + + { + "items": [ + { + "domainName": "my.private.domain.tld", + "domainNameId": "abcd1234", + "domainNameArn": "arn:aws:apigateway:us-east-1:012345678910:/domainnames/my.private.domain.tld+abcd1234" + } + ] + } + +For more information, see `Custom domain names for private APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/apigateway/reject-domain-name-access-association.rst b/awscli/examples/apigateway/reject-domain-name-access-association.rst new file mode 100644 index 000000000000..2c8b3f983ea8 --- /dev/null +++ b/awscli/examples/apigateway/reject-domain-name-access-association.rst @@ -0,0 +1,11 @@ +**To reject a domain name access association** + +The following ``reject-domain-name-access-association`` example rejects a domain name access association between a private custom domain name and VPC endpoint. :: + + aws apigateway reject-domain-name-access-association \ + --domain-name-access-association-arn arn:aws:apigateway:us-west-2:012345678910:/domainnameaccessassociations/domainname/my.private.domain.tld/vpcesource/vpce-abcd1234efg \ + --domain-name-arn arn:aws:apigateway:us-east-1:012345678910:/domainnames/my.private.domain.tld+abcd1234 + +This command produces no output. + +For more information, see `Custom domain names for private APIs in API Gateway `__ in the *Amazon API Gateway Developer Guide*. diff --git a/awscli/examples/apigatewayv2/delete-access-log-settings.rst b/awscli/examples/apigatewayv2/delete-access-log-settings.rst index de19c1d281c3..f6f897078a61 100644 --- a/awscli/examples/apigatewayv2/delete-access-log-settings.rst +++ b/awscli/examples/apigatewayv2/delete-access-log-settings.rst @@ -1,11 +1,11 @@ -**To disable access logging for an API** - -The following ``delete-access-log-settings`` example deletes the access log settings for the ``$default`` stage of an API. To disable access logging for a stage, delete its access log settings. :: - - aws apigatewayv2 delete-access-log-settings \ - --api-id a1b2c3d4 \ - --stage-name '$default' - -This command produces no output. - -For more information, see `Configuring logging for an HTTP API `__ in the *Amazon API Gateway Developer Guide*. +**To disable access logging for an API** + +The following ``delete-access-log-settings`` example deletes the access log settings for the ``$default`` stage of an API. To disable access logging for a stage, delete its access log settings. :: + + aws apigatewayv2 delete-access-log-settings \ + --api-id a1b2c3d4 \ + --stage-name '$default' + +This command produces no output. + +For more information, see `Configuring logging for an HTTP API `__ in the *Amazon API Gateway Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/athena/batch-get-query-execution.rst b/awscli/examples/athena/batch-get-query-execution.rst index 39ff3a295984..e42c36633438 100644 --- a/awscli/examples/athena/batch-get-query-execution.rst +++ b/awscli/examples/athena/batch-get-query-execution.rst @@ -14,7 +14,7 @@ Output:: "Query": "create database if not exists webdata", "StatementType": "DDL", "ResultConfiguration": { - "OutputLocation": "s3://awsdoc-example-bucket/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111.txt" + "OutputLocation": "s3://amzn-s3-demo-bucket/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111.txt" }, "QueryExecutionContext": {}, "Status": { @@ -38,7 +38,7 @@ Output:: "Query": "select date, location, browser, uri, status from cloudfront_logs where method = 'GET' and status = 200 and location like 'SFO%' limit 10", "StatementType": "DML", "ResultConfiguration": { - "OutputLocation": "s3://awsdoc-example-bucket/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222.csv" + "OutputLocation": "s3://amzn-s3-demo-bucket/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222.csv" }, "QueryExecutionContext": { "Database": "mydatabase", @@ -62,4 +62,4 @@ Output:: "UnprocessedQueryExecutionIds": [] } -For more information, see `Running SQL Queries Using Amazon Athena `__ in the *Amazon Athena User Guide*. \ No newline at end of file +For more information, see `Running SQL Queries Using Amazon Athena `__ in the *Amazon Athena User Guide*. diff --git a/awscli/examples/athena/create-work-group.rst b/awscli/examples/athena/create-work-group.rst index 14cd639e6861..5ecd82e91267 100644 --- a/awscli/examples/athena/create-work-group.rst +++ b/awscli/examples/athena/create-work-group.rst @@ -1,13 +1,13 @@ **To create a workgroup** -The following ``create-work-group`` example creates a workgroup called ``Data_Analyst_Group`` that has the query results output location ``s3://awsdoc-example-bucket``. The command creates a workgroup that overrides client configuration settings, which includes the query results output location. The command also enables CloudWatch metrics and adds three key-value tag pairs to the workgroup to distinguish it from other workgroups. Note that the ``--configuration`` argument has no spaces before the commas that separate its options. :: +The following ``create-work-group`` example creates a workgroup called ``Data_Analyst_Group`` that has the query results output location ``s3://amzn-s3-demo-bucket``. The command creates a workgroup that overrides client configuration settings, which includes the query results output location. The command also enables CloudWatch metrics and adds three key-value tag pairs to the workgroup to distinguish it from other workgroups. Note that the ``--configuration`` argument has no spaces before the commas that separate its options. :: aws athena create-work-group \ --name Data_Analyst_Group \ - --configuration ResultConfiguration={OutputLocation="s3://awsdoc-example-bucket"},EnforceWorkGroupConfiguration="true",PublishCloudWatchMetricsEnabled="true" \ + --configuration ResultConfiguration={OutputLocation="s3://amzn-s3-demo-bucket"},EnforceWorkGroupConfiguration="true",PublishCloudWatchMetricsEnabled="true" \ --description "Workgroup for data analysts" \ --tags Key=Division,Value=West Key=Location,Value=Seattle Key=Team,Value="Big Data" This command produces no output. To see the results, use ``aws athena get-work-group --work-group Data_Analyst_Group``. -For more information, see `Managing Workgroups `__ in the *Amazon Athena User Guide*. \ No newline at end of file +For more information, see `Managing Workgroups `__ in the *Amazon Athena User Guide*. diff --git a/awscli/examples/athena/get-query-execution.rst b/awscli/examples/athena/get-query-execution.rst index b409a4e9b44a..3b68fd274210 100644 --- a/awscli/examples/athena/get-query-execution.rst +++ b/awscli/examples/athena/get-query-execution.rst @@ -14,7 +14,7 @@ Output:: ' and status = 200 and location like 'SFO%' limit 10", "StatementType": "DML", "ResultConfiguration": { - "OutputLocation": "s3://awsdoc-example-bucket/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111.csv" + "OutputLocation": "s3://amzn-s3-demo-bucket/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111.csv" }, "QueryExecutionContext": { "Database": "mydatabase", @@ -36,4 +36,4 @@ Output:: } } -For more information, see `Running SQL Queries Using Amazon Athena `__ in the *Amazon Athena User Guide*. \ No newline at end of file +For more information, see `Running SQL Queries Using Amazon Athena `__ in the *Amazon Athena User Guide*. diff --git a/awscli/examples/athena/get-table-metadata.rst b/awscli/examples/athena/get-table-metadata.rst index a377298ea388..c690d8580cce 100644 --- a/awscli/examples/athena/get-table-metadata.rst +++ b/awscli/examples/athena/get-table-metadata.rst @@ -41,7 +41,7 @@ Output:: "Parameters": { "EXTERNAL": "TRUE", "inputformat": "com.esri.json.hadoop.EnclosedJsonInputFormat", - "location": "s3://awsdoc-example-bucket/json", + "location": "s3://amzn-s3-demo-bucket/json", "outputformat": "org.apache.hadoop.hive.ql.io.HiveIgnoreKeyTextOutputFormat", "serde.param.serialization.format": "1", "serde.serialization.lib": "com.esri.hadoop.hive.serde.JsonSerde", @@ -50,4 +50,4 @@ Output:: } } -For more information, see `Showing Table Details: get-table-metadata `__ in the *Amazon Athena User Guide*. \ No newline at end of file +For more information, see `Showing Table Details: get-table-metadata `__ in the *Amazon Athena User Guide*. diff --git a/awscli/examples/athena/get-work-group.rst b/awscli/examples/athena/get-work-group.rst index 469f1f859b25..77d07aaf33d6 100644 --- a/awscli/examples/athena/get-work-group.rst +++ b/awscli/examples/athena/get-work-group.rst @@ -13,7 +13,7 @@ Output:: "State": "ENABLED", "Configuration": { "ResultConfiguration": { - "OutputLocation": "s3://awsdoc-example-bucket/" + "OutputLocation": "s3://amzn-s3-demo-bucket/" }, "EnforceWorkGroupConfiguration": false, "PublishCloudWatchMetricsEnabled": true, @@ -24,4 +24,4 @@ Output:: } } -For more information, see `Managing Workgroups `__ in the *Amazon Athena User Guide*. \ No newline at end of file +For more information, see `Managing Workgroups `__ in the *Amazon Athena User Guide*. diff --git a/awscli/examples/athena/list-table-metadata.rst b/awscli/examples/athena/list-table-metadata.rst index 7f602cb40918..56bd18d51dcd 100644 --- a/awscli/examples/athena/list-table-metadata.rst +++ b/awscli/examples/athena/list-table-metadata.rst @@ -54,7 +54,7 @@ Output:: "delimiter": ",", "has_encrypted_data": "false", "inputformat": "org.apache.hadoop.mapred.TextInputFormat", - "location": "s3://awsdoc-example-bucket/csv/countrycode", + "location": "s3://amzn-s3-demo-bucket/csv/countrycode", "outputformat": "org.apache.hadoop.hive.ql.io.HiveIgnoreKeyTextOutputFormat", "serde.param.field.delim": ",", "serde.serialization.lib": "org.apache.hadoop.hive.serde2.lazy.LazySimpleSerDe", @@ -102,7 +102,7 @@ Output:: "delimiter": ",", "has_encrypted_data": "false", "inputformat": "org.apache.hadoop.mapred.TextInputFormat", - "location": "s3://awsdoc-example-bucket/csv/CountyPopulation", + "location": "s3://amzn-s3-demo-bucket/csv/CountyPopulation", "outputformat": "org.apache.hadoop.hive.ql.io.HiveIgnoreKeyTextOutputFormat", "serde.param.field.delim": ",", "serde.serialization.lib": "org.apache.hadoop.hive.serde2.lazy.LazySimpleSerDe", diff --git a/awscli/examples/autoscaling/describe-auto-scaling-groups.rst b/awscli/examples/autoscaling/describe-auto-scaling-groups.rst index 324b256f179d..2b45661175f4 100644 --- a/awscli/examples/autoscaling/describe-auto-scaling-groups.rst +++ b/awscli/examples/autoscaling/describe-auto-scaling-groups.rst @@ -3,7 +3,7 @@ This example describes the specified Auto Scaling group. :: aws autoscaling describe-auto-scaling-groups \ - --auto-scaling-group-name my-asg + --auto-scaling-group-names my-asg Output:: @@ -45,16 +45,17 @@ Output:: } } ], - "CreatedTime": "2020-10-28T02:39:22.152Z", - "VPCZoneIdentifier": "subnet-5ea0c127,subnet-6194ea3b,subnet-c934b782", + "CreatedTime": "2023-10-28T02:39:22.152Z", "SuspendedProcesses": [], + "VPCZoneIdentifier": "subnet-5ea0c127,subnet-6194ea3b,subnet-c934b782", "EnabledMetrics": [], "Tags": [], "TerminationPolicies": [ "Default" ], "NewInstancesProtectedFromScaleIn": false, - "ServiceLinkedRoleARN":"arn" + "ServiceLinkedRoleARN":"arn", + "TrafficSources": [] } ] } @@ -65,7 +66,7 @@ This example describes the specified Auto Scaling groups. It allows you to speci aws autoscaling describe-auto-scaling-groups \ --max-items 100 \ - --auto-scaling-group-name "group1" "group2" "group3" "group4" + --auto-scaling-group-names "group1" "group2" "group3" "group4" See example 1 for sample output. @@ -90,6 +91,61 @@ See example 1 for sample output. If the output includes a ``NextToken`` field, there are more groups. To get the additional groups, use the value of this field with the ``--starting-token`` option in a subsequent call as follows. :: - aws autoscaling describe-auto-scaling-groups --starting-token Z3M3LMPEXAMPLE + aws autoscaling describe-auto-scaling-groups \ + --starting-token Z3M3LMPEXAMPLE See example 1 for sample output. + +**Example 5: To describe Auto Scaling groups that use launch configurations** + +This example uses the ``--query`` option to describe Auto Scaling groups that use launch configurations. :: + + aws autoscaling describe-auto-scaling-groups \ + --query 'AutoScalingGroups[?LaunchConfigurationName!=`null`]' + +Output:: + + [ + { + "AutoScalingGroupName": "my-asg", + "AutoScalingGroupARN": "arn:aws:autoscaling:us-west-2:123456789012:autoScalingGroup:930d940e-891e-4781-a11a-7b0acd480f03:autoScalingGroupName/my-asg", + "LaunchConfigurationName": "my-lc", + "MinSize": 0, + "MaxSize": 1, + "DesiredCapacity": 1, + "DefaultCooldown": 300, + "AvailabilityZones": [ + "us-west-2a", + "us-west-2b", + "us-west-2c" + ], + "LoadBalancerNames": [], + "TargetGroupARNs": [], + "HealthCheckType": "EC2", + "HealthCheckGracePeriod": 0, + "Instances": [ + { + "InstanceId": "i-088c57934a6449037", + "InstanceType": "t2.micro", + "AvailabilityZone": "us-west-2c", + "HealthStatus": "Healthy", + "LifecycleState": "InService", + "LaunchConfigurationName": "my-lc", + "ProtectedFromScaleIn": false + } + ], + "CreatedTime": "2023-10-28T02:39:22.152Z", + "SuspendedProcesses": [], + "VPCZoneIdentifier": "subnet-5ea0c127,subnet-6194ea3b,subnet-c934b782", + "EnabledMetrics": [], + "Tags": [], + "TerminationPolicies": [ + "Default" + ], + "NewInstancesProtectedFromScaleIn": false, + "ServiceLinkedRoleARN":"arn", + "TrafficSources": [] + } + ] + +For more information, see `Filter AWS CLI output `__ in the *AWS Command Line Interface User Guide*. \ No newline at end of file diff --git a/awscli/examples/autoscaling/describe-auto-scaling-instances.rst b/awscli/examples/autoscaling/describe-auto-scaling-instances.rst index e327ea822b8e..9f3f07c80ca6 100644 --- a/awscli/examples/autoscaling/describe-auto-scaling-instances.rst +++ b/awscli/examples/autoscaling/describe-auto-scaling-instances.rst @@ -30,29 +30,36 @@ Output:: This example uses the ``--max-items`` option to specify how many instances to return with this call. :: - aws autoscaling describe-auto-scaling-instances --max-items 1 + aws autoscaling describe-auto-scaling-instances \ + --max-items 1 If the output includes a ``NextToken`` field, there are more instances. To get the additional instances, use the value of this field with the ``--starting-token`` option in a subsequent call as follows. :: - aws autoscaling describe-auto-scaling-instances --starting-token Z3M3LMPEXAMPLE + aws autoscaling describe-auto-scaling-instances \ + --starting-token Z3M3LMPEXAMPLE + +See example 1 for sample output. + +**Example 3: To describe instances that use launch configurations** + +This example uses the ``--query`` option to describe instances that use launch configurations. :: + + aws autoscaling describe-auto-scaling-instances \ + --query 'AutoScalingInstances[?LaunchConfigurationName!=`null`]' Output:: - { - "AutoScalingInstances": [ - { - "InstanceId": "i-06905f55584de02da", - "InstanceType": "t2.micro", - "AutoScalingGroupName": "my-asg", - "AvailabilityZone": "us-west-2b", - "LifecycleState": "InService", - "HealthStatus": "HEALTHY", - "ProtectedFromScaleIn": false, - "LaunchTemplate": { - "LaunchTemplateId": "lt-1234567890abcde12", - "LaunchTemplateName": "my-launch-template", - "Version": "1" - } - } - ] - } \ No newline at end of file + [ + { + "InstanceId": "i-088c57934a6449037", + "InstanceType": "t2.micro", + "AutoScalingGroupName": "my-asg", + "AvailabilityZone": "us-west-2c", + "LifecycleState": "InService", + "HealthStatus": "HEALTHY", + "LaunchConfigurationName": "my-lc", + "ProtectedFromScaleIn": false + } + ] + +For more information, see `Filter AWS CLI output `__ in the *AWS Command Line Interface User Guide*. \ No newline at end of file diff --git a/awscli/examples/autoscaling/describe-scheduled-actions.rst b/awscli/examples/autoscaling/describe-scheduled-actions.rst index f4f22330c5dd..8ee5475a5ae8 100644 --- a/awscli/examples/autoscaling/describe-scheduled-actions.rst +++ b/awscli/examples/autoscaling/describe-scheduled-actions.rst @@ -13,16 +13,17 @@ Output:: "ScheduledActionName": "my-recurring-action", "Recurrence": "30 0 1 1,6,12 *", "ScheduledActionARN": "arn:aws:autoscaling:us-west-2:123456789012:scheduledUpdateGroupAction:8e86b655-b2e6-4410-8f29-b4f094d6871c:autoScalingGroupName/my-asg:scheduledActionName/my-recurring-action", - "StartTime": "2020-12-01T00:30:00Z", - "Time": "2020-12-01T00:30:00Z", + "StartTime": "2023-12-01T04:00:00Z", + "Time": "2023-12-01T04:00:00Z", "MinSize": 1, "MaxSize": 6, - "DesiredCapacity": 4 + "DesiredCapacity": 4, + "TimeZone": "America/New_York" } ] } -For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. +For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. **Example 2: To describe scheduled actions for the specified group** @@ -40,16 +41,17 @@ Output:: "ScheduledActionName": "my-recurring-action", "Recurrence": "30 0 1 1,6,12 *", "ScheduledActionARN": "arn:aws:autoscaling:us-west-2:123456789012:scheduledUpdateGroupAction:8e86b655-b2e6-4410-8f29-b4f094d6871c:autoScalingGroupName/my-asg:scheduledActionName/my-recurring-action", - "StartTime": "2020-12-01T00:30:00Z", - "Time": "2020-12-01T00:30:00Z", + "StartTime": "2023-12-01T04:00:00Z", + "Time": "2023-12-01T04:00:00Z", "MinSize": 1, "MaxSize": 6, - "DesiredCapacity": 4 + "DesiredCapacity": 4, + "TimeZone": "America/New_York" } ] } -For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. +For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. **Example 3: To describe the specified scheduled action** @@ -67,24 +69,24 @@ Output:: "ScheduledActionName": "my-recurring-action", "Recurrence": "30 0 1 1,6,12 *", "ScheduledActionARN": "arn:aws:autoscaling:us-west-2:123456789012:scheduledUpdateGroupAction:8e86b655-b2e6-4410-8f29-b4f094d6871c:autoScalingGroupName/my-asg:scheduledActionName/my-recurring-action", - "StartTime": "2020-12-01T00:30:00Z", - "Time": "2020-12-01T00:30:00Z", + "StartTime": "2023-12-01T04:00:00Z", + "Time": "2023-12-01T04:00:00Z", "MinSize": 1, "MaxSize": 6, - "DesiredCapacity": 4 + "DesiredCapacity": 4, + "TimeZone": "America/New_York" } ] } +For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. -For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. - -**Example 4: To describe scheduled actions with a sepecified start time** +**Example 4: To describe scheduled actions with a specified start time** To describe the scheduled actions that start at a specific time, use the ``--start-time`` option. :: aws autoscaling describe-scheduled-actions \ - --start-time "2020-12-01T00:30:00Z" + --start-time "2023-12-01T04:00:00Z" Output:: @@ -95,24 +97,24 @@ Output:: "ScheduledActionName": "my-recurring-action", "Recurrence": "30 0 1 1,6,12 *", "ScheduledActionARN": "arn:aws:autoscaling:us-west-2:123456789012:scheduledUpdateGroupAction:8e86b655-b2e6-4410-8f29-b4f094d6871c:autoScalingGroupName/my-asg:scheduledActionName/my-recurring-action", - "StartTime": "2020-12-01T00:30:00Z", - "Time": "2020-12-01T00:30:00Z", + "StartTime": "2023-12-01T04:00:00Z", + "Time": "2023-12-01T04:00:00Z", "MinSize": 1, "MaxSize": 6, - "DesiredCapacity": 4 + "DesiredCapacity": 4, + "TimeZone": "America/New_York" } ] } - -For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. +For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. **Example 5: To describe scheduled actions that end at a specified time** To describe the scheduled actions that end at a specific time, use the ``--end-time`` option. :: aws autoscaling describe-scheduled-actions \ - --end-time "2022-12-01T00:30:00Z" + --end-time "2023-12-01T04:00:00Z" Output:: @@ -123,23 +125,25 @@ Output:: "ScheduledActionName": "my-recurring-action", "Recurrence": "30 0 1 1,6,12 *", "ScheduledActionARN": "arn:aws:autoscaling:us-west-2:123456789012:scheduledUpdateGroupAction:8e86b655-b2e6-4410-8f29-b4f094d6871c:autoScalingGroupName/my-asg:scheduledActionName/my-recurring-action", - "StartTime": "2020-12-01T00:30:00Z", - "Time": "2020-12-01T00:30:00Z", + "StartTime": "2023-12-01T04:00:00Z", + "Time": "2023-12-01T04:00:00Z", "MinSize": 1, "MaxSize": 6, - "DesiredCapacity": 4 + "DesiredCapacity": 4, + "TimeZone": "America/New_York" } ] } -For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. +For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. **Example 6: To describe a specified number of scheduled actions** To return a specific number of scheduled actions, use the ``--max-items`` option. :: aws autoscaling describe-scheduled-actions \ - --auto-scaling-group-name my-asg --max-items 1 + --auto-scaling-group-name my-asg \ + --max-items 1 Output:: @@ -150,11 +154,12 @@ Output:: "ScheduledActionName": "my-recurring-action", "Recurrence": "30 0 1 1,6,12 *", "ScheduledActionARN": "arn:aws:autoscaling:us-west-2:123456789012:scheduledUpdateGroupAction:8e86b655-b2e6-4410-8f29-b4f094d6871c:autoScalingGroupName/my-asg:scheduledActionName/my-recurring-action", - "StartTime": "2020-12-01T00:30:00Z", - "Time": "2020-12-01T00:30:00Z", + "StartTime": "2023-12-01T04:00:00Z", + "Time": "2023-12-01T04:00:00Z", "MinSize": 1, "MaxSize": 6, - "DesiredCapacity": 4 + "DesiredCapacity": 4, + "TimeZone": "America/New_York" } ] } @@ -165,4 +170,4 @@ If the output includes a ``NextToken`` field, there are more scheduled actions. --auto-scaling-group-name my-asg \ --starting-token Z3M3LMPEXAMPLE -For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. +For more information, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. \ No newline at end of file diff --git a/awscli/examples/autoscaling/put-scheduled-update-group-action.rst b/awscli/examples/autoscaling/put-scheduled-update-group-action.rst index 60f5fef43b90..85113090d7a8 100644 --- a/awscli/examples/autoscaling/put-scheduled-update-group-action.rst +++ b/awscli/examples/autoscaling/put-scheduled-update-group-action.rst @@ -5,14 +5,14 @@ This example adds the specified scheduled action to the specified Auto Scaling g aws autoscaling put-scheduled-update-group-action \ --auto-scaling-group-name my-asg \ --scheduled-action-name my-scheduled-action \ - --start-time "2021-05-12T08:00:00Z" \ + --start-time "2023-05-12T08:00:00Z" \ --min-size 2 \ --max-size 6 \ --desired-capacity 4 This command produces no output. If a scheduled action with the same name already exists, it will be overwritten by the new scheduled action. -For more examples, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. +For more examples, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. **Example 2: To specify a recurring schedule** @@ -28,4 +28,4 @@ This example creates a scheduled action to scale on a recurring schedule that is This command produces no output. If a scheduled action with the same name already exists, it will be overwritten by the new scheduled action. -For more examples, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. \ No newline at end of file +For more examples, see `Scheduled scaling `__ in the *Amazon EC2 Auto Scaling User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloud9/create-environment-ec2.rst b/awscli/examples/cloud9/create-environment-ec2.rst index f16c1bc48d60..04695f466fca 100644 --- a/awscli/examples/cloud9/create-environment-ec2.rst +++ b/awscli/examples/cloud9/create-environment-ec2.rst @@ -1,13 +1,19 @@ **To create an AWS Cloud9 EC2 development environment** -This example creates an AWS Cloud9 development environment with the specified settings, launches an Amazon Elastic Compute Cloud (Amazon EC2) instance, and then connects from the instance to the environment. +This following ``create-environment-ec2`` example creates an AWS Cloud9 development environment with the specified settings, launches an Amazon Elastic Compute Cloud (Amazon EC2) instance, and then connects from the instance to the environment. :: -Command:: - - aws cloud9 create-environment-ec2 --name my-demo-env --description "My demonstration development environment." --instance-type t2.micro --subnet-id subnet-1fab8aEX --automatic-stop-time-minutes 60 --owner-arn arn:aws:iam::123456789012:user/MyDemoUser + aws cloud9 create-environment-ec2 \ + --name my-demo-env \ + --description "My demonstration development environment." \ + --instance-type t2.micro --image-id amazonlinux-2023-x86_64 \ + --subnet-id subnet-1fab8aEX \ + --automatic-stop-time-minutes 60 \ + --owner-arn arn:aws:iam::123456789012:user/MyDemoUser Output:: - { - "environmentId": "8a34f51ce1e04a08882f1e811bd706EX" - } \ No newline at end of file + { + "environmentId": "8a34f51ce1e04a08882f1e811bd706EX" + } + +For more information, see `Creating an EC2 Environment `__ in the *AWS Cloud9 User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudfront/create-distribution-with-tags.rst b/awscli/examples/cloudfront/create-distribution-with-tags.rst index 889c289c2613..c9d8944b803e 100644 --- a/awscli/examples/cloudfront/create-distribution-with-tags.rst +++ b/awscli/examples/cloudfront/create-distribution-with-tags.rst @@ -1,20 +1,16 @@ **To create a CloudFront distribution with tags** -The following example creates a distribution with two tags by providing the -distribution configuration and tags in a JSON file named -``dist-config-with-tags.json``:: +The following ``create-distribution-with-tags`` example creates a distribution with two tags by providing the distribution configuration and tags in a JSON file named ``dist-config-with-tags.json``. :: aws cloudfront create-distribution-with-tags \ --distribution-config-with-tags file://dist-config-with-tags.json -The file ``dist-config-with-tags.json`` is a JSON document in the current -folder that contains the following. Note the ``Tags`` object at the top of -the file, which contains two tags: +The file ``dist-config-with-tags.json`` is a JSON document in the current folder. Note the ``Tags`` object at the top of the file, which contains two tags: - ``Name = ExampleDistribution`` - ``Project = ExampleProject`` -:: +Contents of ``dist-config-with-tags.json``:: { "Tags": { @@ -39,8 +35,8 @@ the file, which contains two tags: "Quantity": 1, "Items": [ { - "Id": "awsexamplebucket.s3.amazonaws.com-cli-example", - "DomainName": "awsexamplebucket.s3.amazonaws.com", + "Id": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", + "DomainName": "amzn-s3-demo-bucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 @@ -55,7 +51,7 @@ the file, which contains two tags: "Quantity": 0 }, "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket.s3.amazonaws.com-cli-example", + "TargetOriginId": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { @@ -155,8 +151,8 @@ Output:: "Quantity": 1, "Items": [ { - "Id": "awsexamplebucket.s3.amazonaws.com-cli-example", - "DomainName": "awsexamplebucket.s3.amazonaws.com", + "Id": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", + "DomainName": "amzn-s3-demo-bucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 @@ -171,7 +167,7 @@ Output:: "Quantity": 0 }, "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket.s3.amazonaws.com-cli-example", + "TargetOriginId": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { diff --git a/awscli/examples/cloudfront/create-distribution.rst b/awscli/examples/cloudfront/create-distribution.rst index f316ee43603a..c2b2140e53d5 100644 --- a/awscli/examples/cloudfront/create-distribution.rst +++ b/awscli/examples/cloudfront/create-distribution.rst @@ -1,123 +1,12 @@ -**To create a CloudFront distribution** +**Example 1: To create a CloudFront distribution** -The following example creates a distribution for an S3 bucket named -``awsexamplebucket``, and also specifies ``index.html`` as the default root -object, using command line arguments:: +The following example creates a distribution for an S3 bucket named ``amzn-s3-demo-bucket``, and also specifies ``index.html`` as the default root object, using command line arguments. :: aws cloudfront create-distribution \ - --origin-domain-name awsexamplebucket.s3.amazonaws.com \ + --origin-domain-name amzn-s3-demo-bucket.s3.amazonaws.com \ --default-root-object index.html -Instead of using command line arguments, you can provide the distribution -configuration in a JSON file, as shown in the following example:: - - aws cloudfront create-distribution \ - --distribution-config file://dist-config.json - -The file ``dist-config.json`` is a JSON document in the current folder that -contains the following:: - - { - "CallerReference": "cli-example", - "Aliases": { - "Quantity": 0 - }, - "DefaultRootObject": "index.html", - "Origins": { - "Quantity": 1, - "Items": [ - { - "Id": "awsexamplebucket.s3.amazonaws.com-cli-example", - "DomainName": "awsexamplebucket.s3.amazonaws.com", - "OriginPath": "", - "CustomHeaders": { - "Quantity": 0 - }, - "S3OriginConfig": { - "OriginAccessIdentity": "" - } - } - ] - }, - "OriginGroups": { - "Quantity": 0 - }, - "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket.s3.amazonaws.com-cli-example", - "ForwardedValues": { - "QueryString": false, - "Cookies": { - "Forward": "none" - }, - "Headers": { - "Quantity": 0 - }, - "QueryStringCacheKeys": { - "Quantity": 0 - } - }, - "TrustedSigners": { - "Enabled": false, - "Quantity": 0 - }, - "ViewerProtocolPolicy": "allow-all", - "MinTTL": 0, - "AllowedMethods": { - "Quantity": 2, - "Items": [ - "HEAD", - "GET" - ], - "CachedMethods": { - "Quantity": 2, - "Items": [ - "HEAD", - "GET" - ] - } - }, - "SmoothStreaming": false, - "DefaultTTL": 86400, - "MaxTTL": 31536000, - "Compress": false, - "LambdaFunctionAssociations": { - "Quantity": 0 - }, - "FieldLevelEncryptionId": "" - }, - "CacheBehaviors": { - "Quantity": 0 - }, - "CustomErrorResponses": { - "Quantity": 0 - }, - "Comment": "", - "Logging": { - "Enabled": false, - "IncludeCookies": false, - "Bucket": "", - "Prefix": "" - }, - "PriceClass": "PriceClass_All", - "Enabled": true, - "ViewerCertificate": { - "CloudFrontDefaultCertificate": true, - "MinimumProtocolVersion": "TLSv1", - "CertificateSource": "cloudfront" - }, - "Restrictions": { - "GeoRestriction": { - "RestrictionType": "none", - "Quantity": 0 - } - }, - "WebACLId": "", - "HttpVersion": "http2", - "IsIPV6Enabled": true - } - -Whether you provide the distribution information with a command line argument -or a JSON file, the output is the same:: +Output:: { "Location": "https://cloudfront.amazonaws.com/2019-03-26/distribution/EMLARXS9EXAMPLE", @@ -143,8 +32,8 @@ or a JSON file, the output is the same:: "Quantity": 1, "Items": [ { - "Id": "awsexamplebucket.s3.amazonaws.com-cli-example", - "DomainName": "awsexamplebucket.s3.amazonaws.com", + "Id": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", + "DomainName": "amzn-s3-demo-bucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 @@ -159,7 +48,7 @@ or a JSON file, the output is the same:: "Quantity": 0 }, "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket.s3.amazonaws.com-cli-example", + "TargetOriginId": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { @@ -233,3 +122,114 @@ or a JSON file, the output is the same:: } } } + +**Example 2: To create a CloudFront distribution using a JSON file** + +The following example creates a distribution for an S3 bucket named ``amzn-s3-demo-bucket``, and also specifies ``index.html`` as the default root object, using a JSON file. :: + + aws cloudfront create-distribution \ + --distribution-config file://dist-config.json + + +Contents of ``dist-config.json``:: + + { + "CallerReference": "cli-example", + "Aliases": { + "Quantity": 0 + }, + "DefaultRootObject": "index.html", + "Origins": { + "Quantity": 1, + "Items": [ + { + "Id": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", + "DomainName": "amzn-s3-demo-bucket.s3.amazonaws.com", + "OriginPath": "", + "CustomHeaders": { + "Quantity": 0 + }, + "S3OriginConfig": { + "OriginAccessIdentity": "" + } + } + ] + }, + "OriginGroups": { + "Quantity": 0 + }, + "DefaultCacheBehavior": { + "TargetOriginId": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", + "ForwardedValues": { + "QueryString": false, + "Cookies": { + "Forward": "none" + }, + "Headers": { + "Quantity": 0 + }, + "QueryStringCacheKeys": { + "Quantity": 0 + } + }, + "TrustedSigners": { + "Enabled": false, + "Quantity": 0 + }, + "ViewerProtocolPolicy": "allow-all", + "MinTTL": 0, + "AllowedMethods": { + "Quantity": 2, + "Items": [ + "HEAD", + "GET" + ], + "CachedMethods": { + "Quantity": 2, + "Items": [ + "HEAD", + "GET" + ] + } + }, + "SmoothStreaming": false, + "DefaultTTL": 86400, + "MaxTTL": 31536000, + "Compress": false, + "LambdaFunctionAssociations": { + "Quantity": 0 + }, + "FieldLevelEncryptionId": "" + }, + "CacheBehaviors": { + "Quantity": 0 + }, + "CustomErrorResponses": { + "Quantity": 0 + }, + "Comment": "", + "Logging": { + "Enabled": false, + "IncludeCookies": false, + "Bucket": "", + "Prefix": "" + }, + "PriceClass": "PriceClass_All", + "Enabled": true, + "ViewerCertificate": { + "CloudFrontDefaultCertificate": true, + "MinimumProtocolVersion": "TLSv1", + "CertificateSource": "cloudfront" + }, + "Restrictions": { + "GeoRestriction": { + "RestrictionType": "none", + "Quantity": 0 + } + }, + "WebACLId": "", + "HttpVersion": "http2", + "IsIPV6Enabled": true + } + +See Example 1 for sample output. \ No newline at end of file diff --git a/awscli/examples/cloudfront/get-distribution-config.rst b/awscli/examples/cloudfront/get-distribution-config.rst index 8fd58446a880..af0192304fb7 100644 --- a/awscli/examples/cloudfront/get-distribution-config.rst +++ b/awscli/examples/cloudfront/get-distribution-config.rst @@ -1,13 +1,9 @@ **To get a CloudFront distribution configuration** -The following example gets metadata about the CloudFront distribution with the -ID ``EDFDVBD6EXAMPLE``, including its ``ETag``. The distribution ID is returned -in the `create-distribution `_ and -`list-distributions `_ commands. +The following example gets metadata about the CloudFront distribution with the ID ``EDFDVBD6EXAMPLE``, including its ``ETag``. The distribution ID is returned in the `create-distribution `__ and `list-distributions `__ commands. :: -:: - - aws cloudfront get-distribution-config --id EDFDVBD6EXAMPLE + aws cloudfront get-distribution-config \ + --id EDFDVBD6EXAMPLE Output:: @@ -23,8 +19,8 @@ Output:: "Quantity": 1, "Items": [ { - "Id": "awsexamplebucket.s3.amazonaws.com-cli-example", - "DomainName": "awsexamplebucket.s3.amazonaws.com", + "Id": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", + "DomainName": "amzn-s3-demo-bucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 @@ -39,7 +35,7 @@ Output:: "Quantity": 0 }, "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket.s3.amazonaws.com-cli-example", + "TargetOriginId": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { diff --git a/awscli/examples/cloudfront/get-distribution.rst b/awscli/examples/cloudfront/get-distribution.rst index a881ecae4af2..f536b386f22c 100644 --- a/awscli/examples/cloudfront/get-distribution.rst +++ b/awscli/examples/cloudfront/get-distribution.rst @@ -1,13 +1,9 @@ **To get a CloudFront distribution** -The following example gets the CloudFront distribution with the ID -``EDFDVBD6EXAMPLE``, including its ``ETag``. The distribution ID is returned in -the `create-distribution `_ and `list-distributions -`_ commands. +The following ``get-distribution`` example gets the CloudFront distribution with the ID ``EDFDVBD6EXAMPLE``, including its ``ETag``. The distribution ID is returned in the `create-distribution `__ and `list-distributions `__ commands. :: -:: - - aws cloudfront get-distribution --id EDFDVBD6EXAMPLE + aws cloudfront get-distribution \ + --id EDFDVBD6EXAMPLE Output:: @@ -34,8 +30,8 @@ Output:: "Quantity": 1, "Items": [ { - "Id": "awsexamplebucket.s3.amazonaws.com-cli-example", - "DomainName": "awsexamplebucket.s3.amazonaws.com", + "Id": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", + "DomainName": "amzn-s3-demo-bucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 @@ -50,7 +46,7 @@ Output:: "Quantity": 0 }, "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket.s3.amazonaws.com-cli-example", + "TargetOriginId": "amzn-s3-demo-bucket.s3.amazonaws.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { diff --git a/awscli/examples/cloudfront/list-distributions.rst b/awscli/examples/cloudfront/list-distributions.rst index 4fdbaaa12f54..f44982cfd99f 100644 --- a/awscli/examples/cloudfront/list-distributions.rst +++ b/awscli/examples/cloudfront/list-distributions.rst @@ -1,7 +1,6 @@ **To list CloudFront distributions** -The following example gets a list of the CloudFront distributions in your AWS -account:: +The following example gets a list of the CloudFront distributions in your AWS account. :: aws cloudfront list-distributions @@ -11,231 +10,11 @@ Output:: "DistributionList": { "Items": [ { - "Id": "EMLARXS9EXAMPLE", - "ARN": "arn:aws:cloudfront::123456789012:distribution/EMLARXS9EXAMPLE", - "Status": "InProgress", - "LastModifiedTime": "2019-11-22T00:55:15.705Z", - "InProgressInvalidationBatches": 0, - "DomainName": "d111111abcdef8.cloudfront.net", - "ActiveTrustedSigners": { - "Enabled": false, - "Quantity": 0 - }, - "DistributionConfig": { - "CallerReference": "cli-example", - "Aliases": { - "Quantity": 0 - }, - "DefaultRootObject": "index.html", - "Origins": { - "Quantity": 1, - "Items": [ - { - "Id": "awsexamplebucket.s3.amazonaws.com-cli-example", - "DomainName": "awsexamplebucket.s3.amazonaws.com", - "OriginPath": "", - "CustomHeaders": { - "Quantity": 0 - }, - "S3OriginConfig": { - "OriginAccessIdentity": "" - } - } - ] - }, - "OriginGroups": { - "Quantity": 0 - }, - "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket.s3.amazonaws.com-cli-example", - "ForwardedValues": { - "QueryString": false, - "Cookies": { - "Forward": "none" - }, - "Headers": { - "Quantity": 0 - }, - "QueryStringCacheKeys": { - "Quantity": 0 - } - }, - "TrustedSigners": { - "Enabled": false, - "Quantity": 0 - }, - "ViewerProtocolPolicy": "allow-all", - "MinTTL": 0, - "AllowedMethods": { - "Quantity": 2, - "Items": [ - "HEAD", - "GET" - ], - "CachedMethods": { - "Quantity": 2, - "Items": [ - "HEAD", - "GET" - ] - } - }, - "SmoothStreaming": false, - "DefaultTTL": 86400, - "MaxTTL": 31536000, - "Compress": false, - "LambdaFunctionAssociations": { - "Quantity": 0 - }, - "FieldLevelEncryptionId": "" - }, - "CacheBehaviors": { - "Quantity": 0 - }, - "CustomErrorResponses": { - "Quantity": 0 - }, - "Comment": "", - "Logging": { - "Enabled": false, - "IncludeCookies": false, - "Bucket": "", - "Prefix": "" - }, - "PriceClass": "PriceClass_All", - "Enabled": true, - "ViewerCertificate": { - "CloudFrontDefaultCertificate": true, - "MinimumProtocolVersion": "TLSv1", - "CertificateSource": "cloudfront" - }, - "Restrictions": { - "GeoRestriction": { - "RestrictionType": "none", - "Quantity": 0 - } - }, - "WebACLId": "", - "HttpVersion": "http2", - "IsIPV6Enabled": true - } - }, - { - "Id": "EDFDVBD6EXAMPLE", - "ARN": "arn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE", - "Status": "InProgress", - "LastModifiedTime": "2019-12-04T23:35:41.433Z", - "InProgressInvalidationBatches": 0, - "DomainName": "d930174dauwrn8.cloudfront.net", - "ActiveTrustedSigners": { - "Enabled": false, - "Quantity": 0 - }, - "DistributionConfig": { - "CallerReference": "cli-example", - "Aliases": { - "Quantity": 0 - }, - "DefaultRootObject": "index.html", - "Origins": { - "Quantity": 1, - "Items": [ - { - "Id": "awsexamplebucket1.s3.amazonaws.com-cli-example", - "DomainName": "awsexamplebucket1.s3.amazonaws.com", - "OriginPath": "", - "CustomHeaders": { - "Quantity": 0 - }, - "S3OriginConfig": { - "OriginAccessIdentity": "" - } - } - ] - }, - "OriginGroups": { - "Quantity": 0 - }, - "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket1.s3.amazonaws.com-cli-example", - "ForwardedValues": { - "QueryString": false, - "Cookies": { - "Forward": "none" - }, - "Headers": { - "Quantity": 0 - }, - "QueryStringCacheKeys": { - "Quantity": 0 - } - }, - "TrustedSigners": { - "Enabled": false, - "Quantity": 0 - }, - "ViewerProtocolPolicy": "allow-all", - "MinTTL": 0, - "AllowedMethods": { - "Quantity": 2, - "Items": [ - "HEAD", - "GET" - ], - "CachedMethods": { - "Quantity": 2, - "Items": [ - "HEAD", - "GET" - ] - } - }, - "SmoothStreaming": false, - "DefaultTTL": 86400, - "MaxTTL": 31536000, - "Compress": false, - "LambdaFunctionAssociations": { - "Quantity": 0 - }, - "FieldLevelEncryptionId": "" - }, - "CacheBehaviors": { - "Quantity": 0 - }, - "CustomErrorResponses": { - "Quantity": 0 - }, - "Comment": "", - "Logging": { - "Enabled": false, - "IncludeCookies": false, - "Bucket": "", - "Prefix": "" - }, - "PriceClass": "PriceClass_All", - "Enabled": true, - "ViewerCertificate": { - "CloudFrontDefaultCertificate": true, - "MinimumProtocolVersion": "TLSv1", - "CertificateSource": "cloudfront" - }, - "Restrictions": { - "GeoRestriction": { - "RestrictionType": "none", - "Quantity": 0 - } - }, - "WebACLId": "", - "HttpVersion": "http2", - "IsIPV6Enabled": true - } - }, - { - "Id": "E1X5IZQEXAMPLE", - "ARN": "arn:aws:cloudfront::123456789012:distribution/E1X5IZQEXAMPLE", + "Id": "E23YS8OEXAMPLE", + "ARN": "arn:aws:cloudfront::123456789012:distribution/E23YS8OEXAMPLE", "Status": "Deployed", - "LastModifiedTime": "2019-11-06T21:31:48.864Z", - "DomainName": "d2e04y12345678.cloudfront.net", + "LastModifiedTime": "2024-08-05T18:23:40.375000+00:00", + "DomainName": "abcdefgh12ijk.cloudfront.net", "Aliases": { "Quantity": 0 }, @@ -243,15 +22,21 @@ Output:: "Quantity": 1, "Items": [ { - "Id": "awsexamplebucket2", - "DomainName": "awsexamplebucket2.s3.us-west-2.amazonaws.com", + "Id": "amzn-s3-demo-bucket.s3.us-east-1.amazonaws.com", + "DomainName": "amzn-s3-demo-bucket.s3.us-east-1.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" - } + }, + "ConnectionAttempts": 3, + "ConnectionTimeout": 10, + "OriginShield": { + "Enabled": false + }, + "OriginAccessControlId": "EIAP8PEXAMPLE" } ] }, @@ -259,25 +44,16 @@ Output:: "Quantity": 0 }, "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket2", - "ForwardedValues": { - "QueryString": false, - "Cookies": { - "Forward": "none" - }, - "Headers": { - "Quantity": 0 - }, - "QueryStringCacheKeys": { - "Quantity": 0 - } - }, + "TargetOriginId": "amzn-s3-demo-bucket.s3.us-east-1.amazonaws.com", "TrustedSigners": { "Enabled": false, "Quantity": 0 }, + "TrustedKeyGroups": { + "Enabled": false, + "Quantity": 0 + }, "ViewerProtocolPolicy": "allow-all", - "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ @@ -293,13 +69,15 @@ Output:: } }, "SmoothStreaming": false, - "DefaultTTL": 86400, - "MaxTTL": 31536000, - "Compress": false, + "Compress": true, "LambdaFunctionAssociations": { "Quantity": 0 }, - "FieldLevelEncryptionId": "" + "FunctionAssociations": { + "Quantity": 0 + }, + "FieldLevelEncryptionId": "", + "CachePolicyId": "658327ea-f89d-4fab-a63d-7e886EXAMPLE" }, "CacheBehaviors": { "Quantity": 0 @@ -312,6 +90,7 @@ Output:: "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, + "SSLSupportMethod": "vip", "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, @@ -322,8 +101,9 @@ Output:: } }, "WebACLId": "", - "HttpVersion": "HTTP1_1", - "IsIPV6Enabled": true + "HttpVersion": "HTTP2", + "IsIPV6Enabled": true, + "Staging": false } ] } diff --git a/awscli/examples/cloudfront/update-distribution.rst b/awscli/examples/cloudfront/update-distribution.rst index 049fa762be24..cf8c9692718e 100644 --- a/awscli/examples/cloudfront/update-distribution.rst +++ b/awscli/examples/cloudfront/update-distribution.rst @@ -1,9 +1,9 @@ -**To update a CloudFront distribution's default root object** +**Example 1: To update a CloudFront distribution's default root object** -The following example updates the default root object to ``index.html`` for the -CloudFront distribution with the ID ``EDFDVBD6EXAMPLE``:: +The following example updates the default root object to ``index.html`` for the CloudFront distribution with the ID ``EDFDVBD6EXAMPLE``. :: - aws cloudfront update-distribution --id EDFDVBD6EXAMPLE \ + aws cloudfront update-distribution \ + --id EDFDVBD6EXAMPLE \ --default-root-object index.html Output:: @@ -136,28 +136,20 @@ Output:: } } -**To update a CloudFront distribution** - -The following example disables the CloudFront distribution with the ID -``EMLARXS9EXAMPLE`` by providing the distribution configuration in a JSON file -named ``dist-config-disable.json``. To update a distribution, you must use the -``--if-match`` option to provide the distribution's ``ETag``. To get the -``ETag``, use the `get-distribution `_ or -`get-distribution-config `_ command. +**Example 2: To update a CloudFront distribution** -After you use the following example to disable a distribution, you can use the -`delete-distribution `_ command to delete it. +The following example disables the CloudFront distribution with the ID ``EMLARXS9EXAMPLE`` by providing the distribution configuration in a JSON file named ``dist-config-disable.json``. To update a distribution, you must use the ``--if-match`` option to provide the distribution's ``ETag``. To get the +``ETag``, use the `get-distribution `_ or `get-distribution-config `_ command. Note that the ``Enabled`` field is set to +``false`` in the JSON file. -:: +After you use the following example to disable a distribution, you can use the `delete-distribution `_ command to delete it. :: aws cloudfront update-distribution \ --id EMLARXS9EXAMPLE \ --if-match E2QWRUHEXAMPLE \ --distribution-config file://dist-config-disable.json -The file ``dist-config-disable.json`` is a JSON document in the current folder -that contains the following. Note that the ``Enabled`` field is set to -``false``:: +Contents of ``dist-config-disable.json``:: { "CallerReference": "cli-1574382155-496510", @@ -169,8 +161,8 @@ that contains the following. Note that the ``Enabled`` field is set to "Quantity": 1, "Items": [ { - "Id": "awsexamplebucket.s3.amazonaws.com-1574382155-273939", - "DomainName": "awsexamplebucket.s3.amazonaws.com", + "Id": "amzn-s3-demo-bucket.s3.amazonaws.com-1574382155-273939", + "DomainName": "amzn-s3-demo-bucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 @@ -185,7 +177,7 @@ that contains the following. Note that the ``Enabled`` field is set to "Quantity": 0 }, "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket.s3.amazonaws.com-1574382155-273939", + "TargetOriginId": "amzn-s3-demo-bucket.s3.amazonaws.com-1574382155-273939", "ForwardedValues": { "QueryString": false, "Cookies": { @@ -283,8 +275,8 @@ Output:: "Quantity": 1, "Items": [ { - "Id": "awsexamplebucket.s3.amazonaws.com-1574382155-273939", - "DomainName": "awsexamplebucket.s3.amazonaws.com", + "Id": "amzn-s3-demo-bucket.s3.amazonaws.com-1574382155-273939", + "DomainName": "amzn-s3-demo-bucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 @@ -299,7 +291,7 @@ Output:: "Quantity": 0 }, "DefaultCacheBehavior": { - "TargetOriginId": "awsexamplebucket.s3.amazonaws.com-1574382155-273939", + "TargetOriginId": "amzn-s3-demo-bucket.s3.amazonaws.com-1574382155-273939", "ForwardedValues": { "QueryString": false, "Cookies": { diff --git a/awscli/examples/cloudtrail/create-subscription.rst b/awscli/examples/cloudtrail/create-subscription.rst index b3f2fc0ea4a3..8b285d005281 100644 --- a/awscli/examples/cloudtrail/create-subscription.rst +++ b/awscli/examples/cloudtrail/create-subscription.rst @@ -1,32 +1,35 @@ -**To create and configure AWS resources for a trail** - -The following ``create-subscription`` command creates a new S3 bucket and SNS topic for ``Trail1``:: - - aws cloudtrail create-subscription --name Trail1 --s3-new-bucket my-bucket --sns-new-topic my-topic - -Output:: - - Setting up new S3 bucket my-bucket... - Setting up new SNS topic my-topic... - Creating/updating CloudTrail configuration... - CloudTrail configuration: - { - "trailList": [ - { - "IncludeGlobalServiceEvents": true, - "Name": "Trail1", - "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", - "LogFileValidationEnabled": false, - "IsMultiRegionTrail": false, - "S3BucketName": "my-bucket", - "SnsTopicName": "my-topic", - "HomeRegion": "us-east-1" - } - ], - "ResponseMetadata": { - "HTTPStatusCode": 200, - "RequestId": "f39e51f6-c615-11e5-85bd-d35ca21ee3e2" - } - } - Starting CloudTrail service... - Logs will be delivered to my-bucket \ No newline at end of file +**To create and configure AWS resources for a trail** + +The following ``create-subscription`` command creates a new S3 bucket and SNS topic for ``Trail1``. :: + + aws cloudtrail create-subscription \ + --name Trail1 \ + --s3-new-bucket amzn-s3-demo-bucket \ + --sns-new-topic my-topic + +Output:: + + Setting up new S3 bucket amzn-s3-demo-bucket... + Setting up new SNS topic my-topic... + Creating/updating CloudTrail configuration... + CloudTrail configuration: + { + "trailList": [ + { + "IncludeGlobalServiceEvents": true, + "Name": "Trail1", + "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", + "LogFileValidationEnabled": false, + "IsMultiRegionTrail": false, + "S3BucketName": "amzn-s3-demo-bucket", + "SnsTopicName": "my-topic", + "HomeRegion": "us-east-1" + } + ], + "ResponseMetadata": { + "HTTPStatusCode": 200, + "RequestId": "f39e51f6-c615-11e5-85bd-d35ca21ee3e2" + } + } + Starting CloudTrail service... + Logs will be delivered to my-bucket \ No newline at end of file diff --git a/awscli/examples/cloudtrail/create-trail.rst b/awscli/examples/cloudtrail/create-trail.rst index 95d33cbedde7..0472c5fb2948 100644 --- a/awscli/examples/cloudtrail/create-trail.rst +++ b/awscli/examples/cloudtrail/create-trail.rst @@ -1,17 +1,19 @@ -**To create a trail** - -The following ``create-trail`` command creates a multi-region trail named ``Trail1`` and specifies an S3 bucket:: - - aws cloudtrail create-trail --name Trail1 --s3-bucket-name my-bucket --is-multi-region-trail - -Output:: - - { - "IncludeGlobalServiceEvents": true, - "Name": "Trail1", - "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", - "LogFileValidationEnabled": false, - "IsMultiRegionTrail": true, - "S3BucketName": "my-bucket" - } - \ No newline at end of file +**To create a trail** + +The following ``create-trail`` example creates a multi-region trail named ``Trail1`` and specifies an S3 bucket. :: + + aws cloudtrail create-trail \ + --name Trail1 \ + --s3-bucket-name amzn-s3-demo-bucket \ + --is-multi-region-trail + +Output:: + + { + "IncludeGlobalServiceEvents": true, + "Name": "Trail1", + "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", + "LogFileValidationEnabled": false, + "IsMultiRegionTrail": true, + "S3BucketName": "amzn-s3-demo-bucket" + } diff --git a/awscli/examples/cloudtrail/describe-trails.rst b/awscli/examples/cloudtrail/describe-trails.rst index f09a67b50ff1..d92635af7964 100644 --- a/awscli/examples/cloudtrail/describe-trails.rst +++ b/awscli/examples/cloudtrail/describe-trails.rst @@ -1,35 +1,36 @@ -**To describe a trail** - -The following ``describe-trails`` command returns the settings for ``Trail1`` and ``Trail2``:: - - aws cloudtrail describe-trails --trail-name-list Trail1 Trail2 - -Output:: - - { - "trailList": [ - { - "IncludeGlobalServiceEvents": true, - "Name": "Trail1", - "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", - "LogFileValidationEnabled": false, - "IsMultiRegionTrail": false, - "S3BucketName": "my-bucket", - "CloudWatchLogsRoleArn": "arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role", - "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail:*", - "SnsTopicName": "my-topic", - "HomeRegion": "us-east-1" - }, - { - "IncludeGlobalServiceEvents": true, - "Name": "Trail2", - "S3KeyPrefix": "my-prefix", - "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail2", - "LogFileValidationEnabled": false, - "IsMultiRegionTrail": false, - "S3BucketName": "my-bucket", - "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/4c5ae5ac-3c13-421e-8335-c7868ef6a769", - "HomeRegion": "us-east-1" - } - ] - } \ No newline at end of file +**To describe a trail** + +The following ``describe-trails`` example returns the settings for ``Trail1`` and ``Trail2``. :: + + aws cloudtrail describe-trails \ + --trail-name-list Trail1 Trail2 + +Output:: + + { + "trailList": [ + { + "IncludeGlobalServiceEvents": true, + "Name": "Trail1", + "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", + "LogFileValidationEnabled": false, + "IsMultiRegionTrail": false, + "S3BucketName": "amzn-s3-demo-bucket", + "CloudWatchLogsRoleArn": "arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role", + "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail:*", + "SnsTopicName": "my-topic", + "HomeRegion": "us-east-1" + }, + { + "IncludeGlobalServiceEvents": true, + "Name": "Trail2", + "S3KeyPrefix": "my-prefix", + "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail2", + "LogFileValidationEnabled": false, + "IsMultiRegionTrail": false, + "S3BucketName": "amzn-s3-demo-bucket2", + "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/4c5ae5ac-3c13-421e-8335-c7868ef6a769", + "HomeRegion": "us-east-1" + } + ] + } diff --git a/awscli/examples/cloudtrail/put-event-selectors.rst b/awscli/examples/cloudtrail/put-event-selectors.rst index 6b3598620695..e43ff6fd153a 100755 --- a/awscli/examples/cloudtrail/put-event-selectors.rst +++ b/awscli/examples/cloudtrail/put-event-selectors.rst @@ -1,70 +1,187 @@ -**To configure event selectors for a trail** +**Example 1: Configure a trail to log management events and data events by using advanced event selectors** -To create an event selector, run the ''put-event-selectors'' command. When an event occurs in your account, CloudTrail evaluates -the configuration for your trails. If the event matches any event selector for a trail, the trail processes and logs the event. -You can configure up to 5 event selectors for a trail and up to 250 data resources for a trail. +You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use advanced event selectors to log all available data event types. You can use either advanced event selectors or basic event selectors, but not both. If you apply advanced event selectors to a trail, any existing basic event selectors are overwritten. -The following example creates an event selector for a trail named ''TrailName'' to include read-only and write-only management events, -data events for two Amazon S3 bucket/prefix combinations, and data events for a single AWS Lambda function named ''hello-world-python-function'':: +The following ``put-event-selectors`` example creates an advanced event selector for a trail named ``myTrail`` to log all management events, log S3 PutObject and DeleteObject API calls for all but one S3 bucket, log data API calls for a Lambda function named ``myFunction``, and log Publish API calls on an SNS topic named ``myTopic``. :: + aws cloudtrail put-event-selectors \ + --trail-name myTrail \ + --advanced-event-selectors '[{"Name": "Log all management events", "FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Management"] }] },{"Name": "Log PutObject and DeleteObject events for all but one bucket","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::S3::Object"] },{ "Field": "eventName", "Equals": ["PutObject","DeleteObject"] },{ "Field": "resources.ARN", "NotStartsWith": ["arn:aws:s3:::amzn-s3-demo-bucket/"] }]},{"Name": "Log data events for a specific Lambda function","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::Lambda::Function"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:lambda:us-east-1:123456789012:function:myFunction"] }]},{"Name": "Log all Publish API calls on a specific SNS topic","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::SNS::Topic"] },{ "Field": "eventName", "Equals": ["Publish"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:sns:us-east-1:123456789012:myTopic.fifo"] }]}]' +Output:: + + { + "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/myTrail", + "AdvancedEventSelectors": [ + { + "Name": "Log all management events", + "FieldSelectors": [ + { + "Field": "eventCategory", + "Equals": [ + "Management" + ] + } + ] + }, + { + "Name": "Log PutObject and DeleteObject events for all but one bucket", + "FieldSelectors": [ + { + "Field": "eventCategory", + "Equals": [ + "Data" + ] + }, + { + "Field": "resources.type", + "Equals": [ + "AWS::S3::Object" + ] + }, + { + "Field": "eventName", + "Equals": [ + "PutObject", + "DeleteObject" + ] + }, + { + "Field": "resources.ARN", + "NotStartsWith": [ + "arn:aws:s3:::amzn-s3-demo-bucket/" + ] + } + ] + }, + { + "Name": "Log data events for a specific Lambda function", + "FieldSelectors": [ + { + "Field": "eventCategory", + "Equals": [ + "Data" + ] + }, + { + "Field": "resources.type", + "Equals": [ + "AWS::Lambda::Function" + ] + }, + { + "Field": "resources.ARN", + "Equals": [ + "arn:aws:lambda:us-east-1:123456789012:function:myFunction" + ] + } + ] + }, + { + "Name": "Log all Publish API calls on a specific SNS topic", + "FieldSelectors": [ + { + "Field": "eventCategory", + "Equals": [ + "Data" + ] + }, + { + "Field": "resources.type", + "Equals": [ + "AWS::SNS::Topic" + ] + }, + { + "Field": "eventName", + "Equals": [ + "Publish" + ] + }, + { + "Field": "resources.ARN", + "Equals": [ + "arn:aws:sns:us-east-1:123456789012:myTopic.fifo" + ] + } + ] + } + ] + } + +For more information, see `Log events by using advanced event selectors `__ in the *AWS CloudTrail User Guide*. + +**Example 2: Configure event selectors for a trail to log all management events and data events** + +You can configure up to 5 event selectors for a trail and up to 250 data resources for a trail. Event selectors are also referred to as basic event selectors. You can use event selectors to log management events and data events for S3 objects, Lambda functions, and DynnamoDB tables. To log data events for other resource types, you must use advanced event selectors. + +The following ``put-event-selectors`` example creates an event selector for a trail named ``TrailName`` to include all management events, data events for two Amazon S3 bucket/prefix combinations, and data events for a single AWS Lambda function named ``hello-world-python-function``. :: - aws cloudtrail put-event-selectors --trail-name TrailName --event-selectors '[{"ReadWriteType": "All","IncludeManagementEvents": true,"DataResources": [{"Type":"AWS::S3::Object", "Values": ["arn:aws:s3:::mybucket/prefix","arn:aws:s3:::mybucket2/prefix2"]},{"Type": "AWS::Lambda::Function","Values": ["arn:aws:lambda:us-west-2:999999999999:function:hello-world-python-function"]}]}]' + aws cloudtrail put-event-selectors \ + --trail-name TrailName \ + --event-selectors '[{"ReadWriteType": "All","IncludeManagementEvents": true,"DataResources": [{"Type":"AWS::S3::Object", "Values": ["arn:aws:s3:::amzn-s3-demo-bucket/prefix","arn:aws:s3:::amzn-s3-demo-bucket2/prefix2"]},{"Type": "AWS::Lambda::Function","Values": ["arn:aws:lambda:us-west-2:999999999999:function:hello-world-python-function"]}]}]' Output:: - { - "EventSelectors": [ - { - "IncludeManagementEvents": true, - "DataResources": [ - { - "Values": [ - "arn:aws:s3:::mybucket/prefix", - "arn:aws:s3:::mybucket2/prefix2" - ], - "Type": "AWS::S3::Object" - }, - { - "Values": [ - "arn:aws:lambda:us-west-2:123456789012:function:hello-world-python-function" - ], - "Type": "AWS::Lambda::Function" - }, - ], - "ReadWriteType": "All" - } - ], - "TrailARN": "arn:aws:cloudtrail:us-east-2:123456789012:trail/TrailName" - } - -The following example creates an event selector for a trail named ''TrailName2'' that includes all events, including read-only and write-only management events, and all data events for all Amazon S3 buckets and AWS Lambda functions in the AWS account:: - - aws cloudtrail put-event-selectors --trail-name TrailName2 --event-selectors '[{"ReadWriteType": "All","IncludeManagementEvents": true,"DataResources": [{"Type":"AWS::S3::Object", "Values": ["arn:aws:s3:::"]},{"Type": "AWS::Lambda::Function","Values": ["arn:aws:lambda"]}]}]' + { + "EventSelectors": [ + { + "IncludeManagementEvents": true, + "DataResources": [ + { + "Values": [ + "arn:aws:s3:::amzn-s3-demo-bucket/prefix", + "arn:aws:s3:::amzn-s3-demo-bucket2/prefix2" + ], + "Type": "AWS::S3::Object" + }, + { + "Values": [ + "arn:aws:lambda:us-west-2:123456789012:function:hello-world-python-function" + ], + "Type": "AWS::Lambda::Function" + }, + ], + "ReadWriteType": "All" + } + ], + "TrailARN": "arn:aws:cloudtrail:us-east-2:123456789012:trail/TrailName" + } + +For more information, see `Log events by using basic event selectors `__ in the *AWS CloudTrail User Guide*. + +**Example 3: Configure event selectors for a trail to log management events, all S3 data events on S3 objects, and all Lambda data events on functions in your account** + +The following ``put-event-selectors`` example creates an event selector for a trail named ``TrailName2`` that includes all management events, and all data events for all Amazon S3 buckets and AWS Lambda functions in the AWS account. :: + + aws cloudtrail put-event-selectors \ + --trail-name TrailName2 \ + --event-selectors '[{"ReadWriteType": "All","IncludeManagementEvents": true,"DataResources": [{"Type":"AWS::S3::Object", "Values": ["arn:aws:s3"]},{"Type": "AWS::Lambda::Function","Values": ["arn:aws:lambda"]}]}]' Output:: - { - "EventSelectors": [ - { - "IncludeManagementEvents": true, - "DataResources": [ - { - "Values": [ - "arn:aws:s3:::" - ], - "Type": "AWS::S3::Object" - }, - { - "Values": [ - "arn:aws:lambda" - ], - "Type": "AWS::Lambda::Function" - }, - ], - "ReadWriteType": "All" - } - ], - "TrailARN": "arn:aws:cloudtrail:us-east-2:123456789012:trail/TrailName2" - } - \ No newline at end of file + { + "EventSelectors": [ + { + "IncludeManagementEvents": true, + "DataResources": [ + { + "Values": [ + "arn:aws:s3" + ], + "Type": "AWS::S3::Object" + }, + { + "Values": [ + "arn:aws:lambda" + ], + "Type": "AWS::Lambda::Function" + }, + ], + "ReadWriteType": "All" + } + ], + "TrailARN": "arn:aws:cloudtrail:us-east-2:123456789012:trail/TrailName2" + } + +For more information, see `Log events by using basic event selectors `__ in the *AWS CloudTrail User Guide*. diff --git a/awscli/examples/cloudtrail/update-subscription.rst b/awscli/examples/cloudtrail/update-subscription.rst index fb0316a5f89b..f1b7df74b997 100644 --- a/awscli/examples/cloudtrail/update-subscription.rst +++ b/awscli/examples/cloudtrail/update-subscription.rst @@ -1,30 +1,33 @@ -**To update the configuration settings for a trail** - -The following ``update-subscription`` command updates the trail to specify a new S3 bucket and SNS topic:: - - aws cloudtrail update-subscription --name Trail1 --s3-new-bucket my-bucket-new --sns-new-topic my-topic-new - -Output:: - - Setting up new S3 bucket my-bucket-new... - Setting up new SNS topic my-topic-new... - Creating/updating CloudTrail configuration... - CloudTrail configuration: - { - "trailList": [ - { - "IncludeGlobalServiceEvents": true, - "Name": "Trail1", - "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", - "LogFileValidationEnabled": false, - "IsMultiRegionTrail": false, - "S3BucketName": "my-bucket-new", - "SnsTopicName": "my-topic-new", - "HomeRegion": "us-east-1" - } - ], - "ResponseMetadata": { - "HTTPStatusCode": 200, - "RequestId": "31126f8a-c616-11e5-9cc6-2fd637936879" - } - } \ No newline at end of file +**To update the configuration settings for a trail** + +The following ``update-subscription`` example updates the trail to specify a new S3 bucket and SNS topic. :: + + aws cloudtrail update-subscription \ + --name Trail1 \ + --s3-new-bucket amzn-s3-demo-bucket \ + --sns-new-topic my-topic-new + +Output:: + + Setting up new S3 bucket amzn-s3-demo-bucket... + Setting up new SNS topic my-topic-new... + Creating/updating CloudTrail configuration... + CloudTrail configuration: + { + "trailList": [ + { + "IncludeGlobalServiceEvents": true, + "Name": "Trail1", + "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", + "LogFileValidationEnabled": false, + "IsMultiRegionTrail": false, + "S3BucketName": "amzn-s3-demo-bucket", + "SnsTopicName": "my-topic-new", + "HomeRegion": "us-east-1" + } + ], + "ResponseMetadata": { + "HTTPStatusCode": 200, + "RequestId": "31126f8a-c616-11e5-9cc6-2fd637936879" + } + } diff --git a/awscli/examples/cloudtrail/update-trail.rst b/awscli/examples/cloudtrail/update-trail.rst index 37539b0b9849..f7b9284d88b6 100644 --- a/awscli/examples/cloudtrail/update-trail.rst +++ b/awscli/examples/cloudtrail/update-trail.rst @@ -1,16 +1,18 @@ -**To update a trail** - -The following ``update-trail`` command updates a trail to use an existing bucket for log delivery:: - - aws cloudtrail update-trail --name Trail1 --s3-bucket-name my-bucket - -Output:: - - { - "IncludeGlobalServiceEvents": true, - "Name": "Trail1", - "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", - "LogFileValidationEnabled": false, - "IsMultiRegionTrail": true, - "S3BucketName": "my-bucket" - } \ No newline at end of file +**To update a trail** + +The following ``update-trail`` example updates a trail to use an existing bucket for log delivery. :: + + aws cloudtrail update-trail \ + --name Trail1 \ + --s3-bucket-name amzn-s3-demo-bucket + +Output:: + + { + "IncludeGlobalServiceEvents": true, + "Name": "Trail1", + "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", + "LogFileValidationEnabled": false, + "IsMultiRegionTrail": true, + "S3BucketName": "amzn-s3-demo-bucket" + } \ No newline at end of file diff --git a/awscli/examples/cloudwatch/delete-anomaly-detector.rst b/awscli/examples/cloudwatch/delete-anomaly-detector.rst new file mode 100644 index 000000000000..9a4f946785d5 --- /dev/null +++ b/awscli/examples/cloudwatch/delete-anomaly-detector.rst @@ -0,0 +1,12 @@ +**To delete a specified anomaly detection model** + +The following ``delete-anomaly-detector`` example deletes an anomaly detector model in the specified account. :: + + aws cloudwatch delete-anomaly-detector \ + --namespace AWS/Logs \ + --metric-name IncomingBytes \ + --stat SampleCount + +This command produces no output. + +For more information, see `Deleting an anomaly detection model `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/delete-dashboards.rst b/awscli/examples/cloudwatch/delete-dashboards.rst new file mode 100644 index 000000000000..fe438c9c7bcb --- /dev/null +++ b/awscli/examples/cloudwatch/delete-dashboards.rst @@ -0,0 +1,10 @@ +**To delete specified dashboards** + +The following ``delete-dashboards`` example deletes two dashboards named ``Dashboard-A`` and ``Dashboard-B`` in the specified account. :: + + aws cloudwatch delete-dashboards \ + --dashboard-names Dashboard-A Dashboard-B + +This command produces no output. + +For more information, see `Amazon CloudWatch dashboards `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/delete-insight-rules.rst b/awscli/examples/cloudwatch/delete-insight-rules.rst new file mode 100644 index 000000000000..ac0131e2de25 --- /dev/null +++ b/awscli/examples/cloudwatch/delete-insight-rules.rst @@ -0,0 +1,14 @@ +**To delete specified contributor insights rules** + +The following ``delete-insight-rules`` example deletes two contributor insights rules named ``Rule-A`` and ``Rule-B`` in the specified account. :: + + aws cloudwatch delete-insight-rules \ + --rule-names Rule-A Rule-B + +Output:: + + { + "Failures": [] + } + +For more information, see `Use Contributor Insights to analyze high-cardinality data `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/delete-metric-stream.rst b/awscli/examples/cloudwatch/delete-metric-stream.rst new file mode 100644 index 000000000000..f3d225334b05 --- /dev/null +++ b/awscli/examples/cloudwatch/delete-metric-stream.rst @@ -0,0 +1,10 @@ +**To delete a specified metric stream** + +The following ``delete-metric-stream`` example deletes the metric stream named ``QuickPartial-gSCKvO`` in the specified account. :: + + aws cloudwatch delete-metric-stream \ + --name QuickPartial-gSCKvO + +This command produces no output. + +For more information, see `Use metric streams `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/describe-anomaly-detectors.rst b/awscli/examples/cloudwatch/describe-anomaly-detectors.rst new file mode 100644 index 000000000000..5d921e64ba78 --- /dev/null +++ b/awscli/examples/cloudwatch/describe-anomaly-detectors.rst @@ -0,0 +1,59 @@ +**To retrieve a list of anomaly detection models** + +The following ``describe-anomaly-detectors`` example displays information about anomaly detector models that are associated with the ``AWS/Logs`` namespace in the specified account. :: + + aws cloudwatch describe-anomaly-detectors \ + --namespace AWS/Logs + +Output:: + + { + "AnomalyDetectors": [ + { + "Namespace": "AWS/Logs", + "MetricName": "IncomingBytes", + "Dimensions": [], + "Stat": "SampleCount", + "Configuration": { + "ExcludedTimeRanges": [] + }, + "StateValue": "TRAINED", + "SingleMetricAnomalyDetector": { + "AccountId": "123456789012", + "Namespace": "AWS/Logs", + "MetricName": "IncomingBytes", + "Dimensions": [], + "Stat": "SampleCount" + } + }, + { + "Namespace": "AWS/Logs", + "MetricName": "IncomingBytes", + "Dimensions": [ + { + "Name": "LogGroupName", + "Value": "demo" + } + ], + "Stat": "Average", + "Configuration": { + "ExcludedTimeRanges": [] + }, + "StateValue": "PENDING_TRAINING", + "SingleMetricAnomalyDetector": { + "AccountId": "123456789012", + "Namespace": "AWS/Logs", + "MetricName": "IncomingBytes", + "Dimensions": [ + { + "Name": "LogGroupName", + "Value": "demo" + } + ], + "Stat": "Average" + } + } + ] + } + +For more information, see `Using CloudWatch anomaly detection `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/describe-insight-rules.rst b/awscli/examples/cloudwatch/describe-insight-rules.rst new file mode 100644 index 000000000000..8467a3618801 --- /dev/null +++ b/awscli/examples/cloudwatch/describe-insight-rules.rst @@ -0,0 +1,28 @@ +**To retrieve a list of Contributor Insights rules** + +The following ``describe-insight-rules`` example shows all the Contributor Insight rules in the specified account. :: + + aws cloudwatch describe-insight-rules + +Output:: + + { + "InsightRules": [ + { + "Name": "Rule-A", + "State": "ENABLED", + "Schema": "CloudWatchLogRule/1", + "Definition": "{\n\t\"AggregateOn\": \"Count\",\n\t\"Contribution\": {\n\t\t\"Filters\": [],\n\t\t\"Keys\": [\n\t\t\t\"$.requestId\"\n\t\t]\n\t},\n\t\"LogFormat\": \"JSON\",\n\t\"Schema\": {\n\t\t\"Name\": \"CloudWatchLogRule\",\n\t\t\"Version\": 1\n\t},\n\t\"LogGroupARNs\": [\n\t\t\"arn:aws:logs:us-east-1:123456789012:log-group:demo\"\n\t]\n}", + "ManagedRule": false + }, + { + "Name": "Rule-B", + "State": "ENABLED", + "Schema": "CloudWatchLogRule/1", + "Definition": "{\n\t\"AggregateOn\": \"Count\",\n\t\"Contribution\": {\n\t\t\"Filters\": [],\n\t\t\"Keys\": [\n\t\t\t\"$.requestId\"\n\t\t]\n\t},\n\t\"LogFormat\": \"JSON\",\n\t\"Schema\": {\n\t\t\"Name\": \"CloudWatchLogRule\",\n\t\t\"Version\": 1\n\t},\n\t\"LogGroupARNs\": [\n\t\t\"arn:aws:logs:us-east-1:123456789012:log-group:demo-1\"\n\t]\n}", + "ManagedRule": false + } + ] + } + +For more information, see `Use Contributor Insights to analyze high-cardinality data `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/disable-insight-rules.rst b/awscli/examples/cloudwatch/disable-insight-rules.rst new file mode 100644 index 000000000000..4edeb02bc596 --- /dev/null +++ b/awscli/examples/cloudwatch/disable-insight-rules.rst @@ -0,0 +1,14 @@ +**To disable specified contributor insight rules** + +The following ``disable-insight-rules`` example disables two contributor insights rules named ``Rule-A`` and ``Rule-B`` in the specified account. :: + + aws cloudwatch disable-insight-rules \ + --rule-names Rule-A Rule-B + +Output:: + + { + "Failures": [] + } + +For more information, see `Use Contributor Insights to analyze high-cardinality data `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/enable-insight-rules.rst b/awscli/examples/cloudwatch/enable-insight-rules.rst new file mode 100644 index 000000000000..0a93df440f35 --- /dev/null +++ b/awscli/examples/cloudwatch/enable-insight-rules.rst @@ -0,0 +1,14 @@ +**To enable specified contributor insight rules** + +The following ``enable-insight-rules`` example enables two contributor insights rules named ``Rule-A`` and ``Rule-B`` in the specified account. :: + + aws cloudwatch enable-insight-rules \ + --rule-names Rule-A Rule-B + +Output:: + + { + "Failures": [] + } + +For more information, see `Use Contributor Insights to analyze high-cardinality data `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/get-dashboard.rst b/awscli/examples/cloudwatch/get-dashboard.rst new file mode 100644 index 000000000000..8afa9efac090 --- /dev/null +++ b/awscli/examples/cloudwatch/get-dashboard.rst @@ -0,0 +1,16 @@ +**To retrieve information about a Dashboard** + +The following ``get-dashboard`` example displays information about the dashboard named ``Dashboard-A`` in the specified account. :: + + aws cloudwatch get-dashboard \ + --dashboard-name Dashboard-A + +Output:: + + { + "DashboardArn": "arn:aws:cloudwatch::123456789012:dashboard/Dashboard-A", + "DashboardBody": "{\"widgets\":[{\"type\":\"metric\",\"x\":0,\"y\":0,\"width\":6,\"height\":6,\"properties\":{\"view\":\"timeSeries\",\"stacked\":false,\"metrics\":[[\"AWS/EC2\",\"NetworkIn\",\"InstanceId\",\"i-0131f062232ade043\"],[\".\",\"NetworkOut\",\".\",\".\"]],\"region\":\"us-east-1\"}}]}", + "DashboardName": "Dashboard-A" + } + +For more information, see `Amazon CloudWatch dashboards `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/get-insight-rule-report.rst b/awscli/examples/cloudwatch/get-insight-rule-report.rst new file mode 100644 index 000000000000..0ad2859416e6 --- /dev/null +++ b/awscli/examples/cloudwatch/get-insight-rule-report.rst @@ -0,0 +1,37 @@ +**To retrieve the time series data collected by a Contributor Insights rule** + +The following ``get-insight-rule-report`` example returns the time series data collected by a Contributor Insights rule. :: + + aws cloudwatch get-insight-rule-report \ + --rule-name Rule-A \ + --start-time 2024-10-13T20:15:00Z \ + --end-time 2024-10-13T20:30:00Z \ + --period 300 + +Output:: + + { + "KeyLabels": [ + "PartitionKey" + ], + "AggregationStatistic": "Sum", + "AggregateValue": 0.5, + "ApproximateUniqueCount": 1, + "Contributors": [ + { + "Keys": [ + "RequestID" + ], + "ApproximateAggregateValue": 0.5, + "Datapoints": [ + { + "Timestamp": "2024-10-13T21:00:00+00:00", + "ApproximateValue": 0.5 + } + ] + } + ], + "RuleAttributes": [] + } + +For more information, see `Use Contributor Insights to analyze high-cardinality data `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/get-metric-data.rst b/awscli/examples/cloudwatch/get-metric-data.rst new file mode 100644 index 000000000000..6af2ed2cc3d5 --- /dev/null +++ b/awscli/examples/cloudwatch/get-metric-data.rst @@ -0,0 +1,106 @@ +**Example 1: To get the Average Total IOPS for the specified EC2 using math expression** + +The following ``get-metric-data`` example retrieves CloudWatch metric values for the EC2 instance with InstanceID ``i-abcdef`` using metric math exprssion that combines ``EBSReadOps`` and ``EBSWriteOps`` metrics. :: + + aws cloudwatch get-metric-data \ + --metric-data-queries file://file.json \ + --start-time 2024-09-29T22:10:00Z \ + --end-time 2024-09-29T22:15:00Z + +Contents of ``file.json``:: + + [ + { + "Id": "m3", + "Expression": "(m1+m2)/300", + "Label": "Avg Total IOPS" + }, + { + "Id": "m1", + "MetricStat": { + "Metric": { + "Namespace": "AWS/EC2", + "MetricName": "EBSReadOps", + "Dimensions": [ + { + "Name": "InstanceId", + "Value": "i-abcdef" + } + ] + }, + "Period": 300, + "Stat": "Sum", + "Unit": "Count" + }, + "ReturnData": false + }, + { + "Id": "m2", + "MetricStat": { + "Metric": { + "Namespace": "AWS/EC2", + "MetricName": "EBSWriteOps", + "Dimensions": [ + { + "Name": "InstanceId", + "Value": "i-abcdef" + } + ] + }, + "Period": 300, + "Stat": "Sum", + "Unit": "Count" + }, + "ReturnData": false + } + ] + +Output:: + + { + "MetricDataResults": [ + { + "Id": "m3", + "Label": "Avg Total IOPS", + "Timestamps": [ + "2024-09-29T22:10:00+00:00" + ], + "Values": [ + 96.85 + ], + "StatusCode": "Complete" + } + ], + "Messages": [] + } + +**Example 2: To monitor the estimated AWS charges using CloudWatch billing metrics** + +The following ``get-metric-data`` example retrieves ``EstimatedCharges`` CloudWatch metric from AWS/Billing namespace. :: + + aws cloudwatch get-metric-data \ + --metric-data-queries '[{"Id":"m1","MetricStat":{"Metric":{"Namespace":"AWS/Billing","MetricName":"EstimatedCharges","Dimensions":[{"Name":"Currency","Value":"USD"}]},"Period":21600,"Stat":"Maximum"}}]' \ + --start-time 2024-09-26T12:00:00Z \ + --end-time 2024-09-26T18:00:00Z \ + --region us-east-1 + +Output:: + + { + "MetricDataResults": [ + { + "Id": "m1", + "Label": "EstimatedCharges", + "Timestamps": [ + "2024-09-26T12:00:00+00:00" + ], + "Values": [ + 542.38 + ], + "StatusCode": "Complete" + } + ], + "Messages": [] + } + +For more information, see `Using math expressions with CloudWatch metrics `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/get-metric-stream.rst b/awscli/examples/cloudwatch/get-metric-stream.rst new file mode 100644 index 000000000000..21926377486f --- /dev/null +++ b/awscli/examples/cloudwatch/get-metric-stream.rst @@ -0,0 +1,22 @@ +**To retrieve information about a metric stream** + +The following ``get-metric-stream`` example displays information about the metric stream named ``QuickFull-GuaFbs`` in the specified account. :: + + aws cloudwatch get-metric-stream \ + --name QuickFull-GuaFbs + +Output:: + + { + "Arn": "arn:aws:cloudwatch:us-east-1:123456789012:metric-stream/QuickFull-GuaFbs", + "Name": "QuickFull-GuaFbs", + "FirehoseArn": "arn:aws:firehose:us-east-1:123456789012:deliverystream/MetricStreams-QuickFull-GuaFbs-WnySbECG", + "RoleArn": "arn:aws:iam::123456789012:role/service-role/MetricStreams-FirehosePutRecords-JN10W9B3", + "State": "running", + "CreationDate": "2024-10-11T18:48:59.187000+00:00", + "LastUpdateDate": "2024-10-11T18:48:59.187000+00:00", + "OutputFormat": "json", + "IncludeLinkedAccountsMetrics": false + } + +For more information, see `Use metric streams `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/get-metric-widget-image.rst b/awscli/examples/cloudwatch/get-metric-widget-image.rst new file mode 100644 index 000000000000..5bbef1c762a1 --- /dev/null +++ b/awscli/examples/cloudwatch/get-metric-widget-image.rst @@ -0,0 +1,10 @@ +**To retrieve a snapshot graph of CPUUtilization** + +The following ``get-metric-widget-image`` example retrieves snapshot graph for the metric ``CPUUtilization`` of the EC2 instance with the ID ``i-abcde`` and saves the retrieved image as a file named "image.png" on your local machine. :: + + aws cloudwatch get-metric-widget-image \ + --metric-widget '{"metrics":[["AWS/EC2","CPUUtilization","InstanceId","i-abcde"]]}' \ + --output-format png \ + --output text | base64 --decode > image.png + +This command produces no output. diff --git a/awscli/examples/cloudwatch/list-dashboards.rst b/awscli/examples/cloudwatch/list-dashboards.rst new file mode 100644 index 000000000000..432313e8aca9 --- /dev/null +++ b/awscli/examples/cloudwatch/list-dashboards.rst @@ -0,0 +1,26 @@ +**To retrieve a list of Dashboards** + +The following ``list-dashboards`` example lists all the Dashboards in the specified account. :: + + aws cloudwatch list-dashboards + +Output:: + + { + "DashboardEntries": [ + { + "DashboardName": "Dashboard-A", + "DashboardArn": "arn:aws:cloudwatch::123456789012:dashboard/Dashboard-A", + "LastModified": "2024-10-11T18:40:11+00:00", + "Size": 271 + }, + { + "DashboardName": "Dashboard-B", + "DashboardArn": "arn:aws:cloudwatch::123456789012:dashboard/Dashboard-B", + "LastModified": "2024-10-11T18:44:41+00:00", + "Size": 522 + } + ] + } + +For more information, see `Amazon CloudWatch dashboards `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/list-metric-streams.rst b/awscli/examples/cloudwatch/list-metric-streams.rst new file mode 100644 index 000000000000..523e72657d60 --- /dev/null +++ b/awscli/examples/cloudwatch/list-metric-streams.rst @@ -0,0 +1,23 @@ +**To retrieve a list of metric streams** + +The following ``list-metric-streams`` example lists all the metric streams in the specified account. :: + + aws cloudwatch list-metric-streams + +Output:: + + { + "Entries": [ + { + "Arn": "arn:aws:cloudwatch:us-east-1:123456789012:metric-stream/QuickFull-GuaFbs", + "CreationDate": "2024-10-11T18:48:59.187000+00:00", + "LastUpdateDate": "2024-10-11T18:48:59.187000+00:00", + "Name": "QuickFull-GuaFbs", + "FirehoseArn": "arn:aws:firehose:us-east-1:123456789012:deliverystream/MetricStreams-QuickFull-GuaFbs-WnySbECG", + "State": "running", + "OutputFormat": "json" + } + ] + } + +For more information, see `Use metric streams `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/list-tags-for-resource.rst b/awscli/examples/cloudwatch/list-tags-for-resource.rst new file mode 100644 index 000000000000..6d1c1143207c --- /dev/null +++ b/awscli/examples/cloudwatch/list-tags-for-resource.rst @@ -0,0 +1,23 @@ +**To list the tags associated with an existing alarm*** + +The following ``list-tags-for-resource`` example lists all the tags associated with an alarm named ``demo`` in the specified account. :: + + aws cloudwatch list-tags-for-resource \ + --resource-arn arn:aws:cloudwatch:us-east-1:123456789012:alarm:demo + +Output:: + + { + "Tags": [ + { + "Key": "stack", + "Value": "Production" + }, + { + "Key": "team", + "Value": "Devops" + } + ] + } + +For more information, see `Alarms and tagging `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/put-anomaly-detector.rst b/awscli/examples/cloudwatch/put-anomaly-detector.rst new file mode 100644 index 000000000000..38503f5fe7e1 --- /dev/null +++ b/awscli/examples/cloudwatch/put-anomaly-detector.rst @@ -0,0 +1,12 @@ +**To create an anomaly detection model** + +The following ``put-anomaly-detector`` example creates an anomaly detection model for a CloudWatch metric. :: + + aws cloudwatch put-anomaly-detector \ + --namespace AWS/Logs \ + --metric-name IncomingBytes \ + --stat SampleCount + +This command produces no output. + +For more information, see `Using CloudWatch anomaly detection `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/put-composite-alarm.rst b/awscli/examples/cloudwatch/put-composite-alarm.rst new file mode 100644 index 000000000000..b564cd45d85d --- /dev/null +++ b/awscli/examples/cloudwatch/put-composite-alarm.rst @@ -0,0 +1,13 @@ +**To create a composite cloudwatch alarm** + +The following ``put-composite-alarm`` example creates a composite alarm named ``ProdAlarm`` in the specified account. :: + + aws cloudwatch put-composite-alarm \ + --alarm-name ProdAlarm \ + --alarm-rule "ALARM(CPUUtilizationTooHigh) AND ALARM(MemUsageTooHigh)" \ + --alarm-actions arn:aws:sns:us-east-1:123456789012:demo \ + --actions-enabled + +This command produces no output. + +For more information, see `Create a composite alarm `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/put-dashboard.rst b/awscli/examples/cloudwatch/put-dashboard.rst new file mode 100644 index 000000000000..27d101cb600f --- /dev/null +++ b/awscli/examples/cloudwatch/put-dashboard.rst @@ -0,0 +1,15 @@ +**To create a dashboard** + +The following ``put-dashboard`` example creates a dashboard named ``Dashboard-A`` in the specified account. :: + + aws cloudwatch put-dashboard \ + --dashboard-name Dashboard-A \ + --dashboard-body '{"widgets":[{"height":6,"width":6,"y":0,"x":0,"type":"metric","properties":{"view":"timeSeries","stacked":false,"metrics":[["Namespace","CPUUtilization","Environment","Prod","Type","App"]],"region":"us-east-1"}}]}' + +Output:: + + { + "DashboardValidationMessages": [] + } + +For more information, see `Creating a CloudWatch dashboard `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/put-insight-rule.rst b/awscli/examples/cloudwatch/put-insight-rule.rst new file mode 100644 index 000000000000..da83be472b10 --- /dev/null +++ b/awscli/examples/cloudwatch/put-insight-rule.rst @@ -0,0 +1,35 @@ +**To create a contributor insights rule** + +The following ``put-insight-rule`` example creates a Contributor Insights rule named ``VPCFlowLogsContributorInsights`` in the specified account. :: + + aws cloudwatch put-insight-rule \ + --rule-name VPCFlowLogsContributorInsights \ + --rule-definition file://insight-rule.json \ + --rule-state ENABLED + +Contents of ``insight-rule.json``:: + + { + "Schema": { + "Name": "CloudWatchLogRule", + "Version": 1 + }, + "AggregateOn": "Count", + "Contribution": { + "Filters": [], + "Keys": [ + "tcp-flag" + ] + }, + "LogFormat": "CLF", + "LogGroupNames": [ + "/vpc/flowlogs/*" + ], + "Fields": { + "23": "tcp-flag" + } + } + +This command produces no output. + +For more information, see `Create a Contributor Insights rule in CloudWatch `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/put-metric-stream.rst b/awscli/examples/cloudwatch/put-metric-stream.rst new file mode 100644 index 000000000000..536071768df9 --- /dev/null +++ b/awscli/examples/cloudwatch/put-metric-stream.rst @@ -0,0 +1,18 @@ +**To create a metric stream** + +The following ``put-metric-stream`` example creates a metric stream named ``QuickFull-GuaFb`` in the specified account. :: + + aws cloudwatch put-metric-stream \ + --name QuickFull-GuaFbs \ + --firehose-arn arn:aws:firehose:us-east-1:123456789012:deliverystream/MetricStreams-QuickFull-GuaFbs-WnySbECG \ + --role-arn arn:aws:iam::123456789012:role/service-role/MetricStreams-FirehosePutRecords-JN10W9B3 \ + --output-format json \ + --no-include-linked-accounts-metrics + +Output:: + + { + "Arn": "arn:aws:cloudwatch:us-east-1:123456789012:metric-stream/QuickFull-GuaFbs" + } + +For more information, see `Set up a metric stream `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/start-metric-streams.rst b/awscli/examples/cloudwatch/start-metric-streams.rst new file mode 100644 index 000000000000..fbf339bc961c --- /dev/null +++ b/awscli/examples/cloudwatch/start-metric-streams.rst @@ -0,0 +1,10 @@ +**To start a specified metric stream** + +The following ``start-metric-streams`` example starts the metric stream named ``QuickFull-GuaFbs`` in the specified account. :: + + aws cloudwatch start-metric-streams \ + --names QuickFull-GuaFbs + +This command produces no output. + +For more information, see `Use metric streams `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/stop-metric-streams.rst b/awscli/examples/cloudwatch/stop-metric-streams.rst new file mode 100644 index 000000000000..6c84e2b496e6 --- /dev/null +++ b/awscli/examples/cloudwatch/stop-metric-streams.rst @@ -0,0 +1,10 @@ +**To stop a specified metric stream** + +The following ``stop-metric-streams`` example stops the metric stream named ``QuickFull-GuaFbs`` in the specified account. :: + + aws cloudwatch stop-metric-streams \ + --names QuickFull-GuaFbs + +This command produces no output. + +For more information, see `Use metric streams `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/tag-resource.rst b/awscli/examples/cloudwatch/tag-resource.rst new file mode 100644 index 000000000000..7dd6a73b1bd9 --- /dev/null +++ b/awscli/examples/cloudwatch/tag-resource.rst @@ -0,0 +1,11 @@ +**To add one or more tags to the specified resource** + +The following ``tag-resource`` example adds 2 tags to the cloudwatch alarm named ``demo`` in the specified account. :: + + aws cloudwatch tag-resource \ + --resource-arn arn:aws:cloudwatch:us-east-1:123456789012:alarm:demo \ + --tags Key=stack,Value=Production Key=team,Value=Devops + +This command produces no output. + +For more information, see `Tagging your Amazon CloudWatch resources `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/untag-resource.rst b/awscli/examples/cloudwatch/untag-resource.rst new file mode 100644 index 000000000000..3c01011d2890 --- /dev/null +++ b/awscli/examples/cloudwatch/untag-resource.rst @@ -0,0 +1,11 @@ +**To remove one or more tags from the specified resource** + +The following ``untag-resource`` example removes 2 tags from the cloudwatch alarm named ``demo`` in the specified account. :: + + aws cloudwatch untag-resource \ + --resource-arn arn:aws:cloudwatch:us-east-1:123456789012:alarm:demo \ + --tag-keys stack team + +This command produces no output. + +For more information, see `Tagging your Amazon CloudWatch resources `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/cloudwatch/wait/alarm-exists.rst b/awscli/examples/cloudwatch/wait/alarm-exists.rst new file mode 100644 index 000000000000..c55a1e677c80 --- /dev/null +++ b/awscli/examples/cloudwatch/wait/alarm-exists.rst @@ -0,0 +1,8 @@ +**To wait until an alarm exists** + +The following ``wait alarm-exists`` example pauses and resumes running only after it confirms that the specified CloudWatch alarm exists. :: + + aws cloudwatch wait alarm-exists \ + --alarm-names demo + +This command produces no output. diff --git a/awscli/examples/cloudwatch/wait/composite-alarm-exists.rst b/awscli/examples/cloudwatch/wait/composite-alarm-exists.rst new file mode 100644 index 000000000000..5fec513f6f78 --- /dev/null +++ b/awscli/examples/cloudwatch/wait/composite-alarm-exists.rst @@ -0,0 +1,9 @@ +**To wait until a composite alarm exists** + +The following ``wait composite-alarm-exists`` example pauses and resumes running only after it confirms that the specified CloudWatch alarm exists. :: + + aws cloudwatch wait composite-alarm-exists \ + --alarm-names demo \ + --alarm-types CompositeAlarm + +This command produces no output. diff --git a/awscli/examples/codebuild/create-report-group.rst b/awscli/examples/codebuild/create-report-group.rst index ba9815c0fa1d..f94266b403a9 100644 --- a/awscli/examples/codebuild/create-report-group.rst +++ b/awscli/examples/codebuild/create-report-group.rst @@ -13,7 +13,7 @@ Contents of create-report-group-source.json:: "exportConfig": { "exportConfigType": "S3", "s3Destination": { - "bucket": "my-s3-bucket", + "bucket": "amzn-s3-demo-bucket", "path": "", "packaging": "ZIP", "encryptionDisabled": true @@ -31,7 +31,7 @@ Output:: "exportConfig": { "exportConfigType": "S3", "s3Destination": { - "bucket": "my-s3-bucket", + "bucket": "amzn-s3-demo-bucket", "path": "", "packaging": "ZIP", "encryptionDisabled": true diff --git a/awscli/examples/codeguru-reviewer/associate-repository.rst b/awscli/examples/codeguru-reviewer/associate-repository.rst index 575f38f5a1fb..6e41087ae8de 100644 --- a/awscli/examples/codeguru-reviewer/associate-repository.rst +++ b/awscli/examples/codeguru-reviewer/associate-repository.rst @@ -1,6 +1,6 @@ **Example 1: To create a Bitbucket repository association** -The following ``associate-repository`` example creates a respository association using an existing Bitbucket repository. :: +The following ``associate-repository`` example creates a repository association using an existing Bitbucket repository. :: aws codeguru-reviewer associate-repository \ --repository 'Bitbucket={Owner=sample-owner, Name=mySampleRepo, ConnectionArn=arn:aws:codestar-connections:us-west-2:123456789012:connection/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 }' @@ -26,7 +26,7 @@ For more information, see `Create a Bitbucket repository association in Amazon C **Example 2: To create a GitHub Enterprise repository association** -The following ``associate-repository`` example creates a respository association using an existing GitHub Enterprise repository. :: +The following ``associate-repository`` example creates a repository association using an existing GitHub Enterprise repository. :: aws codeguru-reviewer associate-repository \ --repository 'GitHubEnterpriseServer={Owner=sample-owner, Name=mySampleRepo, ConnectionArn=arn:aws:codestar-connections:us-west-2:123456789012:connection/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 }' @@ -52,7 +52,7 @@ For more information, see `Create a GitHub Enterprise Server repository associat **Example 3: To create an AWS CodeCommit repository association** -The following ``associate-repository`` example creates a respository association using an existing AWS CodeCommit repository. :: +The following ``associate-repository`` example creates a repository association using an existing AWS CodeCommit repository. :: aws codeguru-reviewer associate-repository \ --repository CodeCommit={Name=mySampleRepo} diff --git a/awscli/examples/codepipeline/list-action-executions.rst b/awscli/examples/codepipeline/list-action-executions.rst index 907ef50fd54d..f5b7503650ad 100644 --- a/awscli/examples/codepipeline/list-action-executions.rst +++ b/awscli/examples/codepipeline/list-action-executions.rst @@ -1,115 +1,115 @@ -**To list action executions** - -The following ``list-action-executions`` example views action execution details for a pipeline, such as action execution ID, input artifacts, output artifacts, execution result, and status. :: - - aws codepipeline list-action-executions \ - --pipeline-name myPipeline - -Output:: - - { - "actionExecutionDetails": [ - { - "pipelineExecutionId": "EXAMPLE0-adfc-488e-bf4c-1111111720d3", - "actionExecutionId": "EXAMPLE4-2ee8-4853-bd6a-111111158148", - "pipelineVersion": 12, - "stageName": "Deploy", - "actionName": "Deploy", - "startTime": 1598572628.6, - "lastUpdateTime": 1598572661.255, - "status": "Succeeded", - "input": { - "actionTypeId": { - "category": "Deploy", - "owner": "AWS", - "provider": "CodeDeploy", - "version": "1" - }, - "configuration": { - "ApplicationName": "my-application", - "DeploymentGroupName": "my-deployment-group" - }, - "resolvedConfiguration": { - "ApplicationName": "my-application", - "DeploymentGroupName": "my-deployment-group" - }, - "region": "us-east-1", - "inputArtifacts": [ - { - "name": "SourceArtifact", - "s3location": { - "bucket": "artifact-bucket", - "key": "myPipeline/SourceArti/key" - } - } - ], - "namespace": "DeployVariables" - }, - "output": { - "outputArtifacts": [], - "executionResult": { - "externalExecutionId": "d-EXAMPLEE5", - "externalExecutionSummary": "Deployment Succeeded", - "externalExecutionUrl": "https://myaddress.com" - }, - "outputVariables": {} - } - }, - { - "pipelineExecutionId": "EXAMPLE0-adfc-488e-bf4c-1111111720d3", - "actionExecutionId": "EXAMPLE5-abb4-4192-9031-11111113a7b0", - "pipelineVersion": 12, - "stageName": "Source", - "actionName": "Source", - "startTime": 1598572624.387, - "lastUpdateTime": 1598572628.16, - "status": "Succeeded", - "input": { - "actionTypeId": { - "category": "Source", - "owner": "AWS", - "provider": "CodeCommit", - "version": "1" - }, - "configuration": { - "BranchName": "production", - "PollForSourceChanges": "false", - "RepositoryName": "my-repo" - }, - "resolvedConfiguration": { - "BranchName": "production", - "PollForSourceChanges": "false", - "RepositoryName": "my-repo" - }, - "region": "us-east-1", - "inputArtifacts": [], - "namespace": "SourceVariables" - }, - "output": { - "outputArtifacts": [ - { - "name": "SourceArtifact", - "s3location": { - "bucket": "my-bucket", - "key": "myPipeline/SourceArti/key" - } - } - ], - "executionResult": { - "externalExecutionId": "1111111ad99dcd35914c00b7fbea13995EXAMPLE", - "externalExecutionSummary": "Edited template.yml", - "externalExecutionUrl": "https://myaddress.com" - }, - "outputVariables": { - "AuthorDate": "2020-05-08T17:45:43Z", - "BranchName": "production", - "CommitId": "EXAMPLEad99dcd35914c00b7fbea139951111111", - "CommitMessage": "Edited template.yml", - "CommitterDate": "2020-05-08T17:45:43Z", - "RepositoryName": "my-repo" - } - } - }, - . . . . - +**To list action executions** + +The following ``list-action-executions`` example views action execution details for a pipeline, such as action execution ID, input artifacts, output artifacts, execution result, and status. :: + + aws codepipeline list-action-executions \ + --pipeline-name myPipeline + +Output:: + + { + "actionExecutionDetails": [ + { + "pipelineExecutionId": "EXAMPLE0-adfc-488e-bf4c-1111111720d3", + "actionExecutionId": "EXAMPLE4-2ee8-4853-bd6a-111111158148", + "pipelineVersion": 12, + "stageName": "Deploy", + "actionName": "Deploy", + "startTime": 1598572628.6, + "lastUpdateTime": 1598572661.255, + "status": "Succeeded", + "input": { + "actionTypeId": { + "category": "Deploy", + "owner": "AWS", + "provider": "CodeDeploy", + "version": "1" + }, + "configuration": { + "ApplicationName": "my-application", + "DeploymentGroupName": "my-deployment-group" + }, + "resolvedConfiguration": { + "ApplicationName": "my-application", + "DeploymentGroupName": "my-deployment-group" + }, + "region": "us-east-1", + "inputArtifacts": [ + { + "name": "SourceArtifact", + "s3location": { + "bucket": "artifact-bucket", + "key": "myPipeline/SourceArti/key" + } + } + ], + "namespace": "DeployVariables" + }, + "output": { + "outputArtifacts": [], + "executionResult": { + "externalExecutionId": "d-EXAMPLEE5", + "externalExecutionSummary": "Deployment Succeeded", + "externalExecutionUrl": "https://myaddress.com" + }, + "outputVariables": {} + } + }, + { + "pipelineExecutionId": "EXAMPLE0-adfc-488e-bf4c-1111111720d3", + "actionExecutionId": "EXAMPLE5-abb4-4192-9031-11111113a7b0", + "pipelineVersion": 12, + "stageName": "Source", + "actionName": "Source", + "startTime": 1598572624.387, + "lastUpdateTime": 1598572628.16, + "status": "Succeeded", + "input": { + "actionTypeId": { + "category": "Source", + "owner": "AWS", + "provider": "CodeCommit", + "version": "1" + }, + "configuration": { + "BranchName": "production", + "PollForSourceChanges": "false", + "RepositoryName": "my-repo" + }, + "resolvedConfiguration": { + "BranchName": "production", + "PollForSourceChanges": "false", + "RepositoryName": "my-repo" + }, + "region": "us-east-1", + "inputArtifacts": [], + "namespace": "SourceVariables" + }, + "output": { + "outputArtifacts": [ + { + "name": "SourceArtifact", + "s3location": { + "bucket": "amzn-s3-demo-bucket", + "key": "myPipeline/SourceArti/key" + } + } + ], + "executionResult": { + "externalExecutionId": "1111111ad99dcd35914c00b7fbea13995EXAMPLE", + "externalExecutionSummary": "Edited template.yml", + "externalExecutionUrl": "https://myaddress.com" + }, + "outputVariables": { + "AuthorDate": "2020-05-08T17:45:43Z", + "BranchName": "production", + "CommitId": "EXAMPLEad99dcd35914c00b7fbea139951111111", + "CommitMessage": "Edited template.yml", + "CommitterDate": "2020-05-08T17:45:43Z", + "RepositoryName": "my-repo" + } + } + }, + . . . . + For more information, see `View action executions (CLI) `__ in the *AWS CodePipeline User Guide*. \ No newline at end of file diff --git a/awscli/examples/codestar-notifications/create-notification-rule.rst b/awscli/examples/codestar-notifications/create-notification-rule.rst index 44f58529d309..e953f9436dad 100644 --- a/awscli/examples/codestar-notifications/create-notification-rule.rst +++ b/awscli/examples/codestar-notifications/create-notification-rule.rst @@ -1,6 +1,6 @@ **To create a notification rule** -The following ``create-notification-rule`` example uses a JSON file named ``rule.json`` to create a notification rule named ``MyNotificationRule`` for a repository named ``MyDemoRepo`` in the specified AWS acccount. Notifications with the ``FULL`` detail type are sent to the specified target Amazon SNS topic when branches and tags are created. :: +The following ``create-notification-rule`` example uses a JSON file named ``rule.json`` to create a notification rule named ``MyNotificationRule`` for a repository named ``MyDemoRepo`` in the specified AWS account. Notifications with the ``FULL`` detail type are sent to the specified target Amazon SNS topic when branches and tags are created. :: aws codestar-notifications create-notification-rule \ --cli-input-json file://rule.json diff --git a/awscli/examples/codestar/associate-team-member.rst b/awscli/examples/codestar/associate-team-member.rst deleted file mode 100755 index 4aeb984d7f7d..000000000000 --- a/awscli/examples/codestar/associate-team-member.rst +++ /dev/null @@ -1,10 +0,0 @@ -**To add a team member to a project** - -The following ``associate-team-member`` example makes the ``intern`` user a viewer on the project with the specified ID. :: - - aws codestar associate-team-member \ - --project-id my-project \ - --user-arn arn:aws:iam::123456789012:user/intern \ - --project-role Viewer - -This command produces no output. diff --git a/awscli/examples/codestar/create-project.rst b/awscli/examples/codestar/create-project.rst deleted file mode 100755 index 96e0fd5dd74b..000000000000 --- a/awscli/examples/codestar/create-project.rst +++ /dev/null @@ -1,49 +0,0 @@ -**To create a project** - -The following ``create-project`` example uses a JSON input file to create a CodeStar project. :: - - aws codestar create-project \ - --cli-input-json file://create-project.json - -Contents of ``create-project.json``:: - - { - "name": "Custom Project", - "id": "custom-project", - "sourceCode": [ - { - "source": { - "s3": { - "bucketName": "codestar-artifacts", - "bucketKey": "nodejs-function.zip" - } - }, - "destination": { - "codeCommit": { - "name": "codestar-custom-project" - } - } - } - ], - "toolchain": { - "source": { - "s3": { - "bucketName": "codestar-artifacts", - "bucketKey": "toolchain.yml" - } - }, - "roleArn": "arn:aws:iam::123456789012:role/service-role/aws-codestar-service-role", - "stackParameters": { - "ProjectId": "custom-project" - } - } - } - -Output:: - - { - "id": "my-project", - "arn": "arn:aws:codestar:us-east-2:123456789012:project/custom-project" - } - -For a tutorial that includes sample code and templates for a custom project, see `Create a Project in AWS CodeStar with the AWS CLI`__ in the *AWS CodeStar User Guide*. diff --git a/awscli/examples/codestar/create-user-profile.rst b/awscli/examples/codestar/create-user-profile.rst deleted file mode 100755 index 0e69081aeb1b..000000000000 --- a/awscli/examples/codestar/create-user-profile.rst +++ /dev/null @@ -1,19 +0,0 @@ -**To create a user profile** - -The following ``create-user-profile`` example creates a user profile for the IAM user with the specified ARN. :: - - aws codestar create-user-profile \ - --user-arn arn:aws:iam::123456789012:user/intern \ - --display-name Intern \ - --email-address intern@example.com - -Output:: - - { - "userArn": "arn:aws:iam::123456789012:user/intern", - "displayName": "Intern", - "emailAddress": "intern@example.com", - "sshPublicKey": "", - "createdTimestamp": 1572552308.607, - "lastModifiedTimestamp": 1572552308.607 - } diff --git a/awscli/examples/codestar/delete-project.rst b/awscli/examples/codestar/delete-project.rst deleted file mode 100755 index b3b16e98e100..000000000000 --- a/awscli/examples/codestar/delete-project.rst +++ /dev/null @@ -1,12 +0,0 @@ -**To delete a project** - -The following ``delete-project`` example deletes the specified project. :: - - aws codestar delete-project \ - --project-id my-project - -Output:: - - { - "projectArn": "arn:aws:codestar:us-east-2:123456789012:project/my-project" - } diff --git a/awscli/examples/codestar/delete-user-profile.rst b/awscli/examples/codestar/delete-user-profile.rst deleted file mode 100755 index bd448a77b140..000000000000 --- a/awscli/examples/codestar/delete-user-profile.rst +++ /dev/null @@ -1,12 +0,0 @@ -**To delete a user profile** - -The following ``delete-user-profile`` example deletes the user profile for the user with the specified ARN. :: - - aws codestar delete-user-profile \ - --user-arn arn:aws:iam::123456789012:user/intern - -Output:: - - { - "userArn": "arn:aws:iam::123456789012:user/intern" - } diff --git a/awscli/examples/codestar/describe-project.rst b/awscli/examples/codestar/describe-project.rst deleted file mode 100755 index c2f4f5b3158c..000000000000 --- a/awscli/examples/codestar/describe-project.rst +++ /dev/null @@ -1,19 +0,0 @@ -**To view a project** - -The following ``describe-project`` example retrieves details about the specified project. :: - - aws codestar describe-project \ - --id my-project - -Output:: - - { - "name": "my project", - "id": "my-project", - "arn": "arn:aws:codestar:us-west-2:123456789012:project/my-project", - "description": "My first CodeStar project.", - "createdTimeStamp": 1572547510.128, - "status": { - "state": "CreateComplete" - } - } diff --git a/awscli/examples/codestar/describe-user-profile.rst b/awscli/examples/codestar/describe-user-profile.rst deleted file mode 100755 index aa39e075f273..000000000000 --- a/awscli/examples/codestar/describe-user-profile.rst +++ /dev/null @@ -1,17 +0,0 @@ -**To view a user profile** - -The following ``describe-user-profile`` example retrieves details about the user profile for the user with the specified ARN. :: - - aws codestar describe-user-profile \ - --user-arn arn:aws:iam::123456789012:user/intern - -Output:: - - { - "userArn": "arn:aws:iam::123456789012:user/intern", - "displayName": "Intern", - "emailAddress": "intern@example.com", - "sshPublicKey": "intern", - "createdTimestamp": 1572552308.607, - "lastModifiedTimestamp": 1572553495.47 - } diff --git a/awscli/examples/codestar/disassociate-team-member.rst b/awscli/examples/codestar/disassociate-team-member.rst deleted file mode 100755 index 8dc1daf8a169..000000000000 --- a/awscli/examples/codestar/disassociate-team-member.rst +++ /dev/null @@ -1,9 +0,0 @@ -**To remove a team member** - -The following ``disassociate-team-member`` example removes the user with the specified ARN from the project ``my-project``. :: - - aws codestar disassociate-team-member \ - --project-id my-project \ - --user-arn arn:aws:iam::123456789012:user/intern - -This command produces no output. diff --git a/awscli/examples/codestar/list-projects.rst b/awscli/examples/codestar/list-projects.rst deleted file mode 100755 index f4badf347ca7..000000000000 --- a/awscli/examples/codestar/list-projects.rst +++ /dev/null @@ -1,20 +0,0 @@ -**To view projects** - -The following ``list-projects`` example retrieves a list of projects in the current Region. :: - - aws codestar list-projects - -Output:: - - { - "projects": [ - { - "projectId": "intern-projects", - "projectArn": "arn:aws:codestar:us-west-2:123456789012:project/intern-projects" - }, - { - "projectId": "my-project", - "projectArn": "arn:aws:codestar:us-west-2:123456789012:project/my-project" - } - ] - } diff --git a/awscli/examples/codestar/list-resources.rst b/awscli/examples/codestar/list-resources.rst deleted file mode 100755 index c4b710a1b540..000000000000 --- a/awscli/examples/codestar/list-resources.rst +++ /dev/null @@ -1,61 +0,0 @@ -**To view resources** - -The following ``list-resources`` example retrieves a list of resources for the specified project. :: - - aws codestar list-resources \ - --id my-project - -Output:: - - { - "resources": [ - { - "id": "arn:aws:execute-api:us-east-2:123456789012:r3wxmplbv8" - }, - { - "id": "arn:aws:codedeploy:us-east-2:123456789012:application:awscodestar-my-project-lambda-ServerlessDeploymentApplication-PF0LXMPL1KA0" - }, - { - "id": "arn:aws:s3:::aws-codestar-us-east-2-123456789012-my-project-pipe" - }, - { - "id": "arn:aws:lambda:us-east-2:123456789012:function:awscodestar-my-project-lambda-GetHelloWorld-16W3LVXMPLNNS" - }, - { - "id": "arn:aws:cloudformation:us-east-2:123456789012:stack/awscodestar-my-project-lambda/b4904ea0-fc20-xmpl-bec6-029123b1cc42" - }, - { - "id": "arn:aws:cloudformation:us-east-2:123456789012:stack/awscodestar-my-project/1b133f30-fc20-xmpl-a93a-0688c4290cb8" - }, - { - "id": "arn:aws:iam::123456789012:role/CodeStarWorker-my-project-ToolChain" - }, - { - "id": "arn:aws:iam::123456789012:policy/CodeStar_my-project_PermissionsBoundary" - }, - { - "id": "arn:aws:s3:::aws-codestar-us-east-2-123456789012-my-project-app" - }, - { - "id": "arn:aws:codepipeline:us-east-2:123456789012:my-project-Pipeline" - }, - { - "id": "arn:aws:codedeploy:us-east-2:123456789012:deploymentgroup:my-project/awscodestar-my-project-lambda-GetHelloWorldDeploymentGroup-P7YWXMPLT0QB" - }, - { - "id": "arn:aws:iam::123456789012:role/CodeStar-my-project-Execution" - }, - { - "id": "arn:aws:iam::123456789012:role/CodeStarWorker-my-project-CodeDeploy" - }, - { - "id": "arn:aws:codebuild:us-east-2:123456789012:project/my-project" - }, - { - "id": "arn:aws:iam::123456789012:role/CodeStarWorker-my-project-CloudFormation" - }, - { - "id": "arn:aws:codecommit:us-east-2:123456789012:Go-project" - } - ] - } diff --git a/awscli/examples/codestar/list-tags-for-project.rst b/awscli/examples/codestar/list-tags-for-project.rst deleted file mode 100755 index 0c45d557dd9b..000000000000 --- a/awscli/examples/codestar/list-tags-for-project.rst +++ /dev/null @@ -1,15 +0,0 @@ -**To view tags for a project** - -The following ``list-tags-for-project`` example retrieves the tags attached to the specified project. :: - - aws codestar list-tags-for-project \ - --id my-project - -Output:: - - { - "tags": { - "Department": "Marketing", - "Team": "Website" - } - } diff --git a/awscli/examples/codestar/list-team-members.rst b/awscli/examples/codestar/list-team-members.rst deleted file mode 100755 index c3163e32e120..000000000000 --- a/awscli/examples/codestar/list-team-members.rst +++ /dev/null @@ -1,23 +0,0 @@ -**To view a list of team members** - -The following ``list-team-members`` example retrieves a list of users associated with the specified project. :: - - aws codestar list-team-members \ - --project-id my-project - -Output:: - - { - "teamMembers": [ - { - "userArn": "arn:aws:iam::123456789012:user/admin", - "projectRole": "Owner", - "remoteAccessAllowed": false - }, - { - "userArn": "arn:aws:iam::123456789012:user/intern", - "projectRole": "Contributor", - "remoteAccessAllowed": false - } - ] - } diff --git a/awscli/examples/codestar/list-user-profiles.rst b/awscli/examples/codestar/list-user-profiles.rst deleted file mode 100755 index 049895f60623..000000000000 --- a/awscli/examples/codestar/list-user-profiles.rst +++ /dev/null @@ -1,24 +0,0 @@ -**To view a list of user profiles** - -The following ``list-user-profiles`` example retrieves a list of all user profiles in the current Region. :: - - aws codestar list-user-profiles - -Output:: - - { - "userProfiles": [ - { - "userArn": "arn:aws:iam::123456789012:user/admin", - "displayName": "me", - "emailAddress": "me@example.com", - "sshPublicKey": "" - }, - { - "userArn": "arn:aws:iam::123456789012:user/intern", - "displayName": "Intern", - "emailAddress": "intern@example.com", - "sshPublicKey": "intern" - } - ] - } diff --git a/awscli/examples/codestar/tag-project.rst b/awscli/examples/codestar/tag-project.rst deleted file mode 100755 index 80e23a492729..000000000000 --- a/awscli/examples/codestar/tag-project.rst +++ /dev/null @@ -1,15 +0,0 @@ -**To attach a tag to a project** - -The following ``tag-project`` example adds a tag named ``Department`` and a value of ``Marketing`` to the specified project. :: - - aws codestar tag-project \ - --id my-project \ - --tags Department=Marketing - -Output:: - - { - "tags": { - "Department": "Marketing" - } - } diff --git a/awscli/examples/codestar/untag-project.rst b/awscli/examples/codestar/untag-project.rst deleted file mode 100755 index b9778df7d363..000000000000 --- a/awscli/examples/codestar/untag-project.rst +++ /dev/null @@ -1,9 +0,0 @@ -**To remove a tag from a project** - -The following ``untag-project`` example removes any tag with a key name of ``Team`` from the specifiec project. :: - - aws codestar untag-project \ - --id my-project \ - --tags Team - -This command produces no output. diff --git a/awscli/examples/codestar/update-project.rst b/awscli/examples/codestar/update-project.rst deleted file mode 100755 index 620f6a35fb4c..000000000000 --- a/awscli/examples/codestar/update-project.rst +++ /dev/null @@ -1,9 +0,0 @@ -**To update a project** - -The following ``update-project`` example adds a description to the specified project. :: - - aws codestar update-project \ - --id my-project \ - --description "My first CodeStar project" - -This command produces no output. diff --git a/awscli/examples/codestar/update-team-member.rst b/awscli/examples/codestar/update-team-member.rst deleted file mode 100755 index eed537e8353d..000000000000 --- a/awscli/examples/codestar/update-team-member.rst +++ /dev/null @@ -1,17 +0,0 @@ -**To modify a team member** - -The following ``update-team-member`` example makes the specified user a contributor on a project and grants them remote access to project resources. :: - - aws codestar update-team-member \ - --project-id my-project \ - --user-arn arn:aws:iam::123456789012:user/intern \ - --project-role Contributor -\ - --remote-access-allowed - -Output:: - - { - "userArn": "arn:aws:iam::123456789012:user/intern", - "projectRole": "Contributor", - "remoteAccessAllowed": true - } diff --git a/awscli/examples/codestar/update-user-profile.rst b/awscli/examples/codestar/update-user-profile.rst deleted file mode 100755 index 5b768390e6ed..000000000000 --- a/awscli/examples/codestar/update-user-profile.rst +++ /dev/null @@ -1,18 +0,0 @@ -**To modify a user profile** - -The following ``update-user-profile`` example adds the specified SHH key to the specified user. :: - - aws codestar update-user-profile \ - --ssh-public-key intern \ - --user-arn arn:aws:iam::123456789012:user/intern - -Output:: - - { - "userArn": "arn:aws:iam::123456789012:user/intern", - "displayName": "Intern", - "emailAddress": "intern@example.com", - "sshPublicKey": "intern", - "createdTimestamp": 1572552308.607, - "lastModifiedTimestamp": 1572553495.47 - } diff --git a/awscli/examples/cognito-idp/admim-disable-user.rst b/awscli/examples/cognito-idp/admim-disable-user.rst deleted file mode 100644 index 57e8ec369d44..000000000000 --- a/awscli/examples/cognito-idp/admim-disable-user.rst +++ /dev/null @@ -1,8 +0,0 @@ -**To disable a user** - -This example disables user jane@example.com. - -Command:: - - aws cognito-idp admin-disable-user --user-pool-id us-west-2_aaaaaaaaa --username jane@example.com - diff --git a/awscli/examples/cognito-idp/admim-enable-user.rst b/awscli/examples/cognito-idp/admim-enable-user.rst deleted file mode 100644 index 79bc468e4b3c..000000000000 --- a/awscli/examples/cognito-idp/admim-enable-user.rst +++ /dev/null @@ -1,8 +0,0 @@ -**To enable a user** - -This example enables username jane@example.com. - -Command:: - - aws cognito-idp admin-enable-user --user-pool-id us-west-2_aaaaaaaaa --username jane@example.com - diff --git a/awscli/examples/cognito-idp/admin-disable-provider-for-user.rst b/awscli/examples/cognito-idp/admin-disable-provider-for-user.rst new file mode 100644 index 000000000000..2d1209dd74b5 --- /dev/null +++ b/awscli/examples/cognito-idp/admin-disable-provider-for-user.rst @@ -0,0 +1,9 @@ +**To unlink a federated user from a local user profile** + +The following ``admin-disable-provider-for-user`` example disconnects a Google user from their linked local profile. :: + + aws cognito-idp admin-disable-provider-for-user \ + --user-pool-id us-west-2_EXAMPLE \ + --user ProviderAttributeName=Cognito_Subject,ProviderAttributeValue=0000000000000000,ProviderName=Google + +For more information, see `Linking federated users to an existing user profile `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-disable-user.rst b/awscli/examples/cognito-idp/admin-disable-user.rst new file mode 100644 index 000000000000..023745bf183a --- /dev/null +++ b/awscli/examples/cognito-idp/admin-disable-user.rst @@ -0,0 +1,9 @@ +**To prevent sign-in by a user** + +The following ``admin-disable-user`` example prevents sign-in by the user ``diego@example.com``. :: + + aws cognito-idp admin-disable-user \ + --user-pool-id us-west-2_EXAMPLE \ + --username diego@example.com + +For more information, see `Managing users `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-enable-user.rst b/awscli/examples/cognito-idp/admin-enable-user.rst new file mode 100644 index 000000000000..4a03faf7ebc6 --- /dev/null +++ b/awscli/examples/cognito-idp/admin-enable-user.rst @@ -0,0 +1,9 @@ +**To enable sign-in by a user** + +The following ``admin-enable-user`` example enables sign-in by the user diego@example.com. :: + + aws cognito-idp admin-enable-user \ + --user-pool-id us-west-2_EXAMPLE \ + --username diego@example.com + +For more information, see `Managing users `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-get-device.rst b/awscli/examples/cognito-idp/admin-get-device.rst index 92fff255ed2c..7ed62712441e 100644 --- a/awscli/examples/cognito-idp/admin-get-device.rst +++ b/awscli/examples/cognito-idp/admin-get-device.rst @@ -1,8 +1,51 @@ -**To get a device** - -This example gets a device for username jane@example.com - -Command:: - - aws cognito-idp admin-get-device --user-pool-id us-west-2_aaaaaaaaa --username jane@example.com --device-key us-west-2_abcd_1234-5678 - +**To get a device** + +The following ``admin-get-device`` example displays one device for the user ``diego``. :: + + aws cognito-idp admin-get-device \ + --user-pool-id us-west-2_EXAMPLE \ + --username diego \ + --device-key us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 + +Output:: + + { + "Device": { + "DeviceKey": "us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "DeviceAttributes": [ + { + "Name": "device_status", + "Value": "valid" + }, + { + "Name": "device_name", + "Value": "MyDevice" + }, + { + "Name": "dev:device_arn", + "Value": "arn:aws:cognito-idp:us-west-2:123456789012:owner/diego.us-west-2_EXAMPLE/device/us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + }, + { + "Name": "dev:device_owner", + "Value": "diego.us-west-2_EXAMPLE" + }, + { + "Name": "last_ip_used", + "Value": "192.0.2.1" + }, + { + "Name": "dev:device_remembered_status", + "Value": "remembered" + }, + { + "Name": "dev:device_sdk", + "Value": "aws-sdk" + } + ], + "DeviceCreateDate": 1715100742.022, + "DeviceLastModifiedDate": 1723233651.167, + "DeviceLastAuthenticatedDate": 1715100742.0 + } + } + +For more information, see `Working with user devices in your user pool `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-initiate-auth.rst b/awscli/examples/cognito-idp/admin-initiate-auth.rst index bdb01054c454..2e54deec5104 100644 --- a/awscli/examples/cognito-idp/admin-initiate-auth.rst +++ b/awscli/examples/cognito-idp/admin-initiate-auth.rst @@ -1,25 +1,24 @@ -**To initiate authorization** - -This example initiates authorization using the ADMIN_NO_SRP_AUTH flow for username jane@example.com - -The client must have sign-in API for server-based authentication (ADMIN_NO_SRP_AUTH) enabled. - -Use the session information in the return value to call `admin-respond-to-auth-challenge`_. - -Command:: - - aws cognito-idp admin-initiate-auth --user-pool-id us-west-2_aaaaaaaaa --client-id 3n4b5urk1ft4fl3mg5e62d9ado --auth-flow ADMIN_NO_SRP_AUTH --auth-parameters USERNAME=jane@example.com,PASSWORD=password - -Output:: - - { - "ChallengeName": "NEW_PASSWORD_REQUIRED", - "Session": "SESSION", - "ChallengeParameters": { - "USER_ID_FOR_SRP": "84514837-dcbc-4af1-abff-f3c109334894", - "requiredAttributes": "[]", - "userAttributes": "{\"email_verified\":\"true\",\"phone_number_verified\":\"true\",\"phone_number\":\"+01xxx5550100\",\"email\":\"jane@example.com\"}" - } - } - -.. _`admin-respond-to-auth-challenge`: https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/admin-respond-to-auth-challenge.html \ No newline at end of file +**To sign in a user as an admin** + +The following ``admin-initiate-auth`` example signs in the user diego@example.com. This example also includes metadata for threat protection and ClientMetadata for Lambda triggers. The user is configured for TOTP MFA and receives a challenge to provide a code from their authenticator app before they can complete authentication. :: + + aws cognito-idp admin-initiate-auth \ + --user-pool-id us-west-2_EXAMPLE \ + --client-id 1example23456789 \ + --auth-flow ADMIN_USER_PASSWORD_AUTH \ + --auth-parameters USERNAME=diego@example.com,PASSWORD="My@Example$Password3!",SECRET_HASH=ExampleEncodedClientIdSecretAndUsername= \ + --context-data="{\"EncodedData\":\"abc123example\",\"HttpHeaders\":[{\"headerName\":\"UserAgent\",\"headerValue\":\"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0\"}],\"IpAddress\":\"192.0.2.1\",\"ServerName\":\"example.com\",\"ServerPath\":\"/login\"}" \ + --client-metadata="{\"MyExampleKey\": \"MyExampleValue\"}" + +Output:: + + { + "ChallengeName": "SOFTWARE_TOKEN_MFA", + "Session": "AYABeExample...", + "ChallengeParameters": { + "FRIENDLY_DEVICE_NAME": "MyAuthenticatorApp", + "USER_ID_FOR_SRP": "diego@example.com" + } + } + +For more information, see `Admin authentication flow `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-link-provider-for-user.rst b/awscli/examples/cognito-idp/admin-link-provider-for-user.rst new file mode 100644 index 000000000000..4316adb214fd --- /dev/null +++ b/awscli/examples/cognito-idp/admin-link-provider-for-user.rst @@ -0,0 +1,10 @@ +**To link a local user to a federated user** + +The following ``admin-link-provider-for-user`` example links the local user diego to a user who will do federated sign-in with Google. :: + + aws cognito-idp admin-link-provider-for-user \ + --user-pool-id us-west-2_EXAMPLE \ + --destination-user ProviderName=Cognito,ProviderAttributeValue=diego \ + --source-user ProviderAttributeName=Cognito_Subject,ProviderAttributeValue=0000000000000000,ProviderName=Google + +For more information, see `Linking federated users to an existing user profile `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-list-devices.rst b/awscli/examples/cognito-idp/admin-list-devices.rst index 2b710876d04a..6f150de3ebd6 100644 --- a/awscli/examples/cognito-idp/admin-list-devices.rst +++ b/awscli/examples/cognito-idp/admin-list-devices.rst @@ -1,7 +1,53 @@ -**To list devices for a user** - -This example lists devices for username jane@example.com. - -Command:: - - aws cognito-idp admin-list-devices --user-pool-id us-west-2_aaaaaaaaa --username jane@example.com +**To list devices for a user** + +The following ``admin-list-devices`` example lists devices for the user diego. :: + + aws cognito-idp admin-list-devices \ + --user-pool-id us-west-2_EXAMPLE \ + --username diego \ + --limit 1 + +Output:: + + { + "Devices": [ + { + "DeviceKey": "us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "DeviceAttributes": [ + { + "Name": "device_status", + "Value": "valid" + }, + { + "Name": "device_name", + "Value": "MyDevice" + }, + { + "Name": "dev:device_arn", + "Value": "arn:aws:cognito-idp:us-west-2:123456789012:owner/diego.us-west-2_EXAMPLE/device/us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + }, + { + "Name": "dev:device_owner", + "Value": "diego.us-west-2_EXAMPLE" + }, + { + "Name": "last_ip_used", + "Value": "192.0.2.1" + }, + { + "Name": "dev:device_remembered_status", + "Value": "remembered" + }, + { + "Name": "dev:device_sdk", + "Value": "aws-sdk" + } + ], + "DeviceCreateDate": 1715100742.022, + "DeviceLastModifiedDate": 1723233651.167, + "DeviceLastAuthenticatedDate": 1715100742.0 + } + ] + } + +For more information, see `Working with user devices in your user pool `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-list-user-auth-events.rst b/awscli/examples/cognito-idp/admin-list-user-auth-events.rst index eeff1edbe52d..066e32060180 100644 --- a/awscli/examples/cognito-idp/admin-list-user-auth-events.rst +++ b/awscli/examples/cognito-idp/admin-list-user-auth-events.rst @@ -1,8 +1,40 @@ -**To list authorization events for a user** - -This example lists authorization events for username diego@example.com. - -Command:: - - aws cognito-idp admin-list-user-auth-events --user-pool-id us-west-2_aaaaaaaaa --username diego@example.com - +**To list authorization events for a user** + +The following ``admin-list-user-auth-events`` example lists the most recent user activity log event for the user diego. :: + + aws cognito-idp admin-list-user-auth-events \ + --user-pool-id us-west-2_ywDJHlIfU \ + --username brcotter+050123 \ + --max-results 1 + +Output:: + + { + "AuthEvents": [ + { + "EventId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE22222", + "EventType": "SignIn", + "CreationDate": 1726694203.495, + "EventResponse": "InProgress", + "EventRisk": { + "RiskDecision": "AccountTakeover", + "RiskLevel": "Medium", + "CompromisedCredentialsDetected": false + }, + "ChallengeResponses": [ + { + "ChallengeName": "Password", + "ChallengeResponse": "Success" + } + ], + "EventContextData": { + "IpAddress": "192.0.2.1", + "City": "Seattle", + "Country": "United States" + } + } + ], + "NextToken": "a1b2c3d4-5678-90ab-cdef-EXAMPLE22222#2024-09-18T21:16:43.495Z" + } + +For more information, see `Viewing and exporting user event history `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-respond-to-auth-challenge.rst b/awscli/examples/cognito-idp/admin-respond-to-auth-challenge.rst new file mode 100644 index 000000000000..6ae67f4208e4 --- /dev/null +++ b/awscli/examples/cognito-idp/admin-respond-to-auth-challenge.rst @@ -0,0 +1,29 @@ +**To respond to an authentication challenge** + +There are many ways to respond to different authentication challenges, depending on your authentication flow, user pool configuration, and user settings. The following ``admin-respond-to-auth-challenge`` example provides a TOTP MFA code for diego@example.com and completes sign-in. This user pool has device remembering turned on, so the authentication result also returns a new device key. :: + + aws cognito-idp admin-respond-to-auth-challenge \ + --user-pool-id us-west-2_EXAMPLE \ + --client-id 1example23456789 \ + --challenge-name SOFTWARE_TOKEN_MFA \ + --challenge-responses USERNAME=diego@example.com,SOFTWARE_TOKEN_MFA_CODE=000000 \ + --session AYABeExample... + +Output:: + + { + "ChallengeParameters": {}, + "AuthenticationResult": { + "AccessToken": "eyJra456defEXAMPLE", + "ExpiresIn": 3600, + "TokenType": "Bearer", + "RefreshToken": "eyJra123abcEXAMPLE", + "IdToken": "eyJra789ghiEXAMPLE", + "NewDeviceMetadata": { + "DeviceKey": "us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "DeviceGroupKey": "-ExAmPlE1" + } + } + } + +For more information, see `Admin authentication flow `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-set-user-password.rst b/awscli/examples/cognito-idp/admin-set-user-password.rst new file mode 100644 index 000000000000..88bdabf591d7 --- /dev/null +++ b/awscli/examples/cognito-idp/admin-set-user-password.rst @@ -0,0 +1,13 @@ +**To set a user password as an admin** + +The following ``admin-set-user-password`` example permanently sets the password for diego@example.com. :: + + aws cognito-idp admin-set-user-password \ + --user-pool-id us-west-2_EXAMPLE \ + --username diego@example.com \ + --password MyExamplePassword1! \ + --permanent + +This command produces no output. + +For more information, see `Passwords, password recovery, and password policies `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/admin-user-global-sign-out.rst b/awscli/examples/cognito-idp/admin-user-global-sign-out.rst new file mode 100644 index 000000000000..dc6365e40d40 --- /dev/null +++ b/awscli/examples/cognito-idp/admin-user-global-sign-out.rst @@ -0,0 +1,9 @@ +**To sign out a user as an admin** + +The following ``admin-user-global-sign-out`` example signs out the user diego@example.com. :: + + aws cognito-idp admin-user-global-sign-out \ + --user-pool-id us-west-2_EXAMPLE \ + --username diego@example.com + +For more information, see `Authentication with a user pool `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/associate-software-token.rst b/awscli/examples/cognito-idp/associate-software-token.rst new file mode 100644 index 000000000000..9a72f3db15ac --- /dev/null +++ b/awscli/examples/cognito-idp/associate-software-token.rst @@ -0,0 +1,14 @@ +**To generate a secret key for an MFA authenticator app** + +The following ``associate-software-token`` example generates a TOTP private key for a user who has signed in and received an access token. The resulting private key can be manually entered into an authenticator app, or applications can render it as a QR code that the user can scan. :: + + aws cognito-idp associate-software-token \ + --access-token eyJra456defEXAMPLE + +Output:: + + { + "SecretCode": "QWERTYUIOP123456EXAMPLE" + } + +For more information, see `TOTP software token MFA `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/confirm-device.rst b/awscli/examples/cognito-idp/confirm-device.rst new file mode 100644 index 000000000000..6b391fb6d690 --- /dev/null +++ b/awscli/examples/cognito-idp/confirm-device.rst @@ -0,0 +1,16 @@ +**To confirm a user device** + +The following ``confirm-device`` example adds a new remembered device for the current user. :: + + aws cognito-idp confirm-device \ + --access-token eyJra456defEXAMPLE \ + --device-key us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 \ + --device-secret-verifier-config PasswordVerifier=TXlWZXJpZmllclN0cmluZw,Salt=TXlTUlBTYWx0 + +Output:: + + { + "UserConfirmationNecessary": false + } + +For more information, see `Working with user devices in your user pool `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/create-identity-provider.rst b/awscli/examples/cognito-idp/create-identity-provider.rst new file mode 100644 index 000000000000..fd66f4b2d9c7 --- /dev/null +++ b/awscli/examples/cognito-idp/create-identity-provider.rst @@ -0,0 +1,102 @@ +**Example 1: To create a user pool SAML identity provider (IdP) with a metadata URL** + +The following ``create-identity-provider`` example creates a new SAML IdP with metadata from a public URL, attribute mapping, and two identifiers. :: + + aws cognito-idp create-identity-provider \ + --user-pool-id us-west-2_EXAMPLE \ + --provider-name MySAML \ + --provider-type SAML \ + --provider-details IDPInit=true,IDPSignout=true,EncryptedResponses=true,MetadataURL=https://auth.example.com/sso/saml/metadata,RequestSigningAlgorithm=rsa-sha256 \ + --attribute-mapping email=emailaddress,phone_number=phone,custom:111=department \ + --idp-identifiers CorpSAML WestSAML + +Output:: + + { + "IdentityProvider": { + "UserPoolId": "us-west-2_EXAMPLE", + "ProviderName": "MySAML", + "ProviderType": "SAML", + "ProviderDetails": { + "ActiveEncryptionCertificate": "MIICvTCCAaEXAMPLE", + "EncryptedResponses": "true", + "IDPInit": "true", + "IDPSignout": "true", + "MetadataURL": "https://auth.example.com/sso/saml/metadata", + "RequestSigningAlgorithm": "rsa-sha256", + "SLORedirectBindingURI": "https://auth.example.com/slo/saml", + "SSORedirectBindingURI": "https://auth.example.com/sso/saml" + }, + "AttributeMapping": { + "custom:111": "department", + "emailaddress": "email", + "phone": "phone_number" + }, + "IdpIdentifiers": [ + "CorpSAML", + "WestSAML" + ], + "LastModifiedDate": 1726853833.977, + "CreationDate": 1726853833.977 + } + } + +For more information, see `Adding user pool sign-in through a third party `__ in the *Amazon Cognito Developer Guide*. + +**Example 2: To create a user pool SAML identity provider (IdP) with a metadata file** + +The following ``create-identity-provider`` example creates a new SAML IdP with metadata from a file, attribute mapping, and two identifiers. File syntax can differ between operating systems in the ``--provider-details`` parameter. It's easiest to create a JSON input file for this operation.:: + + aws cognito-idp create-identity-provider \ + --cli-input-json file://.\SAML-identity-provider.json + +Contents of ``SAML-identity-provider.json``:: + + { + "AttributeMapping": { + "email" : "idp_email", + "email_verified" : "idp_email_verified" + }, + "IdpIdentifiers": [ "platform" ], + "ProviderDetails": { + "MetadataFile": "[IDP_CERTIFICATE_DATA]urn:oasis:names:tc:SAML:1.1:nameid-format:unspecifiedurn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", + "IDPSignout" : "true", + "RequestSigningAlgorithm" : "rsa-sha256", + "EncryptedResponses" : "true", + "IDPInit" : "true" + }, + "ProviderName": "MySAML2", + "ProviderType": "SAML", + "UserPoolId": "us-west-2_EXAMPLE" + } + +Output:: + + { + "IdentityProvider": { + "UserPoolId": "us-west-2_EXAMPLE", + "ProviderName": "MySAML2", + "ProviderType": "SAML", + "ProviderDetails": { + "ActiveEncryptionCertificate": "[USER_POOL_ENCRYPTION_CERTIFICATE_DATA]", + "EncryptedResponses": "true", + "IDPInit": "true", + "IDPSignout": "true", + "MetadataFile": "[IDP_CERTIFICATE_DATA]urn:oasis:names:tc:SAML:1.1:nameid-format:unspecifiedurn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", + "RequestSigningAlgorithm": "rsa-sha256", + "SLORedirectBindingURI": "https://www.example.com/slo/saml", + "SSORedirectBindingURI": "https://www.example.com/sso/saml" + }, + "AttributeMapping": { + "email": "idp_email", + "email_verified": "idp_email_verified" + }, + "IdpIdentifiers": [ + "platform" + ], + "LastModifiedDate": 1726855290.731, + "CreationDate": 1726855290.731 + } + } + +For more information, see `Adding user pool sign-in through a third party `__ in the *Amazon Cognito Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/cognito-idp/create-resource-server.rst b/awscli/examples/cognito-idp/create-resource-server.rst new file mode 100644 index 000000000000..3b00722f1702 --- /dev/null +++ b/awscli/examples/cognito-idp/create-resource-server.rst @@ -0,0 +1,31 @@ +**To create a user pool client** + +The following ``create-resource-server`` example creates a new resource server with custom scopes. :: + + aws cognito-idp create-resource-server \ + --user-pool-id us-west-2_EXAMPLE \ + --identifier solar-system-data \ + --name "Solar system object tracker" \ + --scopes ScopeName=sunproximity.read,ScopeDescription="Distance in AU from Sol" ScopeName=asteroids.add,ScopeDescription="Enter a new asteroid" + +Output:: + + { + "ResourceServer": { + "UserPoolId": "us-west-2_EXAMPLE", + "Identifier": "solar-system-data", + "Name": "Solar system object tracker", + "Scopes": [ + { + "ScopeName": "sunproximity.read", + "ScopeDescription": "Distance in AU from Sol" + }, + { + "ScopeName": "asteroids.add", + "ScopeDescription": "Enter a new asteroid" + } + ] + } + } + +For more information, see `Scopes, M2M, and APIs with resource servers `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/create-user-pool-client.rst b/awscli/examples/cognito-idp/create-user-pool-client.rst index 3d9129ae8b12..b02c0071dd6d 100644 --- a/awscli/examples/cognito-idp/create-user-pool-client.rst +++ b/awscli/examples/cognito-idp/create-user-pool-client.rst @@ -1,26 +1,94 @@ **To create a user pool client** -This example creates a new user pool client with two explicit authorization flows: USER_PASSWORD_AUTH and ADMIN_NO_SRP_AUTH. +The following ``create-user-pool-client`` example creates a new user pool client with a client secret, explicit read and write attributes, sign in with username-password and SRP flows, sign-in with three IdPs, access to a subset of OAuth scopes, PinPoint analytics, and an extended authentication session validity. :: -Command:: + aws cognito-idp create-user-pool-client \ + --user-pool-id us-west-2_EXAMPLE \ + --client-name MyTestClient \ + --generate-secret \ + --refresh-token-validity 10 \ + --access-token-validity 60 \ + --id-token-validity 60 \ + --token-validity-units AccessToken=minutes,IdToken=minutes,RefreshToken=days \ + --read-attributes email phone_number email_verified phone_number_verified \ + --write-attributes email phone_number \ + --explicit-auth-flows ALLOW_USER_PASSWORD_AUTH ALLOW_USER_SRP_AUTH ALLOW_REFRESH_TOKEN_AUTH \ + --supported-identity-providers Google Facebook MyOIDC \ + --callback-urls https://www.amazon.com https://example.com http://localhost:8001 myapp://example \ + --allowed-o-auth-flows code implicit \ + --allowed-o-auth-scopes openid profile aws.cognito.signin.user.admin solar-system-data/asteroids.add \ + --allowed-o-auth-flows-user-pool-client \ + --analytics-configuration ApplicationArn=arn:aws:mobiletargeting:us-west-2:767671399759:apps/thisisanexamplepinpointapplicationid,UserDataShared=TRUE \ + --prevent-user-existence-errors ENABLED \ + --enable-token-revocation \ + --enable-propagate-additional-user-context-data \ + --auth-session-validity 4 - aws cognito-idp create-user-pool-client --user-pool-id us-west-2_aaaaaaaaa --client-name MyNewClient --no-generate-secret --explicit-auth-flows "USER_PASSWORD_AUTH" "ADMIN_NO_SRP_AUTH" - Output:: - { - "UserPoolClient": { - "UserPoolId": "us-west-2_aaaaaaaaa", - "ClientName": "MyNewClient", - "ClientId": "6p3bs000no6a4ue1idruvd05ad", - "LastModifiedDate": 1548697449.497, - "CreationDate": 1548697449.497, - "RefreshTokenValidity": 30, - "ExplicitAuthFlows": [ - "USER_PASSWORD_AUTH", - "ADMIN_NO_SRP_AUTH" - ], - "AllowedOAuthFlowsUserPoolClient": false + { + "UserPoolClient": { + "UserPoolId": "us-west-2_EXAMPLE", + "ClientName": "MyTestClient", + "ClientId": "123abc456defEXAMPLE", + "ClientSecret": "this1234is5678my91011example1213client1415secret", + "LastModifiedDate": 1726788459.464, + "CreationDate": 1726788459.464, + "RefreshTokenValidity": 10, + "AccessTokenValidity": 60, + "IdTokenValidity": 60, + "TokenValidityUnits": { + "AccessToken": "minutes", + "IdToken": "minutes", + "RefreshToken": "days" + }, + "ReadAttributes": [ + "email_verified", + "phone_number_verified", + "phone_number", + "email" + ], + "WriteAttributes": [ + "phone_number", + "email" + ], + "ExplicitAuthFlows": [ + "ALLOW_USER_PASSWORD_AUTH", + "ALLOW_USER_SRP_AUTH", + "ALLOW_REFRESH_TOKEN_AUTH" + ], + "SupportedIdentityProviders": [ + "Google", + "MyOIDC", + "Facebook" + ], + "CallbackURLs": [ + "https://example.com", + "https://www.amazon.com", + "myapp://example", + "http://localhost:8001" + ], + "AllowedOAuthFlows": [ + "implicit", + "code" + ], + "AllowedOAuthScopes": [ + "aws.cognito.signin.user.admin", + "openid", + "profile", + "solar-system-data/asteroids.add" + ], + "AllowedOAuthFlowsUserPoolClient": true, + "AnalyticsConfiguration": { + "ApplicationArn": "arn:aws:mobiletargeting:us-west-2:123456789012:apps/thisisanexamplepinpointapplicationid", + "RoleArn": "arn:aws:iam::123456789012:role/aws-service-role/cognito-idp.amazonaws.com/AWSServiceRoleForAmazonCognitoIdp", + "UserDataShared": true + }, + "PreventUserExistenceErrors": "ENABLED", + "EnableTokenRevocation": true, + "EnablePropagateAdditionalUserContextData": true, + "AuthSessionValidity": 4 + } } - } +For more information, see `Application-specific settings with app clients `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/create-user-pool-domain.rst b/awscli/examples/cognito-idp/create-user-pool-domain.rst index 77e6185cc12f..9fb60e6cb1f6 100644 --- a/awscli/examples/cognito-idp/create-user-pool-domain.rst +++ b/awscli/examples/cognito-idp/create-user-pool-domain.rst @@ -1,8 +1,26 @@ -**To create a user pool domain** +**Example 1: To create a user pool domain** -This example creates a new user pool domain. with two explicit authorization flows: USER_PASSWORD_AUTH and ADMIN_NO_SRP_AUTH. +The following ``create-user-pool-domain`` example creates a new custom domain. :: -Command:: + aws cognito-idp create-user-pool-domain \ + --user-pool-id us-west-2_EXAMPLE \ + --domain auth.example.com \ + --custom-domain-config CertificateArn=arn:aws:acm:us-east-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222 - aws cognito-idp create-user-pool-domain --user-pool-id us-west-2_aaaaaaaaa --domain my-new-domain - +Output:: + + { + "CloudFrontDomain": "example1domain.cloudfront.net" + } + +For more information, see `Configuring a user pool domain `__ in the *Amazon Cognito Developer Guide*. + +**Example 2: To create a user pool domain** + +The following ``create-user-pool-domain`` example creates a new domain with a service-owned prefix. :: + + aws cognito-idp create-user-pool-domain \ + --user-pool-id us-west-2_EXAMPLE2 \ + --domain mydomainprefix + +For more information, see `Configuring a user pool domain `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/delete-user-attributes.rst b/awscli/examples/cognito-idp/delete-user-attributes.rst index 3856abc42271..16e730946a08 100644 --- a/awscli/examples/cognito-idp/delete-user-attributes.rst +++ b/awscli/examples/cognito-idp/delete-user-attributes.rst @@ -1,8 +1,11 @@ -**To delete user attributes** +**To delete a user attribute** -This example deletes the user attribute "FAVORITE_ANIMAL". +The following ``delete-user-attributes`` example deletes the custom attribute "custom:attribute" from the currently signed-in user. :: -Command:: + aws cognito-idp delete-user-attributes \ + --access-token ACCESS_TOKEN \ + --user-attribute-names "custom:department" - aws cognito-idp delete-user-attributes --access-token ACCESS_TOKEN --user-attribute-names "FAVORITE_ANIMAL" - +This command produces no output. + +For more information, see `Working with user attributes `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/describe-user-pool.rst b/awscli/examples/cognito-idp/describe-user-pool.rst index 130a301f038d..3e3fba376e04 100644 --- a/awscli/examples/cognito-idp/describe-user-pool.rst +++ b/awscli/examples/cognito-idp/describe-user-pool.rst @@ -1,267 +1,376 @@ **To describe a user pool** -This example describes a user pool with the user pool id us-west-2_aaaaaaaaa. +The following example describes a user pool with the user pool id us-west-2_EXAMPLE. :: -Command:: - - aws cognito-idp describe-user-pool --user-pool-id us-west-2_aaaaaaaaa + aws cognito-idp describe-user-pool \ + --user-pool-id us-west-2_EXAMPLE Output:: - { - "UserPool": { - "SmsVerificationMessage": "Your verification code is {####}. ", - "SchemaAttributes": [ - { - "Name": "sub", - "StringAttributeConstraints": { - "MinLength": "1", - "MaxLength": "2048" - }, - "DeveloperOnlyAttribute": false, - "Required": true, - "AttributeDataType": "String", - "Mutable": false + { + "UserPool": { + "Id": "us-west-2_EXAMPLE", + "Name": "MyUserPool", + "Policies": { + "PasswordPolicy": { + "MinimumLength": 8, + "RequireUppercase": true, + "RequireLowercase": true, + "RequireNumbers": true, + "RequireSymbols": true, + "TemporaryPasswordValidityDays": 1 + } }, - { - "Name": "name", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + "DeletionProtection": "ACTIVE", + "LambdaConfig": { + "PreSignUp": "arn:aws:lambda:us-west-2:123456789012:function:MyPreSignUpFunction", + "CustomMessage": "arn:aws:lambda:us-west-2:123456789012:function:MyCustomMessageFunction", + "PostConfirmation": "arn:aws:lambda:us-west-2:123456789012:function:MyPostConfirmationFunction", + "PreAuthentication": "arn:aws:lambda:us-west-2:123456789012:function:MyPreAuthenticationFunction", + "PostAuthentication": "arn:aws:lambda:us-west-2:123456789012:function:MyPostAuthenticationFunction", + "DefineAuthChallenge": "arn:aws:lambda:us-west-2:123456789012:function:MyDefineAuthChallengeFunction", + "CreateAuthChallenge": "arn:aws:lambda:us-west-2:123456789012:function:MyCreateAuthChallengeFunction", + "VerifyAuthChallengeResponse": "arn:aws:lambda:us-west-2:123456789012:function:MyVerifyAuthChallengeFunction", + "PreTokenGeneration": "arn:aws:lambda:us-west-2:123456789012:function:MyPreTokenGenerationFunction", + "UserMigration": "arn:aws:lambda:us-west-2:123456789012:function:MyMigrateUserFunction", + "PreTokenGenerationConfig": { + "LambdaVersion": "V2_0", + "LambdaArn": "arn:aws:lambda:us-west-2:123456789012:function:MyPreTokenGenerationFunction" }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "given_name", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + "CustomSMSSender": { + "LambdaVersion": "V1_0", + "LambdaArn": "arn:aws:lambda:us-west-2:123456789012:function:MyCustomSMSSenderFunction" }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "family_name", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + "CustomEmailSender": { + "LambdaVersion": "V1_0", + "LambdaArn": "arn:aws:lambda:us-west-2:123456789012:function:MyCustomEmailSenderFunction" }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true + "KMSKeyID": "arn:aws:kms:us-west-2:123456789012:key/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222" }, - { - "Name": "middle_name", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + "LastModifiedDate": 1726784814.598, + "CreationDate": 1602103465.273, + "SchemaAttributes": [ + { + "Name": "sub", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": false, + "Required": true, + "StringAttributeConstraints": { + "MinLength": "1", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "nickname", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "name", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "preferred_username", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "given_name", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "profile", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "family_name", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "picture", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "middle_name", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "website", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "nickname", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "email", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "preferred_username", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": true, - "AttributeDataType": "String", - "Mutable": true - }, - { - "AttributeDataType": "Boolean", - "DeveloperOnlyAttribute": false, - "Required": false, - "Name": "email_verified", - "Mutable": true - }, - { - "Name": "gender", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "profile", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "birthdate", - "StringAttributeConstraints": { - "MinLength": "10", - "MaxLength": "10" + { + "Name": "picture", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "zoneinfo", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "website", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "locale", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "email", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": true, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true - }, - { - "Name": "phone_number", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" + { + "Name": "email_verified", + "AttributeDataType": "Boolean", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false + }, + { + "Name": "gender", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } + }, + { + "Name": "birthdate", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "10", + "MaxLength": "10" + } }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true + { + "Name": "zoneinfo", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } + }, + { + "Name": "locale", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } + }, + { + "Name": "phone_number", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } + }, + { + "Name": "phone_number_verified", + "AttributeDataType": "Boolean", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false + }, + { + "Name": "address", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "0", + "MaxLength": "2048" + } + }, + { + "Name": "updated_at", + "AttributeDataType": "Number", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "NumberAttributeConstraints": { + "MinValue": "0" + } + }, + { + "Name": "identities", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": {} + }, + { + "Name": "custom:111", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "1", + "MaxLength": "256" + } + }, + { + "Name": "dev:custom:222", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": true, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MinLength": "1", + "MaxLength": "421" + } + }, + { + "Name": "custom:accesstoken", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048" + } + }, + { + "Name": "custom:idtoken", + "AttributeDataType": "String", + "DeveloperOnlyAttribute": false, + "Mutable": true, + "Required": false, + "StringAttributeConstraints": { + "MaxLength": "2048" + } + } + ], + "AutoVerifiedAttributes": [ + "email" + ], + "SmsVerificationMessage": "Your verification code is {####}. ", + "EmailVerificationMessage": "Your verification code is {####}. ", + "EmailVerificationSubject": "Your verification code", + "VerificationMessageTemplate": { + "SmsMessage": "Your verification code is {####}. ", + "EmailMessage": "Your verification code is {####}. ", + "EmailSubject": "Your verification code", + "EmailMessageByLink": "Please click the link below to verify your email address. {##Verify Your Email##}\n this is from us-west-2_ywDJHlIfU", + "EmailSubjectByLink": "Your verification link", + "DefaultEmailOption": "CONFIRM_WITH_LINK" }, - { - "AttributeDataType": "Boolean", - "DeveloperOnlyAttribute": false, - "Required": false, - "Name": "phone_number_verified", - "Mutable": true + "SmsAuthenticationMessage": "Your verification code is {####}. ", + "UserAttributeUpdateSettings": { + "AttributesRequireVerificationBeforeUpdate": [] }, - { - "Name": "address", - "StringAttributeConstraints": { - "MinLength": "0", - "MaxLength": "2048" - }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "String", - "Mutable": true + "MfaConfiguration": "OPTIONAL", + "DeviceConfiguration": { + "ChallengeRequiredOnNewDevice": true, + "DeviceOnlyRememberedOnUserPrompt": false }, - { - "Name": "updated_at", - "NumberAttributeConstraints": { - "MinValue": "0" - }, - "DeveloperOnlyAttribute": false, - "Required": false, - "AttributeDataType": "Number", - "Mutable": true - } - ], - "EmailVerificationSubject": "Your verification code", - "MfaConfiguration": "OFF", - "Name": "MyUserPool", - "EmailVerificationMessage": "Your verification code is {####}. ", - "SmsAuthenticationMessage": "Your authentication code is {####}. ", - "LastModifiedDate": 1547763720.822, - "AdminCreateUserConfig": { - "InviteMessageTemplate": { - "EmailMessage": "Your username is {username} and temporary password is {####}. ", - "EmailSubject": "Your temporary password", - "SMSMessage": "Your username is {username} and temporary password is {####}. " + "EstimatedNumberOfUsers": 166, + "EmailConfiguration": { + "SourceArn": "arn:aws:ses:us-west-2:123456789012:identity/admin@example.com", + "EmailSendingAccount": "DEVELOPER" }, - "UnusedAccountValidityDays": 7, - "AllowAdminCreateUserOnly": false - }, - "EmailConfiguration": { - "ReplyToEmailAddress": "myemail@mydomain.com" - "SourceArn": "arn:aws:ses:us-east-1:000000000000:identity/myemail@mydomain.com" - }, - "AutoVerifiedAttributes": [ - "email" - ], - "Policies": { - "PasswordPolicy": { - "RequireLowercase": true, - "RequireSymbols": true, - "RequireNumbers": true, - "MinimumLength": 8, - "RequireUppercase": true + "SmsConfiguration": { + "SnsCallerArn": "arn:aws:iam::123456789012:role/service-role/userpool-SMS-Role", + "ExternalId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "SnsRegion": "us-west-2" + }, + "UserPoolTags": {}, + "Domain": "myCustomDomain", + "CustomDomain": "auth.example.com", + "AdminCreateUserConfig": { + "AllowAdminCreateUserOnly": false, + "UnusedAccountValidityDays": 1, + "InviteMessageTemplate": { + "SMSMessage": "Your username is {username} and temporary password is {####}. ", + "EmailMessage": "Your username is {username} and temporary password is {####}. ", + "EmailSubject": "Your temporary password" + } + }, + "UserPoolAddOns": { + "AdvancedSecurityMode": "ENFORCED", + "AdvancedSecurityAdditionalFlows": {} + }, + "Arn": "arn:aws:cognito-idp:us-west-2:123456789012:userpool/us-west-2_EXAMPLE", + "AccountRecoverySetting": { + "RecoveryMechanisms": [ + { + "Priority": 1, + "Name": "verified_email" + } + ] } - }, - "UserPoolTags": {}, - "UsernameAttributes": [ - "email" - ], - "CreationDate": 1547763720.822, - "EstimatedNumberOfUsers": 1, - "Id": "us-west-2_aaaaaaaaa", - "LambdaConfig": {} + } } - } \ No newline at end of file + +For more information, see `Amazon Cognito user pools `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/get-device.rst b/awscli/examples/cognito-idp/get-device.rst new file mode 100644 index 000000000000..d3839ee1b1a1 --- /dev/null +++ b/awscli/examples/cognito-idp/get-device.rst @@ -0,0 +1,50 @@ +**To get a device** + +The following ``get-device`` example displays one device for currently signed-in user. :: + + aws cognito-idp get-device \ + --access-token eyJra456defEXAMPLE \ + --device-key us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 + +Output:: + + { + "Device": { + "DeviceKey": "us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "DeviceAttributes": [ + { + "Name": "device_status", + "Value": "valid" + }, + { + "Name": "device_name", + "Value": "MyDevice" + }, + { + "Name": "dev:device_arn", + "Value": "arn:aws:cognito-idp:us-west-2:123456789012:owner/diego.us-west-2_EXAMPLE/device/us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + }, + { + "Name": "dev:device_owner", + "Value": "diego.us-west-2_EXAMPLE" + }, + { + "Name": "last_ip_used", + "Value": "192.0.2.1" + }, + { + "Name": "dev:device_remembered_status", + "Value": "remembered" + }, + { + "Name": "dev:device_sdk", + "Value": "aws-sdk" + } + ], + "DeviceCreateDate": 1715100742.022, + "DeviceLastModifiedDate": 1723233651.167, + "DeviceLastAuthenticatedDate": 1715100742.0 + } + } + +For more information, see `Working with user devices in your user pool `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/get-group.rst b/awscli/examples/cognito-idp/get-group.rst index 61a87756385c..dd6c4b0e16fb 100644 --- a/awscli/examples/cognito-idp/get-group.rst +++ b/awscli/examples/cognito-idp/get-group.rst @@ -1,19 +1,22 @@ **To get information about a group** -This example gets information about a group named MyGroup. +The following ``get-group`` example lists the properties of the user group named ``MyGroup``. This group has a precedence and an IAM role associated with it. :: -Command:: - - aws cognito-idp get-group --user-pool-id us-west-2_aaaaaaaaa --group-name MyGroup + aws cognito-idp get-group \ + --user-pool-id us-west-2_EXAMPLE \ + --group-name MyGroup Output:: - { - "Group": { - "GroupName": "MyGroup", - "UserPoolId": "us-west-2_aaaaaaaaa", - "Description": "A sample group.", - "LastModifiedDate": 1548270073.795, - "CreationDate": 1548270073.795 + { + "Group": { + "GroupName": "MyGroup", + "UserPoolId": "us-west-2_EXAMPLE", + "RoleArn": "arn:aws:iam::123456789012:role/example-cognito-role", + "Precedence": 7, + "LastModifiedDate": 1697211218.305, + "CreationDate": 1611685503.954 + } } - } \ No newline at end of file + +For more information, see `Adding groups to a user pool `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/list-devices.rst b/awscli/examples/cognito-idp/list-devices.rst new file mode 100644 index 000000000000..d74692723d2c --- /dev/null +++ b/awscli/examples/cognito-idp/list-devices.rst @@ -0,0 +1,53 @@ +**To list devices for a user** + +The following ``list-devices`` example lists devices for the currently sign-in user. :: + + aws cognito-idp admin-list-devices \ + --user-pool-id us-west-2_EXAMPLE \ + --access-token eyJra456defEXAMPLE \ + --limit 1 + +Output:: + + { + "Devices": [ + { + "DeviceKey": "us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "DeviceAttributes": [ + { + "Name": "device_status", + "Value": "valid" + }, + { + "Name": "device_name", + "Value": "MyDevice" + }, + { + "Name": "dev:device_arn", + "Value": "arn:aws:cognito-idp:us-west-2:123456789012:owner/diego.us-west-2_EXAMPLE/device/us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + }, + { + "Name": "dev:device_owner", + "Value": "diego.us-west-2_EXAMPLE" + }, + { + "Name": "last_ip_used", + "Value": "192.0.2.1" + }, + { + "Name": "dev:device_remembered_status", + "Value": "remembered" + }, + { + "Name": "dev:device_sdk", + "Value": "aws-sdk" + } + ], + "DeviceCreateDate": 1715100742.022, + "DeviceLastModifiedDate": 1723233651.167, + "DeviceLastAuthenticatedDate": 1715100742.0 + } + ] + } + +For more information, see `Working with user devices in your user pool `__ in the *Amazon Cognito Developer Guide*. diff --git a/awscli/examples/cognito-idp/set-user-mfa-preference.rst b/awscli/examples/cognito-idp/set-user-mfa-preference.rst index 95f49bf1ddc7..b1cd207010b2 100644 --- a/awscli/examples/cognito-idp/set-user-mfa-preference.rst +++ b/awscli/examples/cognito-idp/set-user-mfa-preference.rst @@ -1,8 +1,12 @@ -**To set user MFA settings** - -This example modifies the MFA delivery options. It changes the MFA delivery medium to SMS. - -Command:: - - aws cognito-idp set-user-mfa-preference --access-token ACCESS_TOKEN --mfa-options DeliveryMedium="SMS",AttributeName="phone_number" - +**To set user MFA settings** + +The following ``set-user-mfa-preference`` example modifies the MFA delivery options. It changes the MFA delivery medium to SMS. :: + + aws cognito-idp set-user-mfa-preference \ + --access-token "eyJra12345EXAMPLE" \ + --software-token-mfa-settings Enabled=true,PreferredMfa=true \ + --sms-mfa-settings Enabled=false,PreferredMfa=false + +This command produces no output. + +For more information, see `Adding MFA to a user pool `__ in the *Amazon Cognito Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/cognito-idp/update-user-pool.rst b/awscli/examples/cognito-idp/update-user-pool.rst index a3948e59122b..c47d6fd436e4 100644 --- a/awscli/examples/cognito-idp/update-user-pool.rst +++ b/awscli/examples/cognito-idp/update-user-pool.rst @@ -1,7 +1,25 @@ -**To update a user pool** - -This example adds tags to a user pool. - -Command:: - - aws cognito-idp update-user-pool --user-pool-id us-west-2_aaaaaaaaa --user-pool-tags Team=Blue,Area=West +**To update a user pool** + +The following ``update-user-pool`` example modifies a user pool with example syntax for each of the available configuration options. To update a user pool, you must specify all previously-configured options or they will reset to a default value. :: + + aws cognito-idp update-user-pool --user-pool-id us-west-2_EXAMPLE \ + --policies PasswordPolicy=\{MinimumLength=6,RequireUppercase=true,RequireLowercase=true,RequireNumbers=true,RequireSymbols=true,TemporaryPasswordValidityDays=7\} \ + --deletion-protection ACTIVE \ + --lambda-config PreSignUp="arn:aws:lambda:us-west-2:123456789012:function:cognito-test-presignup-function",PreTokenGeneration="arn:aws:lambda:us-west-2:123456789012:function:cognito-test-pretoken-function" \ + --auto-verified-attributes "phone_number" "email" \ + --verification-message-template \{\"SmsMessage\":\""Your code is {####}"\",\"EmailMessage\":\""Your code is {####}"\",\"EmailSubject\":\""Your verification code"\",\"EmailMessageByLink\":\""Click {##here##} to verify your email address."\",\"EmailSubjectByLink\":\""Your verification link"\",\"DefaultEmailOption\":\"CONFIRM_WITH_LINK\"\} \ + --sms-authentication-message "Your code is {####}" \ + --user-attribute-update-settings AttributesRequireVerificationBeforeUpdate="email","phone_number" \ + --mfa-configuration "OPTIONAL" \ + --device-configuration ChallengeRequiredOnNewDevice=true,DeviceOnlyRememberedOnUserPrompt=true \ + --email-configuration SourceArn="arn:aws:ses:us-west-2:123456789012:identity/admin@example.com",ReplyToEmailAddress="amdin+noreply@example.com",EmailSendingAccount=DEVELOPER,From="admin@amazon.com",ConfigurationSet="test-configuration-set" \ + --sms-configuration SnsCallerArn="arn:aws:iam::123456789012:role/service-role/SNS-SMS-Role",ExternalId="12345",SnsRegion="us-west-2" \ + --admin-create-user-config AllowAdminCreateUserOnly=false,InviteMessageTemplate=\{SMSMessage=\""Welcome {username}. Your confirmation code is {####}"\",EmailMessage=\""Welcome {username}. Your confirmation code is {####}"\",EmailSubject=\""Welcome to MyMobileGame"\"\} \ + --user-pool-tags "Function"="MyMobileGame","Developers"="Berlin" \ + --admin-create-user-config AllowAdminCreateUserOnly=false,InviteMessageTemplate=\{SMSMessage=\""Welcome {username}. Your confirmation code is {####}"\",EmailMessage=\""Welcome {username}. Your confirmation code is {####}"\",EmailSubject=\""Welcome to MyMobileGame"\"\} \ + --user-pool-add-ons AdvancedSecurityMode="AUDIT" \ + --account-recovery-setting RecoveryMechanisms=\[\{Priority=1,Name="verified_email"\},\{Priority=2,Name="verified_phone_number"\}\] + +This command produces no output. + +For more information, see `Updating user pool configuration `__ in the *Amazon Cognito Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/comprehend/classify-document.rst b/awscli/examples/comprehend/classify-document.rst index 9839dbd5f703..02f6c0a89b8a 100644 --- a/awscli/examples/comprehend/classify-document.rst +++ b/awscli/examples/comprehend/classify-document.rst @@ -1,6 +1,6 @@ **To classify document with model-specific endpoint** -The following ``classify-document`` example classifys a document with an endpoint of a custom model. The model in this example was trained on +The following ``classify-document`` example classifies a document with an endpoint of a custom model. The model in this example was trained on a dataset containing sms messages labeled as spam or non-spam, or, "ham". :: aws comprehend classify-document \ diff --git a/awscli/examples/comprehend/contains-pii-entities.rst b/awscli/examples/comprehend/contains-pii-entities.rst index 0a45d10a2197..01e8689b02b2 100644 --- a/awscli/examples/comprehend/contains-pii-entities.rst +++ b/awscli/examples/comprehend/contains-pii-entities.rst @@ -1,6 +1,6 @@ -**To analyze the input text for the presense of PII information** +**To analyze the input text for the presence of PII information** -The following ``contains-pii-entities`` example analyzes the input text for the presense of personally identifiable information (PII) and returns the labels of identified PII entity types such as name, address, bank account number, or phone number. :: +The following ``contains-pii-entities`` example analyzes the input text for the presence of personally identifiable information (PII) and returns the labels of identified PII entity types such as name, address, bank account number, or phone number. :: aws comprehend contains-pii-entities \ --language-code en \ diff --git a/awscli/examples/comprehend/create-dataset.rst b/awscli/examples/comprehend/create-dataset.rst index ac1b9f7648f9..31623ad9ca1d 100644 --- a/awscli/examples/comprehend/create-dataset.rst +++ b/awscli/examples/comprehend/create-dataset.rst @@ -9,12 +9,12 @@ The following ``create-dataset`` example creates a dataset for a flywheel. This --dataset-type "TRAIN" \ --input-data-config file://inputConfig.json -Contents of ``file://inputConig.json``:: +Contents of ``file://inputConfig.json``:: { "DataFormat": "COMPREHEND_CSV", "DocumentClassifierInputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/training-data.csv" + "S3Uri": "s3://amzn-s3-demo-bucket/training-data.csv" } } diff --git a/awscli/examples/comprehend/create-document-classifier.rst b/awscli/examples/comprehend/create-document-classifier.rst index 6881994d36cc..a9806d4f8b26 100644 --- a/awscli/examples/comprehend/create-document-classifier.rst +++ b/awscli/examples/comprehend/create-document-classifier.rst @@ -5,7 +5,7 @@ The following ``create-document-classifier`` example begins the training process aws comprehend create-document-classifier \ --document-classifier-name example-classifier \ --data-access-arn arn:aws:comprehend:us-west-2:111122223333:pii-entities-detection-job/123456abcdeb0e11022f22a11EXAMPLE \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/" \ --language-code en Output:: diff --git a/awscli/examples/comprehend/create-entity-recognizer.rst b/awscli/examples/comprehend/create-entity-recognizer.rst index 727dc32f4e15..010d48e49d00 100644 --- a/awscli/examples/comprehend/create-entity-recognizer.rst +++ b/awscli/examples/comprehend/create-entity-recognizer.rst @@ -6,7 +6,7 @@ The following ``create-entity-recognizer`` example begins the training process f aws comprehend create-entity-recognizer \ --recognizer-name example-entity-recognizer --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role \ - --input-data-config "EntityTypes=[{Type=DEVICE}],Documents={S3Uri=s3://DOC-EXAMPLE-BUCKET/trainingdata/raw_text.csv},EntityList={S3Uri=s3://DOC-EXAMPLE-BUCKET/trainingdata/entity_list.csv}" + --input-data-config "EntityTypes=[{Type=DEVICE}],Documents={S3Uri=s3://amzn-s3-demo-bucket/trainingdata/raw_text.csv},EntityList={S3Uri=s3://amzn-s3-demo-bucket/trainingdata/entity_list.csv}" --language-code en Output:: diff --git a/awscli/examples/comprehend/create-flywheel.rst b/awscli/examples/comprehend/create-flywheel.rst index 9601ae0feb65..adcaebc9e0df 100644 --- a/awscli/examples/comprehend/create-flywheel.rst +++ b/awscli/examples/comprehend/create-flywheel.rst @@ -1,14 +1,14 @@ **To create a flywheel** The following ``create-flywheel`` example creates a flywheel to orchestrate the ongoing training of either a document classification or entity -recgonition model. The flywheel in this example is created to manage an existing trained model specified by the ``--active-model-arn`` tag. +recognition model. The flywheel in this example is created to manage an existing trained model specified by the ``--active-model-arn`` tag. When the flywheel is created, a data lake is created at the ``--input-data-lake`` tag. :: aws comprehend create-flywheel \ --flywheel-name example-flywheel \ --active-model-arn arn:aws:comprehend:us-west-2:111122223333:document-classifier/example-model/version/1 \ --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role \ - --data-lake-s3-uri "s3://DOC-EXAMPLE-BUCKET" + --data-lake-s3-uri "s3://amzn-s3-demo-bucket" Output:: diff --git a/awscli/examples/comprehend/delete-document-classifier.rst b/awscli/examples/comprehend/delete-document-classifier.rst index cc98bf5b047e..58b4c8c58e8d 100644 --- a/awscli/examples/comprehend/delete-document-classifier.rst +++ b/awscli/examples/comprehend/delete-document-classifier.rst @@ -3,7 +3,7 @@ The following ``delete-document-classifier`` example deletes a custom document classifier model. :: aws comprehend delete-document-classifier \ - --document-classifier-arn arn:aws:comprehend:us-west-2:111122223333:document-classifier/example-classifer-1 + --document-classifier-arn arn:aws:comprehend:us-west-2:111122223333:document-classifier/example-classifier-1 This command produces no output. diff --git a/awscli/examples/comprehend/describe-dataset.rst b/awscli/examples/comprehend/describe-dataset.rst index 678e51366947..bd779337c910 100644 --- a/awscli/examples/comprehend/describe-dataset.rst +++ b/awscli/examples/comprehend/describe-dataset.rst @@ -12,7 +12,7 @@ Output:: "DatasetArn": "arn:aws:comprehend:us-west-2:111122223333:flywheel/flywheel-entity/dataset/example-dataset", "DatasetName": "example-dataset", "DatasetType": "TRAIN", - "DatasetS3Uri": "s3://DOC-EXAMPLE-BUCKET/flywheel-entity/schemaVersion=1/12345678A123456Z/datasets/example-dataset/20230616T203710Z/", + "DatasetS3Uri": "s3://amzn-s3-demo-bucket/flywheel-entity/schemaVersion=1/12345678A123456Z/datasets/example-dataset/20230616T203710Z/", "Status": "CREATING", "CreationTime": "2023-06-16T20:37:10.400000+00:00" } diff --git a/awscli/examples/comprehend/describe-document-classification-job.rst b/awscli/examples/comprehend/describe-document-classification-job.rst index 6b013119775a..7c3d82ae15a2 100644 --- a/awscli/examples/comprehend/describe-document-classification-job.rst +++ b/awscli/examples/comprehend/describe-document-classification-job.rst @@ -17,11 +17,11 @@ Output:: "EndTime": "2023-06-14T17:15:58.582000+00:00", "DocumentClassifierArn": "arn:aws:comprehend:us-west-2:111122223333:document-classifier/mymodel/version/1", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/jobdata/", + "S3Uri": "s3://amzn-s3-demo-bucket/jobdata/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-CLN-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-CLN-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-servicerole" } diff --git a/awscli/examples/comprehend/describe-document-classifier.rst b/awscli/examples/comprehend/describe-document-classifier.rst index 751880b0bcc1..297cedc20b4e 100644 --- a/awscli/examples/comprehend/describe-document-classifier.rst +++ b/awscli/examples/comprehend/describe-document-classifier.rst @@ -18,7 +18,7 @@ Output:: "TrainingEndTime": "2023-06-13T19:41:35.080000+00:00", "InputDataConfig": { "DataFormat": "COMPREHEND_CSV", - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/trainingdata" + "S3Uri": "s3://amzn-s3-demo-bucket/trainingdata" }, "OutputDataConfig": {}, "ClassifierMetadata": { diff --git a/awscli/examples/comprehend/describe-dominant-language-detection-job.rst b/awscli/examples/comprehend/describe-dominant-language-detection-job.rst index b1ad170ef6c7..ce09675508ce 100644 --- a/awscli/examples/comprehend/describe-dominant-language-detection-job.rst +++ b/awscli/examples/comprehend/describe-dominant-language-detection-job.rst @@ -15,11 +15,11 @@ Output:: "JobStatus": "IN_PROGRESS", "SubmitTime": "2023-06-09T18:10:38.037000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET", + "S3Uri": "s3://amzn-s3-demo-bucket", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-LANGUAGE-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-LANGUAGE-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" } diff --git a/awscli/examples/comprehend/describe-entities-detection-job.rst b/awscli/examples/comprehend/describe-entities-detection-job.rst index 158c2c04ed91..4779df6122ed 100644 --- a/awscli/examples/comprehend/describe-entities-detection-job.rst +++ b/awscli/examples/comprehend/describe-entities-detection-job.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-08T21:30:15.323000+00:00", "EndTime": "2023-06-08T21:40:23.509000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/AsyncBatchJobs/", + "S3Uri": "s3://amzn-s3-demo-bucket/AsyncBatchJobs/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/thefolder/111122223333-NER-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-bucket/thefolder/111122223333-NER-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::12345678012:role/service-role/AmazonComprehendServiceRole-example-role" diff --git a/awscli/examples/comprehend/describe-entity-recognizer.rst b/awscli/examples/comprehend/describe-entity-recognizer.rst index 3587ea3dcfde..b5620908cd1a 100644 --- a/awscli/examples/comprehend/describe-entity-recognizer.rst +++ b/awscli/examples/comprehend/describe-entity-recognizer.rst @@ -24,11 +24,11 @@ Output:: } ], "Documents": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/trainingdata/dataset/", + "S3Uri": "s3://amzn-s3-demo-bucket/trainingdata/dataset/", "InputFormat": "ONE_DOC_PER_LINE" }, "EntityList": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/trainingdata/entity.csv" + "S3Uri": "s3://amzn-s3-demo-bucket/trainingdata/entity.csv" } }, "RecognizerMetadata": { diff --git a/awscli/examples/comprehend/describe-events-detection-job.rst b/awscli/examples/comprehend/describe-events-detection-job.rst index 1cbc424a1c7d..9332d0afd37c 100644 --- a/awscli/examples/comprehend/describe-events-detection-job.rst +++ b/awscli/examples/comprehend/describe-events-detection-job.rst @@ -15,11 +15,11 @@ Output:: "JobStatus": "IN_PROGRESS", "SubmitTime": "2023-06-12T18:45:56.054000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/EventsData", + "S3Uri": "s3://amzn-s3-demo-bucket/EventsData", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-EVENTS-123456abcdeb0e11022f22a11EXAMPLE/output/" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-EVENTS-123456abcdeb0e11022f22a11EXAMPLE/output/" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role", diff --git a/awscli/examples/comprehend/describe-flywheel-iteration.rst b/awscli/examples/comprehend/describe-flywheel-iteration.rst index bc781ee7c290..33d9c9e6efcf 100644 --- a/awscli/examples/comprehend/describe-flywheel-iteration.rst +++ b/awscli/examples/comprehend/describe-flywheel-iteration.rst @@ -30,7 +30,7 @@ Output:: "AverageRecall": 0.9767700253081214, "AverageAccuracy": 0.9858281665190434 }, - "EvaluationManifestS3Prefix": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/flywheel-entity/schemaVersion=1/20230616T200543Z/evaluation/20230616T211026Z/" + "EvaluationManifestS3Prefix": "s3://amzn-s3-demo-destination-bucket/flywheel-entity/schemaVersion=1/20230616T200543Z/evaluation/20230616T211026Z/" } } diff --git a/awscli/examples/comprehend/describe-flywheel.rst b/awscli/examples/comprehend/describe-flywheel.rst index ff19617b8b76..741dec57bacd 100644 --- a/awscli/examples/comprehend/describe-flywheel.rst +++ b/awscli/examples/comprehend/describe-flywheel.rst @@ -23,7 +23,7 @@ Output:: ] } }, - "DataLakeS3Uri": "s3://DOC-EXAMPLE-BUCKET/example-flywheel/schemaVersion=1/20230616T200543Z/", + "DataLakeS3Uri": "s3://amzn-s3-demo-bucket/example-flywheel/schemaVersion=1/20230616T200543Z/", "DataSecurityConfig": {}, "Status": "ACTIVE", "ModelType": "DOCUMENT_CLASSIFIER", diff --git a/awscli/examples/comprehend/describe-pii-entities-detection-job.rst b/awscli/examples/comprehend/describe-pii-entities-detection-job.rst index c7c18c6eb70d..cff63617aa49 100644 --- a/awscli/examples/comprehend/describe-pii-entities-detection-job.rst +++ b/awscli/examples/comprehend/describe-pii-entities-detection-job.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-08T21:30:15.323000+00:00", "EndTime": "2023-06-08T21:40:23.509000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/AsyncBatchJobs/", + "S3Uri": "s3://amzn-s3-demo-bucket/AsyncBatchJobs/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/thefolder/111122223333-NER-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-bucket/thefolder/111122223333-NER-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::12345678012:role/service-role/AmazonComprehendServiceRole-example-role" diff --git a/awscli/examples/comprehend/describe-sentiment-detection-job.rst b/awscli/examples/comprehend/describe-sentiment-detection-job.rst index d172c5cd6697..c1c6204deccb 100644 --- a/awscli/examples/comprehend/describe-sentiment-detection-job.rst +++ b/awscli/examples/comprehend/describe-sentiment-detection-job.rst @@ -15,11 +15,11 @@ Output:: "JobStatus": "IN_PROGRESS", "SubmitTime": "2023-06-09T23:16:15.956000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/MovieData", + "S3Uri": "s3://amzn-s3-demo-bucket/MovieData", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-TS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-TS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-servicerole" diff --git a/awscli/examples/comprehend/describe-targeted-sentiment-detection-job.rst b/awscli/examples/comprehend/describe-targeted-sentiment-detection-job.rst index e52a40bb949c..8c81f86226c4 100644 --- a/awscli/examples/comprehend/describe-targeted-sentiment-detection-job.rst +++ b/awscli/examples/comprehend/describe-targeted-sentiment-detection-job.rst @@ -15,11 +15,11 @@ Output:: "JobStatus": "IN_PROGRESS", "SubmitTime": "2023-06-09T23:16:15.956000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/MovieData", + "S3Uri": "s3://amzn-s3-demo-bucket/MovieData", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-TS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-TS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-servicerole" diff --git a/awscli/examples/comprehend/describe-topics-detection-job.rst b/awscli/examples/comprehend/describe-topics-detection-job.rst index b90bb2d62418..3d8e2e1c8460 100644 --- a/awscli/examples/comprehend/describe-topics-detection-job.rst +++ b/awscli/examples/comprehend/describe-topics-detection-job.rst @@ -15,11 +15,11 @@ Output:: "JobStatus": "IN_PROGRESS", "SubmitTime": "2023-06-09T18:44:43.414000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET", + "S3Uri": "s3://amzn-s3-demo-bucket", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-TOPICS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-TOPICS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "NumberOfTopics": 10, "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-examplerole" diff --git a/awscli/examples/comprehend/detect-entities.rst b/awscli/examples/comprehend/detect-entities.rst index 5144711d63eb..22a130a43c89 100644 --- a/awscli/examples/comprehend/detect-entities.rst +++ b/awscli/examples/comprehend/detect-entities.rst @@ -1,4 +1,4 @@ -**To detect named entites in input text** +**To detect named entities in input text** The following ``detect-entities`` example analyzes the input text and returns the named entities. The pre-trained model's confidence score is also output for each prediction. :: diff --git a/awscli/examples/comprehend/list-datasets.rst b/awscli/examples/comprehend/list-datasets.rst index 93db7462634d..b8d890e54667 100644 --- a/awscli/examples/comprehend/list-datasets.rst +++ b/awscli/examples/comprehend/list-datasets.rst @@ -13,7 +13,7 @@ Output:: "DatasetArn": "arn:aws:comprehend:us-west-2:111122223333:flywheel/flywheel-entity/dataset/example-dataset-1", "DatasetName": "example-dataset-1", "DatasetType": "TRAIN", - "DatasetS3Uri": "s3://DOC-EXAMPLE-BUCKET/flywheel-entity/schemaVersion=1/20230616T200543Z/datasets/example-dataset-1/20230616T203710Z/", + "DatasetS3Uri": "s3://amzn-s3-demo-bucket/flywheel-entity/schemaVersion=1/20230616T200543Z/datasets/example-dataset-1/20230616T203710Z/", "Status": "CREATING", "CreationTime": "2023-06-16T20:37:10.400000+00:00" }, @@ -21,7 +21,7 @@ Output:: "DatasetArn": "arn:aws:comprehend:us-west-2:111122223333:flywheel/flywheel-entity/dataset/example-dataset-2", "DatasetName": "example-dataset-2", "DatasetType": "TRAIN", - "DatasetS3Uri": "s3://DOC-EXAMPLE-BUCKET/flywheel-entity/schemaVersion=1/20230616T200543Z/datasets/example-dataset-2/20230616T200607Z/", + "DatasetS3Uri": "s3://amzn-s3-demo-bucket/flywheel-entity/schemaVersion=1/20230616T200543Z/datasets/example-dataset-2/20230616T200607Z/", "Description": "TRAIN Dataset created by Flywheel creation.", "Status": "COMPLETED", "NumberOfDocuments": 5572, diff --git a/awscli/examples/comprehend/list-document-classification-jobs.rst b/awscli/examples/comprehend/list-document-classification-jobs.rst index e48e0a3a4dc1..938cade03aee 100644 --- a/awscli/examples/comprehend/list-document-classification-jobs.rst +++ b/awscli/examples/comprehend/list-document-classification-jobs.rst @@ -17,11 +17,11 @@ Output:: "EndTime": "2023-06-14T17:15:58.582000+00:00", "DocumentClassifierArn": "arn:aws:comprehend:us-west-2:1234567890101:document-classifier/mymodel/version/12", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/jobdata/", + "S3Uri": "s3://amzn-s3-demo-bucket/jobdata/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/thefolder/1234567890101-CLN-e758dd56b824aa717ceab551f11749fb/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/thefolder/1234567890101-CLN-e758dd56b824aa717ceab551f11749fb/output/output.tar.gz" }, "DataAccessRoleArn": "arn:aws:iam::1234567890101:role/service-role/AmazonComprehendServiceRole-example-role" }, @@ -34,11 +34,11 @@ Output:: "EndTime": "2023-06-14T17:28:46.107000+00:00", "DocumentClassifierArn": "arn:aws:comprehend:us-west-2:1234567890101:document-classifier/mymodel/version/12", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/jobdata/", + "S3Uri": "s3://amzn-s3-demo-bucket/jobdata/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/thefolder/1234567890101-CLN-123456abcdeb0e11022f22a1EXAMPLE2/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/thefolder/1234567890101-CLN-123456abcdeb0e11022f22a1EXAMPLE2/output/output.tar.gz" }, "DataAccessRoleArn": "arn:aws:iam::1234567890101:role/service-role/AmazonComprehendServiceRole-example-role" } diff --git a/awscli/examples/comprehend/list-document-classifiers.rst b/awscli/examples/comprehend/list-document-classifiers.rst index 4b4c379b152b..0c4e57b0cb50 100644 --- a/awscli/examples/comprehend/list-document-classifiers.rst +++ b/awscli/examples/comprehend/list-document-classifiers.rst @@ -18,7 +18,7 @@ Output:: "TrainingEndTime": "2023-06-13T19:41:35.080000+00:00", "InputDataConfig": { "DataFormat": "COMPREHEND_CSV", - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/trainingdata" + "S3Uri": "s3://amzn-s3-demo-bucket/trainingdata" }, "OutputDataConfig": {}, "ClassifierMetadata": { @@ -46,7 +46,7 @@ Output:: "SubmitTime": "2023-06-13T21:20:28.690000+00:00", "InputDataConfig": { "DataFormat": "COMPREHEND_CSV", - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/trainingdata" + "S3Uri": "s3://amzn-s3-demo-bucket/trainingdata" }, "OutputDataConfig": {}, "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-testorle", diff --git a/awscli/examples/comprehend/list-dominant-language-detection-jobs.rst b/awscli/examples/comprehend/list-dominant-language-detection-jobs.rst index 4e3e8e6192b8..dd1a3e1da536 100644 --- a/awscli/examples/comprehend/list-dominant-language-detection-jobs.rst +++ b/awscli/examples/comprehend/list-dominant-language-detection-jobs.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-09T18:10:38.037000+00:00", "EndTime": "2023-06-09T18:18:45.498000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET", + "S3Uri": "s3://amzn-s3-demo-bucket", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-LANGUAGE-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-LANGUAGE-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" }, @@ -32,11 +32,11 @@ Output:: "SubmitTime": "2023-06-09T18:16:33.690000+00:00", "EndTime": "2023-06-09T18:24:40.608000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET", + "S3Uri": "s3://amzn-s3-demo-bucket", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-LANGUAGE-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-LANGUAGE-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" } diff --git a/awscli/examples/comprehend/list-entities-detection-jobs.rst b/awscli/examples/comprehend/list-entities-detection-jobs.rst index d1aa8fd0e13e..5640bcee8e77 100644 --- a/awscli/examples/comprehend/list-entities-detection-jobs.rst +++ b/awscli/examples/comprehend/list-entities-detection-jobs.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-08T20:57:46.476000+00:00", "EndTime": "2023-06-08T21:05:53.718000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/AsyncBatchJobs/", + "S3Uri": "s3://amzn-s3-demo-bucket/AsyncBatchJobs/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/thefolder/111122223333-NER-468af39c28ab45b83eb0c4ab9EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/thefolder/111122223333-NER-468af39c28ab45b83eb0c4ab9EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" @@ -33,11 +33,11 @@ Output:: "SubmitTime": "2023-06-08T21:30:15.323000+00:00", "EndTime": "2023-06-08T21:40:23.509000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/AsyncBatchJobs/", + "S3Uri": "s3://amzn-s3-demo-bucket/AsyncBatchJobs/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/thefolder/111122223333-NER-809691caeaab0e71406f80a28EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/thefolder/111122223333-NER-809691caeaab0e71406f80a28EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" @@ -50,11 +50,11 @@ Output:: "SubmitTime": "2023-06-08T22:19:28.528000+00:00", "EndTime": "2023-06-08T22:27:33.991000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/AsyncBatchJobs/", + "S3Uri": "s3://amzn-s3-demo-bucket/AsyncBatchJobs/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/thefolder/111122223333-NER-e00597c36b448b91d70dea165EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/thefolder/111122223333-NER-e00597c36b448b91d70dea165EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" diff --git a/awscli/examples/comprehend/list-entity-recognizers.rst b/awscli/examples/comprehend/list-entity-recognizers.rst index 86c637a99540..048128354617 100644 --- a/awscli/examples/comprehend/list-entity-recognizers.rst +++ b/awscli/examples/comprehend/list-entity-recognizers.rst @@ -24,11 +24,11 @@ Output:: } ], "Documents": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/trainingdata/dataset/", + "S3Uri": "s3://amzn-s3-demo-bucket/trainingdata/dataset/", "InputFormat": "ONE_DOC_PER_LINE" }, "EntityList": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/trainingdata/entity.csv" + "S3Uri": "s3://amzn-s3-demo-bucket/trainingdata/entity.csv" } }, "RecognizerMetadata": { @@ -70,11 +70,11 @@ Output:: } ], "Documents": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/trainingdata/raw_txt.csv", + "S3Uri": "s3://amzn-s3-demo-bucket/trainingdata/raw_txt.csv", "InputFormat": "ONE_DOC_PER_LINE" }, "EntityList": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/trainingdata/entity_list.csv" + "S3Uri": "s3://amzn-s3-demo-bucket/trainingdata/entity_list.csv" } }, "RecognizerMetadata": { diff --git a/awscli/examples/comprehend/list-events-detection-jobs.rst b/awscli/examples/comprehend/list-events-detection-jobs.rst index 15912f3bb1d5..41218860b70f 100644 --- a/awscli/examples/comprehend/list-events-detection-jobs.rst +++ b/awscli/examples/comprehend/list-events-detection-jobs.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-12T19:14:57.751000+00:00", "EndTime": "2023-06-12T19:21:04.962000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-SOURCE-BUCKET/EventsData/", + "S3Uri": "s3://amzn-s3-demo-source-bucket/EventsData/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/1111222233333-EVENTS-aa9593f9203e84f3ef032ce18EXAMPLE/output/" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/1111222233333-EVENTS-aa9593f9203e84f3ef032ce18EXAMPLE/output/" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::1111222233333:role/service-role/AmazonComprehendServiceRole-example-role", @@ -40,11 +40,11 @@ Output:: "SubmitTime": "2023-06-12T19:55:43.702000+00:00", "EndTime": "2023-06-12T20:03:49.893000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-SOURCE-BUCKET/EventsData/", + "S3Uri": "s3://amzn-s3-demo-source-bucket/EventsData/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/1111222233333-EVENTS-4a990a2f7e82adfca6e171135EXAMPLE/output/" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/1111222233333-EVENTS-4a990a2f7e82adfca6e171135EXAMPLE/output/" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::1111222233333:role/service-role/AmazonComprehendServiceRole-example-role", diff --git a/awscli/examples/comprehend/list-flywheel-iteration-history.rst b/awscli/examples/comprehend/list-flywheel-iteration-history.rst index 00ef07684fc6..778edeed4ab6 100644 --- a/awscli/examples/comprehend/list-flywheel-iteration-history.rst +++ b/awscli/examples/comprehend/list-flywheel-iteration-history.rst @@ -24,7 +24,7 @@ Output:: "AverageRecall": 0.9445600253081214, "AverageAccuracy": 0.9997281665190434 }, - "EvaluationManifestS3Prefix": "s3://DOC-EXAMPLE-BUCKET/example-flywheel/schemaVersion=1/20230619TEXAMPLE/evaluation/20230619TEXAMPLE/" + "EvaluationManifestS3Prefix": "s3://amzn-s3-demo-bucket/example-flywheel/schemaVersion=1/20230619TEXAMPLE/evaluation/20230619TEXAMPLE/" }, { "FlywheelArn": "arn:aws:comprehend:us-west-2:111122223333:flywheel/example-flywheel-2", @@ -41,7 +41,7 @@ Output:: "AverageRecall": 0.9767700253081214, "AverageAccuracy": 0.9858281665190434 }, - "EvaluationManifestS3Prefix": "s3://DOC-EXAMPLE-BUCKET/example-flywheel-2/schemaVersion=1/20230616TEXAMPLE/evaluation/20230616TEXAMPLE/" + "EvaluationManifestS3Prefix": "s3://amzn-s3-demo-bucket/example-flywheel-2/schemaVersion=1/20230616TEXAMPLE/evaluation/20230616TEXAMPLE/" } ] } diff --git a/awscli/examples/comprehend/list-flywheels.rst b/awscli/examples/comprehend/list-flywheels.rst index f36b73dd0ff9..5ec6316419f5 100644 --- a/awscli/examples/comprehend/list-flywheels.rst +++ b/awscli/examples/comprehend/list-flywheels.rst @@ -10,8 +10,8 @@ Output:: "FlywheelSummaryList": [ { "FlywheelArn": "arn:aws:comprehend:us-west-2:111122223333:flywheel/example-flywheel-1", - "ActiveModelArn": "arn:aws:comprehend:us-west-2:111122223333:document-classifier/exampleclassifer/version/1", - "DataLakeS3Uri": "s3://DOC-EXAMPLE-BUCKET/example-flywheel-1/schemaVersion=1/20230616T200543Z/", + "ActiveModelArn": "arn:aws:comprehend:us-west-2:111122223333:document-classifier/exampleclassifier/version/1", + "DataLakeS3Uri": "s3://amzn-s3-demo-bucket/example-flywheel-1/schemaVersion=1/20230616T200543Z/", "Status": "ACTIVE", "ModelType": "DOCUMENT_CLASSIFIER", "CreationTime": "2023-06-16T20:05:43.242000+00:00", @@ -20,8 +20,8 @@ Output:: }, { "FlywheelArn": "arn:aws:comprehend:us-west-2:111122223333:flywheel/example-flywheel-2", - "ActiveModelArn": "arn:aws:comprehend:us-west-2:111122223333:document-classifier/exampleclassifer2/version/1", - "DataLakeS3Uri": "s3://DOC-EXAMPLE-BUCKET/example-flywheel-2/schemaVersion=1/20220616T200543Z/", + "ActiveModelArn": "arn:aws:comprehend:us-west-2:111122223333:document-classifier/exampleclassifier2/version/1", + "DataLakeS3Uri": "s3://amzn-s3-demo-bucket/example-flywheel-2/schemaVersion=1/20220616T200543Z/", "Status": "ACTIVE", "ModelType": "DOCUMENT_CLASSIFIER", "CreationTime": "2022-06-16T20:05:43.242000+00:00", diff --git a/awscli/examples/comprehend/list-key-phrases-detection-jobs.rst b/awscli/examples/comprehend/list-key-phrases-detection-jobs.rst index f26b292fbe48..8a5d4bbbedce 100644 --- a/awscli/examples/comprehend/list-key-phrases-detection-jobs.rst +++ b/awscli/examples/comprehend/list-key-phrases-detection-jobs.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-08T22:31:43.767000+00:00", "EndTime": "2023-06-08T22:39:52.565000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-SOURCE-BUCKET/AsyncBatchJobs/", + "S3Uri": "s3://amzn-s3-demo-source-bucket/AsyncBatchJobs/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-KP-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-KP-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" @@ -33,11 +33,11 @@ Output:: "SubmitTime": "2023-06-08T22:57:52.154000+00:00", "EndTime": "2023-06-08T23:05:48.385000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/AsyncBatchJobs/", + "S3Uri": "s3://amzn-s3-demo-bucket/AsyncBatchJobs/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-KP-123456abcdeb0e11022f22a33EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-KP-123456abcdeb0e11022f22a33EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" @@ -51,11 +51,11 @@ Output:: "SubmitTime": "2023-06-09T16:47:04.029000+00:00", "EndTime": "2023-06-09T16:47:18.413000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET", + "S3Uri": "s3://amzn-s3-demo-bucket", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-KP-123456abcdeb0e11022f22a44EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-KP-123456abcdeb0e11022f22a44EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" diff --git a/awscli/examples/comprehend/list-pii-entities-detection-jobs.rst b/awscli/examples/comprehend/list-pii-entities-detection-jobs.rst index 2523e1f20514..cb33a363de64 100644 --- a/awscli/examples/comprehend/list-pii-entities-detection-jobs.rst +++ b/awscli/examples/comprehend/list-pii-entities-detection-jobs.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-09T21:02:46.241000+00:00", "EndTime": "2023-06-09T21:12:52.602000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/AsyncBatchJobs/", + "S3Uri": "s3://amzn-s3-demo-bucket/AsyncBatchJobs/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-SOURCE-BUCKET/111122223333-PII-6f9db0c42d0c810e814670ee4EXAMPLE/output/" + "S3Uri": "s3://amzn-s3-demo-source-bucket/111122223333-PII-6f9db0c42d0c810e814670ee4EXAMPLE/output/" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role", @@ -34,11 +34,11 @@ Output:: "SubmitTime": "2023-06-09T21:20:58.211000+00:00", "EndTime": "2023-06-09T21:31:06.027000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/AsyncBatchJobs/", + "S3Uri": "s3://amzn-s3-demo-bucket/AsyncBatchJobs/", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/thefolder/111122223333-PII-d927562638cfa739331a99b3cEXAMPLE/output/" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/thefolder/111122223333-PII-d927562638cfa739331a99b3cEXAMPLE/output/" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role", diff --git a/awscli/examples/comprehend/list-sentiment-detection-jobs.rst b/awscli/examples/comprehend/list-sentiment-detection-jobs.rst index 39a5485ad09b..86582bd80ce3 100644 --- a/awscli/examples/comprehend/list-sentiment-detection-jobs.rst +++ b/awscli/examples/comprehend/list-sentiment-detection-jobs.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-09T22:42:20.545000+00:00", "EndTime": "2023-06-09T22:52:27.416000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/MovieData", + "S3Uri": "s3://amzn-s3-demo-bucket/MovieData", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-TS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-TS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" @@ -33,11 +33,11 @@ Output:: "SubmitTime": "2023-06-09T23:16:15.956000+00:00", "EndTime": "2023-06-09T23:26:00.168000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/MovieData2", + "S3Uri": "s3://amzn-s3-demo-bucket/MovieData2", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-TS-123456abcdeb0e11022f22a1EXAMPLE2/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-TS-123456abcdeb0e11022f22a1EXAMPLE2/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" diff --git a/awscli/examples/comprehend/list-targeted-sentiment-detection-jobs.rst b/awscli/examples/comprehend/list-targeted-sentiment-detection-jobs.rst index ead426d2068d..ccea82e23989 100644 --- a/awscli/examples/comprehend/list-targeted-sentiment-detection-jobs.rst +++ b/awscli/examples/comprehend/list-targeted-sentiment-detection-jobs.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-09T22:42:20.545000+00:00", "EndTime": "2023-06-09T22:52:27.416000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/MovieData", + "S3Uri": "s3://amzn-s3-demo-bucket/MovieData", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-TS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-TS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-IOrole" @@ -33,11 +33,11 @@ Output:: "SubmitTime": "2023-06-09T23:16:15.956000+00:00", "EndTime": "2023-06-09T23:26:00.168000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/MovieData2", + "S3Uri": "s3://amzn-s3-demo-bucket/MovieData2", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/111122223333-TS-123456abcdeb0e11022f22a1EXAMPLE2/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/testfolder/111122223333-TS-123456abcdeb0e11022f22a1EXAMPLE2/output/output.tar.gz" }, "LanguageCode": "en", "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" diff --git a/awscli/examples/comprehend/list-topics-detection-jobs.rst b/awscli/examples/comprehend/list-topics-detection-jobs.rst index d0c86a8ac860..2353245067d6 100644 --- a/awscli/examples/comprehend/list-topics-detection-jobs.rst +++ b/awscli/examples/comprehend/list-topics-detection-jobs.rst @@ -16,11 +16,11 @@ Output:: "SubmitTime": "2023-06-09T18:40:35.384000+00:00", "EndTime": "2023-06-09T18:46:41.936000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET", + "S3Uri": "s3://amzn-s3-demo-bucket", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/thefolder/111122223333-TOPICS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/thefolder/111122223333-TOPICS-123456abcdeb0e11022f22a11EXAMPLE/output/output.tar.gz" }, "NumberOfTopics": 10, "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" @@ -33,11 +33,11 @@ Output:: "SubmitTime": "2023-06-09T18:44:43.414000+00:00", "EndTime": "2023-06-09T18:50:50.872000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET", + "S3Uri": "s3://amzn-s3-demo-bucket", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/thefolder/111122223333-TOPICS-123456abcdeb0e11022f22a1EXAMPLE2/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/thefolder/111122223333-TOPICS-123456abcdeb0e11022f22a1EXAMPLE2/output/output.tar.gz" }, "NumberOfTopics": 10, "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" @@ -49,11 +49,11 @@ Output:: "JobStatus": "IN_PROGRESS", "SubmitTime": "2023-06-09T18:50:56.737000+00:00", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET", + "S3Uri": "s3://amzn-s3-demo-bucket", "InputFormat": "ONE_DOC_PER_LINE" }, "OutputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-DESTINATION-BUCKET/thefolder/111122223333-TOPICS-123456abcdeb0e11022f22a1EXAMPLE3/output/output.tar.gz" + "S3Uri": "s3://amzn-s3-demo-destination-bucket/thefolder/111122223333-TOPICS-123456abcdeb0e11022f22a1EXAMPLE3/output/output.tar.gz" }, "NumberOfTopics": 10, "DataAccessRoleArn": "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" diff --git a/awscli/examples/comprehend/start-document-classification-job.rst b/awscli/examples/comprehend/start-document-classification-job.rst index a603702b085c..5cda73bbbefb 100644 --- a/awscli/examples/comprehend/start-document-classification-job.rst +++ b/awscli/examples/comprehend/start-document-classification-job.rst @@ -7,8 +7,8 @@ which lists the classification of each document. The Json output is printed on o aws comprehend start-document-classification-job \ --job-name exampleclassificationjob \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET-INPUT/jobdata/" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket-INPUT/jobdata/" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role \ --document-classifier-arn arn:aws:comprehend:us-west-2:111122223333:document-classifier/mymodel/version/12 diff --git a/awscli/examples/comprehend/start-dominant-language-detection-job.rst b/awscli/examples/comprehend/start-dominant-language-detection-job.rst index cab73ff1208b..6ac5f7520924 100644 --- a/awscli/examples/comprehend/start-dominant-language-detection-job.rst +++ b/awscli/examples/comprehend/start-dominant-language-detection-job.rst @@ -8,8 +8,8 @@ which contains the dominant language of each of the text files as well as the pr aws comprehend start-dominant-language-detection-job \ --job-name example_language_analysis_job \ --language-code en \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role \ --language-code en diff --git a/awscli/examples/comprehend/start-entities-detection-job.rst b/awscli/examples/comprehend/start-entities-detection-job.rst index 08065c6dbf00..5b7ee142e2a1 100644 --- a/awscli/examples/comprehend/start-entities-detection-job.rst +++ b/awscli/examples/comprehend/start-entities-detection-job.rst @@ -9,8 +9,8 @@ The Json output is printed on one line per input file, but is formatted here for aws comprehend start-entities-detection-job \ --job-name entitiestest \ --language-code en \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role \ --language-code en @@ -174,8 +174,8 @@ The entity recognizer model was trained on customer support Feedbacks to recogni --job-name customentitiestest \ --entity-recognizer-arn "arn:aws:comprehend:us-west-2:111122223333:entity-recognizer/entityrecognizer" \ --language-code en \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/jobdata/" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/jobdata/" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-IOrole" Contents of ``SampleFeedback1.txt``:: diff --git a/awscli/examples/comprehend/start-events-detection-job.rst b/awscli/examples/comprehend/start-events-detection-job.rst index 84681c9459e1..572ff52a7816 100644 --- a/awscli/examples/comprehend/start-events-detection-job.rst +++ b/awscli/examples/comprehend/start-events-detection-job.rst @@ -8,8 +8,8 @@ When the job is complete, the folder, ``output``, is placed in the location spec aws comprehend start-events-detection-job \ --job-name events-detection-1 \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/EventsData" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/EventsData" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-servicerole \ --language-code en \ --target-event-types "BANKRUPTCY" "EMPLOYMENT" "CORPORATE_ACQUISITION" "CORPORATE_MERGER" "INVESTMENT_GENERAL" diff --git a/awscli/examples/comprehend/start-key-phrases-detection-job.rst b/awscli/examples/comprehend/start-key-phrases-detection-job.rst index 9689a8cdf645..07b3acbc0072 100644 --- a/awscli/examples/comprehend/start-key-phrases-detection-job.rst +++ b/awscli/examples/comprehend/start-key-phrases-detection-job.rst @@ -9,8 +9,8 @@ The Json output is printed on one line per file, but is formatted here for reada aws comprehend start-key-phrases-detection-job \ --job-name keyphrasesanalysistest1 \ --language-code en \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn "arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role" \ --language-code en diff --git a/awscli/examples/comprehend/start-pii-entities-detection-job.rst b/awscli/examples/comprehend/start-pii-entities-detection-job.rst index 29924e915bfb..7f09c04ca3d4 100644 --- a/awscli/examples/comprehend/start-pii-entities-detection-job.rst +++ b/awscli/examples/comprehend/start-pii-entities-detection-job.rst @@ -8,8 +8,8 @@ When the job is complete, the folder, ``output``, is placed in the location spec aws comprehend start-pii-entities-detection-job \ --job-name entities_test \ --language-code en \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role \ --language-code en \ --mode ONLY_OFFSETS diff --git a/awscli/examples/comprehend/start-sentiment-detection-job.rst b/awscli/examples/comprehend/start-sentiment-detection-job.rst index b2128668f980..7599c6037088 100644 --- a/awscli/examples/comprehend/start-sentiment-detection-job.rst +++ b/awscli/examples/comprehend/start-sentiment-detection-job.rst @@ -8,8 +8,8 @@ The Json output is printed on one line per file, but is formatted here for reada aws comprehend start-sentiment-detection-job \ --job-name example-sentiment-detection-job \ --language-code en \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/MovieData" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/MovieData" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role Contents of ``SampleMovieReview1.txt``:: diff --git a/awscli/examples/comprehend/start-targeted-sentiment-detection-job.rst b/awscli/examples/comprehend/start-targeted-sentiment-detection-job.rst index eb7c3536e2d6..022cfb0920ee 100644 --- a/awscli/examples/comprehend/start-targeted-sentiment-detection-job.rst +++ b/awscli/examples/comprehend/start-targeted-sentiment-detection-job.rst @@ -7,8 +7,8 @@ When the job is complete, ``output.tar.gz`` is placed at the location specified aws comprehend start-targeted-sentiment-detection-job \ --job-name targeted_movie_review_analysis1 \ --language-code en \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/MovieData" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/MovieData" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role Contents of ``SampleMovieReview1.txt``:: diff --git a/awscli/examples/comprehend/start-topics-detection-job.rst b/awscli/examples/comprehend/start-topics-detection-job.rst index ce59411fcbc4..750570cd6fec 100644 --- a/awscli/examples/comprehend/start-topics-detection-job.rst +++ b/awscli/examples/comprehend/start-topics-detection-job.rst @@ -8,8 +8,8 @@ The second file, ``doc-topics.csv``, lists the documents associated with a topic aws comprehend start-topics-detection-job \ --job-name example_topics_detection_job \ --language-code en \ - --input-data-config "S3Uri=s3://DOC-EXAMPLE-BUCKET/" \ - --output-data-config "S3Uri=s3://DOC-EXAMPLE-DESTINATION-BUCKET/testfolder/" \ + --input-data-config "S3Uri=s3://amzn-s3-demo-bucket/" \ + --output-data-config "S3Uri=s3://amzn-s3-demo-destination-bucket/testfolder/" \ --data-access-role-arn arn:aws:iam::111122223333:role/service-role/AmazonComprehendServiceRole-example-role \ --language-code en diff --git a/awscli/examples/comprehend/update-flywheel.rst b/awscli/examples/comprehend/update-flywheel.rst index 94985c75bc4e..622805781c68 100644 --- a/awscli/examples/comprehend/update-flywheel.rst +++ b/awscli/examples/comprehend/update-flywheel.rst @@ -19,7 +19,7 @@ Output:: "Mode": "MULTI_CLASS" } }, - "DataLakeS3Uri": "s3://DOC-EXAMPLE-BUCKET/flywheel-entity/schemaVersion=1/20230616T200543Z/", + "DataLakeS3Uri": "s3://amzn-s3-demo-bucket/flywheel-entity/schemaVersion=1/20230616T200543Z/", "DataSecurityConfig": {}, "Status": "ACTIVE", "ModelType": "DOCUMENT_CLASSIFIER", diff --git a/awscli/examples/configure/set/_description.rst b/awscli/examples/configure/set/_description.rst index b915e39680cf..a36e764351c8 100644 --- a/awscli/examples/configure/set/_description.rst +++ b/awscli/examples/configure/set/_description.rst @@ -13,6 +13,6 @@ configuration value already exists in the config file, it will updated with the new configuration value. Setting a value for the ``aws_access_key_id``, ``aws_secret_access_key``, or -the ``aws_session_token`` will result in the value being writen to the +the ``aws_session_token`` will result in the value being written to the shared credentials file (``~/.aws/credentials``). All other values will be written to the config file (default location is ``~/.aws/config``). diff --git a/awscli/examples/datapipeline/get-pipeline-definition.rst b/awscli/examples/datapipeline/get-pipeline-definition.rst index 0e62f1c4d235..c37795856766 100644 --- a/awscli/examples/datapipeline/get-pipeline-definition.rst +++ b/awscli/examples/datapipeline/get-pipeline-definition.rst @@ -83,7 +83,7 @@ The following is example output:: } ], "values": { - "myS3OutputLoc": "s3://my-s3-bucket/", + "myS3OutputLoc": "s3://amzn-s3-demo-bucket/", "myS3InputLoc": "s3://us-east-1.elasticmapreduce.samples/pig-apache-logs/data", "myShellCmd": "grep -rc \"GET\" ${INPUT1_STAGING_DIR}/* > ${OUTPUT1_STAGING_DIR}/output.txt" } diff --git a/awscli/examples/datasync/update-location-azure-blob.rst b/awscli/examples/datasync/update-location-azure-blob.rst new file mode 100644 index 000000000000..2efb9e85a865 --- /dev/null +++ b/awscli/examples/datasync/update-location-azure-blob.rst @@ -0,0 +1,14 @@ +**To update your transfer location with a new agent** + +The following ``update-location-object-storage`` example updates your DataSync location for Microsoft Azure Blob Storage with a new agent. :: + + aws datasync update-location-azure-blob \ + --location-arn arn:aws:datasync:us-west-2:123456789012:location/loc-abcdef01234567890 \ + --agent-arns arn:aws:datasync:us-west-2:123456789012:agent/agent-1234567890abcdef0 \ + --sas-configuration '{ \ + "Token": "sas-token-for-azure-blob-storage-access" \ + }' + +This command produces no output. + +For more information, see `Replacing your agent `__ in the *AWS DataSync User Guide*. \ No newline at end of file diff --git a/awscli/examples/datasync/update-location-hdfs.rst b/awscli/examples/datasync/update-location-hdfs.rst new file mode 100644 index 000000000000..d23f94750a82 --- /dev/null +++ b/awscli/examples/datasync/update-location-hdfs.rst @@ -0,0 +1,47 @@ +**To update your transfer location with a new agent** + +The following ``update-location-hdfs`` example updates your DataSync HDFS location with a new agent. You only need the ``--kerberos-keytab`` and ``--kerberos-krb5-conf`` options if your HDFS cluster uses Kerberos authentication. :: + + aws datasync update-location-hdfs \ + --location-arn arn:aws:datasync:us-west-2:123456789012:location/loc-abcdef01234567890 \ + --agent-arns arn:aws:datasync:us-west-2:123456789012:agent/agent-1234567890abcdef0 \ + --kerberos-keytab file://hdfs.keytab + --kerberos-krb5-conf file://krb5.conf + +Contents of ``hdfs.keytab``:: + + N/A. The content of this file is encrypted and not human readable. + +Contents of ``krb5.conf``:: + + [libdefaults] + default_realm = EXAMPLE.COM + dns_lookup_realm = false + dns_lookup_kdc = false + rdns = true + ticket_lifetime = 24h + forwardable = true + udp_preference_limit = 1000000 + default_tkt_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 + default_tgs_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 + permitted_enctypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 + + [realms] + EXAMPLE.COM = { + kdc = kdc1.example.com + admin_server = krbadmin.example.com + default_domain = example.com + } + + [domain_realm] + .example.com = EXAMPLE.COM + example.com = EXAMPLE.COM + + [logging] + kdc = FILE:/var/log/krb5kdc.log + admin_server = FILE:/var/log/kerberos/kadmin.log + default = FILE:/var/log/krb5libs.log + +This command produces no output. + +For more information, see `Replacing your agent `__ in the *AWS DataSync User Guide*. \ No newline at end of file diff --git a/awscli/examples/datasync/update-location-nfs.rst b/awscli/examples/datasync/update-location-nfs.rst new file mode 100644 index 000000000000..94821fcbd648 --- /dev/null +++ b/awscli/examples/datasync/update-location-nfs.rst @@ -0,0 +1,11 @@ +**To update your transfer location with a new agent** + +The following ``update-location-nfs`` example updates your DataSync NFS location with a new agent. :: + + aws datasync update-location-nfs \ + --location-arn arn:aws:datasync:us-west-2:123456789012:location/loc-abcdef01234567890 \ + --on-prem-config AgentArns=arn:aws:datasync:us-west-2:123456789012:agent/agent-1234567890abcdef0 + +This command produces no output. + +For more information, see `Replacing your agent `__ in the *AWS DataSync User Guide*. \ No newline at end of file diff --git a/awscli/examples/datasync/update-location-object-storage.rst b/awscli/examples/datasync/update-location-object-storage.rst new file mode 100644 index 000000000000..5c344fdc0127 --- /dev/null +++ b/awscli/examples/datasync/update-location-object-storage.rst @@ -0,0 +1,12 @@ +**To update your transfer location with a new agent** + +The following ``update-location-object-storage`` example updates your DataSync object storage location with a new agent. :: + + aws datasync update-location-object-storage \ + --location-arn arn:aws:datasync:us-west-2:123456789012:location/loc-abcdef01234567890 \ + --agent-arns arn:aws:datasync:us-west-2:123456789012:agent/agent-1234567890abcdef0 \ + --secret-key secret-key-for-object-storage + +This command produces no output. + +For more information, see `Replacing your agent `__ in the *AWS DataSync User Guide*. \ No newline at end of file diff --git a/awscli/examples/datasync/update-location-smb.rst b/awscli/examples/datasync/update-location-smb.rst new file mode 100644 index 000000000000..a218b64e83d8 --- /dev/null +++ b/awscli/examples/datasync/update-location-smb.rst @@ -0,0 +1,12 @@ +**To update your transfer location with a new agent** + +The following ``update-location-smb`` example updates your DataSync SMB location with a new agent. :: + + aws datasync update-location-smb \ + --location-arn arn:aws:datasync:us-west-2:123456789012:location/loc-abcdef01234567890 \ + --agent-arns arn:aws:datasync:us-west-2:123456789012:agent/agent-1234567890abcdef0 \ + --password smb-file-server-password + +This command produces no output. + +For more information, see `Replacing your agent `__ in the *AWS DataSync User Guide*. \ No newline at end of file diff --git a/awscli/examples/deploy/add-tags-to-on-premises-instances.rst b/awscli/examples/deploy/add-tags-to-on-premises-instances.rst index 747c79d8c25a..e1d45554ebf6 100755 --- a/awscli/examples/deploy/add-tags-to-on-premises-instances.rst +++ b/awscli/examples/deploy/add-tags-to-on-premises-instances.rst @@ -1,6 +1,6 @@ **To add tags to on-premises instances** -The follwoing ``add-tags-to-on-premises-instances`` example associates in AWS CodeDeploy the same on-premises instance tag to two on-premises instances. It does not register the on-premises instances with AWS CodeDeploy. :: +The following ``add-tags-to-on-premises-instances`` example associates in AWS CodeDeploy the same on-premises instance tag to two on-premises instances. It does not register the on-premises instances with AWS CodeDeploy. :: aws deploy add-tags-to-on-premises-instances \ --instance-names AssetTag12010298EX AssetTag23121309EX \ diff --git a/awscli/examples/deploy/batch-get-deployment-groups.rst b/awscli/examples/deploy/batch-get-deployment-groups.rst index 6b9d158151a8..56da6dafc2c2 100755 --- a/awscli/examples/deploy/batch-get-deployment-groups.rst +++ b/awscli/examples/deploy/batch-get-deployment-groups.rst @@ -21,7 +21,7 @@ Output:: "onPremisesTagSet": { "onPremisesTagSetList": [] }, - "serviceRoleArn": "arn:aws:iam::123456789012:role/CodeDeloyServiceRole", + "serviceRoleArn": "arn:aws:iam::123456789012:role/CodeDeployServiceRole", "lastAttemptedDeployment": { "endTime": 1556912366.415, "status": "Failed", @@ -58,7 +58,7 @@ Output:: "onPremisesTagSet": { "onPremisesTagSetList": [] }, - "serviceRoleArn": "arn:aws:iam::123456789012:role/CodeDeloyServiceRole", + "serviceRoleArn": "arn:aws:iam::123456789012:role/CodeDeployServiceRole", "autoScalingGroups": [], "deploymentGroupName": "my-deployment-group-2", "ec2TagSet": { diff --git a/awscli/examples/deploy/batch-get-deployments.rst b/awscli/examples/deploy/batch-get-deployments.rst index 0e2d8fb810db..3f4c8bdebe64 100755 --- a/awscli/examples/deploy/batch-get-deployments.rst +++ b/awscli/examples/deploy/batch-get-deployments.rst @@ -26,7 +26,7 @@ Output:: "s3Location": { "bundleType": "zip", "version": "uTecLusEXAMPLEFXtfUcyfV8bEXAMPLE", - "bucket": "CodeDeployDemoBucket", + "bucket": "amzn-s3-demo-bucket", "key": "WordPressApp.zip" } }, @@ -56,7 +56,7 @@ Output:: "s3Location": { "bundleType": "zip", "eTag": "\"dd56cfdEXAMPLE8e768f9d77fEXAMPLE\"", - "bucket": "CodeDeployDemoBucket", + "bucket": "amzn-s3-demo-bucket", "key": "MyOtherApp.zip" } }, diff --git a/awscli/examples/deploy/batch-get-on-premises-instances.rst b/awscli/examples/deploy/batch-get-on-premises-instances.rst index 75306215906e..d9eab1a4135d 100755 --- a/awscli/examples/deploy/batch-get-on-premises-instances.rst +++ b/awscli/examples/deploy/batch-get-on-premises-instances.rst @@ -1,6 +1,6 @@ **To get information about one or more on-premises instances** -The follwoing ``batch-get-on-premises-instances`` example gets information about two on-premises instances. :: +The following ``batch-get-on-premises-instances`` example gets information about two on-premises instances. :: aws deploy batch-get-on-premises-instances --instance-names AssetTag12010298EX AssetTag23121309EX diff --git a/awscli/examples/deploy/create-deployment.rst b/awscli/examples/deploy/create-deployment.rst index 39cfad4f8a96..d016e64f9dfd 100755 --- a/awscli/examples/deploy/create-deployment.rst +++ b/awscli/examples/deploy/create-deployment.rst @@ -7,7 +7,7 @@ The following ``create-deployment`` example creates a deployment and associates --deployment-config-name CodeDeployDefault.OneAtATime \ --deployment-group-name WordPress_DG \ --description "My demo deployment" \ - --s3-location bucket=CodeDeployDemoBucket,bundleType=zip,eTag=dd56cfdEXAMPLE8e768f9d77fEXAMPLE,key=WordPressApp.zip + --s3-location bucket=amzn-s3-demo-bucket,bundleType=zip,eTag=dd56cfdEXAMPLE8e768f9d77fEXAMPLE,key=WordPressApp.zip Output:: diff --git a/awscli/examples/deploy/get-application-revision.rst b/awscli/examples/deploy/get-application-revision.rst index 671e16ad926c..b8144203964e 100755 --- a/awscli/examples/deploy/get-application-revision.rst +++ b/awscli/examples/deploy/get-application-revision.rst @@ -4,7 +4,7 @@ The following ``get-application-revision`` example displays information about an aws deploy get-application-revision \ --application-name WordPress_App \ - --s3-location bucket=CodeDeployDemoBucket,bundleType=zip,eTag=dd56cfdEXAMPLE8e768f9d77fEXAMPLE,key=WordPressApp.zip + --s3-location bucket=amzn-s3-demo-bucket,bundleType=zip,eTag=dd56cfdEXAMPLE8e768f9d77fEXAMPLE,key=WordPressApp.zip Output:: @@ -22,7 +22,7 @@ Output:: "s3Location": { "bundleType": "zip", "eTag": "dd56cfdEXAMPLE8e768f9d77fEXAMPLE", - "bucket": "CodeDeployDemoBucket", + "bucket": "amzn-s3-demo-bucket", "key": "WordPressApp.zip" } } diff --git a/awscli/examples/deploy/get-deployment.rst b/awscli/examples/deploy/get-deployment.rst index 8bdc8255155b..2e2f2a073626 100755 --- a/awscli/examples/deploy/get-deployment.rst +++ b/awscli/examples/deploy/get-deployment.rst @@ -25,7 +25,7 @@ Output:: "s3Location": { "bundleType": "zip", "eTag": "\"dd56cfdEXAMPLE8e768f9d77fEXAMPLE\"", - "bucket": "CodeDeployDemoBucket", + "bucket": "amzn-s3-demo-bucket", "key": "WordPressApp.zip" } }, diff --git a/awscli/examples/deploy/list-application-revisions.rst b/awscli/examples/deploy/list-application-revisions.rst index fc199fd1a887..8a6b48207ffc 100755 --- a/awscli/examples/deploy/list-application-revisions.rst +++ b/awscli/examples/deploy/list-application-revisions.rst @@ -4,7 +4,7 @@ The following ``list-application-revisions`` example displays information about aws deploy list-application-revisions \ --application-name WordPress_App \ - --s-3-bucket CodeDeployDemoBucket \ + --s-3-bucket amzn-s3-demo-bucket \ --deployed exclude \ --s-3-key-prefix WordPress_ \ --sort-by lastUsedTime \ @@ -18,7 +18,7 @@ Output:: "revisionType": "S3", "s3Location": { "version": "uTecLusvCB_JqHFXtfUcyfV8bEXAMPLE", - "bucket": "CodeDeployDemoBucket", + "bucket": "amzn-s3-demo-bucket", "key": "WordPress_App.zip", "bundleType": "zip" } @@ -27,7 +27,7 @@ Output:: "revisionType": "S3", "s3Location": { "version": "tMk.UxgDpMEVb7V187ZM6wVAWEXAMPLE", - "bucket": "CodeDeployDemoBucket", + "bucket": "amzn-s3-demo-bucket", "key": "WordPress_App_2-0.zip", "bundleType": "zip" } diff --git a/awscli/examples/deploy/push.rst b/awscli/examples/deploy/push.rst index ea30dc58e71a..dbaa42ec6810 100755 --- a/awscli/examples/deploy/push.rst +++ b/awscli/examples/deploy/push.rst @@ -6,10 +6,10 @@ The following ``push`` example bundles and deploys an application revision to Am --application-name WordPress_App \ --description "This is my deployment" \ --ignore-hidden-files \ - --s3-location s3://CodeDeployDemoBucket/WordPressApp.zip \ + --s3-location s3://amzn-s3-demo-bucket/WordPressApp.zip \ --source /tmp/MyLocalDeploymentFolder/ The output describes how to use the ``create-deployment`` command to create a deployment that uses the uploaded application revision. :: To deploy with this revision, run: - aws deploy create-deployment --application-name WordPress_App --deployment-config-name --deployment-group-name --s3-location bucket=CodeDeployDemoBucket,key=WordPressApp.zip,bundleType=zip,eTag="cecc9b8EXAMPLE50a6e71fdb88EXAMPLE",version=LFsJAUdEXAMPLEfvKtvi79L8EXAMPLE \ No newline at end of file + aws deploy create-deployment --application-name WordPress_App --deployment-config-name --deployment-group-name --s3-location bucket=amzn-s3-demo-bucket,key=WordPressApp.zip,bundleType=zip,eTag="cecc9b8EXAMPLE50a6e71fdb88EXAMPLE",version=LFsJAUdEXAMPLEfvKtvi79L8EXAMPLE \ No newline at end of file diff --git a/awscli/examples/deploy/register-application-revision.rst b/awscli/examples/deploy/register-application-revision.rst index 49a03130afe3..d294b9d80431 100755 --- a/awscli/examples/deploy/register-application-revision.rst +++ b/awscli/examples/deploy/register-application-revision.rst @@ -5,6 +5,6 @@ The following ``register-application-revision`` example registers information ab aws deploy register-application-revision \ --application-name WordPress_App \ --description "Revised WordPress application" \ - --s3-location bucket=CodeDeployDemoBucket,key=RevisedWordPressApp.zip,bundleType=zip,eTag=cecc9b8a08eac650a6e71fdb88EXAMPLE + --s3-location bucket=amzn-s3-demo-bucket,key=RevisedWordPressApp.zip,bundleType=zip,eTag=cecc9b8a08eac650a6e71fdb88EXAMPLE This command produces no output. diff --git a/awscli/examples/directconnect/update-virtual-interface-attributes.rst b/awscli/examples/directconnect/update-virtual-interface-attributes.rst index 03362700eefe..1bcae611d16a 100755 --- a/awscli/examples/directconnect/update-virtual-interface-attributes.rst +++ b/awscli/examples/directconnect/update-virtual-interface-attributes.rst @@ -14,7 +14,7 @@ Output:: "location": "loc1", "connectionId": "dxlag-fEXAMPLE", "virtualInterfaceType": "transit", - "virtualInterfaceName": "example trasit virtual interface", + "virtualInterfaceName": "example transit virtual interface", "vlan": 125, "asn": 650001, "amazonSideAsn": 64512, diff --git a/awscli/examples/dms/delete-event-subscription.rst b/awscli/examples/dms/delete-event-subscription.rst index cac2033ce9e5..ae0de7609419 100644 --- a/awscli/examples/dms/delete-event-subscription.rst +++ b/awscli/examples/dms/delete-event-subscription.rst @@ -1,6 +1,6 @@ **To delete an event subscription** -The following ``delete-event-subscription`` example deletes a subscription to an Amaon SNS topic. :: +The following ``delete-event-subscription`` example deletes a subscription to an Amazon SNS topic. :: aws dms delete-event-subscription \ --subscription-name "my-dms-events" diff --git a/awscli/examples/docdb/modify-db-cluster-snapshot-attribute.rst b/awscli/examples/docdb/modify-db-cluster-snapshot-attribute.rst index 0823a3f7f75f..6a106ef62fb1 100644 --- a/awscli/examples/docdb/modify-db-cluster-snapshot-attribute.rst +++ b/awscli/examples/docdb/modify-db-cluster-snapshot-attribute.rst @@ -5,7 +5,7 @@ The following ``modify-db-cluster-snapshot-attribute`` example adds four attribu aws docdb modify-db-cluster-snapshot-attribute \ --db-cluster-snapshot-identifier sample-cluster-snapshot \ --attribute-name restore \ - --values-to-add all 123456789011 123456789012 123456789013 + --values-to-add 123456789011 123456789012 123456789013 Output:: @@ -15,7 +15,6 @@ Output:: { "AttributeName": "restore", "AttributeValues": [ - "all", "123456789011", "123456789012", "123456789013" @@ -33,7 +32,7 @@ The following ``modify-db-cluster-snapshot-attribute`` example removes two attri aws docdb modify-db-cluster-snapshot-attribute \ --db-cluster-snapshot-identifier sample-cluster-snapshot \ --attribute-name restore \ - --values-to-remove 123456789012 all + --values-to-remove 123456789012 Output:: diff --git a/awscli/examples/ds-data/add-group-member.rst b/awscli/examples/ds-data/add-group-member.rst new file mode 100644 index 000000000000..45c54d26ab41 --- /dev/null +++ b/awscli/examples/ds-data/add-group-member.rst @@ -0,0 +1,12 @@ +**To add a group member to a directory** + +The following ``add-group-member`` example adds the specified user to the specified group in the specified directory. :: + + aws ds-data add-group-member \ + --directory-id d-1234567890 \ + --group-name 'sales' \ + --member-name 'john.doe' + +This command produces no output. + +For more information, see `Adding or removing AWS Managed Microsoft AD members to groups and groups to groups `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/create-group.rst b/awscli/examples/ds-data/create-group.rst new file mode 100644 index 000000000000..9451cebd2c78 --- /dev/null +++ b/awscli/examples/ds-data/create-group.rst @@ -0,0 +1,17 @@ +**To create a group for a directory** + +The following ``create-group`` example creates a group in the specified directory. :: + + aws ds-data create-group \ + --directory-id d-1234567890 \ + --sam-account-name 'sales' + +Output:: + + { + "DirectoryId": "d-9067f3da7a", + "SAMAccountName": "sales", + "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912" + } + +For more information, see `Creating an AWS Managed Microsoft AD group `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/create-user.rst b/awscli/examples/ds-data/create-user.rst new file mode 100644 index 000000000000..f348abf0bce6 --- /dev/null +++ b/awscli/examples/ds-data/create-user.rst @@ -0,0 +1,17 @@ +**To create a user** + +The following ``create-user`` example creates a user in the specified directory. :: + + aws ds-data create-user \ + --directory-id d-1234567890 \ + --sam-account-name 'john.doe' + +Output:: + + { + "DirectoryId": "d-1234567890", + "SAMAccountName": "john.doe", + "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912" + } + +For more information, see `Creating an AWS Managed Microsoft AD user `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/delete-group.rst b/awscli/examples/ds-data/delete-group.rst new file mode 100644 index 000000000000..33c155c7ffbf --- /dev/null +++ b/awscli/examples/ds-data/delete-group.rst @@ -0,0 +1,11 @@ +**To delete a group** + +The following ``delete-group`` example deletes the specified group from the specified directory. :: + + aws ds-data delete-group \ + --directory-id d-1234567890 \ + --sam-account-name 'sales' + +This command produces no output. + +For more information, see `Deleting an AWS Managed Microsoft AD group `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/delete-user.rst b/awscli/examples/ds-data/delete-user.rst new file mode 100644 index 000000000000..9ffd38f8ea04 --- /dev/null +++ b/awscli/examples/ds-data/delete-user.rst @@ -0,0 +1,11 @@ +**To delete a user** + +The following ``delete-user`` example deletes the specified user from the specified directory. :: + + aws ds-data delete-user \ + --directory-id d-1234567890 \ + --sam-account-name 'john.doe' + +This command produces no output. + +For more information, see `Deleting an AWS Managed Microsoft AD user `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/describe-group.rst b/awscli/examples/ds-data/describe-group.rst new file mode 100644 index 000000000000..ef8b227a6864 --- /dev/null +++ b/awscli/examples/ds-data/describe-group.rst @@ -0,0 +1,21 @@ +**To list details of a group** + +The following ``describe-group`` example gets information for the specified group in the specified directory. :: + + aws ds-data describe-group \ + --directory-id d-1234567890 \ + --sam-account-name 'sales' + +Output:: + + { + "DirectoryId": "d-1234567890", + "DistinguishedName": "CN=sales,OU=Users,OU=CORP,DC=corp,DC=example,DC=com", + "GroupScope": "Global", + "GroupType": "Security", + "Realm": "corp.example.com", + "SAMAccountName": "sales", + "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912" + } + +For more information, see `Viewing and updating an AWS Managed Microsoft AD group's details `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/describe-user.rst b/awscli/examples/ds-data/describe-user.rst new file mode 100644 index 000000000000..1ea210ad962c --- /dev/null +++ b/awscli/examples/ds-data/describe-user.rst @@ -0,0 +1,21 @@ +**To list information for a user** + +The following ``describe-user`` example gets information for the specified user in the specified directory. :: + + aws ds-data describe-user command-name \ + --directory-id d-1234567890 \ + --sam-account-name 'john.doe' + +Output:: + + { + "DirectoryId": "d-1234567890", + "DistinguishedName": "CN=john.doe,OU=Users,OU=CORP,DC=corp,DC=example,DC=com", + "Enabled": false, + "Realm": "corp.example.com", + "SAMAccountName": "john.doe", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567", + "UserPrincipalName": "john.doe@CORP.EXAMPLE.COM" + } + +For more information, see `Viewing and updating an AWS Managed Microsoft AD user `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/disable-directory-data-access.rst b/awscli/examples/ds-data/disable-directory-data-access.rst new file mode 100644 index 000000000000..e02e870b7ab3 --- /dev/null +++ b/awscli/examples/ds-data/disable-directory-data-access.rst @@ -0,0 +1,10 @@ +**To disable Directory Service Data API for a directory** + +The following ``disable-directory-data-access`` example disables the Directory Service Data API for the specified directory. :: + + aws ds disable-directory-data-access \ + --directory-id d-1234567890 + +This command produces no output. + +For more information, see `Enabling or disabling user and group management or AWS Directory Service Data `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/disable-user.rst b/awscli/examples/ds-data/disable-user.rst new file mode 100644 index 000000000000..fc71978b8583 --- /dev/null +++ b/awscli/examples/ds-data/disable-user.rst @@ -0,0 +1,11 @@ +**To disable a user** + +The following ``disable-user`` example disables the specified user in the specified directory. :: + + aws ds-data disable-user \ + --directory-id d-1234567890 \ + --sam-account-name 'john.doe' + +This command produces no output. + +For more information, see `Disabling an AWS Managed Microsoft AD user `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/enable-directory-data-access.rst b/awscli/examples/ds-data/enable-directory-data-access.rst new file mode 100644 index 000000000000..2be21265a81a --- /dev/null +++ b/awscli/examples/ds-data/enable-directory-data-access.rst @@ -0,0 +1,10 @@ +**To enable Directory Service Data API for a directory** + +The following ``enable-directory-data-access`` example enables the Directory Service Data API for the specified directory. :: + + aws ds enable-directory-data-access \ + --directory-id d-1234567890 + +This command produces no output. + +For more information, see `Enabling or disabling user and group management or AWS Directory Service Data `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/list-group-members.rst b/awscli/examples/ds-data/list-group-members.rst new file mode 100644 index 000000000000..157d632a6533 --- /dev/null +++ b/awscli/examples/ds-data/list-group-members.rst @@ -0,0 +1,29 @@ +**To list a directory's group members** + +The following ``list-group-members`` example lists the group members for the specified group in the specified directory. :: + + aws ds-data list-group-members \ + --directory-id d-1234567890 \ + --sam-account-name 'sales' + +Output:: + + { + "Members": [ + { + "MemberType": "USER", + "SAMAccountName": "Jane Doe", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568" + }, + { + "MemberType": "USER", + "SAMAccountName": "John Doe", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4569" + } + ], + "DirectoryId": "d-1234567890", + "MemberRealm": "corp.example.com", + "Realm": "corp.example.com" + } + +For more information, see `Viewing and updating an AWS Managed Microsoft AD group's details `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/list-groups-for-member.rst b/awscli/examples/ds-data/list-groups-for-member.rst new file mode 100644 index 000000000000..1ac8a8746fc2 --- /dev/null +++ b/awscli/examples/ds-data/list-groups-for-member.rst @@ -0,0 +1,25 @@ +**To list a directory's group membership** + +The following ``list-groups-for-member`` example lists group membership for the specified user in the specified directory. :: + + aws ds-data list-groups-for-member \ + --directory-id d-1234567890 \ + --sam-account-name 'john.doe' + +Output:: + + { + "Groups": [ + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Domain Users", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" + } + ], + "DirectoryId": "d-1234567890", + "MemberRealm": "corp.example.com", + "Realm": "corp.example.com" + } + +For more information, see `Viewing and updating an AWS Managed Microsoft AD user `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/list-groups.rst b/awscli/examples/ds-data/list-groups.rst new file mode 100644 index 000000000000..d01ce5f2b981 --- /dev/null +++ b/awscli/examples/ds-data/list-groups.rst @@ -0,0 +1,503 @@ +**To list a directory's groups** + +The following ``list-groups`` example lists groups in the specified directory. :: + + aws ds-data list-groups \ + --directory-id d-1234567890 + +Output:: + + { + "Groups": [ + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Administrators", + "SID": "S-1-2-33-441" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Users", + "SID": "S-1-2-33-442" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Guests", + "SID": "S-1-2-33-443" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Print Operators", + "SID": "S-1-2-33-444" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Backup Operators", + "SID": "S-1-2-33-445" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Replicator", + "SID": "S-1-2-33-446" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Remote Desktop Users", + "SID": "S-1-2-33-447" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Network Configuration Operators", + "SID": "S-1-2-33-448" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Performance Monitor Users", + "SID": "S-1-2-33-449" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Performance Log Users", + "SID": "S-1-2-33-450" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Distributed COM Users", + "SID": "S-1-2-33-451" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "IIS_IUSRS", + "SID": "S-1-2-33-452" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Cryptographic Operators", + "SID": "S-1-2-33-453" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Event Log Readers", + "SID": "S-1-2-33-454" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Certificate Service DCOM Access", + "SID": "S-1-2-33-456" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "RDS Remote Access Servers", + "SID": "S-1-2-33-457" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "RDS Endpoint Servers", + "SID": "S-1-2-33-458" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "RDS Management Servers", + "SID": "S-1-2-33-459" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Hyper-V Administrators", + "SID": "S-1-2-33-460" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Access Control Assistance Operators", + "SID": "S-1-2-33-461" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Remote Management Users", + "SID": "S-1-2-33-462" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Storage Replica Administrators", + "SID": "S-1-2-33-463" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Domain Computers", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-789" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Domain Controllers", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-790" + }, + { + "GroupScope": "Universal", + "GroupType": "Security", + "SAMAccountName": "Schema Admins", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-791" + }, + { + "GroupScope": "Universal", + "GroupType": "Security", + "SAMAccountName": "Enterprise Admins", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-792" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "Cert Publishers", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-793" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Domain Admins", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-794" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Domain Users", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-795" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Domain Guests", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-796" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Group Policy Creator Owners", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-797" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "RAS and IAS Servers", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-798" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Server Operators", + "SID": "S-1-2-33-464" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Account Operators", + "SID": "S-1-2-33-465" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Pre-Windows 2000 Compatible Access", + "SID": "S-1-2-33-466" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Incoming Forest Trust Builders", + "SID": "S-1-2-33-467" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Windows Authorization Access Group", + "SID": "S-1-2-33-468" + }, + { + "GroupScope": "BuiltinLocal", + "GroupType": "Security", + "SAMAccountName": "Terminal Server License Servers", + "SID": "S-1-2-33-469" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "Allowed RODC Password Replication Group", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-798" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "Denied RODC Password Replication Group", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-799" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Read-only Domain Controllers", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-800" + }, + { + "GroupScope": "Universal", + "GroupType": "Security", + "SAMAccountName": "Enterprise Read-only Domain Controllers", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-801" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Cloneable Domain Controllers", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-802" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Protected Users", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-803" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Key Admins", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-804" + }, + { + "GroupScope": "Universal", + "GroupType": "Security", + "SAMAccountName": "Enterprise Key Admins", + "SID": "S-1-2-34-56789123456-7891012345-6789123486-805" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "DnsAdmins", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "DnsUpdateProxy", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "Admins", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4569" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWSAdministrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4570" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Object Management Service Accounts", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4571" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Private CA Connector for AD Delegated Group", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4572" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Application and Service Delegated Group", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4573" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4574" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated FSx Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4575" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Account Operators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4576" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Active Directory Based Activation Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4577" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Allowed to Authenticate Objects", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4578" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Allowed to Authenticate to Domain Controllers", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4579" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Deleted Object Lifetime Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4580" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Distributed File System Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4581" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Dynamic Host Configuration Protocol Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4582" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Enterprise Certificate Authority Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4583" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Fine Grained Password Policy Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4584" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Group Policy Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4585" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Managed Service Account Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4586" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Read Foreign Security Principals", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4587" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Remote Access Service Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4588" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Replicate Directory Changes Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4588" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Sites and Services Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4589" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated System Management Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4590" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Terminal Server Licensing Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4591" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated User Principal Name Suffix Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4592" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Add Workstations To Domain Users", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4593" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Domain Name System Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4594" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Kerberos Delegation Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4595" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated Server Administrators", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4596" + }, + { + "GroupScope": "DomainLocal", + "GroupType": "Security", + "SAMAccountName": "AWS Delegated MS-NPRC Non-Compliant Devices", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4597" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Remote Access", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4598" + }, + { + "GroupScope": "Global", + "GroupType": "Security", + "SAMAccountName": "Accounting", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4599" + }, + { + "GroupScope": "Global", + "GroupType": "Distribution", + "SAMAccountName": "sales", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" + } + ], + "DirectoryId": "d-1234567890", + "Realm": "corp.example.com" + } + +For more information, see `Viewing and updating an AWS Managed Microsoft AD group's details `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/list-users.rst b/awscli/examples/ds-data/list-users.rst new file mode 100644 index 000000000000..6b3a43792c82 --- /dev/null +++ b/awscli/examples/ds-data/list-users.rst @@ -0,0 +1,57 @@ +**To list a directory's users** + +The following ``list-users`` example lists users in the specified directory. :: + + aws ds-data list-users \ + --directory-id d-1234567890 + +Output:: + + { + "Users": [ + { + "Enabled": true, + "SAMAccountName": "Administrator", + "SID": "S-1-2-34-5678910123-4567895012-3456789012-345" + }, + { + "Enabled": false, + "SAMAccountName": "Guest", + "SID": "S-1-2-34-5678910123-4567895012-3456789012-345" + }, + { + "Enabled": false, + "SAMAccountName": "krbtgt", + "SID": "S-1-2-34-5678910123-4567895012-3456789012-346" + }, + { + "Enabled": true, + "SAMAccountName": "Admin", + "SID": "S-1-2-34-5678910123-4567895012-3456789012-347" + }, + { + "Enabled": true, + "SAMAccountName": "Richard Roe", + "SID": "S-1-2-34-5678910123-4567895012-3456789012-348" + }, + { + "Enabled": true, + "SAMAccountName": "Jane Doe", + "SID": "S-1-2-34-5678910123-4567895012-3456789012-349" + }, + { + "Enabled": true, + "SAMAccountName": "AWS_WGnzYlN6YyY", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" + }, + { + "Enabled": true, + "SAMAccountName": "john.doe", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568" + } + ], + "DirectoryId": "d-1234567890", + "Realm": "corp.example.com" + } + +For more information, see `Viewing and updating an AWS Managed Microsoft AD user `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/remove-group-member.rst b/awscli/examples/ds-data/remove-group-member.rst new file mode 100644 index 000000000000..a44c8313c693 --- /dev/null +++ b/awscli/examples/ds-data/remove-group-member.rst @@ -0,0 +1,12 @@ +**To remove a group member from a directory** + +The following ``remove-group-member`` example removes the specified group member from the specified group in the specified directory. :: + + aws ds-data remove-group-member \ + --directory-id d-1234567890 \ + --group-name 'sales' \ + --member-name 'john.doe' + +This command produces no output. + +For more information, see `Adding and removing AWS Managed Microsoft AD members to groups and groups to groups `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/reset-user-password.rst b/awscli/examples/ds-data/reset-user-password.rst new file mode 100644 index 000000000000..524985116969 --- /dev/null +++ b/awscli/examples/ds-data/reset-user-password.rst @@ -0,0 +1,12 @@ +**To reset a user password in a directory** + +The following ``reset-user-password`` example resets and enables the specified user in the specified directory. :: + + aws ds reset-user-password \ + --directory-id d-1234567890 \ + --user-name 'john.doe' \ + --new-password 'password' + +This command produces no output. + +For more information, see `Resetting and enabling an AWS Managed Microsoft AD user's password `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/search-groups.rst b/awscli/examples/ds-data/search-groups.rst new file mode 100644 index 000000000000..dc8fb354d55b --- /dev/null +++ b/awscli/examples/ds-data/search-groups.rst @@ -0,0 +1,25 @@ +**To search for a group in a directory** + +The following ``search-groups`` example searches for the specified group in the specified directory. :: + + aws ds-data search-groups \ + --directory-id d-1234567890 \ + --search-attributes 'SamAccountName' \ + --search-string 'sales' + +Output:: + + { + "Groups": [ + { + "GroupScope": "Global", + "GroupType": "Distribution", + "SAMAccountName": "sales", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" + } + ], + "DirectoryId": "d-1234567890", + "Realm": "corp.example.com" + } + +For more information, see `Viewing and updating an AWS Managed Microsoft AD group's details `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/search-users.rst b/awscli/examples/ds-data/search-users.rst new file mode 100644 index 000000000000..091b99e7a423 --- /dev/null +++ b/awscli/examples/ds-data/search-users.rst @@ -0,0 +1,24 @@ +**To search for a user in a directory** + +The following ``search-users`` example searches for the specified user in the specified directory. :: + + aws ds-data search-users \ + --directory-id d-1234567890 \ + --search-attributes 'SamAccountName' \ + --Search-string 'john.doe' + +Output:: + + { + "Users": [ + { + "Enabled": true, + "SAMAccountName": "john.doe", + "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567" + } + ], + "DirectoryId": "d-1234567890", + "Realm": "corp.example.com" + } + +For more information, see `Viewing and updating an AWS Managed Microsoft AD user `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/update-group.rst b/awscli/examples/ds-data/update-group.rst new file mode 100644 index 000000000000..e4198aa3e2de --- /dev/null +++ b/awscli/examples/ds-data/update-group.rst @@ -0,0 +1,13 @@ +**To update a group's attribute in a directory** + +The following ``update-group`` example updates the specified attribute for the specified group in the specified directory. :: + + aws ds-data update-group \ + --directory-id d-1234567890 \ + --sam-account-name 'sales' \ + --update-type 'REPLACE' \ + --group-type 'Distribution' + +This command produces no output. + +For more information, see `Viewing and updating an AWS Managed Microsoft AD group's details `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ds-data/update-user.rst b/awscli/examples/ds-data/update-user.rst new file mode 100644 index 000000000000..08f82ae3d838 --- /dev/null +++ b/awscli/examples/ds-data/update-user.rst @@ -0,0 +1,13 @@ +**To update a user's attribute in a directory** + +The following ``update-user`` example updates the specified attribute for the specified user in the specified directory. :: + + aws ds-data update-user \ + --directory-id d-1234567890 \ + --sam-account-name 'john.doe' \ + --update-type 'ADD' \ + --email-address 'example.corp.com' + +This command produces no output. + +For more information, see `Viewing and updating an AWS Managed Microsoft AD user `__ in the *AWS Directory Service Administration Guide*. diff --git a/awscli/examples/ec2/accept-address-transfer.rst b/awscli/examples/ec2/accept-address-transfer.rst index 314a0b206b9d..af9e5880acd1 100644 --- a/awscli/examples/ec2/accept-address-transfer.rst +++ b/awscli/examples/ec2/accept-address-transfer.rst @@ -18,4 +18,4 @@ Output:: } } -For more information, see `Transfer Elastic IP addresses `__ in the *Amazon VPC User Guide*. +For more information, see `Transfer Elastic IP addresses `__ in the *Amazon VPC User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/allocate-hosts.rst b/awscli/examples/ec2/allocate-hosts.rst index bc1feb511aaf..1b5ef17525f4 100644 --- a/awscli/examples/ec2/allocate-hosts.rst +++ b/awscli/examples/ec2/allocate-hosts.rst @@ -1,55 +1,55 @@ -**Example 1: To allocate a Dedicated Host** - -The following ``allocate-hosts`` example allocates a single Dedicated Host in the ``eu-west-1a`` Availability Zone, onto which you can launch ``m5.large`` instances. By default, the Dedicated Host accepts only target instance launches, and does not support host recovery. :: - - aws ec2 allocate-hosts \ - --instance-type m5.large \ - --availability-zone eu-west-1a \ - --quantity 1 - -Output:: - - { - "HostIds": [ - "h-07879acf49EXAMPLE" - ] - } - -**Example 2: To allocate a Dedicated Host with auto-placement and host recovery enabled** - -The following ``allocate-hosts`` example allocates a single Dedicated Host in the ``eu-west-1a`` Availability Zone with auto-placement and host recovery enabled. :: - - aws ec2 allocate-hosts \ - --instance-type m5.large \ - --availability-zone eu-west-1a \ - --auto-placement on \ - --host-recovery on \ - --quantity 1 - -Output:: - - { - "HostIds": [ - "h-07879acf49EXAMPLE" - ] - } - -**Example 3: To allocate a Dedicated Host with tags** - -The following ``allocate-hosts`` example allocates a single Dedicated Host and applies a tag with a key named ``purpose`` and a value of ``production``. :: - - aws ec2 allocate-hosts \ - --instance-type m5.large \ - --availability-zone eu-west-1a \ - --quantity 1 \ - --tag-specifications 'ResourceType=dedicated-host,Tags={Key=purpose,Value=production}' - -Output:: - - { - "HostIds": [ - "h-07879acf49EXAMPLE" - ] - } - -For more information, see `Allocating Dedicated Hosts `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. +**Example 1: To allocate a Dedicated Host** + +The following ``allocate-hosts`` example allocates a single Dedicated Host in the ``eu-west-1a`` Availability Zone, onto which you can launch ``m5.large`` instances. By default, the Dedicated Host accepts only target instance launches, and does not support host recovery. :: + + aws ec2 allocate-hosts \ + --instance-type m5.large \ + --availability-zone eu-west-1a \ + --quantity 1 + +Output:: + + { + "HostIds": [ + "h-07879acf49EXAMPLE" + ] + } + +**Example 2: To allocate a Dedicated Host with auto-placement and host recovery enabled** + +The following ``allocate-hosts`` example allocates a single Dedicated Host in the ``eu-west-1a`` Availability Zone with auto-placement and host recovery enabled. :: + + aws ec2 allocate-hosts \ + --instance-type m5.large \ + --availability-zone eu-west-1a \ + --auto-placement on \ + --host-recovery on \ + --quantity 1 + +Output:: + + { + "HostIds": [ + "h-07879acf49EXAMPLE" + ] + } + +**Example 3: To allocate a Dedicated Host with tags** + +The following ``allocate-hosts`` example allocates a single Dedicated Host and applies a tag with a key named ``purpose`` and a value of ``production``. :: + + aws ec2 allocate-hosts \ + --instance-type m5.large \ + --availability-zone eu-west-1a \ + --quantity 1 \ + --tag-specifications 'ResourceType=dedicated-host,Tags={Key=purpose,Value=production}' + +Output:: + + { + "HostIds": [ + "h-07879acf49EXAMPLE" + ] + } + +For more information, see `Allocate a Dedicated Host `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/associate-address.rst b/awscli/examples/ec2/associate-address.rst index 6db0020a1361..08a8fdf3b8cd 100644 --- a/awscli/examples/ec2/associate-address.rst +++ b/awscli/examples/ec2/associate-address.rst @@ -1,35 +1,44 @@ -**To associate an Elastic IP addresses in EC2-Classic** - -This example associates an Elastic IP address with an instance in EC2-Classic. If the command succeeds, no output is returned. - -Command:: - - aws ec2 associate-address --instance-id i-07ffe74c7330ebf53 --public-ip 198.51.100.0 - -**To associate an Elastic IP address in EC2-VPC** - -This example associates an Elastic IP address with an instance in a VPC. - -Command:: - - aws ec2 associate-address --instance-id i-0b263919b6498b123 --allocation-id eipalloc-64d5890a - -Output:: - - { - "AssociationId": "eipassoc-2bebb745" - } - -This example associates an Elastic IP address with a network interface. - -Command:: - - aws ec2 associate-address --allocation-id eipalloc-64d5890a --network-interface-id eni-1a2b3c4d - -This example associates an Elastic IP with a private IP address that's associated with a network interface. - -Command:: - - aws ec2 associate-address --allocation-id eipalloc-64d5890a --network-interface-id eni-1a2b3c4d --private-ip-address 10.0.0.85 - - +**Example 1: To associate an Elastic IP address with an instance** + +The following ``associate-address`` example associates an Elastic IP address with the specified EC2 instance. :: + + aws ec2 associate-address \ + --instance-id i-0b263919b6498b123 \ + --allocation-id eipalloc-64d5890a + +Output:: + + { + "AssociationId": "eipassoc-2bebb745" + } + +**Example 2: To associate an Elastic IP address with a network interface** + +The following ``associate-address`` example associates the specified Elastic IP address with the specified network interface. :: + + aws ec2 associate-address + --allocation-id eipalloc-64d5890a \ + --network-interface-id eni-1a2b3c4d + +Output:: + + { + "AssociationId": "eipassoc-2bebb745" + } + +**Example 3: To associate an Elastic IP address with a private IP address** + +The following ``associate-address`` example associates the specified Elastic IP address with the specified private IP address in the specified network interface. :: + + aws ec2 associate-address \ + --allocation-id eipalloc-64d5890a \ + --network-interface-id eni-1a2b3c4d \ + --private-ip-address 10.0.0.85 + +Output:: + + { + "AssociationId": "eipassoc-2bebb745" + } + +For more information, see `Elastic IP addresses `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/associate-ipam-resource-discovery.rst b/awscli/examples/ec2/associate-ipam-resource-discovery.rst new file mode 100644 index 000000000000..cf78208eeebc --- /dev/null +++ b/awscli/examples/ec2/associate-ipam-resource-discovery.rst @@ -0,0 +1,39 @@ +**To associate a resource discovery with an IPAM** + +In this example, you are an IPAM delegated admin and a resource discovery has been created and shared with you by another AWS account so that you can use IPAM to manage and monitor resource CIDRs owned by the other account. + +Note + +* To complete this request, you'll need the resource discovery ID which you can get with `describe-ipam-resource-discoveries `__ and the IPAM ID which you can get with `describe-ipams `__. +* The resource discovery that you are associating must have first been shared with your account using AWS RAM. +* The ``--region`` you enter must match the home Region of the IPAM you are associating it with. + +The following ``associate-ipam-resource-discovery`` example associates a resource discovery with an IPAM. :: + + aws ec2 associate-ipam-resource-discovery \ + --ipam-id ipam-005f921c17ebd5107 \ + --ipam-resource-discovery-id ipam-res-disco-03e0406de76a044ee \ + --tag-specifications 'ResourceType=ipam-resource-discovery,Tags=[{Key=cost-center,Value=cc123}]' \ + --region us-east-1 + +Output:: + + { + { + "IpamResourceDiscoveryAssociation": { + "OwnerId": "320805250157", + "IpamResourceDiscoveryAssociationId": "ipam-res-disco-assoc-04382a6346357cf82", + "IpamResourceDiscoveryAssociationArn": "arn:aws:ec2::320805250157:ipam-resource-discovery-association/ipam-res-disco-assoc-04382a6346357cf82", + "IpamResourceDiscoveryId": "ipam-res-disco-0365d2977fc1672fe", + "IpamId": "ipam-005f921c17ebd5107", + "IpamArn": "arn:aws:ec2::320805250157:ipam/ipam-005f921c17ebd5107", + "IpamRegion": "us-east-1", + "IsDefault": false, + "ResourceDiscoveryStatus": "active", + "State": "associate-in-progress", + "Tags": [] + } + } + } + +Once you associate a resource discovery, you can monitor and/or manage the IP addresses of resources created by the other accounts. For more information, see `Integrate IPAM with accounts outside of your organization `__ in the *Amazon VPC IPAM User Guide*. diff --git a/awscli/examples/ec2/associate-transit-gateway-multicast-domain.rst b/awscli/examples/ec2/associate-transit-gateway-multicast-domain.rst index 43aeead45180..d68563864798 100755 --- a/awscli/examples/ec2/associate-transit-gateway-multicast-domain.rst +++ b/awscli/examples/ec2/associate-transit-gateway-multicast-domain.rst @@ -25,4 +25,4 @@ Output:: } } -For more information, see `Managing multicast domains `__ in the *Transit Gateways Guide*. \ No newline at end of file +For more information, see `Multicast domains `__ in the *Transit Gateways Guide*. diff --git a/awscli/examples/ec2/authorize-security-group-egress.rst b/awscli/examples/ec2/authorize-security-group-egress.rst index 654851b99de8..998212a87feb 100644 --- a/awscli/examples/ec2/authorize-security-group-egress.rst +++ b/awscli/examples/ec2/authorize-security-group-egress.rst @@ -1,23 +1,56 @@ -**To add a rule that allows outbound traffic to a specific address range** - -This example command adds a rule that grants access to the specified address ranges on TCP port 80. - -Command (Linux):: - - aws ec2 authorize-security-group-egress --group-id sg-1a2b3c4d --ip-permissions IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges='[{CidrIp=10.0.0.0/16}]' - -Command (Windows):: - - aws ec2 authorize-security-group-egress --group-id sg-1a2b3c4d --ip-permissions IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges=[{CidrIp=10.0.0.0/16}] - -**To add a rule that allows outbound traffic to a specific security group** - -This example command adds a rule that grants access to the specified security group on TCP port 80. - -Command (Linux):: - - aws ec2 authorize-security-group-egress --group-id sg-1a2b3c4d --ip-permissions IpProtocol=tcp,FromPort=80,ToPort=80,UserIdGroupPairs='[{GroupId=sg-4b51a32f}]' - -Command (Windows):: - - aws ec2 authorize-security-group-egress --group-id sg-1a2b3c4d --ip-permissions IpProtocol=tcp,FromPort=80,ToPort=80,UserIdGroupPairs=[{GroupId=sg-4b51a32f}] +**Example 1: To add a rule that allows outbound traffic to a specific address range** + +The following ``authorize-security-group-egress`` example adds a rule that grants access to the specified address ranges on TCP port 80. :: + + aws ec2 authorize-security-group-egress \ + --group-id sg-1234567890abcdef0 \ + --ip-permissions 'IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges=[{CidrIp=10.0.0.0/16}]' + +Output:: + + { + "Return": true, + "SecurityGroupRules": [ + { + "SecurityGroupRuleId": "sgr-0b15794cdb17bf29c", + "GroupId": "sg-1234567890abcdef0", + "GroupOwnerId": "123456789012", + "IsEgress": true, + "IpProtocol": "tcp", + "FromPort": 80, + "ToPort": 80, + "CidrIpv4": "10.0.0.0/16" + } + ] + } + +**Example 2: To add a rule that allows outbound traffic to a specific security group** + +The following ``authorize-security-group-egress`` example adds a rule that grants access to the specified security group on TCP port 80. :: + + aws ec2 authorize-security-group-egress \ + --group-id sg-1234567890abcdef0 \ + --ip-permissions 'IpProtocol=tcp,FromPort=80,ToPort=80,UserIdGroupPairs=[{GroupId=sg-0aad1c26bbeec5c22}]' + +Output:: + + { + "Return": true, + "SecurityGroupRules": [ + { + "SecurityGroupRuleId": "sgr-0b5dd815afcea9cc3", + "GroupId": "sg-1234567890abcdef0", + "GroupOwnerId": "123456789012", + "IsEgress": true, + "IpProtocol": "tcp", + "FromPort": 80, + "ToPort": 80, + "ReferencedGroupInfo": { + "GroupId": "sg-0aad1c26bbeec5c22", + "UserId": "123456789012" + } + } + ] + } + +For more information, see `Security groups `__ in the *Amazon VPC User Guide*. diff --git a/awscli/examples/ec2/authorize-security-group-ingress.rst b/awscli/examples/ec2/authorize-security-group-ingress.rst index 4ccf6498fb47..aa27acac5df2 100644 --- a/awscli/examples/ec2/authorize-security-group-ingress.rst +++ b/awscli/examples/ec2/authorize-security-group-ingress.rst @@ -59,11 +59,11 @@ Output:: **Example 3: To add multiple rules in the same call** -The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add two inbound rules, one that enables inbound access on TCP port 3389 (RDP) and the other that enables ping/ICMP. +The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add two inbound rules, one that enables inbound access on TCP port 3389 (RDP) and the other that enables ping/ICMP. :: aws ec2 authorize-security-group-ingress \ --group-id sg-1234567890abcdef0 \ - --ip-permissions IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges="[{CidrIp=172.31.0.0/16}]" IpProtocol=icmp,FromPort=-1,ToPort=-1,IpRanges="[{CidrIp=172.31.0.0/16}]" + --ip-permissions 'IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges=[{CidrIp=172.31.0.0/16}]" "IpProtocol=icmp,FromPort=-1,ToPort=-1,IpRanges=[{CidrIp=172.31.0.0/16}]' Output:: @@ -92,14 +92,14 @@ Output:: } ] } - + **Example 4: To add a rule for ICMP traffic** -The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows the ICMP message ``Destination Unreachable: Fragmentation Needed and Don't Fragment was Set`` (Type 3, Code 4) from anywhere. +The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows the ICMP message ``Destination Unreachable: Fragmentation Needed and Don't Fragment was Set`` (Type 3, Code 4) from anywhere. :: aws ec2 authorize-security-group-ingress \ --group-id sg-1234567890abcdef0 \ - --ip-permissions IpProtocol=icmp,FromPort=3,ToPort=4,IpRanges="[{CidrIp=0.0.0.0/0}]" + --ip-permissions 'IpProtocol=icmp,FromPort=3,ToPort=4,IpRanges=[{CidrIp=0.0.0.0/0}]' Output:: @@ -121,11 +121,11 @@ Output:: **Example 5: To add a rule for IPv6 traffic** -The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows SSH access (port 22) from the IPv6 range ``2001:db8:1234:1a00::/64``. +The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows SSH access (port 22) from the IPv6 range ``2001:db8:1234:1a00::/64``. :: aws ec2 authorize-security-group-ingress \ --group-id sg-1234567890abcdef0 \ - --ip-permissions IpProtocol=tcp,FromPort=22,ToPort=22,Ipv6Ranges="[{CidrIpv6=2001:db8:1234:1a00::/64}]" + --ip-permissions 'IpProtocol=tcp,FromPort=22,ToPort=22,Ipv6Ranges=[{CidrIpv6=2001:db8:1234:1a00::/64}]' Output:: @@ -147,12 +147,12 @@ Output:: **Example 6: To add a rule for ICMPv6 traffic** -The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows ICMPv6 traffic from anywhere. +The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows ICMPv6 traffic from anywhere. :: aws ec2 authorize-security-group-ingress \ --group-id sg-1234567890abcdef0 \ - --ip-permissions IpProtocol=icmpv6,Ipv6Ranges="[{CidrIpv6=::/0}]" - + --ip-permissions 'IpProtocol=icmpv6,Ipv6Ranges=[{CidrIpv6=::/0}]' + Output:: { @@ -173,11 +173,11 @@ Output:: **Example 7: Add a rule with a description** -The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows RDP traffic from the specified IPv4 address range. The rule includes a description to help you identify it later. +The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows RDP traffic from the specified IPv4 address range. The rule includes a description to help you identify it later. :: aws ec2 authorize-security-group-ingress \ --group-id sg-1234567890abcdef0 \ - --ip-permissions IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges="[{CidrIp=203.0.113.0/24,Description='RDP access from NY office'}]" + --ip-permissions 'IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges=[{CidrIp=203.0.113.0/24,Description='RDP access from NY office'}]' Output:: @@ -200,11 +200,11 @@ Output:: **Example 8: To add an inbound rule that uses a prefix list** -The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows all traffic for the CIDR ranges in the specified prefix list. +The following ``authorize-security-group-ingress`` example uses the ``ip-permissions`` parameter to add an inbound rule that allows all traffic for the CIDR ranges in the specified prefix list. :: aws ec2 authorize-security-group-ingress \ --group-id sg-04a351bfe432d4e71 \ - --ip-permissions IpProtocol=all,PrefixListIds="[{PrefixListId=pl-002dc3ec097de1514}]" + --ip-permissions 'IpProtocol=all,PrefixListIds=[{PrefixListId=pl-002dc3ec097de1514}]' Output:: @@ -224,4 +224,4 @@ Output:: ] } -For more information, see `Security groups `__ in the *Amazon VPC User Guide*. \ No newline at end of file +For more information, see `Security groups `__ in the *Amazon VPC User Guide*. diff --git a/awscli/examples/ec2/cancel-capacity-reservation.rst b/awscli/examples/ec2/cancel-capacity-reservation.rst index 0ba6d4bbb857..d604e1b05b75 100644 --- a/awscli/examples/ec2/cancel-capacity-reservation.rst +++ b/awscli/examples/ec2/cancel-capacity-reservation.rst @@ -1,14 +1,14 @@ -**To cancel a capacity reservation** - -The following ``cancel-capacity-reservation`` example cancels the specified capacity reservation. :: - - aws ec2 cancel-capacity-reservation \ - --capacity-reservation-id cr-1234abcd56EXAMPLE - -Output:: - - { - "Return": true - } - -For more information, see `Canceling a Capacity Reservation `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. +**To cancel a capacity reservation** + +The following ``cancel-capacity-reservation`` example cancels the specified capacity reservation. :: + + aws ec2 cancel-capacity-reservation \ + --capacity-reservation-id cr-1234abcd56EXAMPLE + +Output:: + + { + "Return": true + } + +For more information, see `Cancel a Capacity Reservation `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/cancel-spot-fleet-requests.rst b/awscli/examples/ec2/cancel-spot-fleet-requests.rst index 11deda9385c9..25a498189a93 100644 --- a/awscli/examples/ec2/cancel-spot-fleet-requests.rst +++ b/awscli/examples/ec2/cancel-spot-fleet-requests.rst @@ -1,46 +1,43 @@ -**Example 1: To cancel a Spot fleet request and terminate the associated instances** - -The following ``cancel-spot-fleet-requests`` example cancels a Spot Fleet request and terminates the associated On-Demand Instances and Spot Instances. :: - - aws ec2 cancel-spot-fleet-requests \ - --spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \ - --terminate-instances - -Output:: - - { - "SuccessfulFleetRequests": [ - { - "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", - "CurrentSpotFleetRequestState": "cancelled_terminating", - "PreviousSpotFleetRequestState": "active" - } - ], - "UnsuccessfulFleetRequests": [] - } - -For more information, see `Cancel a Spot Fleet request `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. - - -**Example 2: To cancel a Spot fleet request without terminating the associated instances** - -The following ``cancel-spot-fleet-requests`` example cancels a Spot Fleet request without terminating the associated On-Demand Instances and Spot Instances. :: - - aws ec2 cancel-spot-fleet-requests \ - --spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \ - --no-terminate-instances - -Output:: - - { - "SuccessfulFleetRequests": [ - { - "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", - "CurrentSpotFleetRequestState": "cancelled_running", - "PreviousSpotFleetRequestState": "active" - } - ], - "UnsuccessfulFleetRequests": [] - } - -For more information, see `Cancel a Spot Fleet request `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. \ No newline at end of file +**Example 1: To cancel a Spot fleet request and terminate the associated instances** + +The following ``cancel-spot-fleet-requests`` example cancels a Spot Fleet request and terminates the associated On-Demand Instances and Spot Instances. :: + + aws ec2 cancel-spot-fleet-requests \ + --spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \ + --terminate-instances + +Output:: + + { + "SuccessfulFleetRequests": [ + { + "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", + "CurrentSpotFleetRequestState": "cancelled_terminating", + "PreviousSpotFleetRequestState": "active" + } + ], + "UnsuccessfulFleetRequests": [] + } + +**Example 2: To cancel a Spot fleet request without terminating the associated instances** + +The following ``cancel-spot-fleet-requests`` example cancels a Spot Fleet request without terminating the associated On-Demand Instances and Spot Instances. :: + + aws ec2 cancel-spot-fleet-requests \ + --spot-fleet-request-ids sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE \ + --no-terminate-instances + +Output:: + + { + "SuccessfulFleetRequests": [ + { + "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", + "CurrentSpotFleetRequestState": "cancelled_running", + "PreviousSpotFleetRequestState": "active" + } + ], + "UnsuccessfulFleetRequests": [] + } + +For more information, see `Cancel a Spot Fleet request `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/copy-snapshot.rst b/awscli/examples/ec2/copy-snapshot.rst index 97433a9a0a59..bdcacc94eae3 100644 --- a/awscli/examples/ec2/copy-snapshot.rst +++ b/awscli/examples/ec2/copy-snapshot.rst @@ -6,7 +6,7 @@ The following ``copy-snapshot`` example command copies the specified snapshot fr --region us-east-1 \ --source-region us-west-2 \ --source-snapshot-id snap-066877671789bd71b \ - --description "This is my copied snapshot." + --description 'This is my copied snapshot.' Output:: @@ -14,8 +14,6 @@ Output:: "SnapshotId": "snap-066877671789bd71b" } -For more information, see `Copy an Amazon EBS snapshot `__ in the *Amazon EC2 User Guide*. - **Example 2: To copy an unencrypted snapshot and encrypt the new snapshot** The following ``copy-snapshot`` command copies the specified unencrypted snapshot from the ``us-west-2`` Region to the current Region and encrypts the new snapshot using the specified KMS key. :: @@ -32,4 +30,4 @@ Output:: "SnapshotId": "snap-066877671789bd71b" } -For more information, see `Copy an Amazon EBS snapshot `__ in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information, see `Copy an Amazon EBS snapshot `__ in the *Amazon EBS User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-capacity-reservation.rst b/awscli/examples/ec2/create-capacity-reservation.rst index e1efa833bfdf..5c1780721626 100644 --- a/awscli/examples/ec2/create-capacity-reservation.rst +++ b/awscli/examples/ec2/create-capacity-reservation.rst @@ -1,95 +1,95 @@ -**Example 1: To create a Capacity Reservation** - -The following ``create-capacity-reservation`` example creates a capacity reservation in the ``eu-west-1a`` Availability Zone, into which you can launch three ``t2.medium`` instances running a Linux/Unix operating system. By default, the capacity reservation is created with open instance matching criteria and no support for ephemeral storage, and it remains active until you manually cancel it. :: - - aws ec2 create-capacity-reservation \ - --availability-zone eu-west-1a \ - --instance-type t2.medium \ - --instance-platform Linux/UNIX \ - --instance-count 3 - -Output:: - - { - "CapacityReservation": { - "CapacityReservationId": "cr-1234abcd56EXAMPLE ", - "EndDateType": "unlimited", - "AvailabilityZone": "eu-west-1a", - "InstanceMatchCriteria": "open", - "EphemeralStorage": false, - "CreateDate": "2019-08-16T09:27:35.000Z", - "AvailableInstanceCount": 3, - "InstancePlatform": "Linux/UNIX", - "TotalInstanceCount": 3, - "State": "active", - "Tenancy": "default", - "EbsOptimized": false, - "InstanceType": "t2.medium" - } - } - -**Example 2: To create a Capacity Reservation that automatically ends at a specified date/time** - -The following ``create-capacity-reservation`` example creates a capacity reservation in the ``eu-west-1a`` Availability Zone, into which you can launch three ``m5.large`` instances running a Linux/Unix operating system. This capacity reservation automatically ends on 08/31/2019 at 23:59:59. :: - - aws ec2 create-capacity-reservation \ - --availability-zone eu-west-1a \ - --instance-type m5.large \ - --instance-platform Linux/UNIX \ - --instance-count 3 \ - --end-date-type limited \ - --end-date 2019-08-31T23:59:59Z - -Output:: - - { - "CapacityReservation": { - "CapacityReservationId": "cr-1234abcd56EXAMPLE ", - "EndDateType": "limited", - "AvailabilityZone": "eu-west-1a", - "EndDate": "2019-08-31T23:59:59.000Z", - "InstanceMatchCriteria": "open", - "EphemeralStorage": false, - "CreateDate": "2019-08-16T10:15:53.000Z", - "AvailableInstanceCount": 3, - "InstancePlatform": "Linux/UNIX", - "TotalInstanceCount": 3, - "State": "active", - "Tenancy": "default", - "EbsOptimized": false, - "InstanceType": "m5.large" - } - } - -**Example 3: To create a Capacity Reservation that accepts only targeted instance launches** - -The following ``create-capacity-reservation`` example creates a capacity reservation that accepts only targeted instance launches. :: - - aws ec2 create-capacity-reservation \ - --availability-zone eu-west-1a \ - --instance-type m5.large \ - --instance-platform Linux/UNIX \ - --instance-count 3 \ - --instance-match-criteria targeted - -Output:: - - { - "CapacityReservation": { - "CapacityReservationId": "cr-1234abcd56EXAMPLE ", - "EndDateType": "unlimited", - "AvailabilityZone": "eu-west-1a", - "InstanceMatchCriteria": "targeted", - "EphemeralStorage": false, - "CreateDate": "2019-08-16T10:21:57.000Z", - "AvailableInstanceCount": 3, - "InstancePlatform": "Linux/UNIX", - "TotalInstanceCount": 3, - "State": "active", - "Tenancy": "default", - "EbsOptimized": false, - "InstanceType": "m5.large" - } - } - -For more information, see `Creating a Capacity Reservation `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. +**Example 1: To create a Capacity Reservation** + +The following ``create-capacity-reservation`` example creates a capacity reservation in the ``eu-west-1a`` Availability Zone, into which you can launch three ``t2.medium`` instances running a Linux/Unix operating system. By default, the capacity reservation is created with open instance matching criteria and no support for ephemeral storage, and it remains active until you manually cancel it. :: + + aws ec2 create-capacity-reservation \ + --availability-zone eu-west-1a \ + --instance-type t2.medium \ + --instance-platform Linux/UNIX \ + --instance-count 3 + +Output:: + + { + "CapacityReservation": { + "CapacityReservationId": "cr-1234abcd56EXAMPLE ", + "EndDateType": "unlimited", + "AvailabilityZone": "eu-west-1a", + "InstanceMatchCriteria": "open", + "EphemeralStorage": false, + "CreateDate": "2019-08-16T09:27:35.000Z", + "AvailableInstanceCount": 3, + "InstancePlatform": "Linux/UNIX", + "TotalInstanceCount": 3, + "State": "active", + "Tenancy": "default", + "EbsOptimized": false, + "InstanceType": "t2.medium" + } + } + +**Example 2: To create a Capacity Reservation that automatically ends at a specified date/time** + +The following ``create-capacity-reservation`` example creates a capacity reservation in the ``eu-west-1a`` Availability Zone, into which you can launch three ``m5.large`` instances running a Linux/Unix operating system. This capacity reservation automatically ends on 08/31/2019 at 23:59:59. :: + + aws ec2 create-capacity-reservation \ + --availability-zone eu-west-1a \ + --instance-type m5.large \ + --instance-platform Linux/UNIX \ + --instance-count 3 \ + --end-date-type limited \ + --end-date 2019-08-31T23:59:59Z + +Output:: + + { + "CapacityReservation": { + "CapacityReservationId": "cr-1234abcd56EXAMPLE ", + "EndDateType": "limited", + "AvailabilityZone": "eu-west-1a", + "EndDate": "2019-08-31T23:59:59.000Z", + "InstanceMatchCriteria": "open", + "EphemeralStorage": false, + "CreateDate": "2019-08-16T10:15:53.000Z", + "AvailableInstanceCount": 3, + "InstancePlatform": "Linux/UNIX", + "TotalInstanceCount": 3, + "State": "active", + "Tenancy": "default", + "EbsOptimized": false, + "InstanceType": "m5.large" + } + } + +**Example 3: To create a Capacity Reservation that accepts only targeted instance launches** + +The following ``create-capacity-reservation`` example creates a capacity reservation that accepts only targeted instance launches. :: + + aws ec2 create-capacity-reservation \ + --availability-zone eu-west-1a \ + --instance-type m5.large \ + --instance-platform Linux/UNIX \ + --instance-count 3 \ + --instance-match-criteria targeted + +Output:: + + { + "CapacityReservation": { + "CapacityReservationId": "cr-1234abcd56EXAMPLE ", + "EndDateType": "unlimited", + "AvailabilityZone": "eu-west-1a", + "InstanceMatchCriteria": "targeted", + "EphemeralStorage": false, + "CreateDate": "2019-08-16T10:21:57.000Z", + "AvailableInstanceCount": 3, + "InstancePlatform": "Linux/UNIX", + "TotalInstanceCount": 3, + "State": "active", + "Tenancy": "default", + "EbsOptimized": false, + "InstanceType": "m5.large" + } + } + +For more information, see `Create a Capacity Reservation `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/create-coip-cidr.rst b/awscli/examples/ec2/create-coip-cidr.rst new file mode 100644 index 000000000000..80d6fba0fb2d --- /dev/null +++ b/awscli/examples/ec2/create-coip-cidr.rst @@ -0,0 +1,19 @@ +**To create a range of customer-owned IP (CoIP) addresses** + +The following ``create-coip-cidr`` example creates the specified range of CoIP addresses in the specified CoIP pool. :: + + aws ec2 create-coip-cidr \ + --cidr 15.0.0.0/24 \ + --coip-pool-id ipv4pool-coip-1234567890abcdefg + +Output:: + + { + "CoipCidr": { + "Cidr": "15.0.0.0/24", + "CoipPoolId": "ipv4pool-coip-1234567890abcdefg", + "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890" + } + } + +For more information, see `Customer-owned IP addresses `__ in the *AWS Outposts User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-coip-pool.rst b/awscli/examples/ec2/create-coip-pool.rst new file mode 100644 index 000000000000..6647a91fc64b --- /dev/null +++ b/awscli/examples/ec2/create-coip-pool.rst @@ -0,0 +1,18 @@ +**To create a pool of customer-owned IP (CoIP) addresses** + +The following ``create-coip-pool`` example creates a CoIP pool for CoIP addresses in the specified local gateway route table. :: + + aws ec2 create-coip-pool \ + --local-gateway-route-table-id lgw-rtb-abcdefg1234567890 + +Output:: + + { + "CoipPool": { + "PoolId": "ipv4pool-coip-1234567890abcdefg", + "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", + "PoolArn": "arn:aws:ec2:us-west-2:123456789012:coip-pool/ipv4pool-coip-1234567890abcdefg" + } + } + +For more information, see `Customer-owned IP addresses `__ in the *AWS Outposts User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-ipam-resource-discovery.rst b/awscli/examples/ec2/create-ipam-resource-discovery.rst new file mode 100644 index 000000000000..56c037b9a255 --- /dev/null +++ b/awscli/examples/ec2/create-ipam-resource-discovery.rst @@ -0,0 +1,46 @@ +**To create a resource discovery** + +In this example, you're a delegated IPAM admin who wants to create and share a resource discovery with the IPAM admin in another AWS Organization so that the admin in the other organization can manage and monitor the IP addresses of resources in your organization. + +Important + +* This example includes both the ``--region`` and ``--operating-regions`` options because, while they are optional, they must be configured in a particular way to successfully integrate a resource discovery with an IPAM. + * ``--operating-regions`` must match the Regions where you have resources that you want IPAM to discover. If there are Regions where you do not want IPAM to manage the IP addresses (for example for compliance reasons), do not include them. + * ``--region`` must match the home Region of the IPAM you want to associate it with. You must create the resource discovery in the same Region that the IPAM was created in. For example, if the IPAM you are associating with was created in us-east-1, include ``--region us-east-1`` in the request. +* Both the ``--region`` and ``--operating-regions`` options default to the Region you're running the command in if you don't specify them. + +In this example, the operating Regions of the IPAM we're integrating with include ``us-west-1``, ``us-west-2``, and ``ap-south-1``. When we create the resource discovery, we want IPAM to discover the resource IP addresses in ``us-west-1`` and ``us-west-2`` but not ``ap-south-1``. So we are including only ``--operating-regions RegionName='us-west-1' RegionName='us-west-2'`` in the request. + +The following ``create-ipam-resource-discovery`` example creates an IPAM resource discovery. :: + + aws ec2 create-ipam-resource-discovery \ + --description 'Example-resource-discovery' \ + --tag-specifications 'ResourceType=ipam-resource-discovery,Tags=[{Key=cost-center,Value=cc123}]' \ + --operating-regions RegionName='us-west-1' RegionName='us-west-2' \ + --region us-east-1 + +Output:: + + { + "IpamResourceDiscovery":{ + "OwnerId": "149977607591", + "IpamResourceDiscoveryId": "ipam-res-disco-0257046d8aa78b8bc", + "IpamResourceDiscoveryArn": "arn:aws:ec2::149977607591:ipam-resource-discovery/ipam-res-disco-0257046d8aa78b8bc", + "IpamResourceDiscoveryRegion": "us-east-1", + "Description": "'Example-resource-discovery'", + "OperatingRegions":[ + {"RegionName": "us-west-1"}, + {"RegionName": "us-west-2"}, + {"RegionName": "us-east-1"} + ], + "IsDefault": false, + "State": "create-in-progress", + "Tags": [ + { + "Key": "cost-center", + "Value": "cc123" + } + ] + } + +Once you create a resource discovery, you may want to share it with another IPAM delegated admin, which you can do with `create-resource-share `__. For more information, see `Integrate IPAM with accounts outside of your organization `__ in the *Amazon VPC IPAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-local-gateway-route-table-virtual-interface-group-association.rst b/awscli/examples/ec2/create-local-gateway-route-table-virtual-interface-group-association.rst new file mode 100644 index 000000000000..32e9dd529e97 --- /dev/null +++ b/awscli/examples/ec2/create-local-gateway-route-table-virtual-interface-group-association.rst @@ -0,0 +1,24 @@ +**To associate a local gateway route table with a virtual interfaces (VIFs) group** + +The following ``create-local-gateway-route-table-virtual-interface-group-association`` example creates an association between the specified local gateway route table and VIF group. :: + + aws ec2 create-local-gateway-route-table-virtual-interface-group-association \ + --local-gateway-route-table-id lgw-rtb-exampleidabcd1234 \ + --local-gateway-virtual-interface-group-id lgw-vif-grp-exampleid0123abcd + +Output:: + + { + "LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId": "lgw-vif-grp-assoc-exampleid12345678", + "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-exampleid0123abcd", + "LocalGatewayId": "lgw-exampleid11223344", + "LocalGatewayRouteTableId": "lgw-rtb-exampleidabcd1234", + "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-exampleidabcd1234", + "OwnerId": "111122223333", + "State": "pending", + "Tags": [] + } + } + +For more information, see `VIF group associations `__ in the *AWS Outposts User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-local-gateway-route-table.rst b/awscli/examples/ec2/create-local-gateway-route-table.rst new file mode 100644 index 000000000000..01af18352540 --- /dev/null +++ b/awscli/examples/ec2/create-local-gateway-route-table.rst @@ -0,0 +1,24 @@ +**To create a local gateway route table** + +The following ``create-local-gateway-route-table`` example creates a local gateway route table with the direct VPC routing mode. :: + + aws ec2 create-local-gateway-route-table \ + --local-gateway-id lgw-1a2b3c4d5e6f7g8h9 \ + --mode direct-vpc-routing + +Output:: + + { + "LocalGatewayRouteTable": { + "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", + "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-abcdefg1234567890", + "LocalGatewayId": "lgw-1a2b3c4d5e6f7g8h9", + "OutpostArn": "arn:aws:outposts:us-west-2:111122223333:outpost/op-021345abcdef67890", + "OwnerId": "111122223333", + "State": "pending", + "Tags": [], + "Mode": "direct-vpc-routing" + } + } + +For more information, see `Local gateway route tables `__ in the *AWS Outposts User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-network-interface.rst b/awscli/examples/ec2/create-network-interface.rst index 5c898f4e92de..dfecc39796da 100644 --- a/awscli/examples/ec2/create-network-interface.rst +++ b/awscli/examples/ec2/create-network-interface.rst @@ -1,39 +1,194 @@ -**To create a network interface** - -This example creates a network interface for the specified subnet. - -Command:: - - aws ec2 create-network-interface --subnet-id subnet-9d4a7b6c --description "my network interface" --groups sg-903004f8 --private-ip-address 10.0.2.17 - -Output:: - - { - "NetworkInterface": { - "Status": "pending", - "MacAddress": "02:1a:80:41:52:9c", - "SourceDestCheck": true, - "VpcId": "vpc-a01106c2", - "Description": "my network interface", - "NetworkInterfaceId": "eni-e5aa89a3", - "PrivateIpAddresses": [ - { - "Primary": true, - "PrivateIpAddress": "10.0.2.17" - } - ], - "RequesterManaged": false, - "AvailabilityZone": "us-east-1d", - "Ipv6Addresses": [], - "Groups": [ - { - "GroupName": "default", - "GroupId": "sg-903004f8" - } - ], - "SubnetId": "subnet-9d4a7b6c", - "OwnerId": "123456789012", - "TagSet": [], - "PrivateIpAddress": "10.0.2.17" - } - } \ No newline at end of file +**Example 1: To specify an IPv4 address for a network interface** + +The following ``create-network-interface`` example creates a network interface for the specified subnet with the specified primary IPv4 address. :: + + aws ec2 create-network-interface \ + --subnet-id subnet-00a24d0d67acf6333 \ + --description "my network interface" \ + --groups sg-09dfba7ed20cda78b \ + --private-ip-address 10.0.8.17 + +Output:: + + { + "NetworkInterface": { + "AvailabilityZone": "us-west-2a", + "Description": "my network interface", + "Groups": [ + { + "GroupName": "my-security-group", + "GroupId": "sg-09dfba7ed20cda78b" + } + ], + "InterfaceType": "interface", + "Ipv6Addresses": [], + "MacAddress": "06:6a:0f:9a:49:37", + "NetworkInterfaceId": "eni-0492b355f0cf3b3f8", + "OwnerId": "123456789012", + "PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal", + "PrivateIpAddress": "10.0.8.17", + "PrivateIpAddresses": [ + { + "Primary": true, + "PrivateDnsName": "ip-10-0-8-17.us-west-2.compute.internal", + "PrivateIpAddress": "10.0.8.17" + } + ], + "RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE", + "RequesterManaged": false, + "SourceDestCheck": true, + "Status": "pending", + "SubnetId": "subnet-00a24d0d67acf6333", + "TagSet": [], + "VpcId": "vpc-02723a0feeeb9d57b" + } + } + +**Example 2: To create a network interface with an IPv4 address and an IPv6 address** + +The following ``create-network-interface`` example creates a network interface for the specified subnet with an IPv4 address and an IPv6 address that are selected by Amazon EC2. :: + + aws ec2 create-network-interface \ + --subnet-id subnet-00a24d0d67acf6333 \ + --description "my dual stack network interface" \ + --ipv6-address-count 1 \ + --groups sg-09dfba7ed20cda78b + +Output:: + + { + "NetworkInterface": { + "AvailabilityZone": "us-west-2a", + "Description": "my dual stack network interface", + "Groups": [ + { + "GroupName": "my-security-group", + "GroupId": "sg-09dfba7ed20cda78b" + } + ], + "InterfaceType": "interface", + "Ipv6Addresses": [ + { + "Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7", + "IsPrimaryIpv6": false + } + ], + "MacAddress": "06:b8:68:d2:b2:2d", + "NetworkInterfaceId": "eni-05da417453f9a84bf", + "OwnerId": "123456789012", + "PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal", + "PrivateIpAddress": "10.0.8.18", + "PrivateIpAddresses": [ + { + "Primary": true, + "PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal", + "PrivateIpAddress": "10.0.8.18" + } + ], + "RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE", + "RequesterManaged": false, + "SourceDestCheck": true, + "Status": "pending", + "SubnetId": "subnet-00a24d0d67acf6333", + "TagSet": [], + "VpcId": "vpc-02723a0feeeb9d57b", + "Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7" + } + } + +**Example 3: To create a network interface with connection tracking configuration options** + +The following ``create-network-interface`` example creates a network interface and configures the idle connection tracking timeouts. :: + + aws ec2 create-network-interface \ + --subnet-id subnet-00a24d0d67acf6333 \ + --groups sg-02e57dbcfe0331c1b \ + --connection-tracking-specification TcpEstablishedTimeout=86400,UdpTimeout=60 + +Output:: + + { + "NetworkInterface": { + "AvailabilityZone": "us-west-2a", + "ConnectionTrackingConfiguration": { + "TcpEstablishedTimeout": 86400, + "UdpTimeout": 60 + }, + "Description": "", + "Groups": [ + { + "GroupName": "my-security-group", + "GroupId": "sg-02e57dbcfe0331c1b" + } + ], + "InterfaceType": "interface", + "Ipv6Addresses": [], + "MacAddress": "06:4c:53:de:6d:91", + "NetworkInterfaceId": "eni-0c133586e08903d0b", + "OwnerId": "123456789012", + "PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal", + "PrivateIpAddress": "10.0.8.94", + "PrivateIpAddresses": [ + { + "Primary": true, + "PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal", + "PrivateIpAddress": "10.0.8.94" + } + ], + "RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE", + "RequesterManaged": false, + "SourceDestCheck": true, + "Status": "pending", + "SubnetId": "subnet-00a24d0d67acf6333", + "TagSet": [], + "VpcId": "vpc-02723a0feeeb9d57b" + } + } + +**Example 4: To create an Elastic Fabric Adapter** + +The following ``create-network-interface`` example creates an EFA. :: + + aws ec2 create-network-interface \ + --interface-type efa \ + --subnet-id subnet-00a24d0d67acf6333 \ + --description "my efa" \ + --groups sg-02e57dbcfe0331c1b + +Output:: + + { + "NetworkInterface": { + "AvailabilityZone": "us-west-2a", + "Description": "my efa", + "Groups": [ + { + "GroupName": "my-efa-sg", + "GroupId": "sg-02e57dbcfe0331c1b" + } + ], + "InterfaceType": "efa", + "Ipv6Addresses": [], + "MacAddress": "06:d7:a4:f7:4d:57", + "NetworkInterfaceId": "eni-034acc2885e862b65", + "OwnerId": "123456789012", + "PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal", + "PrivateIpAddress": "10.0.8.180", + "PrivateIpAddresses": [ + { + "Primary": true, + "PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal", + "PrivateIpAddress": "10.0.8.180" + } + ], + "RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE", + "RequesterManaged": false, + "SourceDestCheck": true, + "Status": "pending", + "SubnetId": "subnet-00a24d0d67acf6333", + "TagSet": [], + "VpcId": "vpc-02723a0feeeb9d57b" + } + } + +For more information, see `Elastic network interfaces `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/create-replace-root-volume-task.rst b/awscli/examples/ec2/create-replace-root-volume-task.rst index a97cbd40547b..978ae33936a1 100644 --- a/awscli/examples/ec2/create-replace-root-volume-task.rst +++ b/awscli/examples/ec2/create-replace-root-volume-task.rst @@ -18,8 +18,6 @@ Output:: } } -For more information, see `Replace a root volume `__ in the *Amazon Elastic Compute Cloud User Guide*. - **Example 2: To restore a root volume to a specific snapshot** The following ``create-replace-root-volume-task`` example restores the root volume of instance i-0123456789abcdefa to snapshot snap-0abcdef1234567890. :: @@ -41,4 +39,4 @@ Output:: } } -For more information, see `Replace a root volume `__ in the *Amazon Elastic Compute Cloud User Guide*. \ No newline at end of file +For more information, see `Replace a root volume `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-restore-image-task.rst b/awscli/examples/ec2/create-restore-image-task.rst index c305191681f9..b9a27daa2bf9 100644 --- a/awscli/examples/ec2/create-restore-image-task.rst +++ b/awscli/examples/ec2/create-restore-image-task.rst @@ -5,7 +5,7 @@ The following ``create-restore-image-task`` example restores an AMI from an S3 b aws ec2 create-restore-image-task \ --object-key ami-1234567890abcdef0.bin \ --bucket my-ami-bucket \ - --name "New AMI Name" + --name 'New AMI Name' Output:: @@ -13,4 +13,4 @@ Output:: "ImageId": "ami-0eab20fe36f83e1a8" } -For more information about storing and restoring an AMI using S3, see `Store and restore an AMI using S3 ` in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information, see `Store and restore an AMI using S3 `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/create-snapshots.rst b/awscli/examples/ec2/create-snapshots.rst index 7b33a7c04993..7610abc7ab1e 100644 --- a/awscli/examples/ec2/create-snapshots.rst +++ b/awscli/examples/ec2/create-snapshots.rst @@ -79,10 +79,14 @@ The following ``create-snapshots`` example creates a snapshot of all volumes att aws ec2 create-snapshots \ --instance-specification InstanceId=i-1234567890abcdef0,ExcludeBootVolume=true +See example 1 for sample output. + **Example 4: To create a multi-volume snapshot and add tags** The following ``create-snapshots`` example creates snapshots of all volumes attached to the specified instance and adds two tags to each snapshot. :: aws ec2 create-snapshots \ - --instance-specification InstanceId=i-1234567890abcdef0 - --tag-specifications ResourceType=snapshot,Tags=[{Key=Name,Value=backup},{Key=costcenter,Value=123}] + --instance-specification InstanceId=i-1234567890abcdef0 \ + --tag-specifications 'ResourceType=snapshot,Tags=[{Key=Name,Value=backup},{Key=costcenter,Value=123}]' + +See example 1 for sample output. \ No newline at end of file diff --git a/awscli/examples/ec2/create-spot-datafeed-subscription.rst b/awscli/examples/ec2/create-spot-datafeed-subscription.rst index 9f644f9e6b38..29dd3992737b 100644 --- a/awscli/examples/ec2/create-spot-datafeed-subscription.rst +++ b/awscli/examples/ec2/create-spot-datafeed-subscription.rst @@ -1,24 +1,24 @@ -**To create a Spot Instance data feed** - -The following ``create-spot-datafeed-subscription`` example creates a Spot Instance data feed. :: - - aws ec2 create-spot-datafeed-subscription \ - --bucket my-bucket \ - --prefix spot-data-feed - -Output:: - - { - "SpotDatafeedSubscription": { - "Bucket": "my-bucket", - "OwnerId": "123456789012", - "Prefix": "spot-data-feed", - "State": "Active" - } - } - -The data feed is stored in the Amazon S3 bucket that you specified. The file names for this data feed have the following format. :: - - my-bucket.s3.amazonaws.com/spot-data-feed/123456789012.YYYY-MM-DD-HH.n.abcd1234.gz - -For more information, see `Spot Instance data feed `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. \ No newline at end of file +**To create a Spot Instance data feed** + +The following ``create-spot-datafeed-subscription`` example creates a Spot Instance data feed. :: + + aws ec2 create-spot-datafeed-subscription \ + --bucket amzn-s3-demo-bucket \ + --prefix spot-data-feed + +Output:: + + { + "SpotDatafeedSubscription": { + "Bucket": "amzn-s3-demo-bucket", + "OwnerId": "123456789012", + "Prefix": "spot-data-feed", + "State": "Active" + } + } + +The data feed is stored in the Amazon S3 bucket that you specified. The file names for this data feed have the following format. :: + + amzn-s3-demo-bucket.s3.amazonaws.com/spot-data-feed/123456789012.YYYY-MM-DD-HH.n.abcd1234.gz + +For more information, see `Spot Instance data feed `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/create-store-image-task.rst b/awscli/examples/ec2/create-store-image-task.rst index a44f839119ec..6ce408b519d8 100644 --- a/awscli/examples/ec2/create-store-image-task.rst +++ b/awscli/examples/ec2/create-store-image-task.rst @@ -12,4 +12,5 @@ Output:: "ObjectKey": "ami-1234567890abcdef0.bin" } -For more information about storing and restoring an AMI using S3, see `Store and restore an AMI using S3 ` in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information, see `Store and restore an AMI using S3 `__ in the *Amazon EC2 User Guide*. + diff --git a/awscli/examples/ec2/create-tags.rst b/awscli/examples/ec2/create-tags.rst index 1b2159a8b64f..2024d83b2d89 100755 --- a/awscli/examples/ec2/create-tags.rst +++ b/awscli/examples/ec2/create-tags.rst @@ -1,36 +1,43 @@ -**To add a tag to a resource** - -The following ``create-tags`` example adds the tag ``Stack=production`` to the specified image, or overwrites an existing tag for the AMI where the tag key is ``Stack``. :: - - aws ec2 create-tags \ - --resources ami-1234567890abcdef0 --tags Key=Stack,Value=production - -**To add tags to multiple resources** - -The following ``create-tags`` example adds (or overwrites) two tags for an AMI and an instance. One of the tags has a key (``webserver``) but no value (value is set to an empty string). The other tag has a key (``stack``) and a value (``Production``). :: - - aws ec2 create-tags \ - --resources ami-1a2b3c4d i-1234567890abcdef0 \ - --tags Key=webserver,Value= Key=stack,Value=Production - -**To add tags containing special characters** - -The following ``create-tags`` example adds the tag ``[Group]=test`` for an instance. The square brackets ([ and ]) are special characters, and must be escaped. The following examples also use the line continuation character appropriate for each environment. - -If you are using Windows, surround the element that has special characters with double quotes ("), and then precede each double quote character with a backslash (\\) as follows:: - - aws ec2 create-tags ^ - --resources i-1234567890abcdef0 ^ - --tags Key=\"[Group]\",Value=test - -If you are using Windows PowerShell, element the value that has special characters with double quotes ("), precede each double quote character with a backslash (\\), and then surround the entire key and value structure with single quotes (') as follows:: - - aws ec2 create-tags ` - --resources i-1234567890abcdef0 ` - --tags 'Key=\"[Group]\",Value=test' - -If you are using Linux or OS X, surround the element that has special characters with double quotes ("), and then surround the entire key and value structure with single quotes (') as follows:: - - aws ec2 create-tags \ - --resources i-1234567890abcdef0 \ - --tags 'Key="[Group]",Value=test' +**Example 1: To add a tag to a resource** + +The following ``create-tags`` example adds the tag ``Stack=production`` to the specified image, or overwrites an existing tag for the AMI where the tag key is ``Stack``. :: + + aws ec2 create-tags \ + --resources ami-1234567890abcdef0 \ + --tags Key=Stack,Value=production + +This command produces no output + +**Example 2: To add tags to multiple resources** + +The following ``create-tags`` example adds (or overwrites) two tags for an AMI and an instance. One of the tags has a key (``webserver``) but no value (value is set to an empty string). The other tag has a key (``stack``) and a value (``Production``). :: + + aws ec2 create-tags \ + --resources ami-1a2b3c4d i-1234567890abcdef0 \ + --tags Key=webserver,Value= Key=stack,Value=Production + +This command produces no output + +**Example 3: To add tags containing special characters** + +The following ``create-tags`` examples add the tag ``[Group]=test`` for an instance. The square brackets ([ and ]) are special characters, and must be escaped. The following examples also use the line continuation character appropriate for each environment. + +If you are using Windows, surround the element that has special characters with double quotes ("), and then precede each double quote character with a backslash (\\) as follows. :: + + aws ec2 create-tags ^ + --resources i-1234567890abcdef0 ^ + --tags Key=\"[Group]\",Value=test + +If you are using Windows PowerShell, surround the element the value that has special characters with double quotes ("), precede each double quote character with a backslash (\\), and then surround the entire key and value structure with single quotes (') as follows. :: + + aws ec2 create-tags ` + --resources i-1234567890abcdef0 ` + --tags 'Key=\"[Group]\",Value=test' + +If you are using Linux or OS X, surround the element that has special characters with double quotes ("), and then surround the entire key and value structure with single quotes (') as follows. :: + + aws ec2 create-tags \ + --resources i-1234567890abcdef0 \ + --tags 'Key="[Group]",Value=test' + +For more information, see `Tag your Amazon EC2 resources `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-traffic-mirror-filter-rule.rst b/awscli/examples/ec2/create-traffic-mirror-filter-rule.rst index 28d34a49216f..52ae18172e25 100644 --- a/awscli/examples/ec2/create-traffic-mirror-filter-rule.rst +++ b/awscli/examples/ec2/create-traffic-mirror-filter-rule.rst @@ -1,32 +1,32 @@ -**To create a filter rule for incoming TCP traffic** - -The following ``create-traffic-mirror-filter-rule`` example creates a rule that you can use to mirror all incoming TCP traffic. Before you run this command, use ``create-traffic-mirror-filter`` to create the the Traffic Mirror filter. :: - - aws ec2 create-traffic-mirror-filter-rule \ - --description "TCP Rule" \ - --destination-cidr-block 0.0.0.0/0 \ - --protocol 6 \ - --rule-action accept \ - --rule-number 1 \ - --source-cidr-block 0.0.0.0/0 \ - --traffic-direction ingress \ - --traffic-mirror-filter-id tmf-04812ff784b25ae67 - -Output:: - - { - "TrafficMirrorFilterRule": { - "DestinationCidrBlock": "0.0.0.0/0", - "TrafficMirrorFilterId": "tmf-04812ff784b25ae67", - "TrafficMirrorFilterRuleId": "tmfr-02d20d996673f3732", - "SourceCidrBlock": "0.0.0.0/0", - "TrafficDirection": "ingress", - "Description": "TCP Rule", - "RuleNumber": 1, - "RuleAction": "accept", - "Protocol": 6 - }, - "ClientToken": "4752b573-40a6-4eac-a8a4-a72058761219" - } - -For more information, see `Create a Traffic Mirror Filter `__ in the *AWS Traffic Mirroring Guide*. +**To create a filter rule for incoming TCP traffic** + +The following ``create-traffic-mirror-filter-rule`` example creates a rule that you can use to mirror all incoming TCP traffic. Before you run this command, use ``create-traffic-mirror-filter`` to create the the traffic mirror filter. :: + + aws ec2 create-traffic-mirror-filter-rule \ + --description 'TCP Rule' \ + --destination-cidr-block 0.0.0.0/0 \ + --protocol 6 \ + --rule-action accept \ + --rule-number 1 \ + --source-cidr-block 0.0.0.0/0 \ + --traffic-direction ingress \ + --traffic-mirror-filter-id tmf-04812ff784b25ae67 + +Output:: + + { + "TrafficMirrorFilterRule": { + "DestinationCidrBlock": "0.0.0.0/0", + "TrafficMirrorFilterId": "tmf-04812ff784b25ae67", + "TrafficMirrorFilterRuleId": "tmfr-02d20d996673f3732", + "SourceCidrBlock": "0.0.0.0/0", + "TrafficDirection": "ingress", + "Description": "TCP Rule", + "RuleNumber": 1, + "RuleAction": "accept", + "Protocol": 6 + }, + "ClientToken": "4752b573-40a6-4eac-a8a4-a72058761219" + } + +For more information, see `Create a traffic mirror filter `__ in the *Traffic Mirroring Guide*. diff --git a/awscli/examples/ec2/create-traffic-mirror-filter.rst b/awscli/examples/ec2/create-traffic-mirror-filter.rst index c2cfbae582e2..23ab1f981bf8 100644 --- a/awscli/examples/ec2/create-traffic-mirror-filter.rst +++ b/awscli/examples/ec2/create-traffic-mirror-filter.rst @@ -1,12 +1,22 @@ -**To create a Traffic Mirror Filter** - -The following ``create-traffic-mirror-filter`` example creates a Traffic Mirror filter. After you create the filter, use ``create-traffic-mirror-filter-rule`` to add rules to the filter. :: - - aws ec2 create-traffic-mirror-filter \ - --description "TCP Filter" - -Output:: - - { "ClientToken": "28908518-100b-4987-8233-8c744EXAMPLE", "TrafficMirrorFilter": { "TrafficMirrorFilterId": "tmf-04812ff784EXAMPLE", "Description": "TCP Filter", "EgressFilterRules": [], "IngressFilterRules": [], "Tags": [], "NetworkServices": [] } } - -For more information, see `Create a Traffic Mirror Filter `__ in the *AWS Traffic Mirroring Guide*. +**To create a traffic mirror filter** + +The following ``create-traffic-mirror-filter`` example creates a traffic mirror filter. After you create the filter, use ``create-traffic-mirror-filter-rule`` to add rules. :: + + aws ec2 create-traffic-mirror-filter \ + --description 'TCP Filter' + +Output:: + + { + "ClientToken": "28908518-100b-4987-8233-8c744EXAMPLE", + "TrafficMirrorFilter": { + "TrafficMirrorFilterId": "tmf-04812ff784EXAMPLE", + "Description": "TCP Filter", + "EgressFilterRules": [], + "IngressFilterRules": [], + "Tags": [], + "NetworkServices": [] + } + } + +For more information, see `Create a traffic mirror filter `__ in the *Traffic Mirroring Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-traffic-mirror-session.rst b/awscli/examples/ec2/create-traffic-mirror-session.rst index 35e5ea5e91d7..c3c44aace32c 100644 --- a/awscli/examples/ec2/create-traffic-mirror-session.rst +++ b/awscli/examples/ec2/create-traffic-mirror-session.rst @@ -1,31 +1,31 @@ -**To create a Traffic Mirror Session** - -The following ``create-traffic-mirror-session`` command creates a traffic mirror sessions for the specified source and target for 25 bytes of the packet. :: - - aws ec2 create-traffic-mirror-session \ - --description "example session" \ - --traffic-mirror-target-id tmt-07f75d8feeEXAMPLE \ - --network-interface-id eni-070203f901EXAMPLE \ - --session-number 1 \ - --packet-length 25 \ - --traffic-mirror-filter-id tmf-04812ff784EXAMPLE - -Output:: - - { - "TrafficMirrorSession": { - "TrafficMirrorSessionId": "tms-08a33b1214EXAMPLE", - "TrafficMirrorTargetId": "tmt-07f75d8feeEXAMPLE", - "TrafficMirrorFilterId": "tmf-04812ff784EXAMPLE", - "NetworkInterfaceId": "eni-070203f901EXAMPLE", - "OwnerId": "111122223333", - "PacketLength": 25, - "SessionNumber": 1, - "VirtualNetworkId": 7159709, - "Description": "example session", - "Tags": [] - }, - "ClientToken": "5236cffc-ee13-4a32-bb5b-388d9da09d96" - } - -For more information, see `Create a Traffic Mirror Session `__ in the *AWS Traffic Mirroring Guide*. +**To create a traffic mirror session** + +The following ``create-traffic-mirror-session`` command creates a traffic mirror session for the specified source and target for 25 bytes of the packet. :: + + aws ec2 create-traffic-mirror-session \ + --description 'example session' \ + --traffic-mirror-target-id tmt-07f75d8feeEXAMPLE \ + --network-interface-id eni-070203f901EXAMPLE \ + --session-number 1 \ + --packet-length 25 \ + --traffic-mirror-filter-id tmf-04812ff784EXAMPLE + +Output:: + + { + "TrafficMirrorSession": { + "TrafficMirrorSessionId": "tms-08a33b1214EXAMPLE", + "TrafficMirrorTargetId": "tmt-07f75d8feeEXAMPLE", + "TrafficMirrorFilterId": "tmf-04812ff784EXAMPLE", + "NetworkInterfaceId": "eni-070203f901EXAMPLE", + "OwnerId": "111122223333", + "PacketLength": 25, + "SessionNumber": 1, + "VirtualNetworkId": 7159709, + "Description": "example session", + "Tags": [] + }, + "ClientToken": "5236cffc-ee13-4a32-bb5b-388d9da09d96" + } + +For more information, see `Create a traffic mirror session `__ in the *Traffic Mirroring Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-traffic-mirror-target.rst b/awscli/examples/ec2/create-traffic-mirror-target.rst index 0b178302dc88..8d5089bdb9ea 100644 --- a/awscli/examples/ec2/create-traffic-mirror-target.rst +++ b/awscli/examples/ec2/create-traffic-mirror-target.rst @@ -1,35 +1,45 @@ -**To create a a Network Load Balancer Traffic Mirror target** - -The following ``create-traffic-mirror-target`` example creates a Network Load Balancer Traffic Mirror target. :: - - aws ec2 create-traffic-mirror-target \ - --description "Example Network Load Balancer Target" \ - --network-load-balancer-arn arn:aws:elasticloadbalancing:us-east-1:111122223333:loadbalancer/net/NLB/7cdec873EXAMPLE - -Output:: - - { "TrafficMirrorTarget": { "Type": "network-load-balancer", "Tags": [], "Description": "Example Network Load Balancer Target", "OwnerId": "111122223333", "NetworkLoadBalancerArn": "arn:aws:elasticloadbalancing:us-east-1:724145273726:loadbalancer/net/NLB/7cdec873EXAMPLE", "TrafficMirrorTargetId": "tmt-0dabe9b0a6EXAMPLE" }, "ClientToken": "d5c090f5-8a0f-49c7-8281-72c796a21f72" } - -**To create a network Traffic Mirror target** - -The following ``create-traffic-mirror-target`` example creates a network interface Traffic Mirror target. - - aws ec2 create-traffic-mirror-target \ - --description "Network interface target" \ - --network-interface-id eni-eni-01f6f631eEXAMPLE - -Output:: - - { - "ClientToken": "5289a345-0358-4e62-93d5-47ef3061d65e", - "TrafficMirrorTarget": { - "Description": "Network interface target", - "NetworkInterfaceId": "eni-01f6f631eEXAMPLE", - "TrafficMirrorTargetId": "tmt-02dcdbe2abEXAMPLE", - "OwnerId": "111122223333", - "Type": "network-interface", - "Tags": [] - } - } - -For more information, see `Create a Traffic Mirror Target `__ in the *AWS Traffic Mirroring Guide*. \ No newline at end of file +**To create a a Network Load Balancer traffic mirror target** + +The following ``create-traffic-mirror-target`` example creates a Network Load Balancer traffic mirror target. :: + + aws ec2 create-traffic-mirror-target \ + --description 'Example Network Load Balancer Target' \ + --network-load-balancer-arn arn:aws:elasticloadbalancing:us-east-1:111122223333:loadbalancer/net/NLB/7cdec873EXAMPLE + +Output:: + + { + "TrafficMirrorTarget": { + "Type": "network-load-balancer", + "Tags": [], + "Description": "Example Network Load Balancer Target", + "OwnerId": "111122223333", + "NetworkLoadBalancerArn": "arn:aws:elasticloadbalancing:us-east-1:724145273726:loadbalancer/net/NLB/7cdec873EXAMPLE", + "TrafficMirrorTargetId": "tmt-0dabe9b0a6EXAMPLE" + }, + "ClientToken": "d5c090f5-8a0f-49c7-8281-72c796a21f72" + } + +**To create a network traffic mirror target** + +The following ``create-traffic-mirror-target`` example creates a network interface Traffic Mirror target. :: + + aws ec2 create-traffic-mirror-target \ + --description 'Network interface target' \ + --network-interface-id eni-eni-01f6f631eEXAMPLE + +Output:: + + { + "ClientToken": "5289a345-0358-4e62-93d5-47ef3061d65e", + "TrafficMirrorTarget": { + "Description": "Network interface target", + "NetworkInterfaceId": "eni-01f6f631eEXAMPLE", + "TrafficMirrorTargetId": "tmt-02dcdbe2abEXAMPLE", + "OwnerId": "111122223333", + "Type": "network-interface", + "Tags": [] + } + } + +For more information, see `Create a traffic mirror target `__ in the *Traffic Mirroring Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-transit-gateway-policy-table.rst b/awscli/examples/ec2/create-transit-gateway-policy-table.rst new file mode 100644 index 000000000000..d299ee491245 --- /dev/null +++ b/awscli/examples/ec2/create-transit-gateway-policy-table.rst @@ -0,0 +1,19 @@ +**To create a transit gateway policy table** + +The following ``create-transit-gateway-policy-table`` example creates a transit gateway policy table for the specified transit gateway. :: + + aws ec2 create-transit-gateway-policy-table \ + --transit-gateway-id tgw-067f8505c18f0bd6e + +Output:: + + { + "TransitGatewayPolicyTable": { + "TransitGatewayPolicyTableId": "tgw-ptb-0a16f134b78668a81", + "TransitGatewayId": "tgw-067f8505c18f0bd6e", + "State": "pending", + "CreationTime": "2023-11-28T16:36:43+00:00" + } + } + +For more information, see `Transit gateway policy tables `__ in the *Transit Gateway User Guide*. diff --git a/awscli/examples/ec2/create-transit-gateway-prefix-list-reference.rst b/awscli/examples/ec2/create-transit-gateway-prefix-list-reference.rst index 849d4b3cedc6..2c677d391e7b 100644 --- a/awscli/examples/ec2/create-transit-gateway-prefix-list-reference.rst +++ b/awscli/examples/ec2/create-transit-gateway-prefix-list-reference.rst @@ -1,27 +1,27 @@ -**To create a reference to a prefix list** - -The following ``create-transit-gateway-prefix-list-reference`` example creates a reference to the specified prefix list in the specified transit gateway route table. :: - - aws ec2 create-transit-gateway-prefix-list-reference \ - --transit-gateway-route-table-id tgw-rtb-0123456789abcd123 \ - --prefix-list-id pl-11111122222222333 \ - --transit-gateway-attachment-id tgw-attach-aaaaaabbbbbb11111 - -Output:: - - { - "TransitGatewayPrefixListReference": { - "TransitGatewayRouteTableId": "tgw-rtb-0123456789abcd123", - "PrefixListId": "pl-11111122222222333", - "PrefixListOwnerId": "123456789012", - "State": "pending", - "Blackhole": false, - "TransitGatewayAttachment": { - "TransitGatewayAttachmentId": "tgw-attach-aaaaaabbbbbb11111", - "ResourceType": "vpc", - "ResourceId": "vpc-112233445566aabbc" - } - } - } - -For more information, see `Prefix list references `__ in the *Transit Gateways Guide*. +**To create a reference to a prefix list** + +The following ``create-transit-gateway-prefix-list-reference`` example creates a reference to the specified prefix list in the specified transit gateway route table. :: + + aws ec2 create-transit-gateway-prefix-list-reference \ + --transit-gateway-route-table-id tgw-rtb-0123456789abcd123 \ + --prefix-list-id pl-11111122222222333 \ + --transit-gateway-attachment-id tgw-attach-aaaaaabbbbbb11111 + +Output:: + + { + "TransitGatewayPrefixListReference": { + "TransitGatewayRouteTableId": "tgw-rtb-0123456789abcd123", + "PrefixListId": "pl-11111122222222333", + "PrefixListOwnerId": "123456789012", + "State": "pending", + "Blackhole": false, + "TransitGatewayAttachment": { + "TransitGatewayAttachmentId": "tgw-attach-aaaaaabbbbbb11111", + "ResourceType": "vpc", + "ResourceId": "vpc-112233445566aabbc" + } + } + } + +For more information, see `Create a prefix list reference `__ in the *Transit Gateways Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-verified-access-endpoint.rst b/awscli/examples/ec2/create-verified-access-endpoint.rst index 45170370e808..680f982574b3 100644 --- a/awscli/examples/ec2/create-verified-access-endpoint.rst +++ b/awscli/examples/ec2/create-verified-access-endpoint.rst @@ -48,4 +48,4 @@ Output:: } } -For more information, see `Verified Access endpoints `__ in the *AWS Verified Access User Guide*. +For more information, see `Verified Access endpoints `__ in the *AWS Verified Access User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-vpc-endpoint-service-configuration.rst b/awscli/examples/ec2/create-vpc-endpoint-service-configuration.rst index b0c3b9025133..69bc5275b97a 100644 --- a/awscli/examples/ec2/create-vpc-endpoint-service-configuration.rst +++ b/awscli/examples/ec2/create-vpc-endpoint-service-configuration.rst @@ -1,65 +1,67 @@ -**Example 1: To create an endpoint service configuration for an interface endpoint** - -The following ``create-vpc-endpoint-service-configuration`` example creates a VPC endpoint service configuration using the Network Load Balancer ``nlb-vpce``. This example also specifies that requests to connect to the service through an interface endpoint must be accepted. :: - - aws ec2 create-vpc-endpoint-service-configuration \ - --network-load-balancer-arns arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/nlb-vpce/e94221227f1ba532 \ - --acceptance-required - -Output:: - - { - "ServiceConfiguration": { - "ServiceType": [ - { - "ServiceType": "Interface" - } - ], - "NetworkLoadBalancerArns": [ - "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/nlb-vpce/e94221227f1ba532" - ], - "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-03d5ebb7d9579a2b3", - "ServiceState": "Available", - "ServiceId": "vpce-svc-03d5ebb7d9579a2b3", - "AcceptanceRequired": true, - "AvailabilityZones": [ - "us-east-1d" - ], - "BaseEndpointDnsNames": [ - "vpce-svc-03d5ebb7d9579a2b3.us-east-1.vpce.amazonaws.com" - ] - } - } - -**Example 2: To create an endpoint service configuration for a Gateway Load Balancer endpoint** - -The following ``create-vpc-endpoint-service-configuration`` example creates a VPC endpoint service configuration using the Gateway Load Balancer ``GWLBService``. Requests to connect to the service through a Gateway Load Balancer endpoint are automatically accepted. :: - - aws ec2 create-vpc-endpoint-service-configuration \ - --gateway-load-balancer-arns arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/gwy/GWLBService/123123123123abcc \ - --no-acceptance-required - -Output:: - - { - "ServiceConfiguration": { - "ServiceType": [ - { - "ServiceType": "GatewayLoadBalancer" - } - ], - "ServiceId": "vpce-svc-123123a1c43abc123", - "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123", - "ServiceState": "Available", - "AvailabilityZones": [ - "us-east-1d" - ], - "AcceptanceRequired": false, - "ManagesVpcEndpoints": false, - "GatewayLoadBalancerArns": [ - "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/gwy/GWLBService/123123123123abcc" - ] - } - } - -For more information, see `VPC endpoint services `__ in the *Amazon VPC User Guide*. +**Example 1: To create an endpoint service configuration for an interface endpoint** + +The following ``create-vpc-endpoint-service-configuration`` example creates a VPC endpoint service configuration using the Network Load Balancer ``nlb-vpce``. This example also specifies that requests to connect to the service through an interface endpoint must be accepted. :: + + aws ec2 create-vpc-endpoint-service-configuration \ + --network-load-balancer-arns arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/nlb-vpce/e94221227f1ba532 \ + --acceptance-required + +Output:: + + { + "ServiceConfiguration": { + "ServiceType": [ + { + "ServiceType": "Interface" + } + ], + "NetworkLoadBalancerArns": [ + "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/nlb-vpce/e94221227f1ba532" + ], + "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-03d5ebb7d9579a2b3", + "ServiceState": "Available", + "ServiceId": "vpce-svc-03d5ebb7d9579a2b3", + "AcceptanceRequired": true, + "AvailabilityZones": [ + "us-east-1d" + ], + "BaseEndpointDnsNames": [ + "vpce-svc-03d5ebb7d9579a2b3.us-east-1.vpce.amazonaws.com" + ] + } + } + +For more information, see `Create an endpoint service `__ in the *AWS PrivateLink User Guide*. + +**Example 2: To create an endpoint service configuration for a Gateway Load Balancer endpoint** + +The following ``create-vpc-endpoint-service-configuration`` example creates a VPC endpoint service configuration using the Gateway Load Balancer ``GWLBService``. Requests to connect to the service through a Gateway Load Balancer endpoint are automatically accepted. :: + + aws ec2 create-vpc-endpoint-service-configuration \ + --gateway-load-balancer-arns arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/gwy/GWLBService/123123123123abcc \ + --no-acceptance-required + +Output:: + + { + "ServiceConfiguration": { + "ServiceType": [ + { + "ServiceType": "GatewayLoadBalancer" + } + ], + "ServiceId": "vpce-svc-123123a1c43abc123", + "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123", + "ServiceState": "Available", + "AvailabilityZones": [ + "us-east-1d" + ], + "AcceptanceRequired": false, + "ManagesVpcEndpoints": false, + "GatewayLoadBalancerArns": [ + "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/gwy/GWLBService/123123123123abcc" + ] + } + } + +For more information, see `Create a Gateway Load Balancer endpoint service `__ in the *AWS PrivateLink User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-vpc-endpoint.rst b/awscli/examples/ec2/create-vpc-endpoint.rst index e2e82963bcad..de693a8e8739 100644 --- a/awscli/examples/ec2/create-vpc-endpoint.rst +++ b/awscli/examples/ec2/create-vpc-endpoint.rst @@ -23,7 +23,7 @@ Output:: } } -For more information, see `Creating a gateway endpoint `__ in the *AWSPrivateLink Guide*. +For more information, see `Create a gateway endpoint `__ in the *AWS PrivateLink User Guide*. **Example 2: To create an interface endpoint** @@ -82,7 +82,7 @@ Output:: } } -For more information, see `Creating an interface endpoint `__ in the *User Guide for AWSPrivateLink*. +For more information, see `Create an interface VPC endpoint `__ in the *AWS PrivateLink User Guide*. **Example 3: To create a Gateway Load Balancer endpoint** @@ -115,4 +115,4 @@ Output:: } } -For more information, see `Gateway Load Balancer endpoints `__ in the *User Guide for AWSPrivateLink*. \ No newline at end of file +For more information, see `Gateway Load Balancer endpoints `__ in the *AWS PrivateLink User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/create-vpc.rst b/awscli/examples/ec2/create-vpc.rst index 94c842be3369..7980ed7de429 100755 --- a/awscli/examples/ec2/create-vpc.rst +++ b/awscli/examples/ec2/create-vpc.rst @@ -4,7 +4,7 @@ The following ``create-vpc`` example creates a VPC with the specified IPv4 CIDR aws ec2 create-vpc \ --cidr-block 10.0.0.0/16 \ - --tag-specification ResourceType=vpc,Tags=[{Key=Name,Value=MyVpc}] + --tag-specifications ResourceType=vpc,Tags=[{Key=Name,Value=MyVpc}] Output:: @@ -128,7 +128,7 @@ Windows:: Output:: - { + { "Vpc": { "CidrBlock": "10.0.1.0/24", "DhcpOptionsId": "dopt-2afccf50", diff --git a/awscli/examples/ec2/delete-coip-cidr.rst b/awscli/examples/ec2/delete-coip-cidr.rst new file mode 100644 index 000000000000..0dd3dab8db5a --- /dev/null +++ b/awscli/examples/ec2/delete-coip-cidr.rst @@ -0,0 +1,19 @@ +**To delete a range of customer-owned IP (CoIP) addresses** + +The following ``delete-coip-cidr`` example deletes the specified range of CoIP addresses in the specified CoIP pool. :: + + aws ec2 delete-coip-cidr \ + --cidr 14.0.0.0/24 \ + --coip-pool-id ipv4pool-coip-1234567890abcdefg + +Output:: + + { + "CoipCidr": { + "Cidr": "14.0.0.0/24", + "CoipPoolId": "ipv4pool-coip-1234567890abcdefg", + "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890" + } + } + +For more information, see `Customer-owned IP addresses `__ in the *AWS Outposts User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/delete-coip-pool.rst b/awscli/examples/ec2/delete-coip-pool.rst new file mode 100644 index 000000000000..d47b4be7a143 --- /dev/null +++ b/awscli/examples/ec2/delete-coip-pool.rst @@ -0,0 +1,18 @@ +**To delete a pool of customer-owned IP (CoIP) addresses** + +The following ``delete-coip-pool`` example deletes a CoIP pool of CoIP addresses. :: + + aws ec2 delete-coip-pool \ + --coip-pool-id ipv4pool-coip-1234567890abcdefg + +Output:: + + { + "CoipPool": { + "PoolId": "ipv4pool-coip-1234567890abcdefg", + "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", + "PoolArn": "arn:aws:ec2:us-west-2:123456789012:coip-pool/ipv4pool-coip-1234567890abcdefg" + } + } + +For more information, see `Customer-owned IP addresses `__ in the *AWS Outposts User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/delete-ipam-pool.rst b/awscli/examples/ec2/delete-ipam-pool.rst new file mode 100644 index 000000000000..08262dfda767 --- /dev/null +++ b/awscli/examples/ec2/delete-ipam-pool.rst @@ -0,0 +1,39 @@ +**To delete an IPAM pool** + +In this example, you're a IPAM delegated admin who wants to delete an IPAM pool that you no longer need, but the pool has a CIDR provisioned to it. You cannot delete a pool if it has CIDRs provisioned to it unless you use the ``--cascade`` option, so you'll use ``--cascade``. + +To complete this request: + +* You'll need the IPAM pool ID which you can get with `describe-ipam-pools `__. +* The ``--region`` must be the IPAM home Region. + +The following ``delete-ipam-pool`` example deletes an IPAM pool in your AWS account. :: + + aws ec2 delete-ipam-pool \ + --ipam-pool-id ipam-pool-050c886a3ca41cd5b \ + --cascade \ + --region us-east-1 + +Output:: + + { + "IpamPool": { + "OwnerId": "320805250157", + "IpamPoolId": "ipam-pool-050c886a3ca41cd5b", + "IpamPoolArn": "arn:aws:ec2::320805250157:ipam-pool/ipam-pool-050c886a3ca41cd5b", + "IpamScopeArn": "arn:aws:ec2::320805250157:ipam-scope/ipam-scope-0a158dde35c51107b", + "IpamScopeType": "private", + "IpamArn": "arn:aws:ec2::320805250157:ipam/ipam-005f921c17ebd5107", + "IpamRegion": "us-east-1", + "Locale": "None", + "PoolDepth": 1, + "State": "delete-in-progress", + "Description": "example", + "AutoImport": false, + "AddressFamily": "ipv4", + "AllocationMinNetmaskLength": 0, + "AllocationMaxNetmaskLength": 32 + } + } + +For more information, see `Delete a pool `__ in the *Amazon VPC IPAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/delete-ipam-resource-discovery.rst b/awscli/examples/ec2/delete-ipam-resource-discovery.rst new file mode 100644 index 000000000000..ba7a1aa9cf8f --- /dev/null +++ b/awscli/examples/ec2/delete-ipam-resource-discovery.rst @@ -0,0 +1,34 @@ +**To delete a resource discovery** + +In this example, you're a IPAM delegated admin who wants to delete a non-default resource discovery that you created to share with another IPAM admin during the process of integrating IPAM with accounts outside of your organization. + +To complete this request: + +* The ``--region`` must be the Region where you created the resource discovery. +* You cannot delete a default resource discovery if ``"IsDefault": true``. A default resource discovery is one that is created automatically in the account that creates an IPAM. To delete a default resource discovery, you have to delete the IPAM. + +The following ``delete-ipam-resource-discovery`` example deletes a resource discovery. :: + + aws ec2 delete-ipam-resource-discovery \ + --ipam-resource-discovery-id ipam-res-disco-0e39761475298ee0f \ + --region us-east-1 + +Output:: + + { + "IpamResourceDiscovery": { + "OwnerId": "149977607591", + "IpamResourceDiscoveryId": "ipam-res-disco-0e39761475298ee0f", + "IpamResourceDiscoveryArn": "arn:aws:ec2::149977607591:ipam-resource-discovery/ipam-res-disco-0e39761475298ee0f", + "IpamResourceDiscoveryRegion": "us-east-1", + "OperatingRegions": [ + { + "RegionName": "us-east-1" + } + ], + "IsDefault": false, + "State": "delete-in-progress" + } + } + +For more information about resource discoveries, see `Work with resource discoveries `__ in the *Amazon VPC IPAM User Guide*. diff --git a/awscli/examples/ec2/delete-key-pair.rst b/awscli/examples/ec2/delete-key-pair.rst index 4cd64fdd6a10..770a74e2139a 100644 --- a/awscli/examples/ec2/delete-key-pair.rst +++ b/awscli/examples/ec2/delete-key-pair.rst @@ -1,12 +1,15 @@ -**To delete a key pair** - -This example deletes the key pair named ``MyKeyPair``. If the command succeeds, no output is returned. - -Command:: - - aws ec2 delete-key-pair --key-name MyKeyPair - -For more information, see `Using Key Pairs`_ in the *AWS Command Line Interface User Guide*. - -.. _`Using Key Pairs`: http://docs.aws.amazon.com/cli/latest/userguide/cli-ec2-keypairs.html - +**To delete a key pair** + +The following ``delete-key-pair`` example deletes the specified key pair. :: + + aws ec2 delete-key-pair \ + --key-name my-key-pair + +Output:: + + { + "Return": true, + "KeyPairId": "key-03c8d3aceb53b507" + } + +For more information, see `Create and delete key pairs `__ in the *AWS Command Line Interface User Guide*. diff --git a/awscli/examples/ec2/delete-local-gateway-route-table-virtual-interface-group-association.rst b/awscli/examples/ec2/delete-local-gateway-route-table-virtual-interface-group-association.rst new file mode 100644 index 000000000000..4070ae9703f6 --- /dev/null +++ b/awscli/examples/ec2/delete-local-gateway-route-table-virtual-interface-group-association.rst @@ -0,0 +1,23 @@ +**To disassociate a local gateway route table from a virtual interfaces (VIFs) group** + +The following ``delete-local-gateway-route-table-virtual-interface-group-association`` example deletes the association between the specified local gateway route table and VIF group. :: + + aws ec2 delete-local-gateway-route-table-virtual-interface-group-association \ + --local-gateway-route-table-virtual-interface-group-association-id lgw-vif-grp-assoc-exampleid12345678 + +Output:: + + { + "LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { + "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId": "lgw-vif-grp-assoc-exampleid12345678", + "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-exampleid0123abcd", + "LocalGatewayId": "lgw-exampleid11223344", + "LocalGatewayRouteTableId": "lgw-rtb-exampleidabcd1234", + "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-exampleidabcd1234", + "OwnerId": "111122223333", + "State": "disassociating", + "Tags": [] + } + } + +For more information, see `VIF group associations `__ in the *AWS Outposts User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/delete-local-gateway-route-table-vpc-association.rst b/awscli/examples/ec2/delete-local-gateway-route-table-vpc-association.rst new file mode 100644 index 000000000000..2b01e2b9cb92 --- /dev/null +++ b/awscli/examples/ec2/delete-local-gateway-route-table-vpc-association.rst @@ -0,0 +1,22 @@ +**To disassociate a local gateway route table from a VPC** + +The following ``delete-local-gateway-route-table-vpc-association`` example deletes the association between the specified local gateway route table and VPC. :: + + aws ec2 delete-local-gateway-route-table-vpc-association \ + --local-gateway-route-table-vpc-association-id vpc-example0123456789 + +Output:: + + { + "LocalGatewayRouteTableVpcAssociation": { + "LocalGatewayRouteTableVpcAssociationId": "lgw-vpc-assoc-abcd1234wxyz56789", + "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", + "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:555555555555:local-gateway-route-table/lgw-rtb-abcdefg1234567890", + "LocalGatewayId": "lgw-exampleid01234567", + "VpcId": "vpc-example0123456789", + "OwnerId": "555555555555", + "State": "disassociating" + } + } + +For more information, see `VPC associations `__ in the *AWS Outposts User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/delete-local-gateway-route-table.rst b/awscli/examples/ec2/delete-local-gateway-route-table.rst new file mode 100644 index 000000000000..96cbe94a99c9 --- /dev/null +++ b/awscli/examples/ec2/delete-local-gateway-route-table.rst @@ -0,0 +1,23 @@ +**To delete a local gateway route table** + +The following ``delete-local-gateway-route-table`` example creates a local gateway route table with the direct VPC routing mode. :: + + aws ec2 delete-local-gateway-route-table \ + --local-gateway-route-table-id lgw-rtb-abcdefg1234567890 + +Output:: + + { + "LocalGatewayRouteTable": { + "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", + "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-abcdefg1234567890", + "LocalGatewayId": "lgw-1a2b3c4d5e6f7g8h9", + "OutpostArn": "arn:aws:outposts:us-west-2:111122223333:outpost/op-021345abcdef67890", + "OwnerId": "111122223333", + "State": "deleting", + "Tags": [], + "Mode": "direct-vpc-routing" + } + } + +For more information, see `Local gateway route tables `__ in the *AWS Outposts User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/delete-transit-gateway-policy-table.rst b/awscli/examples/ec2/delete-transit-gateway-policy-table.rst new file mode 100644 index 000000000000..f609140b3044 --- /dev/null +++ b/awscli/examples/ec2/delete-transit-gateway-policy-table.rst @@ -0,0 +1,22 @@ +**To delete a transit gateway policy table** + +The following ``delete-transit-gateway-policy-table`` example deletes the specified transit gateway policy table. :: + + aws ec2 delete-transit-gateway-policy-table \ + --transit-gateway-policy-table-id tgw-ptb-0a16f134b78668a81 + +Output:: + + { + "TransitGatewayPolicyTables": [ + { + "TransitGatewayPolicyTableId": "tgw-ptb-0a16f134b78668a81", + "TransitGatewayId": "tgw-067f8505c18f0bd6e", + "State": "deleting", + "CreationTime": "2023-11-28T16:36:43+00:00", + "Tags": [] + } + ] + } + +For more information, see `Transit gateway policy tables `__ in the *Transit Gateway User Guide*. diff --git a/awscli/examples/ec2/delete-verified-access-endpoint.rst b/awscli/examples/ec2/delete-verified-access-endpoint.rst index caed2b0be502..958fbe118c1c 100644 --- a/awscli/examples/ec2/delete-verified-access-endpoint.rst +++ b/awscli/examples/ec2/delete-verified-access-endpoint.rst @@ -34,4 +34,4 @@ Output:: } } -For more information, see `Verified Access endpoints `__ in the *AWS Verified Access User Guide*. +For more information, see `Verified Access endpoints `__ in the *AWS Verified Access User Guide*. diff --git a/awscli/examples/ec2/describe-aws-network-performance-metric-subscriptions.rst b/awscli/examples/ec2/describe-aws-network-performance-metric-subscriptions.rst new file mode 100644 index 000000000000..3477c32faf5c --- /dev/null +++ b/awscli/examples/ec2/describe-aws-network-performance-metric-subscriptions.rst @@ -0,0 +1,21 @@ +**To describe your metric subscriptions** + +The following ``describe-aws-network-performance-metric-subscriptions`` example describes your metric subscriptions. :: + + aws ec2 describe-aws-network-performance-metric-subscriptions + +Output:: + + { + "Subscriptions": [ + { + "Source": "us-east-1", + "Destination": "eu-west-1", + "Metric": "aggregate-latency", + "Statistic": "p50", + "Period": "five-minutes" + } + ] + } + +For more information, see `Manage subscriptions `__ in the *Infrastructure Performance User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/describe-capacity-reservation-fleets.rst b/awscli/examples/ec2/describe-capacity-reservation-fleets.rst index b9f4abe3b1dd..0b55a285fcb6 100644 --- a/awscli/examples/ec2/describe-capacity-reservation-fleets.rst +++ b/awscli/examples/ec2/describe-capacity-reservation-fleets.rst @@ -1,6 +1,6 @@ **To view a Capacity Reservation Fleet** -The following ``describe-capacity-reservation-fleets`` example lists configuration and capacity information for the specified Capacity Reservation Fleet. It also lists details about the individual Capacity Reservations that are inside the Fleet.:: +The following ``describe-capacity-reservation-fleets`` example lists configuration and capacity information for the specified Capacity Reservation Fleet. It also lists details about the individual Capacity Reservations that are inside the Fleet. :: aws ec2 describe-capacity-reservation-fleets \ --capacity-reservation-fleet-ids crf-abcdef01234567890 @@ -10,7 +10,7 @@ Output:: { "CapacityReservationFleets": [ { - "Status": "active", + "State": "active", "EndDate": "2022-12-31T23:59:59.000Z", "InstanceMatchCriteria": "open", "Tags": [], @@ -38,4 +38,4 @@ Output:: ] } -For more information about Capacity Reservation Fleets, see `Capacity Reservation Fleets `__ in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information about Capacity Reservation Fleets, see `Capacity Reservation Fleets `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/describe-capacity-reservations.rst b/awscli/examples/ec2/describe-capacity-reservations.rst index 6894e824b5ba..f6151c288782 100644 --- a/awscli/examples/ec2/describe-capacity-reservations.rst +++ b/awscli/examples/ec2/describe-capacity-reservations.rst @@ -10,35 +10,45 @@ Output:: "CapacityReservations": [ { "CapacityReservationId": "cr-1234abcd56EXAMPLE ", - "EndDateType": "unlimited", - "AvailabilityZone": "eu-west-1a", - "InstanceMatchCriteria": "open", - "Tags": [], - "EphemeralStorage": false, - "CreateDate": "2019-08-16T09:03:18.000Z", - "AvailableInstanceCount": 1, + "OwnerId": "123456789111", + "CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-1234abcd56EXAMPLE", + "AvailabilityZoneId": "use1-az2", + "InstanceType": "c5.large", "InstancePlatform": "Linux/UNIX", - "TotalInstanceCount": 1, - "State": "active", + "AvailabilityZone": "us-east-1a", "Tenancy": "default", + "TotalInstanceCount": 1, + "AvailableInstanceCount": 1, "EbsOptimized": true, - "InstanceType": "a1.medium" - }, - { - "CapacityReservationId": "cr-abcdEXAMPLE9876ef ", + "EphemeralStorage": false, + "State": "active", + "StartDate": "2024-10-23T15:00:24+00:00", "EndDateType": "unlimited", - "AvailabilityZone": "eu-west-1a", "InstanceMatchCriteria": "open", + "CreateDate": "2024-10-23T15:00:24+00:00", "Tags": [], - "EphemeralStorage": false, - "CreateDate": "2019-08-07T11:34:19.000Z", - "AvailableInstanceCount": 3, + "CapacityAllocations": [] + }, + { + "CapacityReservationId": "cr-abcdEXAMPLE9876ef ", + "OwnerId": "123456789111", + "CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-abcdEXAMPLE9876ef", + "AvailabilityZoneId": "use1-az2", + "InstanceType": "c4.large", "InstancePlatform": "Linux/UNIX", - "TotalInstanceCount": 3, - "State": "cancelled", + "AvailabilityZone": "us-east-1a", "Tenancy": "default", + "TotalInstanceCount": 1, + "AvailableInstanceCount": 1, "EbsOptimized": true, - "InstanceType": "m5.large" + "EphemeralStorage": false, + "State": "cancelled", + "StartDate": "2024-10-23T15:01:03+00:00", + "EndDateType": "unlimited", + "InstanceMatchCriteria": "open", + "CreateDate": "2024-10-23T15:01:02+00:00", + "Tags": [], + "CapacityAllocations": [] } ] } @@ -55,20 +65,25 @@ Output:: { "CapacityReservations": [ { - "CapacityReservationId": "cr-1234abcd56EXAMPLE", - "EndDateType": "unlimited", - "AvailabilityZone": "eu-west-1a", - "InstanceMatchCriteria": "open", - "Tags": [], - "EphemeralStorage": false, - "CreateDate": "2019-08-16T09:03:18.000Z", - "AvailableInstanceCount": 1, + "CapacityReservationId": "cr-abcdEXAMPLE9876ef ", + "OwnerId": "123456789111", + "CapacityReservationArn": "arn:aws:ec2:us-east-1:123456789111:capacity-reservation/cr-abcdEXAMPLE9876ef", + "AvailabilityZoneId": "use1-az2", + "InstanceType": "c4.large", "InstancePlatform": "Linux/UNIX", - "TotalInstanceCount": 1, - "State": "active", + "AvailabilityZone": "us-east-1a", "Tenancy": "default", + "TotalInstanceCount": 1, + "AvailableInstanceCount": 1, "EbsOptimized": true, - "InstanceType": "a1.medium" + "EphemeralStorage": false, + "State": "active", + "StartDate": "2024-10-23T15:01:03+00:00", + "EndDateType": "unlimited", + "InstanceMatchCriteria": "open", + "CreateDate": "2024-10-23T15:01:02+00:00", + "Tags": [], + "CapacityAllocations": [] } ] } diff --git a/awscli/examples/ec2/describe-instance-image-metadata.rst b/awscli/examples/ec2/describe-instance-image-metadata.rst new file mode 100644 index 000000000000..c768a6610efe --- /dev/null +++ b/awscli/examples/ec2/describe-instance-image-metadata.rst @@ -0,0 +1,186 @@ +**Example 1: To describe the AMI metadata for all instances** + +The following ``describe-instance-image-metadata`` example describes the AMI metadata of all the instances in your AWS account in the specified Region. :: + + aws ec2 describe-instance-image-metadata \ + --region us-east-1 + +Output:: + + { + "InstanceImageMetadata": [ + { + "InstanceId": "i-1234567890EXAMPLE", + "InstanceType": "t2.micro", + "LaunchTime": "2024-08-28T11:25:45+00:00", + "AvailabilityZone": "us-east-1a", + "State": { + "Code": 16, + "Name": "running" + }, + "OwnerId": "123412341234", + "Tags": [ + { + "Key": "MyTagName", + "Value": "my-tag-value" + } + ], + "ImageMetadata": { + "ImageId": "ami-0b752bf1df193a6c4", + "Name": "al2023-ami-2023.5.20240819.0-kernel-6.1-x86_64", + "OwnerId": "137112412989", + "State": "available", + "ImageOwnerAlias": "amazon", + "CreationDate": "2023-01-25T17:20:40Z", + "DeprecationTime": "2025-01-25T17:20:40Z", + "IsPublic": true + } + } + ], + "NextToken": "...EXAMPLEwIAABAA2JHaFxLnEXAMPLE..." + } + +For more information, see `Amazon Machine Images in Amazon EC2 `__ in the *Amazon EC2 User Guide*. + +**Example 2: To describe the AMI metadata for the specified instances** + +The following ``describe-instance-image-metadata`` example describes the AMI metadata for the specified instances. :: + + aws ec2 describe-instance-image-metadata \ + --region us-east-1 \ + --instance-ids i-1234567890EXAMPLE i-0987654321EXAMPLE + +Output:: + + { + "InstanceImageMetadata": [ + { + "InstanceId": "i-1234567890EXAMPLE", + "InstanceType": "t2.micro", + "LaunchTime": "2024-08-28T11:25:45+00:00", + "AvailabilityZone": "us-east-1a", + "State": { + "Code": 16, + "Name": "running" + }, + "OwnerId": "123412341234", + "Tags": [ + { + "Key": "MyTagName", + "Value": "my-tag-value" + } + ], + "ImageMetadata": { + "ImageId": "ami-0b752bf1df193a6c4", + "Name": "al2023-ami-2023.5.20240819.0-kernel-6.1-x86_64", + "OwnerId": "137112412989", + "State": "available", + "ImageOwnerAlias": "amazon", + "CreationDate": "2023-01-25T17:20:40Z", + "DeprecationTime": "2025-01-25T17:20:40Z", + "IsPublic": true + } + }, + { + "InstanceId": "i-0987654321EXAMPLE", + "InstanceType": "t2.micro", + "LaunchTime": "2024-08-28T11:25:45+00:00", + "AvailabilityZone": "us-east-1a", + "State": { + "Code": 16, + "Name": "running" + }, + "OwnerId": "123412341234", + "Tags": [ + { + "Key": "MyTagName", + "Value": "my-tag-value" + } + ], + "ImageMetadata": { + "ImageId": "ami-0b752bf1df193a6c4", + "Name": "al2023-ami-2023.5.20240819.0-kernel-6.1-x86_64", + "OwnerId": "137112412989", + "State": "available", + "ImageOwnerAlias": "amazon", + "CreationDate": "2023-01-25T17:20:40Z", + "DeprecationTime": "2025-01-25T17:20:40Z", + "IsPublic": true + } + } + ] + } + +For more information, see `Amazon Machine Images in Amazon EC2 `__ in the *Amazon EC2 User Guide*. + +**Example 3: To describe the AMI metadata for instances based on filters** + +The following ``describe-instance-image-metadata`` example describes the AMI metadata for ``t2.nano`` and ``t2.micro`` instances in the ``us-east-1a`` Availability Zone. :: + + aws ec2 describe-instance-image-metadata \ + --region us-east-1 \ + --filters Name=availability-zone,Values=us-east-1a Name=instance-type,Values=t2.nano,t2.micro + +Output:: + + { + "InstanceImageMetadata": [ + { + "InstanceId": "i-1234567890EXAMPLE", + "InstanceType": "t2.micro", + "LaunchTime": "2024-08-28T11:25:45+00:00", + "AvailabilityZone": "us-east-1a", + "State": { + "Code": 16, + "Name": "running" + }, + "OwnerId": "123412341234", + "Tags": [ + { + "Key": "MyTagName", + "Value": "my-tag-value" + } + ], + "ImageMetadata": { + "ImageId": "ami-0b752bf1df193a6c4", + "Name": "al2023-ami-2023.5.20240819.0-kernel-6.1-x86_64", + "OwnerId": "137112412989", + "State": "available", + "ImageOwnerAlias": "amazon", + "CreationDate": "2023-01-25T17:20:40Z", + "DeprecationTime": "2025-01-25T17:20:40Z", + "IsPublic": true + } + }, + { + "InstanceId": "i-0987654321EXAMPLE", + "InstanceType": "t2.micro", + "LaunchTime": "2024-08-28T11:25:45+00:00", + "AvailabilityZone": "us-east-1a", + "State": { + "Code": 16, + "Name": "running" + }, + "OwnerId": "123412341234", + "Tags": [ + { + "Key": "MyTagName", + "Value": "my-tag-value" + } + ], + "ImageMetadata": { + "ImageId": "ami-0b752bf1df193a6c4", + "Name": "al2023-ami-2023.5.20240819.0-kernel-6.1-x86_64", + "OwnerId": "137112412989", + "State": "available", + "ImageOwnerAlias": "amazon", + "CreationDate": "2023-01-25T17:20:40Z", + "DeprecationTime": "2025-01-25T17:20:40Z", + "IsPublic": true + } + } + ], + "NextToken": "...EXAMPLEV7ixRYHwIAABAA2JHaFxLnDAzpatfEXAMPLE..." + } + +For more information, see `Amazon Machine Images in Amazon EC2 `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/describe-instance-topology.rst b/awscli/examples/ec2/describe-instance-topology.rst new file mode 100644 index 000000000000..ce501365ed50 --- /dev/null +++ b/awscli/examples/ec2/describe-instance-topology.rst @@ -0,0 +1,61 @@ +**To describe the instance topology of all your instances** + +The following ``describe-instance-topology`` example describes the topology of all your instances that match the supported instance types for this command. :: + + aws ec2 describe-instance-topology \ + --region us-west-2 + +Output:: + + { + "Instances": [ + { + "InstanceId": "i-1111111111example", + "InstanceType": "p4d.24xlarge", + "GroupName": "my-ml-cpg", + "NetworkNodes": [ + "nn-1111111111example", + "nn-2222222222example", + "nn-3333333333example" + ], + "ZoneId": "usw2-az2", + "AvailabilityZone": "us-west-2a" + }, + { + "InstanceId": "i-2222222222example", + "InstanceType": "p4d.24xlarge", + "NetworkNodes": [ + "nn-1111111111example", + "nn-2222222222example", + "nn-3333333333example" + ], + "ZoneId": "usw2-az2", + "AvailabilityZone": "us-west-2a" + }, + { + "InstanceId": "i-3333333333example", + "InstanceType": "trn1.32xlarge", + "NetworkNodes": [ + "nn-1212121212example", + "nn-1211122211example", + "nn-1311133311example" + ], + "ZoneId": "usw2-az4", + "AvailabilityZone": "us-west-2d" + }, + { + "InstanceId": "i-444444444example", + "InstanceType": "trn1.2xlarge", + "NetworkNodes": [ + "nn-1111111111example", + "nn-5434334334example", + "nn-1235301234example" + ], + "ZoneId": "usw2-az2", + "AvailabilityZone": "us-west-2a" + } + ], + "NextToken": "SomeEncryptedToken" + } + +For more information, including more examples, see `Amazon EC2 instance topology `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/describe-instance-types.rst b/awscli/examples/ec2/describe-instance-types.rst index ca85fb1d0b53..f15a051e0348 100755 --- a/awscli/examples/ec2/describe-instance-types.rst +++ b/awscli/examples/ec2/describe-instance-types.rst @@ -3,7 +3,7 @@ The following ``describe-instance-types`` example displays details for the specified instance type. :: aws ec2 describe-instance-types \ - --instance-types t2.micro + --instance-types t2.micro Output:: @@ -70,11 +70,15 @@ Output:: ] } +For more information, see `Instance Types `__ in *Amazon Elastic Compute Cloud +User Guide for Linux Instances*. + **Example 2: To filter the available instance types** You can specify a filter to scope the results to instance types that have a specific characteristic. The following ``describe-instance-types`` example lists the instance types that support hibernation. :: - aws ec2 describe-instance-types --filters Name=hibernation-supported,Values=true --query InstanceTypes[].InstanceType + aws ec2 describe-instance-types \ + --filters Name=hibernation-supported,Values=true --query 'InstanceTypes[*].InstanceType' Output:: @@ -95,3 +99,6 @@ Output:: "r5.4xlarge", "c5.4xlarge" ] + +For more information, see `Instance Types `__ in *Amazon Elastic Compute Cloud +User Guide for Linux Instances*. \ No newline at end of file diff --git a/awscli/examples/ec2/describe-ipam-resource-discoveries.rst b/awscli/examples/ec2/describe-ipam-resource-discoveries.rst new file mode 100644 index 000000000000..38149c14ef82 --- /dev/null +++ b/awscli/examples/ec2/describe-ipam-resource-discoveries.rst @@ -0,0 +1,50 @@ +**Example 1: View complete details of resource discoveries** + +In this example, you're a delegated IPAM admin who wants to create and share a resource discovery with the IPAM admin in another AWS Organization so that the admin can manage and monitor the IP addresses of resources in your organization. + +This example may be useful if: + +* You tried to create a resource discovery, but you got an error that you've reached your limit of 1. You realize that you may have already created a resource discovery and you want to view it in your account. +* You have resources in a Region that are not being discovered by the IPAM. You want to view the ``--operating-regions`` defined for the resource and ensure that you've added the right Region as an operating Region so that the resources there can be discovered. + +The following ``describe-ipam-resource-discoveries`` example lists the details of the resource discovery in your AWS account. You can have one resource discovery per AWS Region. :: + + aws ec2 describe-ipam-resource-discoveries \ + --region us-east-1 + +Output:: + + { + "IpamResourceDiscoveries": [ + { + "OwnerId": "149977607591", + "IpamResourceDiscoveryId": "ipam-res-disco-0f8bdee9067137c0d", + "IpamResourceDiscoveryArn": "arn:aws:ec2::149977607591:ipam-resource-discovery/ipam-res-disco-0f8bdee9067137c0d", + "IpamResourceDiscoveryRegion": "us-east-1", + "OperatingRegions": [ + { + "RegionName": "us-east-1" + } + ], + "IsDefault": false, + "State": "create-complete", + "Tags": [] + } + ] + } + +For more information, see `Integrate IPAM with accounts outside of your organization `__ in the *Amazon VPC IPAM User Guide*. + +**Example 2: View only resource discovery IDs** + +The following ``describe-ipam-resource-discoveries`` example lists the ID of the resource discovery in your AWS account. You can have one resource discovery per AWS Region. :: + + aws ec2 describe-ipam-resource-discoveries \ + --query "IpamResourceDiscoveries[*].IpamResourceDiscoveryId" \ + --output text + +Output:: + + ipam-res-disco-0481e39b242860333 + +For more information, see `Integrate IPAM with accounts outside of your organization `__ in the *Amazon VPC IPAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/describe-ipam-resource-discovery-associations.rst b/awscli/examples/ec2/describe-ipam-resource-discovery-associations.rst new file mode 100644 index 000000000000..c08711e91497 --- /dev/null +++ b/awscli/examples/ec2/describe-ipam-resource-discovery-associations.rst @@ -0,0 +1,50 @@ +**To view all resource discovery associations with your IPAM** + +In this example, you're a IPAM delegated admin who has associated resource discoveries with your IPAM to integrate other accounts with your IPAM. You've noticed that your IPAM is not discovering the resources in the operating Regions of the resource discovery as expected. You want to check the status and state of the resource discovery to ensure that the account that created it is still active and the resource discovery is still being shared. + +The ``--region`` must be the home Region of your IPAM. + +The following ``describe-ipam-resource-discovery-associations`` example lists the resource discovery associations in your AWS account. :: + + aws ec2 describe-ipam-resource-discovery-associations \ + --region us-east-1 + +Output:: + + { + "IpamResourceDiscoveryAssociations": [ + { + "OwnerId": "320805250157", + "IpamResourceDiscoveryAssociationId": "ipam-res-disco-assoc-05e6b45eca5bf5cf7", + "IpamResourceDiscoveryAssociationArn": "arn:aws:ec2::320805250157:ipam-resource-discovery-association/ipam-res-disco-assoc-05e6b45eca5bf5cf7", + "IpamResourceDiscoveryId": "ipam-res-disco-0f4ef577a9f37a162", + "IpamId": "ipam-005f921c17ebd5107", + "IpamArn": "arn:aws:ec2::320805250157:ipam/ipam-005f921c17ebd5107", + "IpamRegion": "us-east-1", + "IsDefault": true, + "ResourceDiscoveryStatus": "active", + "State": "associate-complete", + "Tags": [] + }, + { + "OwnerId": "149977607591", + "IpamResourceDiscoveryAssociationId": "ipam-res-disco-assoc-0dfd21ae189ab5f62", + "IpamResourceDiscoveryAssociationArn": "arn:aws:ec2::149977607591:ipam-resource-discovery-association/ipam-res-disco-assoc-0dfd21ae189ab5f62", + "IpamResourceDiscoveryId": "ipam-res-disco-0365d2977fc1672fe", + "IpamId": "ipam-005f921c17ebd5107", + "IpamArn": "arn:aws:ec2::149977607591:ipam/ipam-005f921c17ebd5107", + "IpamRegion": "us-east-1", + "IsDefault": false, + "ResourceDiscoveryStatus": "active", + "State": "create-complete", + "Tags": [] + } + ] + } + +In this example, after running this command, you notice that you have one non-default resource discovery (``"IsDefault": false ``) that is ``"ResourceDiscoveryStatus": "not-found"`` and ``"State": "create-complete"``. The resource discovery owner's account has been closed. If, in another case, you notice that is ``"ResourceDiscoveryStatus": "not-found"`` and ``"State": "associate-complete"``, this indicates that one of the following has happened: + +* The resource discovery was deleted by the resource discovery owner. +* The resource discovery owner unshared the resource discovery. + +For more information, see `Integrate IPAM with accounts outside of your organization `__ in the *Amazon VPC IPAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/describe-locked-snapshots.rst b/awscli/examples/ec2/describe-locked-snapshots.rst new file mode 100644 index 000000000000..6900577e8e34 --- /dev/null +++ b/awscli/examples/ec2/describe-locked-snapshots.rst @@ -0,0 +1,24 @@ +**To describe the lock status of a snapshot** + +The following ``describe-locked-snapshots`` example describes the lock status of the specified snapshot. :: + + aws ec2 describe-locked-snapshots \ + --snapshot-ids snap-0b5e733b4a8df6e0d + +Output:: + + { + "Snapshots": [ + { + "OwnerId": "123456789012", + "SnapshotId": "snap-0b5e733b4a8df6e0d", + "LockState": "governance", + "LockDuration": 365, + "LockCreatedOn": "2024-05-05T00:56:06.208000+00:00", + "LockDurationStartTime": "2024-05-05T00:56:06.208000+00:00", + "LockExpiresOn": "2025-05-05T00:56:06.208000+00:00" + } + ] + } + +For more information, see `Snapshot lock `__ in the *Amazon EBS User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/describe-security-groups.rst b/awscli/examples/ec2/describe-security-groups.rst index 91527ad25332..b78c111d13b2 100644 --- a/awscli/examples/ec2/describe-security-groups.rst +++ b/awscli/examples/ec2/describe-security-groups.rst @@ -65,7 +65,7 @@ Output:: **Example 2: To describe security groups that have specific rules** -The following ``describe-security-groups``example uses filters to scope the results to security groups that have a rule that allows SSH traffic (port 22) and a rule that allows traffic from all addresses (``0.0.0.0/0``). The example uses the ``--query`` parameter to display only the names of the security groups. Security groups must match all filters to be returned in the results; however, a single rule does not have to match all filters. For example, the output returns a security group with a rule that allows SSH traffic from a specific IP address and another rule that allows HTTP traffic from all addresses. :: +The following ``describe-security-groups`` example uses filters to scope the results to security groups that have a rule that allows SSH traffic (port 22) and a rule that allows traffic from all addresses (``0.0.0.0/0``). The example uses the ``--query`` parameter to display only the names of the security groups. Security groups must match all filters to be returned in the results; however, a single rule does not have to match all filters. For example, the output returns a security group with a rule that allows SSH traffic from a specific IP address and another rule that allows HTTP traffic from all addresses. :: aws ec2 describe-security-groups \ --filters Name=ip-permission.from-port,Values=22 Name=ip-permission.to-port,Values=22 Name=ip-permission.cidr,Values='0.0.0.0/0' \ @@ -100,4 +100,4 @@ Output:: } ] -For additional examples using tag filters, see `Working with tags `__ in the *Amazon EC2 User Guide*. +For additional examples using tag filters, see `Working with tags `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/describe-spot-datafeed-subscription.rst b/awscli/examples/ec2/describe-spot-datafeed-subscription.rst index b532ff50a93f..24f68d689540 100644 --- a/awscli/examples/ec2/describe-spot-datafeed-subscription.rst +++ b/awscli/examples/ec2/describe-spot-datafeed-subscription.rst @@ -12,7 +12,7 @@ Output:: "SpotDatafeedSubscription": { "OwnerId": "123456789012", "Prefix": "spotdata", - "Bucket": "my-s3-bucket", + "Bucket": "amzn-s3-demo-bucket", "State": "Active" } } diff --git a/awscli/examples/ec2/describe-store-image-tasks.rst b/awscli/examples/ec2/describe-store-image-tasks.rst index c0aa6f8ae2d1..ad62ec8e81ef 100644 --- a/awscli/examples/ec2/describe-store-image-tasks.rst +++ b/awscli/examples/ec2/describe-store-image-tasks.rst @@ -7,13 +7,17 @@ The following ``describe-store-image-tasks`` example describes the progress of a Output:: { - "AmiId": "ami-1234567890abcdef0", - "Bucket": "my-ami-bucket", - "ProgressPercentage": 17, - "S3ObjectKey": "ami-1234567890abcdef0.bin", - "StoreTaskState": "InProgress", - "StoreTaskFailureReason": null, - "TaskStartTime": "2022-01-01T01:01:01.001Z" + "StoreImageTaskResults": [ + { + "AmiId": "ami-1234567890abcdef0", + "Bucket": "my-ami-bucket", + "ProgressPercentage": 17, + "S3objectKey": "ami-1234567890abcdef0.bin", + "StoreTaskState": "InProgress", + "StoreTaskFailureReason": null, + "TaskStartTime": "2022-01-01T01:01:01.001Z" + } + ] } For more information about storing and restoring an AMI using S3, see `Store and restore an AMI using S3 ` in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/describe-transit-gateway-policy-tables.rst b/awscli/examples/ec2/describe-transit-gateway-policy-tables.rst new file mode 100644 index 000000000000..27475aa04c71 --- /dev/null +++ b/awscli/examples/ec2/describe-transit-gateway-policy-tables.rst @@ -0,0 +1,22 @@ +**To describe a transit gateway policy table** + +The following ``describe-transit-gateway-policy-tables`` example describes the specified transit gateway policy table. :: + + aws ec2 describe-transit-gateway-policy-tables \ + --transit-gateway-policy-table-ids tgw-ptb-0a16f134b78668a81 + +Output:: + + { + "TransitGatewayPolicyTables": [ + { + "TransitGatewayPolicyTableId": "tgw-ptb-0a16f134b78668a81", + "TransitGatewayId": "tgw-067f8505c18f0bd6e", + "State": "available", + "CreationTime": "2023-11-28T16:36:43+00:00", + "Tags": [] + } + ] + } + +For more information, see `Transit gateway policy tables `__ in the *Transit Gateway User Guide*. diff --git a/awscli/examples/ec2/describe-verified-access-endpoints.rst b/awscli/examples/ec2/describe-verified-access-endpoints.rst index 8f15d97f2cf4..65926683bc12 100644 --- a/awscli/examples/ec2/describe-verified-access-endpoints.rst +++ b/awscli/examples/ec2/describe-verified-access-endpoints.rst @@ -1,6 +1,6 @@ **To describe a Verified Access endpoint** -The following ``delete-verified-access-endpoints`` example describes the specified Verified Access endpoint. :: +The following ``describe-verified-access-endpoints`` example describes the specified Verified Access endpoint. :: aws ec2 describe-verified-access-endpoints \ --verified-access-endpoint-ids vae-066fac616d4d546f2 @@ -42,4 +42,4 @@ Output:: ] } -For more information, see `Verified Access endpoints `__ in the *AWS Verified Access User Guide*. +For more information, see `Verified Access endpoints `__ in the *AWS Verified Access User Guide*. diff --git a/awscli/examples/ec2/describe-vpc-endpoint-service-configurations.rst b/awscli/examples/ec2/describe-vpc-endpoint-service-configurations.rst index 4240eeb0b757..7a917077df90 100644 --- a/awscli/examples/ec2/describe-vpc-endpoint-service-configurations.rst +++ b/awscli/examples/ec2/describe-vpc-endpoint-service-configurations.rst @@ -1,62 +1,62 @@ -**To describe endpoint service configurations** - -The following ``describe-vpc-endpoint-service-configurations`` example describes your endpoint service configurations. :: - - aws ec2 describe-vpc-endpoint-service-configurations - -Output:: - - { - "ServiceConfigurations": [ - { - "ServiceType": [ - { - "ServiceType": "GatewayLoadBalancer" - } - ], - "ServiceId": "vpce-svc-012d33a1c4321cabc", - "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-012d33a1c4321cabc", - "ServiceState": "Available", - "AvailabilityZones": [ - "us-east-1d" - ], - "AcceptanceRequired": false, - "ManagesVpcEndpoints": false, - "GatewayLoadBalancerArns": [ - "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/gwy/GWLBService/123210844e429123" - ], - "Tags": [] - }, - { - "ServiceType": [ - { - "ServiceType": "Interface" - } - ], - "ServiceId": "vpce-svc-123cabc125efa123", - "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123cabc125efa123", - "ServiceState": "Available", - "AvailabilityZones": [ - "us-east-1a" - ], - "AcceptanceRequired": true, - "ManagesVpcEndpoints": false, - "NetworkLoadBalancerArns": [ - "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/NLBforService/1238753950b25123" - ], - "BaseEndpointDnsNames": [ - "vpce-svc-123cabc125efa123.us-east-1.vpce.amazonaws.com" - ], - "PrivateDnsName": "example.com", - "PrivateDnsNameConfiguration": { - "State": "failed", - "Type": "TXT", - "Value": "vpce:qUAth3FdeABCApUiXabc", - "Name": "_1d367jvbg34znqvyefrj" - }, - "Tags": [] - } - ] - } - -For more information, see `VPC endpoint services `__ in the *Amazon VPC User Guide*. +**To describe endpoint service configurations** + +The following ``describe-vpc-endpoint-service-configurations`` example describes your endpoint service configurations. :: + + aws ec2 describe-vpc-endpoint-service-configurations + +Output:: + + { + "ServiceConfigurations": [ + { + "ServiceType": [ + { + "ServiceType": "GatewayLoadBalancer" + } + ], + "ServiceId": "vpce-svc-012d33a1c4321cabc", + "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-012d33a1c4321cabc", + "ServiceState": "Available", + "AvailabilityZones": [ + "us-east-1d" + ], + "AcceptanceRequired": false, + "ManagesVpcEndpoints": false, + "GatewayLoadBalancerArns": [ + "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/gwy/GWLBService/123210844e429123" + ], + "Tags": [] + }, + { + "ServiceType": [ + { + "ServiceType": "Interface" + } + ], + "ServiceId": "vpce-svc-123cabc125efa123", + "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123cabc125efa123", + "ServiceState": "Available", + "AvailabilityZones": [ + "us-east-1a" + ], + "AcceptanceRequired": true, + "ManagesVpcEndpoints": false, + "NetworkLoadBalancerArns": [ + "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/NLBforService/1238753950b25123" + ], + "BaseEndpointDnsNames": [ + "vpce-svc-123cabc125efa123.us-east-1.vpce.amazonaws.com" + ], + "PrivateDnsName": "example.com", + "PrivateDnsNameConfiguration": { + "State": "failed", + "Type": "TXT", + "Value": "vpce:qUAth3FdeABCApUiXabc", + "Name": "_1d367jvbg34znqvyefrj" + }, + "Tags": [] + } + ] + } + +For more information, see `Concepts `__ in the *AWS PrivateLink User Guide*. diff --git a/awscli/examples/ec2/describe-vpc-endpoint-services.rst b/awscli/examples/ec2/describe-vpc-endpoint-services.rst index e378fac0fa43..bf57f83b6a87 100644 --- a/awscli/examples/ec2/describe-vpc-endpoint-services.rst +++ b/awscli/examples/ec2/describe-vpc-endpoint-services.rst @@ -1,134 +1,132 @@ -**Example 1: To describe all VPC endpoint services** - -The following "describe-vpc-endpoint-services" example lists all VPC endpoint services for an AWS Region. :: - - aws ec2 describe-vpc-endpoint-services - -Output:: - - { - "ServiceDetails": [ - { - "ServiceType": [ - { - "ServiceType": "Gateway" - } - ], - "AcceptanceRequired": false, - "ServiceName": "com.amazonaws.us-east-1.dynamodb", - "VpcEndpointPolicySupported": true, - "Owner": "amazon", - "AvailabilityZones": [ - "us-east-1a", - "us-east-1b", - "us-east-1c", - "us-east-1d", - "us-east-1e", - "us-east-1f" - ], - "BaseEndpointDnsNames": [ - "dynamodb.us-east-1.amazonaws.com" - ] - }, - { - "ServiceType": [ - { - "ServiceType": "Interface" - } - ], - "PrivateDnsName": "ec2.us-east-1.amazonaws.com", - "ServiceName": "com.amazonaws.us-east-1.ec2", - "VpcEndpointPolicySupported": false, - "Owner": "amazon", - "AvailabilityZones": [ - "us-east-1a", - "us-east-1b", - "us-east-1c", - "us-east-1d", - "us-east-1e", - "us-east-1f" - ], - "AcceptanceRequired": false, - "BaseEndpointDnsNames": [ - "ec2.us-east-1.vpce.amazonaws.com" - ] - }, - { - "ServiceType": [ - { - "ServiceType": "Interface" - } - ], - "PrivateDnsName": "ssm.us-east-1.amazonaws.com", - "ServiceName": "com.amazonaws.us-east-1.ssm", - "VpcEndpointPolicySupported": true, - "Owner": "amazon", - "AvailabilityZones": [ - "us-east-1a", - "us-east-1b", - "us-east-1c", - "us-east-1d", - "us-east-1e" - ], - "AcceptanceRequired": false, - "BaseEndpointDnsNames": [ - "ssm.us-east-1.vpce.amazonaws.com" - ] - } - ], - "ServiceNames": [ - "com.amazonaws.us-east-1.dynamodb", - "com.amazonaws.us-east-1.ec2", - "com.amazonaws.us-east-1.ec2messages", - "com.amazonaws.us-east-1.elasticloadbalancing", - "com.amazonaws.us-east-1.kinesis-streams", - "com.amazonaws.us-east-1.s3", - "com.amazonaws.us-east-1.ssm" - ] - } - -For more information, see `View available AWS service names `__ in the *User Guide for AWSPrivateLink*. - -**Example 2: To describe the details about an endpoint service** - -The following "describe-vpc-endpoint-services" example lists the details of the Amazon S3 interface endpoint srvice :: - - aws ec2 describe-vpc-endpoint-services \ - --filter "Name=service-type,Values=Interface" Name=service-name,Values=com.amazonaws.us-east-1.s3 - -Output:: - - { - "ServiceDetails": [ - { - "ServiceName": "com.amazonaws.us-east-1.s3", - "ServiceId": "vpce-svc-081d84efcdEXAMPLE", - "ServiceType": [ - { - "ServiceType": "Interface" - } - ], - "AvailabilityZones": [ - "us-east-1a", - "us-east-1b", - "us-east-1c", - "us-east-1d", - "us-east-1e", - "us-east-1f" - ], - "Owner": "amazon", - "BaseEndpointDnsNames": [ - "s3.us-east-1.vpce.amazonaws.com" - ], - "VpcEndpointPolicySupported": true, - "AcceptanceRequired": false, - "ManagesVpcEndpoints": false, - "Tags": [] - } - ], - "ServiceNames": [ - "com.amazonaws.us-east-1.s3" - ] - } - -For more information, see `View available AWS service names `__ in the *User Guide for AWSPrivateLink*. \ No newline at end of file +**Example 1: To describe all VPC endpoint services** + +The following ``describe-vpc-endpoint-services`` example lists all VPC endpoint services for an AWS Region. :: + + aws ec2 describe-vpc-endpoint-services + +Output:: + + { + "ServiceDetails": [ + { + "ServiceType": [ + { + "ServiceType": "Gateway" + } + ], + "AcceptanceRequired": false, + "ServiceName": "com.amazonaws.us-east-1.dynamodb", + "VpcEndpointPolicySupported": true, + "Owner": "amazon", + "AvailabilityZones": [ + "us-east-1a", + "us-east-1b", + "us-east-1c", + "us-east-1d", + "us-east-1e", + "us-east-1f" + ], + "BaseEndpointDnsNames": [ + "dynamodb.us-east-1.amazonaws.com" + ] + }, + { + "ServiceType": [ + { + "ServiceType": "Interface" + } + ], + "PrivateDnsName": "ec2.us-east-1.amazonaws.com", + "ServiceName": "com.amazonaws.us-east-1.ec2", + "VpcEndpointPolicySupported": false, + "Owner": "amazon", + "AvailabilityZones": [ + "us-east-1a", + "us-east-1b", + "us-east-1c", + "us-east-1d", + "us-east-1e", + "us-east-1f" + ], + "AcceptanceRequired": false, + "BaseEndpointDnsNames": [ + "ec2.us-east-1.vpce.amazonaws.com" + ] + }, + { + "ServiceType": [ + { + "ServiceType": "Interface" + } + ], + "PrivateDnsName": "ssm.us-east-1.amazonaws.com", + "ServiceName": "com.amazonaws.us-east-1.ssm", + "VpcEndpointPolicySupported": true, + "Owner": "amazon", + "AvailabilityZones": [ + "us-east-1a", + "us-east-1b", + "us-east-1c", + "us-east-1d", + "us-east-1e" + ], + "AcceptanceRequired": false, + "BaseEndpointDnsNames": [ + "ssm.us-east-1.vpce.amazonaws.com" + ] + } + ], + "ServiceNames": [ + "com.amazonaws.us-east-1.dynamodb", + "com.amazonaws.us-east-1.ec2", + "com.amazonaws.us-east-1.ec2messages", + "com.amazonaws.us-east-1.elasticloadbalancing", + "com.amazonaws.us-east-1.kinesis-streams", + "com.amazonaws.us-east-1.s3", + "com.amazonaws.us-east-1.ssm" + ] + } + +**Example 2: To describe the details about an endpoint service** + +The following ``describe-vpc-endpoint-services`` example lists the details of the Amazon S3 interface endpoint service. :: + + aws ec2 describe-vpc-endpoint-services \ + --filter 'Name=service-type,Values=Interface' Name=service-name,Values=com.amazonaws.us-east-1.s3 + +Output:: + + { + "ServiceDetails": [ + { + "ServiceName": "com.amazonaws.us-east-1.s3", + "ServiceId": "vpce-svc-081d84efcdEXAMPLE", + "ServiceType": [ + { + "ServiceType": "Interface" + } + ], + "AvailabilityZones": [ + "us-east-1a", + "us-east-1b", + "us-east-1c", + "us-east-1d", + "us-east-1e", + "us-east-1f" + ], + "Owner": "amazon", + "BaseEndpointDnsNames": [ + "s3.us-east-1.vpce.amazonaws.com" + ], + "VpcEndpointPolicySupported": true, + "AcceptanceRequired": false, + "ManagesVpcEndpoints": false, + "Tags": [] + } + ], + "ServiceNames": [ + "com.amazonaws.us-east-1.s3" + ] + } + +For more information, see `View available AWS service names `__ in the *AWS PrivateLink User Guide*. diff --git a/awscli/examples/ec2/describe-vpc-endpoints.rst b/awscli/examples/ec2/describe-vpc-endpoints.rst index c28b740a45fa..ad7902e63cfa 100644 --- a/awscli/examples/ec2/describe-vpc-endpoints.rst +++ b/awscli/examples/ec2/describe-vpc-endpoints.rst @@ -1,89 +1,89 @@ -**To describe your VPC endpoints** - -The following ``describe-vpc-endpoints`` example displays details for all of your VPC endpoints. :: - - aws ec2 describe-vpc-endpoints - -Output:: - - { - "VpcEndpoints": [ - { - "PolicyDocument": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"*\",\"Resource\":\"*\"}]}", - "VpcId": "vpc-aabb1122", - "NetworkInterfaceIds": [], - "SubnetIds": [], - "PrivateDnsEnabled": true, - "State": "available", - "ServiceName": "com.amazonaws.us-east-1.dynamodb", - "RouteTableIds": [ - "rtb-3d560345" - ], - "Groups": [], - "VpcEndpointId": "vpce-032a826a", - "VpcEndpointType": "Gateway", - "CreationTimestamp": "2017-09-05T20:41:28Z", - "DnsEntries": [], - "OwnerId": "123456789012" - }, - { - "PolicyDocument": "{\n \"Statement\": [\n {\n \"Action\": \"*\", \n \"Effect\": \"Allow\", \n \"Principal\": \"*\", \n \"Resource\": \"*\"\n }\n ]\n}", - "VpcId": "vpc-1a2b3c4d", - "NetworkInterfaceIds": [ - "eni-2ec2b084", - "eni-1b4a65cf" - ], - "SubnetIds": [ - "subnet-d6fcaa8d", - "subnet-7b16de0c" - ], - "PrivateDnsEnabled": false, - "State": "available", - "ServiceName": "com.amazonaws.us-east-1.elasticloadbalancing", - "RouteTableIds": [], - "Groups": [ - { - "GroupName": "default", - "GroupId": "sg-54e8bf31" - } - ], - "VpcEndpointId": "vpce-0f89a33420c1931d7", - "VpcEndpointType": "Interface", - "CreationTimestamp": "2017-09-05T17:55:27.583Z", - "DnsEntries": [ - { - "HostedZoneId": "Z7HUB22UULQXV", - "DnsName": "vpce-0f89a33420c1931d7-bluzidnv.elasticloadbalancing.us-east-1.vpce.amazonaws.com" - }, - { - "HostedZoneId": "Z7HUB22UULQXV", - "DnsName": "vpce-0f89a33420c1931d7-bluzidnv-us-east-1b.elasticloadbalancing.us-east-1.vpce.amazonaws.com" - }, - { - "HostedZoneId": "Z7HUB22UULQXV", - "DnsName": "vpce-0f89a33420c1931d7-bluzidnv-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com" - } - ], - "OwnerId": "123456789012" - }, - { - "VpcEndpointId": "vpce-aabbaabbaabbaabba", - "VpcEndpointType": "GatewayLoadBalancer", - "VpcId": "vpc-111122223333aabbc", - "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123", - "State": "available", - "SubnetIds": [ - "subnet-0011aabbcc2233445" - ], - "RequesterManaged": false, - "NetworkInterfaceIds": [ - "eni-01010120203030405" - ], - "CreationTimestamp": "2020-11-11T08:06:03.522Z", - "Tags": [], - "OwnerId": "123456789012" - } - ] - } - -For more information, see `VPC endpoints `__ in the *Amazon VPC User Guide*. +**To describe your VPC endpoints** + +The following ``describe-vpc-endpoints`` example displays details for all of your VPC endpoints. :: + + aws ec2 describe-vpc-endpoints + +Output:: + + { + "VpcEndpoints": [ + { + "PolicyDocument": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"*\",\"Resource\":\"*\"}]}", + "VpcId": "vpc-aabb1122", + "NetworkInterfaceIds": [], + "SubnetIds": [], + "PrivateDnsEnabled": true, + "State": "available", + "ServiceName": "com.amazonaws.us-east-1.dynamodb", + "RouteTableIds": [ + "rtb-3d560345" + ], + "Groups": [], + "VpcEndpointId": "vpce-032a826a", + "VpcEndpointType": "Gateway", + "CreationTimestamp": "2017-09-05T20:41:28Z", + "DnsEntries": [], + "OwnerId": "123456789012" + }, + { + "PolicyDocument": "{\n \"Statement\": [\n {\n \"Action\": \"*\", \n \"Effect\": \"Allow\", \n \"Principal\": \"*\", \n \"Resource\": \"*\"\n }\n ]\n}", + "VpcId": "vpc-1a2b3c4d", + "NetworkInterfaceIds": [ + "eni-2ec2b084", + "eni-1b4a65cf" + ], + "SubnetIds": [ + "subnet-d6fcaa8d", + "subnet-7b16de0c" + ], + "PrivateDnsEnabled": false, + "State": "available", + "ServiceName": "com.amazonaws.us-east-1.elasticloadbalancing", + "RouteTableIds": [], + "Groups": [ + { + "GroupName": "default", + "GroupId": "sg-54e8bf31" + } + ], + "VpcEndpointId": "vpce-0f89a33420c1931d7", + "VpcEndpointType": "Interface", + "CreationTimestamp": "2017-09-05T17:55:27.583Z", + "DnsEntries": [ + { + "HostedZoneId": "Z7HUB22UULQXV", + "DnsName": "vpce-0f89a33420c1931d7-bluzidnv.elasticloadbalancing.us-east-1.vpce.amazonaws.com" + }, + { + "HostedZoneId": "Z7HUB22UULQXV", + "DnsName": "vpce-0f89a33420c1931d7-bluzidnv-us-east-1b.elasticloadbalancing.us-east-1.vpce.amazonaws.com" + }, + { + "HostedZoneId": "Z7HUB22UULQXV", + "DnsName": "vpce-0f89a33420c1931d7-bluzidnv-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com" + } + ], + "OwnerId": "123456789012" + }, + { + "VpcEndpointId": "vpce-aabbaabbaabbaabba", + "VpcEndpointType": "GatewayLoadBalancer", + "VpcId": "vpc-111122223333aabbc", + "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123", + "State": "available", + "SubnetIds": [ + "subnet-0011aabbcc2233445" + ], + "RequesterManaged": false, + "NetworkInterfaceIds": [ + "eni-01010120203030405" + ], + "CreationTimestamp": "2020-11-11T08:06:03.522Z", + "Tags": [], + "OwnerId": "123456789012" + } + ] + } + +For more information, see `Concepts `__ in the *AWS PrivateLink User Guide*. diff --git a/awscli/examples/ec2/disable-address-transfer.rst b/awscli/examples/ec2/disable-address-transfer.rst index dafbeb514a69..0653c3a383d3 100644 --- a/awscli/examples/ec2/disable-address-transfer.rst +++ b/awscli/examples/ec2/disable-address-transfer.rst @@ -15,4 +15,4 @@ Output:: } } -For more information, see `Transfer Elastic IP addresses `__ in the *Amazon VPC User Guide*. +For more information, see `Transfer Elastic IP addresses `__ in the *Amazon VPC User Guide*. diff --git a/awscli/examples/ec2/disable-aws-network-performance-metric-subscription.rst b/awscli/examples/ec2/disable-aws-network-performance-metric-subscription.rst index acc29262a982..b70677e4a5c2 100644 --- a/awscli/examples/ec2/disable-aws-network-performance-metric-subscription.rst +++ b/awscli/examples/ec2/disable-aws-network-performance-metric-subscription.rst @@ -14,4 +14,4 @@ Output:: "Output": true } -For more information, see `Manage subscriptions `__ in the *Infrastructure Performance User Guide*. \ No newline at end of file +For more information, see `Manage CloudWatch subscriptions using the CLI `__ in the *Infrastructure Performance User Guide*. diff --git a/awscli/examples/ec2/disable-fast-launch.rst b/awscli/examples/ec2/disable-fast-launch.rst index 00f576b138ce..28b9b204687f 100644 --- a/awscli/examples/ec2/disable-fast-launch.rst +++ b/awscli/examples/ec2/disable-fast-launch.rst @@ -1,6 +1,6 @@ **To discontinue fast launching for an image** -The following ``disable-fast-launch`` example discontinues fast launching on the specified AMI, and cleans up existing pre-provisioned snapshots. :: +The following ``disable-fast-launch`` example discontinues Fast Launch for the specified AMI, and cleans up existing pre-provisioned snapshots. :: aws ec2 disable-fast-launch \ --image-id ami-01234567890abcedf @@ -23,4 +23,4 @@ Output:: "StateTransitionTime": "2022-01-27T22:47:29.265000+00:00" } -For more information about configuring a Windows AMI for faster launching, see `Configure your AMI for faster launching `__ in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information, see `Configure EC2 Fast Launch settings for your Windows AMI `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/disable-image-block-public-access.rst b/awscli/examples/ec2/disable-image-block-public-access.rst index 9b6f1e3f44ae..83e765900eff 100644 --- a/awscli/examples/ec2/disable-image-block-public-access.rst +++ b/awscli/examples/ec2/disable-image-block-public-access.rst @@ -11,4 +11,4 @@ Output:: "ImageBlockPublicAccessState": "unblocked" } -For more information, see `Block public access to your AMIs `__ in the *Amazon EC2 User Guide*. +For more information, see `Block public access to your AMIs `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/disable-image-deprecation.rst b/awscli/examples/ec2/disable-image-deprecation.rst index b1e916e42370..ad137bb3d558 100644 --- a/awscli/examples/ec2/disable-image-deprecation.rst +++ b/awscli/examples/ec2/disable-image-deprecation.rst @@ -12,4 +12,4 @@ Output:: "Return": "true" } -For more information, see `Deprecate an AMI ` in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information, see `Deprecate an AMI `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/disable-image.rst b/awscli/examples/ec2/disable-image.rst new file mode 100644 index 000000000000..d1da9534afd2 --- /dev/null +++ b/awscli/examples/ec2/disable-image.rst @@ -0,0 +1,14 @@ +**To disable an AMI** + +The following ``disable-image`` example disables the specified AMI. :: + + aws ec2 disable-image \ + --image-id ami-1234567890abcdef0 + +Output:: + + { + "Return": "true" + } + +For more information, see `Disable an AMI `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/disable-ipam-organization-admin-account.rst b/awscli/examples/ec2/disable-ipam-organization-admin-account.rst new file mode 100644 index 000000000000..d4482a979f31 --- /dev/null +++ b/awscli/examples/ec2/disable-ipam-organization-admin-account.rst @@ -0,0 +1,21 @@ +**To disable the delegated IPAM admin** + +In certain scenarios, you'll integrate IPAM with AWS Organizations. When you do that, the AWS Organizations management account delegates an AWS Organizations member account as the IPAM admin. + +In this example, you are the AWS Organizations management account that delegated the IPAM admin account and you want to disable that account from being the IPAM admin. + +You can use any AWS Region for ``--region`` when making this request. You don't have to use the Region where you originally delegated the admin, where the IPAM was created, or an IPAM operating Region. If you disable the delegated admin account, you can re-enable it at any time or delegate a new account as IPAM admin. + +The following ``disable-ipam-organization-admin-account`` example disables the delegated IPAM admin in your AWS account. :: + + aws ec2 disable-ipam-organization-admin-account \ + --delegated-admin-account-id 320805250157 \ + --region ap-south-1 + +Output:: + + { + "Success": true + } + +For more information, see `Integrate IPAM with accounts in an AWS Organization `__ in the *Amazon VPC IPAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/disable-snapshot-block-public-access.rst b/awscli/examples/ec2/disable-snapshot-block-public-access.rst new file mode 100644 index 000000000000..4821347f0ff2 --- /dev/null +++ b/awscli/examples/ec2/disable-snapshot-block-public-access.rst @@ -0,0 +1,13 @@ +**To disable block public access for snapshots** + +The following ``disable-snapshot-block-public-access`` example disables block public access for snapshots to allow public sharing of your snapshots. :: + + aws ec2 disable-snapshot-block-public-access + +Output:: + + { + "State": "unblocked" + } + +For more information, see `Block public access for snapshots `__ in the *Amazon EBS User Guide*. diff --git a/awscli/examples/ec2/disassociate-ipam-resource-discovery.rst b/awscli/examples/ec2/disassociate-ipam-resource-discovery.rst new file mode 100644 index 000000000000..6cacfc0ef477 --- /dev/null +++ b/awscli/examples/ec2/disassociate-ipam-resource-discovery.rst @@ -0,0 +1,28 @@ +**To disassociate a resource discovery from an IPAM** + +In this example, you are an IPAM delegated admin account and you want to disassociate an IPAM resource discovery from your IPAM. You ran the describe command and noticed that the ``"ResourceDiscoveryStatus": "not-found"`` and you want to disassociate it from your IPAM to make room for other associations. + +The following ``disassociate-ipam-resource-discovery`` example disassociates an IPAM resource discovery in your AWS account. :: + + aws ec2 disassociate-ipam-resource-discovery \ + --ipam-resource-discovery-association-id ipam-res-disco-assoc-04382a6346357cf82 \ + --region us-east-1 + +Output:: + + { + "IpamResourceDiscoveryAssociation": { + "OwnerId": "320805250157", + "IpamResourceDiscoveryAssociationId": "ipam-res-disco-assoc-04382a6346357cf82", + "IpamResourceDiscoveryAssociationArn": "arn:aws:ec2::320805250157:ipam-resource-discovery-association/ipam-res-disco-assoc-04382a6346357cf82", + "IpamResourceDiscoveryId": "ipam-res-disco-0365d2977fc1672fe", + "IpamId": "ipam-005f921c17ebd5107", + "IpamArn": "arn:aws:ec2::320805250157:ipam/ipam-005f921c17ebd5107", + "IpamRegion": "us-east-1", + "IsDefault": false, + "ResourceDiscoveryStatus": "not-found", + "State": "disassociate-in-progress" + } + } + +For more information, see `Integrate IPAM with accounts outside of your organization `__ in the *Amazon VPC IPAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/disassociate-transit-gateway-multicast-domain.rst b/awscli/examples/ec2/disassociate-transit-gateway-multicast-domain.rst index f8283f72e225..21620d965145 100755 --- a/awscli/examples/ec2/disassociate-transit-gateway-multicast-domain.rst +++ b/awscli/examples/ec2/disassociate-transit-gateway-multicast-domain.rst @@ -24,4 +24,4 @@ Output:: } } -For more information, see `Working with multicast `__ in the *Transit Gateways Guide*'. \ No newline at end of file +For more information, see `Multicast domains `__ in the *Transit Gateways Guide*'. diff --git a/awscli/examples/ec2/enable-address-transfer.rst b/awscli/examples/ec2/enable-address-transfer.rst index 43abe389e37b..e35d3d5c8aa6 100644 --- a/awscli/examples/ec2/enable-address-transfer.rst +++ b/awscli/examples/ec2/enable-address-transfer.rst @@ -18,4 +18,4 @@ Output:: } } -For more information, see `Transfer Elastic IP addresses `__ in the *Amazon VPC User Guide*. +For more information, see `Transfer Elastic IP addresses `__ in the *Amazon VPC User Guide*. diff --git a/awscli/examples/ec2/enable-fast-launch.rst b/awscli/examples/ec2/enable-fast-launch.rst index 0f903f39ed3c..5b3ba2af9b20 100644 --- a/awscli/examples/ec2/enable-fast-launch.rst +++ b/awscli/examples/ec2/enable-fast-launch.rst @@ -1,6 +1,6 @@ **To start fast launching for an image** -The following ``enable-fast-launch`` example starts fast launching on the specified AMI and sets the maximum number of parallel instances to launch to 6. The type of resource to use to pre-provision the AMI is set to ``snapshot``, which is also the default value. :: +The following ``enable-fast-launch`` example configures the specified AMI for Fast Launch and sets the maximum number of parallel instances to launch to 6. The type of resource to use to pre-provision the AMI is set to ``snapshot``, which is also the default value. :: aws ec2 enable-fast-launch \ --image-id ami-01234567890abcedf \ @@ -23,4 +23,4 @@ Output:: "StateTransitionTime": "2022-01-27T22:16:03.199000+00:00" } -For more information about configuring a Windows AMI for faster launching, see `Configure your AMI for faster launching `__ in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information, see `Configure EC2 Fast Launch settings for your Windows AMI `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/enable-image-deprecation.rst b/awscli/examples/ec2/enable-image-deprecation.rst index 6d1066b52bc2..4f1580634490 100644 --- a/awscli/examples/ec2/enable-image-deprecation.rst +++ b/awscli/examples/ec2/enable-image-deprecation.rst @@ -1,10 +1,10 @@ -**Example 1: To deprecate an AMI** +**To deprecate an AMI** The following ``enable-image-deprecation`` example deprecates an AMI on a specific date and time. If you specify a value for seconds, Amazon EC2 rounds the seconds to the nearest minute. You must be the AMI owner to perform this procedure. :: aws ec2 enable-image-deprecation \ --image-id ami-1234567890abcdef0 \ - --deprecate-at "2022-10-15T13:17:12.000Z" + --deprecate-at '2022-10-15T13:17:12.000Z' Output:: @@ -13,4 +13,4 @@ Output:: "Return": "true" } -For more information, see `Deprecate an AMI ` in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information, see `Deprecate an AMI `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/enable-image.rst b/awscli/examples/ec2/enable-image.rst new file mode 100644 index 000000000000..7efce426d43b --- /dev/null +++ b/awscli/examples/ec2/enable-image.rst @@ -0,0 +1,14 @@ +**To enable an AMI** + +The following ``enable-image`` example enables the specified AMI. :: + + aws ec2 enable-image \ + --image-id ami-1234567890abcdef0 + +Output:: + + { + "Return": "true" + } + +For more information, see `Disable an AMI `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/enable-snapshot-block-public-access.rst b/awscli/examples/ec2/enable-snapshot-block-public-access.rst new file mode 100644 index 000000000000..fcfefe9f1eb7 --- /dev/null +++ b/awscli/examples/ec2/enable-snapshot-block-public-access.rst @@ -0,0 +1,14 @@ +**To enable block public access for snapshots** + +The following ``enable-snapshot-block-public-access`` example blocks all public sharing of your snapshots. :: + + aws ec2 enable-snapshot-block-public-access \ + --state block-all-sharing + +Output:: + + { + "State": "block-all-sharing" + } + +For more information, see `Block public access for snapshots `__ in the *Amazon EBS User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/export-client-vpn-client-configuration.rst b/awscli/examples/ec2/export-client-vpn-client-configuration.rst index 697cd9069726..3aef880d2ebe 100644 --- a/awscli/examples/ec2/export-client-vpn-client-configuration.rst +++ b/awscli/examples/ec2/export-client-vpn-client-configuration.rst @@ -1,43 +1,43 @@ -**To export the client configuration** - -The following ``export-client-vpn-client-configuration`` example exports the client configuration for the specified Client VPN endpoint. In this example, the output is returned in text format to make it easier to read. :: - - aws ec2 export-client-vpn-client-configuration \ - --client-vpn-endpoint-id cvpn-endpoint-123456789123abcde \ - --output text - -Output:: - - client - dev tun - proto udp - remote cvpn-endpoint-123456789123abcde.prod.clientvpn.ap-south-1.amazonaws.com 443 - remote-random-hostname - resolv-retry infinite - nobind - persist-key - persist-tun - remote-cert-tls server - cipher AES-256-GCM - verb 3 - - -----BEGIN CERTIFICATE----- - MIICiTCCAfICCQD6m7oRw0uXOjANBgkqhkiG9w0BAQUFADCBiDELMAkGA1UEBhMC - VVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMQ8wDQYDVQQKEwZBbWF6 - b24xFDASBgNVBAsTC0lBTSBDb25zb2xlMRIwEAYDVQQDEwlUZXN0Q2lsYWMxHzAd - BgkqhkiG9w0BCQEWEG5vb25lQGFtYXpvbi5jb20wHhcNMTEwNDI1MjA0NTIxWhcN - MTIwNDI0MjA0NTIxWjCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAwDgYD - VQQHEwdTZWF0dGxlMQ8wDQYDVQQKEwZBbWF6b24xFDASBgNVBAsTC0lBTSBDb25z - b2xlMRIwEAYDVQQDEwlUZXN0Q2lsYWMxHzAdBgkqhkiG9w0BCQEWEG5vb25lQGFt - YXpvbi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMaK0dn+a4GmWIWJ - 21uUSfwfEvySWtC2XADZ4nB+BLYgVIk60CpiwsZ3G93vUEIO3IyNoH/f0wYK8m9T - rDHudUZg3qX4waLG5M43q7Wgc/MbQITxOUSQv7c7ugFFDzQGBzZswY6786m86gpE - Ibb3OhjZnzcvQAaRHhdlQWIMm2nrAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAtCu4 - nUhVVxYUntneD9+h8Mg9q6q+auNKyExzyLwaxlAoo7TJHidbtS4J5iNmZgXL0Fkb - FFBjvSfpJIlJ00zbhNYS5f6GuoEDmFJl0ZxBHjJnyp378OD8uTs7fLvjx79LjSTb - NYiytVbZPQUQ5Yaxu2jXnimvw3rrszlaEXAMPLE= - -----END CERTIFICATE----- - - reneg-sec 0 - -For more information, see `Client VPN Endpoints `__ in the *AWS Client VPN Administrator Guide*. +**To export the client configuration** + +The following ``export-client-vpn-client-configuration`` example exports the client configuration for the specified Client VPN endpoint. In this example, the output is returned in text format to make it easier to read. :: + + aws ec2 export-client-vpn-client-configuration \ + --client-vpn-endpoint-id cvpn-endpoint-123456789123abcde \ + --output text + +Output:: + + client + dev tun + proto udp + remote cvpn-endpoint-123456789123abcde.prod.clientvpn.ap-south-1.amazonaws.com 443 + remote-random-hostname + resolv-retry infinite + nobind + persist-key + persist-tun + remote-cert-tls server + cipher AES-256-GCM + verb 3 + + -----BEGIN CERTIFICATE----- + MIICiTCCAfICCQD6m7oRw0uXOjANBgkqhkiG9w0BAQUFADCBiDELMAkGA1UEBhMC + VVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMQ8wDQYDVQQKEwZBbWF6 + b24xFDASBgNVBAsTC0lBTSBDb25zb2xlMRIwEAYDVQQDEwlUZXN0Q2lsYWMxHzAd + BgkqhkiG9w0BCQEWEG5vb25lQGFtYXpvbi5jb20wHhcNMTEwNDI1MjA0NTIxWhcN + MTIwNDI0MjA0NTIxWjCBiDELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAwDgYD + VQQHEwdTZWF0dGxlMQ8wDQYDVQQKEwZBbWF6b24xFDASBgNVBAsTC0lBTSBDb25z + b2xlMRIwEAYDVQQDEwlUZXN0Q2lsYWMxHzAdBgkqhkiG9w0BCQEWEG5vb25lQGFt + YXpvbi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMaK0dn+a4GmWIWJ + 21uUSfwfEvySWtC2XADZ4nB+BLYgVIk60CpiwsZ3G93vUEIO3IyNoH/f0wYK8m9T + rDHudUZg3qX4waLG5M43q7Wgc/MbQITxOUSQv7c7ugFFDzQGBzZswY6786m86gpE + Ibb3OhjZnzcvQAaRHhdlQWIMm2nrAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAtCu4 + nUhVVxYUntneD9+h8Mg9q6q+auNKyExzyLwaxlAoo7TJHidbtS4J5iNmZgXL0Fkb + FFBjvSfpJIlJ00zbhNYS5f6GuoEDmFJl0ZxBHjJnyp378OD8uTs7fLvjx79LjSTb + NYiytVbZPQUQ5Yaxu2jXnimvw3rrszlaEXAMPLE= + -----END CERTIFICATE----- + + reneg-sec 0 + +For more information, see `Client VPN endpoint configuration file export `__ in the *AWS Client VPN Administrator Guide*. diff --git a/awscli/examples/ec2/get-aws-network-performance-data.rst b/awscli/examples/ec2/get-aws-network-performance-data.rst index 8b6408bd701b..4462587d4e80 100644 --- a/awscli/examples/ec2/get-aws-network-performance-data.rst +++ b/awscli/examples/ec2/get-aws-network-performance-data.rst @@ -66,4 +66,4 @@ Output:: ] } -For more information, see `Monitor network performance `__ in the *Infrastructure Performance User Guide*. \ No newline at end of file +For more information, see `Monitor network performance `__ in the *Infrastructure Performance User Guide*. diff --git a/awscli/examples/ec2/get-capacity-reservation-usage.rst b/awscli/examples/ec2/get-capacity-reservation-usage.rst index 15dcffe3c6cc..579a3203ee8e 100644 --- a/awscli/examples/ec2/get-capacity-reservation-usage.rst +++ b/awscli/examples/ec2/get-capacity-reservation-usage.rst @@ -1,24 +1,24 @@ -**To view capacity reservation usage across AWS accounts** - -The following ``get-capacity-reservation-usage`` example displays usage information for the specified capacity reservation. :: - - aws ec2 get-capacity-reservation-usage \ - --capacity-reservation-id cr-1234abcd56EXAMPLE - -Output:: - - { - "CapacityReservationId": "cr-1234abcd56EXAMPLE ", - "InstanceUsages": [ - { - "UsedInstanceCount": 1, - "AccountId": "123456789012" - } - ], - "AvailableInstanceCount": 4, - "TotalInstanceCount": 5, - "State": "active", - "InstanceType": "t2.medium" - } - -For more information, see `Viewing Shared Capacity Reservation Usage `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. +**To view capacity reservation usage across AWS accounts** + +The following ``get-capacity-reservation-usage`` example displays usage information for the specified capacity reservation. :: + + aws ec2 get-capacity-reservation-usage \ + --capacity-reservation-id cr-1234abcd56EXAMPLE + +Output:: + + { + "CapacityReservationId": "cr-1234abcd56EXAMPLE ", + "InstanceUsages": [ + { + "UsedInstanceCount": 1, + "AccountId": "123456789012" + } + ], + "AvailableInstanceCount": 4, + "TotalInstanceCount": 5, + "State": "active", + "InstanceType": "t2.medium" + } + +For more information, see `Shared Capacity Reservations `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/get-coip-pool-usage.rst b/awscli/examples/ec2/get-coip-pool-usage.rst index 51d2c6978cda..7daf8cea7c67 100644 --- a/awscli/examples/ec2/get-coip-pool-usage.rst +++ b/awscli/examples/ec2/get-coip-pool-usage.rst @@ -27,4 +27,4 @@ Output:: "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE" } -For more information, see `Customer-owned IP addresses `__ in the *AWS Outposts User Guide*. +For more information, see `Customer-owned IP addresses `__ in the *AWS Outposts User Guide for Outposts racks*. diff --git a/awscli/examples/ec2/get-flow-logs-integration-template.rst b/awscli/examples/ec2/get-flow-logs-integration-template.rst index be0a153254a9..1ee8fa5fb050 100644 --- a/awscli/examples/ec2/get-flow-logs-integration-template.rst +++ b/awscli/examples/ec2/get-flow-logs-integration-template.rst @@ -6,20 +6,20 @@ Linux:: aws ec2 get-flow-logs-integration-template \ --flow-log-id fl-1234567890abcdef0 \ - --config-delivery-s3-destination-arn arn:aws:s3:::DOC-EXAMPLE-BUCKET \ - --integrate-services AthenaIntegrations='[{IntegrationResultS3DestinationArn=arn:aws:s3:::DOC-EXAMPLE-BUCKET,PartitionLoadFrequency=none,PartitionStartDate=2021-07-21T00:40:00,PartitionEndDate=2021-07-21T00:42:00},{IntegrationResultS3DestinationArn=arn:aws:s3:::DOC-EXAMPLE-BUCKET,PartitionLoadFrequency=none,PartitionStartDate=2021-07-21T00:40:00,PartitionEndDate=2021-07-21T00:42:00}]' + --config-delivery-s3-destination-arn arn:aws:s3:::amzn-s3-demo-bucket \ + --integrate-services AthenaIntegrations='[{IntegrationResultS3DestinationArn=arn:aws:s3:::amzn-s3-demo-bucket,PartitionLoadFrequency=none,PartitionStartDate=2021-07-21T00:40:00,PartitionEndDate=2021-07-21T00:42:00},{IntegrationResultS3DestinationArn=arn:aws:s3:::amzn-s3-demo-bucket,PartitionLoadFrequency=none,PartitionStartDate=2021-07-21T00:40:00,PartitionEndDate=2021-07-21T00:42:00}]' Windows:: aws ec2 get-flow-logs-integration-template ^ --flow-log-id fl-1234567890abcdef0 ^ - --config-delivery-s3-destination-arn arn:aws:s3:::DOC-EXAMPLE-BUCKET ^ - --integrate-services AthenaIntegrations=[{IntegrationResultS3DestinationArn=arn:aws:s3:::DOC-EXAMPLE-BUCKET,PartitionLoadFrequency=none,PartitionStartDate=2021-07-21T00:40:00,PartitionEndDate=2021-07-21T00:42:00},{IntegrationResultS3DestinationArn=arn:aws:s3:::DOC-EXAMPLE-BUCKET,PartitionLoadFrequency=none,PartitionStartDate=2021-07-21T00:40:00,PartitionEndDate=2021-07-21T00:42:00}] + --config-delivery-s3-destination-arn arn:aws:s3:::amzn-s3-demo-bucket ^ + --integrate-services AthenaIntegrations=[{IntegrationResultS3DestinationArn=arn:aws:s3:::amzn-s3-demo-bucket,PartitionLoadFrequency=none,PartitionStartDate=2021-07-21T00:40:00,PartitionEndDate=2021-07-21T00:42:00},{IntegrationResultS3DestinationArn=arn:aws:s3:::amzn-s3-demo-bucket,PartitionLoadFrequency=none,PartitionStartDate=2021-07-21T00:40:00,PartitionEndDate=2021-07-21T00:42:00}] Output:: { - "Result": "https://DOC-EXAMPLE-BUCKET.s3.us-east-2.amazonaws.com/VPCFlowLogsIntegrationTemplate_fl-1234567890abcdef0_Wed%20Jul%2021%2000%3A57%3A56%20UTC%202021.yml" + "Result": "https://amzn-s3-demo-bucket.s3.us-east-2.amazonaws.com/VPCFlowLogsIntegrationTemplate_fl-1234567890abcdef0_Wed%20Jul%2021%2000%3A57%3A56%20UTC%202021.yml" } For information on using CloudFormation templates, see `Working with AWS CloudFormation templates `__ in the *AWS CloudFormation User Guide*. diff --git a/awscli/examples/ec2/get-groups-for-capacity-reservation.rst b/awscli/examples/ec2/get-groups-for-capacity-reservation.rst index e8a4d1d38f36..cdb4cb509e08 100644 --- a/awscli/examples/ec2/get-groups-for-capacity-reservation.rst +++ b/awscli/examples/ec2/get-groups-for-capacity-reservation.rst @@ -16,4 +16,4 @@ Output:: ] } -For more information, see `Working with Capacity Reservations `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. \ No newline at end of file +For more information, see `Capacity Reservation groups `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/get-ipam-discovered-accounts.rst b/awscli/examples/ec2/get-ipam-discovered-accounts.rst new file mode 100644 index 000000000000..c2cf1d68644e --- /dev/null +++ b/awscli/examples/ec2/get-ipam-discovered-accounts.rst @@ -0,0 +1,26 @@ +**To view the accounts discovered by an IPAM** + +In this scenario, you're a IPAM delegated admin who wants to view the AWS accounts that own resources that the IPAM is discovering. + +The ``--discovery-region`` is the IPAM operating Region you want to view the monitored account statuses in. For example, if you have three IPAM operating Regions, you may want to make this request three times to view the timestamps specific to discovery in each of those particular Regions. + +The following ``get-ipam-discovered-accounts`` example lists the AWS accounts that own resources that the IPAM is discovering. :: + + aws ec2 get-ipam-discovered-accounts \ + --ipam-resource-discovery-id ipam-res-disco-0365d2977fc1672fe \ + --discovery-region us-east-1 + +Output:: + + { + "IpamDiscoveredAccounts": [ + { + "AccountId": "149977607591", + "DiscoveryRegion": "us-east-1", + "LastAttemptedDiscoveryTime": "2024-02-09T19:04:31.379000+00:00", + "LastSuccessfulDiscoveryTime": "2024-02-09T19:04:31.379000+00:00" + } + ] + } + +For more information, see `Integrate IPAM with accounts outside of your organization `__ in the *Amazon VPC IPAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/get-ipam-discovered-public-addresses.rst b/awscli/examples/ec2/get-ipam-discovered-public-addresses.rst new file mode 100644 index 000000000000..c003560ac69d --- /dev/null +++ b/awscli/examples/ec2/get-ipam-discovered-public-addresses.rst @@ -0,0 +1,62 @@ +**To view discovered public IP addresses** + +In this example, you are an IPAM delegated admin and you want to view the IP addresses of resources discovered by IPAM. You can get the resource discovery ID with `describe-ipam-resource-discoveries `__. + +The following ``get-ipam-discovered-public-addresses`` example shows the discovered public IP addresses for a resource discovery. :: + + aws ec2 get-ipam-discovered-public-addresses \ + --ipam-resource-discovery-id ipam-res-disco-0f4ef577a9f37a162 \ + --address-region us-east-1 \ + --region us-east-1 + +Output:: + + { + "IpamDiscoveredPublicAddresses": [ + { + "IpamResourceDiscoveryId": "ipam-res-disco-0f4ef577a9f37a162", + "AddressRegion": "us-east-1", + "Address": "54.208.155.7", + "AddressOwnerId": "320805250157", + "AssociationStatus": "associated", + "AddressType": "ec2-public-ip", + "VpcId": "vpc-073b294916198ce49", + "SubnetId": "subnet-0b6c8a8839e9a4f15", + "NetworkInterfaceId": "eni-081c446b5284a5e06", + "NetworkInterfaceDescription": "", + "InstanceId": "i-07459a6fca5b35823", + "Tags": {}, + "NetworkBorderGroup": "us-east-1c", + "SecurityGroups": [ + { + "GroupName": "launch-wizard-2", + "GroupId": "sg-0a489dd6a65c244ce" + } + ], + "SampleTime": "2024-04-05T15:13:59.228000+00:00" + }, + { + "IpamResourceDiscoveryId": "ipam-res-disco-0f4ef577a9f37a162", + "AddressRegion": "us-east-1", + "Address": "44.201.251.218", + "AddressOwnerId": "470889052923", + "AssociationStatus": "associated", + "AddressType": "ec2-public-ip", + "VpcId": "vpc-6c31a611", + "SubnetId": "subnet-062f47608b99834b1", + "NetworkInterfaceId": "eni-024845359c2c3ae9b", + "NetworkInterfaceDescription": "", + "InstanceId": "i-04ef786d9c4e03f41", + "Tags": {}, + "NetworkBorderGroup": "us-east-1a", + "SecurityGroups": [ + { + "GroupName": "launch-wizard-32", + "GroupId": "sg-0ed1a426e96a68374" + } + ], + "SampleTime": "2024-04-05T15:13:59.145000+00:00" + } + } + +For more information, see `View public IP insights `__ in the *Amazon VPC IPAM User Guide*. diff --git a/awscli/examples/ec2/get-ipam-discovered-resource-cidrs.rst b/awscli/examples/ec2/get-ipam-discovered-resource-cidrs.rst new file mode 100644 index 000000000000..00d37b6a7c4a --- /dev/null +++ b/awscli/examples/ec2/get-ipam-discovered-resource-cidrs.rst @@ -0,0 +1,60 @@ +**To view the IP address CIDRs discovered by an IPAM** + +In this example, you're a IPAM delegated admin who wants to view details related to the IP address CIDRs for resources that the IPAM is discovering. + +To complete this request: + +* The resource discovery you choose must be associated with the IPAM. +* The ``--resource-region`` is the AWS Region where resource was created. + +The following ``get-ipam-discovered-resource-cidrs`` example lists the IP addresses for resources that the IPAM is discovering. :: + + aws ec2 get-ipam-discovered-resource-cidrs \ + --ipam-resource-discovery-id ipam-res-disco-0365d2977fc1672fe \ + --resource-region us-east-1 + +Output:: + + { + { + "IpamDiscoveredResourceCidrs": [ + { + "IpamResourceDiscoveryId": "ipam-res-disco-0365d2977fc1672fe", + "ResourceRegion": "us-east-1", + "ResourceId": "vpc-0c974c95ca7ceef4a", + "ResourceOwnerId": "149977607591", + "ResourceCidr": "172.31.0.0/16", + "ResourceType": "vpc", + "ResourceTags": [], + "IpUsage": 0.375, + "VpcId": "vpc-0c974c95ca7ceef4a", + "SampleTime": "2024-02-09T19:15:16.529000+00:00" + }, + { + "IpamResourceDiscoveryId": "ipam-res-disco-0365d2977fc1672fe", + "ResourceRegion": "us-east-1", + "ResourceId": "subnet-07fe028119082a8c1", + "ResourceOwnerId": "149977607591", + "ResourceCidr": "172.31.0.0/20", + "ResourceType": "subnet", + "ResourceTags": [], + "IpUsage": 0.0012, + "VpcId": "vpc-0c974c95ca7ceef4a", + "SampleTime": "2024-02-09T19:15:16.529000+00:00" + }, + { + "IpamResourceDiscoveryId": "ipam-res-disco-0365d2977fc1672fe", + "ResourceRegion": "us-east-1", + "ResourceId": "subnet-0a96893763984cc4e", + "ResourceOwnerId": "149977607591", + "ResourceCidr": "172.31.64.0/20", + "ResourceType": "subnet", + "ResourceTags": [], + "IpUsage": 0.0012, + "VpcId": "vpc-0c974c95ca7ceef4a", + "SampleTime": "2024-02-09T19:15:16.529000+00:00" + } + } + } + +For more information, see `Monitor CIDR usage by resource `__ in the *Amazon VPC IPAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/get-network-insights-access-scope-analysis-findings.rst b/awscli/examples/ec2/get-network-insights-access-scope-analysis-findings.rst index e5c4d8bdba74..c1d2d1f12eb1 100644 --- a/awscli/examples/ec2/get-network-insights-access-scope-analysis-findings.rst +++ b/awscli/examples/ec2/get-network-insights-access-scope-analysis-findings.rst @@ -1,60 +1,60 @@ -**To get the findings of Network Insights access scope analysis** - -The following ``get-network-insights-access-scope-analysis-findings`` example gets the selected scope analysis findings in your AWS account. :: - - aws ec2 get-network-insights-access-scope-analysis-findings \ - --region us-east-1 \ - --network-insights-access-scope-analysis-id nis \ - --nis-123456789111 - -Output:: - - { - "NetworkInsightsAccessScopeAnalysisId": "nisa-123456789222", - "AnalysisFindings": [ - { - "NetworkInsightsAccessScopeAnalysisId": "nisa-123456789222", - "NetworkInsightsAccessScopeId": "nis-123456789111", - "FindingComponents": [ - { - "SequenceNumber": 1, - "Component": { - "Id": "eni-02e3d42d5cceca67d", - "Arn": "arn:aws:ec2:us-east-1:936459623503:network-interface/eni-02e3d32d9cceca17d" - }, - "OutboundHeader": { - "DestinationAddresses": [ - "0.0.0.0/5", - "11.0.0.0/8", - "12.0.0.0/6", - "128.0.0.0/3", - "16.0.0.0/4", - "160.0.0.0/5", - "168.0.0.0/6", - "172.0.0.0/12" - "8.0.0.0/7" - ], - "DestinationPortRanges": [ - { - "From": 0, - "To": 65535 - } - ], - "Protocol": "6", - "SourceAddresses": [ - "10.0.2.253/32" - ], - "SourcePortRanges": [ - { - "From": 0, - "To": 65535 - } - ] - }, [etc] - ] - } - } - ] - } - -For more information, see `Getting started with Network Access Analyzer using the AWS CLI `__ in the *Network Access Analyzer Guide*. \ No newline at end of file +**To get the findings of Network Insights access scope analysis** + +The following ``get-network-insights-access-scope-analysis-findings`` example gets the selected scope analysis findings in your AWS account. :: + + aws ec2 get-network-insights-access-scope-analysis-findings \ + --region us-east-1 \ + --network-insights-access-scope-analysis-id nis \ + --nis-123456789111 + +Output:: + + { + "NetworkInsightsAccessScopeAnalysisId": "nisa-123456789222", + "AnalysisFindings": [ + { + "NetworkInsightsAccessScopeAnalysisId": "nisa-123456789222", + "NetworkInsightsAccessScopeId": "nis-123456789111", + "FindingComponents": [ + { + "SequenceNumber": 1, + "Component": { + "Id": "eni-02e3d42d5cceca67d", + "Arn": "arn:aws:ec2:us-east-1:936459623503:network-interface/eni-02e3d32d9cceca17d" + }, + "OutboundHeader": { + "DestinationAddresses": [ + "0.0.0.0/5", + "11.0.0.0/8", + "12.0.0.0/6", + "128.0.0.0/3", + "16.0.0.0/4", + "160.0.0.0/5", + "168.0.0.0/6", + "172.0.0.0/12" + "8.0.0.0/7" + ], + "DestinationPortRanges": [ + { + "From": 0, + "To": 65535 + } + ], + "Protocol": "6", + "SourceAddresses": [ + "10.0.2.253/32" + ], + "SourcePortRanges": [ + { + "From": 0, + "To": 65535 + } + ] + }, [etc] + ] + } + } + ] + } + +For more information, see `Getting started with Network Access Analyzer using the AWS CLI `__ in the *Network Access Analyzer Guide*. diff --git a/awscli/examples/ec2/get-network-insights-access-scope-content.rst b/awscli/examples/ec2/get-network-insights-access-scope-content.rst index 713984a042b6..f5a0013cd57a 100644 --- a/awscli/examples/ec2/get-network-insights-access-scope-content.rst +++ b/awscli/examples/ec2/get-network-insights-access-scope-content.rst @@ -1,35 +1,35 @@ -**To get Network Insights access scope content** - -The following ``get-network-insights-access-scope-content`` example gets the content of the selected scope analysis ID in your AWS account. :: - - aws ec2 get-network-insights-access-scope-content \ - --region us-east-1 \ - --network-insights-access-scope-id nis-123456789222 - -Output:: - - { - "NetworkInsightsAccessScopeContent": { - "NetworkInsightsAccessScopeId": "nis-123456789222", - "MatchPaths": [ - { - "Source": { - "ResourceStatement": { - "ResourceTypes": [ - "AWS::EC2::NetworkInterface" - ] - } - }, - "Destination": { - "ResourceStatement": { - "ResourceTypes": [ - "AWS::EC2::InternetGateway" - ] - } - } - } - ] - } - } - -For more information, see `Getting started with Network Access Analyzer using the AWS CLI `__ in the *Network Access Analyzer Guide*. \ No newline at end of file +**To get Network Insights access scope content** + +The following ``get-network-insights-access-scope-content`` example gets the content of the selected scope analysis ID in your AWS account. :: + + aws ec2 get-network-insights-access-scope-content \ + --region us-east-1 \ + --network-insights-access-scope-id nis-123456789222 + +Output:: + + { + "NetworkInsightsAccessScopeContent": { + "NetworkInsightsAccessScopeId": "nis-123456789222", + "MatchPaths": [ + { + "Source": { + "ResourceStatement": { + "ResourceTypes": [ + "AWS::EC2::NetworkInterface" + ] + } + }, + "Destination": { + "ResourceStatement": { + "ResourceTypes": [ + "AWS::EC2::InternetGateway" + ] + } + } + } + ] + } + } + +For more information, see `Getting started with Network Access Analyzer using the AWS CLI `__ in the *Network Access Analyzer Guide*. diff --git a/awscli/examples/ec2/get-security-groups-for-vpc.rst b/awscli/examples/ec2/get-security-groups-for-vpc.rst new file mode 100644 index 000000000000..76df91f6c0d5 --- /dev/null +++ b/awscli/examples/ec2/get-security-groups-for-vpc.rst @@ -0,0 +1,29 @@ +**To view security groups that can be associated with network interfaces in a specified VPC.** + +The following ``get-security-groups-for-vpc`` example shows the security groups that can be associated with network interfaces in the VPC. :: + + aws ec2 get-security-groups-for-vpc \ + --vpc-id vpc-6c31a611 \ + --region us-east-1 + +Output:: + + { + "SecurityGroupForVpcs": [ + { + "Description": "launch-wizard-36 created 2022-08-29T15:59:35.338Z", + "GroupName": "launch-wizard-36", + "OwnerId": "470889052923", + "GroupId": "sg-007e0c3027ee885f5", + "Tags": [], + "PrimaryVpcId": "vpc-6c31a611" + }, + { + "Description": "launch-wizard-18 created 2024-01-19T20:22:27.527Z", + "GroupName": "launch-wizard-18", + "OwnerId": "470889052923", + "GroupId": "sg-0147193bef51c9eef", + "Tags": [], + "PrimaryVpcId": "vpc-6c31a611" + } + } \ No newline at end of file diff --git a/awscli/examples/ec2/get-snapshot-block-public-access-state.rst b/awscli/examples/ec2/get-snapshot-block-public-access-state.rst new file mode 100644 index 000000000000..5ce016deee20 --- /dev/null +++ b/awscli/examples/ec2/get-snapshot-block-public-access-state.rst @@ -0,0 +1,13 @@ +**To get the current state of block public access for snapshots** + +The following ``get-snapshot-block-public-access-state`` example gets the current state of block public access for snapshots. :: + + aws ec2 get-snapshot-block-public-access-state + +Output:: + + { + "State": "block-all-sharing" + } + +For more information, see `Block public access for snapshots `__ in the *Amazon EBS User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/get-transit-gateway-multicast-domain-associations.rst b/awscli/examples/ec2/get-transit-gateway-multicast-domain-associations.rst index 08e3c8ab8def..90ddbbe1c2cb 100755 --- a/awscli/examples/ec2/get-transit-gateway-multicast-domain-associations.rst +++ b/awscli/examples/ec2/get-transit-gateway-multicast-domain-associations.rst @@ -57,4 +57,4 @@ Output:: ] } -For more information, see `Managing multicast domains `__ in the *Transit Gateways Guide*. \ No newline at end of file +For more information, see `Multicast domains `__ in the *Transit Gateways Guide*. diff --git a/awscli/examples/ec2/get-transit-gateway-prefix-list-references.rst b/awscli/examples/ec2/get-transit-gateway-prefix-list-references.rst index f3c695898eb1..2a73a6e20ad1 100644 --- a/awscli/examples/ec2/get-transit-gateway-prefix-list-references.rst +++ b/awscli/examples/ec2/get-transit-gateway-prefix-list-references.rst @@ -1,28 +1,28 @@ -**To get prefix list references in a transit gateway route table** - -The following ``get-transit-gateway-prefix-list-references`` example gets the prefix list references for the specified transit gateway route table, and filters by the ID of a specific prefix list. :: - - aws ec2 get-transit-gateway-prefix-list-references \ - --transit-gateway-route-table-id tgw-rtb-0123456789abcd123 \ - --filters Name=prefix-list-id,Values=pl-11111122222222333 - -Output:: - - { - "TransitGatewayPrefixListReferences": [ - { - "TransitGatewayRouteTableId": "tgw-rtb-0123456789abcd123", - "PrefixListId": "pl-11111122222222333", - "PrefixListOwnerId": "123456789012", - "State": "available", - "Blackhole": false, - "TransitGatewayAttachment": { - "TransitGatewayAttachmentId": "tgw-attach-aabbccddaabbccaab", - "ResourceType": "vpc", - "ResourceId": "vpc-112233445566aabbc" - } - } - ] - } - -For more information, see `Prefix list references `__ in the *Transit Gateways Guide*. +**To get prefix list references in a transit gateway route table** + +The following ``get-transit-gateway-prefix-list-references`` example gets the prefix list references for the specified transit gateway route table, and filters by the ID of a specific prefix list. :: + + aws ec2 get-transit-gateway-prefix-list-references \ + --transit-gateway-route-table-id tgw-rtb-0123456789abcd123 \ + --filters Name=prefix-list-id,Values=pl-11111122222222333 + +Output:: + + { + "TransitGatewayPrefixListReferences": [ + { + "TransitGatewayRouteTableId": "tgw-rtb-0123456789abcd123", + "PrefixListId": "pl-11111122222222333", + "PrefixListOwnerId": "123456789012", + "State": "available", + "Blackhole": false, + "TransitGatewayAttachment": { + "TransitGatewayAttachmentId": "tgw-attach-aabbccddaabbccaab", + "ResourceType": "vpc", + "ResourceId": "vpc-112233445566aabbc" + } + } + ] + } + +For more information, see `Prefix list references `__ in the *Transit Gateways Guide*. diff --git a/awscli/examples/ec2/import-snapshot.rst b/awscli/examples/ec2/import-snapshot.rst index 502ebfd6c5e9..60f21ac9514c 100755 --- a/awscli/examples/ec2/import-snapshot.rst +++ b/awscli/examples/ec2/import-snapshot.rst @@ -4,7 +4,7 @@ The following ``import-snapshot`` example imports the specified disk as a snapsh aws ec2 import-snapshot \ --description "My server VMDK" \ - --disk-container Format=VMDK,UserBucket={S3Bucket=my-import-bucket,S3Key=vms/my-server-vm.vmdk} + --disk-container Format=VMDK,UserBucket={'S3Bucket=my-import-bucket,S3Key=vms/my-server-vm.vmdk'} Output:: diff --git a/awscli/examples/ec2/list-images-in-recycle-bin.rst b/awscli/examples/ec2/list-images-in-recycle-bin.rst index b375b8cde15c..ceee4b13566f 100644 --- a/awscli/examples/ec2/list-images-in-recycle-bin.rst +++ b/awscli/examples/ec2/list-images-in-recycle-bin.rst @@ -18,4 +18,4 @@ Output:: ] } -For more information, see `Recover AMIs from the Recycle Bin `__ in the *Amazon Elastic Compute Cloud User Guide*. \ No newline at end of file +For more information, see `Recover deleted AMIs from the Recycle Bin `__ in the *Amazon EBS User Guide*. diff --git a/awscli/examples/ec2/list-snapshots-in-recycle-bin.rst b/awscli/examples/ec2/list-snapshots-in-recycle-bin.rst index c4a8d6b7436d..9abe1fb74f5e 100644 --- a/awscli/examples/ec2/list-snapshots-in-recycle-bin.rst +++ b/awscli/examples/ec2/list-snapshots-in-recycle-bin.rst @@ -19,4 +19,4 @@ Output:: ] } -For more information about Recycle Bin for Amazon EBS, see `Recover snapshots from the Recycle Bin `__ in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information about Recycle Bin, see `Recover deleted snapshots from the Recycle Bin `__ in the *Amazon EBS User Guide*. diff --git a/awscli/examples/ec2/lock-snapshot.rst b/awscli/examples/ec2/lock-snapshot.rst new file mode 100644 index 000000000000..d6eed93af2a0 --- /dev/null +++ b/awscli/examples/ec2/lock-snapshot.rst @@ -0,0 +1,46 @@ +**Example 1: To lock a snapshot in governance mode** + +The following ``lock-snapshot`` example locks the specified snapshot in governance mode. :: + + aws ec2 lock-snapshot \ + --snapshot-id snap-0b5e733b4a8df6e0d \ + --lock-mode governance \ + --lock-duration 365 + +Output:: + + { + "SnapshotId": "snap-0b5e733b4a8df6e0d", + "LockState": "governance", + "LockDuration": 365, + "LockCreatedOn": "2024-05-05T00:56:06.208000+00:00", + "LockExpiresOn": "2025-05-05T00:56:06.208000+00:00", + "LockDurationStartTime": "2024-05-05T00:56:06.208000+00:00" + } + +For more information, see `Snapshot lock `__ in the *Amazon EBS User Guide*. + +**Example 2: To lock a snapshot in compliance mode** + +The following ``lock-snapshot`` example lock the specified snapshot in compliance mode. :: + + aws ec2 lock-snapshot \ + --snapshot-id snap-0163a8524c5b9901f \ + --lock-mode compliance \ + --cool-off-period 24 \ + --lock-duration 365 + +Output:: + + { + "SnapshotId": "snap-0b5e733b4a8df6e0d", + "LockState": "compliance-cooloff", + "LockDuration": 365, + "CoolOffPeriod": 24, + "CoolOffPeriodExpiresOn": "2024-05-06T01:02:20.527000+00:00", + "LockCreatedOn": "2024-05-05T01:02:20.527000+00:00", + "LockExpiresOn": "2025-05-05T01:02:20.527000+00:00", + "LockDurationStartTime": "2024-05-05T01:02:20.527000+00:00" + } + +For more information, see `Snapshot lock `__ in the *Amazon EBS User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/modify-availability-zone-group.rst b/awscli/examples/ec2/modify-availability-zone-group.rst index c6e79c72ae0a..c9315139869c 100644 --- a/awscli/examples/ec2/modify-availability-zone-group.rst +++ b/awscli/examples/ec2/modify-availability-zone-group.rst @@ -12,4 +12,4 @@ Output:: "Return": true } -For more information, see `Regions and Zones `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. \ No newline at end of file +For more information, see `Regions and Zones `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/modify-capacity-reservation.rst b/awscli/examples/ec2/modify-capacity-reservation.rst index e1306bca5efa..4668040d76d1 100644 --- a/awscli/examples/ec2/modify-capacity-reservation.rst +++ b/awscli/examples/ec2/modify-capacity-reservation.rst @@ -1,24 +1,26 @@ -**Example 1: To change the number of instances reserved by an existing capacity reservation** - -The following ``modify-capacity-reservation`` example changes the number of instances for which the capacity reservation reserves capacity. :: - - aws ec2 modify-capacity-reservation \ - --capacity-reservation-id cr-1234abcd56EXAMPLE \ - --instance-count 5 - -Output:: - - { - "Return": true - } - -**Example 2: To change the end date and time for an existing capacity reservation** - -The following ``modify-capacity-reservation`` example modifies an existing capacity reservation to end at the specified date and time. :: - - aws ec2 modify-capacity-reservation \ - --capacity-reservation-id cr-1234abcd56EXAMPLE \ - --end-date-type limited \ - --end-date 2019-08-31T23:59:59Z - -For more information, see `Modifying a Capacity Reservation `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. +**Example 1: To change the number of instances reserved by an existing capacity reservation** + +The following ``modify-capacity-reservation`` example changes the number of instances for which the capacity reservation reserves capacity. :: + + aws ec2 modify-capacity-reservation \ + --capacity-reservation-id cr-1234abcd56EXAMPLE \ + --instance-count 5 + +Output:: + + { + "Return": true + } + +For more information, see `Modify a Capacity Reservation `__ in the *Amazon EC2 User Guide*. + +**Example 2: To change the end date and time for an existing capacity reservation** + +The following ``modify-capacity-reservation`` example modifies an existing capacity reservation to end at the specified date and time. :: + + aws ec2 modify-capacity-reservation \ + --capacity-reservation-id cr-1234abcd56EXAMPLE \ + --end-date-type limited \ + --end-date 2019-08-31T23:59:59Z + +For more information, see `Modify a Capacity Reservation `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/modify-fleet.rst b/awscli/examples/ec2/modify-fleet.rst index 4bc309a86497..922dca1f4f19 100644 --- a/awscli/examples/ec2/modify-fleet.rst +++ b/awscli/examples/ec2/modify-fleet.rst @@ -12,4 +12,4 @@ Output:: "Return": true } -For more information, see `Managing an EC2 Fleet `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. \ No newline at end of file +For more information, see `Manage an EC2 Fleet `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/modify-hosts.rst b/awscli/examples/ec2/modify-hosts.rst index 737457d77f2c..952e9483c23f 100644 --- a/awscli/examples/ec2/modify-hosts.rst +++ b/awscli/examples/ec2/modify-hosts.rst @@ -1,35 +1,37 @@ -**Example 1: To enable auto-placement for a Dedicated Host** - -The following ``modify-hosts`` example enables auto-placement for a Dedicated Host so that it accepts any untargeted instance launches that match its instance type configuration. :: - - aws ec2 modify-hosts \ - --host-id h-06c2f189b4EXAMPLE \ - --auto-placement on - -Output:: - - { - "Successful": [ - "h-06c2f189b4EXAMPLE" - ], - "Unsuccessful": [] - } - -**Example 2: To enable host recovery for a Dedicated Host** - -The following ``modify-hosts`` example enables host recovery for the specified Dedicated Host. :: - - aws ec2 modify-hosts \ - --host-id h-06c2f189b4EXAMPLE \ - --host-recovery on - -Output:: - - { - "Successful": [ - "h-06c2f189b4EXAMPLE" - ], - "Unsuccessful": [] - } - -For more information, see `Modifying Dedicated Host Auto-Placement `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. +**Example 1: To enable auto-placement for a Dedicated Host** + +The following ``modify-hosts`` example enables auto-placement for a Dedicated Host so that it accepts any untargeted instance launches that match its instance type configuration. :: + + aws ec2 modify-hosts \ + --host-id h-06c2f189b4EXAMPLE \ + --auto-placement on + +Output:: + + { + "Successful": [ + "h-06c2f189b4EXAMPLE" + ], + "Unsuccessful": [] + } + +For more information, see `Modify the auto-placement setting for a Dedicated Host `__ in the *Amazon EC2 User Guide*. + +**Example 2: To enable host recovery for a Dedicated Host** + +The following ``modify-hosts`` example enables host recovery for the specified Dedicated Host. :: + + aws ec2 modify-hosts \ + --host-id h-06c2f189b4EXAMPLE \ + --host-recovery on + +Output:: + + { + "Successful": [ + "h-06c2f189b4EXAMPLE" + ], + "Unsuccessful": [] + } + +For more information, see `Modify the auto-placement setting for a Dedicated Host `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/modify-instance-capacity-reservation-attributes.rst b/awscli/examples/ec2/modify-instance-capacity-reservation-attributes.rst index 7d08f5857870..821dcc50e30b 100644 --- a/awscli/examples/ec2/modify-instance-capacity-reservation-attributes.rst +++ b/awscli/examples/ec2/modify-instance-capacity-reservation-attributes.rst @@ -1,29 +1,31 @@ -**Example 1: To modify an instance's capacity reservation targeting settings** - -The following ``modify-instance-capacity-reservation-attributes`` example modifies a stopped instance to target a specific capacity reservation. :: - - aws ec2 modify-instance-capacity-reservation-attributes \ - --instance-id i-EXAMPLE8765abcd4e \ - --capacity-reservation-specification 'CapacityReservationTarget={CapacityReservationId= cr-1234abcd56EXAMPLE }' - -Output:: - - { - "Return": true - } - -**Example 2: To modify an instance's capacity reservation targeting settings** - -The following ``modify-instance-capacity-reservation-attributes`` example modifies a stopped instance that targets the specified capacity reservation to launch in any capacity reservation that has matching attributes (instance type, platform, Availability Zone) and that has open instance matching criteria. :: - - aws ec2 modify-instance-capacity-reservation-attributes \ - --instance-id i-EXAMPLE8765abcd4e \ - --capacity-reservation-specification 'CapacityReservationPreference=open' - -Output:: - - { - "Return": true - } - -For more information, see `Modifying an Instance's Capacity Reservation Settings `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. +**Example 1: To modify an instance's capacity reservation targeting settings** + +The following ``modify-instance-capacity-reservation-attributes`` example modifies a stopped instance to target a specific capacity reservation. :: + + aws ec2 modify-instance-capacity-reservation-attributes \ + --instance-id i-EXAMPLE8765abcd4e \ + --capacity-reservation-specification 'CapacityReservationTarget={CapacityReservationId= cr-1234abcd56EXAMPLE }' + +Output:: + + { + "Return": true + } + +For more information, see `Modify the Capacity Reservation settings of your instance `__ in the *Amazon EC2 User Guide*. + +**Example 2: To modify an instance's capacity reservation targeting settings** + +The following ``modify-instance-capacity-reservation-attributes`` example modifies a stopped instance that targets the specified capacity reservation to launch in any capacity reservation that has matching attributes (instance type, platform, Availability Zone) and that has open instance matching criteria. :: + + aws ec2 modify-instance-capacity-reservation-attributes \ + --instance-id i-EXAMPLE8765abcd4e \ + --capacity-reservation-specification 'CapacityReservationPreference=open' + +Output:: + + { + "Return": true + } + +For more information, see `Modify the Capacity Reservation settings of your instance `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/modify-instance-maintenance-options.rst b/awscli/examples/ec2/modify-instance-maintenance-options.rst index d3615befa19a..ffb974d38e2b 100644 --- a/awscli/examples/ec2/modify-instance-maintenance-options.rst +++ b/awscli/examples/ec2/modify-instance-maintenance-options.rst @@ -13,7 +13,7 @@ Output:: "AutoRecovery": "disabled" } -For more information, see `Recover your instance `__ in the *Amazon EC2 User Guide for Linux Instances*. +For more information, see `Configure simplified automatic recovery `__ in the *Amazon EC2 User Guide*. **Example 2: To set the recovery behavior of an instance to default** @@ -30,4 +30,4 @@ Output:: "AutoRecovery": "default" } -For more information, see `Recover your instance `__ in the *Amazon EC2 User Guide for Linux Instances*. +For more information, see `Configure simplified automatic recovery `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/modify-instance-metadata-options.rst b/awscli/examples/ec2/modify-instance-metadata-options.rst index 951d8181849a..d48be5aa7765 100644 --- a/awscli/examples/ec2/modify-instance-metadata-options.rst +++ b/awscli/examples/ec2/modify-instance-metadata-options.rst @@ -19,8 +19,8 @@ Output:: } } -For more information, see `Instance metadata and user data `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. - +For more information, see `Instance metadata `__ in the *Amazon EC2 User Guide*. + **Example 2: To disable instance metadata** The following ``modify-instance-metadata-options`` example disables the use of all versions of instance metadata on the specified instance. :: @@ -41,11 +41,11 @@ Output:: } } -For more information, see `Instance metadata and user data `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. +For more information, see `Instance metadata `__ in the *Amazon EC2 User Guide*. **Example 3: To enable instance metadata IPv6 endpoint for your instance** -The following ``modify-instance-metadata-options`` example shows you how to turn on the IPv6 endpoint for the instance metadata service. :: +The following ``modify-instance-metadata-options`` example shows you how to turn on the IPv6 endpoint for the instance metadata service. By default, the IPv6 endpoint is disabled. This is true even if you have launched an instance into an IPv6-only subnet. The IPv6 endpoint for IMDS is only accessible on instances built on the Nitro System. :: aws ec2 modify-instance-metadata-options \ --instance-id i-1234567898abcdef0 \ @@ -65,4 +65,4 @@ Output:: } } -By default, the IPv6 endpoint is disabled. This is true even if you have launched an instance into an IPv6-only subnet. The IPv6 endpoint for IMDS is only accessible on instances built on the Nitro System. For more information, see `Instance metadata and user data `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. \ No newline at end of file +For more information, see `Instance metadata `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/modify-instance-placement.rst b/awscli/examples/ec2/modify-instance-placement.rst index cd55c72eaeb9..4c356c2e1bb9 100644 --- a/awscli/examples/ec2/modify-instance-placement.rst +++ b/awscli/examples/ec2/modify-instance-placement.rst @@ -1,80 +1,76 @@ -**Example 1: To remove an instance's affinity with a Dedicated Host** - -The following ``modify-instance-placement`` example removes an instance's affinity with a Dedicated Host and enables it to launch on any available Dedicated Host in your account that supports its instance type. :: - - aws ec2 modify-instance-placement \ - --instance-id i-0e6ddf6187EXAMPLE \ - --affinity default - -Output:: - - { - "Return": true - } - -**Example 2: To establish affinity between an instance and the specified Dedicated Host** - -The following ``modify-instance-placement`` example establishes a launch relationship between an instance and a Dedicated Host. The instance is only able to run on the specified Dedicated Host. :: - - aws ec2 modify-instance-placement \ - --instance-id i-0e6ddf6187EXAMPLE \ - --affinity host \ - --host-id i-0e6ddf6187EXAMPLE - -Output:: - - { - "Return": true - } - -For more information, see `Modifying Instance Tenancy and Affinity `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. - -**Example 3: To move an instance to a placement group** - -The following ``modify-instance-placement`` example moves an instance to a placement group, stop the instance, modify the instance placement, and then restart the instance. :: - - aws ec2 stop-instances \ - --instance-ids i-0123a456700123456 - - aws ec2 modify-instance-placement \ - --instance-id i-0123a456700123456 \ - --group-name MySpreadGroup - - aws ec2 start-instances \ - --instance-ids i-0123a456700123456 - -For more information, see `Changing the Placement Group for an Instance `__ in the *Amazon Elastic Compute Cloud Users Guide*. - -**Example 4: To remove an instance from a placement group** - -The following ``modify-instance-placement`` example removes an instance from a placement group by stopping the instance, modifying the instance placement, and then restarting the instance. The following example specifies an empty string ("") for the placement group name to indicate that the instance is not to be located in a placement group. - -Stop the instance:: - - aws ec2 stop-instances \ - --instance-ids i-0123a456700123456 - -Modify the placement (Windows Command Prompt, Linux, and macOS):: - - aws ec2 modify-instance-placement \ - --instance-id i-0123a456700123456 \ - --group-name "" - -Modify the placement (Windows PowerShell):: - - aws ec2 modify-instance-placement ` - --instance-id i-0123a456700123456 ` - --group-name """" - -Restart the instance:: - - aws ec2 start-instances \ - --instance-ids i-0123a456700123456 - -Output:: - - { - "Return": true - } - -For more information, see `Modifying Instance Tenancy and Affinity `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. \ No newline at end of file +**Example 1: To remove an instance's affinity with a Dedicated Host** + +The following ``modify-instance-placement`` example removes an instance's affinity with a Dedicated Host and enables it to launch on any available Dedicated Host in your account that supports its instance type. :: + + aws ec2 modify-instance-placement \ + --instance-id i-0e6ddf6187EXAMPLE \ + --affinity default + +Output:: + + { + "Return": true + } + +**Example 2: To establish affinity between an instance and the specified Dedicated Host** + +The following ``modify-instance-placement`` example establishes a launch relationship between an instance and a Dedicated Host. The instance is only able to run on the specified Dedicated Host. :: + + aws ec2 modify-instance-placement \ + --instance-id i-0e6ddf6187EXAMPLE \ + --affinity host \ + --host-id i-0e6ddf6187EXAMPLE + +Output:: + + { + "Return": true + } + +**Example 3: To move an instance to a placement group** + +The following ``modify-instance-placement`` example moves an instance to a placement group, stop the instance, modify the instance placement, and then restart the instance. :: + + aws ec2 stop-instances \ + --instance-ids i-0123a456700123456 + + aws ec2 modify-instance-placement \ + --instance-id i-0123a456700123456 \ + --group-name MySpreadGroup + + aws ec2 start-instances \ + --instance-ids i-0123a456700123456 + +**Example 4: To remove an instance from a placement group** + +The following ``modify-instance-placement`` example removes an instance from a placement group by stopping the instance, modifying the instance placement, and then restarting the instance. The following example specifies an empty string ("") for the placement group name to indicate that the instance is not to be located in a placement group. + +Stop the instance:: + + aws ec2 stop-instances \ + --instance-ids i-0123a456700123456 + +Modify the placement (Windows Command Prompt):: + + aws ec2 modify-instance-placement \ + --instance-id i-0123a456700123456 \ + --group-name "" + +Modify the placement (Windows PowerShell, Linux, and macOS):: + + aws ec2 modify-instance-placement ` + --instance-id i-0123a456700123456 ` + --group-name '' + +Restart the instance:: + + aws ec2 start-instances \ + --instance-ids i-0123a456700123456 + +Output:: + + { + "Return": true + } + +For more information, see `Modify Dedicated Host tenancy and affinity `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/modify-ipam-resource-discovery.rst b/awscli/examples/ec2/modify-ipam-resource-discovery.rst new file mode 100644 index 000000000000..8a1566697d03 --- /dev/null +++ b/awscli/examples/ec2/modify-ipam-resource-discovery.rst @@ -0,0 +1,40 @@ +**To modify the operating regions of a resource discovery** + +In this example, you're an IPAM delegated admin who wants to modify the operating regions of a resource discovery. + +To complete this request: + +* You cannot modify a default resource discovery and you must be the owner of the resource discovery. +* You need the resource discovery ID, which you can get with `describe-ipam-resource-discoveries `__. + +The following ``modify-ipam-resource-discovery`` example modifies a non-default resource discovery in your AWS account. :: + + aws ec2 modify-ipam-resource-discovery \ + --ipam-resource-discovery-id ipam-res-disco-0f4ef577a9f37a162 \ + --add-operating-regions RegionName='us-west-1' \ + --remove-operating-regions RegionName='us-east-2' \ + --region us-east-1 + +Output:: + + { + "IpamResourceDiscovery": { + "OwnerId": "149977607591", + "IpamResourceDiscoveryId": "ipam-res-disco-0365d2977fc1672fe", + "IpamResourceDiscoveryArn": "arn:aws:ec2::149977607591:ipam-resource-discovery/ipam-res-disco-0365d2977fc1672fe", + "IpamResourceDiscoveryRegion": "us-east-1", + "Description": "Example", + "OperatingRegions": [ + { + "RegionName": "us-east-1" + }, + { + "RegionName": "us-west-1" + } + ], + "IsDefault": false, + "State": "modify-in-progress" + } + } + +For more information, see `Work with resource discoveries `__ in the *Amazon VPC IPAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/modify-ipam-scope.rst b/awscli/examples/ec2/modify-ipam-scope.rst new file mode 100644 index 000000000000..6bd3677f98e5 --- /dev/null +++ b/awscli/examples/ec2/modify-ipam-scope.rst @@ -0,0 +1,31 @@ +**To modify the description of a scope** + +In this scenario, you're an IPAM delegated admin who wants to modify the description of an IPAM scope. + +To complete this request, you'll need the scope ID, which you can get with `describe-ipam-scopes `__. + +The following ``modify-ipam-scope`` example updates the description of the scope. :: + + aws ec2 modify-ipam-scope \ + --ipam-scope-id ipam-scope-0d3539a30b57dcdd1 \ + --description example \ + --region us-east-1 + +Output:: + + { + "IpamScope": { + "OwnerId": "320805250157", + "IpamScopeId": "ipam-scope-0d3539a30b57dcdd1", + "IpamScopeArn": "arn:aws:ec2::320805250157:ipam-scope/ipam-scope-0d3539a30b57dcdd1", + "IpamArn": "arn:aws:ec2::320805250157:ipam/ipam-005f921c17ebd5107", + "IpamRegion": "us-east-1", + "IpamScopeType": "public", + "IsDefault": true, + "Description": "example", + "PoolCount": 1, + "State": "modify-in-progress" + } + } + +For more information about scopes, see `How IPAM works `__ in the *Amazon VPC IPAM User Guide*. diff --git a/awscli/examples/ec2/modify-snapshot-tier.rst b/awscli/examples/ec2/modify-snapshot-tier.rst index 89f7b5549020..d00059ed4bac 100644 --- a/awscli/examples/ec2/modify-snapshot-tier.rst +++ b/awscli/examples/ec2/modify-snapshot-tier.rst @@ -1,6 +1,6 @@ -**Example 1: To archive a snapshot** +**To archive a snapshot** -The following ``modify-snapshot-tier`` example archives the specified snapshot. :: +The following ``modify-snapshot-tier`` example archives the specified snapshot. The ``TieringStartTime`` response parameter indicates the date and time at which the archive process was started, in UTC time format (YYYY-MM-DDTHH:MM:SSZ). :: aws ec2 modify-snapshot-tier \ --snapshot-id snap-01234567890abcedf \ @@ -13,6 +13,4 @@ Output:: "TieringStartTime": "2021-09-15T16:44:37.574Z" } -The ``TieringStartTime`` response parameter indicates the date and time at which the archive process was started, in UTC time format (YYYY-MM-DDTHH:MM:SSZ). - -For more information about snapshot archiving, see `Archive Amazon EBS snapshots `__ in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information about snapshot archiving, see `Archive Amazon EBS snapshots `__ in the *Amazon EBS User Guide*. diff --git a/awscli/examples/ec2/modify-transit-gateway-prefix-list-reference.rst b/awscli/examples/ec2/modify-transit-gateway-prefix-list-reference.rst index b4719a323560..4af295a7029d 100644 --- a/awscli/examples/ec2/modify-transit-gateway-prefix-list-reference.rst +++ b/awscli/examples/ec2/modify-transit-gateway-prefix-list-reference.rst @@ -1,27 +1,27 @@ -**To modify a reference to a prefix list** - -The following ``modify-transit-gateway-prefix-list-reference`` example modifies the prefix list reference in the specified route table by changing the attachment to which traffic is routed. :: - - aws ec2 modify-transit-gateway-prefix-list-reference \ - --transit-gateway-route-table-id tgw-rtb-0123456789abcd123 \ - --prefix-list-id pl-11111122222222333 \ - --transit-gateway-attachment-id tgw-attach-aabbccddaabbccaab - -Output:: - - { - "TransitGatewayPrefixListReference": { - "TransitGatewayRouteTableId": "tgw-rtb-0123456789abcd123", - "PrefixListId": "pl-11111122222222333", - "PrefixListOwnerId": "123456789012", - "State": "modifying", - "Blackhole": false, - "TransitGatewayAttachment": { - "TransitGatewayAttachmentId": "tgw-attach-aabbccddaabbccaab", - "ResourceType": "vpc", - "ResourceId": "vpc-112233445566aabbc" - } - } - } - -For more information, see `Prefix list references `__ in the *Transit Gateways Guide*. +**To modify a reference to a prefix list** + +The following ``modify-transit-gateway-prefix-list-reference`` example modifies the prefix list reference in the specified route table by changing the attachment to which traffic is routed. :: + + aws ec2 modify-transit-gateway-prefix-list-reference \ + --transit-gateway-route-table-id tgw-rtb-0123456789abcd123 \ + --prefix-list-id pl-11111122222222333 \ + --transit-gateway-attachment-id tgw-attach-aabbccddaabbccaab + +Output:: + + { + "TransitGatewayPrefixListReference": { + "TransitGatewayRouteTableId": "tgw-rtb-0123456789abcd123", + "PrefixListId": "pl-11111122222222333", + "PrefixListOwnerId": "123456789012", + "State": "modifying", + "Blackhole": false, + "TransitGatewayAttachment": { + "TransitGatewayAttachmentId": "tgw-attach-aabbccddaabbccaab", + "ResourceType": "vpc", + "ResourceId": "vpc-112233445566aabbc" + } + } + } + +For more information, see `Prefix list references `__ in the *Transit Gateways Guide*. diff --git a/awscli/examples/ec2/modify-verified-access-endpoint.rst b/awscli/examples/ec2/modify-verified-access-endpoint.rst index 4158acfc610c..d21e2cf5a5da 100644 --- a/awscli/examples/ec2/modify-verified-access-endpoint.rst +++ b/awscli/examples/ec2/modify-verified-access-endpoint.rst @@ -4,7 +4,7 @@ The following ``modify-verified-access-endpoint`` example adds the specified des aws ec2 modify-verified-access-endpoint \ --verified-access-endpoint-id vae-066fac616d4d546f2 \ - --description "Testing Verified Access" + --description 'Testing Verified Access' Output:: @@ -35,4 +35,4 @@ Output:: } } -For more information, see `Verified Access endpoints `__ in the *AWS Verified Access User Guide*. +For more information, see `Verified Access endpoints `__ in the *AWS Verified Access User Guide*. diff --git a/awscli/examples/ec2/register-image.rst b/awscli/examples/ec2/register-image.rst index 71e3743e7bfa..5b794d6d7d70 100644 --- a/awscli/examples/ec2/register-image.rst +++ b/awscli/examples/ec2/register-image.rst @@ -1,32 +1,32 @@ -**Example 1: To register an AMI using a manifest file** - -The following ``register-image`` example registers an AMI using the specified manifest file in Amazon S3. :: - - aws ec2 register-image \ - --name my-image \ - --image-location my-s3-bucket/myimage/image.manifest.xml - -Output:: - - { - "ImageId": "ami-1234567890EXAMPLE" - } - -For more information, see `Amazon Machine Images (AMI) `__ in the *Amazon EC2 User Guide*. - -**Example 2: To register an AMI using a snapshot of a root device** - -The following ``register-image`` example registers an AMI using the specified snapshot of an EBS root volume as device ``/dev/xvda``. The block device mapping also includes an empty 100 GiB EBS volume as device ``/dev/xvdf``. :: - - aws ec2 register-image \ - --name my-image \ - --root-device-name /dev/xvda \ - --block-device-mappings DeviceName=/dev/xvda,Ebs={SnapshotId=snap-0db2cf683925d191f} DeviceName=/dev/xvdf,Ebs={VolumeSize=100} - -Output:: - - { - "ImageId": "ami-1a2b3c4d5eEXAMPLE" - } - -For more information, see `Amazon Machine Images (AMI) `__ in the *Amazon EC2 User Guide*. +**Example 1: To register an AMI using a manifest file** + +The following ``register-image`` example registers an AMI using the specified manifest file in Amazon S3. :: + + aws ec2 register-image \ + --name my-image \ + --image-location amzn-s3-demo-bucket/myimage/image.manifest.xml + +Output:: + + { + "ImageId": "ami-1234567890EXAMPLE" + } + +For more information, see `Amazon Machine Images (AMI) `__ in the *Amazon EC2 User Guide*. + +**Example 2: To register an AMI using a snapshot of a root device** + +The following ``register-image`` example registers an AMI using the specified snapshot of an EBS root volume as device ``/dev/xvda``. The block device mapping also includes an empty 100 GiB EBS volume as device ``/dev/xvdf``. :: + + aws ec2 register-image \ + --name my-image \ + --root-device-name /dev/xvda \ + --block-device-mappings DeviceName=/dev/xvda,Ebs={SnapshotId=snap-0db2cf683925d191f} DeviceName=/dev/xvdf,Ebs={VolumeSize=100} + +Output:: + + { + "ImageId": "ami-1a2b3c4d5eEXAMPLE" + } + +For more information, see `Amazon Machine Images (AMI) `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/register-instance-event-notification-attributes.rst b/awscli/examples/ec2/register-instance-event-notification-attributes.rst index b47c7aaf4316..db45a4dfacc1 100644 --- a/awscli/examples/ec2/register-instance-event-notification-attributes.rst +++ b/awscli/examples/ec2/register-instance-event-notification-attributes.rst @@ -14,7 +14,7 @@ Output:: } } -For more information, see `Scheduled events for your instances `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. +For more information, see `Scheduled events for your instances `__ in the *Amazon EC2 User Guide*. **Example 2: To include specific tags in event notifications** @@ -35,4 +35,4 @@ Output:: } } -For more information, see `Scheduled events for your instances `__ in the *Amazon Elastic Compute Cloud User Guide for Linux Instances*. \ No newline at end of file +For more information, see `Scheduled events for your instances `__ in the *Amazon EC2 User Guide*. diff --git a/awscli/examples/ec2/register-transit-gateway-multicast-group-members.rst b/awscli/examples/ec2/register-transit-gateway-multicast-group-members.rst index 46ddf85f5cf6..bbb74add71e2 100755 --- a/awscli/examples/ec2/register-transit-gateway-multicast-group-members.rst +++ b/awscli/examples/ec2/register-transit-gateway-multicast-group-members.rst @@ -19,4 +19,4 @@ Output:: } } -For more information, see `Managing multicast domains `__ in the *Transit Gateways User Guide*. \ No newline at end of file +For more information, see `Multicast domains `__ in the *Transit Gateways User Guide*. diff --git a/awscli/examples/ec2/register-transit-gateway-multicast-group-sources.rst b/awscli/examples/ec2/register-transit-gateway-multicast-group-sources.rst index c8b67bfe69ff..545087ca7928 100644 --- a/awscli/examples/ec2/register-transit-gateway-multicast-group-sources.rst +++ b/awscli/examples/ec2/register-transit-gateway-multicast-group-sources.rst @@ -19,4 +19,4 @@ Output:: } } -For more information, see `Managing multicast domains `__ in the *Transit Gateways Guide*. \ No newline at end of file +For more information, see `Multicast domains `__ in the *Transit Gateways Guide*. diff --git a/awscli/examples/ec2/release-ipam-pool-allocation.rst b/awscli/examples/ec2/release-ipam-pool-allocation.rst new file mode 100644 index 000000000000..fec1e3424ae6 --- /dev/null +++ b/awscli/examples/ec2/release-ipam-pool-allocation.rst @@ -0,0 +1,27 @@ +**To release an IPAM pool allocation** + +In this example, you're an IPAM delegated admin who tried to delete an IPAM pool but received an error that you cannot delete the pool while the pool has allocations. You are using this command to release a pool allocation. + +Note the following: + +* You can only use this command for custom allocations. To remove an allocation for a resource without deleting the resource, set its monitored state to false using `modify-ipam-resource-cidr `__. +* To complete this request, you'll need the IPAM pool ID, which you can get with `describe-ipam-pools `__. You'll also need the allocation ID, which you can get with `get-ipam-pool-allocations `__. +* If you do not want to remove allocations one by one, you can use the ``--cascade option`` when you delete an IPAM pool to automatically release any allocations in the pool before deleting it. +* There are a number of prerequisites before running this command. For more information, see `Release an allocation `__ in the *Amazon VPC IPAM User Guide*. +* The ``--region`` in which you run this command must be the locale of the IPAM pool where the allocation is. + +The following ``release-ipam-pool-allocation`` example releases an IPAM pool allocation. :: + + aws ec2 release-ipam-pool-allocation \ + --ipam-pool-id ipam-pool-07bdd12d7c94e4693 \ + --cidr 10.0.0.0/23 \ + --ipam-pool-allocation-id ipam-pool-alloc-0e66a1f730da54791b99465b79e7d1e89 \ + --region us-west-1 + +Output:: + + { + "Success": true + } + +Once you release an allocation, you may want to run `delete-ipam-pool `__. \ No newline at end of file diff --git a/awscli/examples/ec2/restore-image-from-recycle-bin.rst b/awscli/examples/ec2/restore-image-from-recycle-bin.rst index f3bc9224486d..97f5b47b7315 100644 --- a/awscli/examples/ec2/restore-image-from-recycle-bin.rst +++ b/awscli/examples/ec2/restore-image-from-recycle-bin.rst @@ -11,4 +11,4 @@ Output:: "Return": true } -For more information, see `Recover AMIs from the Recycle Bin `__ in the *Amazon Elastic Compute Cloud User Guide*. \ No newline at end of file +For more information, see `Recover deleted AMIs from the Recycle Bin `__ in the *Amazon EBS User Guide*. diff --git a/awscli/examples/ec2/restore-snapshot-from-recycle-bin.rst b/awscli/examples/ec2/restore-snapshot-from-recycle-bin.rst index 901823578b61..89970d86c142 100644 --- a/awscli/examples/ec2/restore-snapshot-from-recycle-bin.rst +++ b/awscli/examples/ec2/restore-snapshot-from-recycle-bin.rst @@ -7,4 +7,4 @@ The following ``restore-snapshot-from-recycle-bin`` example restores a snapshot This command produces no output. -For more information about Recycle Bin for Amazon EBS, see `Recover snapshots from the Recycle Bin `__ in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information about Recycle Bin, see `Recover deleted snapshots from the Recycle Bin `__ in the *Amazon EBS User Guide*. diff --git a/awscli/examples/ec2/restore-snapshot-tier.rst b/awscli/examples/ec2/restore-snapshot-tier.rst index e62a70a856c9..f0c6cd206e69 100644 --- a/awscli/examples/ec2/restore-snapshot-tier.rst +++ b/awscli/examples/ec2/restore-snapshot-tier.rst @@ -13,7 +13,7 @@ Output:: "IsPermanentRestore": true } -For more information about snapshot archiving, see `Archive Amazon EBS snapshots ` in the *Amazon EC2 User Guide*. +For more information about snapshot archiving, see `Archive Amazon EBS snapshots `__ in the *Amazon EBS User Guide*. **Example 2: To temporarily restore an archived snapshot** @@ -31,7 +31,7 @@ Output:: "IsPermanentRestore": false } -For more information about snapshot archiving, see `Archive Amazon EBS snapshots ` in the *Amazon EC2 User Guide*. +For more information about snapshot archiving, see `Archive Amazon EBS snapshots `__ in the *Amazon EBS User Guide*. **Example 3: To modify the restore period** @@ -49,7 +49,7 @@ Output:: "IsPermanentRestore": false } -For more information about snapshot archiving, see `Archive Amazon EBS snapshots ` in the *Amazon EC2 User Guide*. +For more information about snapshot archiving, see `Archive Amazon EBS snapshots `__ in the *Amazon EBS User Guide*. **Example 4: To modify the restore type** @@ -66,4 +66,4 @@ Output:: "IsPermanentRestore": true } -For more information about snapshot archiving, see `Archive Amazon EBS snapshots ` in the *Amazon EC2 User Guide*. \ No newline at end of file +For more information about snapshot archiving, see `Archive Amazon EBS snapshots `__ in the *Amazon EBS User Guide*. diff --git a/awscli/examples/ec2/search-transit-gateway-multicast-groups.rst b/awscli/examples/ec2/search-transit-gateway-multicast-groups.rst index 0f801b40a60c..09adac09a4a3 100755 --- a/awscli/examples/ec2/search-transit-gateway-multicast-groups.rst +++ b/awscli/examples/ec2/search-transit-gateway-multicast-groups.rst @@ -23,4 +23,4 @@ Output:: ] } -For more information, see `Managing multicast groups `__ in the *Transit Gateways Guide*. \ No newline at end of file +For more information, see `Multicast on transit gateways `__ in the *Transit Gateways Guide*. diff --git a/awscli/examples/ec2/start-network-insights-access-scope-analysis.rst b/awscli/examples/ec2/start-network-insights-access-scope-analysis.rst index 90bddfc0b94a..4903f56b8bea 100644 --- a/awscli/examples/ec2/start-network-insights-access-scope-analysis.rst +++ b/awscli/examples/ec2/start-network-insights-access-scope-analysis.rst @@ -1,21 +1,21 @@ -**To start a Network Insights access scope analysis** - -The following ``start-network-insights-access-scope-analysis`` example starts the scope analysis in your AWS account. :: - - aws ec2 start-network-insights-access-scope-analysis \ - --region us-east-1 \ - --network-insights-access-scope-id nis-123456789111 - -Output:: - - { - "NetworkInsightsAccessScopeAnalysis": { - "NetworkInsightsAccessScopeAnalysisId": "nisa-123456789222", - "NetworkInsightsAccessScopeAnalysisArn": "arn:aws:ec2:us-east-1:123456789012:network-insights-access-scope-analysis/nisa-123456789222", - "NetworkInsightsAccessScopeId": "nis-123456789111", - "Status": "running", - "StartDate": "2022-01-26T00:47:06.814000+00:00" - } - } - -For more information, see `Getting started with Network Access Analyzer using the AWS CLI `__ in the *Network Access Analyzer Guide*. \ No newline at end of file +**To start a Network Insights access scope analysis** + +The following ``start-network-insights-access-scope-analysis`` example starts the scope analysis in your AWS account. :: + + aws ec2 start-network-insights-access-scope-analysis \ + --region us-east-1 \ + --network-insights-access-scope-id nis-123456789111 + +Output:: + + { + "NetworkInsightsAccessScopeAnalysis": { + "NetworkInsightsAccessScopeAnalysisId": "nisa-123456789222", + "NetworkInsightsAccessScopeAnalysisArn": "arn:aws:ec2:us-east-1:123456789012:network-insights-access-scope-analysis/nisa-123456789222", + "NetworkInsightsAccessScopeId": "nis-123456789111", + "Status": "running", + "StartDate": "2022-01-26T00:47:06.814000+00:00" + } + } + +For more information, see `Getting started with Network Access Analyzer using the AWS CLI `__ in the *Network Access Analyzer Guide*. diff --git a/awscli/examples/ec2/unlock-snapshot.rst b/awscli/examples/ec2/unlock-snapshot.rst new file mode 100644 index 000000000000..ee83c65fcc9e --- /dev/null +++ b/awscli/examples/ec2/unlock-snapshot.rst @@ -0,0 +1,14 @@ +**To unlock a snapshot** + +The following ``unlock-snapshot`` example unlocks the specified snapshot. :: + + aws ec2 unlock-snapshot \ + --snapshot-id snap-0b5e733b4a8df6e0d + +Output:: + + { + "SnapshotId": "snap-0b5e733b4a8df6e0d" + } + +For more information, see `Snapshot lock `__ in the *Amazon EBS User Guide*. diff --git a/awscli/examples/ec2/wait/snapshot-imported.rst b/awscli/examples/ec2/wait/snapshot-imported.rst new file mode 100644 index 000000000000..50f9abc99c7a --- /dev/null +++ b/awscli/examples/ec2/wait/snapshot-imported.rst @@ -0,0 +1,10 @@ +**To wait until a snapshot import task is completed** + +The following ``wait snapshot-imported`` example pauses and resumes only after the specified snapshot import task is completed. :: + + aws ec2 wait snapshot-imported \ + --import-task-ids import-snap-1234567890abcdef0 + +This command produces no output. + +For more information, see `Snapshot import `__ in the *VM Import/Export User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/wait/store-image-task-complete.rst b/awscli/examples/ec2/wait/store-image-task-complete.rst new file mode 100644 index 000000000000..ff04f361973a --- /dev/null +++ b/awscli/examples/ec2/wait/store-image-task-complete.rst @@ -0,0 +1,10 @@ +**To wait until a store image task is completed** + +The following ``wait store-image-task-complete`` example pauses and resumes after the store image task for the specified image is completed. :: + + aws ec2 wait store-image-task-complete \ + --image-ids ami-1234567890abcdef0 + +This command produces no output. + +For more information, see `Store and restore an AMI `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/ec2/wait/vpn-connection-deleted.rst b/awscli/examples/ec2/wait/vpn-connection-deleted.rst index 419871af04a5..f2e2e9a07ea7 100644 --- a/awscli/examples/ec2/wait/vpn-connection-deleted.rst +++ b/awscli/examples/ec2/wait/vpn-connection-deleted.rst @@ -1,6 +1,6 @@ **To wait until a VPN connection is deleted** -The following ``waitt vpn-connection-deleted`` example command pauses and continues when it can confirm that the specified VPN connection is deleted. It produces no output. :: +The following ``wait vpn-connection-deleted`` example command pauses and continues when it can confirm that the specified VPN connection is deleted. It produces no output. :: aws ec2 wait vpn-connection-deleted \ --vpn-connection-ids vpn-1234567890abcdef0 diff --git a/awscli/examples/ecr-public/batch-delete-image.rst b/awscli/examples/ecr-public/batch-delete-image.rst new file mode 100644 index 000000000000..3f053e245783 --- /dev/null +++ b/awscli/examples/ecr-public/batch-delete-image.rst @@ -0,0 +1,92 @@ +**Example 1: To delete an image by using image digest ids, the image and all of its tags are deleted within a repository in a public registry** + +The following ``batch-delete-image`` example deletes an image by specifying the image digest.:: + + aws ecr-public batch-delete-image \ + --repository-name project-a/nginx-web-app \ + --image-ids imageDigest=sha256:b1f9deb5fe3711a3278379ebbcaefbc5d70a2263135db86bd27a0dae150546c2 + +Output:: + + { + "imageIds": [ + { + "imageDigest": "sha256:b1f9deb5fe3711a3278379ebbcaefbc5d70a2263135db86bd27a0dae150546c2", + "imageTag": "latest" + } + ], + "failures": [] + } + +For more information, see `Deleting an image in a public repository `__ in the *Amazon ECR Public User Guide*. + +**Example 2: To delete any image by specifying the tag associated with the image you want to delete from the repository.** + +The following ``batch-delete-image`` example deletes an image by specifying the tag associated with the image repository named ``project-a/nginx-web-app`` in a public registry. If you have only one tag and execute this command, it will remove the image. Otherwise, if you have multiple tags for the same image, specify one, and only the tag is removed from repository and not the image. :: + + aws ecr-public batch-delete-image \ + --repository-name project-a/nginx-web-app \ + --image-ids imageTag=_temp + +Output:: + + { + "imageIds": [ + { + "imageDigest": "sha256:f7a86a0760e2f8d7eff07e515fc87bf4bac45c35376c06f9a280f15ecad6d7e0", + "imageTag": "_temp" + } + ], + "failures": [] + } + +For more information, see `Deleting an image in a public repository `__ in the *Amazon ECR Public User Guide*. + +**Example 3: To delete multiple images, you can specify multiple image tags or image digests in the request for a repository in a public registry.** + +The following ``batch-delete-image`` example delete multiple images from a repository named `project-a/nginx-web-app` by specifying multiple image tags or image digests in the request. :: + + aws ecr-public batch-delete-image \ + --repository-name project-a/nginx-web-app \ + --image-ids imageTag=temp2.0 imageDigest=sha256:47ba980bc055353d9c0af89b1894f68faa43ca93856917b8406316be86f01278 + +Output:: + + { + "imageIds": [ + { + "imageDigest": "sha256:47ba980bc055353d9c0af89b1894f68faa43ca93856917b8406316be86f01278" + }, + { + "imageDigest": "sha256:f7a86a0760e2f8d7eff07e515fc87bf4bac45c35376c06f9a280f15ecad6d7e0", + "imageTag": "temp2.0" + } + ], + "failures": [] + } + +For more information, see `Deleting an image in a public repository `__ in the *Amazon ECR Public User Guide*. + +**Example 4: To delete an image in cross AWS Account using registry-id and imagedigest ids, the image and all of its tags are deleted within a repository in a public registry** + +The following ``batch-delete-image`` example deletes an image by specifying the image digest in the cross AWS Account.:: + + aws ecr-public batch-delete-image \ + --registry-id 123456789098 \ + --repository-name project-a/nginx-web-app \ + --image-ids imageDigest=sha256:b1f9deb5fe3711a3278379ebbcaefbc5d70a2263135db86bd27a0dae150546c2 \ + --region us-east-1 + +Output:: + + { + "imageIds": [ + { + "imageDigest": "sha256:b1f9deb5fe3711a3278379ebbcaefbc5d70a2263135db86bd27a0dae150546c2", + "imageTag": "temp2.0" + } + ], + "failures": [] + } + +For more information, see `Deleting an image in a public repository `__ in the *Amazon ECR Public User Guide*. diff --git a/awscli/examples/ecr-public/create-repository.rst b/awscli/examples/ecr-public/create-repository.rst new file mode 100644 index 000000000000..9637a552bcd1 --- /dev/null +++ b/awscli/examples/ecr-public/create-repository.rst @@ -0,0 +1,123 @@ +**Example 1: To create a repository in a public registry** + +The following ``create-repository`` example creates a repository named `project-a/nginx-web-app` in a public registry. :: + + aws ecr-public create-repository \ + --repository-name project-a/nginx-web-app + +Output:: + + { + "repository": { + "repositoryArn": "arn:aws:ecr-public::123456789012:repository/project-a/nginx-web-app", + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "repositoryUri": "public.ecr.aws/public-registry-custom-alias/project-a/nginx-web-app", + "createdAt": "2024-07-01T21:08:55.131000+00:00" + }, + "catalogData": {} + } + +For more information, see `Creating a public repository `__ in the *Amazon ECR Public User Guide*. + +**Example 2: To create a repository in a public registry with short description of the contents of the repository, system and operating architecture that the images in the repository are compatible with** + +The following ``create-repository`` example creates a repository named `project-a/nginx-web-app` in a public registry with short description of the contents of the repository, system and operating architecture that the images in the repository are compatible with. :: + + aws ecr-public create-repository \ + --repository-name project-a/nginx-web-app \ + --catalog-data 'description=My project-a ECR Public Repository,architectures=ARM,ARM 64,x86,x86-64,operatingSystems=Linux' + + +Output:: + + { + "repository": { + "repositoryArn": "arn:aws:ecr-public::123456789012:repository/project-a/nginx-web-app", + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "repositoryUri": "public.ecr.aws/public-registry-custom-alias/project-a/nginx-web-app", + "createdAt": "2024-07-01T21:23:20.455000+00:00" + }, + "catalogData": { + "description": "My project-a ECR Public Repository", + "architectures": [ + "ARM", + "ARM 64", + "x86", + "x86-64" + ], + "operatingSystems": [ + "Linux" + ] + } + } + +For more information, see `Creating a public repository `__ in the *Amazon ECR Public User Guide*. + +**Example 3: To create a repository in a public registry, along with logoImageBlob, aboutText, usageText and tags information** + +The following ``create-repository`` example creates a repository named `project-a/nginx-web-app` in a public registry, along with logoImageBlob, aboutText, usageText and tags information. :: + + aws ecr-public create-repository \ + --cli-input-json file://myfile.json + +Contents of ``myfile.json``:: + + { + "repositoryName": "project-a/nginx-web-app", + "catalogData": { + "description": "My project-a ECR Public Repository", + "architectures": [ + "ARM", + "ARM 64", + "x86", + "x86-64" + ], + "operatingSystems": [ + "Linux" + ], + "logoImageBlob": "iVBORw0KGgoA<>ErkJggg==", + "aboutText": "## Quick reference\n\nMaintained by: [the Amazon Linux Team](https://github.com/aws/amazon-linux-docker-images)\n\nWhere to get help: [the Docker Community Forums](https://forums.docker.com/), [the Docker Community Slack](https://dockr.ly/slack), or [Stack Overflow](https://stackoverflow.com/search?tab=newest&q=docker)\n\n## Supported tags and respective `dockerfile` links\n\n* [`2.0.20200722.0`, `2`, `latest`](https://github.com/amazonlinux/container-images/blob/03d54f8c4d522bf712cffd6c8f9aafba0a875e78/Dockerfile)\n* [`2.0.20200722.0-with-sources`, `2-with-sources`, `with-sources`](https://github.com/amazonlinux/container-images/blob/1e7349845e029a2e6afe6dc473ef17d052e3546f/Dockerfile)\n* [`2018.03.0.20200602.1`, `2018.03`, `1`](https://github.com/amazonlinux/container-images/blob/f10932e08c75457eeb372bf1cc47ea2a4b8e98c8/Dockerfile)\n* [`2018.03.0.20200602.1-with-sources`, `2018.03-with-sources`, `1-with-sources`](https://github.com/amazonlinux/container-images/blob/8c9ee491689d901aa72719be0ec12087a5fa8faf/Dockerfile)\n\n## What is Amazon Linux?\n\nAmazon Linux is provided by Amazon Web Services (AWS). It is designed to provide a stable, secure, and high-performance execution environment for applications running on Amazon EC2. The full distribution includes packages that enable easy integration with AWS, including launch configuration tools and many popular AWS libraries and tools. AWS provides ongoing security and maintenance updates to all instances running Amazon Linux.\n\nThe Amazon Linux container image contains a minimal set of packages. To install additional packages, [use `yum`](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/managing-software.html).\n\nAWS provides two versions of Amazon Linux: [Amazon Linux 2](https://aws.amazon.com/amazon-linux-2/) and [Amazon Linux AMI](https://aws.amazon.com/amazon-linux-ami/).\n\nFor information on security updates for Amazon Linux, please refer to [Amazon Linux 2 Security Advisories](https://alas.aws.amazon.com/alas2.html) and [Amazon Linux AMI Security Advisories](https://alas.aws.amazon.com/). Note that Docker Hub's vulnerability scanning for Amazon Linux is currently based on RPM versions, which does not reflect the state of backported patches for vulnerabilities.\n\n## Where can I run Amazon Linux container images?\n\nYou can run Amazon Linux container images in any Docker based environment. Examples include, your laptop, in Amazon EC2 instances, and Amazon ECS clusters.\n\n## License\n\nAmazon Linux is available under the [GNU General Public License, version 2.0](https://github.com/aws/amazon-linux-docker-images/blob/master/LICENSE). Individual software packages are available under their own licenses; run `rpm -qi [package name]` or check `/usr/share/doc/[package name]-*` and `/usr/share/licenses/[package name]-*` for details.\n\nAs with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).\n\nSome additional license information which was able to be auto-detected might be found in [the `repo-info` repository's `amazonlinux/` directory](https://github.com/docker-library/repo-info/tree/master/repos/amazonlinux).\n\n## Security\n\nFor information on security updates for Amazon Linux, please refer to [Amazon Linux 2 Security Advisories](https://alas.aws.amazon.com/alas2.html) and [Amazon Linux AMI Security Advisories](https://alas.aws.amazon.com/). Note that Docker Hub's vulnerability scanning for Amazon Linux is currently based on RPM versions, which does not reflect the state of backported patches for vulnerabilities.", + "usageText": "## Supported architectures\n\namd64, arm64v8\n\n## Where can I run Amazon Linux container images?\n\nYou can run Amazon Linux container images in any Docker based environment. Examples include, your laptop, in Amazon EC2 instances, and ECS clusters.\n\n## How do I install a software package from Extras repository in Amazon Linux 2?\n\nAvailable packages can be listed with the `amazon-linux-extras` command. Packages can be installed with the `amazon-linux-extras install ` command. Example: `amazon-linux-extras install rust1`\n\n## Will updates be available for Amazon Linux containers?\n\nSimilar to the Amazon Linux images for Amazon EC2 and on-premises use, Amazon Linux container images will get ongoing updates from Amazon in the form of security updates, bug fix updates, and other enhancements. Security bulletins for Amazon Linux are available at https://alas.aws.amazon.com/\n\n## Will AWS Support the current version of Amazon Linux going forward?\n\nYes; in order to avoid any disruption to your existing applications and to facilitate migration to Amazon Linux 2, AWS will provide regular security updates for Amazon Linux 2018.03 AMI and container image for 2 years after the final LTS build is announced. You can also use all your existing support channels such as AWS Support and Amazon Linux Discussion Forum to continue to submit support requests." + }, + "tags": [ + { + "Key": "Name", + "Value": "project-a/nginx-web-app" + }, + { + "Key": "Environment", + "Value": "Prod" + } + ] + } + +Output:: + + { + "repository": { + "repositoryArn": "arn:aws:ecr-public::123456789012:repository/project-a/nginx-web-app", + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "repositoryUri": "public.ecr.aws/public-registry-custom-alias/project-a/nginx-web-app", + "createdAt": "2024-07-01T21:53:05.749000+00:00" + }, + "catalogData": { + "description": "My project-a ECR Public Repository", + "architectures": [ + "ARM", + "ARM 64", + "x86", + "x86-64" + ], + "operatingSystems": [ + "Linux" + ], + "logoUrl": "https://d3g9o9u8re44ak.cloudfront.net/logo/23861450-4b9b-403c-9a4c-7aa0ef140bb8/2f9bf5a7-a32f-45b4-b5cd-c5770a35e6d7.png", + "aboutText": "## Quick reference\n\nMaintained by: [the Amazon Linux Team](https://github.com/aws/amazon-linux-docker-images)\n\nWhere to get help: [the Docker Community Forums](https://forums.docker.com/), [the Docker Community Slack](https://dockr.ly/slack), or [Stack Overflow](https://stackoverflow.com/search?tab=newest&q=docker)\n\n## Supported tags and respective `dockerfile` links\n\n* [`2.0.20200722.0`, `2`, `latest`](https://github.com/amazonlinux/container-images/blob/03d54f8c4d522bf712cffd6c8f9aafba0a875e78/Dockerfile)\n* [`2.0.20200722.0-with-sources`, `2-with-sources`, `with-sources`](https://github.com/amazonlinux/container-images/blob/1e7349845e029a2e6afe6dc473ef17d052e3546f/Dockerfile)\n* [`2018.03.0.20200602.1`, `2018.03`, `1`](https://github.com/amazonlinux/container-images/blob/f10932e08c75457eeb372bf1cc47ea2a4b8e98c8/Dockerfile)\n* [`2018.03.0.20200602.1-with-sources`, `2018.03-with-sources`, `1-with-sources`](https://github.com/amazonlinux/container-images/blob/8c9ee491689d901aa72719be0ec12087a5fa8faf/Dockerfile)\n\n## What is Amazon Linux?\n\nAmazon Linux is provided by Amazon Web Services (AWS). It is designed to provide a stable, secure, and high-performance execution environment for applications running on Amazon EC2. The full distribution includes packages that enable easy integration with AWS, including launch configuration tools and many popular AWS libraries and tools. AWS provides ongoing security and maintenance updates to all instances running Amazon Linux.\n\nThe Amazon Linux container image contains a minimal set of packages. To install additional packages, [use `yum`](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/managing-software.html).\n\nAWS provides two versions of Amazon Linux: [Amazon Linux 2](https://aws.amazon.com/amazon-linux-2/) and [Amazon Linux AMI](https://aws.amazon.com/amazon-linux-ami/).\n\nFor information on security updates for Amazon Linux, please refer to [Amazon Linux 2 Security Advisories](https://alas.aws.amazon.com/alas2.html) and [Amazon Linux AMI Security Advisories](https://alas.aws.amazon.com/). Note that Docker Hub's vulnerability scanning for Amazon Linux is currently based on RPM versions, which does not reflect the state of backported patches for vulnerabilities.\n\n## Where can I run Amazon Linux container images?\n\nYou can run Amazon Linux container images in any Docker based environment. Examples include, your laptop, in Amazon EC2 instances, and Amazon ECS clusters.\n\n## License\n\nAmazon Linux is available under the [GNU General Public License, version 2.0](https://github.com/aws/amazon-linux-docker-images/blob/master/LICENSE). Individual software packages are available under their own licenses; run `rpm -qi [package name]` or check `/usr/share/doc/[package name]-*` and `/usr/share/licenses/[package name]-*` for details.\n\nAs with all Docker images, these likely also contain other software which may be under other licenses (such as Bash, etc from the base distribution, along with any direct or indirect dependencies of the primary software being contained).\n\nSome additional license information which was able to be auto-detected might be found in [the `repo-info` repository's `amazonlinux/` directory](https://github.com/docker-library/repo-info/tree/master/repos/amazonlinux).\n\n## Security\n\nFor information on security updates for Amazon Linux, please refer to [Amazon Linux 2 Security Advisories](https://alas.aws.amazon.com/alas2.html) and [Amazon Linux AMI Security Advisories](https://alas.aws.amazon.com/). Note that Docker Hub's vulnerability scanning for Amazon Linux is currently based on RPM versions, which does not reflect the state of backported patches for vulnerabilities.", + "usageText": "## Supported architectures\n\namd64, arm64v8\n\n## Where can I run Amazon Linux container images?\n\nYou can run Amazon Linux container images in any Docker based environment. Examples include, your laptop, in Amazon EC2 instances, and ECS clusters.\n\n## How do I install a software package from Extras repository in Amazon Linux 2?\n\nAvailable packages can be listed with the `amazon-linux-extras` command. Packages can be installed with the `amazon-linux-extras install ` command. Example: `amazon-linux-extras install rust1`\n\n## Will updates be available for Amazon Linux containers?\n\nSimilar to the Amazon Linux images for Amazon EC2 and on-premises use, Amazon Linux container images will get ongoing updates from Amazon in the form of security updates, bug fix updates, and other enhancements. Security bulletins for Amazon Linux are available at https://alas.aws.amazon.com/\n\n## Will AWS Support the current version of Amazon Linux going forward?\n\nYes; in order to avoid any disruption to your existing applications and to facilitate migration to Amazon Linux 2, AWS will provide regular security updates for Amazon Linux 2018.03 AMI and container image for 2 years after the final LTS build is announced. You can also use all your existing support channels such as AWS Support and Amazon Linux Discussion Forum to continue to submit support requests." + } + } + +For more information, see `Creating a public repository `__ in the *Amazon ECR Public User Guide* and `Repository catalog data `__ in the *Amazon ECR Public User Guide*. diff --git a/awscli/examples/ecr-public/delete-repository-policy.rst b/awscli/examples/ecr-public/delete-repository-policy.rst new file mode 100644 index 000000000000..724d71dd587c --- /dev/null +++ b/awscli/examples/ecr-public/delete-repository-policy.rst @@ -0,0 +1,17 @@ +**To delete a repository policy in a public registry** + +The following ``delete-repository-policy`` example delete repository policy for the ECR Public repository in your AWS account. :: + + aws ecr-public delete-repository-policy \ + --repository-name project-a/nginx-web-app \ + --region us-east-1 + +Output:: + + { + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "policyText": "{\n \"Version\" : \"2008-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"AllowPush\",\n \"Effect\" : \"Allow\",\n \"Principal\" : {\n \"AWS\" : [ \"arn:aws:iam:"123456789012":user/eksuser1\", \"arn:aws:iam:"123456789012":user/admin\" ]\n },\n \"Action\" : [ \"ecr-public:BatchCheckLayerAvailability\", \"ecr-public:PutImage\", \"ecr-public:InitiateLayerUpload\", \"ecr-public:UploadLayerPart\", \"ecr-public:CompleteLayerUpload\" ]\n } ]\n}" + } + +For more information, see `Deleting a public repository policy statement `__ in the *Amazon ECR Public User Guide*. diff --git a/awscli/examples/ecr-public/delete-repository.rst b/awscli/examples/ecr-public/delete-repository.rst new file mode 100644 index 000000000000..cf8308e6a013 --- /dev/null +++ b/awscli/examples/ecr-public/delete-repository.rst @@ -0,0 +1,20 @@ +**To delete a repository in a public registry** + +The following ``delete-repository`` example deletes a repository named ``project-a/nginx-web-app`` from your public registry. :: + + aws ecr-public delete-repository \ + --repository-name project-a/nginx-web-app + +Output:: + + { + "repository": { + "repositoryArn": "arn:aws:ecr-public::123456789012:repository/project-a/nginx-web-app", + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "repositoryUri": "public.ecr.aws/public-registry-custom-alias/project-a/nginx-web-app", + "createdAt": "2024-07-01T22:14:50.103000+00:00" + } + } + +For more information, see `Deleting a public repository `__ in the *Amazon ECR Public*. diff --git a/awscli/examples/ecr-public/describe-image-tags.rst b/awscli/examples/ecr-public/describe-image-tags.rst new file mode 100644 index 000000000000..7dd562e2df61 --- /dev/null +++ b/awscli/examples/ecr-public/describe-image-tags.rst @@ -0,0 +1,25 @@ +**Example 1: To describe image tag details in public repository** + +The following ``describe-image-tags`` example describe imagetags in the ``project-a/nginx-web-app`` sample repository. :: + + aws ecr-public describe-image-tags \ + --repository-name project-a/nginx-web-app \ + --region us-east-1 + +Output:: + + { + "imageTagDetails": [ + { + "imageTag": "latest", + "createdAt": "2024-07-10T22:29:00-05:00", + "imageDetail": { + "imageDigest": "sha256:b1f9deb5fe3711a3278379ebbcaefbc5d70a2263135db86bd27a0dae150546c2", + "imageSizeInBytes": 121956548, + "imagePushedAt": "2024-07-10T22:29:00-05:00", + "imageManifestMediaType": "application/vnd.docker.distribution.manifest.v2+json", + "artifactMediaType": "application/vnd.docker.container.image.v1+json" + } + } + ] + } diff --git a/awscli/examples/ecr-public/describe-images.rst b/awscli/examples/ecr-public/describe-images.rst new file mode 100644 index 000000000000..a89779ede061 --- /dev/null +++ b/awscli/examples/ecr-public/describe-images.rst @@ -0,0 +1,82 @@ +**Example 1: To describe images in a public registry repository** + +The following ``describe-images`` example describes imagesDetails in a repository named ``project-a/nginx-web-app`` in a public registry. :: + + aws ecr-public describe-images \ + --repository-name project-a/nginx-web-app \ + --region us-east-1 + +Output:: + + { + "imageDetails": [ + { + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "imageDigest": "sha256:0d8c93e72e82fa070d49565c00af32abbe8ddfd7f75e39f4306771ae0628c7e8", + "imageTags": [ + "temp1.0" + ], + "imageSizeInBytes": 123184716, + "imagePushedAt": "2024-07-23T11:32:49-05:00", + "imageManifestMediaType": "application/vnd.docker.distribution.manifest.v2+json", + "artifactMediaType": "application/vnd.docker.container.image.v1+json" + }, + { + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "imageDigest": "sha256:b1f9deb5fe3711a3278379ebbcaefbc5d70a2263135db86bd27a0dae150546c2", + "imageTags": [ + "temp2.0" + ], + "imageSizeInBytes": 121956548, + "imagePushedAt": "2024-07-23T11:39:38-05:00", + "imageManifestMediaType": "application/vnd.docker.distribution.manifest.v2+json", + "artifactMediaType": "application/vnd.docker.container.image.v1+json" + }, + { + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "imageDigest": "sha256:f7a86a0760e2f8d7eff07e515fc87bf4bac45c35376c06f9a280f15ecad6d7e0", + "imageTags": [ + "temp3.0", + "latest" + ], + "imageSizeInBytes": 232108879, + "imagePushedAt": "2024-07-22T00:54:34-05:00", + "imageManifestMediaType": "application/vnd.docker.distribution.manifest.v2+json", + "artifactMediaType": "application/vnd.docker.container.image.v1+json" + } + ] + } + +For more information, see `Describe an image in a public repository `__ in the *Amazon ECR Public*. + +**Example 2: To describe images from the repository by sort imageTags & imagePushedAt** + +The following ``describe-images`` example describe images within repository named `project-a/nginx-web-app` in a public registry. :: + + aws ecr-public describe-images \ + --repository-name project-a/nginx-web-app \ + --query 'sort_by(imageDetails,& imagePushedAt)[*].imageTags[*]' \ + --output text + +Output:: + + temp3.0 latest + temp1.0 + temp2.0 + +**Example 3: To describe images from the repository to generate the last 2 image tags pushed in the repository** + +The following ``describe-images`` example gets imagetags details from the repository named ``project-a/nginx-web-app`` in a public registry and queries the result to display only the first two records. :: + + aws ecr-public describe-images \ + --repository-name project-a/nginx-web-app \ + --query 'sort_by(imageDetails,& imagePushedAt)[*].imageTags[*] | [0:2]' \ + --output text + +Output:: + + temp3.0 latest + temp1.0 diff --git a/awscli/examples/ecr-public/describe-registries.rst b/awscli/examples/ecr-public/describe-registries.rst new file mode 100644 index 000000000000..8c563bf33cc1 --- /dev/null +++ b/awscli/examples/ecr-public/describe-registries.rst @@ -0,0 +1,26 @@ +**To describe all registries in a public registry** + +The following ``describe-registries`` example describes all registries in your account. :: + + aws ecr-public describe-registries + +Output:: + + { + "registries": [ + { + "registryId": "123456789012", + "registryArn": "arn:aws:ecr-public::123456789012:registry/123456789012", + "registryUri": "public.ecr.aws/publicregistrycustomalias", + "verified": false, + "aliases": [ + { + "name": "publicregistrycustomalias", + "status": "ACTIVE", + "primaryRegistryAlias": true, + "defaultRegistryAlias": true + } + ] + } + ] + } \ No newline at end of file diff --git a/awscli/examples/ecr-public/describe-repository.rst b/awscli/examples/ecr-public/describe-repository.rst new file mode 100644 index 000000000000..79761e292e05 --- /dev/null +++ b/awscli/examples/ecr-public/describe-repository.rst @@ -0,0 +1,43 @@ +**Example 1: To describe a repository in a public registry** + +The following ``describe-repositories`` example describes a repository named ``project-a/nginx-web-app`` in a public registry. :: + + aws ecr-public describe-repositories \ + --repository-name project-a/nginx-web-app + +Output:: + + { + "repositories": [ + { + "repositoryArn": "arn:aws:ecr-public::123456789012:repository/project-a/nginx-web-app", + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "repositoryUri": "public.ecr.aws/public-registry-custom-alias/project-a/nginx-web-app", + "createdAt": "2024-07-07T00:07:56.526000-05:00" + } + ] + } + +**Example 2: To describe all repositories in a public registry in a table** + +The following ``describe-repositories`` example describes all repositories in a public registry and then outputs the repository names into a table format. :: + + aws ecr-public describe-repositories \ + --region us-east-1 \ + --output table \ + --query "repositories[*].repositoryName" + +Output:: + + ----------------------------- + | DescribeRepositories | + +---------------------------+ + | project-a/nginx-web-app | + | nginx | + | myfirstrepo1 | + | helm-test-chart | + | test-ecr-public | + | nginx-web-app | + | sample-repo | + +---------------------------+ \ No newline at end of file diff --git a/awscli/examples/ecr-public/get-authorization-token.rst b/awscli/examples/ecr-public/get-authorization-token.rst new file mode 100644 index 000000000000..52c5fad05805 --- /dev/null +++ b/awscli/examples/ecr-public/get-authorization-token.rst @@ -0,0 +1,32 @@ +**Example 1: To retrieve an authorization token for any Amazon ECR public registry that the IAM principal has access** + +The following ``get-authorization-token`` example gets an authorization token with the AWS CLI and sets it to an environment variable. :: + + aws ecr-public get-authorization-token \ + --region us-east-1 + +Output:: + + { + "authorizationData": { + "authorizationToken": "QVdTOmV5SndZWGxzYjJKJFHDSFKJHERWUY65IOU36TRYEGFNSDLRIUOTUYTHJKLDFGOcmFUQk9OSFV2UVV4a0x6Sm1ZV0Z6TDFndlZtUjJSVmgxVEVObU9IZEdTWEZxU210c1JUQm5RWGxOUVV4NlNFUnROWG92ZWtGbWJFUjRkbWMyV0U5amFpczRNWGxTVkM5Tk5qWkVUM2RDYm05TVJqSkxjV3BsUVZvMmFYSm5iV1ZvVFdGSVRqVlFMMHN4VnpsTGVXbDFRWGRoTmpsbWFuQllhbVl6TkdGaGMwUjJha2xsYUhscWRscHZTRUpFVkVnNVQwNUdOVFpPY2xZclVFNVFVWGRSVFZvd04xUkhjVGxZZFVkQ1ZFZHBPRUptUzBVclYxQldMMjVMVkRsd2VFVlNSa1EzTWpWSlIxRkVWakJGZFZOVWEzaFBSVk5FWWpSc1lWZHZWMHBSYmxaMlJYWmhZekpaWVVOeFppdFlUa2xKU1RCdFUwdElVbXRJYlhGRk1WaFhNVTVRTkdwc1FYRlVNVWxZZUhkV05Xa3ZXWGd3ZUVZMWIyeE5VRU5QZEdSaWRHOU9lakZOZVdwTVZEUkNRVzlvYzNKSlpsRXhhR2cwWjJwRVJFVjNWalEzYjNCUmRIcEZUR1pYU1Rsc1kxSlNNbU5hUW5wRE1tOUpRMHR5Y1hkeGNXNDVMMmx4Um5GUlVGQnhjMVpQZG5WYUswOW9SQ3RPY0hwSlRsUk5lVXQyY0c1b1FsQjVZVEprVmtSdmJsQklOM05RU3pkNmQydERhMkZ5VmxSRmFVUndWVlE1ZGtsVWFXUkJWMFZEWVhoSFdXTk5VMXBTYTFreVRHZEVlVVZ0ZFRWRk4xTTVjRXBDUjBRMlYyTkdPVWhGWkVweVVGcEVaRFJxZUVablkwNXFaamh5YkVKWmJGSTNOVzFXSzFjdllXSTVTMWx2YUZacksxSnJWSFJ0Wml0T1NFSnpWVFZvV204eVFYbzFWRU5SYjNaR01Va3hPR3h2TWxkNVJsSmpUbTVSTjNjemJsUkdVRlZKVDBjeE9VeHlXVEpGVFRSS2NWbFdkVEJrV0VreFVsSktXbkpCVGtsMFdVZEJOMjltWjFFNGVHRktNbGRuWlVoUlNXNXdZV3A0VjI5M2FYZGljbE5tZGpkQ1ZYTmhOVFUyTDBzeVpteDBka0pUTVdkNGJ6TkxkSEJDYml0cE0waGhTbVpEZEZkQ00yOU1TM1pXTDNSVFlWaFpWelZXVWxjNFRXNXdhR3BhUmpoU1FuWnFkRlJMVW5abGRYRlNjVVJKZDBaSFpXUTRabEZUTUdOTVQwcFFkVXAyYjA5Tk9UaFlZMjEwVnpFMlpXdE9hMnBWV0hST1owUkpVV3R1VFU1dGJXWjNNVGc0VTAxUlNHZE9TbXRMY2tWYWJVeFljVVk0ZWpsTFdWWlRNbEZMVDJkMk1FaFBTMDl5YzJSM1NqTlplRGhUWVVOQlJGWnRlbkU1WTBKVFdqTktSR05WTkd0RGNEVjZNalJHVXpkVk9HTnVSa2xLUVd4SVJDODJXbGcyYldGemJVczJPRVp6TDBoNFMwWkRUMmdyYldGa1QwWjVhMlZQTm5SQ1l6QkpNbFpyVUhSaGVIbFVOR296VjFGVlQyMHpNeTlPWVVoSk1FdDBWalZFU2pneU5rcHNLemQxZDNwcVp6RlNja3AwVm10VU0yRnRWWGMzZDJnMFduSnFjVXczWTBjclNXeHFUVlUyVkZwWGNWY3ZSV0V6WW1oT2JIRklZVlJHU1RrMGEyOVJiMHBPVUhORk9FdERjbFJZY0daS2VVdHRZa2x5YjFORE4zSkJaWEJPZUU5eGR6WnhZMlY1WXprM1JtSkZhVFZFYkVFck5EUk9ZMWRyVEVNd1dqa2lMQ0prWVhSaGEyVjVJam9pWlhsS1VWSkdaMmxQYVVwV1ZXeENhVk5YVm14WFdFWk5VMjFrV21SRE9YaGFhWFF4VkhwS1MyTkljSHBVUms0MFlWaHNTbUpIYUhsWFZHdDZZVWhqZDFKRmFETldNbFYyWTJ0cmVVMUlTbHBWUjJONFRURlJNMDlHYUd4U01uaHVWRVJzUWxaV1pGZFJibkJLV1RCYU5HTXpUakpXTUhoWFRrWndhRTVyTVVwVFZFSkdWV3RzTUZaVVpEQlRSVGxyVkVkb2FGUlVVWHBaTVhCSFQxWmFOVlJxU20xaVZXUnVTM3BaTlZaV2NIcFdWMlJGVkcwMVRHSXdSakpXUnpoNlVsUm5kbUpzUmpGT2FUazFWVzFTY0dWR1FtOVdiVEZoVmpKc1NWRllhRmRTUkZwc1V6SkdSbUpWYkhCVlNFbDJWVzB4Ym1OVk1IWmFhelZ3WkZoa1FtVnFUa3BpTTJoTVRWVk9jMVo2V2t4aWJFWnJWRVUxVW1ONlp6QldWVFZPWW14c01sZFlZekprUjFwVFkxaE9kRnBXWkhaVFZWcGhWa2MxU2xWRlVtdFRiWE16WWpOVmVrNXFSa2RVTTJSd1QwaGtXbVJIVVhsbGJYQkRaRlp2ZGxvd1ZqWmlNbEl4Vkc1T2FtSldjRU5VU0ZVd1kwZDRjbU14WkhaVVYwNTRaRzV2TWxSVlVsQmpiSEJPVkc1VmVsZEZPVzVYYkVwWlUyNWtVbGRZWkZWaVdFWlNUVzF3VFZSSVFraE9XRnBwWVZoak0xUnJXak5OYm04eFpEQk9XbEZzYkhSTmEyaHpaRmRTUTJORVFUQlpWMk01VUZOSmMwbHJiRUpTUTBrMlNXNUZlbHA2U1RGVVZXeFVZekIwYVU5RWFEVmtiRVpzVVZWc2QxbHJWbmxOYW13MVZWaG9UazVzVWpWbFJHaDZZMjFHVkZVeFFubFZXRTVLVGpCMGFXSlZNWGhpUjBwTVlUSTVNRTVVYXpCTE0wVnlWakF4VG1WSE5VcGtSa0pRVld4V1UwOVdVWGhqTVc4eVZraFdlVnA2VGsxV01tUnhVV3Q0ZEdGcVRsUk5hMnN5V2tSV2FtUkdVakZqVm5CUFVrUlNjR0pHUm1GbGFscDRXV2x6Y2xFd1VYcGhSRnBZVmtaU2FVNXVSVFZYYlVaVFpXdHdkVmRZVGpaVGEyaDBWMnhDVlU0elZrWlRSRUpIVlVWa2MwNVlhRFZsUkVwelQwWkNSbE5WY0ZGWFNFWXhaVmMxVEZsVE9VeFdhMGt4V1ROS1Rrd3pXazFpYkhCdFVrUldWRlJHVlhaTmJVazBZbFZzUkV3d2N6UldSV2MxVDBWa05tSXpiM2hXVms1V1ZtMDFiRkZUT1hoUFJVcHpUMGRzU2xaSVJrTkxNVTVFWWtaa05WWnViRmRYVjJRd1RXcG5kMVJWUmpCa1JYQkdZVlYwZFZNeU1VVlpWVTVQV25wa1ExZHFVbE5sUjBaRVlWVTFXbVZwY3pSTE1HTTFVbFZGTlZwRll6UlRSMVoxVFcxb05XTnJkRUpWZWxsM1RETmplbUV4WkdGU1JsWm9ZVVpzZEdWR2JFTlVNblJYVkRCNE5HUXlkRXhaTWxKTlYxZDBWRTB5YUZwaFJsazFVMGR3Y0ZGVk9YaGxhekV6VVZRd09VbHVNRDBpTENKMlpYSnphVzl1SWpvaU15SXNJblI1Y0dVaU9pSkVRVlJCWDB0RldTSXNJbVY0Y0dseVlYUnBiMjRpT2pFM01qRTVOVGMzTmpKOQ==", + "expiresAt": "2024-07-25T21:37:26.301000-04:00" + } + } + +For more information, see `Amazon ECR public registries `__ in the *Amazon ECR Public*. + +**Example 2: To retrieve an authorization token for any Amazon ECR public registry that the IAM principal has access** + +The following ``get-authorization-token`` example gets an authorization token with the AWS CLI and sets it to an environment variable. :: + + aws ecr-public get-authorization-token \ + --region us-east-1 \ + --output=text \ + --query 'authorizationData.authorizationToken' + +Output:: + + QVdTOmV5SndZWGxzYjJKJFHDSFKJHERWUY65IOU36TRYEGFNSDLRIUOTUYTHJKLDFGOcmFUQk9OSFV2UVV4a0x6Sm1ZV0Z6TDFndlZtUjJSVmgxVEVObU9IZEdTWEZxU210c1JUQm5RWGxOUVV4NlNFUnROWG92ZWtGbWJFUjRkbWMyV0U5amFpczRNWGxTVkM5Tk5qWkVUM2RDYm05TVJqSkxjV3BsUVZvMmFYSm5iV1ZvVFdGSVRqVlFMMHN4VnpsTGVXbDFRWGRoTmpsbWFuQllhbVl6TkdGaGMwUjJha2xsYUhscWRscHZTRUpFVkVnNVQwNUdOVFpPY2xZclVFNVFVWGRSVFZvd04xUkhjVGxZZFVkQ1ZFZHBPRUptUzBVclYxQldMMjVMVkRsd2VFVlNSa1EzTWpWSlIxRkVWakJGZFZOVWEzaFBSVk5FWWpSc1lWZHZWMHBSYmxaMlJYWmhZekpaWVVOeFppdFlUa2xKU1RCdFUwdElVbXRJYlhGRk1WaFhNVTVRTkdwc1FYRlVNVWxZZUhkV05Xa3ZXWGd3ZUVZMWIyeE5VRU5QZEdSaWRHOU9lakZOZVdwTVZEUkNRVzlvYzNKSlpsRXhhR2cwWjJwRVJFVjNWalEzYjNCUmRIcEZUR1pYU1Rsc1kxSlNNbU5hUW5wRE1tOUpRMHR5Y1hkeGNXNDVMMmx4Um5GUlVGQnhjMVpQZG5WYUswOW9SQ3RPY0hwSlRsUk5lVXQyY0c1b1FsQjVZVEprVmtSdmJsQklOM05RU3pkNmQydERhMkZ5VmxSRmFVUndWVlE1ZGtsVWFXUkJWMFZEWVhoSFdXTk5VMXBTYTFreVRHZEVlVVZ0ZFRWRk4xTTVjRXBDUjBRMlYyTkdPVWhGWkVweVVGcEVaRFJxZUVablkwNXFaamh5YkVKWmJGSTNOVzFXSzFjdllXSTVTMWx2YUZacksxSnJWSFJ0Wml0T1NFSnpWVFZvV204eVFYbzFWRU5SYjNaR01Va3hPR3h2TWxkNVJsSmpUbTVSTjNjemJsUkdVRlZKVDBjeE9VeHlXVEpGVFRSS2NWbFdkVEJrV0VreFVsSktXbkpCVGtsMFdVZEJOMjltWjFFNGVHRktNbGRuWlVoUlNXNXdZV3A0VjI5M2FYZGljbE5tZGpkQ1ZYTmhOVFUyTDBzeVpteDBka0pUTVdkNGJ6TkxkSEJDYml0cE0waGhTbVpEZEZkQ00yOU1TM1pXTDNSVFlWaFpWelZXVWxjNFRXNXdhR3BhUmpoU1FuWnFkRlJMVW5abGRYRlNjVVJKZDBaSFpXUTRabEZUTUdOTVQwcFFkVXAyYjA5Tk9UaFlZMjEwVnpFMlpXdE9hMnBWV0hST1owUkpVV3R1VFU1dGJXWjNNVGc0VTAxUlNHZE9TbXRMY2tWYWJVeFljVVk0ZWpsTFdWWlRNbEZMVDJkMk1FaFBTMDl5YzJSM1NqTlplRGhUWVVOQlJGWnRlbkU1WTBKVFdqTktSR05WTkd0RGNEVjZNalJHVXpkVk9HTnVSa2xLUVd4SVJDODJXbGcyYldGemJVczJPRVp6TDBoNFMwWkRUMmdyYldGa1QwWjVhMlZQTm5SQ1l6QkpNbFpyVUhSaGVIbFVOR296VjFGVlQyMHpNeTlPWVVoSk1FdDBWalZFU2pneU5rcHNLemQxZDNwcVp6RlNja3AwVm10VU0yRnRWWGMzZDJnMFduSnFjVXczWTBjclNXeHFUVlUyVkZwWGNWY3ZSV0V6WW1oT2JIRklZVlJHU1RrMGEyOVJiMHBPVUhORk9FdERjbFJZY0daS2VVdHRZa2x5YjFORE4zSkJaWEJPZUU5eGR6WnhZMlY1WXprM1JtSkZhVFZFYkVFck5EUk9ZMWRyVEVNd1dqa2lMQ0prWVhSaGEyVjVJam9pWlhsS1VWSkdaMmxQYVVwV1ZXeENhVk5YVm14WFdFWk5VMjFrV21SRE9YaGFhWFF4VkhwS1MyTkljSHBVUms0MFlWaHNTbUpIYUhsWFZHdDZZVWhqZDFKRmFETldNbFYyWTJ0cmVVMUlTbHBWUjJONFRURlJNMDlHYUd4U01uaHVWRVJzUWxaV1pGZFJibkJLV1RCYU5HTXpUakpXTUhoWFRrWndhRTVyTVVwVFZFSkdWV3RzTUZaVVpEQlRSVGxyVkVkb2FGUlVVWHBaTVhCSFQxWmFOVlJxU20xaVZXUnVTM3BaTlZaV2NIcFdWMlJGVkcwMVRHSXdSakpXUnpoNlVsUm5kbUpzUmpGT2FUazFWVzFTY0dWR1FtOVdiVEZoVmpKc1NWRllhRmRTUkZwc1V6SkdSbUpWYkhCVlNFbDJWVzB4Ym1OVk1IWmFhelZ3WkZoa1FtVnFUa3BpTTJoTVRWVk9jMVo2V2t4aWJFWnJWRVUxVW1ONlp6QldWVFZPWW14c01sZFlZekprUjFwVFkxaE9kRnBXWkhaVFZWcGhWa2MxU2xWRlVtdFRiWE16WWpOVmVrNXFSa2RVTTJSd1QwaGtXbVJIVVhsbGJYQkRaRlp2ZGxvd1ZqWmlNbEl4Vkc1T2FtSldjRU5VU0ZVd1kwZDRjbU14WkhaVVYwNTRaRzV2TWxSVlVsQmpiSEJPVkc1VmVsZEZPVzVYYkVwWlUyNWtVbGRZWkZWaVdFWlNUVzF3VFZSSVFraE9XRnBwWVZoak0xUnJXak5OYm04eFpEQk9XbEZzYkhSTmEyaHpaRmRTUTJORVFUQlpWMk01VUZOSmMwbHJiRUpTUTBrMlNXNUZlbHA2U1RGVVZXeFVZekIwYVU5RWFEVmtiRVpzVVZWc2QxbHJWbmxOYW13MVZWaG9UazVzVWpWbFJHaDZZMjFHVkZVeFFubFZXRTVLVGpCMGFXSlZNWGhpUjBwTVlUSTVNRTVVYXpCTE0wVnlWakF4VG1WSE5VcGtSa0pRVld4V1UwOVdVWGhqTVc4eVZraFdlVnA2VGsxV01tUnhVV3Q0ZEdGcVRsUk5hMnN5V2tSV2FtUkdVakZqVm5CUFVrUlNjR0pHUm1GbGFscDRXV2x6Y2xFd1VYcGhSRnBZVmtaU2FVNXVSVFZYYlVaVFpXdHdkVmRZVGpaVGEyaDBWMnhDVlU0elZrWlRSRUpIVlVWa2MwNVlhRFZsUkVwelQwWkNSbE5WY0ZGWFNFWXhaVmMxVEZsVE9VeFdhMGt4V1ROS1Rrd3pXazFpYkhCdFVrUldWRlJHVlhaTmJVazBZbFZzUkV3d2N6UldSV2MxVDBWa05tSXpiM2hXVms1V1ZtMDFiRkZUT1hoUFJVcHpUMGRzU2xaSVJrTkxNVTVFWWtaa05WWnViRmRYVjJRd1RXcG5kMVJWUmpCa1JYQkdZVlYwZFZNeU1VVlpWVTVQV25wa1ExZHFVbE5sUjBaRVlWVTFXbVZwY3pSTE1HTTFVbFZGTlZwRll6UlRSMVoxVFcxb05XTnJkRUpWZWxsM1RETmplbUV4WkdGU1JsWm9ZVVpzZEdWR2JFTlVNblJYVkRCNE5HUXlkRXhaTWxKTlYxZDBWRTB5YUZwaFJsazFVMGR3Y0ZGVk9YaGxhekV6VVZRd09VbHVNRDBpTENKMlpYSnphVzl1SWpvaU15SXNJblI1Y0dVaU9pSkVRVlJCWDB0RldTSXNJbVY0Y0dseVlYUnBiMjRpT2pFM01qRTVOVGMzTmpKOQ + +For more information, see `Amazon ECR public registries `__ in the *Amazon ECR Public*. diff --git a/awscli/examples/ecr-public/get-login-password.rst b/awscli/examples/ecr-public/get-login-password.rst new file mode 100644 index 000000000000..99879cc05f0b --- /dev/null +++ b/awscli/examples/ecr-public/get-login-password.rst @@ -0,0 +1,27 @@ +**Example 1: To authenticate docker to an Amazon ECR public registry** + +The following ``get-login-password`` example retrieves and displays an authentication token using the GetAuthorizationToken API that you can use to authenticate to an Amazon ECR public registry. :: + + aws ecr-public get-login-password \ + --region us-east-1 + | docker login \ + --username AWS \ + --password-stdin public.ecr.aws + +This command produces no output in the terminal but instead pipes the output to Docker. + +For more information, see `Authenticate to the public registry `__ in the *Amazon ECR Public*. + +**Example 2: To authenticate docker to your own custom AmazonECR public registry** + +The following ``get-login-password`` example retrieves and displays an authentication token using the GetAuthorizationToken API that you can use to authenticate to your own custom Amazon ECR public registry. :: + + aws ecr-public get-login-password \ + --region us-east-1 \ + | docker login \ + --username AWS \ + --password-stdin public.ecr.aws/ + +This command produces no output in the terminal but insteads pipes the output to Docker. + +For more information, see `Authenticate to your own Amazon ECR Public `__ in the *Amazon ECR Public*. diff --git a/awscli/examples/ecr-public/get-registry-catalog-data.rst b/awscli/examples/ecr-public/get-registry-catalog-data.rst new file mode 100644 index 000000000000..e293089a41af --- /dev/null +++ b/awscli/examples/ecr-public/get-registry-catalog-data.rst @@ -0,0 +1,14 @@ +**To retrieve catalog metadata for a public ECR registry** + +The following ``get-registry-catalog-data`` retrieves catalog metadata for an ECR public registry. :: + + aws ecr-public get-registry-catalog-data \ + --region us-east-1 + +Output:: + + { + "registryCatalogData": { + "displayName": "YourCustomPublicRepositoryalias" + } + } diff --git a/awscli/examples/ecr-public/get-repository-catalog-data.rst b/awscli/examples/ecr-public/get-repository-catalog-data.rst new file mode 100644 index 000000000000..b3db31e94692 --- /dev/null +++ b/awscli/examples/ecr-public/get-repository-catalog-data.rst @@ -0,0 +1,29 @@ +**To retrieve catalog metadata for a repository in a public registry** + +The following ``get-repository-catalog-data`` example lists the catalog metadata for the repository ``project-a/nginx-web-app`` in a public registry. :: + + aws ecr-public get-repository-catalog-data \ + --repository-name project-a/nginx-web-app \ + --region us-east-1 + +Output:: + + { + "catalogData": { + "description": "My project-a ECR Public Repository", + "architectures": [ + "ARM", + "ARM 64", + "x86", + "x86-64" + ], + "operatingSystems": [ + "Linux" + ], + "logoUrl": "https://d3g9o9u8re44ak.cloudfront.net/logo/491d3846-8f33-4d8b-a10c-c2ce271e6c0d/4f09d87c-2569-4916-a932-5c296bf6f88a.png", + "aboutText": "## Quick reference\n\nMaintained ", + "usageText": "## Supported architectures\n\namd64, arm64v8\n\n## " + } + } + +For more information, see `Repository catalog data `__ in the *Amazon ECR Public*. \ No newline at end of file diff --git a/awscli/examples/ecr-public/get-repository-policy.rst b/awscli/examples/ecr-public/get-repository-policy.rst new file mode 100644 index 000000000000..e684c775a6b1 --- /dev/null +++ b/awscli/examples/ecr-public/get-repository-policy.rst @@ -0,0 +1,17 @@ +**To get a repository policy associated with the repository** + +The following ``get-repository-policy`` example gets a repository policy associated with the repository. :: + + aws ecr-public get-repository-policy \ + --repository-name project-a/nginx-web-app \ + --region us-east-1 + +Output:: + + { + "registryId": "123456789012", + "repositoryName": "project-a/nginx-web-app", + "policyText": "{\n \"Version\" : \"2008-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"AllowPush\",\n \"Effect\" : \"Allow\",\n \"Principal\" : {\n \"AWS\" : [ \"arn:aws:iam::123456789012:user/eksuser1\", \"arn:aws:iam::123456789012:user/admin\" ]\n },\n \"Action\" : [ \"ecr-public:BatchCheckLayerAvailability\", \"ecr-public:PutImage\", \"ecr-public:InitiateLayerUpload\", \"ecr-public:UploadLayerPart\", \"ecr-public:CompleteLayerUpload\" ]\n } ]\n}" + } + +For more information, see `Use GetRepositoryPolicy with an AWS SDK or CLI `__ in the *Amazon ECR Public User Guide*. \ No newline at end of file diff --git a/awscli/examples/ecr-public/list-tags-for-resource.rst b/awscli/examples/ecr-public/list-tags-for-resource.rst new file mode 100644 index 000000000000..fd700be2205f --- /dev/null +++ b/awscli/examples/ecr-public/list-tags-for-resource.rst @@ -0,0 +1,28 @@ +**To list tags for a public repository in a public registry** + +The following ``list-tags-for-resource`` example lists the tags for a resource named ``project-a/nginx-web-app`` in a public registry. :: + + aws ecr-public list-tags-for-resource \ + --resource-arn arn:aws:ecr-public::123456789012:repository/project-a/nginx-web-app \ + --region us-east-1 + +Output:: + + { + "tags": [ + { + "Key": "Environment", + "Value": "Prod" + }, + { + "Key": "stack", + "Value": "dev1" + }, + { + "Key": "Name", + "Value": "project-a/nginx-web-app" + } + ] + } + +For more information, see `List tags for a public repository `__ in the *Amazon ECR Public*. diff --git a/awscli/examples/ecr-public/put-registry-catalog-data.rst b/awscli/examples/ecr-public/put-registry-catalog-data.rst new file mode 100644 index 000000000000..57c83973ece1 --- /dev/null +++ b/awscli/examples/ecr-public/put-registry-catalog-data.rst @@ -0,0 +1,15 @@ +**To create or update catalog metadata for a public ECR registry** + +The following ``put-registry-catalog-data`` creates or updates catalog metadata for an ECR public registry. Only accounts that have the verified account badge can have a registry display name. :: + + aws ecr-public put-registry-catalog-data \ + --region us-east-1 \ + --display-name + +Output:: + + { + "registryCatalogData": { + "displayName": "YourCustomPublicRepositoryalias" + } + } diff --git a/awscli/examples/ecr-public/put-repository-catalog-data.rst b/awscli/examples/ecr-public/put-repository-catalog-data.rst new file mode 100644 index 000000000000..678b9fd87c1a --- /dev/null +++ b/awscli/examples/ecr-public/put-repository-catalog-data.rst @@ -0,0 +1,51 @@ +**To create or update the catalog data for a repository in a public registry** + +The following ``put-repository-catalog-data`` example creates or update catalog data for reposiotry named `project-a/nginx-web-app` in a public registry, along with logoImageBlob, aboutText, usageText and tags information. :: + + aws ecr-public put-repository-catalog-data \ + --repository-name project-a/nginx-web-app \ + --cli-input-json file://repository-catalog-data.json \ + --region us-east-1 + +Contents of ``repository-catalog-data.json``:: + + { + "repositoryName": "project-a/nginx-web-app", + "catalogData": { + "description": "My project-a ECR Public Repository", + "architectures": [ + "ARM", + "ARM 64", + "x86", + "x86-64" + ], + "operatingSystems": [ + "Linux" + ], + "logoImageBlob": "iVBORw0KGgoA<>ErkJggg==", + "aboutText": "## Quick reference.", + "usageText": "## Supported architectures are as follows." + } + } + +Output:: + + { + "catalogData": { + "description": "My project-a ECR Public Repository", + "architectures": [ + "ARM", + "ARM 64", + "x86", + "x86-64" + ], + "operatingSystems": [ + "Linux" + ], + "logoUrl": "https://d3g9o9u8re44ak.cloudfront.net/logo/df86cf58-ee60-4061-b804-0be24d97ccb1/4a9ed9b2-69e4-4ede-b924-461462d20ef0.png", + "aboutText": "## Quick reference.", + "usageText": "## Supported architectures are as follows." + } + } + +For more information, see `Repository catalog data `__ in the *Amazon ECR Public*. diff --git a/awscli/examples/ecr-public/set-repository-policy.rst b/awscli/examples/ecr-public/set-repository-policy.rst new file mode 100644 index 000000000000..b87b257f482b --- /dev/null +++ b/awscli/examples/ecr-public/set-repository-policy.rst @@ -0,0 +1,118 @@ +**Example 1: To set a repository policy to allow a pull on the repository** + +The following ``set-repository-policy`` example applies an ECR public repository policy to the specified repository to control access permissions. :: + + aws ecr-public set-repository-policy \ + --repository-name project-a/nginx-web-app \ + --policy-text file://my-repository-policy.json + +Contents of ``my-repository-policy.json``:: + + { + "Version" : "2008-10-17", + "Statement" : [ + { + "Sid" : "allow public pull", + "Effect" : "Allow", + "Principal" : "*", + "Action" : [ + "ecr:BatchCheckLayerAvailability", + "ecr:BatchGetImage", + "ecr:GetDownloadUrlForLayer" + ] + } + ] + } + +Output:: + + { + "registryId": "12345678901", + "repositoryName": "project-a/nginx-web-app", + "policyText": "{\n \"Version\" : \"2008-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"allow public pull\",\n \"Effect\" : \"Allow\",\n \"Principal\" : \"*\",\n \"Action\" : [ \"ecr:BatchCheckLayerAvailability\", \"ecr:BatchGetImage\", \"ecr:GetDownloadUrlForLayer\" ]\n } ]\n}" + } + +For more information, see `Setting a repository policy statement `__ in the *Amazon ECR Public User Guide*. + +**Example 2: To set a repository policy to allow an IAM user within your account to push images** + +The following ``set-repository-policy`` example allows an IAM user within your account to push images using to an ECR repository in your AWS account using the input file named ``file://my-repository-policy.json`` as policy text. :: + + aws ecr-public set-repository-policy \ + --repository-name project-a/nginx-web-app \ + --policy-text file://my-repository-policy.json + +Contents of ``my-repository-policy.json``:: + + { + "Version": "2008-10-17", + "Statement": [ + { + "Sid": "AllowPush", + "Effect": "Allow", + "Principal": { + "AWS": [ + "arn:aws:iam::account-id:user/push-pull-user-1", + "arn:aws:iam::account-id:user/push-pull-user-2" + ] + }, + "Action": [ + "ecr-public:BatchCheckLayerAvailability", + "ecr-public:PutImage", + "ecr-public:InitiateLayerUpload", + "ecr-public:UploadLayerPart", + "ecr-public:CompleteLayerUpload" + ] + } + ] + } + +Output:: + + { + "registryId": "12345678901", + "repositoryName": "project-a/nginx-web-app", + "policyText": "{\n \"Version\" : \"2008-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"AllowPush\",\n \"Effect\" : \"Allow\",\n \"Principal\" : {\n \"AWS\" : [ \"arn:aws:iam::12345678901:user/admin\", \"arn:aws:iam::12345678901:user/eksuser1\" ]\n },\n \"Action\" : [ \"ecr-public:BatchCheckLayerAvailability\", \"ecr-public:PutImage\", \"ecr-public:InitiateLayerUpload\", \"ecr-public:UploadLayerPart\", \"ecr-public:CompleteLayerUpload\" ]\n } ]\n}" + } + +For more information, see `Setting a repository policy statement `__ in the *Amazon ECR Public User Guide*. + +**Example 3: To set a repository policy to allow an IAM user from different account to push images** + +The following ``set-repository-policy`` example allows a specific account to push images using cli input file://my-repository-policy.json in your AWS account. :: + + aws ecr-public set-repository-policy \ + --repository-name project-a/nginx-web-app \ + --policy-text file://my-repository-policy.json + +Contents of ``my-repository-policy.json``:: + + { + "Version": "2008-10-17", + "Statement": [ + { + "Sid": "AllowCrossAccountPush", + "Effect": "Allow", + "Principal": { + "AWS": "arn:aws:iam::other-or-same-account-id:role/RoleName" + }, + "Action": [ + "ecr-public:BatchCheckLayerAvailability", + "ecr-public:PutImage", + "ecr-public:InitiateLayerUpload", + "ecr-public:UploadLayerPart", + "ecr-public:CompleteLayerUpload" + ] + } + ] + } + +Output:: + + { + "registryId": "12345678901", + "repositoryName": "project-a/nginx-web-app", + "policyText": "{\n \"Version\" : \"2008-10-17\",\n \"Statement\" : [ {\n \"Sid\" : \"AllowCrossAccountPush\",\n \"Effect\" : \"Allow\",\n \"Principal\" : {\n \"AWS\" : \"arn:aws:iam::12345678901:role/RoleName\"\n },\n \"Action\" : [ \"ecr-public:BatchCheckLayerAvailability\", \"ecr-public:PutImage\", \"ecr-public:InitiateLayerUpload\", \"ecr-public:UploadLayerPart\", \"ecr-public:CompleteLayerUpload\" ]\n } ]\n}" + } + +For more information, see `Public repository policy examples `__ in the *Amazon ECR Public User Guide*. diff --git a/awscli/examples/ecr-public/tag-resource.rst b/awscli/examples/ecr-public/tag-resource.rst new file mode 100644 index 000000000000..1d070887329b --- /dev/null +++ b/awscli/examples/ecr-public/tag-resource.rst @@ -0,0 +1,21 @@ +**Example 1: To tags an existing public repository in a public registry** + +The following ``tag-resource`` example tags a repository named ``project-a/nginx-web-app`` in a public registry. :: + + aws ecr-public tag-resource \ + --resource-arn arn:aws:ecr-public::123456789012:repository/project-a/nginx-web-app \ + --tags Key=stack,Value=dev \ + --region us-east-1 + +For more information, see `Using Tags for a public repository `__ in the *Amazon ECR Public*. + +**Example 2: To tag an existing public repository with multiple tags in a public registry.** + +The following ``tag-resource`` example tags an existing repository with multiple tags. :: + + aws ecr-public tag-resource \ + --resource-arn arn:aws:ecr-public::890517186334:repository/project-a/nginx-web-app \ + --tags Key=key1,Value=value1 Key=key2,Value=value2 Key=key3,Value=value3 \ + --region us-east-1 + +For more information, see `Using Tags for a public repository `__ in the *Amazon ECR Public*. diff --git a/awscli/examples/ecr-public/untag-resource.rst b/awscli/examples/ecr-public/untag-resource.rst new file mode 100644 index 000000000000..4ff4445b5494 --- /dev/null +++ b/awscli/examples/ecr-public/untag-resource.rst @@ -0,0 +1,12 @@ +**Example 1: To untags an existing public repository in a public registry** + +The following ``untag-resource`` example tags a repository named ``project-a/nginx-web-app`` in a public registry. :: + + aws ecr-public untag-resource \ + --resource-arn arn:aws:ecr-public::123456789012:repository/project-a/nginx-web-app \ + --tag-keys stack \ + --region us-east-1 + +This command produces no output. + +For more information, see `Using Tags for a public repository `__ in the *Amazon ECR Public*. diff --git a/awscli/examples/ecr/create-repository.rst b/awscli/examples/ecr/create-repository.rst index 343d4b52d44b..805ab39b5598 100644 --- a/awscli/examples/ecr/create-repository.rst +++ b/awscli/examples/ecr/create-repository.rst @@ -3,15 +3,15 @@ The following ``create-repository`` example creates a repository inside the specified namespace in the default registry for an account. :: aws ecr create-repository \ - --repository-name project-a/nginx-web-app + --repository-name project-a/sample-repo Output:: { "repository": { "registryId": "123456789012", - "repositoryName": "sample-repo", - "repositoryArn": "arn:aws:ecr:us-west-2:123456789012:repository/project-a/nginx-web-app" + "repositoryName": "project-a/sample-repo", + "repositoryArn": "arn:aws:ecr:us-west-2:123456789012:repository/project-a/sample-repo" } } @@ -22,7 +22,7 @@ For more information, see `Creating a Repository `__ in the *Amazon ECS Developer Guide*. diff --git a/awscli/examples/ecs/delete-task-definitions.rst b/awscli/examples/ecs/delete-task-definitions.rst index dd4b6cde1e5a..449424633696 100644 --- a/awscli/examples/ecs/delete-task-definitions.rst +++ b/awscli/examples/ecs/delete-task-definitions.rst @@ -1,6 +1,6 @@ **To delete a task definition** -The following ``deletee-task-definitions`` example deletes an INACTIVE task definition. :: +The following ``delete-task-definitions`` example deletes an INACTIVE task definition. :: aws ecs delete-task-definitions \ --task-definition curltest:1 diff --git a/awscli/examples/ecs/describe-service-deployments.rst b/awscli/examples/ecs/describe-service-deployments.rst new file mode 100644 index 000000000000..f7f97b6810f4 --- /dev/null +++ b/awscli/examples/ecs/describe-service-deployments.rst @@ -0,0 +1,54 @@ +**To describe service deployment details** + +The following ``describe-service-deployments`` example returns the service deployment details for the service deployment with the ARN ``arn:aws:ecs:us-east-1:123456789012:service-deployment/example-cluster/example-service/ejGvqq2ilnbKT9qj0vLJe``. :: + + aws ecs describe-service-deployments \ + --service-deployment-arn arn:aws:ecs:us-east-1:123456789012:service-deployment/example-cluster/example-service/ejGvqq2ilnbKT9qj0vLJe + +Output:: + + { + "serviceDeployments": [ + { + "serviceDeploymentArn": "arn:aws:ecs:us-east-1:123456789012:service-deployment/example-cluster/example-service/ejGvqq2ilnbKT9qj0vLJe", + "serviceArn": "arn:aws:ecs:us-east-1:123456789012:service/example-cluster/example-service", + "clusterArn": "arn:aws:ecs:us-east-1:123456789012:cluster/example-cluster", + "createdAt": "2024-10-31T08:03:30.917000-04:00", + "startedAt": "2024-10-31T08:03:32.510000-04:00", + "finishedAt": "2024-10-31T08:05:04.527000-04:00", + "updatedAt": "2024-10-31T08:05:04.527000-04:00", + "sourceServiceRevisions": [], + "targetServiceRevision": { + "arn": "arn:aws:ecs:us-east-1:123456789012:service-revision/example-cluster/example-service/1485800978477494678", + "requestedTaskCount": 1, + "runningTaskCount": 1, + "pendingTaskCount": 0 + }, + "status": "SUCCESSFUL", + "deploymentConfiguration": { + "deploymentCircuitBreaker": { + "enable": true, + "rollback": true + }, + "maximumPercent": 200, + "minimumHealthyPercent": 100, + "alarms": { + "alarmNames": [], + "rollback": false, + "enable": false + } + }, + "deploymentCircuitBreaker": { + "status": "MONITORING_COMPLETE", + "failureCount": 0, + "threshold": 3 + }, + "alarms": { + "status": "DISABLED" + } + } + ], + "failures": [] + } + +For more information, see `View service history using Amazon ECS service deployments `_ in the *Amazon ECS Developer Guide*. diff --git a/awscli/examples/ecs/describe-service-revisions.rst b/awscli/examples/ecs/describe-service-revisions.rst new file mode 100644 index 000000000000..22fb2436dbbc --- /dev/null +++ b/awscli/examples/ecs/describe-service-revisions.rst @@ -0,0 +1,60 @@ +**To describe service revision details** + +The following ``describe-service-revisions`` example returns the service revision details for the service revision with the ARN ``arn:aws:ecs:us-east-1:123456789012:service-revision/example-cluster/example-service/1485800978477494678``. :: + + aws ecs describe-service-revisions \ + --service-revision-arns arn:aws:ecs:us-east-1:123456789012:service-revision/example-cluster/example-service/1485800978477494678 + +Output:: + + { + "serviceRevisions": [ + { + "serviceRevisionArn": "arn:aws:ecs:us-east-1:123456789012:service-revision/example-cluster/example-service/1485800978477494678", + "serviceArn": "arn:aws:ecs:us-east-1:123456789012:service/example-cluster/example-service", + "clusterArn": "arn:aws:ecs:us-east-1:123456789012:cluster/example-cluster", + "taskDefinition": "arn:aws:ecs:us-east-1:123456789012:task-definition/webserver:5", + "capacityProviderStrategy": [ + { + "capacityProvider": "FARGATE", + "weight": 1, + "base": 0 + } + ], + "platformVersion": "1.4.0", + "platformFamily": "Linux", + "networkConfiguration": { + "awsvpcConfiguration": { + "subnets": [ + "subnet-0d0eab1bb38d5ca64", + "subnet-0db5010045995c2d5" + ], + "securityGroups": [ + "sg-02556bf85a191f59a" + ], + "assignPublicIp": "ENABLED" + } + }, + "containerImages": [ + { + "containerName": "aws-otel-collector", + "imageDigest": "sha256:7a1b3560655071bcacd66902c20ebe9a69470d5691fe3bd36baace7c2f3c4640", + "image": "public.ecr.aws/aws-observability/aws-otel-collector:v0.32.0" + }, + { + "containerName": "web", + "imageDigest": "sha256:28402db69fec7c17e179ea87882667f1e054391138f77ffaf0c3eb388efc3ffb", + "image": "nginx" + } + ], + "guardDutyEnabled": false, + "serviceConnectConfiguration": { + "enabled": false + }, + "createdAt": "2024-10-31T08:03:29.302000-04:00" + } + ], + "failures": [] + } + +For more information, see `Amazon ECS service revisions `_ in the *Amazon ECS Developer Guide*. diff --git a/awscli/examples/ecs/describe-task-definition.rst b/awscli/examples/ecs/describe-task-definition.rst index cb018af0afd6..d308fcc1d1a3 100644 --- a/awscli/examples/ecs/describe-task-definition.rst +++ b/awscli/examples/ecs/describe-task-definition.rst @@ -2,54 +2,64 @@ The following ``describe-task-definition`` example retrieves the details of a task definition. :: - aws ecs describe-task-definition --task-definition hello_world:8 + aws ecs describe-task-definition \ + --task-definition hello_world:8 Output:: { "taskDefinition": { - "volumes": [], - "taskDefinitionArn": "arn:aws:ecs:us-west-2:123456789012:task-definition/hello_world:8", + "taskDefinitionArn": "arn:aws:ecs:us-east-1:012345678910:task-definition/hello_world:8", "containerDefinitions": [ { + "cpu": 10, "environment": [], - "name": "wordpress", + "essential": true, + "image": "wordpress", "links": [ "mysql" - ], + ] , + "memory": 500, "mountPoints": [], - "image": "wordpress", - "essential": true, + "name": "wordpress", "portMappings": [ { "containerPort": 80, "hostPort": 80 } ], - "memory": 500, - "cpu": 10, "volumesFrom": [] }, { + "cpu": 10, "environment": [ { "name": "MYSQL_ROOT_PASSWORD", "value": "password" } ], - "name": "mysql", - "mountPoints": [], + "essential": true, "image": "mysql", - "cpu": 10, - "portMappings": [], "memory": 500, - "essential": true, + "mountPoints": [], + "name": "mysql", + "portMappings": [], "volumesFrom": [] } ], - "family": "hello_world", - "revision": 8 - } + "family": "hello_world", + "revision": 8, + "volumes": [], + "status": "ACTIVE", + "placementConstraints": [], + "compatibilities": [ + "EXTERNAL", + "EC2" + ], + "registeredAt": "2024-06-21T11:15:12.669000-05:00", + "registeredBy": "arn:aws:sts::012345678910:assumed-role/demo-role/jane-doe" + }, + "tags": [] } -For more information, see `Amazon ECS Task Definitions `_ in the *Amazon ECS Developer Guide*. +For more information, see `Amazon ECS Task Definitions `_ in the *Amazon ECS Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/ecs/get-task-protection.rst b/awscli/examples/ecs/get-task-protection.rst new file mode 100644 index 000000000000..456fb65d16ef --- /dev/null +++ b/awscli/examples/ecs/get-task-protection.rst @@ -0,0 +1,21 @@ +**Retrieve the protection status of task in ECS service** + +The following ``get-task-protection`` provides the protection status of ECS tasks that belong to Amazon ECS service. :: + + aws ecs get-task-protection \ + --cluster ECS-project-update-cluster \ + --tasks c43ed3b1331041f289316f958adb6a24 + +Output:: + + { + "protectedTasks": [ + { + "taskArn": "arn:aws:ecs:us-west-2:123456789012:task/c43ed3b1331041f289316f958adb6a24", + "protectionEnabled": false + } + ], + "failures": [] + } + +For more formation on task protection, see `Protect your Amazon ECS tasks from being terminated by scale-in events `__ in the *Amazon ECS Developer Guide*. diff --git a/awscli/examples/ecs/list-service-deployments.rst b/awscli/examples/ecs/list-service-deployments.rst new file mode 100644 index 000000000000..c1583085f22f --- /dev/null +++ b/awscli/examples/ecs/list-service-deployments.rst @@ -0,0 +1,25 @@ +**To list service deployments** + +The following ``list-service-deployments`` example retrieves the service deployments for the service named ``example-service``. :: + + aws ecs list-service-deployments \ + --service arn:aws:ecs:us-east-1:123456789012:service/example-cluster/example-service + +Output:: + + { + "serviceDeployments": [ + { + "serviceDeploymentArn": "arn:aws:ecs:us-east-1:123456789012:service-deployment/example-cluster/example-service/ejGvqq2ilnbKT9qj0vLJe", + "serviceArn": "arn:aws:ecs:us-east-1:123456789012:service/example-cluster/example-service", + "clusterArn": "arn:aws:ecs:us-east-1:123456789012:cluster/example-cluster", + "startedAt": "2024-10-31T08:03:32.510000-04:00", + "createdAt": "2024-10-31T08:03:30.917000-04:00", + "finishedAt": "2024-10-31T08:05:04.527000-04:00", + "targetServiceRevisionArn": "arn:aws:ecs:us-east-1:123456789012:service-revision/example-cluster/example-service/1485800978477494678", + "status": "SUCCESSFUL" + } + ] + } + +For more information, see `View service history using Amazon ECS service deployments `_ in the *Amazon ECS Developer Guide*. diff --git a/awscli/examples/ecs/run-task.rst b/awscli/examples/ecs/run-task.rst index 745a9a75312b..109093d9f654 100644 --- a/awscli/examples/ecs/run-task.rst +++ b/awscli/examples/ecs/run-task.rst @@ -1,37 +1,63 @@ **To run a task on your default cluster** -The following ``run-task`` example runs a task on the default cluster. :: +The following ``run-task`` example runs a task on the default cluster and uses a client token. :: - aws ecs run-task --cluster default --task-definition sleep360:1 + aws ecs run-task \ + --cluster default \ + --task-definition sleep360:1 \ + --client-token 550e8400-e29b-41d4-a716-446655440000 Output:: { "tasks": [ { - "taskArn": "arn:aws:ecs:us-west-2:123456789012:task/a1b2c3d4-5678-90ab-ccdef-11111EXAMPLE", + "attachments": [], + "attributes": [ + { + "name": "ecs.cpu-architecture", + "value": "x86_64" + } + ], + "availabilityZone": "us-east-1b", + "capacityProviderName": "example-capacity-provider", + "clusterArn": "arn:aws:ecs:us-east-1:123456789012:cluster/default", + "containerInstanceArn": "arn:aws:ecs:us-east-1:123456789012:container-instance/default/bc4d2ec611d04bb7bb97e83ceEXAMPLE", + "containers": [ + { + "containerArn": "arn:aws:ecs:us-east-1:123456789012:container/default/d6f51cc5bbc94a47969c92035e9f66f8/75853d2d-711e-458a-8362-0f0aEXAMPLE", + "taskArn": "arn:aws:ecs:us-east-1:123456789012:task/default/d6f51cc5bbc94a47969c9203EXAMPLE", + "name": "sleep", + "image": "busybox", + "lastStatus": "PENDING", + "networkInterfaces": [], + "cpu": "10", + "memory": "10" + } + ], + "cpu": "10", + "createdAt": "2023-11-21T16:59:34.403000-05:00", + "desiredStatus": "RUNNING", + "enableExecuteCommand": false, + "group": "family:sleep360", + "lastStatus": "PENDING", + "launchType": "EC2", + "memory": "10", "overrides": { "containerOverrides": [ { "name": "sleep" } - ] + ], + "inferenceAcceleratorOverrides": [] }, - "lastStatus": "PENDING", - "containerInstanceArn": "arn:aws:ecs:us-west-2:123456789012:container-instance/a1b2c3d4-5678-90ab-ccdef-22222EXAMPLE", - "desiredStatus": "RUNNING", - "taskDefinitionArn": "arn:aws:ecs:us-west-2:123456789012:task-definition/sleep360:1", - "containers": [ - { - "containerArn": "arn:aws:ecs:us-west-2:123456789012:container/a1b2c3d4-5678-90ab-ccdef-33333EXAMPLE", - "taskArn": "arn:aws:ecs:us-west-2:123456789012:task/a1b2c3d4-5678-90ab-ccdef-11111EXAMPLE", - "lastStatus": "PENDING", - "name": "sleep" - } - ] + "tags": [], + "taskArn": "arn:aws:ecs:us-east-1:123456789012:task/default/d6f51cc5bbc94a47969c9203EXAMPLE", + "taskDefinitionArn": "arn:aws:ecs:us-east-1:123456789012:task-definition/sleep360:1", + "version": 1 } - ] + ], + "failures": [] } - -For more information, see `Running Tasks `_ in the *Amazon ECS Developer Guide*. \ No newline at end of file +For more information, see `Running Tasks `__ in the *Amazon ECS Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/ecs/update-cluster.rst b/awscli/examples/ecs/update-cluster.rst new file mode 100644 index 000000000000..68e106545fad --- /dev/null +++ b/awscli/examples/ecs/update-cluster.rst @@ -0,0 +1,176 @@ +**Example 1: Update ECS cluster enabling containerInsights** + +The following ``update-cluster`` updates the containerInsights value to ``enabled`` in an already created cluster. By default, it is disabled. :: + + aws ecs update-cluster \ + --cluster ECS-project-update-cluster \ + --settings name=containerInsights,value=enabled + +Output:: + + "cluster": { + "clusterArn": "arn:aws:ecs:us-west-2:123456789012:cluster/ECS-project-update-cluster", + "clusterName": "ECS-project-update-cluster", + "status": "ACTIVE", + "registeredContainerInstancesCount": 0, + "runningTasksCount": 0, + "pendingTasksCount": 0, + "activeServicesCount": 0, + "statistics": [], + "tags": [], + "settings": [ + { + "name": "containerInsights", + "value": "enabled" + } + ], + "capacityProviders": [ + "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + ], + "defaultCapacityProviderStrategy": [ + { + "capacityProvider": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt", + "weight": 1, + "base": 0 + } + ], + "attachments": [ + { + "id": "069d002b-7634-42e4-b1d4-544f4c8f6380", + "type": "as_policy", + "status": "CREATED", + "details": [ + { + "name": "capacityProviderName", + "value": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + }, + { + "name": "scalingPolicyName", + "value": "ECSManagedAutoScalingPolicy-152363a6-8c65-484c-b721-42c3e070ae93" + } + ] + }, + { + "id": "08b5b6ca-45e9-4209-a65d-e962a27c490a", + "type": "managed_draining", + "status": "CREATED", + "details": [ + { + "name": "capacityProviderName", + "value": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + }, + { + "name": "autoScalingLifecycleHookName", + "value": "ecs-managed-draining-termination-hook" + } + ] + }, + { + "id": "45d0b36f-8cff-46b6-9380-1288744802ab", + "type": "sc", + "status": "ATTACHED", + "details": [] + } + ], + "attachmentsStatus": "UPDATE_COMPLETE", + "serviceConnectDefaults": { + "namespace": "arn:aws:servicediscovery:us-west-2:123456789012:namespace/ns-igwrsylmy3kwvcdx" + } + } + + +**Example 2: Update ECS cluster to set a default Service Connect namspace** + +The following ``update-cluster`` updates ECS cluster by setting a default Service Connect namespace. :: + + aws ecs update-cluster \ + --cluster ECS-project-update-cluster \ + --service-connect-defaults namespace=test + +Output:: + + { + "cluster": { + "clusterArn": "arn:aws:ecs:us-west-2:123456789012:cluster/ECS-project-update-cluster", + "clusterName": "ECS-project-update-cluster", + "status": "ACTIVE", + "registeredContainerInstancesCount": 0, + "runningTasksCount": 0, + "pendingTasksCount": 0, + "activeServicesCount": 0, + "statistics": [], + "tags": [], + "settings": [ + { + "name": "containerInsights", + "value": "enabled" + } + ], + "capacityProviders": [ + "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + ], + "defaultCapacityProviderStrategy": [ + { + "capacityProvider": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt", + "weight": 1, + "base": 0 + } + ], + "attachments": [ + { + "id": "069d002b-7634-42e4-b1d4-544f4c8f6380", + "type": "as_policy", + "status": "CREATED", + "details": [ + { + "name": "capacityProviderName", + "value": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + }, + { + "name": "scalingPolicyName", + "value": "ECSManagedAutoScalingPolicy-152363a6-8c65-484c-b721-42c3e070ae93" + } + ] + }, + { + "id": "08b5b6ca-45e9-4209-a65d-e962a27c490a", + "type": "managed_draining", + "status": "CREATED", + "details": [ + { + "name": "capacityProviderName", + "value": "Infra-ECS-Cluster-ECS-project-update-cluster-d6bb6d5b-EC2CapacityProvider-3fIpdkLywwFt" + }, + { + "name": "autoScalingLifecycleHookName", + "value": "ecs-managed-draining-termination-hook" + } + ] + }, + { + "id": "45d0b36f-8cff-46b6-9380-1288744802ab", + "type": "sc", + "status": "DELETED", + "details": [] + }, + { + "id": "3e6890c3-609c-4832-91de-d6ca891b3ef1", + "type": "sc", + "status": "ATTACHED", + "details": [] + }, + { + "id": "961b8ec1-c2f1-4070-8495-e669b7668e90", + "type": "sc", + "status": "DELETED", + "details": [] + } + ], + "attachmentsStatus": "UPDATE_COMPLETE", + "serviceConnectDefaults": { + "namespace": "arn:aws:servicediscovery:us-west-2:123456789012:namespace/ns-dtjmxqpfi46ht7dr" + } + } + } + +For more information on Service Connect, see `Use Service Connect to connect Amazon ECS services with short names `__ in the *Amazon ECS Developer Guide*. diff --git a/awscli/examples/ecs/update-task-protection.rst b/awscli/examples/ecs/update-task-protection.rst new file mode 100644 index 000000000000..6637b009847e --- /dev/null +++ b/awscli/examples/ecs/update-task-protection.rst @@ -0,0 +1,46 @@ +**Example 1: Enable task protection for ECS tasks** + +The following ``update-task-protection`` protects your ECS task from termination during scale-in from Deployments or Service AutoScaling. You can specify custom expiration period for task protection from 1 up to 2,880 minutes (48 hours). If you do not specify expiration period, enabling task protection default time is 2 hours. :: + + aws ecs update-task-protection \ + --cluster ECS-project-update-cluster \ + --tasks c43ed3b1331041f289316f958adb6a24 \ + --protection-enabled \ + --expires-in-minutes 300 + +Output:: + + { + "protectedTasks": [ + { + "taskArn": "arn:aws:ecs:us-west-2:123456789012:task/c43ed3b1331041f289316f958adb6a24", + "protectionEnabled": true, + "expirationDate": "2024-09-14T19:53:36.687000-05:00" + } + ], + "failures": [] + } + +**Example 2: Disable task protection for ECS tasks** + +The following ``update-task-protection`` disables the tasks protected from scale in from Deployments or Service AutoScaling. :: + + aws ecs update-task-protection \ + --cluster ECS-project-update-cluster \ + --tasks c43ed3b1331041f289316f958adb6a24 \ + --no-protection-enabled + +Output:: + + { + "protectedTasks": [ + { + "taskArn": "arn:aws:ecs:us-west-2:123456789012:task/c43ed3b1331041f289316f958adb6a24", + "protectionEnabled": false + } + ], + "failures": [] + } + +For more formation on task protection, see `Protect your Amazon ECS tasks from being terminated by scale-in events `__ in the *Amazon ECS Developer Guide*. + diff --git a/awscli/examples/ecs/wait/services-stable.rst b/awscli/examples/ecs/wait/services-stable.rst index 4ef1dea77f83..78bc6b3f8c74 100644 --- a/awscli/examples/ecs/wait/services-stable.rst +++ b/awscli/examples/ecs/wait/services-stable.rst @@ -4,12 +4,4 @@ The following ``wait`` example pauses and continues only after it can confirm th aws ecs wait services-stable \ --cluster MyCluster \ - --services MyService - -**Example 2: To pause running until a task is confirmed to be running** - -The following ``wait`` example pauses and continues only after the specified task enters a ``RUNNING`` state. :: - - aws ecs wait services-stable \ - --cluster MyCluster \ - --tasks arn:aws:ecs:us-west-2:123456789012:task/a1b2c3d4-5678-90ab-cdef-44444EXAMPLE \ No newline at end of file + --services MyService \ No newline at end of file diff --git a/awscli/examples/ecs/wait/tasks-running.rst b/awscli/examples/ecs/wait/tasks-running.rst new file mode 100644 index 000000000000..cff10759d5d0 --- /dev/null +++ b/awscli/examples/ecs/wait/tasks-running.rst @@ -0,0 +1,7 @@ +**Example 1: To pause running until a task is confirmed to be running** + +The following ``wait`` example pauses and continues only after the specified task enters a ``RUNNING`` state. :: + + aws ecs wait tasks-running \ + --cluster MyCluster \ + --tasks arn:aws:ecs:us-west-2:123456789012:task/a1b2c3d4-5678-90ab-cdef-44444EXAMPLE \ No newline at end of file diff --git a/awscli/examples/eks/associate-encryption-config.rst b/awscli/examples/eks/associate-encryption-config.rst new file mode 100644 index 000000000000..25fa1bab3c8b --- /dev/null +++ b/awscli/examples/eks/associate-encryption-config.rst @@ -0,0 +1,27 @@ +**To associates an encryption configuration to an existing cluster** + +The following ``associate-encryption-config`` example enable's encryption on an existing EKS clusters that do not already have encryption enabled. :: + + aws eks associate-encryption-config \ + --cluster-name my-eks-cluster \ + --encryption-config '[{"resources":["secrets"],"provider":{"keyArn":"arn:aws:kms:region-code:account:key/key"}}]' + +Output:: + + { + "update": { + "id": "3141b835-8103-423a-8e68-12c2521ffa4d", + "status": "InProgress", + "type": "AssociateEncryptionConfig", + "params": [ + { + "type": "EncryptionConfig", + "value": "[{\"resources\":[\"secrets\"],\"provider\":{\"keyArn\":\"arn:aws:kms:region-code:account:key/key\"}}]" + } + ], + "createdAt": "2024-03-14T11:01:26.297000-04:00", + "errors": [] + } + } + +For more information, see `Enabling secret encryption on an existing cluster `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/associate-identity-provider-config.rst b/awscli/examples/eks/associate-identity-provider-config.rst new file mode 100644 index 000000000000..527c7de93dae --- /dev/null +++ b/awscli/examples/eks/associate-identity-provider-config.rst @@ -0,0 +1,31 @@ +**Associate identity provider to your Amazon EKS Cluster** + +The following ``associate-identity-provider-config`` example associates an identity provider to your Amazon EKS Cluster. :: + + aws eks associate-identity-provider-config \ + --cluster-name my-eks-cluster \ + --oidc 'identityProviderConfigName=my-identity-provider,issuerUrl=https://oidc.eks.us-east-2.amazonaws.com/id/38D6A4619A0A69E342B113ED7F1A7652,clientId=kubernetes,usernameClaim=email,usernamePrefix=my-username-prefix,groupsClaim=my-claim,groupsPrefix=my-groups-prefix,requiredClaims={Claim1=value1,Claim2=value2}' \ + --tags env=dev + +Output:: + + { + "update": { + "id": "8c6c1bef-61fe-42ac-a242-89412387b8e7", + "status": "InProgress", + "type": "AssociateIdentityProviderConfig", + "params": [ + { + "type": "IdentityProviderConfig", + "value": "[{\"type\":\"oidc\",\"name\":\"my-identity-provider\"}]" + } + ], + "createdAt": "2024-04-11T13:46:49.648000-04:00", + "errors": [] + }, + "tags": { + "env": "dev" + } + } + +For more information, see `Authenticate users for your cluster from an OpenID Connect identity provider - Associate an OIDC identity provider `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/create-addon.rst b/awscli/examples/eks/create-addon.rst new file mode 100644 index 000000000000..21ca920a100d --- /dev/null +++ b/awscli/examples/eks/create-addon.rst @@ -0,0 +1,191 @@ +**Example 1: To create an Amazon EKS add-on with default compatibile version for the respective EKS cluster version** + +The following ``create-addon`` example command creates an Amazon EKS add-on with default compatibile version for the respective EKS cluster version. :: + + aws eks create-addon \ + --cluster-name my-eks-cluster \ + --addon-name my-eks-addon \ + --service-account-role-arn arn:aws:iam::111122223333:role/role-name + +Output:: + + { + "addon": { + "addonName": "my-eks-addon", + "clusterName": "my-eks-cluster", + "status": "CREATING", + "addonVersion": "v1.15.1-eksbuild.1", + "health": { + "issues": [] + }, + "addonArn": "arn:aws:eks:us-east-2:111122223333:addon/my-eks-cluster/my-eks-addon/1ec71ee1-b9c2-8915-4e17-e8be0a55a149", + "createdAt": "2024-03-14T12:20:03.264000-04:00", + "modifiedAt": "2024-03-14T12:20:03.283000-04:00", + "serviceAccountRoleArn": "arn:aws:iam::111122223333:role/role-name", + "tags": {} + } + } + +For more information, see `Managing Amazon EKS add-ons - Creating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 2: To create an Amazon EKS add-on with specific add-on version** + +The following ``create-addon`` example command creates an Amazon EKS add-on with specific add-on version. :: + + aws eks create-addon \ + --cluster-name my-eks-cluster \ + --addon-name my-eks-addon \ + --service-account-role-arn arn:aws:iam::111122223333:role/role-name \ + --addon-version v1.16.4-eksbuild.2 + +Output:: + + { + "addon": { + "addonName": "my-eks-addon", + "clusterName": "my-eks-cluster", + "status": "CREATING", + "addonVersion": "v1.16.4-eksbuild.2", + "health": { + "issues": [] + }, + "addonArn": "arn:aws:eks:us-east-2:111122223333:addon/my-eks-cluster/my-eks-addon/34c71ee6-7738-6c8b-c6bd-3921a176b5ff", + "createdAt": "2024-03-14T12:30:24.507000-04:00", + "modifiedAt": "2024-03-14T12:30:24.521000-04:00", + "serviceAccountRoleArn": "arn:aws:iam::111122223333:role/role-name", + "tags": {} + } + } + +For more information, see `Managing Amazon EKS add-ons - Creating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 3: To create an Amazon EKS add-on with custom configuration values and resolve conflicts details** + +The following ``create-addon`` example command creates an Amazon EKS add-on with custom configuration values and resolves conflicts details. :: + + aws eks create-addon \ + --cluster-name my-eks-cluster \ + --addon-name my-eks-addon \ + --service-account-role-arn arn:aws:iam::111122223333:role/role-name \ + --addon-version v1.16.4-eksbuild.2 \ + --configuration-values '{"resources":{"limits":{"cpu":"100m"}}}' \ + --resolve-conflicts OVERWRITE + +Output:: + + { + "addon": { + "addonName": "my-eks-addon", + "clusterName": "my-eks-cluster", + "status": "CREATING", + "addonVersion": "v1.16.4-eksbuild.2", + "health": { + "issues": [] + }, + "addonArn": "arn:aws:eks:us-east-2:111122223333:addon/my-eks-cluster/my-eks-addon/a6c71ee9-0304-9237-1be8-25af1b0f1ffb", + "createdAt": "2024-03-14T12:35:58.313000-04:00", + "modifiedAt": "2024-03-14T12:35:58.327000-04:00", + "serviceAccountRoleArn": "arn:aws:iam::111122223333:role/role-name", + "tags": {}, + "configurationValues": "{\"resources\":{\"limits\":{\"cpu\":\"100m\"}}}" + } + } + +For more information, see `Managing Amazon EKS add-ons - Creating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 4: To create an Amazon EKS add-on with custom JSON configuration values file** + +The following ``create-addon`` example command creates an Amazon EKS add-on with custom configuration values and resolve conflicts details. :: + + aws eks create-addon \ + --cluster-name my-eks-cluster \ + --addon-name my-eks-addon \ + --service-account-role-arn arn:aws:iam::111122223333:role/role-name \ + --addon-version v1.16.4-eksbuild.2 \ + --configuration-values 'file://configuration-values.json' \ + --resolve-conflicts OVERWRITE \ + --tags '{"eks-addon-key-1": "value-1" , "eks-addon-key-2": "value-2"}' + +Contents of ``configuration-values.json``:: + + { + "resources": { + "limits": { + "cpu": "150m" + } + }, + "env": { + "AWS_VPC_K8S_CNI_LOGLEVEL": "ERROR" + } + } + +Output:: + + { + "addon": { + "addonName": "my-eks-addon", + "clusterName": "my-eks-cluster", + "status": "CREATING", + "addonVersion": "v1.16.4-eksbuild.2", + "health": { + "issues": [] + }, + "addonArn": "arn:aws:eks:us-east-2:111122223333:addon/my-eks-cluster/my-eks-addon/d8c71ef8-fbd8-07d0-fb32-6a7be19ececd", + "createdAt": "2024-03-14T13:10:51.763000-04:00", + "modifiedAt": "2024-03-14T13:10:51.777000-04:00", + "serviceAccountRoleArn": "arn:aws:iam::111122223333:role/role-name", + "tags": { + "eks-addon-key-1": "value-1", + "eks-addon-key-2": "value-2" + }, + "configurationValues": "{\n \"resources\": {\n \"limits\": {\n \"cpu\": \"150m\"\n }\n },\n \"env\": {\n \"AWS_VPC_K8S_CNI_LOGLEVEL\": \"ERROR\"\n }\n}" + } + } + +For more information, see `Managing Amazon EKS add-ons - Creating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 5: To create an Amazon EKS add-on with custom YAML configuration values file** + +The following ``create-addon`` example command creates an Amazon EKS add-on with custom configuration values and resolve conflicts details. :: + + aws eks create-addon \ + --cluster-name my-eks-cluster \ + --addon-name my-eks-addon \ + --service-account-role-arn arn:aws:iam::111122223333:role/role-name \ + --addon-version v1.16.4-eksbuild.2 \ + --configuration-values 'file://configuration-values.yaml' \ + --resolve-conflicts OVERWRITE \ + --tags '{"eks-addon-key-1": "value-1" , "eks-addon-key-2": "value-2"}' + +Contents of ``configuration-values.yaml``:: + + resources: + limits: + cpu: '100m' + env: + AWS_VPC_K8S_CNI_LOGLEVEL: 'DEBUG' + +Output:: + + { + "addon": { + "addonName": "my-eks-addon", + "clusterName": "my-eks-cluster", + "status": "CREATING", + "addonVersion": "v1.16.4-eksbuild.2", + "health": { + "issues": [] + }, + "addonArn": "arn:aws:eks:us-east-2:111122223333:addon/my-eks-cluster/my-eks-addon/d4c71efb-3909-6f36-a548-402cd4b5d59e", + "createdAt": "2024-03-14T13:15:45.220000-04:00", + "modifiedAt": "2024-03-14T13:15:45.237000-04:00", + "serviceAccountRoleArn": "arn:aws:iam::111122223333:role/role-name", + "tags": { + "eks-addon-key-3": "value-3", + "eks-addon-key-4": "value-4" + }, + "configurationValues": "resources:\n limits:\n cpu: '100m'\nenv:\n AWS_VPC_K8S_CNI_LOGLEVEL: 'INFO'" + } + } + +For more information, see `Managing Amazon EKS add-ons - Creating an add-on `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/create-fargate-profile.rst b/awscli/examples/eks/create-fargate-profile.rst new file mode 100644 index 000000000000..ec5de6cf3b81 --- /dev/null +++ b/awscli/examples/eks/create-fargate-profile.rst @@ -0,0 +1,216 @@ +**Example 1: Create EKS Fargate Profile for a selector with a namespace** + +The following ``create-fargate-profile`` example creates an EKS Fargate Profile for a selector with a namespace. :: + + aws eks create-fargate-profile \ + --cluster-name my-eks-cluster \ + --pod-execution-role-arn arn:aws:iam::111122223333:role/role-name \ + --fargate-profile-name my-fargate-profile \ + --selectors '[{"namespace": "default"}]' + +Output:: + + { + "fargateProfile": { + "fargateProfileName": "my-fargate-profile", + "fargateProfileArn": "arn:aws:eks:us-east-2:111122223333:fargateprofile/my-eks-cluster/my-fargate-profile/a2c72bca-318e-abe8-8ed1-27c6d4892e9e", + "clusterName": "my-eks-cluster", + "createdAt": "2024-03-19T12:38:47.368000-04:00", + "podExecutionRoleArn": "arn:aws:iam::111122223333:role/role-name", + "subnets": [ + "subnet-09d912bb63ef21b9a", + "subnet-04ad87f71c6e5ab4d", + "subnet-0e2907431c9988b72" + ], + "selectors": [ + { + "namespace": "default" + } + ], + "status": "CREATING", + "tags": {} + } + } + +For more information, see `AWS Fargate profile - Creating a Fargate profile `__ in the *Amazon EKS User Guide*. + +**Example 2: Create EKS Fargate Profile for a selector with a namespace and labels** + +The following ``create-fargate-profile`` example creates an EKS Fargate Profile for a selector with a namespace and labels. :: + + aws eks create-fargate-profile \ + --cluster-name my-eks-cluster \ + --pod-execution-role-arn arn:aws:iam::111122223333:role/role-name \ + --fargate-profile-name my-fargate-profile \ + --selectors '[{"namespace": "default", "labels": {"labelname1": "labelvalue1"}}]' + +Output:: + + { + "fargateProfile": { + "fargateProfileName": "my-fargate-profile", + "fargateProfileArn": "arn:aws:eks:us-east-2:111122223333:fargateprofile/my-eks-cluster/my-fargate-profile/88c72bc7-e8a4-fa34-44e4-2f1397224bb3", + "clusterName": "my-eks-cluster", + "createdAt": "2024-03-19T12:33:48.125000-04:00", + "podExecutionRoleArn": "arn:aws:iam::111122223333:role/role-name", + "subnets": [ + "subnet-09d912bb63ef21b9a", + "subnet-04ad87f71c6e5ab4d", + "subnet-0e2907431c9988b72" + ], + "selectors": [ + { + "namespace": "default", + "labels": { + "labelname1": "labelvalue1" + } + } + ], + "status": "CREATING", + "tags": {} + } + } + +For more information, see `AWS Fargate profile - Creating a Fargate profile `__ in the *Amazon EKS User Guide*. + +**Example 3: Create EKS Fargate Profile for a selector with a namespace and labels, along with IDs of subnets to launch a Pod into.** + +The following ``create-fargate-profile`` example create EKS Fargate Profile for a selector with a namespace and labels, along with IDs of subnets to launch a Pod into. :: + + aws eks create-fargate-profile \ + --cluster-name my-eks-cluster \ + --pod-execution-role-arn arn:aws:iam::111122223333:role/role-name \ + --fargate-profile-name my-fargate-profile \ + --selectors '[{"namespace": "default", "labels": {"labelname1": "labelvalue1"}}]' \ + --subnets '["subnet-09d912bb63ef21b9a", "subnet-04ad87f71c6e5ab4d", "subnet-0e2907431c9988b72"]' + +Output:: + + { + "fargateProfile": { + "fargateProfileName": "my-fargate-profile", + "fargateProfileArn": "arn:aws:eks:us-east-2:111122223333:fargateprofile/my-eks-cluster/my-fargate-profile/e8c72bc8-e87b-5eb6-57cb-ed4fe57577e3", + "clusterName": "my-eks-cluster", + "createdAt": "2024-03-19T12:35:58.640000-04:00", + "podExecutionRoleArn": "arn:aws:iam::111122223333:role/role-name", + "subnets": [ + "subnet-09d912bb63ef21b9a", + "subnet-04ad87f71c6e5ab4d", + "subnet-0e2907431c9988b72" + ], + "selectors": [ + { + "namespace": "default", + "labels": { + "labelname1": "labelvalue1" + } + } + ], + "status": "CREATING", + "tags": {} + } + } + +For more information, see `AWS Fargate profile - Creating a Fargate profile `__ in the *Amazon EKS User Guide*. + +**Example 4: Create EKS Fargate Profile for a selector with multiple namespace and labels, along with IDs of subnets to launch a Pod into** + +The following ``create-fargate-profile`` example creates an EKS Fargate Profile for a selector with multiple namespace and labels, along with IDs of subnets to launch a Pod into. :: + + aws eks create-fargate-profile \ + --cluster-name my-eks-cluster \ + --pod-execution-role-arn arn:aws:iam::111122223333:role/role-name \ + --fargate-profile-name my-fargate-profile \ + --selectors '[{"namespace": "default1", "labels": {"labelname1": "labelvalue1", "labelname2": "labelvalue2"}}, {"namespace": "default2", "labels": {"labelname1": "labelvalue1", "labelname2": "labelvalue2"}}]' \ + --subnets '["subnet-09d912bb63ef21b9a", "subnet-04ad87f71c6e5ab4d", "subnet-0e2907431c9988b72"]' \ + --tags '{"eks-fargate-profile-key-1": "value-1" , "eks-fargate-profile-key-2": "value-2"}' + +Output:: + + { + "fargateProfile": { + "fargateProfileName": "my-fargate-profile", + "fargateProfileArn": "arn:aws:eks:us-east-2:111122223333:fargateprofile/my-eks-cluster/my-fargate-profile/4cc72bbf-b766-8ee6-8d29-e62748feb3cd", + "clusterName": "my-eks-cluster", + "createdAt": "2024-03-19T12:15:55.271000-04:00", + "podExecutionRoleArn": "arn:aws:iam::111122223333:role/role-name", + "subnets": [ + "subnet-09d912bb63ef21b9a", + "subnet-04ad87f71c6e5ab4d", + "subnet-0e2907431c9988b72" + ], + "selectors": [ + { + "namespace": "default1", + "labels": { + "labelname2": "labelvalue2", + "labelname1": "labelvalue1" + } + }, + { + "namespace": "default2", + "labels": { + "labelname2": "labelvalue2", + "labelname1": "labelvalue1" + } + } + ], + "status": "CREATING", + "tags": { + "eks-fargate-profile-key-2": "value-2", + "eks-fargate-profile-key-1": "value-1" + } + } + } + +For more information, see `AWS Fargate profile - Creating a Fargate profile `__ in the *Amazon EKS User Guide*. + +**Example 5: Create EKS Fargate Profile with a wildcard selector for namespaces and labels, along with IDs of subnets to launch a Pod into** + +The following ``create-fargate-profile`` example creates an EKS Fargate Profile for a selector with multiple namespace and labels, along with IDs of subnets to launch a Pod into. :: + + aws eks create-fargate-profile \ + --cluster-name my-eks-cluster \ + --pod-execution-role-arn arn:aws:iam::111122223333:role/role-name \ + --fargate-profile-name my-fargate-profile \ + --selectors '[{"namespace": "prod*", "labels": {"labelname*?": "*value1"}}, {"namespace": "*dev*", "labels": {"labelname*?": "*value*"}}]' \ + --subnets '["subnet-09d912bb63ef21b9a", "subnet-04ad87f71c6e5ab4d", "subnet-0e2907431c9988b72"]' \ + --tags '{"eks-fargate-profile-key-1": "value-1" , "eks-fargate-profile-key-2": "value-2"}' + +Output:: + + { + "fargateProfile": { + "fargateProfileName": "my-fargate-profile", + "fargateProfileArn": "arn:aws:eks:us-east-2:111122223333:fargateprofile/my-eks-cluster/my-fargate-profile/e8c72bd6-5966-0bfe-b77b-1802893e5a6f", + "clusterName": "my-eks-cluster", + "createdAt": "2024-03-19T13:05:20.550000-04:00", + "podExecutionRoleArn": "arn:aws:iam::111122223333:role/role-name", + "subnets": [ + "subnet-09d912bb63ef21b9a", + "subnet-04ad87f71c6e5ab4d", + "subnet-0e2907431c9988b72" + ], + "selectors": [ + { + "namespace": "prod*", + "labels": { + "labelname*?": "*value1" + } + }, + { + "namespace": "*dev*", + "labels": { + "labelname*?": "*value*" + } + } + ], + "status": "CREATING", + "tags": { + "eks-fargate-profile-key-2": "value-2", + "eks-fargate-profile-key-1": "value-1" + } + } + } + +For more information, see `AWS Fargate profile - Creating a Fargate profile `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/create-nodegroup.rst b/awscli/examples/eks/create-nodegroup.rst new file mode 100644 index 000000000000..3152d3febfb4 --- /dev/null +++ b/awscli/examples/eks/create-nodegroup.rst @@ -0,0 +1,180 @@ +**Example 1: Creates a managed node group for an Amazon EKS cluster** + +The following ``create-nodegroup`` example creates a managed node group for an Amazon EKS cluster. :: + + aws eks create-nodegroup \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup \ + --node-role arn:aws:iam::111122223333:role/role-name \ + --subnets "subnet-0e2907431c9988b72" "subnet-04ad87f71c6e5ab4d" "subnet-09d912bb63ef21b9a" \ + --scaling-config minSize=1,maxSize=3,desiredSize=1 \ + --region us-east-2 + +Output:: + + { + "nodegroup": { + "nodegroupName": "my-eks-nodegroup", + "nodegroupArn": "arn:aws:eks:us-east-2:111122223333:nodegroup/my-eks-cluster/my-eks-nodegroup/bac7550f-b8b8-5fbb-4f3e-7502a931119e", + "clusterName": "my-eks-cluster", + "version": "1.26", + "releaseVersion": "1.26.12-20240329", + "createdAt": "2024-04-04T13:19:32.260000-04:00", + "modifiedAt": "2024-04-04T13:19:32.260000-04:00", + "status": "CREATING", + "capacityType": "ON_DEMAND", + "scalingConfig": { + "minSize": 1, + "maxSize": 3, + "desiredSize": 1 + }, + "instanceTypes": [ + "t3.medium" + ], + "subnets": [ + "subnet-0e2907431c9988b72, subnet-04ad87f71c6e5ab4d, subnet-09d912bb63ef21b9a" + ], + "amiType": "AL2_x86_64", + "nodeRole": "arn:aws:iam::111122223333:role/role-name", + "diskSize": 20, + "health": { + "issues": [] + }, + "updateConfig": { + "maxUnavailable": 1 + }, + "tags": {} + } + } + +For more information, see `Creating a managed node group `__ in the *Amazon EKS User Guide*. + +**Example 2: Creates a managed node group for an Amazon EKS cluster with custom instance-types and disk-size** + +The following ``create-nodegroup`` example creates a managed node group for an Amazon EKS cluster with custom instance-types and disk-size. :: + + aws eks create-nodegroup \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup \ + --node-role arn:aws:iam::111122223333:role/role-name \ + --subnets "subnet-0e2907431c9988b72" "subnet-04ad87f71c6e5ab4d" "subnet-09d912bb63ef21b9a" \ + --scaling-config minSize=1,maxSize=3,desiredSize=1 \ + --capacity-type ON_DEMAND \ + --instance-types 'm5.large' \ + --disk-size 50 \ + --region us-east-2 + +Output:: + + { + "nodegroup": { + "nodegroupName": "my-eks-nodegroup", + "nodegroupArn": "arn:aws:eks:us-east-2:111122223333:nodegroup/my-eks-cluster/my-eks-nodegroup/c0c7551b-e4f9-73d9-992c-a450fdb82322", + "clusterName": "my-eks-cluster", + "version": "1.26", + "releaseVersion": "1.26.12-20240329", + "createdAt": "2024-04-04T13:46:07.595000-04:00", + "modifiedAt": "2024-04-04T13:46:07.595000-04:00", + "status": "CREATING", + "capacityType": "ON_DEMAND", + "scalingConfig": { + "minSize": 1, + "maxSize": 3, + "desiredSize": 1 + }, + "instanceTypes": [ + "m5.large" + ], + "subnets": [ + "subnet-0e2907431c9988b72", + "subnet-04ad87f71c6e5ab4d", + "subnet-09d912bb63ef21b9a" + ], + "amiType": "AL2_x86_64", + "nodeRole": "arn:aws:iam::111122223333:role/role-name", + "diskSize": 50, + "health": { + "issues": [] + }, + "updateConfig": { + "maxUnavailable": 1 + }, + "tags": {} + } + } + +For more information, see `Creating a managed node group `__ in the *Amazon EKS User Guide*. + +**Example 3: Creates a managed node group for an Amazon EKS cluster with custom instance-types, disk-size, ami-type, capacity-type, update-config, labels, taints and tags.** + +The following ``create-nodegroup`` example creates a managed node group for an Amazon EKS cluster with custom instance-types, disk-size, ami-type, capacity-type, update-config, labels, taints and tags. :: + + aws eks create-nodegroup \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup \ + --node-role arn:aws:iam::111122223333:role/role-name \ + --subnets "subnet-0e2907431c9988b72" "subnet-04ad87f71c6e5ab4d" "subnet-09d912bb63ef21b9a" \ + --scaling-config minSize=1,maxSize=5,desiredSize=4 \ + --instance-types 't3.large' \ + --disk-size 50 \ + --ami-type AL2_x86_64 \ + --capacity-type SPOT \ + --update-config maxUnavailable=2 \ + --labels '{"my-eks-nodegroup-label-1": "value-1" , "my-eks-nodegroup-label-2": "value-2"}' \ + --taints '{"key": "taint-key-1" , "value": "taint-value-1", "effect": "NO_EXECUTE"}' \ + --tags '{"my-eks-nodegroup-key-1": "value-1" , "my-eks-nodegroup-key-2": "value-2"}' + +Output:: + + { + "nodegroup": { + "nodegroupName": "my-eks-nodegroup", + "nodegroupArn": "arn:aws:eks:us-east-2:111122223333:nodegroup/my-eks-cluster/my-eks-nodegroup/88c75524-97af-0cb9-a9c5-7c0423ab5314", + "clusterName": "my-eks-cluster", + "version": "1.26", + "releaseVersion": "1.26.12-20240329", + "createdAt": "2024-04-04T14:05:07.940000-04:00", + "modifiedAt": "2024-04-04T14:05:07.940000-04:00", + "status": "CREATING", + "capacityType": "SPOT", + "scalingConfig": { + "minSize": 1, + "maxSize": 5, + "desiredSize": 4 + }, + "instanceTypes": [ + "t3.large" + ], + "subnets": [ + "subnet-0e2907431c9988b72", + "subnet-04ad87f71c6e5ab4d", + "subnet-09d912bb63ef21b9a" + ], + "amiType": "AL2_x86_64", + "nodeRole": "arn:aws:iam::111122223333:role/role-name", + "labels": { + "my-eks-nodegroup-label-2": "value-2", + "my-eks-nodegroup-label-1": "value-1" + }, + "taints": [ + { + "key": "taint-key-1", + "value": "taint-value-1", + "effect": "NO_EXECUTE" + } + ], + "diskSize": 50, + "health": { + "issues": [] + }, + "updateConfig": { + "maxUnavailable": 2 + }, + "tags": { + "my-eks-nodegroup-key-1": "value-1", + "my-eks-nodegroup-key-2": "value-2" + } + } + } + +For more information, see `Creating a managed node group `__ in the *Amazon EKS User Guide*. \ No newline at end of file diff --git a/awscli/examples/eks/delete-addon.rst b/awscli/examples/eks/delete-addon.rst new file mode 100644 index 000000000000..e085cdb9591d --- /dev/null +++ b/awscli/examples/eks/delete-addon.rst @@ -0,0 +1,57 @@ +**Example 1. To deletes an Amazon EKS add-on but preserve the add-on software on the EKS Cluster** + +The following ``delete-addon`` example command deletes an Amazon EKS add-on but preserve the add-on software on the EKS Cluster. :: + + aws eks delete-addon \ + --cluster-name my-eks-cluster \ + --addon-name my-eks-addon \ + --preserve + +Output:: + + { + "addon": { + "addonName": "my-eks-addon", + "clusterName": "my-eks-cluster", + "status": "DELETING", + "addonVersion": "v1.9.3-eksbuild.7", + "health": { + "issues": [] + }, + "addonArn": "arn:aws:eks:us-east-2:111122223333:addon/my-eks-cluster/my-eks-addon/a8c71ed3-944e-898b-9167-c763856af4b8", + "createdAt": "2024-03-14T11:49:09.009000-04:00", + "modifiedAt": "2024-03-14T12:03:49.776000-04:00", + "tags": {} + } + } + +For more information, see `Managing Amazon EKS add-ons - Deleting an add-on `__ in the *Amazon EKS*. + +**Example 2. To deletes an Amazon EKS add-on and also delete the add-on software from the EKS Cluster** + +The following ``delete-addon`` example command deletes an Amazon EKS add-on and also delete the add-on software from the EKS Cluster. :: + + aws eks delete-addon \ + --cluster-name my-eks-cluster \ + --addon-name my-eks-addon + +Output:: + + { + "addon": { + "addonName": "my-eks-addon", + "clusterName": "my-eks-cluster", + "status": "DELETING", + "addonVersion": "v1.15.1-eksbuild.1", + "health": { + "issues": [] + }, + "addonArn": "arn:aws:eks:us-east-2:111122223333:addon/my-eks-cluster/my-eks-addon/bac71ed1-ec43-3bb6-88ea-f243cdb58954", + "createdAt": "2024-03-14T11:45:31.983000-04:00", + "modifiedAt": "2024-03-14T11:58:40.136000-04:00", + "serviceAccountRoleArn": "arn:aws:iam::111122223333:role/role-name", + "tags": {} + } + } + +For more information, see `Managing Amazon EKS add-ons - Deleting an add-on `__ in the *Amazon EKS*. diff --git a/awscli/examples/eks/delete-cluster.rst b/awscli/examples/eks/delete-cluster.rst index 9de65227a29f..a238fcc30235 100644 --- a/awscli/examples/eks/delete-cluster.rst +++ b/awscli/examples/eks/delete-cluster.rst @@ -1,7 +1,85 @@ -**To delete a cluster** - -This example command deletes a cluster named ``devel`` in your default region. - -Command:: - - aws eks delete-cluster --name devel +**Delete an Amazon EKS cluster control plane** + +The following ``delete-cluster`` example deletes an Amazon EKS cluster control plane. :: + + aws eks delete-cluster \ + --name my-eks-cluster + +Output:: + + { + "cluster": { + "name": "my-eks-cluster", + "arn": "arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster", + "createdAt": "2024-03-14T11:31:44.348000-04:00", + "version": "1.27", + "endpoint": "https://DALSJ343KE23J3RN45653DSKJTT647TYD.yl4.us-east-2.eks.amazonaws.com", + "roleArn": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-cluster-ServiceRole-zMF6CBakwwbW", + "resourcesVpcConfig": { + "subnetIds": [ + "subnet-0fb75d2d8401716e7", + "subnet-02184492f67a3d0f9", + "subnet-04098063527aab776", + "subnet-0e2907431c9988b72", + "subnet-04ad87f71c6e5ab4d", + "subnet-09d912bb63ef21b9a" + ], + "securityGroupIds": [ + "sg-0c1327f6270afbb36" + ], + "clusterSecurityGroupId": "sg-01c84d09d70f39a7f", + "vpcId": "vpc-0012b8e1cc0abb17d", + "endpointPublicAccess": true, + "endpointPrivateAccess": true, + "publicAccessCidrs": [ + "0.0.0.0/0" + ] + }, + "kubernetesNetworkConfig": { + "serviceIpv4Cidr": "10.100.0.0/16", + "ipFamily": "ipv4" + }, + "logging": { + "clusterLogging": [ + { + "types": [ + "api", + "audit", + "authenticator", + "controllerManager", + "scheduler" + ], + "enabled": true + } + ] + }, + "identity": { + "oidc": { + "issuer": "https://oidc.eks.us-east-2.amazonaws.com/id/DALSJ343KE23J3RN45653DSKJTT647TYD" + } + }, + "status": "DELETING", + "certificateAuthority": { + "data": "XXX_CA_DATA_XXX" + }, + "platformVersion": "eks.16", + "tags": { + "aws:cloudformation:stack-name": "eksctl-my-eks-cluster-cluster", + "alpha.eksctl.io/cluster-name": "my-eks-cluster", + "karpenter.sh/discovery": "my-eks-cluster", + "aws:cloudformation:stack-id": "arn:aws:cloudformation:us-east-2:111122223333:stack/eksctl-my-eks-cluster-cluster/e752ea00-e217-11ee-beae-0a9599c8c7ed", + "auto-delete": "no", + "eksctl.cluster.k8s.io/v1alpha1/cluster-name": "my-eks-cluster", + "EKS-Cluster-Name": "my-eks-cluster", + "alpha.eksctl.io/cluster-oidc-enabled": "true", + "aws:cloudformation:logical-id": "ControlPlane", + "alpha.eksctl.io/eksctl-version": "0.173.0-dev+a7ee89342.2024-03-01T03:40:57Z", + "Name": "eksctl-my-eks-cluster-cluster/ControlPlane" + }, + "accessConfig": { + "authenticationMode": "API_AND_CONFIG_MAP" + } + } + } + +For more information, see `Deleting an Amazon EKS cluster `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/delete-fargate-profile.rst b/awscli/examples/eks/delete-fargate-profile.rst new file mode 100644 index 000000000000..97814acc7760 --- /dev/null +++ b/awscli/examples/eks/delete-fargate-profile.rst @@ -0,0 +1,36 @@ +**Example 1: Create EKS Fargate Profile for a selector with a namespace** + +The following ``delete-fargate-profile`` example creates an EKS Fargate Profile for a selector with a namespace. :: + + aws eks delete-fargate-profile \ + --cluster-name my-eks-cluster \ + --fargate-profile-name my-fargate-profile + +Output:: + + { + "fargateProfile": { + "fargateProfileName": "my-fargate-profile", + "fargateProfileArn": "arn:aws:eks:us-east-2:111122223333:fargateprofile/my-eks-cluster/my-fargate-profile/1ac72bb3-3fc6-2631-f1e1-98bff53bed62", + "clusterName": "my-eks-cluster", + "createdAt": "2024-03-19T11:48:39.975000-04:00", + "podExecutionRoleArn": "arn:aws:iam::111122223333:role/role-name", + "subnets": [ + "subnet-09d912bb63ef21b9a", + "subnet-04ad87f71c6e5ab4d", + "subnet-0e2907431c9988b72" + ], + "selectors": [ + { + "namespace": "default", + "labels": { + "foo": "bar" + } + } + ], + "status": "DELETING", + "tags": {} + } + } + +For more information, see `AWS Fargate profile - Deleting a Fargate `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/delete-nodegroup.rst b/awscli/examples/eks/delete-nodegroup.rst new file mode 100644 index 000000000000..718cfee7b9dc --- /dev/null +++ b/awscli/examples/eks/delete-nodegroup.rst @@ -0,0 +1,60 @@ +**Example 1: Delete a managed node group for an Amazon EKS cluster** + +The following ``delete-nodegroup`` example deletes a managed node group for an Amazon EKS cluster. :: + + aws eks delete-nodegroup \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup + +Output:: + + { + "nodegroup": { + "nodegroupName": "my-eks-nodegroup", + "nodegroupArn": "arn:aws:eks:us-east-2:111122223333:nodegroup/my-eks-cluster/my-eks-nodegroup/1ec75f5f-0e21-dcc0-b46e-f9c442685cd8", + "clusterName": "my-eks-cluster", + "version": "1.26", + "releaseVersion": "1.26.12-20240329", + "createdAt": "2024-04-08T13:25:15.033000-04:00", + "modifiedAt": "2024-04-08T13:25:31.252000-04:00", + "status": "DELETING", + "capacityType": "SPOT", + "scalingConfig": { + "minSize": 1, + "maxSize": 5, + "desiredSize": 4 + }, + "instanceTypes": [ + "t3.large" + ], + "subnets": [ + "subnet-0e2907431c9988b72", + "subnet-04ad87f71c6e5ab4d", + "subnet-09d912bb63ef21b9a" + ], + "amiType": "AL2_x86_64", + "nodeRole": "arn:aws:iam::111122223333:role/role-name", + "labels": { + "my-eks-nodegroup-label-2": "value-2", + "my-eks-nodegroup-label-1": "value-1" + }, + "taints": [ + { + "key": "taint-key-1", + "value": "taint-value-1", + "effect": "NO_EXECUTE" + } + ], + "diskSize": 50, + "health": { + "issues": [] + }, + "updateConfig": { + "maxUnavailable": 2 + }, + "tags": { + "my-eks-nodegroup-key-1": "value-1", + "my-eks-nodegroup-key-2": "value-2" + } + } + } diff --git a/awscli/examples/eks/deregister-cluster.rst b/awscli/examples/eks/deregister-cluster.rst new file mode 100644 index 000000000000..490f8ca992a3 --- /dev/null +++ b/awscli/examples/eks/deregister-cluster.rst @@ -0,0 +1,26 @@ +**To deregisters a connected cluster to remove it from the Amazon EKS control plane** + +The following ``deregister-cluster`` example deregisters a connected cluster to remove it from the Amazon EKS control plane. :: + + aws eks deregister-cluster \ + --name my-eks-anywhere-cluster + +Output:: + + { + "cluster": { + "name": "my-eks-anywhere-cluster", + "arn": "arn:aws:eks:us-east-2:111122223333:cluster/my-eks-anywhere-cluster", + "createdAt": "2024-04-12T12:38:37.561000-04:00", + "status": "DELETING", + "tags": {}, + "connectorConfig": { + "activationId": "dfb5ad28-13c3-4e26-8a19-5b2457638c74", + "activationExpiry": "2024-04-15T12:38:37.082000-04:00", + "provider": "EKS_ANYWHERE", + "roleArn": "arn:aws:iam::111122223333:role/AmazonEKSConnectorAgentRole" + } + } + } + +For more information, see `Deregistering a cluster `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/describe-addon-configuration.rst b/awscli/examples/eks/describe-addon-configuration.rst new file mode 100644 index 000000000000..4c23cd473719 --- /dev/null +++ b/awscli/examples/eks/describe-addon-configuration.rst @@ -0,0 +1,33 @@ +**Example 1: Configuration options available when creating or updating Amazon vpc-cni AddOns** + +The following ``describe-addon-configuration`` example returns the all the available configuration schema you use when an add-on is created or updated for vpc-cni add-on with respective version. :: + + aws eks describe-addon-configuration \ + --addon-name vpc-cni \ + --addon-version v1.15.1-eksbuild.1 + +Output:: + + { + "addonName": "vpc-cni", + "addonVersion": "v1.15.1-eksbuild.1", + "configurationSchema": "{\"$ref\":\"#/definitions/VpcCni\",\"$schema\":\"http://json-schema.org/draft-06/schema#\",\"definitions\":{\"Affinity\":{\"type\":[\"object\",\"null\"]},\"EniConfig\":{\"additionalProperties\":false,\"properties\":{\"create\":{\"type\":\"boolean\"},\"region\":{\"type\":\"string\"},\"subnets\":{\"additionalProperties\":{\"additionalProperties\":false,\"properties\":{\"id\":{\"type\":\"string\"},\"securityGroups\":{\"items\":{\"type\":\"string\"},\"type\":\"array\"}},\"required\":[\"id\"],\"type\":\"object\"},\"minProperties\":1,\"type\":\"object\"}},\"required\":[\"create\",\"region\",\"subnets\"],\"type\":\"object\"},\"Env\":{\"additionalProperties\":false,\"properties\":{\"ADDITIONAL_ENI_TAGS\":{\"type\":\"string\"},\"ANNOTATE_POD_IP\":{\"format\":\"boolean\",\"type\":\"string\"},\"AWS_EC2_ENDPOINT\":{\"type\":\"string\"},\"AWS_EXTERNAL_SERVICE_CIDRS\":{\"type\":\"string\"},\"AWS_MANAGE_ENIS_NON_SCHEDULABLE\":{\"format\":\"boolean\",\"type\":\"string\"},\"AWS_VPC_CNI_NODE_PORT_SUPPORT\":{\"format\":\"boolean\",\"type\":\"string\"},\"AWS_VPC_ENI_MTU\":{\"format\":\"integer\",\"type\":\"string\"},\"AWS_VPC_K8S_CNI_CUSTOM_NETWORK_CFG\":{\"format\":\"boolean\",\"type\":\"string\"},\"AWS_VPC_K8S_CNI_EXCLUDE_SNAT_CIDRS\":{\"type\":\"string\"},\"AWS_VPC_K8S_CNI_EXTERNALSNAT\":{\"format\":\"boolean\",\"type\":\"string\"},\"AWS_VPC_K8S_CNI_LOGLEVEL\":{\"type\":\"string\"},\"AWS_VPC_K8S_CNI_LOG_FILE\":{\"type\":\"string\"},\"AWS_VPC_K8S_CNI_RANDOMIZESNAT\":{\"type\":\"string\"},\"AWS_VPC_K8S_CNI_VETHPREFIX\":{\"type\":\"string\"},\"AWS_VPC_K8S_PLUGIN_LOG_FILE\":{\"type\":\"string\"},\"AWS_VPC_K8S_PLUGIN_LOG_LEVEL\":{\"type\":\"string\"},\"CLUSTER_ENDPOINT\":{\"type\":\"string\"},\"DISABLE_INTROSPECTION\":{\"format\":\"boolean\",\"type\":\"string\"},\"DISABLE_LEAKED_ENI_CLEANUP\":{\"format\":\"boolean\",\"type\":\"string\"},\"DISABLE_METRICS\":{\"format\":\"boolean\",\"type\":\"string\"},\"DISABLE_NETWORK_RESOURCE_PROVISIONING\":{\"format\":\"boolean\",\"type\":\"string\"},\"DISABLE_POD_V6\":{\"format\":\"boolean\",\"type\":\"string\"},\"ENABLE_BANDWIDTH_PLUGIN\":{\"format\":\"boolean\",\"type\":\"string\"},\"ENABLE_POD_ENI\":{\"format\":\"boolean\",\"type\":\"string\"},\"ENABLE_PREFIX_DELEGATION\":{\"format\":\"boolean\",\"type\":\"string\"},\"ENABLE_V4_EGRESS\":{\"format\":\"boolean\",\"type\":\"string\"},\"ENABLE_V6_EGRESS\":{\"format\":\"boolean\",\"type\":\"string\"},\"ENI_CONFIG_ANNOTATION_DEF\":{\"type\":\"string\"},\"ENI_CONFIG_LABEL_DEF\":{\"type\":\"string\"},\"INTROSPECTION_BIND_ADDRESS\":{\"type\":\"string\"},\"IP_COOLDOWN_PERIOD\":{\"format\":\"integer\",\"type\":\"string\"},\"MAX_ENI\":{\"format\":\"integer\",\"type\":\"string\"},\"MINIMUM_IP_TARGET\":{\"format\":\"integer\",\"type\":\"string\"},\"POD_SECURITY_GROUP_ENFORCING_MODE\":{\"type\":\"string\"},\"WARM_ENI_TARGET\":{\"format\":\"integer\",\"type\":\"string\"},\"WARM_IP_TARGET\":{\"format\":\"integer\",\"type\":\"string\"},\"WARM_PREFIX_TARGET\":{\"format\":\"integer\",\"type\":\"string\"}},\"title\":\"Env\",\"type\":\"object\"},\"Init\":{\"additionalProperties\":false,\"properties\":{\"env\":{\"$ref\":\"#/definitions/InitEnv\"}},\"title\":\"Init\",\"type\":\"object\"},\"InitEnv\":{\"additionalProperties\":false,\"properties\":{\"DISABLE_TCP_EARLY_DEMUX\":{\"format\":\"boolean\",\"type\":\"string\"},\"ENABLE_V6_EGRESS\":{\"format\":\"boolean\",\"type\":\"string\"}},\"title\":\"InitEnv\",\"type\":\"object\"},\"Limits\":{\"additionalProperties\":false,\"properties\":{\"cpu\":{\"type\":\"string\"},\"memory\":{\"type\":\"string\"}},\"title\":\"Limits\",\"type\":\"object\"},\"NodeAgent\":{\"additionalProperties\":false,\"properties\":{\"enableCloudWatchLogs\":{\"format\":\"boolean\",\"type\":\"string\"},\"enablePolicyEventLogs\":{\"format\":\"boolean\",\"type\":\"string\"},\"healthProbeBindAddr\":{\"format\":\"integer\",\"type\":\"string\"},\"metricsBindAddr\":{\"format\":\"integer\",\"type\":\"string\"}},\"title\":\"NodeAgent\",\"type\":\"object\"},\"Resources\":{\"additionalProperties\":false,\"properties\":{\"limits\":{\"$ref\":\"#/definitions/Limits\"},\"requests\":{\"$ref\":\"#/definitions/Limits\"}},\"title\":\"Resources\",\"type\":\"object\"},\"Tolerations\":{\"additionalProperties\":false,\"items\":{\"type\":\"object\"},\"type\":\"array\"},\"VpcCni\":{\"additionalProperties\":false,\"properties\":{\"affinity\":{\"$ref\":\"#/definitions/Affinity\"},\"enableNetworkPolicy\":{\"format\":\"boolean\",\"type\":\"string\"},\"enableWindowsIpam\":{\"format\":\"boolean\",\"type\":\"string\"},\"eniConfig\":{\"$ref\":\"#/definitions/EniConfig\"},\"env\":{\"$ref\":\"#/definitions/Env\"},\"init\":{\"$ref\":\"#/definitions/Init\"},\"livenessProbeTimeoutSeconds\":{\"type\":\"integer\"},\"nodeAgent\":{\"$ref\":\"#/definitions/NodeAgent\"},\"readinessProbeTimeoutSeconds\":{\"type\":\"integer\"},\"resources\":{\"$ref\":\"#/definitions/Resources\"},\"tolerations\":{\"$ref\":\"#/definitions/Tolerations\"}},\"title\":\"VpcCni\",\"type\":\"object\"}},\"description\":\"vpc-cni\"}" + } + +**Example 2: Configuration options available when creating or updating Amazon coredns AddOns** + +The following ``describe-addon-configuration`` example returns all the available configuration schema you use when an add-on is created or updated for coredns add-on with respective version. :: + + aws eks describe-addon-configuration \ + --addon-name coredns \ + --addon-version v1.8.7-eksbuild.4 + +Output:: + + { + "addonName": "coredns", + "addonVersion": "v1.8.7-eksbuild.4", + "configurationSchema": "{\"$ref\":\"#/definitions/Coredns\",\"$schema\":\"http://json-schema.org/draft-06/schema#\",\"definitions\":{\"Coredns\":{\"additionalProperties\":false,\"properties\":{\"computeType\":{\"type\":\"string\"},\"corefile\":{\"description\":\"Entire corefile contents to use with installation\",\"type\":\"string\"},\"nodeSelector\":{\"additionalProperties\":{\"type\":\"string\"},\"type\":\"object\"},\"replicaCount\":{\"type\":\"integer\"},\"resources\":{\"$ref\":\"#/definitions/Resources\"}},\"title\":\"Coredns\",\"type\":\"object\"},\"Limits\":{\"additionalProperties\":false,\"properties\":{\"cpu\":{\"type\":\"string\"},\"memory\":{\"type\":\"string\"}},\"title\":\"Limits\",\"type\":\"object\"},\"Resources\":{\"additionalProperties\":false,\"properties\":{\"limits\":{\"$ref\":\"#/definitions/Limits\"},\"requests\":{\"$ref\":\"#/definitions/Limits\"}},\"title\":\"Resources\",\"type\":\"object\"}}}" + } + +For more information, see `Creating or updating a kubeconfig file for an Amazon EKS cluster `__ in the *Amazon EKS*. diff --git a/awscli/examples/eks/describe-addon-versions.rst b/awscli/examples/eks/describe-addon-versions.rst new file mode 100644 index 000000000000..347d852629f8 --- /dev/null +++ b/awscli/examples/eks/describe-addon-versions.rst @@ -0,0 +1,140 @@ +**Example 1: List all the available addons for EKS Cluster** + +The following ``describe-addon-versions`` example list all the available AWS addons. :: + + aws eks describe-addon-versions \ + --query 'sort_by(addons &owner)[].{publisher: publisher, owner: owner, addonName: addonName, type: type}' \ + --output table + +Output:: + + -------------------------------------------------------------------------------------------------------------------- + | DescribeAddonVersions | + +---------------------------------------------+------------------+-----------------------+-------------------------+ + | addonName | owner | publisher | type | + +---------------------------------------------+------------------+-----------------------+-------------------------+ + | vpc-cni | aws | eks | networking | + | snapshot-controller | aws | eks | storage | + | kube-proxy | aws | eks | networking | + | eks-pod-identity-agent | aws | eks | security | + | coredns | aws | eks | networking | + | aws-mountpoint-s3-csi-driver | aws | s3 | storage | + | aws-guardduty-agent | aws | eks | security | + | aws-efs-csi-driver | aws | eks | storage | + | aws-ebs-csi-driver | aws | eks | storage | + | amazon-cloudwatch-observability | aws | eks | observability | + | adot | aws | eks | observability | + | upwind-security_upwind-operator | aws-marketplace | Upwind Security | security | + | upbound_universal-crossplane | aws-marketplace | upbound | infra-management | + | tetrate-io_istio-distro | aws-marketplace | tetrate-io | policy-management | + | teleport_teleport | aws-marketplace | teleport | policy-management | + | stormforge_optimize-live | aws-marketplace | StormForge | cost-management | + | splunk_splunk-otel-collector-chart | aws-marketplace | Splunk | monitoring | + | solo-io_istio-distro | aws-marketplace | Solo.io | service-mesh | + | rafay-systems_rafay-operator | aws-marketplace | rafay-systems | kubernetes-management | + | new-relic_kubernetes-operator | aws-marketplace | New Relic | observability | + | netapp_trident-operator | aws-marketplace | NetApp Inc. | storage | + | leaksignal_leakagent | aws-marketplace | leaksignal | monitoring | + | kubecost_kubecost | aws-marketplace | kubecost | cost-management | + | kong_konnect-ri | aws-marketplace | kong | ingress-service-type | + | kasten_k10 | aws-marketplace | Kasten by Veeam | data-protection | + | haproxy-technologies_kubernetes-ingress-ee | aws-marketplace | HAProxy Technologies | ingress-controller | + | groundcover_agent | aws-marketplace | groundcover | monitoring | + | grafana-labs_kubernetes-monitoring | aws-marketplace | Grafana Labs | monitoring | + | factorhouse_kpow | aws-marketplace | factorhouse | monitoring | + | dynatrace_dynatrace-operator | aws-marketplace | dynatrace | monitoring | + | datree_engine-pro | aws-marketplace | datree | policy-management | + | datadog_operator | aws-marketplace | Datadog | monitoring | + | cribl_cribledge | aws-marketplace | Cribl | observability | + | calyptia_fluent-bit | aws-marketplace | Calyptia Inc | observability | + | accuknox_kubearmor | aws-marketplace | AccuKnox | security | + +---------------------------------------------+------------------+-----------------------+-------------------------+ + +For more information, see `Managing Amazon EKS add-ons - Creating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 2: List all the available addons for specified Kubernetes version suppoerted for EKS** + +The following ``describe-addon-versions`` example list all the available addons for specified Kubernetes version suppoerted for EKS. :: + + aws eks describe-addon-versions \ + --kubernetes-version=1.26 \ + --query 'sort_by(addons &owner)[].{publisher: publisher, owner: owner, addonName: addonName, type: type}' \ + --output table + +Output:: + + -------------------------------------------------------------------------------------------------------------------- + | DescribeAddonVersions | + +---------------------------------------------+------------------+-----------------------+-------------------------+ + | addonName | owner | publisher | type | + +---------------------------------------------+------------------+-----------------------+-------------------------+ + | vpc-cni | aws | eks | networking | + | snapshot-controller | aws | eks | storage | + | kube-proxy | aws | eks | networking | + | eks-pod-identity-agent | aws | eks | security | + | coredns | aws | eks | networking | + | aws-mountpoint-s3-csi-driver | aws | s3 | storage | + | aws-guardduty-agent | aws | eks | security | + | aws-efs-csi-driver | aws | eks | storage | + | aws-ebs-csi-driver | aws | eks | storage | + | amazon-cloudwatch-observability | aws | eks | observability | + | adot | aws | eks | observability | + | upwind-security_upwind-operator | aws-marketplace | Upwind Security | security | + | tetrate-io_istio-distro | aws-marketplace | tetrate-io | policy-management | + | stormforge_optimize-live | aws-marketplace | StormForge | cost-management | + | splunk_splunk-otel-collector-chart | aws-marketplace | Splunk | monitoring | + | solo-io_istio-distro | aws-marketplace | Solo.io | service-mesh | + | rafay-systems_rafay-operator | aws-marketplace | rafay-systems | kubernetes-management | + | new-relic_kubernetes-operator | aws-marketplace | New Relic | observability | + | netapp_trident-operator | aws-marketplace | NetApp Inc. | storage | + | leaksignal_leakagent | aws-marketplace | leaksignal | monitoring | + | kubecost_kubecost | aws-marketplace | kubecost | cost-management | + | kong_konnect-ri | aws-marketplace | kong | ingress-service-type | + | haproxy-technologies_kubernetes-ingress-ee | aws-marketplace | HAProxy Technologies | ingress-controller | + | groundcover_agent | aws-marketplace | groundcover | monitoring | + | grafana-labs_kubernetes-monitoring | aws-marketplace | Grafana Labs | monitoring | + | dynatrace_dynatrace-operator | aws-marketplace | dynatrace | monitoring | + | datadog_operator | aws-marketplace | Datadog | monitoring | + | cribl_cribledge | aws-marketplace | Cribl | observability | + | calyptia_fluent-bit | aws-marketplace | Calyptia Inc | observability | + | accuknox_kubearmor | aws-marketplace | AccuKnox | security | + +---------------------------------------------+------------------+-----------------------+-------------------------+ + +For more information, see `Managing Amazon EKS add-ons - Creating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 3: List all the available vpc-cni addons version for specified Kubernetes version suppoerted for EKS** + +The following ``describe-addon-versions`` example list all the available vpc-cni addons version for specified Kubernetes version suppoerted for EKS. :: + + aws eks describe-addon-versions \ + --kubernetes-version=1.26 \ + --addon-name=vpc-cni \ + --query='addons[].addonVersions[].addonVersion' + +Output:: + + [ + "v1.18.0-eksbuild.1", + "v1.17.1-eksbuild.1", + "v1.16.4-eksbuild.2", + "v1.16.3-eksbuild.2", + "v1.16.2-eksbuild.1", + "v1.16.0-eksbuild.1", + "v1.15.5-eksbuild.1", + "v1.15.4-eksbuild.1", + "v1.15.3-eksbuild.1", + "v1.15.1-eksbuild.1", + "v1.15.0-eksbuild.2", + "v1.14.1-eksbuild.1", + "v1.14.0-eksbuild.3", + "v1.13.4-eksbuild.1", + "v1.13.3-eksbuild.1", + "v1.13.2-eksbuild.1", + "v1.13.0-eksbuild.1", + "v1.12.6-eksbuild.2", + "v1.12.6-eksbuild.1", + "v1.12.5-eksbuild.2", + "v1.12.0-eksbuild.2" + ] + +For more information, see `Managing Amazon EKS add-ons - Creating an add-on `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/describe-addon.rst b/awscli/examples/eks/describe-addon.rst new file mode 100644 index 000000000000..12a6cf80ca75 --- /dev/null +++ b/awscli/examples/eks/describe-addon.rst @@ -0,0 +1,30 @@ +**Describe actively running EKS addon in your Amazon EKS cluster** + +The following ``describe-addon`` example actively running EKS addon in your Amazon EKS cluster. :: + + aws eks describe-addon \ + --cluster-name my-eks-cluster \ + --addon-name vpc-cni + +Output:: + + { + "addon": { + "addonName": "vpc-cni", + "clusterName": "my-eks-cluster", + "status": "ACTIVE", + "addonVersion": "v1.16.4-eksbuild.2", + "health": { + "issues": [] + }, + "addonArn": "arn:aws:eks:us-east-2:111122223333:addon/my-eks-cluster/vpc-cni/0ec71efc-98dd-3203-60b0-4b939b2a5e5f", + "createdAt": "2024-03-14T13:18:45.417000-04:00", + "modifiedAt": "2024-03-14T13:18:49.557000-04:00", + "serviceAccountRoleArn": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm", + "tags": { + "eks-addon-key-3": "value-3", + "eks-addon-key-4": "value-4" + }, + "configurationValues": "resources:\n limits:\n cpu: '100m'\nenv:\n AWS_VPC_K8S_CNI_LOGLEVEL: 'DEBUG'" + } + } diff --git a/awscli/examples/eks/describe-cluster.rst b/awscli/examples/eks/describe-cluster.rst index 8029f30a04d2..4d68e6400134 100644 --- a/awscli/examples/eks/describe-cluster.rst +++ b/awscli/examples/eks/describe-cluster.rst @@ -1,34 +1,86 @@ -**To describe a cluster** - -This example command provides a description of the specified cluster in your default region. - -Command:: - - aws eks describe-cluster --name devel - -Output:: - - { - "cluster": { - "name": "devel", - "arn": "arn:aws:eks:us-west-2:012345678910:cluster/devel", - "createdAt": 1527807879.988, - "version": "1.10", - "endpoint": "https://EXAMPLE0A04F01705DD065655C30CC3D.yl4.us-west-2.eks.amazonaws.com", - "roleArn": "arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI", - "resourcesVpcConfig": { - "subnetIds": [ - "subnet-6782e71e", - "subnet-e7e761ac" - ], - "securityGroupIds": [ - "sg-6979fe18" - ], - "vpcId": "vpc-950809ec" - }, - "status": "ACTIVE", - "certificateAuthority": { - "data": "EXAMPLECRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNE1EVXpNVEl6TVRFek1Wb1hEVEk0TURVeU9ESXpNVEV6TVZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTZWCjVUaG4rdFcySm9Xa2hQMzRlVUZMNitaRXJOZGIvWVdrTmtDdWNGS2RaaXl2TjlMVmdvUmV2MjlFVFZlN1ZGbSsKUTJ3ZURyRXJiQyt0dVlibkFuN1ZLYmE3ay9hb1BHekZMdmVnb0t6b0M1N2NUdGVwZzRIazRlK2tIWHNaME10MApyb3NzcjhFM1ROeExETnNJTThGL1cwdjhsTGNCbWRPcjQyV2VuTjFHZXJnaDNSZ2wzR3JIazBnNTU0SjFWenJZCm9hTi8zODFUczlOTFF2QTBXb0xIcjBFRlZpTFdSZEoyZ3lXaC9ybDVyOFNDOHZaQXg1YW1BU0hVd01aTFpWRC8KTDBpOW4wRVM0MkpVdzQyQmxHOEdpd3NhTkJWV3lUTHZKclNhRXlDSHFtVVZaUTFDZkFXUjl0L3JleVVOVXM3TApWV1FqM3BFbk9RMitMSWJrc0RzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFNZ3RsQ1dIQ2U2YzVHMXl2YlFTS0Q4K2hUalkKSm1NSG56L2EvRGt0WG9YUjFVQzIrZUgzT1BZWmVjRVZZZHVaSlZCckNNQ2VWR0ZkeWdBYlNLc1FxWDg0S2RXbAp1MU5QaERDSmEyRHliN2pVMUV6VThTQjFGZUZ5ZFE3a0hNS1E1blpBRVFQOTY4S01hSGUrSm0yQ2x1UFJWbEJVCjF4WlhTS1gzTVZ0K1Q0SU1EV2d6c3JRSjVuQkRjdEtLcUZtM3pKdVVubHo5ZEpVckdscEltMjVJWXJDckxYUFgKWkUwRUtRNWEzMHhkVWNrTHRGQkQrOEtBdFdqSS9yZUZPNzM1YnBMdVoyOTBaNm42QlF3elRrS0p4cnhVc3QvOAppNGsxcnlsaUdWMm5SSjBUYjNORkczNHgrYWdzYTRoSTFPbU90TFM0TmgvRXJxT3lIUXNDc2hEQUtKUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=" - } - } - } +**Describe actively running EKS addon in your Amazon EKS cluster** + +The following ``describe-cluster`` example actively running EKS addon in your Amazon EKS cluster. :: + + aws eks describe-cluster \ + --name my-eks-cluster + +Output:: + + { + "cluster": { + "name": "my-eks-cluster", + "arn": "arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster", + "createdAt": "2024-03-14T11:31:44.348000-04:00", + "version": "1.26", + "endpoint": "https://JSA79429HJDASKJDJ8223829MNDNASW.yl4.us-east-2.eks.amazonaws.com", + "roleArn": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-cluster-ServiceRole-zMF6CBakwwbW", + "resourcesVpcConfig": { + "subnetIds": [ + "subnet-0fb75d2d8401716e7", + "subnet-02184492f67a3d0f9", + "subnet-04098063527aab776", + "subnet-0e2907431c9988b72", + "subnet-04ad87f71c6e5ab4d", + "subnet-09d912bb63ef21b9a" + ], + "securityGroupIds": [ + "sg-0c1327f6270afbb36" + ], + "clusterSecurityGroupId": "sg-01c84d09d70f39a7f", + "vpcId": "vpc-0012b8e1cc0abb17d", + "endpointPublicAccess": true, + "endpointPrivateAccess": true, + "publicAccessCidrs": [ + "22.19.18.2/32" + ] + }, + "kubernetesNetworkConfig": { + "serviceIpv4Cidr": "10.100.0.0/16", + "ipFamily": "ipv4" + }, + "logging": { + "clusterLogging": [ + { + "types": [ + "api", + "audit", + "authenticator", + "controllerManager", + "scheduler" + ], + "enabled": true + } + ] + }, + "identity": { + "oidc": { + "issuer": "https://oidc.eks.us-east-2.amazonaws.com/id/JSA79429HJDASKJDJ8223829MNDNASW" + } + }, + "status": "ACTIVE", + "certificateAuthority": { + "data": "CA_DATA_STRING..." + }, + "platformVersion": "eks.14", + "tags": { + "aws:cloudformation:stack-name": "eksctl-my-eks-cluster-cluster", + "alpha.eksctl.io/cluster-name": "my-eks-cluster", + "karpenter.sh/discovery": "my-eks-cluster", + "aws:cloudformation:stack-id": "arn:aws:cloudformation:us-east-2:111122223333:stack/eksctl-my-eks-cluster-cluster/e752ea00-e217-11ee-beae-0a9599c8c7ed", + "auto-delete": "no", + "eksctl.cluster.k8s.io/v1alpha1/cluster-name": "my-eks-cluster", + "EKS-Cluster-Name": "my-eks-cluster", + "alpha.eksctl.io/cluster-oidc-enabled": "true", + "aws:cloudformation:logical-id": "ControlPlane", + "alpha.eksctl.io/eksctl-version": "0.173.0-dev+a7ee89342.2024-03-01T03:40:57Z", + "Name": "eksctl-my-eks-cluster-cluster/ControlPlane" + }, + "health": { + "issues": [] + }, + "accessConfig": { + "authenticationMode": "API_AND_CONFIG_MAP" + } + } + } diff --git a/awscli/examples/eks/describe-fargate-profile.rst b/awscli/examples/eks/describe-fargate-profile.rst new file mode 100644 index 000000000000..2dbb95d8579e --- /dev/null +++ b/awscli/examples/eks/describe-fargate-profile.rst @@ -0,0 +1,43 @@ +**Describe a Fargate profile** + +The following ``describe-fargate-profile`` example describes a Fargate profile. :: + + aws eks describe-fargate-profile \ + --cluster-name my-eks-cluster \ + --fargate-profile-name my-fargate-profile + +Output:: + + { + "fargateProfile": { + "fargateProfileName": "my-fargate-profile", + "fargateProfileArn": "arn:aws:eks:us-east-2:111122223333:fargateprofile/my-eks-cluster/my-fargate-profile/96c766ce-43d2-f9c9-954c-647334391198", + "clusterName": "my-eks-cluster", + "createdAt": "2024-04-11T10:42:52.486000-04:00", + "podExecutionRoleArn": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-farga-FargatePodExecutionRole-1htfAaJdJUEO", + "subnets": [ + "subnet-09d912bb63ef21b9a", + "subnet-04ad87f71c6e5ab4d", + "subnet-0e2907431c9988b72" + ], + "selectors": [ + { + "namespace": "prod*", + "labels": { + "labelname*?": "*value1" + } + }, + { + "namespace": "*dev*", + "labels": { + "labelname*?": "*value*" + } + } + ], + "status": "ACTIVE", + "tags": { + "eks-fargate-profile-key-2": "value-2", + "eks-fargate-profile-key-1": "value-1" + } + } + } diff --git a/awscli/examples/eks/describe-identity-provider-config.rst b/awscli/examples/eks/describe-identity-provider-config.rst new file mode 100644 index 000000000000..28a90ea41422 --- /dev/null +++ b/awscli/examples/eks/describe-identity-provider-config.rst @@ -0,0 +1,35 @@ +**Describe an identity provider configuration associated to your Amazon EKS Cluster** + +The following ``describe-identity-provider-config`` example describes an identity provider configuration associated to your Amazon EKS Cluster. :: + + aws eks describe-identity-provider-config \ + --cluster-name my-eks-cluster \ + --identity-provider-config type=oidc,name=my-identity-provider + +Output:: + + { + "identityProviderConfig": { + "oidc": { + "identityProviderConfigName": "my-identity-provider", + "identityProviderConfigArn": "arn:aws:eks:us-east-2:111122223333:identityproviderconfig/my-eks-cluster/oidc/my-identity-provider/8ac76722-78e4-cec1-ed76-d49eea058622", + "clusterName": "my-eks-cluster", + "issuerUrl": "https://oidc.eks.us-east-2.amazonaws.com/id/38D6A4619A0A69E342B113ED7F1A7652", + "clientId": "kubernetes", + "usernameClaim": "email", + "usernamePrefix": "my-username-prefix", + "groupsClaim": "my-claim", + "groupsPrefix": "my-groups-prefix", + "requiredClaims": { + "Claim1": "value1", + "Claim2": "value2" + }, + "tags": { + "env": "dev" + }, + "status": "ACTIVE" + } + } + } + +For more information, see `Authenticate users for your cluster from an OpenID Connect identity provider `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/describe-nodegroup.rst b/awscli/examples/eks/describe-nodegroup.rst new file mode 100644 index 000000000000..857fb6bb8719 --- /dev/null +++ b/awscli/examples/eks/describe-nodegroup.rst @@ -0,0 +1,54 @@ +**Describe a managed node group for an Amazon EKS cluster** + +The following ``describe-nodegroup`` example describes a managed node group for an Amazon EKS cluster. :: + + aws eks describe-nodegroup \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup + +Output:: + + { + "nodegroup": { + "nodegroupName": "my-eks-nodegroup", + "nodegroupArn": "arn:aws:eks:us-east-2:111122223333:nodegroup/my-eks-cluster/my-eks-nodegroup/a8c75f2f-df78-a72f-4063-4b69af3de5b1", + "clusterName": "my-eks-cluster", + "version": "1.26", + "releaseVersion": "1.26.12-20240329", + "createdAt": "2024-04-08T11:42:10.555000-04:00", + "modifiedAt": "2024-04-08T11:44:12.402000-04:00", + "status": "ACTIVE", + "capacityType": "ON_DEMAND", + "scalingConfig": { + "minSize": 1, + "maxSize": 3, + "desiredSize": 1 + }, + "instanceTypes": [ + "t3.medium" + ], + "subnets": [ + "subnet-0e2907431c9988b72", + "subnet-04ad87f71c6e5ab4d", + "subnet-09d912bb63ef21b9a" + ], + "amiType": "AL2_x86_64", + "nodeRole": "arn:aws:iam::111122223333:role/role-name", + "labels": {}, + "resources": { + "autoScalingGroups": [ + { + "name": "eks-my-eks-nodegroup-a8c75f2f-df78-a72f-4063-4b69af3de5b1" + } + ] + }, + "diskSize": 20, + "health": { + "issues": [] + }, + "updateConfig": { + "maxUnavailable": 1 + }, + "tags": {} + } + } diff --git a/awscli/examples/eks/describe-update.rst b/awscli/examples/eks/describe-update.rst index 2f0f26bec64e..d351c95358be 100644 --- a/awscli/examples/eks/describe-update.rst +++ b/awscli/examples/eks/describe-update.rst @@ -1,30 +1,91 @@ -**To describe an update for a cluster** +**Example 1: To describe an update for a cluster** -This example command describes an update for a cluster named ``example`` in your default region. +The following ``describe-update`` example describes an update for a cluster named. :: -Command:: + aws eks describe-update \ + --name my-eks-cluster \ + --update-id 10bddb13-a71b-425a-b0a6-71cd03e59161 - aws eks describe-update --name example \ - --update-id 10bddb13-a71b-425a-b0a6-71cd03e59161 +Output:: + + { + "update": { + "id": "10bddb13-a71b-425a-b0a6-71cd03e59161", + "status": "Successful", + "type": "EndpointAccessUpdate", + "params": [ + { + "type": "EndpointPublicAccess", + "value": "false" + }, + { + "type": "EndpointPrivateAccess", + "value": "true" + } + ], + "createdAt": "2024-03-14T10:01:26.297000-04:00", + "errors": [] + } + } + +For more information, see `Updating an Amazon EKS cluster Kubernetes version `__ in the *Amazon EKS User Guide*. + +**Example 2: To describe an update for a cluster** + +The following ``describe-update`` example describes an update for a cluster named. :: + + aws eks describe-update \ + --name my-eks-cluster \ + --update-id e4994991-4c0f-475a-a040-427e6da52966 + +Output:: + + { + "update": { + "id": "e4994991-4c0f-475a-a040-427e6da52966", + "status": "Successful", + "type": "AssociateEncryptionConfig", + "params": [ + { + "type": "EncryptionConfig", + "value": "[{\"resources\":[\"secrets\"],\"provider\":{\"keyArn\":\"arn:aws:kms:region-code:account:key/key\"}}]" + } + ], + "createdAt": "2024-03-14T11:01:26.297000-04:00", + "errors": [] + } + } + +For more information, see `Updating an Amazon EKS cluster Kubernetes version `__ in the *Amazon EKS User Guide*. + +**Example 3: To describe an update for a cluster** + +The following ``describe-update`` example describes an update for a cluster named. :: + + aws eks describe-update \ + --name my-eks-cluster \ + --update-id b5f0ba18-9a87-4450-b5a0-825e6e84496f Output:: - { - "update": { - "id": "10bddb13-a71b-425a-b0a6-71cd03e59161", - "status": "Successful", - "type": "EndpointAccessUpdate", - "params": [ - { - "type": "EndpointPublicAccess", - "value": "true" - }, - { - "type": "EndpointPrivateAccess", - "value": "false" - } - ], - "createdAt": 1565806691.149, - "errors": [] - } - } + { + "update": { + "id": "b5f0ba18-9a87-4450-b5a0-825e6e84496f", + "status": "Successful", + "type": "VersionUpdate", + "params": [ + { + "type": "Version", + "value": "1.29" + }, + { + "type": "PlatformVersion", + "value": "eks.1" + } + ], + "createdAt": "2024-03-14T12:05:26.297000-04:00", + "errors": [] + } + } + +For more information, see `Updating an Amazon EKS cluster Kubernetes version `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/disassociate-identity-provider-config.rst b/awscli/examples/eks/disassociate-identity-provider-config.rst new file mode 100644 index 000000000000..61ab509db596 --- /dev/null +++ b/awscli/examples/eks/disassociate-identity-provider-config.rst @@ -0,0 +1,27 @@ +**Disassociate identity provider to your Amazon EKS Cluster** + +The following ``disassociate-identity-provider-config`` example disassociates an identity provider to your Amazon EKS Cluster. :: + + aws eks disassociate-identity-provider-config \ + --cluster-name my-eks-cluster \ + --identity-provider-config 'type=oidc,name=my-identity-provider' + +Output:: + + { + "update": { + "id": "5f78d14e-c57b-4857-a3e4-cf664ae20949", + "status": "InProgress", + "type": "DisassociateIdentityProviderConfig", + "params": [ + { + "type": "IdentityProviderConfig", + "value": "[]" + } + ], + "createdAt": "2024-04-11T13:53:43.314000-04:00", + "errors": [] + } + } + +For more information, see `Authenticate users for your cluster from an OpenID Connect identity provider - Disassociate an OIDC identity provider from your cluster `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/get-token.rst b/awscli/examples/eks/get-token.rst index 6a5c7b25c2f0..f9c39fcedb2c 100644 --- a/awscli/examples/eks/get-token.rst +++ b/awscli/examples/eks/get-token.rst @@ -1,19 +1,38 @@ -**To get a cluster authentication token** - -This example command gets an authentication token for a cluster named ``example``. - -Command:: - - aws eks get-token --cluster-name example - -Output:: - - { - "kind": "ExecCredential", - "apiVersion": "client.authentication.k8s.io/v1beta1", - "spec": {}, - "status": { - "expirationTimestamp": "2019-08-14T18:44:27Z", - "token": "k8s-aws-v1EXAMPLE_TOKEN_DATA_STRING..." - } - } +**Example 1: Get an authentication token for an Amazon EKS Cluster named `my-eks-cluster`** + +The following ``get-token`` example gets an authentication token for an Amazon EKS Cluster named `my-eks-cluster`. :: + + aws eks get-token \ + --cluster-name my-eks-cluster + +Output:: + + { + "kind": "ExecCredential", + "apiVersion": "client.authentication.k8s.io/v1beta1", + "spec": {}, + "status": { + "expirationTimestamp": "2024-04-11T20:59:56Z", + "token": "k8s-aws-v1.EXAMPLE_TOKEN_DATA_STRING..." + } + } + +**Example 2: Gets an authentication token for an Amazon EKS Cluster named `my-eks-cluster` by assuming this roleARN for credentials when signing the token** + +The following ``get-token`` example gets an authentication token for an Amazon EKS Cluster named `my-eks-cluster` by assuming this roleARN for credentials when signing the token. :: + + aws eks get-token \ + --cluster-name my-eks-cluster \ + --role-arn arn:aws:iam::111122223333:role/eksctl-EKS-Linux-Cluster-v1-24-cluster-ServiceRole-j1k7AfTIQtnM + +Output:: + + { + "kind": "ExecCredential", + "apiVersion": "client.authentication.k8s.io/v1beta1", + "spec": {}, + "status": { + "expirationTimestamp": "2024-04-11T21:05:26Z", + "token": "k8s-aws-v1.EXAMPLE_TOKEN_DATA_STRING..." + } + } diff --git a/awscli/examples/eks/list-addons.rst b/awscli/examples/eks/list-addons.rst new file mode 100644 index 000000000000..e796be55d098 --- /dev/null +++ b/awscli/examples/eks/list-addons.rst @@ -0,0 +1,15 @@ +**List all the installed add-ons in your Amazon EKS cluster named `my-eks-cluster`** + +The following ``list-addons`` example lists all the installed add-ons in your Amazon EKS cluster named `my-eks-cluster`. :: + + aws eks list-addons \ + --cluster-name my-eks-cluster + +Output:: + + { + "addons": [ + "kube-proxy", + "vpc-cni" + ] + } diff --git a/awscli/examples/eks/list-clusters.rst b/awscli/examples/eks/list-clusters.rst index e770634650c0..d2fc948d29cc 100644 --- a/awscli/examples/eks/list-clusters.rst +++ b/awscli/examples/eks/list-clusters.rst @@ -1,16 +1,16 @@ -**To list your available clusters** - -This example command lists all of your available clusters in your default region. - -Command:: - - aws eks list-clusters - -Output:: - - { - "clusters": [ - "devel", - "prod" - ] - } +**To list all the installed add-ons in your Amazon EKS cluster named `my-eks-cluster`** + +The following ``list-clusters`` example lists all the installed add-ons in your Amazon EKS cluster named `my-eks-cluster`. :: + + aws eks list-clusters + +Output:: + + { + "clusters": [ + "prod", + "qa", + "stage", + "my-eks-cluster" + ] + } diff --git a/awscli/examples/eks/list-fargate-profiles.rst b/awscli/examples/eks/list-fargate-profiles.rst new file mode 100644 index 000000000000..904641fda78c --- /dev/null +++ b/awscli/examples/eks/list-fargate-profiles.rst @@ -0,0 +1,14 @@ +**To list all the fargate profiles in your Amazon EKS cluster named `my-eks-cluster`** + +The following ``list-fargate-profiles`` example lists all the fargate profiles in your Amazon EKS cluster named `my-eks-cluster`. :: + + aws eks list-fargate-profiles \ + --cluster-name my-eks-cluster + +Output:: + + { + "fargateProfileNames": [ + "my-fargate-profile" + ] + } diff --git a/awscli/examples/eks/list-identity-provider-configs.rst b/awscli/examples/eks/list-identity-provider-configs.rst new file mode 100644 index 000000000000..b2b164728215 --- /dev/null +++ b/awscli/examples/eks/list-identity-provider-configs.rst @@ -0,0 +1,19 @@ +**List identity providers associated to an Amazon EKS Cluster** + +The following ``list-identity-provider-configs`` example lists identity provider associated to an Amazon EKS Cluster. :: + + aws eks list-identity-provider-configs \ + --cluster-name my-eks-cluster + +Output:: + + { + "identityProviderConfigs": [ + { + "type": "oidc", + "name": "my-identity-provider" + } + ] + } + +For more information, see `Authenticate users for your cluster from an OpenID Connect identity provider `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/list-nodegroups.rst b/awscli/examples/eks/list-nodegroups.rst new file mode 100644 index 000000000000..ee39834d9a82 --- /dev/null +++ b/awscli/examples/eks/list-nodegroups.rst @@ -0,0 +1,15 @@ +**List all the node groups in an Amazon EKS cluster** + +The following ``list-nodegroups`` example list all the node groups in an Amazon EKS cluster. :: + + aws eks list-nodegroups \ + --cluster-name my-eks-cluster + +Output:: + + { + "nodegroups": [ + "my-eks-managed-node-group", + "my-eks-nodegroup" + ] + } diff --git a/awscli/examples/eks/list-tags-for-resource.rst b/awscli/examples/eks/list-tags-for-resource.rst new file mode 100644 index 000000000000..40ec640712aa --- /dev/null +++ b/awscli/examples/eks/list-tags-for-resource.rst @@ -0,0 +1,102 @@ +**Example 1: To list all the tags for an Amazon EKS Cluster ARN** + +The following ``list-tags-for-resource`` example lists all the tags for an Amazon EKS Cluster ARN. :: + + aws eks list-tags-for-resource \ + --resource-arn arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster + +Output:: + + { + "tags": { + "aws:cloudformation:stack-name": "eksctl-my-eks-cluster-cluster", + "alpha.eksctl.io/cluster-name": "my-eks-cluster", + "karpenter.sh/discovery": "my-eks-cluster", + "aws:cloudformation:stack-id": "arn:aws:cloudformation:us-east-2:111122223333:stack/eksctl-my-eks-cluster-cluster/e752ea00-e217-11ee-beae-0a9599c8c7ed", + "auto-delete": "no", + "eksctl.cluster.k8s.io/v1alpha1/cluster-name": "my-eks-cluster", + "EKS-Cluster-Name": "my-eks-cluster", + "alpha.eksctl.io/cluster-oidc-enabled": "true", + "aws:cloudformation:logical-id": "ControlPlane", + "alpha.eksctl.io/eksctl-version": "0.173.0-dev+a7ee89342.2024-03-01T03:40:57Z", + "Name": "eksctl-my-eks-cluster-cluster/ControlPlane" + } + } + +**Example 2: To list all the tags for an Amazon EKS Node group ARN** + +The following ``list-tags-for-resource`` example lists all the tags for an Amazon EKS Node group ARN. :: + + aws eks list-tags-for-resource \ + --resource-arn arn:aws:eks:us-east-2:111122223333:nodegroup/my-eks-cluster/my-eks-managed-node-group/60c71ed2-2cfb-020f-a5f4-ad32477f198c + +Output:: + + { + "tags": { + "aws:cloudformation:stack-name": "eksctl-my-eks-cluster-nodegroup-my-eks-managed-node-group", + "aws:cloudformation:stack-id": "arn:aws:cloudformation:us-east-2:111122223333:stack/eksctl-my-eks-cluster-nodegroup-my-eks-managed-node-group/eaa20310-e219-11ee-b851-0ab9ad8228ff", + "eksctl.cluster.k8s.io/v1alpha1/cluster-name": "my-eks-cluster", + "EKS-Cluster-Name": "my-eks-cluster", + "alpha.eksctl.io/nodegroup-type": "managed", + "NodeGroup Name 1": "my-eks-managed-node-group", + "k8s.io/cluster-autoscaler/enabled": "true", + "nodegroup-role": "worker", + "alpha.eksctl.io/cluster-name": "my-eks-cluster", + "alpha.eksctl.io/nodegroup-name": "my-eks-managed-node-group", + "karpenter.sh/discovery": "my-eks-cluster", + "NodeGroup Name 2": "AmazonLinux-Linux-Managed-NG-v1-26-v1", + "auto-delete": "no", + "k8s.io/cluster-autoscaler/my-eks-cluster": "owned", + "aws:cloudformation:logical-id": "ManagedNodeGroup", + "alpha.eksctl.io/eksctl-version": "0.173.0-dev+a7ee89342.2024-03-01T03:40:57Z" + } + } + +**Example 3: To list all the tags on an Amazon EKS Fargate profil ARNe** + +The following ``list-tags-for-resource`` example lists all the tags for an Amazon EKS Fargate profile ARN. :: + + aws eks list-tags-for-resource \ + --resource-arn arn:aws:eks:us-east-2:111122223333:fargateprofile/my-eks-cluster/my-fargate-profile/d6c76780-e541-0725-c816-36754cab734b + +Output:: + + { + "tags": { + "eks-fargate-profile-key-2": "value-2", + "eks-fargate-profile-key-1": "value-1" + } + } + +**Example 4: To list all the tags for an Amazon EKS Add-on ARN** + +The following ``list-tags-for-resource`` example lists all the tags for an Amazon EKS Add-on ARN. :: + + aws eks list-tags-for-resource \ + --resource-arn arn:aws:eks:us-east-2:111122223333:addon/my-eks-cluster/vpc-cni/0ec71efc-98dd-3203-60b0-4b939b2a5e5f + +Output:: + + { + "tags": { + "eks-addon-key-2": "value-2", + "eks-addon-key-1": "value-1" + } + } + +**Example 5: To list all the tags for an Amazon EKS OIDC identity provider ARN** + +The following ``list-tags-for-resource`` example lists all the tags for an Amazon EKS OIDC identity provider ARN. :: + + aws eks list-tags-for-resource \ + --resource-arn arn:aws:eks:us-east-2:111122223333:identityproviderconfig/my-eks-cluster/oidc/my-identity-provider/8ac76722-78e4-cec1-ed76-d49eea058622 + +Output:: + + { + "tags": { + "my-identity-provider": "test" + } + } + diff --git a/awscli/examples/eks/list-update.rst b/awscli/examples/eks/list-update.rst new file mode 100644 index 000000000000..ced27ee83b0e --- /dev/null +++ b/awscli/examples/eks/list-update.rst @@ -0,0 +1,49 @@ +**Example 1: To lists the updates associated with an Amazon EKS Cluster name** + +The following ``list-updates`` example lists all the update IDs for an Amazon EKS Cluster name. :: + + aws eks list-updates \ + --name my-eks-cluster + +Output:: + + { + "updateIds": [ + "5f78d14e-c57b-4857-a3e4-cf664ae20949", + "760e5a3f-adad-48c7-88d3-7ac283c09c26", + "cd4ec863-bc55-47d5-a377-3971502f529b", + "f12657ce-e869-4f17-b158-a82ab8b7d937" + ] + } + +**Example 2: To list all the update IDs for an Amazon EKS Node group** + +The following ``list-updates`` example lists all the update IDs for an Amazon EKS Node group. :: + + aws eks list-updates \ + --name my-eks-cluster \ + --nodegroup-name my-eks-managed-node-group + +Output:: + + { + "updateIds": [ + "8c6c1bef-61fe-42ac-a242-89412387b8e7" + ] + } + +**Example 3: To list all the update IDs on an Amazon EKS Add-one** + +The following ``list-updates`` example lists all the update IDs for an Amazon EKS Add-on. :: + + aws eks list-updates \ + --name my-eks-cluster \ + --addon-name vpc-cni + +Output:: + + { + "updateIds": [ + "9cdba8d4-79fb-3c83-afe8-00b508d33268" + ] + } diff --git a/awscli/examples/eks/register-cluster.rst b/awscli/examples/eks/register-cluster.rst new file mode 100644 index 000000000000..3b17970040bf --- /dev/null +++ b/awscli/examples/eks/register-cluster.rst @@ -0,0 +1,57 @@ +**Example 1: Register an external EKS_ANYWHERE Kubernetes cluster to Amazon EKS** + +The following ``register-cluster`` example registers an external EKS_ANYWHERE Kubernetes cluster to Amazon EKS. :: + + aws eks register-cluster \ + --name my-eks-anywhere-cluster \ + --connector-config 'roleArn=arn:aws:iam::111122223333:role/AmazonEKSConnectorAgentRole,provider=EKS_ANYWHERE' + +Output:: + + { + "cluster": { + "name": "my-eks-anywhere-cluster", + "arn": "arn:aws:eks:us-east-2:111122223333:cluster/my-eks-anywhere-cluster", + "createdAt": "2024-04-12T12:38:37.561000-04:00", + "status": "PENDING", + "tags": {}, + "connectorConfig": { + "activationId": "xxxxxxxxACTIVATION_IDxxxxxxxx", + "activationCode": "xxxxxxxxACTIVATION_CODExxxxxxxx", + "activationExpiry": "2024-04-15T12:38:37.082000-04:00", + "provider": "EKS_ANYWHERE", + "roleArn": "arn:aws:iam::111122223333:role/AmazonEKSConnectorAgentRole" + } + } + } + +For more information, see `Connecting an external cluster `__ in the *Amazon EKS User Guide*. + +**Example 2: Register any external Kubernetes cluster to Amazon EKS** + +The following ``register-cluster`` example registers an external EKS_ANYWHERE Kubernetes cluster to Amazon EKS. :: + + aws eks register-cluster \ + --name my-eks-anywhere-cluster \ + --connector-config 'roleArn=arn:aws:iam::111122223333:role/AmazonEKSConnectorAgentRole,provider=OTHER' + +Output:: + + { + "cluster": { + "name": "my-onprem-k8s-cluster", + "arn": "arn:aws:eks:us-east-2:111122223333:cluster/my-onprem-k8s-cluster", + "createdAt": "2024-04-12T12:42:10.861000-04:00", + "status": "PENDING", + "tags": {}, + "connectorConfig": { + "activationId": "xxxxxxxxACTIVATION_IDxxxxxxxx", + "activationCode": "xxxxxxxxACTIVATION_CODExxxxxxxx", + "activationExpiry": "2024-04-15T12:42:10.339000-04:00", + "provider": "OTHER", + "roleArn": "arn:aws:iam::111122223333:role/AmazonEKSConnectorAgentRole" + } + } + } + +For more information, see `Connecting an external cluster `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/tag-resource.rst b/awscli/examples/eks/tag-resource.rst new file mode 100644 index 000000000000..e540e3ec1138 --- /dev/null +++ b/awscli/examples/eks/tag-resource.rst @@ -0,0 +1,19 @@ +**Example 1: To add the specified tags to an Amazon EKS Cluster** + +The following ``tag-resource`` example adds the specified tags to an Amazon EKS Cluster. :: + + aws eks tag-resource \ + --resource-arn arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster \ + --tag 'my-eks-cluster-test-1=test-value-1,my-eks-cluster-dev-1=dev-value-2' + +This command produces no output. + +**Example 2: To add the specified tags to an Amazon EKS Node group** + +The following ``tag-resource`` example adds the specified tags to an Amazon EKS Node group. :: + + aws eks tag-resource \ + --resource-arn arn:aws:eks:us-east-2:111122223333:nodegroup/my-eks-cluster/my-eks-managed-node-group/60c71ed2-2cfb-020f-a5f4-ad32477f198c \ + --tag 'my-eks-nodegroup-test-1=test-value-1,my-eks-nodegroup-dev-1=dev-value-2' + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/eks/untag-resource.rst b/awscli/examples/eks/untag-resource.rst new file mode 100644 index 000000000000..00113f28e8d5 --- /dev/null +++ b/awscli/examples/eks/untag-resource.rst @@ -0,0 +1,19 @@ +**Example 1: To deletes the specified tags from an Amazon EKS Cluster** + +The following ``untag-resource`` example deletes the specified tags from an Amazon EKS Cluster. :: + + aws eks untag-resource \ + --resource-arn arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster \ + --tag-keys "my-eks-cluster-test-1" "my-eks-cluster-dev-1" + +This command produces no output. + +**Example 2: To deletes the specified tags from an Amazon EKS Node group** + +The following ``untag-resource`` example deletes the specified tags from an Amazon EKS Node group. :: + + aws eks untag-resource \ + --resource-arn arn:aws:eks:us-east-2:111122223333:nodegroup/my-eks-cluster/my-eks-managed-node-group/60c71ed2-2cfb-020f-a5f4-ad32477f198c \ + --tag-keys "my-eks-nodegroup-test-1" "my-eks-nodegroup-dev-1" + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/eks/update-addon.rst b/awscli/examples/eks/update-addon.rst new file mode 100644 index 000000000000..a940552d5d31 --- /dev/null +++ b/awscli/examples/eks/update-addon.rst @@ -0,0 +1,220 @@ +**Example 1. To update an Amazon EKS add-on with service account role ARN** + +The following ``update-addon`` example command updates an Amazon EKS add-on with service account role ARN. :: + + aws eks update-addon \ + --cluster-name my-eks-cluster \ + --addon-name vpc-cni \ + --service-account-role-arn arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm + +Output:: + + { + "update": { + "id": "c00d2de2-c2e4-3d30-929e-46b8edec2ce4", + "status": "InProgress", + "type": "AddonUpdate", + "params": [ + { + "type": "ServiceAccountRoleArn", + "value": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm" + } + ], + "updatedAt": "2024-04-12T16:04:55.614000-04:00", + "errors": [] + } + } + +For more information, see `Managing Amazon EKS add-ons - Updating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 2. To update an Amazon EKS add-on with specific add-on version** + +The following ``update-addon`` example command updates an Amazon EKS add-on with specific add-on version. :: + + aws eks update-addon \ + --cluster-name my-eks-cluster \ + --addon-name vpc-cni \ + --service-account-role-arn arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm \ + --addon-version v1.16.4-eksbuild.2 + +Output:: + + { + "update": { + "id": "f58dc0b0-2b18-34bd-bc6a-e4abc0011f36", + "status": "InProgress", + "type": "AddonUpdate", + "params": [ + { + "type": "AddonVersion", + "value": "v1.16.4-eksbuild.2" + }, + { + "type": "ServiceAccountRoleArn", + "value": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm" + } + ], + "createdAt": "2024-04-12T16:07:16.550000-04:00", + "errors": [] + } + } + +For more information, see `Managing Amazon EKS add-ons - Updating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 3. To update an Amazon EKS add-on with custom configuration values and resolve conflicts details** + +The following ``update-addon`` example command updates an Amazon EKS add-on with custom configuration values and resolve conflicts details. :: + + aws eks update-addon \ + --cluster-name my-eks-cluster \ + --addon-name vpc-cni \ + --service-account-role-arn arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm \ + --addon-version v1.16.4-eksbuild.2 \ + --configuration-values '{"resources": {"limits":{"cpu":"100m"}, "requests":{"cpu":"50m"}}}' \ + --resolve-conflicts PRESERVE + +Output:: + + { + "update": { + "id": "cd9f2173-a8d8-3004-a90f-032f14326520", + "status": "InProgress", + "type": "AddonUpdate", + "params": [ + { + "type": "AddonVersion", + "value": "v1.16.4-eksbuild.2" + }, + { + "type": "ServiceAccountRoleArn", + "value": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm" + }, + { + "type": "ResolveConflicts", + "value": "PRESERVE" + }, + { + "type": "ConfigurationValues", + "value": "{\"resources\": {\"limits\":{\"cpu\":\"100m\"}, \"requests\":{\"cpu\":\"50m\"}}}" + } + ], + "createdAt": "2024-04-12T16:16:27.363000-04:00", + "errors": [] + } + } + +For more information, see `Managing Amazon EKS add-ons - Updating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 4. To update an Amazon EKS add-on with custom JSON configuration values file** + +The following ``update-addon`` example command updates an Amazon EKS add-on with custom JSON configuration values and resolve conflicts details. :: + + aws eks update-addon \ + --cluster-name my-eks-cluster \ + --addon-name vpc-cni \ + --service-account-role-arn arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm \ + --addon-version v1.17.1-eksbuild.1 \ + --configuration-values 'file://configuration-values.json' \ + --resolve-conflicts PRESERVE + +Contents of ``configuration-values.json``:: + + { + "resources": { + "limits": { + "cpu": "100m" + }, + "requests": { + "cpu": "50m" + } + }, + "env": { + "AWS_VPC_K8S_CNI_LOGLEVEL": "ERROR" + } + } + +Output:: + + { + "update": { + "id": "6881a437-174f-346b-9a63-6e91763507cc", + "status": "InProgress", + "type": "AddonUpdate", + "params": [ + { + "type": "AddonVersion", + "value": "v1.17.1-eksbuild.1" + }, + { + "type": "ServiceAccountRoleArn", + "value": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm" + }, + { + "type": "ResolveConflicts", + "value": "PRESERVE" + }, + { + "type": "ConfigurationValues", + "value": "{\n \"resources\": {\n \"limits\": {\n \"cpu\": \"100m\"\n },\n \"requests\": {\n \"cpu\": \"50m\"\n }\n },\n \"env\": {\n \"AWS_VPC_K8S_CNI_LOGLEVEL\": \"ERROR\"\n }\n}" + } + ], + "createdAt": "2024-04-12T16:22:55.519000-04:00", + "errors": [] + } + } + +For more information, see `Managing Amazon EKS add-ons - Updating an add-on `__ in the *Amazon EKS User Guide*. + +**Example 5. To update an Amazon EKS add-on with custom YAML configuration values file** + +The following ``update-addon`` example command updates an Amazon EKS add-on with custom YAML configuration values and resolve conflicts details. :: + + aws eks update-addon \ + --cluster-name my-eks-cluster \ + --addon-name vpc-cni \ + --service-account-role-arn arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm \ + --addon-version v1.18.0-eksbuild.1 \ + --configuration-values 'file://configuration-values.yaml' \ + --resolve-conflicts PRESERVE + +Contents of ``configuration-values.yaml``:: + + resources: + limits: + cpu: '100m' + requests: + cpu: '50m' + env: + AWS_VPC_K8S_CNI_LOGLEVEL: 'DEBUG' + +Output:: + + { + "update": { + "id": "a067a4c9-69d0-3769-ace9-d235c5b16701", + "status": "InProgress", + "type": "AddonUpdate", + "params": [ + { + "type": "AddonVersion", + "value": "v1.18.0-eksbuild.1" + }, + { + "type": "ServiceAccountRoleArn", + "value": "arn:aws:iam::111122223333:role/eksctl-my-eks-cluster-addon-vpc-cni-Role1-YfakrqOC1UTm" + }, + { + "type": "ResolveConflicts", + "value": "PRESERVE" + }, + { + "type": "ConfigurationValues", + "value": "resources:\n limits:\n cpu: '100m'\n requests:\n cpu: '50m'\nenv:\n AWS_VPC_K8S_CNI_LOGLEVEL: 'DEBUG'" + } + ], + "createdAt": "2024-04-12T16:25:07.212000-04:00", + "errors": [] + } + } + +For more information, see `Managing Amazon EKS add-ons - Updating an add-on `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/update-cluster-version.rst b/awscli/examples/eks/update-cluster-version.rst index 02ab888338b1..0dd1cc582996 100644 --- a/awscli/examples/eks/update-cluster-version.rst +++ b/awscli/examples/eks/update-cluster-version.rst @@ -1,29 +1,31 @@ -**To update a cluster Kubernetes version** - -This example command updates a cluster named ``example`` from Kubernetes 1.12 to 1.13. - -Command:: - - aws eks update-cluster-version --name example --kubernetes-version 1.13 - -Output:: - - { - "update": { - "id": "161a74d1-7e8c-4224-825d-b32af149f23a", - "status": "InProgress", - "type": "VersionUpdate", - "params": [ - { - "type": "Version", - "value": "1.13" - }, - { - "type": "PlatformVersion", - "value": "eks.2" - } - ], - "createdAt": 1565807633.514, - "errors": [] - } - } +**To updates an Amazon EKS cluster named `my-eks-cluster` to the specified Kubernetes version** + +The following ``update-cluster-version`` example updates an Amazon EKS cluster to the specified Kubernetes version. :: + + aws eks update-cluster-version \ + --name my-eks-cluster \ + --kubernetes-version 1.27 + +Output:: + + { + "update": { + "id": "e4091a28-ea14-48fd-a8c7-975aeb469e8a", + "status": "InProgress", + "type": "VersionUpdate", + "params": [ + { + "type": "Version", + "value": "1.27" + }, + { + "type": "PlatformVersion", + "value": "eks.16" + } + ], + "createdAt": "2024-04-12T16:56:01.082000-04:00", + "errors": [] + } + } + +For more information, see `Updating an Amazon EKS cluster Kubernetes version `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/update-kubeconfig.rst b/awscli/examples/eks/update-kubeconfig.rst index ac7264fc2a6a..62c755143f87 100644 --- a/awscli/examples/eks/update-kubeconfig.rst +++ b/awscli/examples/eks/update-kubeconfig.rst @@ -1,11 +1,87 @@ -**To update a kubeconfig for your cluster** - -This example command updates the default kubeconfig file to use your cluster as the current context. - -Command:: - - aws eks update-kubeconfig --name example - -Output:: - - Added new context arn:aws:eks:us-west-2:012345678910:cluster/example to /Users/ericn/.kube/config \ No newline at end of file +**Example 1: Configures your kubectl by creating or updating the kubeconfig so that you can connect to an Amazon EKS Cluster named `my-eks-cluster`** + +The following ``update-kubeconfig`` example configures your kubectl by creating or updating the kubeconfig so that you can connect to an Amazon EKS Cluster named `my-eks-cluster`. :: + + aws eks update-kubeconfig \ + --name my-eks-cluster + +Output:: + + Updated context arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster in /Users/xxx/.kube/config + +For more information, see `Creating or updating a kubeconfig file for an Amazon EKS cluster `__ in the *Amazon EKS User Guide*. + +**Example 2: Configures your kubectl by creating or updating the kubeconfig (with role-arn option to assume a role for cluster authentication) so that you can connect to an Amazon EKS Cluster named `my-eks-cluster`** + +The following ``update-kubeconfig`` example configures your kubectl by creating or updating the kubeconfig (with role-arn option to assume a role for cluster authentication) so that you can connect to an Amazon EKS Cluster named `my-eks-cluster`. :: + + aws eks update-kubeconfig \ + --name my-eks-cluster \ + --role-arn arn:aws:iam::111122223333:role/eksctl-EKS-Linux-Cluster-v1-24-cluster-ServiceRole-j1k7AfTIQtnM + +Output:: + + Updated context arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster in /Users/xxx/.kube/config + +For more information, see `Creating or updating a kubeconfig file for an Amazon EKS cluster `__ in the *Amazon EKS User Guide*. + +**Example 3: Configures your kubectl by creating or updating the kubeconfig (with role-arn option to assume a role for cluster authentication along with custom cluster alias and user-alias) so that you can connect to an Amazon EKS Cluster named `my-eks-cluster`** + +The following ``update-kubeconfig`` example configures your kubectl by creating or updating the kubeconfig (with role-arn option to assume a role for cluster authentication along with custom cluster alias and user-alias) so that you can connect to an Amazon EKS Cluster named `my-eks-cluster`. :: + + aws eks update-kubeconfig \ + --name my-eks-cluster \ + --role-arn arn:aws:iam::111122223333:role/eksctl-EKS-Linux-Cluster-v1-24-cluster-ServiceRole-j1k7AfTIQtnM \ + --alias stage-eks-cluster \ + --user-alias john + +Output:: + + Updated context stage-eks-cluster in /Users/dubaria/.kube/config + +For more information, see `Creating or updating a kubeconfig file for an Amazon EKS cluster `__ in the *Amazon EKS User Guide*. + +**Example 4: Print kubeconfig file entries for review and configures your kubectl so that you can connect to an Amazon EKS Cluster named `my-eks-cluster`** + +The following ``update-kubeconfig`` example configures your kubectl by creating or updating the kubeconfig (with role-arn option to assume a role for cluster authentication along with custom cluster alias and user-alias) so that you can connect to an Amazon EKS Cluster named `my-eks-cluster`. :: + + aws eks update-kubeconfig \ + --name my-eks-cluster \ + --role-arn arn:aws:iam::111122223333:role/eksctl-EKS-Linux-Cluster-v1-24-cluster-ServiceRole-j1k7AfTIQtnM \ + --alias stage-eks-cluster \ + --user-alias john \ + --verbose + +Output:: + + Updated context stage-eks-cluster in /Users/dubaria/.kube/config + Entries: + + context: + cluster: arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster + user: john + name: stage-eks-cluster + + name: john + user: + exec: + apiVersion: client.authentication.k8s.io/v1beta1 + args: + - --region + - us-east-2 + - eks + - get-token + - --cluster-name + - my-eks-cluster + - --output + - json + - --role + - arn:aws:iam::111122223333:role/eksctl-EKS-Linux-Cluster-v1-24-cluster-ServiceRole-j1k7AfTIQtnM + command: aws + + cluster: + certificate-authority-data: xxx_CA_DATA_xxx + server: https://DALSJ343KE23J3RN45653DSKJTT647TYD.yl4.us-east-2.eks.amazonaws.com + name: arn:aws:eks:us-east-2:111122223333:cluster/my-eks-cluster + +For more information, see `Creating or updating a kubeconfig file for an Amazon EKS cluster `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/update-kubeconfig/_description.rst b/awscli/examples/eks/update-kubeconfig/_description.rst index 00da7bca22f1..29c93f23c55e 100644 --- a/awscli/examples/eks/update-kubeconfig/_description.rst +++ b/awscli/examples/eks/update-kubeconfig/_description.rst @@ -4,16 +4,16 @@ Note: To use the resulting configuration, you must have kubectl installed and in your PATH environment variable. This command constructs a configuration with prepopulated server and certificate authority data values for a specified cluster. -You can specify an IAM role ARN with the --role-arn option to use for authentication when you issue kubectl commands. +You can specify an IAM role ARN with the ``--role-arn`` option to use for authentication when you issue kubectl commands. Otherwise, the IAM entity in your default AWS CLI or SDK credential chain is used. You can view your default AWS CLI or SDK identity by running the ``aws sts get-caller-identity`` command. The resulting kubeconfig is created as a new file or merged with an existing kubeconfig file using the following logic: -* If you specify a path with the --kubeconfig option, then the resulting configuration file is created there or merged with an existing kubeconfig at that location. -* Or, if you have the KUBECONFIG environment variable set, then the resulting configuration file is created at the first entry in that variable or merged with an existing kubeconfig at that location. -* Otherwise, by default, the resulting configuration file is created at the default kubeconfig path (.kube/config) in your home directory or merged with an existing kubeconfig at that location. +* If you specify a path with the ``--kubeconfig option``, then the resulting configuration file is created there or merged with an existing kubeconfig at that location. +* Or, if you have the ``KUBECONFIG`` environment variable set, then the resulting configuration file is created at the first entry in that variable or merged with an existing kubeconfig at that location. +* Otherwise, by default, the resulting configuration file is created at the default kubeconfig path (``.kube/config``) in your home directory or merged with an existing kubeconfig at that location. * If a previous cluster configuration exists for an Amazon EKS cluster with the same name at the specified path, the existing configuration is overwritten with the new configuration. * When update-kubeconfig writes a configuration to a kubeconfig file, the current-context of the kubeconfig file is set to that configuration. -You can use the --dry-run option to print the resulting configuration to stdout instead of writing it to the specified location. +You can use the ``--dry-run`` option to print the resulting configuration to stdout instead of writing it to the specified location. diff --git a/awscli/examples/eks/update-nodegroup-config.rst b/awscli/examples/eks/update-nodegroup-config.rst new file mode 100644 index 000000000000..59eb8928f000 --- /dev/null +++ b/awscli/examples/eks/update-nodegroup-config.rst @@ -0,0 +1,152 @@ +**Example 1: Update a managed node group to add new labels and taint to EKS worker node for an Amazon EKS cluster** + +The following ``update-nodegroup-config`` example updates a managed node group to add new labels and taint to EKS worker node for an Amazon EKS cluster. :: + + aws eks update-nodegroup-config \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup \ + --labels 'addOrUpdateLabels={my-eks-nodegroup-label-1=value-1,my-eks-nodegroup-label-2=value-2}' \ + --taints 'addOrUpdateTaints=[{key=taint-key-1,value=taint-value-1,effect=NO_EXECUTE}]' + +Output:: + + { + "update": { + "id": "e66d21d3-bd8b-3ad1-a5aa-b196dc08c7c1", + "status": "InProgress", + "type": "ConfigUpdate", + "params": [ + { + "type": "LabelsToAdd", + "value": "{\"my-eks-nodegroup-label-2\":\"value-2\",\"my-eks-nodegroup-label-1\":\"value-1\"}" + }, + { + "type": "TaintsToAdd", + "value": "[{\"effect\":\"NO_EXECUTE\",\"value\":\"taint-value-1\",\"key\":\"taint-key-1\"}]" + } + ], + "createdAt": "2024-04-08T12:05:19.161000-04:00", + "errors": [] + } + } + +For more information, see `Updating a managed node group `__ in the *Amazon EKS User Guide*. + +**Example 2: Update a managed node group to remove labels and taint for the EKS worker node for an Amazon EKS cluster** + +The following ``update-nodegroup-config`` example updates a managed node group to remove labels and taint for the EKS worker node for an Amazon EKS cluster. :: + + aws eks update-nodegroup-config \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup \ + --labels 'removeLabels=my-eks-nodegroup-label-1, my-eks-nodegroup-label-2' \ + --taints 'removeTaints=[{key=taint-key-1,value=taint-value-1,effect=NO_EXECUTE}]' + +Output:: + + { + "update": { + "id": "67a08692-9e59-3ace-a916-13929f44cec3", + "status": "InProgress", + "type": "ConfigUpdate", + "params": [ + { + "type": "LabelsToRemove", + "value": "[\"my-eks-nodegroup-label-1\",\"my-eks-nodegroup-label-2\"]" + }, + { + "type": "TaintsToRemove", + "value": "[{\"effect\":\"NO_EXECUTE\",\"value\":\"taint-value-1\",\"key\":\"taint-key-1\"}]" + } + ], + "createdAt": "2024-04-08T12:17:31.817000-04:00", + "errors": [] + } + } + +For more information, see `Updating a managed node group `__ in the *Amazon EKS User Guide*. + +**Example 3: Update a managed node group to remove and add labels and taint for the EKS worker node for an Amazon EKS cluster** + +The following ``update-nodegroup-config`` example updates a managed node group to remove and add labels and taint for the EKS worker node for an Amazon EKS cluster. :: + + aws eks update-nodegroup-config \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup \ + --labels 'addOrUpdateLabels={my-eks-nodegroup-new-label-1=new-value-1,my-eks-nodegroup-new-label-2=new-value-2},removeLabels=my-eks-nodegroup-label-1, my-eks-nodegroup-label-2' \ + --taints 'addOrUpdateTaints=[{key=taint-new-key-1,value=taint-new-value-1,effect=PREFER_NO_SCHEDULE}],removeTaints=[{key=taint-key-1,value=taint-value-1,effect=NO_EXECUTE}]' + +Output:: + + { + "update": { + "id": "4a9c8c45-6ac7-3115-be71-d6412a2339b7", + "status": "InProgress", + "type": "ConfigUpdate", + "params": [ + { + "type": "LabelsToAdd", + "value": "{\"my-eks-nodegroup-new-label-1\":\"new-value-1\",\"my-eks-nodegroup-new-label-2\":\"new-value-2\"}" + }, + { + "type": "LabelsToRemove", + "value": "[\"my-eks-nodegroup-label-1\",\"my-eks-nodegroup-label-2\"]" + }, + { + "type": "TaintsToAdd", + "value": "[{\"effect\":\"PREFER_NO_SCHEDULE\",\"value\":\"taint-new-value-1\",\"key\":\"taint-new-key-1\"}]" + }, + { + "type": "TaintsToRemove", + "value": "[{\"effect\":\"NO_EXECUTE\",\"value\":\"taint-value-1\",\"key\":\"taint-key-1\"}]" + } + ], + "createdAt": "2024-04-08T12:30:55.486000-04:00", + "errors": [] + } + } + +For more information, see `Updating a managed node group `__ in the *Amazon EKS User Guide*. + + +**Example 4: Update a managed node group to update scaling-config and update-config for the EKS worker node for an Amazon EKS cluster** + +The following ``update-nodegroup-config`` example updates a managed node group to update scaling-config and update-config for the EKS worker node for an Amazon EKS cluster. :: + + aws eks update-nodegroup-config \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup \ + --scaling-config minSize=1,maxSize=5,desiredSize=2 \ + --update-config maxUnavailable=2 + +Output:: + + { + "update": { + "id": "a977160f-59bf-3023-805d-c9826e460aea", + "status": "InProgress", + "type": "ConfigUpdate", + "params": [ + { + "type": "MinSize", + "value": "1" + }, + { + "type": "MaxSize", + "value": "5" + }, + { + "type": "DesiredSize", + "value": "2" + }, + { + "type": "MaxUnavailable", + "value": "2" + } + ], + "createdAt": "2024-04-08T12:35:17.036000-04:00", + "errors": [] + } + } + +For more information, see `Updating a managed node group `__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/update-nodegroup-version.rst b/awscli/examples/eks/update-nodegroup-version.rst new file mode 100644 index 000000000000..3bfd56f81696 --- /dev/null +++ b/awscli/examples/eks/update-nodegroup-version.rst @@ -0,0 +1,67 @@ +**Example 1: Update the Kubernetes version or AMI version of an Amazon EKS managed node group** + +The following ``update-nodegroup-version`` example updates the Kubernetes version or AMI version of an Amazon EKS managed node group to the latest available version for your Kubernetes cluster. :: + + aws eks update-nodegroup-version \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup \ + --no-force + +Output:: + + { + "update": { + "id": "a94ebfc3-6bf8-307a-89e6-7dbaa36421f7", + "status": "InProgress", + "type": "VersionUpdate", + "params": [ + { + "type": "Version", + "value": "1.26" + }, + { + "type": "ReleaseVersion", + "value": "1.26.12-20240329" + } + ], + "createdAt": "2024-04-08T13:16:00.724000-04:00", + "errors": [] + } + } + +For more information, see `Updating a managed node group `__ in the *Amazon EKS User Guide*. + +**Example 2: Update the Kubernetes version or AMI version of an Amazon EKS managed node group** + +The following ``update-nodegroup-version`` example updates the Kubernetes version or AMI version of an Amazon EKS managed node group to the specified AMI release version. :: + + aws eks update-nodegroup-version \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-eks-nodegroup \ + --kubernetes-version '1.26' \ + --release-version '1.26.12-20240307' \ + --no-force + +Output:: + + { + "update": { + "id": "4db06fe1-088d-336b-bdcd-3fdb94995fb7", + "status": "InProgress", + "type": "VersionUpdate", + "params": [ + { + "type": "Version", + "value": "1.26" + }, + { + "type": "ReleaseVersion", + "value": "1.26.12-20240307" + } + ], + "createdAt": "2024-04-08T13:13:58.595000-04:00", + "errors": [] + } + } + +For more information, see `Updating a managed node group - ``__ in the *Amazon EKS User Guide*. diff --git a/awscli/examples/eks/wait/addon-active.rst b/awscli/examples/eks/wait/addon-active.rst new file mode 100644 index 000000000000..b7e31f5b3bad --- /dev/null +++ b/awscli/examples/eks/wait/addon-active.rst @@ -0,0 +1,9 @@ +**To wait for an add-on running in the Amazon EKS cluster to become ACTIVE** + +The following ``wait addon-active`` example command waits for an add-on named ``aws-efs-csi-driver`` running in the Amazon EKS cluster named ``my-eks-cluster`` to become ``ACTIVE``. :: + + aws eks wait addon-active \ + --cluster-name my-eks-cluster \ + --addon-name aws-efs-csi-driver + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/eks/wait/addon-deleted.rst b/awscli/examples/eks/wait/addon-deleted.rst new file mode 100644 index 000000000000..9bf105e73e22 --- /dev/null +++ b/awscli/examples/eks/wait/addon-deleted.rst @@ -0,0 +1,9 @@ +**To wait for an add-on running in the Amazon EKS cluster to be deleted** + +The following ``wait addon-deleted`` example command waits until ``ResourceNotFoundException`` is thrown when polling with `describe-addon` for an add-on named ``aws-efs-csi-driver`` running in the Amazon EKS cluster named ``my-eks-cluster``. :: + + aws eks wait addon-deleted \ + --cluster-name my-eks-cluster \ + --addon-name aws-efs-csi-driver + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/eks/wait/cluster-active.rst b/awscli/examples/eks/wait/cluster-active.rst new file mode 100644 index 000000000000..b9d1e2ad9df4 --- /dev/null +++ b/awscli/examples/eks/wait/cluster-active.rst @@ -0,0 +1,8 @@ +**To wait for an Amazon EKS cluster to become ACTIVE** + +The following ``wait cluster-active`` example command waits for an Amazon EKS cluster named ``my-eks-cluster`` status to become ``ACTIVE``. :: + + aws eks wait cluster-active \ + --name my-eks-cluster + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/eks/wait/cluster-deleted.rst b/awscli/examples/eks/wait/cluster-deleted.rst new file mode 100644 index 000000000000..54d354cc1912 --- /dev/null +++ b/awscli/examples/eks/wait/cluster-deleted.rst @@ -0,0 +1,8 @@ +**To wait until Amazon EKS cluster is deleted** + +The following ``wait cluster-deleted`` example command waits until ``ResourceNotFoundException`` is thrown when polling with ``describe-cluster`` for Amazon EKS cluster named ``my-eks-cluster``. :: + + aws eks wait cluster-deleted \ + --name my-eks-cluster + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/eks/wait/fargate-profile-active.rst b/awscli/examples/eks/wait/fargate-profile-active.rst new file mode 100644 index 000000000000..e59aee8fe77a --- /dev/null +++ b/awscli/examples/eks/wait/fargate-profile-active.rst @@ -0,0 +1,9 @@ +**To wait for an fargate-profile running in the Amazon EKS cluster to become ACTIVE** + +The following ``wait fargate-profile-active`` example command waits for an fargate-profile named ``my-fargate-profile`` running in the Amazon EKS cluster named ``my-eks-cluster`` to be ``ACTIVE``. :: + + aws eks wait fargate-profile-active \ + --cluster-name my-eks-cluster \ + --fargate-profile-name my-fargate-profile + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/eks/wait/fargate-profile-deleted.rst b/awscli/examples/eks/wait/fargate-profile-deleted.rst new file mode 100644 index 000000000000..396a6ac9af59 --- /dev/null +++ b/awscli/examples/eks/wait/fargate-profile-deleted.rst @@ -0,0 +1,9 @@ +**To wait for an fargate-profile running in the Amazon EKS cluster to become deleted** + +The following ``wait fargate-profile-deleted`` example command waits until ``ResourceNotFoundException`` is thrown when polling with `describe-fargate-profile` for an fargate-profile named ``my-fargate-profile`` running in the Amazon EKS cluster named ``my-eks-cluster``. :: + + aws eks wait fargate-profile-deleted \ + --cluster-name my-eks-cluster \ + --fargate-profile-name my-fargate-profile + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/eks/wait/nodegroup-active.rst b/awscli/examples/eks/wait/nodegroup-active.rst new file mode 100644 index 000000000000..76d58f87ea9e --- /dev/null +++ b/awscli/examples/eks/wait/nodegroup-active.rst @@ -0,0 +1,9 @@ +**Example 8: To wait for an nodegroup running in the Amazon EKS cluster to become ACTIVE** + +The following ``wait nodegroup-active`` example command waits for an nodegroup named ``my-nodegroup`` running in the Amazon EKS cluster named ``my-eks-cluster`` to be Active. :: + + aws eks wait nodegroup-active \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-nodegroup + +This command produces no output. diff --git a/awscli/examples/eks/wait/nodegroup-deleted.rst b/awscli/examples/eks/wait/nodegroup-deleted.rst new file mode 100644 index 000000000000..9251e60592a9 --- /dev/null +++ b/awscli/examples/eks/wait/nodegroup-deleted.rst @@ -0,0 +1,9 @@ +**To wait for an nodegroup running in the Amazon EKS cluster to become deleted** + +The following ``wait nodegroup-deleted`` example command waits until ``ResourceNotFoundException`` is thrown when polling with `describe-nodegroup` for an nodegroup named ``my-nodegroup`` running in the Amazon EKS cluster named ``my-eks-cluster``. :: + + aws eks wait nodegroup-deleted \ + --cluster-name my-eks-cluster \ + --nodegroup-name my-nodegroup + +This command produces no output. diff --git a/awscli/examples/elasticache/decrease-replica-count.rst b/awscli/examples/elasticache/decrease-replica-count.rst index 72dde671380e..824390af8c4c 100755 --- a/awscli/examples/elasticache/decrease-replica-count.rst +++ b/awscli/examples/elasticache/decrease-replica-count.rst @@ -1,6 +1,6 @@ **To decrease replica count** -The following ``decrease-replica-count`` example dynamically decreases the number of replics in a Redis (cluster mode disabled) replication group or the number of replica nodes in one or more node groups (shards) of a Redis (cluster mode enabled) replication group. This operation is performed with no cluster downtime. :: +The following ``decrease-replica-count`` example dynamically decreases the number of replicas in a Redis (cluster mode disabled) replication group or the number of replica nodes in one or more node groups (shards) of a Redis (cluster mode enabled) replication group. This operation is performed with no cluster downtime. :: aws elasticache decrease-replica-count \ --replication-group-id my-cluster \ diff --git a/awscli/examples/elasticbeanstalk/create-application-version.rst b/awscli/examples/elasticbeanstalk/create-application-version.rst index cf504b44965a..1043b7eb7629 100644 --- a/awscli/examples/elasticbeanstalk/create-application-version.rst +++ b/awscli/examples/elasticbeanstalk/create-application-version.rst @@ -2,9 +2,9 @@ The following command creates a new version, "v1" of an application named "MyApp":: - aws elasticbeanstalk create-application-version --application-name MyApp --version-label v1 --description MyAppv1 --source-bundle S3Bucket="my-bucket",S3Key="sample.war" --auto-create-application + aws elasticbeanstalk create-application-version --application-name MyApp --version-label v1 --description MyAppv1 --source-bundle S3Bucket="amzn-s3-demo-bucket",S3Key="sample.war" --auto-create-application -The application will be created automatically if it does not already exist, due to the auto-create-application option. The source bundle is a .war file stored in an s3 bucket named "my-bucket" that contains the Apache Tomcat sample application. +The application will be created automatically if it does not already exist, due to the auto-create-application option. The source bundle is a .war file stored in an s3 bucket named "amzn-s3-demo-bucket" that contains the Apache Tomcat sample application. Output:: @@ -16,7 +16,7 @@ Output:: "DateCreated": "2015-02-03T23:01:25.412Z", "DateUpdated": "2015-02-03T23:01:25.412Z", "SourceBundle": { - "S3Bucket": "my-bucket", + "S3Bucket": "amzn-s3-demo-bucket", "S3Key": "sample.war" } } diff --git a/awscli/examples/elbv2/create-target-group.rst b/awscli/examples/elbv2/create-target-group.rst index 23fe4c30ee75..63b17f602c3a 100644 --- a/awscli/examples/elbv2/create-target-group.rst +++ b/awscli/examples/elbv2/create-target-group.rst @@ -1,139 +1,183 @@ -**Example 1: To create a target group to route traffic to instances registered by instance ID** - -The following ``create-target-group`` example creates a target group for an Application Load Balancer where you register targets by instance ID (the target type is ``instance``). This target group uses the HTTP protocol, port 80, and the default health check settings for an HTTP target group. :: - - aws elbv2 create-target-group \ - --name my-targets \ - --protocol HTTP \ - --port 80 \ - --target-type instance \ - --vpc-id vpc-3ac0fb5f - -Output:: - - { - "TargetGroups": [ - { - "TargetGroupName": "my-targets", - "Protocol": "HTTP", - "Port": 80, - "VpcId": "vpc-3ac0fb5f", - "TargetType": "instance", - "HealthCheckEnabled": true, - "UnhealthyThresholdCount": 2, - "HealthyThresholdCount": 5, - "HealthCheckPath": "/", - "Matcher": { - "HttpCode": "200" - }, - "HealthCheckProtocol": "HTTP", - "HealthCheckPort": "traffic-port", - "HealthCheckIntervalSeconds": 30, - "HealthCheckTimeoutSeconds": 5, - "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067" - } - ] - } - -For more information, see `Create a target group `__ in the *User Guide for Application Load Balancers*. - -**Example 2: To create a target group to route traffic to an IP addresses** - -The following ``create-target-group`` example creates a target group for a Network Load Balancer where you register targets by IP address (the target type is ``ip``). This target group uses the TCP protocol, port 80, and the default health check settings for a TCP target group. :: - - aws elbv2 create-target-group \ - --name my-ip-targets \ - --protocol TCP \ - --port 80 \ - --target-type ip \ - --vpc-id vpc-3ac0fb5f - -Output:: - - { - "TargetGroups": [ - { - "TargetGroupName": "my-ip-targets", - "Protocol": "TCP", - "Port": 80, - "VpcId": "vpc-3ac0fb5f", - "TargetType": "ip", - "HealthCheckEnabled": true, - "UnhealthyThresholdCount": 3, - "HealthyThresholdCount": 3, - "HealthCheckProtocol": "TCP", - "HealthCheckPort": "traffic-port", - "HealthCheckIntervalSeconds": 30, - "HealthCheckTimeoutSeconds": 10, - "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-ip-targets/b6bba954d1361c78" - } - ] - } - -For more information, see `Create a target group for your Network Load Balancer `__ in the *User Guide for Network Load Balancers*. - -**Example 3: To create a target group to route traffic to a Lambda function** - -The following ``create-target-group`` example creates a target group for an Application Load Balancer where the target is a Lambda function (the target type is ``lambda``). Health checks are disabled for this target group by default. :: - - aws elbv2 create-target-group \ - --name my-lambda-target \ - --target-type lambda - -Output:: - - { - "TargetGroups": [ - { - "TargetGroupName": "my-lambda-target", - "TargetType": "lambda", - "HealthCheckEnabled": false, - "UnhealthyThresholdCount": 2, - "HealthyThresholdCount": 5, - "HealthCheckPath": "/", - "Matcher": { - "HttpCode": "200" - }, - "HealthCheckIntervalSeconds": 35, - "HealthCheckTimeoutSeconds": 30, - "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-lambda-target/a3003e085dbb8ddc" - } - ] - } - -For more information, see `Lambda functions as targets `__ in the *User Guide for Application Load Balancers*. - -**Example 4: To create a target group to route traffic to a Gateway Load Balancer** - -The following ``create-target-group`` example creates a target group for a Gateway Load Balancer where the target is an instance, and the target group protocol is GENEVE. :: - - aws elbv2 create-target-group \ - --name my-glb-targetgroup \ - --protocol GENEVE \ - --port 6081 \ - --target-type instance \ - --vpc-id vpc-838475fe - -Output:: - - { - "TargetGroups": [ - { - "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-glb-targetgroup/00c3d57eacd6f40b6f", - "TargetGroupName": "my-glb-targetgroup", - "Protocol": "GENEVE", - "Port": 6081, - "VpcId": "vpc-838475fe", - "HealthCheckProtocol": "TCP", - "HealthCheckPort": "80", - "HealthCheckEnabled": true, - "HealthCheckIntervalSeconds": 10, - "HealthCheckTimeoutSeconds": 5, - "HealthyThresholdCount": 5, - "UnhealthyThresholdCount": 2, - "TargetType": "instance" - } - ] - } - -For more information, see `Create a target group for your Gateway Load Balancer `__ in the *User Guide for Gateway Load Balancers*. \ No newline at end of file +**Example 1: To create a target group for an Application Load Balancer** + +The following ``create-target-group`` example creates a target group for an Application Load Balancer where you register targets by instance ID (the target type is ``instance``). This target group uses the HTTP protocol, port 80, and the default health check settings for an HTTP target group. :: + + aws elbv2 create-target-group \ + --name my-targets \ + --protocol HTTP \ + --port 80 \ + --target-type instance \ + --vpc-id vpc-3ac0fb5f + +Output:: + + { + "TargetGroups": [ + { + "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067", + "TargetGroupName": "my-targets", + "Protocol": "HTTP", + "Port": 80, + "VpcId": "vpc-3ac0fb5f", + "HealthCheckProtocol": "HTTP", + "HealthCheckPort": "traffic-port", + "HealthCheckEnabled": true, + "HealthCheckIntervalSeconds": 30, + "HealthCheckTimeoutSeconds": 5, + "HealthyThresholdCount": 5, + "UnhealthyThresholdCount": 2, + "HealthCheckPath": "/", + "Matcher": { + "HttpCode": "200" + }, + "TargetType": "instance", + "ProtocolVersion": "HTTP1", + "IpAddressType": "ipv4" + } + ] + } + +For more information, see `Create a target group `__ in the *User Guide for Application Load Balancers*. + +**Example 2: To create a target group to route traffic from an Application Load Balancer to a Lambda function** + +The following ``create-target-group`` example creates a target group for an Application Load Balancer where the target is a Lambda function (the target type is ``lambda``). Health checks are disabled for this target group by default. :: + + aws elbv2 create-target-group \ + --name my-lambda-target \ + --target-type lambda + +Output:: + + { + "TargetGroups": [ + { + "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-lambda-target/a3003e085dbb8ddc", + "TargetGroupName": "my-lambda-target", + "HealthCheckEnabled": false, + "HealthCheckIntervalSeconds": 35, + "HealthCheckTimeoutSeconds": 30, + "HealthyThresholdCount": 5, + "UnhealthyThresholdCount": 2, + "HealthCheckPath": "/", + "Matcher": { + "HttpCode": "200" + }, + "TargetType": "lambda", + "IpAddressType": "ipv4" + } + ] + } + +For more information, see `Lambda functions as targets `__ in the *User Guide for Application Load Balancers*. + +**Example 3: To create a target group for a Network Load Balancer** + +The following ``create-target-group`` example creates a target group for a Network Load Balancer where you register targets by IP address (the target type is ``ip``). This target group uses the TCP protocol, port 80, and the default health check settings for a TCP target group. :: + + aws elbv2 create-target-group \ + --name my-ip-targets \ + --protocol TCP \ + --port 80 \ + --target-type ip \ + --vpc-id vpc-3ac0fb5f + +Output:: + + { + "TargetGroups": [ + { + "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-ip-targets/b6bba954d1361c78", + "TargetGroupName": "my-ip-targets", + "Protocol": "TCP", + "Port": 80, + "VpcId": "vpc-3ac0fb5f", + "HealthCheckEnabled": true, + "HealthCheckProtocol": "TCP", + "HealthCheckPort": "traffic-port", + "HealthCheckIntervalSeconds": 30, + "HealthCheckTimeoutSeconds": 10, + "HealthyThresholdCount": 5, + "UnhealthyThresholdCount": 2, + "TargetType": "ip", + "IpAddressType": "ipv4" + } + ] + } + +For more information, see `Create a target group `__ in the *User Guide for Network Load Balancers*. + +**Example 4: To create a target group to route traffic from a Network Load Balancer to an Application Load Balancer** + +The following ``create-target-group`` example creates a target group for a Network Load Balancer where you register an Application Load Balancer as a target (the target type is ``alb``). + + aws elbv2 create-target-group \ + --name my-alb-target \ + --protocol TCP \ + --port 80 \ + --target-type alb \ + --vpc-id vpc-3ac0fb5f + +Output:: + + { + "TargetGroups": [ + { + "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-alb-target/a3003e085dbb8ddc", + "TargetGroupName": "my-alb-target", + "Protocol": "TCP", + "Port": 80, + "VpcId": "vpc-838475fe", + "HealthCheckProtocol": "HTTP", + "HealthCheckPort": "traffic-port", + "HealthCheckEnabled": true, + "HealthCheckIntervalSeconds": 30, + "HealthCheckTimeoutSeconds": 6, + "HealthyThresholdCount": 5, + "UnhealthyThresholdCount": 2, + "HealthCheckPath": "/", + "Matcher": { + "HttpCode": "200-399" + }, + "TargetType": "alb", + "IpAddressType": "ipv4" + } + ] + } + +For more information, see `Create a target group with an Application Load Balancer as the target `__ in the *User Guide for Network Load Balancers*. + +**Example 5: To create a target group for a Gateway Load Balancer** + +The following ``create-target-group`` example creates a target group for a Gateway Load Balancer where the target is an instance, and the target group protocol is ``GENEVE``. :: + + aws elbv2 create-target-group \ + --name my-glb-targetgroup \ + --protocol GENEVE \ + --port 6081 \ + --target-type instance \ + --vpc-id vpc-838475fe + +Output:: + + { + "TargetGroups": [ + { + "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-glb-targetgroup/00c3d57eacd6f40b6f", + "TargetGroupName": "my-glb-targetgroup", + "Protocol": "GENEVE", + "Port": 6081, + "VpcId": "vpc-838475fe", + "HealthCheckProtocol": "TCP", + "HealthCheckPort": "80", + "HealthCheckEnabled": true, + "HealthCheckIntervalSeconds": 10, + "HealthCheckTimeoutSeconds": 5, + "HealthyThresholdCount": 5, + "UnhealthyThresholdCount": 2, + "TargetType": "instance" + } + ] + } + +For more information, see Create a target group `__ in the *Gateway Load Balancer User Guide*. \ No newline at end of file diff --git a/awscli/examples/elbv2/delete-target-group.rst b/awscli/examples/elbv2/delete-target-group.rst index fd2b84d2bf3d..63fdf94306ab 100644 --- a/awscli/examples/elbv2/delete-target-group.rst +++ b/awscli/examples/elbv2/delete-target-group.rst @@ -4,3 +4,7 @@ The following ``delete-target-group`` example deletes the specified target group aws elbv2 delete-target-group \ --target-group-arn arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067 + +This command produces no output. + +For more information, see `Delete a load balancer `__ in the *Application Load Balancer Guide*. \ No newline at end of file diff --git a/awscli/examples/elbv2/describe-account-limits.rst b/awscli/examples/elbv2/describe-account-limits.rst index 8cb3d9e83c2a..1a607e1fe789 100644 --- a/awscli/examples/elbv2/describe-account-limits.rst +++ b/awscli/examples/elbv2/describe-account-limits.rst @@ -8,49 +8,99 @@ Output:: { "Limits": [ - { - "Name": "application-load-balancers", - "Max": "20" - }, - { - "Name": "target-groups", - "Max": "3000" - }, - { - "Name": "targets-per-application-load-balancer", - "Max": "1000" - }, - { - "Name": "listeners-per-application-load-balancer", - "Max": "50" - }, - { - "Name": "rules-per-application-load-balancer", - "Max": "100" - }, - { - "Name": "network-load-balancers", - "Max": "20" - }, - { - "Name": "targets-per-network-load-balancer", - "Max": "3000" - }, - { - "Name": "targets-per-availability-zone-per-network-load-balancer", - "Max": "500" - }, - { - "Name": "listeners-per-network-load-balancer", - "Max": "50" - }, - { - "Name": "condition-values-per-alb-rule", - "Max": "5" - }, - { - "Name": "condition-wildcards-per-alb-rule", - "Max": "5" - } + { + "Name": "target-groups", + "Max": "3000" + }, + { + "Name": "targets-per-application-load-balancer", + "Max": "1000" + }, + { + "Name": "listeners-per-application-load-balancer", + "Max": "50" + }, + { + "Name": "rules-per-application-load-balancer", + "Max": "100" + }, + { + "Name": "network-load-balancers", + "Max": "50" + }, + { + "Name": "targets-per-network-load-balancer", + "Max": "3000" + }, + { + "Name": "targets-per-availability-zone-per-network-load-balancer", + "Max": "500" + }, + { + "Name": "listeners-per-network-load-balancer", + "Max": "50" + }, + { + "Name": "condition-values-per-alb-rule", + "Max": "5" + }, + { + "Name": "condition-wildcards-per-alb-rule", + "Max": "5" + }, + { + "Name": "target-groups-per-application-load-balancer", + "Max": "100" + }, + { + "Name": "target-groups-per-action-on-application-load-balancer", + "Max": "5" + }, + { + "Name": "target-groups-per-action-on-network-load-balancer", + "Max": "1" + }, + { + "Name": "certificates-per-application-load-balancer", + "Max": "25" + }, + { + "Name": "certificates-per-network-load-balancer", + "Max": "25" + }, + { + "Name": "targets-per-target-group", + "Max": "1000" + }, + { + "Name": "target-id-registrations-per-application-load-balancer", + "Max": "1000" + }, + { + "Name": "network-load-balancer-enis-per-vpc", + "Max": "1200" + }, + { + "Name": "application-load-balancers", + "Max": "50" + }, + { + "Name": "gateway-load-balancers", + "Max": "100" + }, + { + "Name": "gateway-load-balancers-per-vpc", + "Max": "100" + }, + { + "Name": "geneve-target-groups", + "Max": "100" + }, + { + "Name": "targets-per-availability-zone-per-gateway-load-balancer", + "Max": "300" + } ] } + +For more information, see `Quotas `__ in the *AWS General Reference*. \ No newline at end of file diff --git a/awscli/examples/elbv2/describe-ssl-policies.rst b/awscli/examples/elbv2/describe-ssl-policies.rst index 97c26454788e..eb8255b29cc1 100644 --- a/awscli/examples/elbv2/describe-ssl-policies.rst +++ b/awscli/examples/elbv2/describe-ssl-policies.rst @@ -1,48 +1,76 @@ -**To describe a policy used for SSL negotiation** +**Example 1: To list the policies used for SSL negotiation by load balancer type** -The following ``describe-ssl-policies`` example displays details of the specified policy used for SSL negotiation. :: +The following ``describe-ssl-policies`` example displays the names of the polices that you can use for SSL negotiation with an Application Load Balancer. The example uses the ``--query`` parameter to display only the names of the policies. :: aws elbv2 describe-ssl-policies \ - --names ELBSecurityPolicy-2016-08 - + --load-balancer-type application \ + --query SslPolicies[*].Name + +Output:: + + [ + "ELBSecurityPolicy-2016-08", + "ELBSecurityPolicy-TLS13-1-2-2021-06", + "ELBSecurityPolicy-TLS13-1-2-Res-2021-06", + "ELBSecurityPolicy-TLS13-1-2-Ext1-2021-06", + "ELBSecurityPolicy-TLS13-1-2-Ext2-2021-06", + "ELBSecurityPolicy-TLS13-1-1-2021-06", + "ELBSecurityPolicy-TLS13-1-0-2021-06", + "ELBSecurityPolicy-TLS13-1-3-2021-06", + "ELBSecurityPolicy-TLS-1-2-2017-01", + "ELBSecurityPolicy-TLS-1-1-2017-01", + "ELBSecurityPolicy-TLS-1-2-Ext-2018-06", + "ELBSecurityPolicy-FS-2018-06", + "ELBSecurityPolicy-2015-05", + "ELBSecurityPolicy-TLS-1-0-2015-04", + "ELBSecurityPolicy-FS-1-2-Res-2019-08", + "ELBSecurityPolicy-FS-1-1-2019-08", + "ELBSecurityPolicy-FS-1-2-2019-08", + "ELBSecurityPolicy-FS-1-2-Res-2020-10" + ] + +**Example 2: To list the policies that support a specific protocol** + +The following ``describe-ssl-policies`` example displays the names of the polices that support the TLS 1.3 protocol. The example uses the ``--query`` parameter to display only the names of the policies. :: + + aws elbv2 describe-ssl-policies \ + --load-balancer-type application \ + --query SslPolicies[?contains(SslProtocols,'TLSv1.3')].Name + Output:: - { - "SslPolicies": [ - { - "SslProtocols": [ - "TLSv1", - "TLSv1.1", - "TLSv1.2" - ], - "Ciphers": [ - { - "Priority": 1, - "Name": "ECDHE-ECDSA-AES128-GCM-SHA256" - }, - { - "Priority": 2, - "Name": "ECDHE-RSA-AES128-GCM-SHA256" - }, - { - "Priority": 3, - "Name": "ECDHE-ECDSA-AES128-SHA256" - }, - - ...some output truncated... - - { - "Priority": 18, - "Name": "AES256-SHA" - } - ], - "Name": "ELBSecurityPolicy-2016-08" - } - ] - } - -**To describe all policies used for SSL negotiation** - -The following ``describe-ssl-policies`` example displays details for all the policies that you can use for SSL negotiation. :: - - aws elbv2 describe-ssl-policies + [ + "ELBSecurityPolicy-TLS13-1-2-2021-06", + "ELBSecurityPolicy-TLS13-1-2-Res-2021-06", + "ELBSecurityPolicy-TLS13-1-2-Ext1-2021-06", + "ELBSecurityPolicy-TLS13-1-2-Ext2-2021-06", + "ELBSecurityPolicy-TLS13-1-1-2021-06", + "ELBSecurityPolicy-TLS13-1-0-2021-06", + "ELBSecurityPolicy-TLS13-1-3-2021-06" + ] + +**Example 3: To display the ciphers for a policy** + +The following ``describe-ssl-policies`` example displays the names of the ciphers for the specified policy. The example uses the ``--query`` parameter to display only the cipher names. The first cipher in the list has priority 1, and the remaining ciphers are in priority order. :: + + aws elbv2 describe-ssl-policies \ + --names ELBSecurityPolicy-TLS13-1-2-2021-06 \ + --query SslPolicies[*].Ciphers[*].Name + +Output:: + + [ + "TLS_AES_128_GCM_SHA256", + "TLS_AES_256_GCM_SHA384", + "TLS_CHACHA20_POLY1305_SHA256", + "ECDHE-ECDSA-AES128-GCM-SHA256", + "ECDHE-RSA-AES128-GCM-SHA256", + "ECDHE-ECDSA-AES128-SHA256", + "ECDHE-RSA-AES128-SHA256", + "ECDHE-ECDSA-AES256-GCM-SHA384", + "ECDHE-RSA-AES256-GCM-SHA384", + "ECDHE-ECDSA-AES256-SHA384", + "ECDHE-RSA-AES256-SHA384" + ] + +For more information, see `Security policies `__ in the *User Guide for Application Load Balancers*. \ No newline at end of file diff --git a/awscli/examples/elbv2/describe-target-groups.rst b/awscli/examples/elbv2/describe-target-groups.rst index 0cf323988fc0..c947472f304e 100644 --- a/awscli/examples/elbv2/describe-target-groups.rst +++ b/awscli/examples/elbv2/describe-target-groups.rst @@ -10,39 +10,46 @@ Output:: { "TargetGroups": [ { + "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067", "TargetGroupName": "my-targets", "Protocol": "HTTP", "Port": 80, "VpcId": "vpc-3ac0fb5f", - "TargetType": "instance", + "HealthCheckProtocol": "HTTP", + "HealthCheckPort": "traffic-port", "HealthCheckEnabled": true, - "UnhealthyThresholdCount": 2, + "HealthCheckIntervalSeconds": 30, + "HealthCheckTimeoutSeconds": 5, "HealthyThresholdCount": 5, + "UnhealthyThresholdCount": 2, "HealthCheckPath": "/", "Matcher": { "HttpCode": "200" }, - "HealthCheckProtocol": "HTTP", - "HealthCheckPort": "traffic-port", - "HealthCheckIntervalSeconds": 30, - "HealthCheckTimeoutSeconds": 5, - "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067", "LoadBalancerArns": [ "arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188" - ] + ], + "TargetType": "instance", + "ProtocolVersion": "HTTP1", + "IpAddressType": "ipv4" } ] } **Example 2: To describe all target groups for a load balancer** -The following ``describe-target-groups`` example displays details for all target groups for the specified load balancer. :: +The following ``describe-target-groups`` example displays details for all target groups for the specified load balancer. The example uses the ``--query`` parameter to display only the target group names. :: aws elbv2 describe-target-groups \ - --load-balancer-arn arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188 + --load-balancer-arn arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188 \ + --query TargetGroups[*].TargetGroupName -**Example 3: To describe all target groups** +Output:: -The following ``describe-target-groups`` example dislplays details for all of your target groups. :: + [ + "my-instance-targets", + "my-ip-targets", + "my-lambda-target" + ] - aws elbv2 describe-target-groups +For more information, see `Target groups `__ in the *Applicaion Load Balancers Guide*. \ No newline at end of file diff --git a/awscli/examples/elbv2/modify-target-group.rst b/awscli/examples/elbv2/modify-target-group.rst index d967e47c11a0..359b5f387191 100644 --- a/awscli/examples/elbv2/modify-target-group.rst +++ b/awscli/examples/elbv2/modify-target-group.rst @@ -1,33 +1,41 @@ **To modify the health check configuration for a target group** -This example changes the configuration of the health checks used to evaluate the health of the targets for the specified target group. +The following ``modify-target-group`` example changes the configuration of the health checks used to evaluate the health of the targets for the specified target group. Note that due to the way the CLI parses commas, you must surround the range for the ``--matcher`` option with single quotes instead of double quotes. :: -Command:: + aws elbv2 modify-target-group \ + --target-group-arn arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-https-targets/2453ed029918f21f \ + --health-check-protocol HTTPS \ + --health-check-port 443 \ + --matcher HttpCode='200,299' - aws elbv2 modify-target-group --target-group-arn arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-https-targets/2453ed029918f21f --health-check-protocol HTTPS --health-check-port 443 - Output:: - { - "TargetGroups": [ - { - "HealthCheckIntervalSeconds": 30, - "VpcId": "vpc-3ac0fb5f", - "Protocol": "HTTPS", - "HealthCheckTimeoutSeconds": 5, - "HealthCheckProtocol": "HTTPS", - "LoadBalancerArns": [ - "arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188" - ], - "UnhealthyThresholdCount": 2, - "HealthyThresholdCount": 5, - "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-https-targets/2453ed029918f21f", - "Matcher": { - "HttpCode": "200" - }, - "HealthCheckPort": "443", - "Port": 443, - "TargetGroupName": "my-https-targets" - } - ] - } + { + "TargetGroups": [ + { + "TargetGroupArn": "arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-https-targets/2453ed029918f21f", + "TargetGroupName": "my-https-targets", + "Protocol": "HTTPS", + "Port": 443, + "VpcId": "vpc-3ac0fb5f", + "HealthCheckProtocol": "HTTPS", + "HealthCheckPort": "443", + "HealthCheckEnabled": true, + "HealthCheckIntervalSeconds": 30, + "HealthCheckTimeoutSeconds": 5, + "HealthyThresholdCount": 5, + "UnhealthyThresholdCount": 2, + "Matcher": { + "HttpCode": "200,299" + }, + "LoadBalancerArns": [ + "arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188" + ], + "TargetType": "instance", + "ProtocolVersion": "HTTP1", + "IpAddressType": "ipv4" + } + ] + } + +For more information, see `Target groups `__ in the *Applicaion Load Balancers Guide*. \ No newline at end of file diff --git a/awscli/examples/elbv2/remove-tags.rst b/awscli/examples/elbv2/remove-tags.rst index c89c0eb42558..82330b53089b 100644 --- a/awscli/examples/elbv2/remove-tags.rst +++ b/awscli/examples/elbv2/remove-tags.rst @@ -1,6 +1,6 @@ **To remove tags from a load balancer** -The follwoing ``remove-tags`` example removes the ``project`` and ``department`` tags from the specified load balancer. :: +The following ``remove-tags`` example removes the ``project`` and ``department`` tags from the specified load balancer. :: aws elbv2 remove-tags \ --resource-arns arn:aws:elasticloadbalancing:us-west-2:123456789012:loadbalancer/app/my-load-balancer/50dc6c495c0c9188 \ diff --git a/awscli/examples/emr/create-cluster-examples.rst b/awscli/examples/emr/create-cluster-examples.rst index 48ce65946c38..0d8f673f90ec 100644 --- a/awscli/examples/emr/create-cluster-examples.rst +++ b/awscli/examples/emr/create-cluster-examples.rst @@ -114,7 +114,7 @@ The following example references ``configurations.json`` as a local file. :: The following example references ``configurations.json`` as a file in Amazon S3. :: aws emr create-cluster \ - --configurations https://s3.amazonaws.com/myBucket/configurations.json \ + --configurations https://s3.amazonaws.com/amzn-s3-demo-bucket/configurations.json \ --release-label emr-5.9.0 \ --instance-groups InstanceGroupType=MASTER,InstanceCount=1,InstanceType=m4.large InstanceGroupType=CORE,InstanceCount=2,InstanceType=m4.large \ --auto-terminate @@ -223,7 +223,7 @@ The following ``create-cluster`` example uses the ``--enable-debugging`` paramet aws emr create-cluster \ --enable-debugging \ - --log-uri s3://myBucket/myLog \ + --log-uri s3://amzn-s3-demo-bucket/myLog \ --release-label emr-5.9.0 \ --instance-groups InstanceGroupType=MASTER,InstanceCount=1,InstanceType=m4.large InstanceGroupType=CORE,InstanceCount=2,InstanceType=m4.large \ --auto-terminate @@ -357,7 +357,7 @@ The following ``create-cluster`` example adds steps by specifying a JAR file sto Custom JAR steps require the ``Jar=`` parameter, which specifies the path and file name of the JAR. Optional parameters are ``Type``, ``Name``, ``ActionOnFailure``, ``Args``, and ``MainClass``. If main class is not specified, the JAR file should specify ``Main-Class`` in its manifest file. :: aws emr create-cluster \ - --steps Type=CUSTOM_JAR,Name=CustomJAR,ActionOnFailure=CONTINUE,Jar=s3://myBucket/mytest.jar,Args=arg1,arg2,arg3 Type=CUSTOM_JAR,Name=CustomJAR,ActionOnFailure=CONTINUE,Jar=s3://myBucket/mytest.jar,MainClass=mymainclass,Args=arg1,arg2,arg3 \ + --steps Type=CUSTOM_JAR,Name=CustomJAR,ActionOnFailure=CONTINUE,Jar=s3://amzn-s3-demo-bucket/mytest.jar,Args=arg1,arg2,arg3 Type=CUSTOM_JAR,Name=CustomJAR,ActionOnFailure=CONTINUE,Jar=s3://amzn-s3-demo-bucket/mytest.jar,MainClass=mymainclass,Args=arg1,arg2,arg3 \ --release-label emr-5.3.1 \ --instance-groups InstanceGroupType=MASTER,InstanceCount=1,InstanceType=m4.large InstanceGroupType=CORE,InstanceCount=2,InstanceType=m4.large \ --auto-terminate @@ -503,7 +503,7 @@ The following ``create-cluster`` example creates an Amazon EMR cluster that uses aws emr create-cluster \ --release-label emr-5.30.0 \ - --log-uri s3://myBucket/myLog \ + --log-uri s3://amzn-s3-demo-bucket/myLog \ --log-encryption-kms-key-id arn:aws:kms:us-east-1:110302272565:key/dd559181-283e-45d7-99d1-66da348c4d33 \ --instance-groups InstanceGroupType=MASTER,InstanceCount=1,InstanceType=m4.large InstanceGroupType=CORE,InstanceCount=2,InstanceType=m4.large @@ -533,3 +533,18 @@ The following ``create-cluster`` example creates an Amazon EMR cluster that uses --service-role EMR_DefaultRole \ --ec2-attributes InstanceProfile=EMR_EC2_DefaultRole \ --instance-groups InstanceGroupType=MASTER,InstanceCount=1,InstanceType=m4.large InstanceGroupType=CORE,InstanceCount=1,InstanceType=m4.large + +**Example 24: To specify an EBS root volume attributes: size, iops and throughput for cluster instances created with EMR releases 6.15.0 and later** + +The following ``create-cluster`` example creates an Amazon EMR cluster that uses root volume attributes to configure root volumes specifications for the EC2 instances. :: + + aws emr create-cluster \ + --name "Cluster with My Custom AMI" \ + --custom-ami-id ami-a518e6df \ + --ebs-root-volume-size 20 \ + --ebs-root-volume-iops 3000 \ + --ebs-root-volume-throughput 125 \ + --release-label emr-6.15.0 \ + --use-default-roles \ + --instance-count 2 \ + --instance-type m4.large \ No newline at end of file diff --git a/awscli/examples/emr/create-cluster-synopsis.txt b/awscli/examples/emr/create-cluster-synopsis.txt index c59a532a32ab..a3f60c896ecf 100644 --- a/awscli/examples/emr/create-cluster-synopsis.txt +++ b/awscli/examples/emr/create-cluster-synopsis.txt @@ -12,6 +12,7 @@ [--additional-info ] [--ec2-attributes ] [--termination-protected | --no-termination-protected] + [--unhealthy-node-replacement | --no-unhealthy-node-replacement] [--scale-down-behavior ] [--visible-to-all-users | --no-visible-to-all-users] [--enable-debugging | --no-enable-debugging] @@ -24,6 +25,8 @@ [--security-configuration ] [--custom-ami-id ] [--ebs-root-volume-size ] + [--ebs-root-volume-iops ] + [--ebs-root-volume-throughput ] [--repo-upgrade-on-boot ] [--kerberos-attributes ] [--managed-scaling-policy ] diff --git a/awscli/examples/emr/describe-cluster.rst b/awscli/examples/emr/describe-cluster.rst index 1ff4c7b12c8e..218fecd72288 100644 --- a/awscli/examples/emr/describe-cluster.rst +++ b/awscli/examples/emr/describe-cluster.rst @@ -30,6 +30,7 @@ "ServiceRole": "EMR_DefaultRole", "Tags": [], "TerminationProtected": true, + "UnhealthyNodeReplacement": true, "ReleaseLabel": "emr-4.0.0", "NormalizedInstanceHours": 96, "InstanceGroups": [ @@ -126,6 +127,7 @@ "ServiceRole": "EMR_DefaultRole", "Tags": [], "TerminationProtected": false, + "UnhealthyNodeReplacement": false, "ReleaseLabel": "emr-5.2.0", "NormalizedInstanceHours": 472, "InstanceCollectionType": "INSTANCE_FLEET", @@ -200,6 +202,7 @@ "Name": "My Cluster", "Tags": [], "TerminationProtected": true, + "UnhealthyNodeReplacement": true, "RunningAmiVersion": "2.5.4", "InstanceGroups": [ { diff --git a/awscli/examples/emr/schedule-hbase-backup.rst b/awscli/examples/emr/schedule-hbase-backup.rst index 9f9d99de79cd..2c81d52c3323 100644 --- a/awscli/examples/emr/schedule-hbase-backup.rst +++ b/awscli/examples/emr/schedule-hbase-backup.rst @@ -1,28 +1,28 @@ **Note: This command can only be used with HBase on AMI version 2.x and 3.x** -**1. To schedule a full HBase backup** +**1. To schedule a full HBase backup** >>>>>>> 06ab6d6e13564b5733d75abaf3b599f93cf39a23 -- Command:: - - aws emr schedule-hbase-backup --cluster-id j-XXXXXXYY --type full --dir - s3://myBucket/backup --interval 10 --unit hours --start-time - 2014-04-21T05:26:10Z --consistent - -- Output:: - - None - - -**2. To schedule an incremental HBase backup** - -- Command:: - - aws emr schedule-hbase-backup --cluster-id j-XXXXXXYY --type incremental - --dir s3://myBucket/backup --interval 30 --unit minutes --start-time - 2014-04-21T05:26:10Z --consistent - -- Output:: - - None +- Command:: + + aws emr schedule-hbase-backup --cluster-id j-XXXXXXYY --type full --dir + s3://amzn-s3-demo-bucket/backup --interval 10 --unit hours --start-time + 2014-04-21T05:26:10Z --consistent + +- Output:: + + None + + +**2. To schedule an incremental HBase backup** + +- Command:: + + aws emr schedule-hbase-backup --cluster-id j-XXXXXXYY --type incremental + --dir s3://amzn-s3-demo-bucket/backup --interval 30 --unit minutes --start-time + 2014-04-21T05:26:10Z --consistent + +- Output:: + + None diff --git a/awscli/examples/global_options.rst b/awscli/examples/global_options.rst index 088e1be7aeea..2f8c7115e8ae 100644 --- a/awscli/examples/global_options.rst +++ b/awscli/examples/global_options.rst @@ -12,7 +12,7 @@ ``--no-paginate`` (boolean) - Disable automatic pagination. + Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results. ``--output`` (string) diff --git a/awscli/examples/glue/create-job.rst b/awscli/examples/glue/create-job.rst index dd5aca9d6849..57fcfb2b8bf6 100644 --- a/awscli/examples/glue/create-job.rst +++ b/awscli/examples/glue/create-job.rst @@ -7,7 +7,7 @@ The following ``create-job`` example creates a streaming job that runs a script --role AWSGlueServiceRoleDefault \ --command '{ \ "Name": "gluestreaming", \ - "ScriptLocation": "s3://DOC-EXAMPLE-BUCKET/folder/" \ + "ScriptLocation": "s3://amzn-s3-demo-bucket/folder/" \ }' \ --region us-east-1 \ --output json \ diff --git a/awscli/examples/greengrass/create-function-definition-version.rst b/awscli/examples/greengrass/create-function-definition-version.rst index 5023848abbd4..75d33994b4b3 100644 --- a/awscli/examples/greengrass/create-function-definition-version.rst +++ b/awscli/examples/greengrass/create-function-definition-version.rst @@ -1,4 +1,4 @@ -**To create a version of the function defintion** +**To create a version of the function definition** The following ``create-function-definition-version`` example creates a new version of the specified function definition. This version specifies a single function whose ID is ``Hello-World-function``, allows access to the file system, and specifies a maximum memory size and timeout period. :: diff --git a/awscli/examples/greengrass/update-resource-definition.rst b/awscli/examples/greengrass/update-resource-definition.rst index f4b020f20f17..a12bd7289a03 100644 --- a/awscli/examples/greengrass/update-resource-definition.rst +++ b/awscli/examples/greengrass/update-resource-definition.rst @@ -4,7 +4,7 @@ The following ``update-resource-definition`` example updates the name for the sp aws greengrass update-resource-definition \ --resource-definition-id "c8bb9ebc-c3fd-40a4-9c6a-568d75569d38" \ - --name GreengrassConnectorResoruces + --name GreengrassConnectorResources This command produces no output. diff --git a/awscli/examples/guardduty/accept-invitation.rst b/awscli/examples/guardduty/accept-invitation.rst index e9d757df61b8..d82af3c153f9 100644 --- a/awscli/examples/guardduty/accept-invitation.rst +++ b/awscli/examples/guardduty/accept-invitation.rst @@ -6,7 +6,7 @@ The following ``accept-invitation`` example shows how to accept an invitation to --detector-id 12abc34d567e8fa901bc2d34eexample \ --master-id 123456789111 \ --invitation-id d6b94fb03a66ff665f7db8764example - + This command produces no output. -For more information, see `Managing GuardDuty Accounts by Invitation `__ in the GuardDuty User Guide. \ No newline at end of file +For more information, see `Managing GuardDuty accounts by invitation `__ in the GuardDuty User Guide. diff --git a/awscli/examples/guardduty/archive-findings.rst b/awscli/examples/guardduty/archive-findings.rst index 96a878efed02..c67b714ddefb 100644 --- a/awscli/examples/guardduty/archive-findings.rst +++ b/awscli/examples/guardduty/archive-findings.rst @@ -1,11 +1,11 @@ **To archive findings in the current region** -This example shows how to archive findings in the current region. :: +This ``archive-findings`` example shows how to archive findings in the current region. :: aws guardduty archive-findings \ --detector-id 12abc34d567e8fa901bc2d34eexample \ --finding-ids d6b94fb03a66ff665f7db8764example 3eb970e0de00c16ec14e6910fexample -This command produces no output. +This command produces no output. -For more information, see `Managing GuardDuty Accounts by Invitation `__ in the *GuardDuty User Guide*. \ No newline at end of file +For more information, see `Creating suppression rules `__ in the *GuardDuty User Guide*. diff --git a/awscli/examples/guardduty/create-filter.rst b/awscli/examples/guardduty/create-filter.rst index f888154ff8ea..d074dccd4a94 100644 --- a/awscli/examples/guardduty/create-filter.rst +++ b/awscli/examples/guardduty/create-filter.rst @@ -1,17 +1,34 @@ -**To create a new filter for the current region** +**Example 1: To create a new filter in the current region** -This example creates a filter that matches all portscan findings for instance created from a specific image.:: +The following ``create-filter`` example creates a filter that matches all Portscan findings for instance created from a specific image. This does not suppress those findings. :: + + aws guardduty create-filter \ + --detector-id b6b992d6d2f48e64bc59180bfexample \ + --name myFilterExample \ + --finding-criteria '{"Criterion": {"type": {"Eq": ["Recon:EC2/Portscan"]},"resource.instanceDetails.imageId": {"Eq": ["ami-0a7a207083example"]}}}' + +Output:: + + { + "Name": "myFilterExample" + } + +For more information, see `Filtering GuardDuty findings `__ in the *GuardDuty User Guide*. + +**Example 2: To create a new filter and suppress findings in the current region** + +The following ``create-filter`` example creates a filter that matches all Portscan findings for instance created from a specific image. This filter archives those findings so that they do not appear in your current findings. :: aws guardduty create-filter \ --detector-id b6b992d6d2f48e64bc59180bfexample \ --action ARCHIVE \ - --name myFilter \ + --name myFilterSecondExample \ --finding-criteria '{"Criterion": {"type": {"Eq": ["Recon:EC2/Portscan"]},"resource.instanceDetails.imageId": {"Eq": ["ami-0a7a207083example"]}}}' Output:: { - "Name": "myFilter" + "Name": "myFilterSecondExample" } -For more information, see `Filtering findings `__ in the *GuardDuty User Guide*. +For more information, see `Filtering GuardDuty findings `__ in the *GuardDuty User Guide*. diff --git a/awscli/examples/guardduty/create-ip-set.rst b/awscli/examples/guardduty/create-ip-set.rst index 14cf6d3d38a1..580049c4e202 100644 --- a/awscli/examples/guardduty/create-ip-set.rst +++ b/awscli/examples/guardduty/create-ip-set.rst @@ -1,18 +1,18 @@ -**To create a trusted IP set** +**To create and activate a trusted IP set** -The following ``create-ip-set`` example creates and activates a trusted IP set in the current region. :: +The following ``create-ip-set`` example creates and activates a trusted IP set in the current Region. :: aws guardduty create-ip-set \ --detector-id 12abc34d567e8fa901bc2d34eexample \ - --name new-ip-set \ - --format TXT - --location s3://AWSDOC-EXAMPLE-BUCKET/customtrustlist.csv + --name new-ip-set-example \ + --format TXT \ + --location s3://amzn-s3-demo-bucket/customtrustlist.csv \ --activate Output:: - + { "IpSetId": "d4b94fc952d6912b8f3060768example" } -For more information, see `Working with Trusted IP Lists and Threat Lists `__ in the GuardDuty User Guide. \ No newline at end of file +For more information, see `Working with Trusted IP Lists and Threat Lists `__ in the *GuardDuty User Guide*. \ No newline at end of file diff --git a/awscli/examples/guardduty/create-publishing-destination.rst b/awscli/examples/guardduty/create-publishing-destination.rst index 2321d5394cfc..5d5e883cfef3 100644 --- a/awscli/examples/guardduty/create-publishing-destination.rst +++ b/awscli/examples/guardduty/create-publishing-destination.rst @@ -1,11 +1,11 @@ **To create a publishing destination to export GuardDuty findings in the current region to.** -This example shows how to create a publishing destination for GuardDuty findings. :: +The following ``create-publishing-destination`` example shows how to set up a publishing destination to export current (not archived) GuardDuty findings to keep track of historical findings data. :: aws guardduty create-publishing-destination \ --detector-id b6b992d6d2f48e64bc59180bfexample \ --destination-type S3 \ - --destination-properties DestinationArn=arn:aws:s3:::yourbucket,KmsKeyArn=arn:aws:kms:us-west-1:111122223333:key/84cee9c5-dea1-401a-ab6d-e1de7example + --destination-properties 'DestinationArn=arn:aws:s3:::amzn-s3-demo-bucket,KmsKeyArn=arn:aws:kms:us-west-1:111122223333:key/84cee9c5-dea1-401a-ab6d-e1de7example' Output:: @@ -13,4 +13,4 @@ Output:: "DestinationId": "46b99823849e1bbc242dfbe3cexample" } -For more information, see `Exporting findings `__ in the *GuardDuty User Guide*. \ No newline at end of file +For more information, see `Exporting generated GuardDuty findings to Amazon S3 buckets `__ in the *GuardDuty User Guide*. \ No newline at end of file diff --git a/awscli/examples/guardduty/create-threat-intel-set.rst b/awscli/examples/guardduty/create-threat-intel-set.rst index 045f812532e6..aecffff3e69f 100644 --- a/awscli/examples/guardduty/create-threat-intel-set.rst +++ b/awscli/examples/guardduty/create-threat-intel-set.rst @@ -1,12 +1,12 @@ -**To create a new threat intel set in the current region.** +**To create and activate a new threat intel set** -This example shows how to upload a threat intel set to GuardDuty and activate it immediately. :: +The following ``create-threat-intel-set`` example creates and activates a threat intel set in the current Region. :: aws guardduty create-threat-intel-set \ --detector-id b6b992d6d2f48e64bc59180bfexample \ - --name myThreatSet \ + --name myThreatSet-example \ --format TXT \ - --location s3://EXAMPLEBUCKET/threatlist.csv \ + --location s3://amzn-s3-demo-bucket/threatlist.csv \ --activate Output:: @@ -15,4 +15,4 @@ Output:: "ThreatIntelSetId": "20b9a4691aeb33506b808878cexample" } -For more information, see `Trusted IP and threat lists `__ in the *GuardDuty User Guide*. +For more information, see `Working with Trusted IP Lists and Threat Lists `__ in the *GuardDuty User Guide*. diff --git a/awscli/examples/guardduty/disassociate-from-master-account.rst b/awscli/examples/guardduty/disassociate-from-master-account.rst index 5e91537cab68..3159006ad7c6 100644 --- a/awscli/examples/guardduty/disassociate-from-master-account.rst +++ b/awscli/examples/guardduty/disassociate-from-master-account.rst @@ -1,10 +1,10 @@ -**To disassociate from your current master account in the current region** +**To disassociate from your current administrator account in the current region** -The following ``disassociate-from-master-account`` example dissassociates your account from the current GuardDuty master account in the current AWS region. :: +The following ``disassociate-from-master-account`` example dissassociates your account from the current GuardDuty administrator account in the current AWS region. :: aws guardduty disassociate-from-master-account \ --detector-id d4b040365221be2b54a6264dcexample This command produces no output. -For more information, see `Understanding the Relationship between GuardDuty Master and Member Accounts `__ in the GuardDuty User Guide. \ No newline at end of file +For more information, see `Understanding the relationship between GuardDuty administrator account and member accounts `__ in the *GuardDuty User Guide*. diff --git a/awscli/examples/guardduty/get-ip-set.rst b/awscli/examples/guardduty/get-ip-set.rst index c86bbdb23175..8a8acc04c596 100644 --- a/awscli/examples/guardduty/get-ip-set.rst +++ b/awscli/examples/guardduty/get-ip-set.rst @@ -1,6 +1,6 @@ **To list get details on a specified trusted IP set** -The following ``get-ip-set`` example shows the status and details of the specififed trusted IP set. :: +The following ``get-ip-set`` example shows the status and details of the specified trusted IP set. :: aws guardduty get-ip-set \ --detector-id 12abc34d567e8fa901bc2d34eexample \ @@ -10,10 +10,10 @@ Output:: { "Status": "ACTIVE", - "Location": "s3://AWSDOC-EXAMPLE-BUCKET.s3-us-west-2.amazonaws.com/customlist.csv", + "Location": "s3://amzn-s3-demo-bucket.s3-us-west-2.amazonaws.com/customlist.csv", "Tags": {}, "Format": "TXT", - "Name": "test-ip-set" + "Name": "test-ip-set-example" } -For more information, see `Working with Trusted IP Lists and Threat Lists `__ in the GuardDuty User Guide. \ No newline at end of file +For more information, see `Working with Trusted IP Lists and Threat Lists `__ in the *GuardDuty User Guide*. diff --git a/awscli/examples/guardduty/get-master-account.rst b/awscli/examples/guardduty/get-master-account.rst index 50fb80a900fd..11d9e6699408 100644 --- a/awscli/examples/guardduty/get-master-account.rst +++ b/awscli/examples/guardduty/get-master-account.rst @@ -12,8 +12,8 @@ Output:: "InvitationId": "04b94d9704854a73f94e061e8example", "InvitedAt": "2020-06-09T22:23:04.970Z", "RelationshipStatus": "Enabled", - "AccountId": "123456789111" + "AccountId": "111122223333" } } -For more information, see `Understanding the Relationship between GuardDuty Master and Member Accounts `__ in the GuardDuty User Guide. \ No newline at end of file +For more information, see `Understanding the relationship between GuardDuty administrator account and member account `__ in the *GuardDuty User Guide*. \ No newline at end of file diff --git a/awscli/examples/guardduty/list-findings.rst b/awscli/examples/guardduty/list-findings.rst index 8a659447a799..59dc17950b54 100644 --- a/awscli/examples/guardduty/list-findings.rst +++ b/awscli/examples/guardduty/list-findings.rst @@ -19,7 +19,7 @@ Output:: For more information, see `Findings `__ in the GuardDuty User Guide. -**Example 2: To list findings for the current region matching a specfic finding criteria** +**Example 2: To list findings for the current region matching a specific finding criteria** The following ``list-findings`` example displays a list of all findingIds that match a specified finding type. :: @@ -42,7 +42,7 @@ Output:: For more information, see `Findings `__ in the GuardDuty User Guide. -**Example 3: To list findings for the current region matching a specfic set of finding criteria defined within a JSON file** +**Example 3: To list findings for the current region matching a specific set of finding criteria defined within a JSON file** The following ``list-findings`` example displays a list of all findingIds that are not archived, and involve the IAM user named "testuser", as specified in a JSON file. :: diff --git a/awscli/examples/guardduty/list-members.rst b/awscli/examples/guardduty/list-members.rst index b203777b1fd0..435d5a1c2f35 100644 --- a/awscli/examples/guardduty/list-members.rst +++ b/awscli/examples/guardduty/list-members.rst @@ -1,24 +1,51 @@ -**To list all members in the current region** +**Example 1: To list only current members in the current Region** -The following ``list-members`` example lists all member accounts and their details for the current region. :: +The following ``list-members`` example lists and provides details of only current member accounts associated with the GuardDuty administrator account, in the current region. :: aws guardduty list-members \ - --detector-id 12abc34d567e8fa901bc2d34eexample + --detector-id 12abc34d567e8fa901bc2d34eexample \ + --only-associated="true" Output:: - + { "Members": [ { "RelationshipStatus": "Enabled", "InvitedAt": "2020-06-09T22:49:00.910Z", - "MasterId": "123456789111", + "MasterId": "111122223333", "DetectorId": "7ab8b2f61b256c87f793f6a86example", "UpdatedAt": "2020-06-09T23:08:22.512Z", "Email": "your+member@example.com", - "AccountId": "123456789222" + "AccountId": "123456789012" + } + ] + } + +For more information, see `Understanding the relationship between GuardDuty administrator account and member accounts `__ in the *GuardDuty User Guide*. + +**Example 2: To list all the members in the current Region** + +The following ``list-members`` example lists and provides details of all the member accounts, including those who have been disassociated or have not yet accepted the invite from the GuardDuty administrator, in the current region. :: + + aws guardduty list-members \ + --detector-id 12abc34d567e8fa901bc2d34eexample \ + --only-associated="false" + +Output:: + + { + "Members": [ + { + "RelationshipStatus": "Enabled", + "InvitedAt": "2020-06-09T22:49:00.910Z", + "MasterId": "111122223333", + "DetectorId": "7ab8b2f61b256c87f793f6a86example", + "UpdatedAt": "2020-06-09T23:08:22.512Z", + "Email": "your+other+member@example.com", + "AccountId": "555555555555" } ] } -For more information, see `Understanding the Relationship between GuardDuty Master and Member Accounts `__ in the GuardDuty User Guide. \ No newline at end of file +For more information, see `Understanding the relationship between GuardDuty administrator account and member accounts `__ in the *GuardDuty User Guide*. diff --git a/awscli/examples/guardduty/update-ip-set.rst b/awscli/examples/guardduty/update-ip-set.rst index f75955210d86..fce7c381705f 100644 --- a/awscli/examples/guardduty/update-ip-set.rst +++ b/awscli/examples/guardduty/update-ip-set.rst @@ -5,8 +5,8 @@ The following ``update-ip-set`` example shows how to update the details of a tru aws guardduty update-ip-set \ --detector-id 12abc34d567e8fa901bc2d34eexample \ --ip-set-id d4b94fc952d6912b8f3060768example \ - --location https://AWSDOC-EXAMPLE-BUCKET.s3-us-west-2.amazonaws.com/customtrustlist2.csv + --location https://amzn-s3-demo-bucket.s3-us-west-2.amazonaws.com/customtrustlist2.csv This command produces no output. -For more information, see `Working with Trusted IP Lists and Threat Lists `__ in the GuardDuty User Guide. \ No newline at end of file +For more information, see `Working with Trusted IP Lists and Threat Lists `__ in the *GuardDuty User Guide*. diff --git a/awscli/examples/healthlake/create-fhir-datastore.rst b/awscli/examples/healthlake/create-fhir-datastore.rst index 3921476a6eb7..f2114244b770 100644 --- a/awscli/examples/healthlake/create-fhir-datastore.rst +++ b/awscli/examples/healthlake/create-fhir-datastore.rst @@ -1,20 +1,47 @@ -**To create a FHIR Data Store.** +**Example 1: Create a SigV4-enabled HealthLake data store** -The following ``create-fhir-datastore`` example demonstrates how to create a new Data Store in Amazon HealthLake. :: +The following ``create-fhir-datastore`` example demonstrates how to create a new data store in AWS HealthLake. :: aws healthlake create-fhir-datastore \ - --region us-east-1 \ - --datastore-type-version R4 \ --datastore-type-version R4 \ --datastore-name "FhirTestDatastore" Output:: { - "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore/(Datastore ID)/r4/", - "DatastoreArn": "arn:aws:healthlake:us-east-1:(AWS Account ID):datastore/(Datastore ID)", + "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore/(Data store ID)/r4/", + "DatastoreArn": "arn:aws:healthlake:us-east-1:(AWS Account ID):datastore/(Data store ID)", + "DatastoreStatus": "CREATING", + "DatastoreId": "(Data store ID)" + } + +**Example 2: Create a SMART on FHIR-enabled HealthLake data store** + +The following ``create-fhir-datastore`` example demonstrates how to create a new SMART on FHIR-enabled data store in AWS HealthLake. :: + + aws healthlake create-fhir-datastore \ + --datastore-name "your-data-store-name" \ + --datastore-type-version R4 \ + --preload-data-config PreloadDataType="SYNTHEA" \ + --sse-configuration '{ "KmsEncryptionConfig": { "CmkType": "CUSTOMER_MANAGED_KMS_KEY", "KmsKeyId": "arn:aws:kms:us-east-1:your-account-id:key/your-key-id" } }' \ + --identity-provider-configuration file://identity_provider_configuration.json + +Contents of ``identity_provider_configuration.json``:: + + { + "AuthorizationStrategy": "SMART_ON_FHIR_V1", + "FineGrainedAuthorizationEnabled": true, + "IdpLambdaArn": "arn:aws:lambda:your-region:your-account-id:function:your-lambda-name", + "Metadata": "{\"issuer\":\"https://ehr.example.com\", \"jwks_uri\":\"https://ehr.example.com/.well-known/jwks.json\",\"authorization_endpoint\":\"https://ehr.example.com/auth/authorize\",\"token_endpoint\":\"https://ehr.token.com/auth/token\",\"token_endpoint_auth_methods_supported\":[\"client_secret_basic\",\"foo\"],\"grant_types_supported\":[\"client_credential\",\"foo\"],\"registration_endpoint\":\"https://ehr.example.com/auth/register\",\"scopes_supported\":[\"openId\",\"profile\",\"launch\"],\"response_types_supported\":[\"code\"],\"management_endpoint\":\"https://ehr.example.com/user/manage\",\"introspection_endpoint\":\"https://ehr.example.com/user/introspect\",\"revocation_endpoint\":\"https://ehr.example.com/user/revoke\",\"code_challenge_methods_supported\":[\"S256\"],\"capabilities\":[\"launch-ehr\",\"sso-openid-connect\",\"client-public\"]}" + } + +Output:: + + { + "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore/(Data store ID)/r4/", + "DatastoreArn": "arn:aws:healthlake:us-east-1:(AWS Account ID):datastore/(Data store ID)", "DatastoreStatus": "CREATING", - "DatastoreId": "(Datastore ID)" + "DatastoreId": "(Data store ID)" } -For more information, see `Creating and monitoring a FHIR Data Store `__ in the *Amazon HealthLake Developer Guide*. +For more information, see `Creating and monitoring a FHIR data store `__ in the *AWS HealthLake Developer Guide*. diff --git a/awscli/examples/healthlake/delete-fhir-datastore.rst b/awscli/examples/healthlake/delete-fhir-datastore.rst index 7d8272d4febe..d4668f95dd6f 100644 --- a/awscli/examples/healthlake/delete-fhir-datastore.rst +++ b/awscli/examples/healthlake/delete-fhir-datastore.rst @@ -1,18 +1,17 @@ -**To delete a FHIR Data Store** +**To delete a FHIR data store** -The following ``delete-fhir-datastore`` example demonstrates how to delete a Data Store and all of its contents in Amazon HealthLake. :: +The following ``delete-fhir-datastore`` example demonstrates how to delete a data store and all of its contents in AWS HealthLake. :: aws healthlake delete-fhir-datastore \ - --datastore-id (Data Store ID) \ - --region us-east-1 + --datastore-id (Data store ID) Output:: { - "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore/(Datastore ID)/r4/", - "DatastoreArn": "arn:aws:healthlake:us-east-1:(AWS Account ID):datastore/(Datastore ID)", + "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore/(Data store ID)/r4/", + "DatastoreArn": "arn:aws:healthlake:us-east-1:(AWS Account ID):datastore/(Data store ID)", "DatastoreStatus": "DELETING", - "DatastoreId": "(Datastore ID)" + "DatastoreId": "(Data store ID)" } -For more information, see `Creating and monitoring a FHIR Data Store ` in the *Amazon HealthLake Developer Guide*. +For more information, see `Creating and monitoring a FHIR data store ` in the *AWS HealthLake Developer Guide*. diff --git a/awscli/examples/healthlake/describe-fhir-datastore.rst b/awscli/examples/healthlake/describe-fhir-datastore.rst index 8de511924d5d..3c58363f11dd 100644 --- a/awscli/examples/healthlake/describe-fhir-datastore.rst +++ b/awscli/examples/healthlake/describe-fhir-datastore.rst @@ -1,10 +1,9 @@ -**To describe a FHIR Data Store** +**To describe a FHIR data store** -The following ``describe-fhir-datastore`` example demonstrates how to find the properties of a Data Store in Amazon HealthLake. :: +The following ``describe-fhir-datastore`` example demonstrates how to find the properties of a data store in AWS HealthLake. :: aws healthlake describe-fhir-datastore \ - --datastore-id "1f2f459836ac6c513ce899f9e4f66a59" \ - --region us-east-1 + --datastore-id "1f2f459836ac6c513ce899f9e4f66a59" Output:: @@ -14,13 +13,24 @@ Output:: "PreloadDataConfig": { "PreloadDataType": "SYNTHEA" }, - "DatastoreName": "FhirTestDatastore", - "DatastoreArn": "arn:aws:healthlake:us-east-1:(AWS Account ID):datastore/(Datastore ID)", - "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore/(Datastore ID)/r4/", - "DatastoreStatus": "CREATING", + "SseConfiguration": { + "KmsEncryptionConfig": { + "CmkType": "CUSTOMER_MANAGED_KMS_KEY", + "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + } + }, + "DatastoreName": "Demo", + "DatastoreArn": "arn:aws:healthlake:us-east-1::datastore/", + "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore//r4/", + "DatastoreStatus": "ACTIVE", "DatastoreTypeVersion": "R4", - "DatastoreId": "(Datastore ID)" + "CreatedAt": 1603761064.881, + "DatastoreId": "", + "IdentityProviderConfiguration": { + "AuthorizationStrategy": "AWS_AUTH", + "FineGrainedAuthorizationEnabled": false + } } } -For more information, see `Creating and monitoring a FHIR Data Stores `__ in the *Amazon HealthLake Developer Guide*. +For more information, see `Creating and monitoring a FHIR data stores `__ in the *AWS HealthLake Developer Guide*. diff --git a/awscli/examples/healthlake/describe-fhir-export-job.rst b/awscli/examples/healthlake/describe-fhir-export-job.rst index 74b35572b1b2..94369576516d 100644 --- a/awscli/examples/healthlake/describe-fhir-export-job.rst +++ b/awscli/examples/healthlake/describe-fhir-export-job.rst @@ -1,9 +1,9 @@ **To describe a FHIR export job** -The following ``describe-fhir-export-job`` example shows how to find the properties of a FHIR export job in Amazon HealthLake. :: +The following ``describe-fhir-export-job`` example shows how to find the properties of a FHIR export job in AWS HealthLake. :: aws healthlake describe-fhir-export-job \ - --datastore-id (Datastore ID) \ + --datastore-id (Data store ID) \ --job-id 9b9a51943afaedd0a8c0c26c49135a31 Output:: @@ -13,12 +13,17 @@ Output:: "DataAccessRoleArn": "arn:aws:iam::(AWS Account ID):role/(Role Name)", "JobStatus": "IN_PROGRESS", "JobId": "9009813e9d69ba7cf79bcb3468780f16", - "SubmitTime": 1609175692.715, + "SubmitTime": "2024-11-20T11:31:46.672000-05:00", + "EndTime": "2024-11-20T11:34:01.636000-05:00", "OutputDataConfig": { - "S3Uri": "s3://(Bucket Name)/(Prefix Name)/59593b2d0367ce252b5e66bf5fd6b574-FHIR_EXPORT-9009813e9d69ba7cf79bcb3468780f16/" + "S3Configuration": { + "S3Uri": "s3://(Bucket Name)/(Prefix Name)/", + "KmsKeyId": "arn:aws:kms:us-east-1:012345678910:key/d330e7fc-b56c-4216-a250-f4c43ef46e83" + } + }, - "DatastoreId": "(Datastore ID)" + "DatastoreId": "(Data store ID)" } } -For more information, see `Exporting files from a FHIR Data Store `__ in the *Amazon HealthLake Developer Guide*. +For more information, see `Exporting files from a FHIR data store `__ in the *AWS HealthLake Developer Guide*. diff --git a/awscli/examples/healthlake/describe-fhir-import-job.rst b/awscli/examples/healthlake/describe-fhir-import-job.rst index 0df4adbc3da5..26b80f7eafd2 100644 --- a/awscli/examples/healthlake/describe-fhir-import-job.rst +++ b/awscli/examples/healthlake/describe-fhir-import-job.rst @@ -1,11 +1,10 @@ **To describe a FHIR import job** -The following ``describe-fhir-import-job`` example shows how to learn the properties of a FHIR import job using Amazon HealthLake. :: +The following ``describe-fhir-import-job`` example shows how to learn the properties of a FHIR import job using AWS HealthLake. :: aws healthlake describe-fhir-import-job \ - --datastore-id (Datastore ID) \ - --job-id c145fbb27b192af392f8ce6e7838e34f \ - --region us-east-1 + --datastore-id (Data store ID) \ + --job-id c145fbb27b192af392f8ce6e7838e34f Output:: @@ -20,8 +19,8 @@ Output:: "JobId": "c145fbb27b192af392f8ce6e7838e34f", "SubmitTime": 1606272542.161, "EndTime": 1606272609.497, - "DatastoreId": "(Datastore ID)" + "DatastoreId": "(Data store ID)" } } -For more information, see `Importing files to a FHIR Data Store `__ in the *Amazon HealthLake Developer Guide*. +For more information, see `Importing files to a FHIR data store `__ in the *AWS HealthLake Developer Guide*. diff --git a/awscli/examples/healthlake/list-fhir-datastores.rst b/awscli/examples/healthlake/list-fhir-datastores.rst index 0936d0166d41..9169a61c245e 100644 --- a/awscli/examples/healthlake/list-fhir-datastores.rst +++ b/awscli/examples/healthlake/list-fhir-datastores.rst @@ -1,9 +1,8 @@ -**To list FHIR Data Stores** +**To list FHIR data stores** -The following ``list-fhir-datastores`` example shows to how to use the command and how users can filter results based on Data Store status in Amazon HealthLake. :: +The following ``list-fhir-datastores`` example shows to how to use the command and how users can filter results based on data store status in AWS HealthLake. :: aws healthlake list-fhir-datastores \ - --region us-east-1 \ --filter DatastoreStatus=ACTIVE Output:: @@ -14,24 +13,25 @@ Output:: "PreloadDataConfig": { "PreloadDataType": "SYNTHEA" }, - "DatastoreName": "FhirTestDatastore", - "DatastoreArn": "arn:aws:healthlake:us-east-1::datastore/", - "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore//r4/", - "DatastoreStatus": "ACTIVE", - "DatastoreTypeVersion": "R4", - "CreatedAt": 1605574003.209, - "DatastoreId": "" - }, - { + "SseConfiguration": { + "KmsEncryptionConfig": { + "CmkType": "CUSTOMER_MANAGED_KMS_KEY", + "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + } + }, "DatastoreName": "Demo", - "DatastoreArn": "arn:aws:healthlake:us-east-1::datastore/", - "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore//r4/", + "DatastoreArn": "arn:aws:healthlake:us-east-1::datastore/", + "DatastoreEndpoint": "https://healthlake.us-east-1.amazonaws.com/datastore//r4/", "DatastoreStatus": "ACTIVE", "DatastoreTypeVersion": "R4", "CreatedAt": 1603761064.881, - "DatastoreId": "" + "DatastoreId": "", + "IdentityProviderConfiguration": { + "AuthorizationStrategy": "AWS_AUTH", + "FineGrainedAuthorizationEnabled": false + } } ] } -For more information, see `Creating and monitoring a FHIR Data Store `__ in the *Amazon HealthLake Developer Guide*. +For more information, see `Creating and monitoring a FHIR data store `__ in the *AWS HealthLake Developer Guide*. diff --git a/awscli/examples/healthlake/list-fhir-export-jobs.rst b/awscli/examples/healthlake/list-fhir-export-jobs.rst index a4f123de4df4..7e45c19088eb 100644 --- a/awscli/examples/healthlake/list-fhir-export-jobs.rst +++ b/awscli/examples/healthlake/list-fhir-export-jobs.rst @@ -3,7 +3,7 @@ The following ``list-fhir-export-jobs`` example shows how to use the command to view a list of export jobs associated with an account. :: aws healthlake list-fhir-export-jobs \ - --datastore-id (Datastore ID) \ + --datastore-id (Data store ID) \ --submitted-before (DATE like 2024-10-13T19:00:00Z)\ --submitted-after (DATE like 2020-10-13T19:00:00Z )\ --job-name "FHIR-EXPORT" \ @@ -13,23 +13,26 @@ The following ``list-fhir-export-jobs`` example shows how to use the command to Output:: { - "ExportJobProperties": { - "OutputDataConfig": { - "S3Uri": "s3://(Bucket Name)/(Prefix Name)/" - "S3Configuration": { - "S3Uri": "s3://(Bucket Name)/(Prefix Name)/", - "KmsKeyId" : "(KmsKey Id)" - }, - }, - "DataAccessRoleArn": "arn:aws:iam::(AWS Account ID):role/(Role Name)", - "JobStatus": "COMPLETED", - "JobId": "c145fbb27b192af392f8ce6e7838e34f", - "JobName" "FHIR-EXPORT", - "SubmitTime": 1606272542.161, - "EndTime": 1606272609.497, - "DatastoreId": "(Datastore ID)" - } + "ExportJobPropertiesList": [ + { + "ExportJobProperties": { + "OutputDataConfig": { + "S3Uri": "s3://(Bucket Name)/(Prefix Name)/", + "S3Configuration": { + "S3Uri": "s3://(Bucket Name)/(Prefix Name)/", + "KmsKeyId": "(KmsKey Id)" + } + }, + "DataAccessRoleArn": "arn:aws:iam::(AWS Account ID):role/(Role Name)", + "JobStatus": "COMPLETED", + "JobId": "c145fbb27b192af392f8ce6e7838e34f", + "JobName": "FHIR-EXPORT", + "SubmitTime": "2024-11-20T11:31:46.672000-05:00", + "EndTime": "2024-11-20T11:34:01.636000-05:00", + "DatastoreId": "(Data store ID)" + } + } + ] } - "NextToken": String -For more information, see `Exporting files from a FHIR Data Store `__ in the Amazon HealthLake Developer Guide. \ No newline at end of file +For more information, see `Exporting files from a FHIR data store `__ in the AWS HealthLake Developer Guide. \ No newline at end of file diff --git a/awscli/examples/healthlake/list-fhir-import-jobs.rst b/awscli/examples/healthlake/list-fhir-import-jobs.rst index 25e6312e41fe..428df7220d93 100644 --- a/awscli/examples/healthlake/list-fhir-import-jobs.rst +++ b/awscli/examples/healthlake/list-fhir-import-jobs.rst @@ -3,7 +3,7 @@ The following ``list-fhir-import-jobs`` example shows how to use the command to view a list of all import jobs associated with an account. :: aws healthlake list-fhir-import-jobs \ - --datastore-id (Datastore ID) \ + --datastore-id (Data store ID) \ --submitted-before (DATE like 2024-10-13T19:00:00Z) \ --submitted-after (DATE like 2020-10-13T19:00:00Z ) \ --job-name "FHIR-IMPORT" \ @@ -13,23 +13,36 @@ The following ``list-fhir-import-jobs`` example shows how to use the command to Output:: { - "ImportJobProperties": { - "OutputDataConfig": { - "S3Uri": "s3://(Bucket Name)/(Prefix Name)/", + "ImportJobPropertiesList": [ + { + "JobId": "c0fddbf76f238297632d4aebdbfc9ddf", + "JobStatus": "COMPLETED", + "SubmitTime": "2024-11-20T10:08:46.813000-05:00", + "EndTime": "2024-11-20T10:10:09.093000-05:00", + "DatastoreId": "(Data store ID)", + "InputDataConfig": { + "S3Uri": "s3://(Bucket Name)/(Prefix Name)/" + }, + "JobOutputDataConfig": { "S3Configuration": { - "S3Uri": "s3://(Bucket Name)/(Prefix Name)/", - "KmsKeyId" : "(KmsKey Id)" - }, - }, - "DataAccessRoleArn": "arn:aws:iam::(AWS Account ID):role/(Role Name)", - "JobStatus": "COMPLETED", - "JobId": "c145fbb27b192af392f8ce6e7838e34f", - "JobName" "FHIR-IMPORT", - "SubmitTime": 1606272542.161, - "EndTime": 1606272609.497, - "DatastoreId": "(Datastore ID)" - } + "S3Uri": "s3://(Bucket Name)/import/6407b9ae4c2def3cb6f1a46a0c599ec0-FHIR_IMPORT-c0fddbf76f238297632d4aebdbfc9ddf/", + "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/b7f645cb-e564-4981-8672-9e012d1ff1a0" + } + }, + "JobProgressReport": { + "TotalNumberOfScannedFiles": 1, + "TotalSizeOfScannedFilesInMB": 0.001798, + "TotalNumberOfImportedFiles": 1, + "TotalNumberOfResourcesScanned": 1, + "TotalNumberOfResourcesImported": 1, + "TotalNumberOfResourcesWithCustomerError": 0, + "TotalNumberOfFilesReadWithCustomerError": 0, + "Throughput": 0.0 + }, + "DataAccessRoleArn": "arn:aws:iam::(AWS Account ID):role/(Role Name)" + } + ] } - "NextToken": String -For more information, see `Importing files to FHIR Data Store `__ in the Amazon HealthLake Developer Guide. \ No newline at end of file + +For more information, see `Importing files to FHIR data store `__ in the AWS HealthLake Developer Guide. \ No newline at end of file diff --git a/awscli/examples/healthlake/list-tags-for-resource.rst b/awscli/examples/healthlake/list-tags-for-resource.rst index 85e30b32de8b..47b227316e26 100644 --- a/awscli/examples/healthlake/list-tags-for-resource.rst +++ b/awscli/examples/healthlake/list-tags-for-resource.rst @@ -1,10 +1,9 @@ -**To list tags for a Data Store** +**To list tags for a data store** -The following ``list-tags-for-resource`` example lists the tags associated with the specified Data Store.:: +The following ``list-tags-for-resource`` example lists the tags associated with the specified data store.:: aws healthlake list-tags-for-resource \ - --resource-arn "arn:aws:healthlake:us-east-1:674914422125:datastore/fhir/0725c83f4307f263e16fd56b6d8ebdbe" \ - --region us-east-1 + --resource-arn "arn:aws:healthlake:us-east-1:123456789012:datastore/fhir/0725c83f4307f263e16fd56b6d8ebdbe" Output:: @@ -15,4 +14,4 @@ Output:: } } -For more information, see `Tagging resources in Amazon HealthLake `__ in the Amazon HealthLake Developer Guide. \ No newline at end of file +For more information, see `Tagging resources in AWS HealthLake `__ in the AWS HealthLake Developer Guide. \ No newline at end of file diff --git a/awscli/examples/healthlake/start-fhir-export-job.rst b/awscli/examples/healthlake/start-fhir-export-job.rst index 7bcc929f1323..034b67188d0f 100644 --- a/awscli/examples/healthlake/start-fhir-export-job.rst +++ b/awscli/examples/healthlake/start-fhir-export-job.rst @@ -1,18 +1,18 @@ **To start a FHIR export job** -The following ``start-fhir-export-job`` example shows how to start a FHIR export job using Amazon HealthLake. :: +The following ``start-fhir-export-job`` example shows how to start a FHIR export job using AWS HealthLake. :: aws healthlake start-fhir-export-job \ - --output-data-config S3Uri="s3://(Bucket Name)/(Prefix Name)/" \ - --datastore-id (Datastore ID) \ + --output-data-config '{"S3Configuration": {"S3Uri":"s3://(Bucket Name)/(Prefix Name)/","KmsKeyId":"arn:aws:kms:us-east-1:012345678910:key/d330e7fc-b56c-4216-a250-f4c43ef46e83"}}' \ + --datastore-id (Data store ID) \ --data-access-role-arn arn:aws:iam::(AWS Account ID):role/(Role Name) Output:: { - "DatastoreId": "(Datastore ID)", + "DatastoreId": "(Data store ID)", "JobStatus": "SUBMITTED", "JobId": "9b9a51943afaedd0a8c0c26c49135a31" } -For more information, see `Exporting files from a FHIR Data Store `__ in the *Amazon HealthLake Developer Guide*. +For more information, see `Exporting files from a FHIR data store `__ in the *AWS HealthLake Developer Guide*. diff --git a/awscli/examples/healthlake/start-fhir-import-job.rst b/awscli/examples/healthlake/start-fhir-import-job.rst index 040e0af38a52..15018ce283f3 100644 --- a/awscli/examples/healthlake/start-fhir-import-job.rst +++ b/awscli/examples/healthlake/start-fhir-import-job.rst @@ -1,19 +1,20 @@ **To start a FHIR import job** -The following ``start-fhir-import-job`` example shows how to start a FHIR import job using Amazon HealthLake. :: +The following ``start-fhir-import-job`` example shows how to start a FHIR import job using AWS HealthLake. :: aws healthlake start-fhir-import-job \ --input-data-config S3Uri="s3://(Bucket Name)/(Prefix Name)/" \ - --datastore-id (Datastore ID) \ - --data-access-role-arn "arn:aws:iam::(AWS Account ID):role/(Role Name)" \ - --region us-east-1 + --job-output-data-config '{"S3Configuration": {"S3Uri":"s3://(Bucket Name)/(Prefix Name)/","KmsKeyId":"arn:aws:kms:us-east-1:012345678910:key/d330e7fc-b56c-4216-a250-f4c43ef46e83"}}' \ + --datastore-id (Data store ID) \ + --data-access-role-arn "arn:aws:iam::(AWS Account ID):role/(Role Name)" Output:: { - "DatastoreId": "(Datastore ID)", + "DatastoreId": "(Data store ID)", "JobStatus": "SUBMITTED", "JobId": "c145fbb27b192af392f8ce6e7838e34f" } -For more information, see `Importing files to a FHIR Data Store 'https://docs.aws.amazon.com/healthlake/latest/devguide/import-datastore.html`__ in the *Amazon HeatlhLake Developer Guide*. +For more information, see `Importing files to a FHIR data store `__ in the *AWS HealthLake Developer Guide*. + diff --git a/awscli/examples/healthlake/tag-resource.rst b/awscli/examples/healthlake/tag-resource.rst index a62dca35a508..2411ff7c9208 100644 --- a/awscli/examples/healthlake/tag-resource.rst +++ b/awscli/examples/healthlake/tag-resource.rst @@ -1,12 +1,11 @@ -**To add a tag to Data Store** +**To add a tag to data store** -The following ``tag-resource`` example shows how to add a tag to a Data Store. :: +The following ``tag-resource`` example shows how to add a tag to a data store. :: aws healthlake tag-resource \ - --resource-arn "arn:aws:healthlake:us-east-1:691207106566:datastore/fhir/0725c83f4307f263e16fd56b6d8ebdbe" \ - --tags '[{"Key": "key1", "Value": "value1"}]' \ - --region us-east-1 + --resource-arn "arn:aws:healthlake:us-east-1:123456789012:datastore/fhir/0725c83f4307f263e16fd56b6d8ebdbe" \ + --tags '[{"Key": "key1", "Value": "value1"}]' This command produces no output. -For more information, see 'Adding a tag to a Data Store '__ in the *Amazon HealthLake Developer Guide.*. \ No newline at end of file +For more information, see `Adding a tag to a data store `__ in the *AWS HealthLake Developer Guide.*. \ No newline at end of file diff --git a/awscli/examples/healthlake/untag-resource.rst b/awscli/examples/healthlake/untag-resource.rst index 539cfb4c16d3..76e18e102647 100644 --- a/awscli/examples/healthlake/untag-resource.rst +++ b/awscli/examples/healthlake/untag-resource.rst @@ -1,12 +1,11 @@ -**To remove tags from a Data Store.** +**To remove tags from a data store.** -The following ``untag-resource`` example shows how to remove tags from a Data Store. :: +The following ``untag-resource`` example shows how to remove tags from a data store. :: aws healthlake untag-resource \ - --resource-arn "arn:aws:healthlake:us-east-1:674914422125:datastore/fhir/b91723d65c6fdeb1d26543a49d2ed1fa" \ - --tag-keys '["key1"]' \ - --region us-east-1 + --resource-arn "arn:aws:healthlake:us-east-1:123456789012:datastore/fhir/b91723d65c6fdeb1d26543a49d2ed1fa" \ + --tag-keys '["key1"]' This command produces no output. -For more information, see `Removing tags from a Data Store `__ in the *Amazon HealthLake Developer Guide*. \ No newline at end of file +For more information, see `Removing tags from a data store `__ in the *AWS HealthLake Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/add-client-id-to-open-id-connect-provider.rst b/awscli/examples/iam/add-client-id-to-open-id-connect-provider.rst index d8e0089eda5d..f0fe0ddc92f8 100644 --- a/awscli/examples/iam/add-client-id-to-open-id-connect-provider.rst +++ b/awscli/examples/iam/add-client-id-to-open-id-connect-provider.rst @@ -1,11 +1,13 @@ **To add a client ID (audience) to an Open-ID Connect (OIDC) provider** -The following ``add-client-id-to-open-id-connect-provider`` command adds the client ID ``my-application-ID`` to the OIDC provider named ``server.example.com``:: +The following ``add-client-id-to-open-id-connect-provider`` command adds the client ID ``my-application-ID`` to the OIDC provider named ``server.example.com``. :: - aws iam add-client-id-to-open-id-connect-provider --client-id my-application-ID --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/server.example.com + aws iam add-client-id-to-open-id-connect-provider \ + --client-id my-application-ID \ + --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/server.example.com -To create an OIDC provider, use the ``create-open-id-connect-provider`` command. +This command produces no output. -For more information, see `Using OpenID Connect Identity Providers`_ in the *Using IAM* guide. +To create an OIDC provider, use the ``create-open-id-connect-provider`` command. -.. _`Using OpenID Connect Identity Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc.html \ No newline at end of file +For more information, see `Creating OpenID Connect (OIDC) identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/add-role-to-instance-profile.rst b/awscli/examples/iam/add-role-to-instance-profile.rst index 5727b0669e3e..cec08fb2629a 100644 --- a/awscli/examples/iam/add-role-to-instance-profile.rst +++ b/awscli/examples/iam/add-role-to-instance-profile.rst @@ -1,11 +1,13 @@ **To add a role to an instance profile** -The following ``add-role-to-instance-profile`` command adds the role named ``S3Access`` to the instance profile named ``Webserver``:: +The following ``add-role-to-instance-profile`` command adds the role named ``S3Access`` to the instance profile named ``Webserver``. :: - aws iam add-role-to-instance-profile --role-name S3Access --instance-profile-name Webserver + aws iam add-role-to-instance-profile \ + --role-name S3Access \ + --instance-profile-name Webserver -To create an instance profile, use the ``create-instance-profile`` command. +This command produces no output. -For more information, see `Using IAM Roles to Delegate Permissions to Applications that Run on Amazon EC2`_ in the *Using IAM* guide. +To create an instance profile, use the ``create-instance-profile`` command. -.. _`Using IAM Roles to Delegate Permissions to Applications that Run on Amazon EC2`: http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-usingrole-ec2instance.html \ No newline at end of file +For more information, see `Using an IAM role to grant permissions to applications running on Amazon EC2 instances `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/add-user-to-group.rst b/awscli/examples/iam/add-user-to-group.rst index 6dd81b49c101..630fa3c99591 100644 --- a/awscli/examples/iam/add-user-to-group.rst +++ b/awscli/examples/iam/add-user-to-group.rst @@ -1,10 +1,11 @@ **To add a user to an IAM group** -The following ``add-user-to-group`` command adds an IAM user named ``Bob`` to the IAM group named ``Admins``:: +The following ``add-user-to-group`` command adds an IAM user named ``Bob`` to the IAM group named ``Admins``. :: - aws iam add-user-to-group --user-name Bob --group-name Admins + aws iam add-user-to-group \ + --user-name Bob \ + --group-name Admins -For more information, see `Adding and Removing Users in an IAM Group`_ in the *Using IAM* guide. - -.. _`Adding and Removing Users in an IAM Group`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_AddOrRemoveUsersFromGroup.html +This command produces no output. +For more information, see `Adding and removing users in an IAM user group `__ in the *AWS IAM User Guide*. diff --git a/awscli/examples/iam/attach-group-policy.rst b/awscli/examples/iam/attach-group-policy.rst index 47329bb5ff28..50875d58f2ba 100644 --- a/awscli/examples/iam/attach-group-policy.rst +++ b/awscli/examples/iam/attach-group-policy.rst @@ -1,9 +1,11 @@ **To attach a managed policy to an IAM group** -The following ``attach-group-policy`` command attaches the AWS managed policy named ``ReadOnlyAccess`` to the IAM group named ``Finance``:: +The following ``attach-group-policy`` command attaches the AWS managed policy named ``ReadOnlyAccess`` to the IAM group named ``Finance``. :: - aws iam attach-group-policy --policy-arn arn:aws:iam::aws:policy/ReadOnlyAccess --group-name Finance + aws iam attach-group-policy \ + --policy-arn arn:aws:iam::aws:policy/ReadOnlyAccess \ + --group-name Finance -For more information, see `Managed Policies and Inline Policies`_ in the *Using IAM* guide. +This command produces no output. -.. _`Managed Policies and Inline Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html \ No newline at end of file +For more information, see `Managed policies and inline policies `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/attach-role-policy.rst b/awscli/examples/iam/attach-role-policy.rst index 449fcd788ea1..b09616f58ffe 100644 --- a/awscli/examples/iam/attach-role-policy.rst +++ b/awscli/examples/iam/attach-role-policy.rst @@ -1,9 +1,11 @@ **To attach a managed policy to an IAM role** -The following ``attach-role-policy`` command attaches the AWS managed policy named ``ReadOnlyAccess`` to the IAM role named ``ReadOnlyRole``:: +The following ``attach-role-policy`` command attaches the AWS managed policy named ``ReadOnlyAccess`` to the IAM role named ``ReadOnlyRole``. :: - aws iam attach-role-policy --policy-arn arn:aws:iam::aws:policy/ReadOnlyAccess --role-name ReadOnlyRole + aws iam attach-role-policy \ + --policy-arn arn:aws:iam::aws:policy/ReadOnlyAccess \ + --role-name ReadOnlyRole -For more information, see `Managed Policies and Inline Policies`_ in the *Using IAM* guide. +This command produces no output. -.. _`Managed Policies and Inline Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html \ No newline at end of file +For more information, see `Managed policies and inline policies `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/attach-user-policy.rst b/awscli/examples/iam/attach-user-policy.rst index 766d5898257a..172fca800cb7 100644 --- a/awscli/examples/iam/attach-user-policy.rst +++ b/awscli/examples/iam/attach-user-policy.rst @@ -1,9 +1,11 @@ **To attach a managed policy to an IAM user** -The following ``attach-user-policy`` command attaches the AWS managed policy named ``AdministratorAccess`` to the IAM user named ``Alice``:: +The following ``attach-user-policy`` command attaches the AWS managed policy named ``AdministratorAccess`` to the IAM user named ``Alice``. :: - aws iam attach-user-policy --policy-arn arn:aws:iam:ACCOUNT-ID:aws:policy/AdministratorAccess --user-name Alice + aws iam attach-user-policy \ + --policy-arn arn:aws:iam::aws:policy/AdministratorAccess \ + --user-name Alice -For more information, see `Managed Policies and Inline Policies`_ in the *Using IAM* guide. +This command produces no output. -.. _`Managed Policies and Inline Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html +For more information, see `Managed policies and inline policies `__ in the *AWS IAM User Guide*. diff --git a/awscli/examples/iam/change-password.rst b/awscli/examples/iam/change-password.rst index 84af300713d5..6e63c5b28e65 100644 --- a/awscli/examples/iam/change-password.rst +++ b/awscli/examples/iam/change-password.rst @@ -1,22 +1,24 @@ **To change the password for your IAM user** -To change the password for your IAM user, we recommend using the ``--cli-input-json`` parameter to pass a JSON file that contains your old and new passwords. Using this method, you can use strong passwords with non-alphanumeric characters. It can be difficult to use passwords with non-alphanumeric characters when you pass them as command line parameters. To use the ``--cli-input-json`` parameter, start by using the ``change-password`` command with the ``--generate-cli-skeleton`` parameter, as in the following example:: +To change the password for your IAM user, we recommend using the ``--cli-input-json`` parameter to pass a JSON file that contains your old and new passwords. Using this method, you can use strong passwords with non-alphanumeric characters. It can be difficult to use passwords with non-alphanumeric characters when you pass them as command line parameters. To use the ``--cli-input-json`` parameter, start by using the ``change-password`` command with the ``--generate-cli-skeleton`` parameter, as in the following example. :: - aws iam change-password --generate-cli-skeleton > change-password.json + aws iam change-password \ + --generate-cli-skeleton > change-password.json -The previous command creates a JSON file called change-password.json that you can use to fill in your old and new passwords. For example, the file might look like this:: +The previous command creates a JSON file called change-password.json that you can use to fill in your old and new passwords. For example, the file might look like the following. :: - { - "OldPassword": "3s0K_;xh4~8XXI", - "NewPassword": "]35d/{pB9Fo9wJ" - } + { + "OldPassword": "3s0K_;xh4~8XXI", + "NewPassword": "]35d/{pB9Fo9wJ" + } -Next, to change your password, use the ``change-password`` command again, this time passing the ``--cli-input-json`` parameter to specify your JSON file. The following ``change-password`` command uses the ``--cli-input-json`` parameter with a JSON file called change-password.json:: +Next, to change your password, use the ``change-password`` command again, this time passing the ``--cli-input-json`` parameter to specify your JSON file. The following ``change-password`` command uses the ``--cli-input-json`` parameter with a JSON file called change-password.json. :: - aws iam change-password --cli-input-json file://change-password.json + aws iam change-password \ + --cli-input-json file://change-password.json -This command can be called by IAM users only. If this command is called using AWS account (root) credentials, the command returns an ``InvalidUserType`` error. +This command produces no output. -For more information, see `How IAM Users Change Their Own Password`_ in the *Using IAM* guide. +This command can be called by IAM users only. If this command is called using AWS account (root) credentials, the command returns an ``InvalidUserType`` error. -.. _`How IAM Users Change Their Own Password`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingUserPwdSelf.html \ No newline at end of file +For more information, see `How an IAM user changes their own password `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-access-key.rst b/awscli/examples/iam/create-access-key.rst index 29d10f8a8548..7f85ebd857e3 100644 --- a/awscli/examples/iam/create-access-key.rst +++ b/awscli/examples/iam/create-access-key.rst @@ -1,23 +1,22 @@ **To create an access key for an IAM user** -The following ``create-access-key`` command creates an access key (access key ID and secret access key) for the IAM user named ``Bob``:: +The following ``create-access-key`` command creates an access key (access key ID and secret access key) for the IAM user named ``Bob``. :: - aws iam create-access-key --user-name Bob + aws iam create-access-key \ + --user-name Bob Output:: - { - "AccessKey": { - "UserName": "Bob", - "Status": "Active", - "CreateDate": "2015-03-09T18:39:23.411Z", - "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY", - "AccessKeyId": "AKIAIOSFODNN7EXAMPLE" - } - } + { + "AccessKey": { + "UserName": "Bob", + "Status": "Active", + "CreateDate": "2015-03-09T18:39:23.411Z", + "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY", + "AccessKeyId": "AKIAIOSFODNN7EXAMPLE" + } + } Store the secret access key in a secure location. If it is lost, it cannot be recovered, and you must create a new access key. -For more information, see `Managing Access Keys for IAM Users`_ in the *Using IAM* guide. - -.. _`Managing Access Keys for IAM Users`: http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html \ No newline at end of file +For more information, see `Managing access keys for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-account-alias.rst b/awscli/examples/iam/create-account-alias.rst index 8794365c4033..e18c6b44aeb0 100644 --- a/awscli/examples/iam/create-account-alias.rst +++ b/awscli/examples/iam/create-account-alias.rst @@ -1,10 +1,10 @@ -**To create an account alias** - -The following ``create-account-alias`` command creates the alias ``examplecorp`` for your AWS account. :: - - aws iam create-account-alias \ - --account-alias examplecorp - -For more information, see `Your AWS account ID and its alias`_ in the *Using IAM* guide. - -.. _`Your AWS Account ID and Its Alias`: \ No newline at end of file +**To create an account alias** + +The following ``create-account-alias`` command creates the alias ``examplecorp`` for your AWS account. :: + + aws iam create-account-alias \ + --account-alias examplecorp + +This command produces no output. + +For more information, see `Your AWS account ID and its alias `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-group.rst b/awscli/examples/iam/create-group.rst index afe65bace152..f23d06ea845d 100644 --- a/awscli/examples/iam/create-group.rst +++ b/awscli/examples/iam/create-group.rst @@ -1,21 +1,20 @@ **To create an IAM group** -The following ``create-group`` command creates an IAM group named ``Admins``:: +The following ``create-group`` command creates an IAM group named ``Admins``. :: - aws iam create-group --group-name Admins + aws iam create-group \ + --group-name Admins Output:: - { - "Group": { - "Path": "/", - "CreateDate": "2015-03-09T20:30:24.940Z", - "GroupId": "AIDGPMS9RO4H3FEXAMPLE", - "Arn": "arn:aws:iam::123456789012:group/Admins", - "GroupName": "Admins" - } - } + { + "Group": { + "Path": "/", + "CreateDate": "2015-03-09T20:30:24.940Z", + "GroupId": "AIDGPMS9RO4H3FEXAMPLE", + "Arn": "arn:aws:iam::123456789012:group/Admins", + "GroupName": "Admins" + } + } -For more information, see `Creating IAM Groups`_ in the *Using IAM* guide. - -.. _`Creating IAM Groups`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_CreatingAndListingGroups.html \ No newline at end of file +For more information, see `Creating IAM user groups `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-instance-profile.rst b/awscli/examples/iam/create-instance-profile.rst index dfaf0276989e..0d027921bc25 100644 --- a/awscli/examples/iam/create-instance-profile.rst +++ b/awscli/examples/iam/create-instance-profile.rst @@ -1,24 +1,23 @@ **To create an instance profile** -The following ``create-instance-profile`` command creates an instance profile named ``Webserver``:: +The following ``create-instance-profile`` command creates an instance profile named ``Webserver``. :: - aws iam create-instance-profile --instance-profile-name Webserver + aws iam create-instance-profile \ + --instance-profile-name Webserver Output:: - { - "InstanceProfile": { - "InstanceProfileId": "AIPAJMBYC7DLSPEXAMPLE", - "Roles": [], - "CreateDate": "2015-03-09T20:33:19.626Z", - "InstanceProfileName": "Webserver", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:instance-profile/Webserver" - } - } + { + "InstanceProfile": { + "InstanceProfileId": "AIPAJMBYC7DLSPEXAMPLE", + "Roles": [], + "CreateDate": "2015-03-09T20:33:19.626Z", + "InstanceProfileName": "Webserver", + "Path": "/", + "Arn": "arn:aws:iam::123456789012:instance-profile/Webserver" + } + } To add a role to an instance profile, use the ``add-role-to-instance-profile`` command. -For more information, see `Using IAM Roles to Delegate Permissions to Applications that Run on Amazon EC2`_ in the *Using IAM* guide. - -.. _`Using IAM Roles to Delegate Permissions to Applications that Run on Amazon EC2`: http://docs.aws.amazon.com/IAM/latest/UserGuide/roles-usingrole-ec2instance.html \ No newline at end of file +For more information, see `Using an IAM role to grant permissions to applications running on Amazon EC2 instances `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-login-profile.rst b/awscli/examples/iam/create-login-profile.rst index f5bfd4751a4d..385dace3a703 100644 --- a/awscli/examples/iam/create-login-profile.rst +++ b/awscli/examples/iam/create-login-profile.rst @@ -2,31 +2,33 @@ To create a password for an IAM user, we recommend using the ``--cli-input-json`` parameter to pass a JSON file that contains the password. Using this method, you can create a strong password with non-alphanumeric characters. It can be difficult to create a password with non-alphanumeric characters when you pass it as a command line parameter. -To use the ``--cli-input-json`` parameter, start by using the ``create-login-profile`` command with the ``--generate-cli-skeleton`` parameter, as in the following example:: +To use the ``--cli-input-json`` parameter, start by using the ``create-login-profile`` command with the ``--generate-cli-skeleton`` parameter, as in the following example. :: - aws iam create-login-profile --generate-cli-skeleton > create-login-profile.json + aws iam create-login-profile \ + --generate-cli-skeleton > create-login-profile.json The previous command creates a JSON file called create-login-profile.json that you can use to fill in the information for a subsequent ``create-login-profile`` command. For example:: - { - "UserName": "Bob", - "Password": "&1-3a6u:RA0djs", - "PasswordResetRequired": true - } + { + "UserName": "Bob", + "Password": "&1-3a6u:RA0djs", + "PasswordResetRequired": true + } -Next, to create a password for an IAM user, use the ``create-login-profile`` command again, this time passing the ``--cli-input-json`` parameter to specify your JSON file. The following ``create-login-profile`` command uses the ``--cli-input-json`` parameter with a JSON file called create-login-profile.json:: +Next, to create a password for an IAM user, use the ``create-login-profile`` command again, this time passing the ``--cli-input-json`` parameter to specify your JSON file. The following ``create-login-profile`` command uses the ``--cli-input-json`` parameter with a JSON file called create-login-profile.json. :: - aws iam create-login-profile --cli-input-json file://create-login-profile.json + aws iam create-login-profile \ + --cli-input-json file://create-login-profile.json Output:: - { - "LoginProfile": { - "UserName": "Bob", - "CreateDate": "2015-03-10T20:55:40.274Z", - "PasswordResetRequired": true - } - } + { + "LoginProfile": { + "UserName": "Bob", + "CreateDate": "2015-03-10T20:55:40.274Z", + "PasswordResetRequired": true + } + } If the new password violates the account password policy, the command returns a ``PasswordPolicyViolation`` error. @@ -34,6 +36,4 @@ To change the password for a user that already has one, use ``update-login-profi If the account password policy allows them to, IAM users can change their own passwords using the ``change-password`` command. -For more information, see `Managing Passwords for IAM Users`_ in the *Using IAM* guide. - -.. _`Managing Passwords for IAM Users`: http://docs.aws.amazon.com/IAM/latest/UserGuide/credentials-add-pwd-for-user.html \ No newline at end of file +For more information, see `Managing passwords for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-open-id-connect-provider.rst b/awscli/examples/iam/create-open-id-connect-provider.rst index 1f7d83a6ad2b..f7c9470e9de0 100644 --- a/awscli/examples/iam/create-open-id-connect-provider.rst +++ b/awscli/examples/iam/create-open-id-connect-provider.rst @@ -2,36 +2,34 @@ To create an OpenID Connect (OIDC) provider, we recommend using the ``--cli-input-json`` parameter to pass a JSON file that contains the required parameters. When you create an OIDC provider, you must pass the URL of the provider, and the URL must begin with ``https://``. It can be difficult to pass the URL as a command line parameter, because the colon (:) and forward slash (/) characters have special meaning in some command line environments. Using the ``--cli-input-json`` parameter gets around this limitation. -To use the ``--cli-input-json`` parameter, start by using the ``create-open-id-connect-provider`` command with the ``--generate-cli-skeleton`` parameter, as in the following example:: +To use the ``--cli-input-json`` parameter, start by using the ``create-open-id-connect-provider`` command with the ``--generate-cli-skeleton`` parameter, as in the following example. :: - aws iam create-open-id-connect-provider --generate-cli-skeleton > create-open-id-connect-provider.json + aws iam create-open-id-connect-provider \ + --generate-cli-skeleton > create-open-id-connect-provider.json The previous command creates a JSON file called create-open-id-connect-provider.json that you can use to fill in the information for a subsequent ``create-open-id-connect-provider`` command. For example:: - { - "Url": "https://server.example.com", - "ClientIDList": [ - "example-application-ID" - ], - "ThumbprintList": [ - "c3768084dfb3d2b68b7897bf5f565da8eEXAMPLE" - ] - } + { + "Url": "https://server.example.com", + "ClientIDList": [ + "example-application-ID" + ], + "ThumbprintList": [ + "c3768084dfb3d2b68b7897bf5f565da8eEXAMPLE" + ] + } -Next, to create the OpenID Connect (OIDC) provider, use the ``create-open-id-connect-provider`` command again, this time passing the ``--cli-input-json`` parameter to specify your JSON file. The following ``create-open-id-connect-provider`` command uses the ``--cli-input-json`` parameter with a JSON file called create-open-id-connect-provider.json:: +Next, to create the OpenID Connect (OIDC) provider, use the ``create-open-id-connect-provider`` command again, this time passing the ``--cli-input-json`` parameter to specify your JSON file. The following ``create-open-id-connect-provider`` command uses the ``--cli-input-json`` parameter with a JSON file called create-open-id-connect-provider.json. :: - aws iam create-open-id-connect-provider --cli-input-json file://create-open-id-connect-provider.json + aws iam create-open-id-connect-provider \ + --cli-input-json file://create-open-id-connect-provider.json Output:: - { - "OpenIDConnectProviderArn": "arn:aws:iam::123456789012:oidc-provider/server.example.com" - } + { + "OpenIDConnectProviderArn": "arn:aws:iam::123456789012:oidc-provider/server.example.com" + } -For more information about OIDC providers, see `Using OpenID Connect Identity Providers`_ in the *Using IAM* guide. +For more information about OIDC providers, see `Creating OpenID Connect (OIDC) identity providers `__ in the *AWS IAM User Guide*. -For more information about obtaining thumbprints for an OIDC provider, see `Obtaining the Thumbprint for an OpenID Connect Provider`_ in the *Using IAM* guide. - -.. _`Using OpenID Connect Identity Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc.html - -.. _`Obtaining the Thumbprint for an OpenID Connect Provider`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html \ No newline at end of file +For more information about obtaining thumbprints for an OIDC provider, see `Obtaining the thumbprint for an OpenID Connect Identity Provider `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-policy-version.rst b/awscli/examples/iam/create-policy-version.rst index 1597b67d9ada..0688f20dd2e2 100644 --- a/awscli/examples/iam/create-policy-version.rst +++ b/awscli/examples/iam/create-policy-version.rst @@ -1,21 +1,21 @@ **To create a new version of a managed policy** -This example creates a new ``v2`` version of the IAM policy whose ARN is ``arn:aws:iam::123456789012:policy/MyPolicy`` and makes it the default version:: +This example creates a new ``v2`` version of the IAM policy whose ARN is ``arn:aws:iam::123456789012:policy/MyPolicy`` and makes it the default version. :: - - aws iam create-policy-version --policy-arn arn:aws:iam::123456789012:policy/MyPolicy --policy-document file://NewPolicyVersion.json --set-as-default + aws iam create-policy-version \ + --policy-arn arn:aws:iam::123456789012:policy/MyPolicy \ + --policy-document file://NewPolicyVersion.json \ + --set-as-default Output:: - { - "PolicyVersion": { - "CreateDate": "2015-06-16T18:56:03.721Z", - "VersionId": "v2", - "IsDefaultVersion": true - } - } - -For more information, see `Versioning for Managed Policies`_ in the *Using IAM* guide. + { + "PolicyVersion": { + "CreateDate": "2015-06-16T18:56:03.721Z", + "VersionId": "v2", + "IsDefaultVersion": true + } + } -.. _`Versioning for Managed Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_managed-versioning.html \ No newline at end of file +For more information, see `Versioning IAM policies `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-policy.rst b/awscli/examples/iam/create-policy.rst index af5f839b6530..8319d8e2662c 100644 --- a/awscli/examples/iam/create-policy.rst +++ b/awscli/examples/iam/create-policy.rst @@ -1,12 +1,12 @@ **Example 1: To create a customer managed policy** -The following command creates a customer managed policy named ``my-policy``. :: +The following command creates a customer managed policy named ``my-policy``. The file ``policy.json`` is a JSON document in the current folder that grants read only access to the ``shared`` folder in an Amazon S3 bucket named ``amzn-s3-demo-bucket``. :: aws iam create-policy \ --policy-name my-policy \ - --policy-document file://policy + --policy-document file://policy.json -The file ``policy`` is a JSON document in the current folder that grants read only access to the ``shared`` folder in an Amazon S3 bucket named ``my-bucket``:: +Contents of policy.json:: { "Version": "2012-10-17", @@ -18,7 +18,7 @@ The file ``policy`` is a JSON document in the current folder that grants read on "s3:List*" ], "Resource": [ - "arn:aws:s3:::my-bucket/shared/*" + "arn:aws:s3:::amzn-s3-demo-bucket/shared/*" ] } ] @@ -40,20 +40,22 @@ Output:: } } -For more information on using files as input for string parameters, see `Specifying Parameter Values `_ in the *AWS CLI User Guide*. +For more information on using files as input for string parameters, see `Specify parameter values for the AWS CLI `__ in the *AWS CLI User Guide*. **Example 2: To create a customer managed policy with a description** -The following command creates a customer managed policy named ``my-policy`` with an immutable description. :: +The following command creates a customer managed policy named ``my-policy`` with an immutable description. + +The file ``policy.json`` is a JSON document in the current folder that grants access to all Put, List, and Get actions for an Amazon S3 bucket named ``amzn-s3-demo-bucket``. :: aws iam create-policy \ --policy-name my-policy \ --policy-document file://policy.json \ - --description "This policy grants access to all Put, Get, and List actions for my-bucket" + --description "This policy grants access to all Put, Get, and List actions for amzn-s3-demo-bucket" -The file ``policy.json`` is a JSON document in the current folder that grants access to all Put, List, and Get actions for an Amazon S3 bucket named ``my-bucket``:: +Contents of policy.json:: - { + { "Version": "2012-10-17", "Statement": [ { @@ -64,7 +66,7 @@ The file ``policy.json`` is a JSON document in the current folder that grants ac "s3:GetBucket*" ], "Resource": [ - "arn:aws:s3:::my-bucket" + "arn:aws:s3:::amzn-s3-demo-bucket" ] } ] @@ -87,33 +89,33 @@ Output:: } } -For more information on Idenity-based Policies, see `Identity-based policies and resource-based policies `_ in the *AWS IAM User Guide*. +For more information on Idenity-based Policies, see `Identity-based policies and resource-based policies `__ in the *AWS IAM User Guide*. -**Example 3: To Create a customer managed policy with tags** +**Example 3: To create a customer managed policy with tags** -The following command creates a customer managed policy named ``my-policy`` with tags. This example uses the ``--tags`` parameter flag with the following -JSON-formatted tags: ``'{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}'``. Alternatively, the ``--tags`` flag can be -used with tags in the shorthand format: ``'Key=Department,Value=Accounting Key=Location,Value=Seattle'``. :: +The following command creates a customer managed policy named ``my-policy`` with tags. This example uses the ``--tags`` parameter with the following JSON-formatted tags: ``'{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}'``. Alternatively, the ``--tags`` parameter can be used with tags in the shorthand format: ``'Key=Department,Value=Accounting Key=Location,Value=Seattle'``. + +The file ``policy.json`` is a JSON document in the current folder that grants access to all Put, List, and Get actions for an Amazon S3 bucket named ``amzn-s3-demo-bucket``. :: aws iam create-policy \ --policy-name my-policy \ --policy-document file://policy.json \ --tags '{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}' -The file ``policy.json`` is a JSON document in the current folder that grants access to all Put, List, and Get actions for an Amazon S3 bucket named ``my-bucket``:: +Contents of policy.json:: - { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": [ "s3:ListBucket*", "s3:PutBucket*", "s3:GetBucket*" ], "Resource": [ - "arn:aws:s3:::my-bucket" + "arn:aws:s3:::amzn-s3-demo-bucket" ] } ] @@ -145,4 +147,4 @@ Output:: } } -For more information on Tagging policies, see `Tagging customer managed policies `__ in the *IAM User Guide*. \ No newline at end of file +For more information on Tagging policies, see `Tagging customer managed policies `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-role.rst b/awscli/examples/iam/create-role.rst index 0fd52186b4b8..31c2b6221df9 100644 --- a/awscli/examples/iam/create-role.rst +++ b/awscli/examples/iam/create-role.rst @@ -1,33 +1,33 @@ **Example 1: To create an IAM role** -The following ``create-role`` command creates a role named ``Test-Role`` and attaches a trust policy to it:: +The following ``create-role`` command creates a role named ``Test-Role`` and attaches a trust policy to it. :: - aws iam create-role \ - --role-name Test-Role \ - --assume-role-policy-document file://Test-Role-Trust-Policy.json + aws iam create-role \ + --role-name Test-Role \ + --assume-role-policy-document file://Test-Role-Trust-Policy.json Output:: - { - "Role": { - "AssumeRolePolicyDocument": "", - "RoleId": "AKIAIOSFODNN7EXAMPLE", - "CreateDate": "2013-06-07T20:43:32.821Z", - "RoleName": "Test-Role", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:role/Test-Role" + { + "Role": { + "AssumeRolePolicyDocument": "", + "RoleId": "AKIAIOSFODNN7EXAMPLE", + "CreateDate": "2013-06-07T20:43:32.821Z", + "RoleName": "Test-Role", + "Path": "/", + "Arn": "arn:aws:iam::123456789012:role/Test-Role" + } } - } The trust policy is defined as a JSON document in the *Test-Role-Trust-Policy.json* file. (The file name and extension do not have significance.) The trust policy must specify a principal. To attach a permissions policy to a role, use the ``put-role-policy`` command. -For more information, see `Creating a Role `_ in the *AWS IAM User Guide*. +For more information, see `Creating IAM roles `__ in the *AWS IAM User Guide*. **Example 2: To create an IAM role with specified maximum session duration** -The following ``create-role`` command creates a role named ``Test-Role`` and sets a maximum session duration of 7200 seconds (2 hours):: +The following ``create-role`` command creates a role named ``Test-Role`` and sets a maximum session duration of 7200 seconds (2 hours). :: aws iam create-role \ --role-name Test-Role \ @@ -59,13 +59,11 @@ Output:: } } -For more information, see `Creating a Role `__ in the *AWS IAM User Guide*. +For more information, see `Modifying a role maximum session duration (AWS API) `__ in the *AWS IAM User Guide*. **Example 3: To create an IAM Role with tags** -The following command creates an IAM Role ``Test-Role`` with tags. This example uses the ``--tags`` parameter flag with the following -JSON-formatted tags: ``'{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}'``. Alternatively, the ``--tags`` flag can be -used with tags in the shorthand format: ``'Key=Department,Value=Accounting Key=Location,Value=Seattle'``. :: +The following command creates an IAM Role ``Test-Role`` with tags. This example uses the ``--tags`` parameter flag with the following JSON-formatted tags: ``'{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}'``. Alternatively, the ``--tags`` flag can be used with tags in the shorthand format: ``'Key=Department,Value=Accounting Key=Location,Value=Seattle'``. :: aws iam create-role \ --role-name Test-Role \ diff --git a/awscli/examples/iam/create-saml-provider.rst b/awscli/examples/iam/create-saml-provider.rst index 306849efe406..3ef25ac01a5c 100644 --- a/awscli/examples/iam/create-saml-provider.rst +++ b/awscli/examples/iam/create-saml-provider.rst @@ -1,16 +1,15 @@ **To create a SAML provider** -This example creates a new SAML provider in IAM named ``MySAMLProvider``. It is described by the SAML metadata document found in the file ``SAMLMetaData.xml``:: - - aws iam create-saml-provider --saml-metadata-document file://SAMLMetaData.xml --name MySAMLProvider +This example creates a new SAML provider in IAM named ``MySAMLProvider``. It is described by the SAML metadata document found in the file ``SAMLMetaData.xml``. :: + aws iam create-saml-provider \ + --saml-metadata-document file://SAMLMetaData.xml \ + --name MySAMLProvider Output:: - { - "SAMLProviderArn": "arn:aws:iam::123456789012:saml-provider/MySAMLProvider" - } - -For more information, see `Using SAML Providers`_ in the *Using IAM* guide. + { + "SAMLProviderArn": "arn:aws:iam::123456789012:saml-provider/MySAMLProvider" + } -.. _`Using SAML Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-saml.html \ No newline at end of file +For more information, see `Creating IAM SAML identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-service-linked-role.rst b/awscli/examples/iam/create-service-linked-role.rst index 1b8231acf12a..66c07295a173 100644 --- a/awscli/examples/iam/create-service-linked-role.rst +++ b/awscli/examples/iam/create-service-linked-role.rst @@ -34,4 +34,4 @@ Output:: } } -For more information, see `Using Service-Linked Roles `_ in the *IAM User Guide*. +For more information, see `Using service-linked roles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-service-specific-credential.rst b/awscli/examples/iam/create-service-specific-credential.rst index 89b87d4ed4e6..28d0e0cb9bc2 100644 --- a/awscli/examples/iam/create-service-specific-credential.rst +++ b/awscli/examples/iam/create-service-specific-credential.rst @@ -2,22 +2,22 @@ The following ``create-service-specific-credential`` example creates a username and password that can be used to access only the configured service. :: - aws iam create-service-specific-credential --user-name sofia --service-name codecommit.amazonaws.com + aws iam create-service-specific-credential \ + --user-name sofia \ + --service-name codecommit.amazonaws.com Output:: - { - "ServiceSpecificCredential": { - "CreateDate": "2019-04-18T20:45:36+00:00", - "ServiceName": "codecommit.amazonaws.com", - "ServiceUserName": "sofia-at-123456789012", - "ServicePassword": "k1zPZM6uVxMQ3oxqgoYlNuJPyRTZ1vREs76zTQE3eJk=", - "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", - "UserName": "sofia", - "Status": "Active" - } - } + { + "ServiceSpecificCredential": { + "CreateDate": "2019-04-18T20:45:36+00:00", + "ServiceName": "codecommit.amazonaws.com", + "ServiceUserName": "sofia-at-123456789012", + "ServicePassword": "k1zPZM6uVxMQ3oxqgoYlNuJPyRTZ1vREs76zTQE3eJk=", + "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", + "UserName": "sofia", + "Status": "Active" + } + } -For more information, see `Create Git Credentials for HTTPS Connections to CodeCommit`_ in the *AWS CodeCommit User Guide* - -.. _`Create Git Credentials for HTTPS Connections to CodeCommit`: https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html#setting-up-gc-iam +For more information, see `Create Git credentials for HTTPS connections to CodeCommit `__ in the *AWS CodeCommit User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-user.rst b/awscli/examples/iam/create-user.rst index 4c1967293e09..fa32fb261837 100644 --- a/awscli/examples/iam/create-user.rst +++ b/awscli/examples/iam/create-user.rst @@ -17,7 +17,7 @@ Output:: } } -For more information, see `Adding a New User to Your AWS Account `_ in the *AWS IAM User Guide*. +For more information, see `Creating an IAM user in your AWS account `__ in the *AWS IAM User Guide*. **Example 2: To create an IAM user at a specified path** @@ -39,13 +39,12 @@ Output:: } } -For more information, see `IAM identifiers `_ in the *AWS IAM User Guide*. +For more information, see `IAM identifiers `__ in the *AWS IAM User Guide*. **Example 3: To Create an IAM User with tags** The following ``create-user`` command creates an IAM user named ``Bob`` with tags. This example uses the ``--tags`` parameter flag with the following -JSON-formatted tags: ``'{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}'``. Alternatively, the ``--tags`` flag can be -used with tags in the shorthand format: ``'Key=Department,Value=Accounting Key=Location,Value=Seattle'``:: +JSON-formatted tags: ``'{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}'``. Alternatively, the ``--tags`` flag can be used with tags in the shorthand format: ``'Key=Department,Value=Accounting Key=Location,Value=Seattle'``. :: aws iam create-user \ --user-name Bob \ @@ -77,7 +76,7 @@ For more information, see `Tagging IAM users `__ in the *AWS IAM User Guide* - - +For more information, see `Permissions boundaries for IAM entities `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/create-virtual-mfa-device.rst b/awscli/examples/iam/create-virtual-mfa-device.rst index a36dad62f9c7..0751fbc9bf80 100644 --- a/awscli/examples/iam/create-virtual-mfa-device.rst +++ b/awscli/examples/iam/create-virtual-mfa-device.rst @@ -1,18 +1,19 @@ **To create a virtual MFA device** This example creates a new virtual MFA device called ``BobsMFADevice``. It creates a file that contains bootstrap information called ``QRCode.png`` -and places it in the ``C:/`` directory. The bootstrap method used in this example is ``QRCodePNG``:: +and places it in the ``C:/`` directory. The bootstrap method used in this example is ``QRCodePNG``. :: - aws iam create-virtual-mfa-device --virtual-mfa-device-name BobsMFADevice --outfile C:/QRCode.png --bootstrap-method QRCodePNG + aws iam create-virtual-mfa-device \ + --virtual-mfa-device-name BobsMFADevice \ + --outfile C:/QRCode.png \ + --bootstrap-method QRCodePNG Output:: - { - "VirtualMFADevice": { - "SerialNumber": "arn:aws:iam::210987654321:mfa/BobsMFADevice" - } + { + "VirtualMFADevice": { + "SerialNumber": "arn:aws:iam::210987654321:mfa/BobsMFADevice" + } -For more information, see `Using Multi-Factor Authentication (MFA) Devices with AWS`_ in the *Using IAM* guide. - -.. _`Using Multi-Factor Authentication (MFA) Devices with AWS`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingMFA.html \ No newline at end of file +For more information, see `Using multi-factor authentication (MFA) in AWS `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/deactivate-mfa-device.rst b/awscli/examples/iam/deactivate-mfa-device.rst index 1fb258576e44..86047e43411a 100644 --- a/awscli/examples/iam/deactivate-mfa-device.rst +++ b/awscli/examples/iam/deactivate-mfa-device.rst @@ -1,10 +1,11 @@ **To deactivate an MFA device** -This command deactivates the virtual MFA device with the ARN ``arn:aws:iam::210987654321:mfa/BobsMFADevice`` that is associated with the user ``Bob``:: +This command deactivates the virtual MFA device with the ARN ``arn:aws:iam::210987654321:mfa/BobsMFADevice`` that is associated with the user ``Bob``. :: - aws iam deactivate-mfa-device --user-name Bob --serial-number arn:aws:iam::210987654321:mfa/BobsMFADevice + aws iam deactivate-mfa-device \ + --user-name Bob \ + --serial-number arn:aws:iam::210987654321:mfa/BobsMFADevice +This command produces no output. -For more information, see `Using Multi-Factor Authentication (MFA) Devices with AWS`_ in the *Using IAM* guide. - -.. _`Using Multi-Factor Authentication (MFA) Devices with AWS`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingMFA.html \ No newline at end of file +For more information, see `Using multi-factor authentication (MFA) in AWS `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/decode-authorization-message.rst b/awscli/examples/iam/decode-authorization-message.rst index c14df1644bb5..6a121448d2e8 100644 --- a/awscli/examples/iam/decode-authorization-message.rst +++ b/awscli/examples/iam/decode-authorization-message.rst @@ -1,12 +1,14 @@ **To decode a authorization failure message** -The following ``decode-authorization-message`` example decodes the message returned by the EC2 console when attempting to launch an instance without the required permissions. :: +The following ``decode-authorization-message`` example decodes the message returned by the EC2 console when attempting to launch an instance without the required permissions. :: aws sts decode-authorization-message \ - --encoded-message lxzA8VEjEvu-s0TTt3PgYCXik9YakOqsrFJGRZR98xNcyWAxwRq14xIvd-npzbgTevuufCTbjeBAaDARg9cbTK1rJbg3awM33o-Vy3ebPErE2-mWR9hVYdvX-0zKgVOWF9pWjZaJSMqxB-aLXo-I_8TTvBq88x8IFPbMArNdpu0IjxDjzf22PF3SOE3XvIQ-_PEO0aUqHCCcsSrFtvxm6yQD1nbm6VTIVrfa0Bzy8lsoMo7SjIaJ2r5vph6SY5vCCwg6o2JKe3hIHTa8zRrDbZSFMkcXOT6EOPkQXmaBsAC6ciG7Pz1JnEOvuj5NSTlSMljrAXczWuRKAs5GsMYiU8KZXZhokVzdQCUZkS5aVHumZbadu0io53jpgZqhMqvS4fyfK4auK0yKRMtS6JCXPlhkolEs7ZMFA0RVkutqhQqpSDPB5SX5l00lYipWyFK0_AyAx60vumPuVh8P0AzXwdFsT0l4D0m42NFIKxbWXsoJdqaOqVFyFEd0-Xx9AYAAIr6bhcis7C__bZh4dlAAWooHFGKgfoJcWGwgdzgbu9hWyVvKTpeot5hsb8qANYjJRCPXTKpi6PZfdijIkwb6gDMEsJ9qMtr62qP_989mwmtNgnVvBa_ir6oxJxVe_kL9SH1j5nsGDxQFajvPQhxWOHvEQIg_H0bnKWk + --encoded-message lxzA8VEjEvu-s0TTt3PgYCXik9YakOqsrFJGRZR98xNcyWAxwRq14xIvd-npzbgTevuufCTbjeBAaDARg9cbTK1rJbg3awM33o-Vy3ebPErE2-mWR9hVYdvX-0zKgVOWF9pWjZaJSMqxB-aLXo-I_8TTvBq88x8IFPbMArNdpu0IjxDjzf22PF3SOE3XvIQ-_PEO0aUqHCCcsSrFtvxm6yQD1nbm6VTIVrfa0Bzy8lsoMo7SjIaJ2r5vph6SY5vCCwg6o2JKe3hIHTa8zRrDbZSFMkcXOT6EOPkQXmaBsAC6ciG7Pz1JnEOvuj5NSTlSMljrAXczWuRKAs5GsMYiU8KZXZhokVzdQCUZkS5aVHumZbadu0io53jpgZqhMqvS4fyfK4auK0yKRMtS6JCXPlhkolEs7ZMFA0RVkutqhQqpSDPB5SX5l00lYipWyFK0_AyAx60vumPuVh8P0AzXwdFsT0l4D0m42NFIKxbWXsoJdqaOqVFyFEd0-Xx9AYAAIr6bhcis7C__bZh4dlAAWooHFGKgfoJcWGwgdzgbu9hWyVvKTpeot5hsb8qANYjJRCPXTKpi6PZfdijIkwb6gDMEsJ9qMtr62qP_989mwmtNgnVvBa_ir6oxJxVe_kL9SH1j5nsGDxQFajvPQhxWOHvEQIg_H0bnKWk -The output is formatted as a single-line string of JSON text that you can parse with any JSON text processor:: +The output is formatted as a single-line string of JSON text that you can parse with any JSON text processor. :: { "DecodedMessage": "{\"allowed\":false,\"explicitDeny\":false,\"matchedStatements\":{\"items\":[]},\"failures\":{\"items\":[]},\"context\":{\"principal\":{\"id\":\"AIDAV3ZUEFP6J7GY7O6LO\",\"name\":\"chain-user\",\"arn\":\"arn:aws:iam::403299380220:user/chain-user\"},\"action\":\"ec2:RunInstances\",\"resource\":\"arn:aws:ec2:us-east-2:403299380220:instance/*\",\"conditions\":{\"items\":[{\"key\":\"ec2:InstanceMarketType\",\"values\":{\"items\":[{\"value\":\"on-demand\"}]}},{\"key\":\"aws:Resource\",\"values\":{\"items\":[{\"value\":\"instance/*\"}]}},{\"key\":\"aws:Account\",\"values\":{\"items\":[{\"value\":\"403299380220\"}]}},{\"key\":\"ec2:AvailabilityZone\",\"values\":{\"items\":[{\"value\":\"us-east-2b\"}]}},{\"key\":\"ec2:ebsOptimized\",\"values\":{\"items\":[{\"value\":\"false\"}]}},{\"key\":\"ec2:IsLaunchTemplateResource\",\"values\":{\"items\":[{\"value\":\"false\"}]}},{\"key\":\"ec2:InstanceType\",\"values\":{\"items\":[{\"value\":\"t2.micro\"}]}},{\"key\":\"ec2:RootDeviceType\",\"values\":{\"items\":[{\"value\":\"ebs\"}]}},{\"key\":\"aws:Region\",\"values\":{\"items\":[{\"value\":\"us-east-2\"}]}},{\"key\":\"aws:Service\",\"values\":{\"items\":[{\"value\":\"ec2\"}]}},{\"key\":\"ec2:InstanceID\",\"values\":{\"items\":[{\"value\":\"*\"}]}},{\"key\":\"aws:Type\",\"values\":{\"items\":[{\"value\":\"instance\"}]}},{\"key\":\"ec2:Tenancy\",\"values\":{\"items\":[{\"value\":\"default\"}]}},{\"key\":\"ec2:Region\",\"values\":{\"items\":[{\"value\":\"us-east-2\"}]}},{\"key\":\"aws:ARN\",\"values\":{\"items\":[{\"value\":\"arn:aws:ec2:us-east-2:403299380220:instance/*\"}]}}]}}}" } + +For more information, see `How can I decode an authorization failure message after receiving an "UnauthorizedOperation" error during an EC2 instance launch? `__ in *AWS re:Post*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-access-key.rst b/awscli/examples/iam/delete-access-key.rst index 372e50290b3e..3d86a8e690b5 100644 --- a/awscli/examples/iam/delete-access-key.rst +++ b/awscli/examples/iam/delete-access-key.rst @@ -1,13 +1,13 @@ **To delete an access key for an IAM user** -The following ``delete-access-key`` command deletes the specified access key (access key ID and secret access key) for the IAM user named ``Bob``:: +The following ``delete-access-key`` command deletes the specified access key (access key ID and secret access key) for the IAM user named ``Bob``. :: - aws iam delete-access-key --access-key-id AKIDPMS9RO4H3FEXAMPLE --user-name Bob + aws iam delete-access-key \ + --access-key-id AKIDPMS9RO4H3FEXAMPLE \ + --user-name Bob -To list the access keys defined for an IAM user, use the ``list-access-keys`` command. - -For more information, see `Creating, Modifying, and Viewing User Security Credentials`_ in the *Using IAM* guide. - -.. _`Creating, Modifying, and Viewing User Security Credentials`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_CreateAccessKey.html +This command produces no output. +To list the access keys defined for an IAM user, use the ``list-access-keys`` command. +For more information, see `Managing access keys for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-account-alias.rst b/awscli/examples/iam/delete-account-alias.rst index 3e3bc6f27c26..5586759874cf 100644 --- a/awscli/examples/iam/delete-account-alias.rst +++ b/awscli/examples/iam/delete-account-alias.rst @@ -1,9 +1,10 @@ **To delete an account alias** -The following ``delete-account-alias`` command removes the alias ``mycompany`` for the current account:: +The following ``delete-account-alias`` command removes the alias ``mycompany`` for the current account. :: - aws iam delete-account-alias --account-alias mycompany + aws iam delete-account-alias \ + --account-alias mycompany -For more information, see `Using an Alias for Your AWS Account ID`_ in the *Using IAM* guide. +This command produces no output. -.. _`Using an Alias for Your AWS Account ID`: http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html +For more information, see `Your AWS account ID and its alias `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-account-password-policy.rst b/awscli/examples/iam/delete-account-password-policy.rst index c9f16f946e6e..aa4233f5ea0c 100644 --- a/awscli/examples/iam/delete-account-password-policy.rst +++ b/awscli/examples/iam/delete-account-password-policy.rst @@ -1,10 +1,9 @@ **To delete the current account password policy** -The following ``delete-account-password-policy`` command removes the password policy for the current account:: +The following ``delete-account-password-policy`` command removes the password policy for the current account. :: aws iam delete-account-password-policy -For more information, see `Managing an IAM Password Policy`_ in the *Using IAM* guide. - -.. _`Managing an IAM Password Policy`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html +This command produces no output. +For more information, see `Setting an account password policy for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-group-policy.rst b/awscli/examples/iam/delete-group-policy.rst index 0d96d7c2aea9..580f73dff0e6 100644 --- a/awscli/examples/iam/delete-group-policy.rst +++ b/awscli/examples/iam/delete-group-policy.rst @@ -1,12 +1,13 @@ **To delete a policy from an IAM group** -The following ``delete-group-policy`` command deletes the policy named ``ExamplePolicy`` from the group named ``Admins``:: +The following ``delete-group-policy`` command deletes the policy named ``ExamplePolicy`` from the group named ``Admins``. :: - aws iam delete-group-policy --group-name Admins --policy-name ExamplePolicy + aws iam delete-group-policy \ + --group-name Admins \ + --policy-name ExamplePolicy -To see the policies attached to a group, use the ``list-group-policies`` command. - -For more information, see `Managing IAM Policies`_ in the *Using IAM* guide. +This command produces no output. -.. _`Managing IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingPolicies.html +To see the policies attached to a group, use the ``list-group-policies`` command. +For more information, see `Managing IAM policies `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-group.rst b/awscli/examples/iam/delete-group.rst index 9ce04da02e13..61ac6bcec616 100644 --- a/awscli/examples/iam/delete-group.rst +++ b/awscli/examples/iam/delete-group.rst @@ -1,10 +1,10 @@ **To delete an IAM group** -The following ``delete-group`` command deletes an IAM group named ``MyTestGroup``:: +The following ``delete-group`` command deletes an IAM group named ``MyTestGroup``. :: - aws iam delete-group --group-name MyTestGroup + aws iam delete-group \ + --group-name MyTestGroup +This command produces no output. -For more information, see `Deleting an IAM Group`_ in the *Using IAM* guide. - -.. _`Deleting an IAM Group`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_DeleteGroup.html \ No newline at end of file +For more information, see `Deleting an IAM user group `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-instance-profile.rst b/awscli/examples/iam/delete-instance-profile.rst index 8cc50cb8a4d3..39f1a4a22a1e 100644 --- a/awscli/examples/iam/delete-instance-profile.rst +++ b/awscli/examples/iam/delete-instance-profile.rst @@ -1,10 +1,10 @@ **To delete an instance profile** -The following ``delete-instance-profile`` command deletes the instance profile named ``ExampleInstanceProfile``:: +The following ``delete-instance-profile`` command deletes the instance profile named ``ExampleInstanceProfile``. :: - aws iam delete-instance-profile --instance-profile-name ExampleInstanceProfile + aws iam delete-instance-profile \ + --instance-profile-name ExampleInstanceProfile -For more information, see `Instance Profiles`_ in the *Using IAM* guide. - -.. _`Instance Profiles`: http://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html +This command produces no output. +For more information, see `Using instance profiles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-login-profile.rst b/awscli/examples/iam/delete-login-profile.rst index e696d0fbb775..093445afbb42 100644 --- a/awscli/examples/iam/delete-login-profile.rst +++ b/awscli/examples/iam/delete-login-profile.rst @@ -1,11 +1,10 @@ **To delete a password for an IAM user** -The following ``delete-login-profile`` command deletes the password for the IAM user named ``Bob``:: +The following ``delete-login-profile`` command deletes the password for the IAM user named ``Bob``. :: - aws iam delete-login-profile --user-name Bob - -For more information, see `Managing Passwords`_ in the *Using IAM* guide. - -.. _`Managing Passwords`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html + aws iam delete-login-profile \ + --user-name Bob +This command produces no output. +For more information, see `Managing passwords for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-open-id-connect-provider.rst b/awscli/examples/iam/delete-open-id-connect-provider.rst index efba757e8803..2d89a8a84059 100644 --- a/awscli/examples/iam/delete-open-id-connect-provider.rst +++ b/awscli/examples/iam/delete-open-id-connect-provider.rst @@ -1,10 +1,10 @@ **To delete an IAM OpenID Connect identity provider** -This example deletes the IAM OIDC provider that connects to the provider ``example.oidcprovider.com``:: +This example deletes the IAM OIDC provider that connects to the provider ``example.oidcprovider.com``. :: - aws iam delete-open-id-connect-provider --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com + aws iam delete-open-id-connect-provider \ + --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com +This command produces no output. -For more information, see `Using OpenID Connect Identity Providers`_ in the *Using IAM* guide. - -.. _`Using OpenID Connect Identity Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_CreatingAndListingGroups.html \ No newline at end of file +For more information, see `Creating OpenID Connect (OIDC) identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-policy-version.rst b/awscli/examples/iam/delete-policy-version.rst index dfc47a6abaf1..2e3a261fe437 100644 --- a/awscli/examples/iam/delete-policy-version.rst +++ b/awscli/examples/iam/delete-policy-version.rst @@ -1,10 +1,11 @@ **To delete a version of a managed policy** -This example deletes the version identified as ``v2`` from the policy whose ARN is ``arn:aws:iam::123456789012:policy/MySamplePolicy``:: +This example deletes the version identified as ``v2`` from the policy whose ARN is ``arn:aws:iam::123456789012:policy/MySamplePolicy``. :: - aws iam delete-policy-version --policy-arn arn:aws:iam::123456789012:policy/MyPolicy --version-id v2 + aws iam delete-policy-version \ + --policy-arn arn:aws:iam::123456789012:policy/MyPolicy \ + --version-id v2 +This command produces no output. -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-policy.rst b/awscli/examples/iam/delete-policy.rst index 0f868593ecdf..1d3a31b98a7b 100644 --- a/awscli/examples/iam/delete-policy.rst +++ b/awscli/examples/iam/delete-policy.rst @@ -1,10 +1,10 @@ **To delete an IAM policy** -This example deletes the policy whose ARN is ``arn:aws:iam::123456789012:policy/MySamplePolicy``:: +This example deletes the policy whose ARN is ``arn:aws:iam::123456789012:policy/MySamplePolicy``. :: - aws iam delete-policy --policy-arn arn:aws:iam::123456789012:policy/MySamplePolicy + aws iam delete-policy \ + --policy-arn arn:aws:iam::123456789012:policy/MySamplePolicy +This command produces no output. -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-role-permissions-boundary.rst b/awscli/examples/iam/delete-role-permissions-boundary.rst index 98f93fb5d7bc..c62fcf64ba25 100755 --- a/awscli/examples/iam/delete-role-permissions-boundary.rst +++ b/awscli/examples/iam/delete-role-permissions-boundary.rst @@ -1,8 +1,10 @@ -**To delete a permissions boundary from an IAM role** - -The following ``delete-role-permissions-boundary`` example deletes the permissions boundary for the specified IAM role. To apply a permissions boundary to a role, use the ``put-role-permissions-boundary`` command. :: - - aws iam delete-role-permissions-boundary \ - --role-name lambda-application-role - -This command produces no output. +**To delete a permissions boundary from an IAM role** + +The following ``delete-role-permissions-boundary`` example deletes the permissions boundary for the specified IAM role. To apply a permissions boundary to a role, use the ``put-role-permissions-boundary`` command. :: + + aws iam delete-role-permissions-boundary \ + --role-name lambda-application-role + +This command produces no output. + +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-role-policy.rst b/awscli/examples/iam/delete-role-policy.rst index c2c802ea8f21..7c68ccf9baa6 100644 --- a/awscli/examples/iam/delete-role-policy.rst +++ b/awscli/examples/iam/delete-role-policy.rst @@ -1,10 +1,11 @@ **To remove a policy from an IAM role** -The following ``delete-role-policy`` command removes the policy named ``ExamplePolicy`` from the role named ``Test-Role``:: +The following ``delete-role-policy`` command removes the policy named ``ExamplePolicy`` from the role named ``Test-Role``. :: - aws iam delete-role-policy --role-name Test-Role --policy-name ExamplePolicy + aws iam delete-role-policy \ + --role-name Test-Role \ + --policy-name ExamplePolicy -For more information, see `Creating a Role`_ in the *Using IAM* guide. - -.. _`Creating a Role`: http://docs.aws.amazon.com/IAM/latest/UserGuide/creating-role.html +This command produces no output. +For more information, see `Modifying a role `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-role.rst b/awscli/examples/iam/delete-role.rst index 2c48d893e5ad..7543a6167cb3 100644 --- a/awscli/examples/iam/delete-role.rst +++ b/awscli/examples/iam/delete-role.rst @@ -1,14 +1,12 @@ **To delete an IAM role** -The following ``delete-role`` command removes the role named ``Test-Role``:: +The following ``delete-role`` command removes the role named ``Test-Role``. :: - aws iam delete-role --role-name Test-Role + aws iam delete-role \ + --role-name Test-Role -Before you can delete a role, you must remove the role from any instance profile (``remove-role-from-instance-profile``), detach any managed policies (``detach-role-policy``) and delete any inline policies that are attached to the role (``delete-role-policy``). - -For more information, see `Creating a Role`_ and `Instance Profiles`_ in the *Using IAM* guide. - -.. _`Creating a Role`: http://docs.aws.amazon.com/IAM/latest/UserGuide/creating-role.html -.. _Instance Profiles: http://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html +This command produces no output. +Before you can delete a role, you must remove the role from any instance profile (``remove-role-from-instance-profile``), detach any managed policies (``detach-role-policy``) and delete any inline policies that are attached to the role (``delete-role-policy``). +For more information, see `Creating IAM roles `__ and `Using instance profiles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-saml-provider.rst b/awscli/examples/iam/delete-saml-provider.rst index af87cf1fa589..25c19388b320 100644 --- a/awscli/examples/iam/delete-saml-provider.rst +++ b/awscli/examples/iam/delete-saml-provider.rst @@ -1,10 +1,10 @@ **To delete a SAML provider** -This example deletes the IAM SAML 2.0 provider whose ARN is ``arn:aws:iam::123456789012:saml-provider/SAMLADFSProvider``:: +This example deletes the IAM SAML 2.0 provider whose ARN is ``arn:aws:iam::123456789012:saml-provider/SAMLADFSProvider``. :: - aws iam delete-saml-provider --saml-provider-arn arn:aws:iam::123456789012:saml-provider/SAMLADFSProvider + aws iam delete-saml-provider \ + --saml-provider-arn arn:aws:iam::123456789012:saml-provider/SAMLADFSProvider +This command produces no output. -For more information, see `Using SAML Providers`_ in the *Using IAM* guide. - -.. _`Using SAML Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-saml.html \ No newline at end of file +For more information, see `Creating IAM SAML identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-server-certificate.rst b/awscli/examples/iam/delete-server-certificate.rst index 9dd8553ae0f5..7f63b8c4cc8a 100644 --- a/awscli/examples/iam/delete-server-certificate.rst +++ b/awscli/examples/iam/delete-server-certificate.rst @@ -1,11 +1,12 @@ **To delete a server certificate from your AWS account** -The following ``delete-server-certificate`` command removes the specified server certificate from your AWS account. This command produces no output. :: +The following ``delete-server-certificate`` command removes the specified server certificate from your AWS account. :: - aws iam delete-server-certificate --server-certificate-name myUpdatedServerCertificate + aws iam delete-server-certificate \ + --server-certificate-name myUpdatedServerCertificate -To list the server certificates available in your AWS account, use the ``list-server-certificates`` command. +This command produces no output. -For more information, see `Creating, Uploading, and Deleting Server Certificates`_ in the *IAM Users Guide*. +To list the server certificates available in your AWS account, use the ``list-server-certificates`` command. -.. _`Creating, Uploading, and Deleting Server Certificates`: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html +For more information, see `Managing server certificates in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-service-linked-role.rst b/awscli/examples/iam/delete-service-linked-role.rst index e0f1911bdc7e..b40d61800a19 100644 --- a/awscli/examples/iam/delete-service-linked-role.rst +++ b/awscli/examples/iam/delete-service-linked-role.rst @@ -2,7 +2,8 @@ The following ``delete-service-linked-role`` example deletes the specified service-linked role that you no longer need. The deletion happens asynchronously. You can check the status of the deletion and confirm when it is done by using the ``get-service-linked-role-deletion-status`` command. :: - aws iam delete-service-linked-role --role-name AWSServiceRoleForLexBots + aws iam delete-service-linked-role \ + --role-name AWSServiceRoleForLexBots Output:: @@ -10,4 +11,4 @@ Output:: "DeletionTaskId": "task/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots/1a2b3c4d-1234-abcd-7890-abcdeEXAMPLE" } -For more information, see `Using Service-Linked Roles `_ in the *IAM User Guide*. +For more information, see `Using service-linked roles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-service-specific-credential.rst b/awscli/examples/iam/delete-service-specific-credential.rst index a8ab992ff482..c35f0be0779c 100644 --- a/awscli/examples/iam/delete-service-specific-credential.rst +++ b/awscli/examples/iam/delete-service-specific-credential.rst @@ -1,15 +1,20 @@ -**Delete a service-specific credential for the requesting user** +**Example 1: Delete a service-specific credential for the requesting user** -The following ``delete-service-specific-credential`` example deletes the specified service-specific credential for the user making the request. The ``service-specific-credential-id`` is provided when you create the credential and you can retrieve it by using the ``list-service-specific-credentials`` command. This command produces no output. :: +The following ``delete-service-specific-credential`` example deletes the specified service-specific credential for the user making the request. The ``service-specific-credential-id`` is provided when you create the credential and you can retrieve it by using the ``list-service-specific-credentials`` command. :: - aws iam delete-service-specific-credential --service-specific-credential-id ACCAEXAMPLE123EXAMPLE + aws iam delete-service-specific-credential \ + --service-specific-credential-id ACCAEXAMPLE123EXAMPLE -**Delete a service-specific credential for a specified user** +This command produces no output. -The following ``delete-service-specific-credential`` example deletes the specified service-specific credential for the specified user. The ``service-specific-credential-id`` is provided when you create the credential and you can retrieve it by using the ``list-service-specific-credentials`` command. This command produces no output. :: +**Example 2: Delete a service-specific credential for a specified user** - aws iam delete-service-specific-credential --user-name sofia --service-specific-credential-id ACCAEXAMPLE123EXAMPLE +The following ``delete-service-specific-credential`` example deletes the specified service-specific credential for the specified user. The ``service-specific-credential-id`` is provided when you create the credential and you can retrieve it by using the ``list-service-specific-credentials`` command. :: -For more information, see `Create Git Credentials for HTTPS Connections to CodeCommit`_ in the *AWS CodeCommit User Guide* + aws iam delete-service-specific-credential \ + --user-name sofia \ + --service-specific-credential-id ACCAEXAMPLE123EXAMPLE -.. _`Create Git Credentials for HTTPS Connections to CodeCommit`: https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html#setting-up-gc-iam +This command produces no output. + +For more information, see `Create Git credentials for HTTPS connections to CodeCommit `__ in the *AWS CodeCommit User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-signing-certificate.rst b/awscli/examples/iam/delete-signing-certificate.rst index c1a5ff6673cd..a1079075cda3 100644 --- a/awscli/examples/iam/delete-signing-certificate.rst +++ b/awscli/examples/iam/delete-signing-certificate.rst @@ -1,12 +1,13 @@ **To delete a signing certificate for an IAM user** -The following ``delete-signing-certificate`` command deletes the specified signing certificate for the IAM user named ``Bob``:: +The following ``delete-signing-certificate`` command deletes the specified signing certificate for the IAM user named ``Bob``. :: - aws iam delete-signing-certificate --user-name Bob --certificate-id TA7SMP42TDN5Z26OBPJE7EXAMPLE + aws iam delete-signing-certificate \ + --user-name Bob \ + --certificate-id TA7SMP42TDN5Z26OBPJE7EXAMPLE -To get the ID for a signing certificate, use the ``list-signing-certificates`` command. - -For more information, see `Creating and Uploading a User Signing Certificate`_ in the *Using IAM* guide. +This command produces no output. -.. _`Creating and Uploading a User Signing Certificate`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_UploadCertificate.html +To get the ID for a signing certificate, use the ``list-signing-certificates`` command. +For more information, see `Manage signing certificates `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-ssh-public-key.rst b/awscli/examples/iam/delete-ssh-public-key.rst index 2a7735691a21..2afec5da2f63 100644 --- a/awscli/examples/iam/delete-ssh-public-key.rst +++ b/awscli/examples/iam/delete-ssh-public-key.rst @@ -1,7 +1,11 @@ **To delete an SSH public keys attached to an IAM user** -The following ``delete-ssh-public-key`` command deletes the specified SSH public key attached to the IAM user ``sofia``. This command does not produce any output. :: +The following ``delete-ssh-public-key`` command deletes the specified SSH public key attached to the IAM user ``sofia``. :: - aws iam delete-ssh-public-key --user-name sofia --ssh-public-key-id APKA123456789EXAMPLE + aws iam delete-ssh-public-key \ + --user-name sofia \ + --ssh-public-key-id APKA123456789EXAMPLE -For more information about SSH keys in IAM, see `Use SSH Keys and SSH with CodeCommit `_ in the *AWS IAM User Guide*. +This command produces no output. + +For more information, see `Use SSH keys and SSH with CodeCommit `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-user-permissions-boundary.rst b/awscli/examples/iam/delete-user-permissions-boundary.rst index 9bff3499bd3e..7ec698e78b70 100755 --- a/awscli/examples/iam/delete-user-permissions-boundary.rst +++ b/awscli/examples/iam/delete-user-permissions-boundary.rst @@ -1,8 +1,10 @@ -**To delete a permissions boundary from an IAM user** - -The following ``delete-user-permissions-boundary`` example deletes the permissions boundary attached to the IAM user named ``intern``. To apply a permissions boundary to a user, use the ``put-user-permissions-boundary`` command. :: - - aws iam delete-user-permissions-boundary \ - --user-name intern - -This command produces no output. +**To delete a permissions boundary from an IAM user** + +The following ``delete-user-permissions-boundary`` example deletes the permissions boundary attached to the IAM user named ``intern``. To apply a permissions boundary to a user, use the ``put-user-permissions-boundary`` command. :: + + aws iam delete-user-permissions-boundary \ + --user-name intern + +This command produces no output. + +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-user-policy.rst b/awscli/examples/iam/delete-user-policy.rst index ef058aa2e84f..40a1c45257f3 100644 --- a/awscli/examples/iam/delete-user-policy.rst +++ b/awscli/examples/iam/delete-user-policy.rst @@ -1,16 +1,13 @@ **To remove a policy from an IAM user** -The following ``delete-user-policy`` command removes the specified policy from the IAM user named ``Bob``:: - - aws iam delete-user-policy --user-name Bob --policy-name ExamplePolicy - -To get a list of policies for an IAM user, use the ``list-user-policies`` command. - -For more information, see `Adding a New User to Your AWS Account`_ in the *Using IAM* guide. - -.. _`Adding a New User to Your AWS Account`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_SettingUpUser.html - +The following ``delete-user-policy`` command removes the specified policy from the IAM user named ``Bob``. :: + aws iam delete-user-policy \ + --user-name Bob \ + --policy-name ExamplePolicy +This command produces no output. +To get a list of policies for an IAM user, use the ``list-user-policies`` command. +For more information, see `Creating an IAM user in your AWS account `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-user.rst b/awscli/examples/iam/delete-user.rst index 0883b9065c35..95e5ad1b44a6 100644 --- a/awscli/examples/iam/delete-user.rst +++ b/awscli/examples/iam/delete-user.rst @@ -1,10 +1,10 @@ **To delete an IAM user** -The following ``delete-user`` command removes the IAM user named ``Bob`` from the current account:: +The following ``delete-user`` command removes the IAM user named ``Bob`` from the current account. :: - aws iam delete-user --user-name Bob + aws iam delete-user \ + --user-name Bob -For more information, see `Deleting a User from Your AWS Account`_ in the *Using IAM* guide. - -.. _`Deleting a User from Your AWS Account`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_DeletingUserFromAccount.html +This command produces no output. +For more information, see `Deleting an IAM user `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/delete-virtual-mfa-device.rst b/awscli/examples/iam/delete-virtual-mfa-device.rst index 3a72da6985cd..94980b2d8dfb 100644 --- a/awscli/examples/iam/delete-virtual-mfa-device.rst +++ b/awscli/examples/iam/delete-virtual-mfa-device.rst @@ -1,10 +1,10 @@ **To remove a virtual MFA device** -The following ``delete-virtual-mfa-device`` command removes the specified MFA device from the current account:: +The following ``delete-virtual-mfa-device`` command removes the specified MFA device from the current account. :: - aws iam delete-virtual-mfa-device --serial-number arn:aws:iam::123456789012:mfa/MFATest + aws iam delete-virtual-mfa-device \ + --serial-number arn:aws:iam::123456789012:mfa/MFATest -For more information, see `Using a Virtual MFA Device with AWS`_ in the *Using IAM* guide. - -.. _`Using a Virtual MFA Device with AWS`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html +This command produces no output. +For more information, see `Deactivating MFA devices `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/detach-group-policy.rst b/awscli/examples/iam/detach-group-policy.rst index 5c90552d1bfc..f317ae26637d 100644 --- a/awscli/examples/iam/detach-group-policy.rst +++ b/awscli/examples/iam/detach-group-policy.rst @@ -1,10 +1,11 @@ **To detach a policy from a group** -This example removes the managed policy with the ARN ``arn:aws:iam::123456789012:policy/TesterAccessPolicy`` from the group called ``Testers``:: +This example removes the managed policy with the ARN ``arn:aws:iam::123456789012:policy/TesterAccessPolicy`` from the group called ``Testers``. :: - aws iam detach-group-policy --group-name Testers --policy-arn arn:aws:iam::123456789012:policy/TesterAccessPolicy + aws iam detach-group-policy \ + --group-name Testers \ + --policy-arn arn:aws:iam::123456789012:policy/TesterAccessPolicy +This command produces no output. -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Managing IAM user groups `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/detach-role-policy.rst b/awscli/examples/iam/detach-role-policy.rst index bf7e0cd0628d..19f8d78921ca 100644 --- a/awscli/examples/iam/detach-role-policy.rst +++ b/awscli/examples/iam/detach-role-policy.rst @@ -1,10 +1,11 @@ **To detach a policy from a role** -This example removes the managed policy with the ARN ``arn:aws:iam::123456789012:policy/FederatedTesterAccessPolicy`` from the role called ``FedTesterRole``:: +This example removes the managed policy with the ARN ``arn:aws:iam::123456789012:policy/FederatedTesterAccessPolicy`` from the role called ``FedTesterRole``. :: - aws iam detach-role-policy --role-name FedTesterRole --policy-arn arn:aws:iam::123456789012:policy/FederatedTesterAccessPolicy + aws iam detach-role-policy \ + --role-name FedTesterRole \ + --policy-arn arn:aws:iam::123456789012:policy/FederatedTesterAccessPolicy +This command produces no output. -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Modifying a role `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/detach-user-policy.rst b/awscli/examples/iam/detach-user-policy.rst index 65a318932b9d..861d84d06f8d 100644 --- a/awscli/examples/iam/detach-user-policy.rst +++ b/awscli/examples/iam/detach-user-policy.rst @@ -1,10 +1,11 @@ **To detach a policy from a user** -This example removes the managed policy with the ARN ``arn:aws:iam::123456789012:policy/TesterPolicy`` from the user ``Bob``:: +This example removes the managed policy with the ARN ``arn:aws:iam::123456789012:policy/TesterPolicy`` from the user ``Bob``. :: - aws iam detach-user-policy --user-name Bob --policy-arn arn:aws:iam::123456789012:policy/TesterPolicy + aws iam detach-user-policy \ + --user-name Bob \ + --policy-arn arn:aws:iam::123456789012:policy/TesterPolicy +This command produces no output. -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Changing permissions for an IAM user `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/disable-organizations-root-credentials-management.rst b/awscli/examples/iam/disable-organizations-root-credentials-management.rst new file mode 100644 index 000000000000..8c5d0adb0729 --- /dev/null +++ b/awscli/examples/iam/disable-organizations-root-credentials-management.rst @@ -0,0 +1,16 @@ +**To disable the RootCredentialsManagement feature in your organization** + +The following ``disable-organizations-root-credentials-management`` command disables the management of privileged root user credentials across member accounts in your organization. :: + + aws iam disable-organizations-root-credentials-management + +Output:: + + { + "EnabledFeatures": [ + "RootSessions" + ] + "OrganizationId": "o-aa111bb222" + } + +For more information, see `Centralize root access for member accounts `__ in the *AWS IAM User Guide*.g \ No newline at end of file diff --git a/awscli/examples/iam/disable-organizations-root-sessions.rst b/awscli/examples/iam/disable-organizations-root-sessions.rst new file mode 100644 index 000000000000..e0d545d0b3a0 --- /dev/null +++ b/awscli/examples/iam/disable-organizations-root-sessions.rst @@ -0,0 +1,16 @@ +**To disable the RootSessions feature in your organization** + +The following ``disable-organizations-root-sessions`` command disables root user sessions for privileged tasks across member accounts in your organization. :: + + aws iam disable-organizations-root-sessions + +Output:: + + { + "EnabledFeatures": [ + "RootCredentialsManagement" + ] + "OrganizationId": "o-aa111bb222" + } + +For more information, see `Centralize root access for member accounts `__ in the *AWS IAM User Guide*. diff --git a/awscli/examples/iam/enable-mfa-device.rst b/awscli/examples/iam/enable-mfa-device.rst index edebff3dd16d..e5bd40383f38 100644 --- a/awscli/examples/iam/enable-mfa-device.rst +++ b/awscli/examples/iam/enable-mfa-device.rst @@ -10,4 +10,4 @@ After you use the ``create-virtual-mfa-device`` command to create a new virtual This command produces no output. -For more information, see `Enabling a Virtual MFA Device `__ in the *AWS Identity and Access Management User Guide*. \ No newline at end of file +For more information, see `Enabling a virtual multi-factor authentication (MFA) device `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/enable-organizations-root-credentials-management.rst b/awscli/examples/iam/enable-organizations-root-credentials-management.rst new file mode 100644 index 000000000000..95d7d819c2b6 --- /dev/null +++ b/awscli/examples/iam/enable-organizations-root-credentials-management.rst @@ -0,0 +1,16 @@ +**To enable the RootCredentialsManagement feature in your organization** + +The following ``enable-organizations-root-credentials-management`` command enables the management of privileged root user credentials across member accounts in your organization. :: + + aws iam enable-organizations-root-credentials-management + +Output:: + + { + "EnabledFeatures": [ + "RootCredentialsManagement" + ] + "OrganizationId": "o-aa111bb222" + } + +For more information, see `Centralize root access for member accounts `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/enable-organizations-root-sessions.rst b/awscli/examples/iam/enable-organizations-root-sessions.rst new file mode 100644 index 000000000000..e2bf7fb9ef22 --- /dev/null +++ b/awscli/examples/iam/enable-organizations-root-sessions.rst @@ -0,0 +1,16 @@ +**To enable the RootSessions feature in your organization** + +The following ``enable-organizations-root-sessions`` command allows the management account or delegated administrator to perform privileged tasks on member accounts in your organization. :: + + aws iam enable-organizations-root-sessions + +Output:: + + { + "EnabledFeatures": [ + "RootSessions" + ] + "OrganizationId": "o-aa111bb222" + } + +For more information, see `Centralize root access for member accounts `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/generate-credential-report.rst b/awscli/examples/iam/generate-credential-report.rst index f06ed4dfc320..382e3ca74bd5 100644 --- a/awscli/examples/iam/generate-credential-report.rst +++ b/awscli/examples/iam/generate-credential-report.rst @@ -1,16 +1,14 @@ **To generate a credential report** -The following example attempts to generate a credential report for the AWS account:: +The following example attempts to generate a credential report for the AWS account. :: - aws iam generate-credential-report + aws iam generate-credential-report Output:: - { - "State": "STARTED", - "Description": "No report exists. Starting a new report generation task" - } + { + "State": "STARTED", + "Description": "No report exists. Starting a new report generation task" + } -For more information, see `Getting Credential Reports for Your AWS Account`_ in the *Using IAM* guide. - -.. _`Getting Credential Reports for Your AWS Account`: http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html \ No newline at end of file +For more information, see `Getting credential reports for your AWS account `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/generate-organizations-access-report.rst b/awscli/examples/iam/generate-organizations-access-report.rst index 4c8595d93302..9913449ecff4 100755 --- a/awscli/examples/iam/generate-organizations-access-report.rst +++ b/awscli/examples/iam/generate-organizations-access-report.rst @@ -1,40 +1,42 @@ -**Example 1: To generate an access report for a root in an organization** - -The following ``generate-organizations-access-report`` example starts a background job to create an access report for the specified root in an organization. You can display the report after it's created by running the ``get-organizations-access-report`` command. :: - - aws iam generate-organizations-access-report \ - --entity-path o-4fxmplt198/r-c3xb - -Output:: - - { - "JobId": "a8b6c06f-aaa4-8xmp-28bc-81da71836359" - } - -**Example 2: To generate an access report for an account in an organization** - -The following ``generate-organizations-access-report`` example starts a background job to create an access report for account ID ``123456789012`` in the organization ``o-4fxmplt198``. You can display the report after it's created by running the ``get-organizations-access-report`` command. :: - - aws iam generate-organizations-access-report \ - --entity-path o-4fxmplt198/r-c3xb/123456789012 - -Output:: - - { - "JobId": "14b6c071-75f6-2xmp-fb77-faf6fb4201d2" - } - -**Example 3: To generate an access report for an account in an organizational unit in an organization** - -The following ``generate-organizations-access-report`` example starts a background job to create an access report for account ID ``234567890123`` in organizational unit ``ou-c3xb-lmu7j2yg`` in the organization ``o-4fxmplt198``. You can display the report after it's created by running the ``get-organizations-access-report`` command.:: - - aws iam generate-organizations-access-report \ - --entity-path o-4fxmplt198/r-c3xb/ou-c3xb-lmu7j2yg/234567890123 - -Output:: - - { - "JobId": "2eb6c2e6-0xmp-ec04-1425-c937916a64af" - } - -To get details about roots and organizational units in your organization, use the ``organizations list-roots`` and ``organizations list-organizational-units-for-parent`` commands. \ No newline at end of file +**Example 1: To generate an access report for a root in an organization** + +The following ``generate-organizations-access-report`` example starts a background job to create an access report for the specified root in an organization. You can display the report after it's created by running the ``get-organizations-access-report`` command. :: + + aws iam generate-organizations-access-report \ + --entity-path o-4fxmplt198/r-c3xb + +Output:: + + { + "JobId": "a8b6c06f-aaa4-8xmp-28bc-81da71836359" + } + +**Example 2: To generate an access report for an account in an organization** + +The following ``generate-organizations-access-report`` example starts a background job to create an access report for account ID ``123456789012`` in the organization ``o-4fxmplt198``. You can display the report after it's created by running the ``get-organizations-access-report`` command. :: + + aws iam generate-organizations-access-report \ + --entity-path o-4fxmplt198/r-c3xb/123456789012 + +Output:: + + { + "JobId": "14b6c071-75f6-2xmp-fb77-faf6fb4201d2" + } + +**Example 3: To generate an access report for an account in an organizational unit in an organization** + +The following ``generate-organizations-access-report`` example starts a background job to create an access report for account ID ``234567890123`` in organizational unit ``ou-c3xb-lmu7j2yg`` in the organization ``o-4fxmplt198``. You can display the report after it's created by running the ``get-organizations-access-report`` command. :: + + aws iam generate-organizations-access-report \ + --entity-path o-4fxmplt198/r-c3xb/ou-c3xb-lmu7j2yg/234567890123 + +Output:: + + { + "JobId": "2eb6c2e6-0xmp-ec04-1425-c937916a64af" + } + +To get details about roots and organizational units in your organization, use the ``organizations list-roots`` and ``organizations list-organizational-units-for-parent`` commands. + +For more information, see `Refining permissions in AWS using last accessed information `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/generate-service-last-accessed-details.rst b/awscli/examples/iam/generate-service-last-accessed-details.rst index d3c7827aa084..e1504edb7df0 100755 --- a/awscli/examples/iam/generate-service-last-accessed-details.rst +++ b/awscli/examples/iam/generate-service-last-accessed-details.rst @@ -1,23 +1,27 @@ -**To generate a service access report** - -The following ``generate-service-last-accessed-details`` example starts a background job to generate a report that lists the services accessed by IAM users and other entities with a custom policy named ``intern-boundary``. You can display the report after it is created by running the ``get-service-last-accessed-details`` command. :: - - aws iam generate-service-last-accessed-details \ - --arn arn:aws:iam::123456789012:policy/intern-boundary - -Output:: - - { - "JobId": "2eb6c2b8-7b4c-3xmp-3c13-03b72c8cdfdc" - } - -The following ``generate-service-last-accessed-details`` example starts a background job to generate a report that lists the services accessed by IAM users and other entities with the AWS managed ``AdministratorAccess`` policy. You can display the report after it is created by running the ``get-service-last-accessed-details`` command.:: - - aws iam generate-service-last-accessed-details \ - --arn arn:aws:iam::aws:policy/AdministratorAccess - -Output:: - - { - "JobId": "78b6c2ba-d09e-6xmp-7039-ecde30b26916" - } +**Example 1: To generate a service access report for a custom policy** + +The following ``generate-service-last-accessed-details`` example starts a background job to generate a report that lists the services accessed by IAM users and other entities with a custom policy named ``intern-boundary``. You can display the report after it is created by running the ``get-service-last-accessed-details`` command. :: + + aws iam generate-service-last-accessed-details \ + --arn arn:aws:iam::123456789012:policy/intern-boundary + +Output:: + + { + "JobId": "2eb6c2b8-7b4c-3xmp-3c13-03b72c8cdfdc" + } + +**Example 2: To generate a service access report for the AWS managed AdministratorAccess policy** + +The following ``generate-service-last-accessed-details`` example starts a background job to generate a report that lists the services accessed by IAM users and other entities with the AWS managed ``AdministratorAccess`` policy. You can display the report after it is created by running the ``get-service-last-accessed-details`` command. :: + + aws iam generate-service-last-accessed-details \ + --arn arn:aws:iam::aws:policy/AdministratorAccess + +Output:: + + { + "JobId": "78b6c2ba-d09e-6xmp-7039-ecde30b26916" + } + +For more information, see `Refining permissions in AWS using last accessed information `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-access-key-last-used.rst b/awscli/examples/iam/get-access-key-last-used.rst index 7bfbb647a608..48f2a879444e 100644 --- a/awscli/examples/iam/get-access-key-last-used.rst +++ b/awscli/examples/iam/get-access-key-last-used.rst @@ -1,21 +1,19 @@ **To retrieve information about when the specified access key was last used** -The following example retrieves information about when the access key ``ABCDEXAMPLE`` was last used:: - - aws iam get-access-key-last-used --access-key-id ABCDEXAMPLE +The following example retrieves information about when the access key ``ABCDEXAMPLE`` was last used. :: + aws iam get-access-key-last-used \ + --access-key-id ABCDEXAMPLE Output:: - { - "UserName": "Bob", - "AccessKeyLastUsed": { - "Region": "us-east-1", - "ServiceName": "iam", - "LastUsedDate": "2015-06-16T22:45:00Z" + { + "UserName": "Bob", + "AccessKeyLastUsed": { + "Region": "us-east-1", + "ServiceName": "iam", + "LastUsedDate": "2015-06-16T22:45:00Z" + } } - } - -For more information, see `Managing Access Keys for IAM Users`_ in the *Using IAM* guide. -.. _`Managing Access Keys for IAM Users`: http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html \ No newline at end of file +For more information, see `Managing access keys for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-account-authorization-details.rst b/awscli/examples/iam/get-account-authorization-details.rst index b6778b70bd45..10400d7d3a80 100644 --- a/awscli/examples/iam/get-account-authorization-details.rst +++ b/awscli/examples/iam/get-account-authorization-details.rst @@ -1,6 +1,8 @@ -The following ``get-account-authorization-details`` command returns information about all IAM users, groups, roles, and policies in the AWS account:: +**To list an AWS account's IAM users, groups, roles, and policies** - aws iam get-account-authorization-details +The following ``get-account-authorization-details`` command returns information about all IAM users, groups, roles, and policies in the AWS account. :: + + aws iam get-account-authorization-details Output:: @@ -234,8 +236,8 @@ Output:: "s3:List*" ], "Resource": [ - "arn:aws:s3:::example-bucket", - "arn:aws:s3:::example-bucket/*" + "arn:aws:s3:::amzn-s3-demo-bucket", + "arn:aws:s3:::amzn-s3-demo-bucket/*" ] } ] @@ -294,3 +296,5 @@ Output:: "Marker": "EXAMPLEkakv9BCuUNFDtxWSyfzetYwEx2ADc8dnzfvERF5S6YMvXKx41t6gCl/eeaCX3Jo94/bKqezEAg8TEVS99EKFLxm3jtbpl25FDWEXAMPLE", "IsTruncated": true } + +For more information, see `AWS security audit guidelines `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-account-password-policy.rst b/awscli/examples/iam/get-account-password-policy.rst index ac256063bbd7..00c0965eab8f 100644 --- a/awscli/examples/iam/get-account-password-policy.rst +++ b/awscli/examples/iam/get-account-password-policy.rst @@ -1,24 +1,22 @@ **To see the current account password policy** -The following ``get-account-password-policy`` command displays details about the password policy for the current account:: +The following ``get-account-password-policy`` command displays details about the password policy for the current account. :: aws iam get-account-password-policy Output:: - { - "PasswordPolicy": { - "AllowUsersToChangePassword": false, - "RequireLowercaseCharacters": false, - "RequireUppercaseCharacters": false, - "MinimumPasswordLength": 8, - "RequireNumbers": true, - "RequireSymbols": true - } - } + { + "PasswordPolicy": { + "AllowUsersToChangePassword": false, + "RequireLowercaseCharacters": false, + "RequireUppercaseCharacters": false, + "MinimumPasswordLength": 8, + "RequireNumbers": true, + "RequireSymbols": true + } + } If no password policy is defined for the account, the command returns a ``NoSuchEntity`` error. -For more information, see `Managing an IAM Password Policy`_ in the *Using IAM* guide. - -.. _`Managing an IAM Password Policy`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html +For more information, see `Setting an account password policy for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-account-summary.rst b/awscli/examples/iam/get-account-summary.rst index 1604a0419c9c..0fe09034a18e 100644 --- a/awscli/examples/iam/get-account-summary.rst +++ b/awscli/examples/iam/get-account-summary.rst @@ -1,39 +1,37 @@ **To get information about IAM entity usage and IAM quotas in the current account** -The following ``get-account-summary`` command returns information about the current IAM entity usage and current IAM entity quotas in the account:: +The following ``get-account-summary`` command returns information about the current IAM entity usage and current IAM entity quotas in the account. :: - aws iam get-account-summary + aws iam get-account-summary Output:: - { - "SummaryMap": { - "UsersQuota": 5000, - "GroupsQuota": 100, - "InstanceProfiles": 6, - "SigningCertificatesPerUserQuota": 2, - "AccountAccessKeysPresent": 0, - "RolesQuota": 250, - "RolePolicySizeQuota": 10240, - "AccountSigningCertificatesPresent": 0, - "Users": 27, - "ServerCertificatesQuota": 20, - "ServerCertificates": 0, - "AssumeRolePolicySizeQuota": 2048, - "Groups": 7, - "MFADevicesInUse": 1, - "Roles": 3, - "AccountMFAEnabled": 1, - "MFADevices": 3, - "GroupsPerUserQuota": 10, - "GroupPolicySizeQuota": 5120, - "InstanceProfilesQuota": 100, - "AccessKeysPerUserQuota": 2, - "Providers": 0, - "UserPolicySizeQuota": 2048 + { + "SummaryMap": { + "UsersQuota": 5000, + "GroupsQuota": 100, + "InstanceProfiles": 6, + "SigningCertificatesPerUserQuota": 2, + "AccountAccessKeysPresent": 0, + "RolesQuota": 250, + "RolePolicySizeQuota": 10240, + "AccountSigningCertificatesPresent": 0, + "Users": 27, + "ServerCertificatesQuota": 20, + "ServerCertificates": 0, + "AssumeRolePolicySizeQuota": 2048, + "Groups": 7, + "MFADevicesInUse": 1, + "Roles": 3, + "AccountMFAEnabled": 1, + "MFADevices": 3, + "GroupsPerUserQuota": 10, + "GroupPolicySizeQuota": 5120, + "InstanceProfilesQuota": 100, + "AccessKeysPerUserQuota": 2, + "Providers": 0, + "UserPolicySizeQuota": 2048 + } } - } -For more information about entity limitations, see `Limitations on IAM Entities`_ in the *Using IAM* guide. - -.. _`Limitations on IAM Entities`: http://docs.aws.amazon.com/IAM/latest/UserGuide/LimitationsOnEntities.html +For more information about entity limitations, see `IAM and AWS STS quotas `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-context-keys-for-custom-policy.rst b/awscli/examples/iam/get-context-keys-for-custom-policy.rst index 1a08fafa8be2..63c43366360b 100755 --- a/awscli/examples/iam/get-context-keys-for-custom-policy.rst +++ b/awscli/examples/iam/get-context-keys-for-custom-policy.rst @@ -1,6 +1,6 @@ **Example 1: To list the context keys referenced by one or more custom JSON policies provided as a parameter on the command line** -The following ``get-context-keys-for-custom-policy`` command parses each supplied policy and lists the context keys used by those policies. Use this command to identify which context key values you must supply to successfully use the policy simulator commands ``simulate-custom-policy`` and ``simulate-custom-policy``. You can also retrieve the list of context keys used by all policies associated by an IAM user or role by using the ``get-context-keys-for-custom-policy`` command. Parameter values that begin with ``file://`` instruct the command to read the file and use the contents as the value for the parameter instead of the file name itself.:: +The following ``get-context-keys-for-custom-policy`` command parses each supplied policy and lists the context keys used by those policies. Use this command to identify which context key values you must supply to successfully use the policy simulator commands ``simulate-custom-policy`` and ``simulate-custom-policy``. You can also retrieve the list of context keys used by all policies associated by an IAM user or role by using the ``get-context-keys-for-custom-policy`` command. Parameter values that begin with ``file://`` instruct the command to read the file and use the contents as the value for the parameter instead of the file name itself. :: aws iam get-context-keys-for-custom-policy \ --policy-input-list '{"Version":"2012-10-17","Statement":{"Effect":"Allow","Action":"dynamodb:*","Resource":"arn:aws:dynamodb:us-west-2:123456789012:table/${aws:username}","Condition":{"DateGreaterThan":{"aws:CurrentTime":"2015-08-16T12:00:00Z"}}}}' @@ -16,7 +16,7 @@ Output:: **Example 2: To list the context keys referenced by one or more custom JSON policies provided as a file input** -The following ``get-context-keys-for-custom-policy`` command is the same as the previous example, except that the policies are provided in a file instead of as a parameter. Because the command expects a JSON list of strings, and not a list of JSON structures, the file must be structured as follows, although you can collapse it into one one:: +The following ``get-context-keys-for-custom-policy`` command is the same as the previous example, except that the policies are provided in a file instead of as a parameter. Because the command expects a JSON list of strings, and not a list of JSON structures, the file must be structured as follows, although you can collapse it into one one. :: [ "Policy1", @@ -27,9 +27,10 @@ So for example, a file that contains the policy from the previous example must l [ "{\"Version\": \"2012-10-17\", \"Statement\": {\"Effect\": \"Allow\", \"Action\": \"dynamodb:*\", \"Resource\": \"arn:aws:dynamodb:us-west-2:128716708097:table/${aws:username}\", \"Condition\": {\"DateGreaterThan\": {\"aws:CurrentTime\": \"2015-08-16T12:00:00Z\"}}}}" ] -This file can then be submitted to the following command:: +This file can then be submitted to the following command. :: - aws iam get-context-keys-for-custom-policy --policy-input-list file://policyfile.json + aws iam get-context-keys-for-custom-policy \ + --policy-input-list file://policyfile.json Output:: @@ -40,6 +41,4 @@ Output:: ] } -For more information, see `Using the IAM Policy Simulator (AWS CLI and AWS API)`_ in the *Using IAM* guide. - -.. _`Using the IAM Policy Simulator (AWS CLI and AWS API)`: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html#policies-simulator-using-api +For more information, see `Using the IAM Policy Simulator (AWS CLI and AWS API) `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-context-keys-for-principal-policy.rst b/awscli/examples/iam/get-context-keys-for-principal-policy.rst index a3fd3d341b54..e045fbc626da 100755 --- a/awscli/examples/iam/get-context-keys-for-principal-policy.rst +++ b/awscli/examples/iam/get-context-keys-for-principal-policy.rst @@ -14,6 +14,4 @@ Output:: ] } -For more information, see `Using the IAM Policy Simulator (AWS CLI and AWS API)`_ in the *Using IAM* guide. - -.. _`Using the IAM Policy Simulator (AWS CLI and AWS API)`: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html#policies-simulator-using-api \ No newline at end of file +For more information, see `Using the IAM Policy Simulator (AWS CLI and AWS API) `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-credential-report.rst b/awscli/examples/iam/get-credential-report.rst index 42725988215d..581ec92e27f9 100644 --- a/awscli/examples/iam/get-credential-report.rst +++ b/awscli/examples/iam/get-credential-report.rst @@ -1,16 +1,14 @@ **To get a credential report** -This example opens the returned report and outputs it to the pipeline as an array of text lines:: +This example opens the returned report and outputs it to the pipeline as an array of text lines. :: - aws iam get-credential-report + aws iam get-credential-report Output:: - { - "GeneratedTime": "2015-06-17T19:11:50Z", - "ReportFormat": "text/csv" - } + { + "GeneratedTime": "2015-06-17T19:11:50Z", + "ReportFormat": "text/csv" + } -For more information, see `Getting Credential Reports for Your AWS Account`_ in the *Using IAM* guide. - -.. _`Getting Credential Reports for Your AWS Account`: http://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html \ No newline at end of file +For more information, see `Getting credential reports for your AWS account `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-group-policy.rst b/awscli/examples/iam/get-group-policy.rst index 1b8af7c4ff53..f4c8103b7f82 100644 --- a/awscli/examples/iam/get-group-policy.rst +++ b/awscli/examples/iam/get-group-policy.rst @@ -1,8 +1,10 @@ **To get information about a policy attached to an IAM group** -The following ``get-group-policy`` command gets information about the specified policy attached to the group named ``Test-Group``:: +The following ``get-group-policy`` command gets information about the specified policy attached to the group named ``Test-Group``. :: - aws iam get-group-policy --group-name Test-Group --policy-name S3-ReadOnly-Policy + aws iam get-group-policy \ + --group-name Test-Group \ + --policy-name S3-ReadOnly-Policy Output:: @@ -23,7 +25,4 @@ Output:: "PolicyName": "S3-ReadOnly-Policy" } -For more information, see `Managing IAM Policies`_ in the *Using IAM* guide. - -.. _`Managing IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingPolicies.html - +For more information, see `Managing IAM policies `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-group.rst b/awscli/examples/iam/get-group.rst index 56050956f1b2..1c48817c8db0 100644 --- a/awscli/examples/iam/get-group.rst +++ b/awscli/examples/iam/get-group.rst @@ -1,22 +1,21 @@ **To get an IAM group** -This example returns details about the IAM group ``Admins``:: +This example returns details about the IAM group ``Admins``. :: - aws iam get-group --group-name Admins + aws iam get-group \ + --group-name Admins Output:: - { - "Group": { - "Path": "/", - "CreateDate": "2015-06-16T19:41:48Z", - "GroupId": "AIDGPMS9RO4H3FEXAMPLE", - "Arn": "arn:aws:iam::123456789012:group/Admins", - "GroupName": "Admins" - }, - "Users": [] - } + { + "Group": { + "Path": "/", + "CreateDate": "2015-06-16T19:41:48Z", + "GroupId": "AIDGPMS9RO4H3FEXAMPLE", + "Arn": "arn:aws:iam::123456789012:group/Admins", + "GroupName": "Admins" + }, + "Users": [] + } -For more information, see `IAM Users and Groups`_ in the *Using IAM* guide. - -.. _`IAM Users and Groups`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_WorkingWithGroupsAndUsers.html \ No newline at end of file +For more information, see `IAM Identities (users, user groups, and roles) `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-instance-profile.rst b/awscli/examples/iam/get-instance-profile.rst index 58b5662e19c3..2df73acdc25b 100644 --- a/awscli/examples/iam/get-instance-profile.rst +++ b/awscli/examples/iam/get-instance-profile.rst @@ -1,31 +1,30 @@ **To get information about an instance profile** -The following ``get-instance-profile`` command gets information about the instance profile named ``ExampleInstanceProfile``:: +The following ``get-instance-profile`` command gets information about the instance profile named ``ExampleInstanceProfile``. :: - aws iam get-instance-profile --instance-profile-name ExampleInstanceProfile + aws iam get-instance-profile \ + --instance-profile-name ExampleInstanceProfile Output:: - { - "InstanceProfile": { - "InstanceProfileId": "AID2MAB8DPLSRHEXAMPLE", - "Roles": [ - { - "AssumeRolePolicyDocument": "", - "RoleId": "AIDGPMS9RO4H3FEXAMPLE", - "CreateDate": "2013-01-09T06:33:26Z", - "RoleName": "Test-Role", - "Path": "/", - "Arn": "arn:aws:iam::336924118301:role/Test-Role" - } - ], - "CreateDate": "2013-06-12T23:52:02Z", - "InstanceProfileName": "ExampleInstanceProfile", - "Path": "/", - "Arn": "arn:aws:iam::336924118301:instance-profile/ExampleInstanceProfile" - } - } + { + "InstanceProfile": { + "InstanceProfileId": "AID2MAB8DPLSRHEXAMPLE", + "Roles": [ + { + "AssumeRolePolicyDocument": "", + "RoleId": "AIDGPMS9RO4H3FEXAMPLE", + "CreateDate": "2013-01-09T06:33:26Z", + "RoleName": "Test-Role", + "Path": "/", + "Arn": "arn:aws:iam::336924118301:role/Test-Role" + } + ], + "CreateDate": "2013-06-12T23:52:02Z", + "InstanceProfileName": "ExampleInstanceProfile", + "Path": "/", + "Arn": "arn:aws:iam::336924118301:instance-profile/ExampleInstanceProfile" + } + } -For more information, see `Instance Profiles`_ in the *Using IAM* guide. - -.. _`Instance Profiles`: http://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html +For more information, see `Using instance profiles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-login-profile.rst b/awscli/examples/iam/get-login-profile.rst index 690496f03921..a3b52bd51032 100644 --- a/awscli/examples/iam/get-login-profile.rst +++ b/awscli/examples/iam/get-login-profile.rst @@ -1,25 +1,22 @@ **To get password information for an IAM user** -The following ``get-login-profile`` command gets information about the password for the IAM user named ``Bob``:: +The following ``get-login-profile`` command gets information about the password for the IAM user named ``Bob``. :: - aws iam get-login-profile --user-name Bob + aws iam get-login-profile \ + --user-name Bob Output:: - { - "LoginProfile": { - "UserName": "Bob", - "CreateDate": "2012-09-21T23:03:39Z" - } - } + { + "LoginProfile": { + "UserName": "Bob", + "CreateDate": "2012-09-21T23:03:39Z" + } + } The ``get-login-profile`` command can be used to verify that an IAM user has a password. The command returns a ``NoSuchEntity`` error if no password is defined for the user. You cannot view a password using this command. If the password is lost, you can reset the password (``update-login-profile``) for the user. Alternatively, you can delete the login profile (``delete-login-profile``) for the user and then create a new one (``create-login-profile``). -For more information, see `Managing Passwords`_ in the *Using IAM* guide. - -.. _`Managing Passwords`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html - - +For more information, see `Managing passwords for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-mfa-device.rst b/awscli/examples/iam/get-mfa-device.rst new file mode 100644 index 000000000000..dfd5a0d0145b --- /dev/null +++ b/awscli/examples/iam/get-mfa-device.rst @@ -0,0 +1,19 @@ +**To retrieve information about a FIDO security key** + +The following ``get-mfa-device`` command example retrieves information about the specified FIDO security key. :: + + aws iam get-mfa-device \ + --serial-number arn:aws:iam::123456789012:u2f/user/alice/fidokeyname-EXAMPLEBN5FHTECLFG7EXAMPLE + +Output:: + + { + "UserName": "alice", + "SerialNumber": "arn:aws:iam::123456789012:u2f/user/alice/fidokeyname-EXAMPLEBN5FHTECLFG7EXAMPLE", + "EnableDate": "2023-09-19T01:49:18+00:00", + "Certifications": { + "FIDO": "L1" + } + } + +For more information, see `Using multi-factor authentication (MFA) in AWS `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-open-id-connect-provider.rst b/awscli/examples/iam/get-open-id-connect-provider.rst index 1ef901890b83..8dc893ad9dc8 100644 --- a/awscli/examples/iam/get-open-id-connect-provider.rst +++ b/awscli/examples/iam/get-open-id-connect-provider.rst @@ -1,22 +1,21 @@ **To return information about the specified OpenID Connect provider** -This example returns details about the OpenID Connect provider whose ARN is ``arn:aws:iam::123456789012:oidc-provider/server.example.com``:: +This example returns details about the OpenID Connect provider whose ARN is ``arn:aws:iam::123456789012:oidc-provider/server.example.com``. :: - aws iam get-open-id-connect-provider --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/server.example.com + aws iam get-open-id-connect-provider \ + --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/server.example.com Output:: - { - "Url": "server.example.com" - "CreateDate": "2015-06-16T19:41:48Z", - "ThumbprintList": [ - "12345abcdefghijk67890lmnopqrst987example" - ], - "ClientIDList": [ - "example-application-ID" - ] - } + { + "Url": "server.example.com" + "CreateDate": "2015-06-16T19:41:48Z", + "ThumbprintList": [ + "12345abcdefghijk67890lmnopqrst987example" + ], + "ClientIDList": [ + "example-application-ID" + ] + } -For more information, see `Using OpenID Connect Identity Providers`_ in the *Using IAM* guide. - -.. _`Using OpenID Connect Identity Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc.html \ No newline at end of file +For more information, see `Creating OpenID Connect (OIDC) identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-organizations-access-report.rst b/awscli/examples/iam/get-organizations-access-report.rst index 74bb1a288a88..75c143fbefd4 100755 --- a/awscli/examples/iam/get-organizations-access-report.rst +++ b/awscli/examples/iam/get-organizations-access-report.rst @@ -1,23 +1,25 @@ -**To retrieve an access report** - -The following ``get-organizations-access-report`` example displays a previously generated access report for an AWS Organizations entity. To generate a report, use the ``generate-organizations-access-report`` command. :: - - aws iam get-organizations-access-report \ - --job-id a8b6c06f-aaa4-8xmp-28bc-81da71836359 - -Output:: - - { - "JobStatus": "COMPLETED", - "JobCreationDate": "2019-09-30T06:53:36.187Z", - "JobCompletionDate": "2019-09-30T06:53:37.547Z", - "NumberOfServicesAccessible": 188, - "NumberOfServicesNotAccessed": 171, - "AccessDetails": [ - { - "ServiceName": "Alexa for Business", - "ServiceNamespace": "a4b", - "TotalAuthenticatedEntities": 0 - }, - ... - } +**To retrieve an access report** + +The following ``get-organizations-access-report`` example displays a previously generated access report for an AWS Organizations entity. To generate a report, use the ``generate-organizations-access-report`` command. :: + + aws iam get-organizations-access-report \ + --job-id a8b6c06f-aaa4-8xmp-28bc-81da71836359 + +Output:: + + { + "JobStatus": "COMPLETED", + "JobCreationDate": "2019-09-30T06:53:36.187Z", + "JobCompletionDate": "2019-09-30T06:53:37.547Z", + "NumberOfServicesAccessible": 188, + "NumberOfServicesNotAccessed": 171, + "AccessDetails": [ + { + "ServiceName": "Alexa for Business", + "ServiceNamespace": "a4b", + "TotalAuthenticatedEntities": 0 + }, + ... + } + +For more information, see `Refining permissions in AWS using last accessed information `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-policy-version.rst b/awscli/examples/iam/get-policy-version.rst index 98636b1c108d..4fb53f09c7b8 100644 --- a/awscli/examples/iam/get-policy-version.rst +++ b/awscli/examples/iam/get-policy-version.rst @@ -1,6 +1,6 @@ **To retrieve information about the specified version of the specified managed policy** -This example returns the policy document for the v2 version of the policy whose ARN is ``arn:aws:iam::123456789012:policy/MyManagedPolicy`` :: +This example returns the policy document for the v2 version of the policy whose ARN is ``arn:aws:iam::123456789012:policy/MyManagedPolicy``. :: aws iam get-policy-version \ --policy-arn arn:aws:iam::123456789012:policy/MyPolicy \ @@ -26,4 +26,4 @@ Output:: } } -For more information, see `Overview of IAM Policies `__ in the *IAM User Guide*. \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-policy.rst b/awscli/examples/iam/get-policy.rst index 565ad659d1e7..af3e0f10ca9c 100644 --- a/awscli/examples/iam/get-policy.rst +++ b/awscli/examples/iam/get-policy.rst @@ -1,6 +1,6 @@ **To retrieve information about the specified managed policy** -This example returns details about the managed policy whose ARN is ``arn:aws:iam::123456789012:policy/MySamplePolicy`` :: +This example returns details about the managed policy whose ARN is ``arn:aws:iam::123456789012:policy/MySamplePolicy``. :: aws iam get-policy \ --policy-arn arn:aws:iam::123456789012:policy/MySamplePolicy @@ -21,6 +21,4 @@ Output:: } } -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-role-policy.rst b/awscli/examples/iam/get-role-policy.rst index a4e6877b0f1c..2b0296a3a03e 100644 --- a/awscli/examples/iam/get-role-policy.rst +++ b/awscli/examples/iam/get-role-policy.rst @@ -1,8 +1,10 @@ **To get information about a policy attached to an IAM role** -The following ``get-role-policy`` command gets information about the specified policy attached to the role named ``Test-Role``:: +The following ``get-role-policy`` command gets information about the specified policy attached to the role named ``Test-Role``. :: - aws iam get-role-policy --role-name Test-Role --policy-name ExamplePolicy + aws iam get-role-policy \ + --role-name Test-Role \ + --policy-name ExamplePolicy Output:: @@ -26,7 +28,4 @@ Output:: "PolicyName": "ExamplePolicy" } -For more information, see `Creating a Role`_ in the *Using IAM* guide. - -.. _`Creating a Role`: http://docs.aws.amazon.com/IAM/latest/UserGuide/creating-role.html - +For more information, see `Creating IAM roles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-role.rst b/awscli/examples/iam/get-role.rst index 60275ada0ba2..c7b17874a752 100644 --- a/awscli/examples/iam/get-role.rst +++ b/awscli/examples/iam/get-role.rst @@ -1,6 +1,6 @@ **To get information about an IAM role** -The following ``get-role`` command gets information about the role named ``Test-Role``:: +The following ``get-role`` command gets information about the role named ``Test-Role``. :: aws iam get-role \ --role-name Test-Role @@ -26,4 +26,4 @@ Output:: The command displays the trust policy attached to the role. To list the permissions policies attached to a role, use the ``list-role-policies`` command. -For more information, see `Creating a Role `__ in the *Using IAM* guide. \ No newline at end of file +For more information, see `Creating IAM roles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-saml-provider.rst b/awscli/examples/iam/get-saml-provider.rst index 479ae155f3c2..013bef295560 100644 --- a/awscli/examples/iam/get-saml-provider.rst +++ b/awscli/examples/iam/get-saml-provider.rst @@ -2,11 +2,27 @@ This example retrieves the details about the SAML 2.0 provider whose ARM is ``arn:aws:iam::123456789012:saml-provider/SAMLADFS``. The response includes the metadata document that you got from the identity provider to create the AWS SAML provider entity as well -as the creation and expiration dates:: +as the creation and expiration dates. :: - aws iam get-saml-provider --saml-provider-arn arn:aws:iam::123456789012:saml-provider/SAMLADFS + aws iam get-saml-provider \ + --saml-provider-arn arn:aws:iam::123456789012:saml-provider/SAMLADFS +Output:: -For more information, see `Using SAML Providers`_ in the *Using IAM* guide. + { + "SAMLMetadataDocument": "...SAMLMetadataDocument-XML...", + "CreateDate": "2017-03-06T22:29:46+00:00", + "ValidUntil": "2117-03-06T22:29:46.433000+00:00", + "Tags": [ + { + "Key": "DeptID", + "Value": "123456" + }, + { + "Key": "Department", + "Value": "Accounting" + } + ] + } -.. _`Using SAML Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-saml.html \ No newline at end of file +For more information, see `Creating IAM SAML identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-server-certificate.rst b/awscli/examples/iam/get-server-certificate.rst index 5415617fff19..039f13367dcd 100644 --- a/awscli/examples/iam/get-server-certificate.rst +++ b/awscli/examples/iam/get-server-certificate.rst @@ -2,7 +2,8 @@ The following ``get-server-certificate`` command retrieves all of the details about the specified server certificate in your AWS account. :: - aws iam get-server-certificate --server-certificate-name myUpdatedServerCertificate + aws iam get-server-certificate \ + --server-certificate-name myUpdatedServerCertificate Output:: @@ -51,6 +52,4 @@ Output:: To list the server certificates available in your AWS account, use the ``list-server-certificates`` command. -For more information, see `Creating, Uploading, and Deleting Server Certificates`_ in the *IAM Users Guide*. - -.. _`Creating, Uploading, and Deleting Server Certificates`: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html +For more information, see `Managing server certificates in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-service-last-accessed-details-with-entities.rst b/awscli/examples/iam/get-service-last-accessed-details-with-entities.rst index 1c76c74d0aef..2ddc610e2508 100755 --- a/awscli/examples/iam/get-service-last-accessed-details-with-entities.rst +++ b/awscli/examples/iam/get-service-last-accessed-details-with-entities.rst @@ -1,37 +1,39 @@ -**To retrieve a service access report with details for a service** - -The following ``get-service-last-accessed-details-with-entities`` example retrieves a report that contains details about IAM users and other entities that accessed the specified service. To generate a report, use the ``generate-service-last-accessed-details`` command. To get a list of services accessed with namespaces, use ``get-service-last-accessed-details``. :: - - aws iam get-service-last-accessed-details-with-entities \ - --job-id 78b6c2ba-d09e-6xmp-7039-ecde30b26916 \ - --service-namespace lambda - -Output:: - - { - "JobStatus": "COMPLETED", - "JobCreationDate": "2019-10-01T03:55:41.756Z", - "JobCompletionDate": "2019-10-01T03:55:42.533Z", - "EntityDetailsList": [ - { - "EntityInfo": { - "Arn": "arn:aws:iam::123456789012:user/admin", - "Name": "admin", - "Type": "USER", - "Id": "AIDAIO2XMPLENQEXAMPLE", - "Path": "/" - }, - "LastAuthenticated": "2019-09-30T23:02:00Z" - }, - { - "EntityInfo": { - "Arn": "arn:aws:iam::123456789012:user/developer", - "Name": "developer", - "Type": "USER", - "Id": "AIDAIBEYXMPL2YEXAMPLE", - "Path": "/" - }, - "LastAuthenticated": "2019-09-16T19:34:00Z" - } - ] - } +**To retrieve a service access report with details for a service** + +The following ``get-service-last-accessed-details-with-entities`` example retrieves a report that contains details about IAM users and other entities that accessed the specified service. To generate a report, use the ``generate-service-last-accessed-details`` command. To get a list of services accessed with namespaces, use ``get-service-last-accessed-details``. :: + + aws iam get-service-last-accessed-details-with-entities \ + --job-id 78b6c2ba-d09e-6xmp-7039-ecde30b26916 \ + --service-namespace lambda + +Output:: + + { + "JobStatus": "COMPLETED", + "JobCreationDate": "2019-10-01T03:55:41.756Z", + "JobCompletionDate": "2019-10-01T03:55:42.533Z", + "EntityDetailsList": [ + { + "EntityInfo": { + "Arn": "arn:aws:iam::123456789012:user/admin", + "Name": "admin", + "Type": "USER", + "Id": "AIDAIO2XMPLENQEXAMPLE", + "Path": "/" + }, + "LastAuthenticated": "2019-09-30T23:02:00Z" + }, + { + "EntityInfo": { + "Arn": "arn:aws:iam::123456789012:user/developer", + "Name": "developer", + "Type": "USER", + "Id": "AIDAIBEYXMPL2YEXAMPLE", + "Path": "/" + }, + "LastAuthenticated": "2019-09-16T19:34:00Z" + } + ] + } + +For more information, see `Refining permissions in AWS using last accessed information `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-service-last-accessed-details.rst b/awscli/examples/iam/get-service-last-accessed-details.rst index b10758403fdb..18899d55c7a6 100755 --- a/awscli/examples/iam/get-service-last-accessed-details.rst +++ b/awscli/examples/iam/get-service-last-accessed-details.rst @@ -1,23 +1,25 @@ -**To retrieve a service access report** - -The following ``get-service-last-accessed-details`` example retrieves a previously generated report that lists the services accessed by IAM entities. To generate a report, use the ``generate-service-last-accessed-details`` command. :: - - aws iam get-service-last-accessed-details \ - --job-id 2eb6c2b8-7b4c-3xmp-3c13-03b72c8cdfdc - -Output:: - - { - "JobStatus": "COMPLETED", - "JobCreationDate": "2019-10-01T03:50:35.929Z", - "ServicesLastAccessed": [ - ... - { - "ServiceName": "AWS Lambda", - "LastAuthenticated": "2019-09-30T23:02:00Z", - "ServiceNamespace": "lambda", - "LastAuthenticatedEntity": "arn:aws:iam::123456789012:user/admin", - "TotalAuthenticatedEntities": 6 - }, - ] - } +**To retrieve a service access report** + +The following ``get-service-last-accessed-details`` example retrieves a previously generated report that lists the services accessed by IAM entities. To generate a report, use the ``generate-service-last-accessed-details`` command. :: + + aws iam get-service-last-accessed-details \ + --job-id 2eb6c2b8-7b4c-3xmp-3c13-03b72c8cdfdc + +Output:: + + { + "JobStatus": "COMPLETED", + "JobCreationDate": "2019-10-01T03:50:35.929Z", + "ServicesLastAccessed": [ + ... + { + "ServiceName": "AWS Lambda", + "LastAuthenticated": "2019-09-30T23:02:00Z", + "ServiceNamespace": "lambda", + "LastAuthenticatedEntity": "arn:aws:iam::123456789012:user/admin", + "TotalAuthenticatedEntities": 6 + }, + ] + } + +For more information, see `Refining permissions in AWS using last accessed information `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-service-linked-role-deletion-status.rst b/awscli/examples/iam/get-service-linked-role-deletion-status.rst index b88a4549d239..95a0fa7eea10 100644 --- a/awscli/examples/iam/get-service-linked-role-deletion-status.rst +++ b/awscli/examples/iam/get-service-linked-role-deletion-status.rst @@ -2,14 +2,13 @@ The following ``get-service-linked-role-deletion-status`` example displays the status of a previously request to delete a service-linked role. The delete operation occurs asynchronously. When you make the request, you get a ``DeletionTaskId`` value that you provide as a parameter for this command. :: - aws iam get-service-linked-role-deletion-status --deletion-task-id task/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots/1a2b3c4d-1234-abcd-7890-abcdeEXAMPLE + aws iam get-service-linked-role-deletion-status \ + --deletion-task-id task/aws-service-role/lex.amazonaws.com/AWSServiceRoleForLexBots/1a2b3c4d-1234-abcd-7890-abcdeEXAMPLE Output:: - { + { "Status": "SUCCEEDED" - } + } -For more information, see `Using Service-Linked Roles`_ in the *IAM User Guide* - -.. _`Using Service-Linked Roles`: https://docs.aws.amazon.com/IAM/latest/UserGuide/using-service-linked-roles.html +For more information, see `Using service-linked roles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-ssh-public-key.rst b/awscli/examples/iam/get-ssh-public-key.rst index 2b8edb6b0441..8e498825eb12 100644 --- a/awscli/examples/iam/get-ssh-public-key.rst +++ b/awscli/examples/iam/get-ssh-public-key.rst @@ -22,7 +22,7 @@ Output:: **Example 2: To retrieve an SSH public key attached to an IAM user in PEM encoded form** -The following ``get-ssh-public-key`` command retrieves the specified SSH public key from the IAM user 'sofia'. The output is in PEM encoding. :: +The following ``get-ssh-public-key`` command retrieves the specified SSH public key from the IAM user ``sofia``. The output is in PEM encoding. :: aws iam get-ssh-public-key \ --user-name sofia \ @@ -42,4 +42,4 @@ Output:: } } -For more information about SSH keys in IAM, see `Use SSH Keys and SSH with CodeCommit `_ in the *AWS IAM User Guide*. +For more information, see `Use SSH keys and SSH with CodeCommit `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-user-policy.rst b/awscli/examples/iam/get-user-policy.rst index 2cc7924c981e..4a51dde67b5d 100644 --- a/awscli/examples/iam/get-user-policy.rst +++ b/awscli/examples/iam/get-user-policy.rst @@ -1,33 +1,28 @@ **To list policy details for an IAM user** -The following ``get-user-policy`` command lists the details of the specified policy that is attached to the IAM user named ``Bob``:: +The following ``get-user-policy`` command lists the details of the specified policy that is attached to the IAM user named ``Bob``. :: - aws iam get-user-policy --user-name Bob --policy-name ExamplePolicy + aws iam get-user-policy \ + --user-name Bob \ + --policy-name ExamplePolicy Output:: - { - "UserName": "Bob", - "PolicyName": "ExamplePolicy", - "PolicyDocument": { - "Version": "2012-10-17", - "Statement": [ - { - "Action": "*", - "Resource": "*", - "Effect": "Allow" - } - ] - } - } + { + "UserName": "Bob", + "PolicyName": "ExamplePolicy", + "PolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "*", + "Resource": "*", + "Effect": "Allow" + } + ] + } + } To get a list of policies for an IAM user, use the ``list-user-policies`` command. -For more information, see `Adding a New User to Your AWS Account`_ in the *Using IAM* guide. - -.. _`Adding a New User to Your AWS Account`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_SettingUpUser.html - - - - - +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/get-user.rst b/awscli/examples/iam/get-user.rst index a4b468a6f2aa..eda85e3ef385 100644 --- a/awscli/examples/iam/get-user.rst +++ b/awscli/examples/iam/get-user.rst @@ -1,23 +1,20 @@ **To get information about an IAM user** -The following ``get-user`` command gets information about the IAM user named ``Paulo``:: +The following ``get-user`` command gets information about the IAM user named ``Paulo``. :: - aws iam get-user --user-name Paulo + aws iam get-user \ + --user-name Paulo Output:: - { - "User": { - "UserName": "Paulo", - "Path": "/", - "CreateDate": "2019-09-21T23:03:13Z", - "UserId": "AIDA123456789EXAMPLE", - "Arn": "arn:aws:iam::123456789012:user/Paulo" - } - } - -For more information, see `Listing Users`_ in the *Using IAM* guide. - -.. _`Listing Users`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_GetListOfUsers.html - - + { + "User": { + "UserName": "Paulo", + "Path": "/", + "CreateDate": "2019-09-21T23:03:13Z", + "UserId": "AIDA123456789EXAMPLE", + "Arn": "arn:aws:iam::123456789012:user/Paulo" + } + } + +For more information, see `Managing IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-access-keys.rst b/awscli/examples/iam/list-access-keys.rst index acfdee46c8f1..b710efd53d33 100644 --- a/awscli/examples/iam/list-access-keys.rst +++ b/awscli/examples/iam/list-access-keys.rst @@ -1,30 +1,29 @@ **To list the access key IDs for an IAM user** -The following ``list-access-keys`` command lists the access keys IDs for the IAM user named ``Bob``:: +The following ``list-access-keys`` command lists the access keys IDs for the IAM user named ``Bob``. :: - aws iam list-access-keys --user-name Bob + aws iam list-access-keys \ + --user-name Bob Output:: - "AccessKeyMetadata": [ - { - "UserName": "Bob", - "Status": "Active", - "CreateDate": "2013-06-04T18:17:34Z", - "AccessKeyId": "AKIAIOSFODNN7EXAMPLE" - }, - { - "UserName": "Bob", - "Status": "Inactive", - "CreateDate": "2013-06-06T20:42:26Z", - "AccessKeyId": "AKIAI44QH8DHBEXAMPLE" - } - ] + { + "AccessKeyMetadata": [ + { + "UserName": "Bob", + "Status": "Active", + "CreateDate": "2013-06-04T18:17:34Z", + "AccessKeyId": "AKIAIOSFODNN7EXAMPLE" + }, + { + "UserName": "Bob", + "Status": "Inactive", + "CreateDate": "2013-06-06T20:42:26Z", + "AccessKeyId": "AKIAI44QH8DHBEXAMPLE" + } + ] + } You cannot list the secret access keys for IAM users. If the secret access keys are lost, you must create new access keys using the ``create-access-keys`` command. -For more information, see `Creating, Modifying, and Viewing User Security Credentials`_ in the *Using IAM* guide. - -.. _`Creating, Modifying, and Viewing User Security Credentials`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_CreateAccessKey.html - - +For more information, see `Managing access keys for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-account-aliases.rst b/awscli/examples/iam/list-account-aliases.rst index 75f685cf28e6..664a991b7760 100644 --- a/awscli/examples/iam/list-account-aliases.rst +++ b/awscli/examples/iam/list-account-aliases.rst @@ -1,16 +1,15 @@ **To list account aliases** -The following ``list-account-aliases`` command lists the aliases for the current account:: +The following ``list-account-aliases`` command lists the aliases for the current account. :: - aws iam list-account-aliases + aws iam list-account-aliases Output:: - "AccountAliases": [ - "mycompany" - ] - -For more information, see `Using an Alias for Your AWS Account ID`_ in the *Using IAM* guide. - -.. _`Using an Alias for Your AWS Account ID`: http://docs.aws.amazon.com/IAM/latest/UserGuide/AccountAlias.html + { + "AccountAliases": [ + "mycompany" + ] + } +For more information, see `Your AWS account ID and its alias `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-attached-group-policies.rst b/awscli/examples/iam/list-attached-group-policies.rst index f4ba80666c6e..9513521cae4a 100644 --- a/awscli/examples/iam/list-attached-group-policies.rst +++ b/awscli/examples/iam/list-attached-group-policies.rst @@ -1,25 +1,24 @@ **To list all managed policies that are attached to the specified group** -This example returns the names and ARNs of the managed policies that are attached to the IAM group named ``Admins`` in the AWS account:: +This example returns the names and ARNs of the managed policies that are attached to the IAM group named ``Admins`` in the AWS account. :: - aws iam list-attached-group-policies --group-name Admins + aws iam list-attached-group-policies \ + --group-name Admins Output:: - { - "AttachedPolicies": [ - { - "PolicyName": "AdministratorAccess", - "PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess" - }, - { - "PolicyName": "SecurityAudit", - "PolicyArn": "arn:aws:iam::aws:policy/SecurityAudit" - } - ], - "IsTruncated": false - } + { + "AttachedPolicies": [ + { + "PolicyName": "AdministratorAccess", + "PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess" + }, + { + "PolicyName": "SecurityAudit", + "PolicyArn": "arn:aws:iam::aws:policy/SecurityAudit" + } + ], + "IsTruncated": false + } -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-attached-role-policies.rst b/awscli/examples/iam/list-attached-role-policies.rst index a0bc8c756855..7e28af757771 100644 --- a/awscli/examples/iam/list-attached-role-policies.rst +++ b/awscli/examples/iam/list-attached-role-policies.rst @@ -1,21 +1,20 @@ **To list all managed policies that are attached to the specified role** -This command returns the names and ARNs of the managed policies attached to the IAM role named ``SecurityAuditRole`` in the AWS account:: +This command returns the names and ARNs of the managed policies attached to the IAM role named ``SecurityAuditRole`` in the AWS account. :: - aws iam list-attached-role-policies --role-name SecurityAuditRole + aws iam list-attached-role-policies \ + --role-name SecurityAuditRole Output:: - { - "AttachedPolicies": [ - { - "PolicyName": "SecurityAudit", - "PolicyArn": "arn:aws:iam::aws:policy/SecurityAudit" - } - ], - "IsTruncated": false - } + { + "AttachedPolicies": [ + { + "PolicyName": "SecurityAudit", + "PolicyArn": "arn:aws:iam::aws:policy/SecurityAudit" + } + ], + "IsTruncated": false + } -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-attached-user-policies.rst b/awscli/examples/iam/list-attached-user-policies.rst index c93f5aa5eb95..7b86fba51e78 100644 --- a/awscli/examples/iam/list-attached-user-policies.rst +++ b/awscli/examples/iam/list-attached-user-policies.rst @@ -1,25 +1,24 @@ **To list all managed policies that are attached to the specified user** -This command returns the names and ARNs of the managed policies for the IAM user named ``Bob`` in the AWS account:: +This command returns the names and ARNs of the managed policies for the IAM user named ``Bob`` in the AWS account. :: - aws iam list-attached-user-policies --user-name Bob + aws iam list-attached-user-policies \ + --user-name Bob Output:: - { - "AttachedPolicies": [ - { - "PolicyName": "AdministratorAccess", - "PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess" - }, - { - "PolicyName": "SecurityAudit", - "PolicyArn": "arn:aws:iam::aws:policy/SecurityAudit" - } - ], - "IsTruncated": false - } + { + "AttachedPolicies": [ + { + "PolicyName": "AdministratorAccess", + "PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess" + }, + { + "PolicyName": "SecurityAudit", + "PolicyArn": "arn:aws:iam::aws:policy/SecurityAudit" + } + ], + "IsTruncated": false + } -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-entities-for-policy.rst b/awscli/examples/iam/list-entities-for-policy.rst index 73330f83d05b..31cccc20326f 100644 --- a/awscli/examples/iam/list-entities-for-policy.rst +++ b/awscli/examples/iam/list-entities-for-policy.rst @@ -1,30 +1,32 @@ **To list all users, groups, and roles that the specified managed policy is attached to** -This example returns a list of IAM groups, roles, and users who have the policy ``arn:aws:iam::123456789012:policy/TestPolicy`` attached:: +This example returns a list of IAM groups, roles, and users who have the policy ``arn:aws:iam::123456789012:policy/TestPolicy`` attached. :: - aws iam list-entities-for-policy --policy-arn arn:aws:iam::123456789012:policy/TestPolicy + aws iam list-entities-for-policy \ + --policy-arn arn:aws:iam::123456789012:policy/TestPolicy Output:: - { - "PolicyGroups": [ - { - "GroupName": "Admins" - } - ], - "PolicyUsers": [ - { - "UserName": "Bob" - } - ], - "PolicyRoles": [ - { - "RoleName": "testRole" - } - ], - "IsTruncated": false - } + { + "PolicyGroups": [ + { + "GroupName": "Admins", + "GroupId": "AGPACKCEVSQ6C2EXAMPLE" + } + ], + "PolicyUsers": [ + { + "UserName": "Alice", + "UserId": "AIDACKCEVSQ6C2EXAMPLE" + } + ], + "PolicyRoles": [ + { + "RoleName": "DevRole", + "RoleId": "AROADBQP57FF2AEXAMPLE" + } + ], + "IsTruncated": false + } -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-group-policies.rst b/awscli/examples/iam/list-group-policies.rst index 2bb9b32fffb2..e86ac736458d 100644 --- a/awscli/examples/iam/list-group-policies.rst +++ b/awscli/examples/iam/list-group-policies.rst @@ -1,20 +1,18 @@ **To list all inline policies that are attached to the specified group** The following ``list-group-policies`` command lists the names of inline policies that are attached to the IAM group named -``Admins`` in the current account:: +``Admins`` in the current account. :: - aws iam list-group-policies --group-name Admins + aws iam list-group-policies \ + --group-name Admins Output:: - { - "PolicyNames": [ - "AdminRoot", - "ExamplePolicy" - ] - } - -For more information, see `Managing IAM Policies`_ in the *Using IAM* guide. - -.. _`Managing IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingPolicies.html + { + "PolicyNames": [ + "AdminRoot", + "ExamplePolicy" + ] + } +For more information, see `Managing IAM policies `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-groups-for-user.rst b/awscli/examples/iam/list-groups-for-user.rst index d7770aacb4e8..0ccca2a3cff2 100644 --- a/awscli/examples/iam/list-groups-for-user.rst +++ b/awscli/examples/iam/list-groups-for-user.rst @@ -1,30 +1,29 @@ **To list the groups that an IAM user belongs to** -The following ``list-groups-for-user`` command displays the groups that the IAM user named ``Bob`` belongs to:: +The following ``list-groups-for-user`` command displays the groups that the IAM user named ``Bob`` belongs to. :: - aws iam list-groups-for-user --user-name Bob + aws iam list-groups-for-user \ + --user-name Bob Output:: - "Groups": [ - { - "Path": "/", - "CreateDate": "2013-05-06T01:18:08Z", - "GroupId": "AKIAIOSFODNN7EXAMPLE", - "Arn": "arn:aws:iam::123456789012:group/Admin", - "GroupName": "Admin" - }, - { - "Path": "/", - "CreateDate": "2013-05-06T01:37:28Z", - "GroupId": "AKIAI44QH8DHBEXAMPLE", - "Arn": "arn:aws:iam::123456789012:group/s3-Users", - "GroupName": "s3-Users" - } - ] - -For more information, see `Creating and Listing Groups`_ in the *Using IAM* guide. - -.. _`Creating and Listing Groups`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_CreatingAndListingGroups.html - - + { + "Groups": [ + { + "Path": "/", + "CreateDate": "2013-05-06T01:18:08Z", + "GroupId": "AKIAIOSFODNN7EXAMPLE", + "Arn": "arn:aws:iam::123456789012:group/Admin", + "GroupName": "Admin" + }, + { + "Path": "/", + "CreateDate": "2013-05-06T01:37:28Z", + "GroupId": "AKIAI44QH8DHBEXAMPLE", + "Arn": "arn:aws:iam::123456789012:group/s3-Users", + "GroupName": "s3-Users" + } + ] + } + +For more information, see `Managing IAM user groups `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-groups.rst b/awscli/examples/iam/list-groups.rst index 9b86e94a9489..3793dbbe4cd6 100644 --- a/awscli/examples/iam/list-groups.rst +++ b/awscli/examples/iam/list-groups.rst @@ -1,29 +1,28 @@ **To list the IAM groups for the current account** -The following ``list-groups`` command lists the IAM groups in the current account:: +The following ``list-groups`` command lists the IAM groups in the current account. :: - aws iam list-groups + aws iam list-groups Output:: - "Groups": [ { - "Path": "/", - "CreateDate": "2013-06-04T20:27:27.972Z", - "GroupId": "AIDACKCEVSQ6C2EXAMPLE", - "Arn": "arn:aws:iam::123456789012:group/Admins", - "GroupName": "Admins" - }, - { - "Path": "/", - "CreateDate": "2013-04-16T20:30:42Z", - "GroupId": "AIDGPMS9RO4H3FEXAMPLE", - "Arn": "arn:aws:iam::123456789012:group/S3-Admins", - "GroupName": "S3-Admins" + "Groups": [ + { + "Path": "/", + "CreateDate": "2013-06-04T20:27:27.972Z", + "GroupId": "AIDACKCEVSQ6C2EXAMPLE", + "Arn": "arn:aws:iam::123456789012:group/Admins", + "GroupName": "Admins" + }, + { + "Path": "/", + "CreateDate": "2013-04-16T20:30:42Z", + "GroupId": "AIDGPMS9RO4H3FEXAMPLE", + "Arn": "arn:aws:iam::123456789012:group/S3-Admins", + "GroupName": "S3-Admins" + } + ] } - ] - -For more information, see `Creating and Listing Groups`_ in the *Using IAM* guide. - -.. _`Creating and Listing Groups`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_CreatingAndListingGroups.html +For more information, see `Managing IAM user groups `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-instance-profile-tags.rst b/awscli/examples/iam/list-instance-profile-tags.rst new file mode 100644 index 000000000000..46048179da79 --- /dev/null +++ b/awscli/examples/iam/list-instance-profile-tags.rst @@ -0,0 +1,23 @@ +**To list the tags attached to an instance profile** + +The following ``list-instance-profile-tags`` command retrieves the list of tags associated with the specified instance profile. :: + + aws iam list-instance-profile-tags \ + --instance-profile-name deployment-role + +Output:: + + { + "Tags": [ + { + "Key": "DeptID", + "Value": "123456" + }, + { + "Key": "Department", + "Value": "Accounting" + } + ] + } + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-instance-profiles-for-role.rst b/awscli/examples/iam/list-instance-profiles-for-role.rst index e6a4765dd255..d89018e6a3ce 100644 --- a/awscli/examples/iam/list-instance-profiles-for-role.rst +++ b/awscli/examples/iam/list-instance-profiles-for-role.rst @@ -1,32 +1,32 @@ **To list the instance profiles for an IAM role** -The following ``list-instance-profiles-for-role`` command lists the instance profiles that are associated with the role ``Test-Role``:: +The following ``list-instance-profiles-for-role`` command lists the instance profiles that are associated with the role ``Test-Role``. :: - aws iam list-instance-profiles-for-role --role-name Test-Role + aws iam list-instance-profiles-for-role \ + --role-name Test-Role Output:: - "InstanceProfiles": [ - { - "InstanceProfileId": "AIDGPMS9RO4H3FEXAMPLE", - "Roles": [ - { - "AssumeRolePolicyDocument": "", - "RoleId": "AIDACKCEVSQ6C2EXAMPLE", - "CreateDate": "2013-06-07T20:42:15Z", - "RoleName": "Test-Role", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:role/Test-Role" - } - ], - "CreateDate": "2013-06-07T21:05:24Z", - "InstanceProfileName": "ExampleInstanceProfile", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:instance-profile/ExampleInstanceProfile" - } - ] - -For more information, see `Instance Profiles`_ in the *Using IAM* guide. - -.. _`Instance Profiles`: http://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html + { + "InstanceProfiles": [ + { + "InstanceProfileId": "AIDGPMS9RO4H3FEXAMPLE", + "Roles": [ + { + "AssumeRolePolicyDocument": "", + "RoleId": "AIDACKCEVSQ6C2EXAMPLE", + "CreateDate": "2013-06-07T20:42:15Z", + "RoleName": "Test-Role", + "Path": "/", + "Arn": "arn:aws:iam::123456789012:role/Test-Role" + } + ], + "CreateDate": "2013-06-07T21:05:24Z", + "InstanceProfileName": "ExampleInstanceProfile", + "Path": "/", + "Arn": "arn:aws:iam::123456789012:instance-profile/ExampleInstanceProfile" + } + ] + } +For more information, see `Using instance profiles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-instance-profiles.rst b/awscli/examples/iam/list-instance-profiles.rst index 3ac2f5b3e407..557126078379 100644 --- a/awscli/examples/iam/list-instance-profiles.rst +++ b/awscli/examples/iam/list-instance-profiles.rst @@ -1,74 +1,70 @@ **To lists the instance profiles for the account** -The following ``list-instance-profiles`` command lists the instance profiles that are associated with the current account:: +The following ``list-instance-profiles`` command lists the instance profiles that are associated with the current account. :: - aws iam list-instance-profiles + aws iam list-instance-profiles Output:: - { - "InstanceProfiles": [ - { - "InstanceProfileId": "AIPAIXEU4NUHUPEXAMPLE", - "Roles": [ - { - "AssumeRolePolicyDocument": { - "Version": "2012-10-17", - "Statement": [ - { - "Action": "sts:AssumeRole", - "Principal": { - "Service": "ec2.amazonaws.com" - }, - "Effect": "Allow", - "Sid": "" - } - ] + { + "InstanceProfiles": [ + { + "Path": "/", + "InstanceProfileName": "example-dev-role", + "InstanceProfileId": "AIPAIXEU4NUHUPEXAMPLE", + "Arn": "arn:aws:iam::123456789012:instance-profile/example-dev-role", + "CreateDate": "2023-09-21T18:17:41+00:00", + "Roles": [ + { + "Path": "/", + "RoleName": "example-dev-role", + "RoleId": "AROAJ52OTH4H7LEXAMPLE", + "Arn": "arn:aws:iam::123456789012:role/example-dev-role", + "CreateDate": "2023-09-21T18:17:40+00:00", + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + } + } + ] }, - "RoleId": "AROAJ52OTH4H7LEXAMPLE", - "CreateDate": "2013-05-11T00:02:27Z", - "RoleName": "example-role", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:role/example-role" - } - ], - "CreateDate": "2013-05-11T00:02:27Z", - "InstanceProfileName": "ExampleInstanceProfile", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:instance-profile/ExampleInstanceProfile" - }, - { - "InstanceProfileId": "AIPAJVJVNRIQFREXAMPLE", - "Roles": [ - { - "AssumeRolePolicyDocument": { - "Version": "2012-10-17", - "Statement": [ - { - "Action": "sts:AssumeRole", - "Principal": { - "Service": "ec2.amazonaws.com" - }, - "Effect": "Allow", - "Sid": "" - } - ] - }, - "RoleId": "AROAINUBC5O7XLEXAMPLE", - "CreateDate": "2013-01-09T06:33:26Z", - "RoleName": "s3-test-role", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:role/s3-test-role" - } - ], - "CreateDate": "2013-06-12T23:52:02Z", - "InstanceProfileName": "ExampleInstanceProfile2", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:instance-profile/ExampleInstanceProfile2" - }, - ] - } - -For more information, see `Instance Profiles`_ in the *Using IAM* guide. + { + "Path": "/", + "InstanceProfileName": "example-s3-role", + "InstanceProfileId": "AIPAJVJVNRIQFREXAMPLE", + "Arn": "arn:aws:iam::123456789012:instance-profile/example-s3-role", + "CreateDate": "2023-09-21T18:18:50+00:00", + "Roles": [ + { + "Path": "/", + "RoleName": "example-s3-role", + "RoleId": "AROAINUBC5O7XLEXAMPLE", + "Arn": "arn:aws:iam::123456789012:role/example-s3-role", + "CreateDate": "2023-09-21T18:18:49+00:00", + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + } + } + ] + } + ] + } -.. _`Instance Profiles`: http://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html +For more information, see `Using instance profiles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-mfa-device-tags.rst b/awscli/examples/iam/list-mfa-device-tags.rst new file mode 100644 index 000000000000..f454053e346c --- /dev/null +++ b/awscli/examples/iam/list-mfa-device-tags.rst @@ -0,0 +1,23 @@ +**To list the tags attached to an MFA device** + +The following ``list-mfa-device-tags`` command retrieves the list of tags associated with the specified MFA device. :: + + aws iam list-mfa-device-tags \ + --serial-number arn:aws:iam::123456789012:mfa/alice + +Output:: + + { + "Tags": [ + { + "Key": "DeptID", + "Value": "123456" + }, + { + "Key": "Department", + "Value": "Accounting" + } + ] + } + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-mfa-devices.rst b/awscli/examples/iam/list-mfa-devices.rst index 1c2c809f70ad..39d7037282c0 100644 --- a/awscli/examples/iam/list-mfa-devices.rst +++ b/awscli/examples/iam/list-mfa-devices.rst @@ -1,21 +1,35 @@ **To list all MFA devices for a specified user** -This example returns details about the MFA device assigned to the IAM user ``Bob``:: +This example returns details about the MFA device assigned to the IAM user ``Bob``. :: - aws iam list-mfa-devices --user-name Bob + aws iam list-mfa-devices \ + --user-name Bob Output:: - { - "MFADevices": [ - { - "UserName": "Bob", - "SerialNumber": "arn:aws:iam::123456789012:mfa/BobsMFADevice", - "EnableDate": "2015-06-16T22:36:37Z" - } - ] - } + { + "MFADevices": [ + { + "UserName": "Bob", + "SerialNumber": "arn:aws:iam::123456789012:mfa/Bob", + "EnableDate": "2019-10-28T20:37:09+00:00" + }, + { + "UserName": "Bob", + "SerialNumber": "GAKT12345678", + "EnableDate": "2023-02-18T21:44:42+00:00" + }, + { + "UserName": "Bob", + "SerialNumber": "arn:aws:iam::123456789012:u2f/user/Bob/fidosecuritykey1-7XNL7NFNLZ123456789EXAMPLE", + "EnableDate": "2023-09-19T02:25:35+00:00" + }, + { + "UserName": "Bob", + "SerialNumber": "arn:aws:iam::123456789012:u2f/user/Bob/fidosecuritykey2-VDRQTDBBN5123456789EXAMPLE", + "EnableDate": "2023-09-19T01:49:18+00:00" + } + ] + } -For more information, see `Using Multi-Factor Authentication (MFA) Devices with AWS`_ in the *Using IAM* guide. - -.. _`Using Multi-Factor Authentication (MFA) Devices with AWS`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingMFA.html +For more information, see `Using multi-factor authentication (MFA) in AWS `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-open-id-connect-provider-tags.rst b/awscli/examples/iam/list-open-id-connect-provider-tags.rst new file mode 100644 index 000000000000..f89755b3aa47 --- /dev/null +++ b/awscli/examples/iam/list-open-id-connect-provider-tags.rst @@ -0,0 +1,23 @@ +**To list the tags attached to an OpenID Connect (OIDC)-compatible identity provider** + +The following ``list-open-id-connect-provider-tags`` command retrieves the list of tags associated with the specified OIDC identity provider. :: + + aws iam list-open-id-connect-provider-tags \ + --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/server.example.com + +Output:: + + { + "Tags": [ + { + "Key": "DeptID", + "Value": "123456" + }, + { + "Key": "Department", + "Value": "Accounting" + } + ] + } + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-open-id-connect-providers.rst b/awscli/examples/iam/list-open-id-connect-providers.rst index 30ce0ecceac0..5a551d695c3f 100644 --- a/awscli/examples/iam/list-open-id-connect-providers.rst +++ b/awscli/examples/iam/list-open-id-connect-providers.rst @@ -1,19 +1,17 @@ **To list information about the OpenID Connect providers in the AWS account** -This example returns a list of ARNS of all the OpenID Connect providers that are defined in the current AWS account:: +This example returns a list of ARNS of all the OpenID Connect providers that are defined in the current AWS account. :: - aws iam list-open-id-connect-providers + aws iam list-open-id-connect-providers Output:: - { - "OpenIDConnectProviderList": [ - { - "Arn": "arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com" - } - ] - } + { + "OpenIDConnectProviderList": [ + { + "Arn": "arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com" + } + ] + } -For more information, see `Using OpenID Connect Identity Providers`_ in the *Using IAM* guide. - -.. _`Using OpenID Connect Identity Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc.html \ No newline at end of file +For more information, see `Creating OpenID Connect (OIDC) identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-organizations-features.rst b/awscli/examples/iam/list-organizations-features.rst new file mode 100644 index 000000000000..a3bd5739946b --- /dev/null +++ b/awscli/examples/iam/list-organizations-features.rst @@ -0,0 +1,17 @@ +**To list the centralized root access features enabled for your organization** + +The following ``list-organizations-features`` command lists the centralized root access features enabled for your organization. :: + + aws iam list-organizations-features + +Output:: + + { + "EnabledFeatures": [ + "RootCredentialsManagement", + "RootSessions" + ] + "OrganizationId": "o-aa111bb222" + } + +For more information, see `Centrally manage root access for member accounts `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-policies-granting-service-access.rst b/awscli/examples/iam/list-policies-granting-service-access.rst index aca9f784be4a..33d6a333b4a4 100644 --- a/awscli/examples/iam/list-policies-granting-service-access.rst +++ b/awscli/examples/iam/list-policies-granting-service-access.rst @@ -25,4 +25,4 @@ Output:: "IsTruncated": false } -For more information, see `Using IAM with CodeCommit: Git Credentials, SSH Keys, and AWS Access Keys `_ in the *AWS IAM User Guide*. +For more information, see `Using IAM with CodeCommit: Git credentials, SSH keys, and AWS access keys `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-policies.rst b/awscli/examples/iam/list-policies.rst index 83d843b079ad..fbc3d11416f6 100644 --- a/awscli/examples/iam/list-policies.rst +++ b/awscli/examples/iam/list-policies.rst @@ -1,40 +1,52 @@ **To list managed policies that are available to your AWS account** -This example returns a collection of the first two managed policies available in the current AWS account:: +This example returns a collection of the first two managed policies available in the current AWS account. :: - aws iam list-policies --max-items 2 + aws iam list-policies \ + --max-items 3 Output:: - { - "Marker": "AAIWFnoA2MQ9zN9nnTorukxr1uesDIDa4u+q1mEfaurCDZ1AuCYagYfayKYGvu75BEGk8PooPsw5uvumkuizFACZ8f4rKtN1RuBWiVDBWet2OA==", - "IsTruncated": true, - "Policies": [ - { - "PolicyName": "AdministratorAccess", - "CreateDate": "2015-02-06T18:39:46Z", - "AttachmentCount": 5, - "IsAttachable": true, - "PolicyId": "ANPAIWMBCKSKIEE64ZLYK", - "DefaultVersionId": "v1", - "Path": "/", - "Arn": "arn:aws:iam::aws:policy/AdministratorAccess", - "UpdateDate": "2015-02-06T18:39:46Z" - }, - { - "PolicyName": "ASamplePolicy", - "CreateDate": "2015-06-17T19:23;32Z", - "AttachmentCount": "0", - "IsAttachable": "true", - "PolicyId": "Z27SI6FQMGNQ2EXAMPLE1", - "DefaultVersionId": "v1", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:policy/ASamplePolicy", - "UpdateDate": "2015-06-17T19:23:32Z" - } - ] - } + { + "Policies": [ + { + "PolicyName": "AWSCloudTrailAccessPolicy", + "PolicyId": "ANPAXQE2B5PJ7YEXAMPLE", + "Arn": "arn:aws:iam::123456789012:policy/AWSCloudTrailAccessPolicy", + "Path": "/", + "DefaultVersionId": "v1", + "AttachmentCount": 0, + "PermissionsBoundaryUsageCount": 0, + "IsAttachable": true, + "CreateDate": "2019-09-04T17:43:42+00:00", + "UpdateDate": "2019-09-04T17:43:42+00:00" + }, + { + "PolicyName": "AdministratorAccess", + "PolicyId": "ANPAIWMBCKSKIEE64ZLYK", + "Arn": "arn:aws:iam::aws:policy/AdministratorAccess", + "Path": "/", + "DefaultVersionId": "v1", + "AttachmentCount": 6, + "PermissionsBoundaryUsageCount": 0, + "IsAttachable": true, + "CreateDate": "2015-02-06T18:39:46+00:00", + "UpdateDate": "2015-02-06T18:39:46+00:00" + }, + { + "PolicyName": "PowerUserAccess", + "PolicyId": "ANPAJYRXTHIB4FOVS3ZXS", + "Arn": "arn:aws:iam::aws:policy/PowerUserAccess", + "Path": "/", + "DefaultVersionId": "v5", + "AttachmentCount": 1, + "PermissionsBoundaryUsageCount": 0, + "IsAttachable": true, + "CreateDate": "2015-02-06T18:39:47+00:00", + "UpdateDate": "2023-07-06T22:04:00+00:00" + } + ], + "NextToken": "EXAMPLErZXIiOiBudWxsLCAiYm90b190cnVuY2F0ZV9hbW91bnQiOiA4fQ==" + } -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-policy-tags.rst b/awscli/examples/iam/list-policy-tags.rst new file mode 100644 index 000000000000..a650737bc1f9 --- /dev/null +++ b/awscli/examples/iam/list-policy-tags.rst @@ -0,0 +1,23 @@ +**To list the tags attached to a managed policy** + +The following ``list-policy-tags`` command retrieves the list of tags associated with the specified managed policy. :: + + aws iam list-policy-tags \ + --policy-arn arn:aws:iam::123456789012:policy/billing-access + +Output:: + + { + "Tags": [ + { + "Key": "DeptID", + "Value": "123456" + }, + { + "Key": "Department", + "Value": "Accounting" + } + ] + } + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-policy-versions.rst b/awscli/examples/iam/list-policy-versions.rst index 55d102d2cbb7..7f035c41d80c 100644 --- a/awscli/examples/iam/list-policy-versions.rst +++ b/awscli/examples/iam/list-policy-versions.rst @@ -1,27 +1,26 @@ **To list information about the versions of the specified managed policy** -This example returns the list of available versions of the policy whose ARN is ``arn:aws:iam::123456789012:policy/MySamplePolicy``:: +This example returns the list of available versions of the policy whose ARN is ``arn:aws:iam::123456789012:policy/MySamplePolicy``. :: - aws iam list-policy-versions --policy-arn arn:aws:iam::123456789012:policy/MySamplePolicy + aws iam list-policy-versions \ + --policy-arn arn:aws:iam::123456789012:policy/MySamplePolicy Output:: - { - "IsTruncated": false, - "Versions": [ - { - "CreateDate": "2015-06-02T23:19:44Z", - "VersionId": "v2", - "IsDefaultVersion": true - }, - { - "CreateDate": "2015-06-02T22:30:47Z", - "VersionId": "v1", - "IsDefaultVersion": false - } - ] - } + { + "IsTruncated": false, + "Versions": [ + { + "VersionId": "v2", + "IsDefaultVersion": true, + "CreateDate": "2015-06-02T23:19:44Z" + }, + { + "VersionId": "v1", + "IsDefaultVersion": false, + "CreateDate": "2015-06-02T22:30:47Z" + } + ] + } -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-role-policies.rst b/awscli/examples/iam/list-role-policies.rst index 8d0f76a2e257..fa8630c7d105 100644 --- a/awscli/examples/iam/list-role-policies.rst +++ b/awscli/examples/iam/list-role-policies.rst @@ -1,18 +1,18 @@ **To list the policies attached to an IAM role** -The following ``list-role-policies`` command lists the names of the permissions policies for the specified IAM role:: +The following ``list-role-policies`` command lists the names of the permissions policies for the specified IAM role. :: - aws iam list-role-policies --role-name Test-Role + aws iam list-role-policies \ + --role-name Test-Role Output:: - "PolicyNames": [ - "ExamplePolicy" - ] + { + "PolicyNames": [ + "ExamplePolicy" + ] + } To see the trust policy attached to a role, use the ``get-role`` command. To see the details of a permissions policy, use the ``get-role-policy`` command. -For more information, see `Creating a Role`_ in the *Using IAM* guide. - -.. _`Creating a Role`: http://docs.aws.amazon.com/IAM/latest/UserGuide/creating-role.html - +For more information, see `Creating IAM roles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-role-tags.rst b/awscli/examples/iam/list-role-tags.rst index 0e5cd36dcd52..b16b414bbfcb 100644 --- a/awscli/examples/iam/list-role-tags.rst +++ b/awscli/examples/iam/list-role-tags.rst @@ -2,24 +2,23 @@ The following ``list-role-tags`` command retrieves the list of tags associated with the specified role. :: - aws iam list-role-tags --role-name production-role + aws iam list-role-tags \ + --role-name production-role - Output:: - { - "Tags": [ - { - "Key": "Department", - "Value": "Accounting" - }, - { - "Key": "DeptID", - "Value": "12345" - } - ], - "IsTruncated": false - } - +Output:: -For more information, see `Tagging IAM Entities`_ in the *AWS IAM User Guide* + { + "Tags": [ + { + "Key": "Department", + "Value": "Accounting" + }, + { + "Key": "DeptID", + "Value": "12345" + } + ], + "IsTruncated": false + } -.. _`Tagging IAM Entities`: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-roles.rst b/awscli/examples/iam/list-roles.rst index 4ed88f3353b5..d7b173980509 100644 --- a/awscli/examples/iam/list-roles.rst +++ b/awscli/examples/iam/list-roles.rst @@ -1,57 +1,56 @@ **To list IAM roles for the current account** -The following ``list-roles`` command lists IAM roles for the current account:: +The following ``list-roles`` command lists IAM roles for the current account. :: - aws iam list-roles + aws iam list-roles Output:: - { - "Roles": [ - { - "AssumeRolePolicyDocument": { - "Version": "2012-10-17", - "Statement": [ + { + "Roles": [ { - "Action": "sts:AssumeRole", - "Principal": { - "Service": "ec2.amazonaws.com" - }, - "Effect": "Allow", - "Sid": "" - } - ] - }, - "RoleId": "AROAJ52OTH4H7LEXAMPLE", - "CreateDate": "2013-05-11T00:02:27Z", - "RoleName": "ExampleRole1", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:role/ExampleRole1" - }, - { - "AssumeRolePolicyDocument": { - "Version": "2012-10-17", - "Statement": [ + "Path": "/", + "RoleName": "ExampleRole", + "RoleId": "AROAJ52OTH4H7LEXAMPLE", + "Arn": "arn:aws:iam::123456789012:role/ExampleRole", + "CreateDate": "2017-09-12T19:23:36+00:00", + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + }, + "MaxSessionDuration": 3600 + }, { - "Action": "sts:AssumeRole", - "Principal": { - "Service": "elastictranscoder.amazonaws.com" - }, - "Effect": "Allow", - "Sid": "" + "Path": "/example_path/", + "RoleName": "ExampleRoleWithPath", + "RoleId": "AROAI4QRP7UFT7EXAMPLE", + "Arn": "arn:aws:iam::123456789012:role/example_path/ExampleRoleWithPath", + "CreateDate": "2023-09-21T20:29:38+00:00", + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "", + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + }, + "MaxSessionDuration": 3600 } - ] - }, - "RoleId": "AROAI4QRP7UFT7EXAMPLE", - "CreateDate": "2013-04-18T05:01:58Z", - "RoleName": "emr-access", - "Path": "/", - "Arn": "arn:aws:iam::123456789012:role/emr-access" - } - ] - } - -For more information, see `Creating a Role`_ in the *Using IAM* guide. - -.. _`Creating a Role`: http://docs.aws.amazon.com/IAM/latest/UserGuide/creating-role.html + ] + } +For more information, see `Creating IAM roles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-saml-provider-tags.rst b/awscli/examples/iam/list-saml-provider-tags.rst new file mode 100644 index 000000000000..2be760e2ff00 --- /dev/null +++ b/awscli/examples/iam/list-saml-provider-tags.rst @@ -0,0 +1,23 @@ +**To list the tags attached to a SAML provider** + +The following ``list-saml-provider-tags`` command retrieves the list of tags associated with the specified SAML provider. :: + + aws iam list-saml-provider-tags \ + --saml-provider-arn arn:aws:iam::123456789012:saml-provider/ADFS + +Output:: + + { + "Tags": [ + { + "Key": "DeptID", + "Value": "123456" + }, + { + "Key": "Department", + "Value": "Accounting" + } + ] + } + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-saml-providers.rst b/awscli/examples/iam/list-saml-providers.rst index 0dfb11b8f7c3..db0b99fafb10 100644 --- a/awscli/examples/iam/list-saml-providers.rst +++ b/awscli/examples/iam/list-saml-providers.rst @@ -1,21 +1,19 @@ **To list the SAML providers in the AWS account** -This example retrieves the list of SAML 2.0 providers created in the current AWS account:: +This example retrieves the list of SAML 2.0 providers created in the current AWS account. :: - aws iam list-saml-providers + aws iam list-saml-providers Output:: - { - "SAMLProviderList": [ - { - "CreateDate": "2015-06-05T22:45:14Z", - "ValidUntil": "2015-06-05T22:45:14Z", - "Arn": "arn:aws:iam::123456789012:saml-provider/SAMLADFS" - } - ] - } + { + "SAMLProviderList": [ + { + "Arn": "arn:aws:iam::123456789012:saml-provider/SAML-ADFS", + "ValidUntil": "2015-06-05T22:45:14Z", + "CreateDate": "2015-06-05T22:45:14Z" + } + ] + } -For more information, see `Using SAML Providers`_ in the *Using IAM* guide. - -.. _`Using SAML Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-saml.html \ No newline at end of file +For more information, see `Creating IAM SAML identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-server-certificate-tags.rst b/awscli/examples/iam/list-server-certificate-tags.rst new file mode 100644 index 000000000000..435c2e1c37f9 --- /dev/null +++ b/awscli/examples/iam/list-server-certificate-tags.rst @@ -0,0 +1,23 @@ +**To list the tags attached to a server certificate** + +The following ``list-server-certificate-tags`` command retrieves the list of tags associated with the specified server certificate. :: + + aws iam list-server-certificate-tags \ + --server-certificate-name ExampleCertificate + +Output:: + + { + "Tags": [ + { + "Key": "DeptID", + "Value": "123456" + }, + { + "Key": "Department", + "Value": "Accounting" + } + ] + } + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-server-certificates.rst b/awscli/examples/iam/list-server-certificates.rst index a032642f1d33..db4604c90d4c 100644 --- a/awscli/examples/iam/list-server-certificates.rst +++ b/awscli/examples/iam/list-server-certificates.rst @@ -27,6 +27,4 @@ Output:: ] } -For more information, see `Creating, Uploading, and Deleting Server Certificates`_ in the *IAM Users Guide*. - -.. _`Creating, Uploading, and Deleting Server Certificates`: http://docs.aws.amazon.com/IAM/latest/UserGuide/InstallCert.html +For more information, see `Managing server certificates in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-service-specific-credential.rst b/awscli/examples/iam/list-service-specific-credential.rst index 514efb0bf714..7880143b546b 100644 --- a/awscli/examples/iam/list-service-specific-credential.rst +++ b/awscli/examples/iam/list-service-specific-credential.rst @@ -1,41 +1,41 @@ -**List the service-specific credentials for a user** +**Example 1: List the service-specific credentials for a user** The following ``list-service-specific-credentials`` example displays all service-specific credentials assigned to the specified user. Passwords are not included in the response. :: - aws iam list-service-specific-credentials --user-name sofia + aws iam list-service-specific-credentials \ + --user-name sofia Output:: - { - "ServiceSpecificCredential": { - "CreateDate": "2019-04-18T20:45:36+00:00", - "ServiceName": "codecommit.amazonaws.com", - "ServiceUserName": "sofia-at-123456789012", - "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", - "UserName": "sofia", - "Status": "Active" - } - } + { + "ServiceSpecificCredential": { + "CreateDate": "2019-04-18T20:45:36+00:00", + "ServiceName": "codecommit.amazonaws.com", + "ServiceUserName": "sofia-at-123456789012", + "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", + "UserName": "sofia", + "Status": "Active" + } + } -**List the service-specific credentials for a user filtered to a specified service** +**Example 2: List the service-specific credentials for a user filtered to a specified service** The following ``list-service-specific-credentials`` example displays the service-specific credentials assigned to the user making the request. The list is filtered to include only those credentials for the specified service. Passwords are not included in the response. :: - aws iam list-service-specific-credentials --service-name codecommit.amazonaws.com + aws iam list-service-specific-credentials \ + --service-name codecommit.amazonaws.com Output:: - { - "ServiceSpecificCredential": { - "CreateDate": "2019-04-18T20:45:36+00:00", - "ServiceName": "codecommit.amazonaws.com", - "ServiceUserName": "sofia-at-123456789012", - "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", - "UserName": "sofia", - "Status": "Active" - } - } - -For more information, see `Create Git Credentials for HTTPS Connections to CodeCommit`_ in the *AWS CodeCommit User Guide* - -.. _`Create Git Credentials for HTTPS Connections to CodeCommit`: https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html#setting-up-gc-iam + { + "ServiceSpecificCredential": { + "CreateDate": "2019-04-18T20:45:36+00:00", + "ServiceName": "codecommit.amazonaws.com", + "ServiceUserName": "sofia-at-123456789012", + "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", + "UserName": "sofia", + "Status": "Active" + } + } + +For more information, see `Create Git credentials for HTTPS connections to CodeCommit `__ in the *AWS CodeCommit User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-service-specific-credentials.rst b/awscli/examples/iam/list-service-specific-credentials.rst index 97961b1ee13e..20cc6b544557 100755 --- a/awscli/examples/iam/list-service-specific-credentials.rst +++ b/awscli/examples/iam/list-service-specific-credentials.rst @@ -1,30 +1,32 @@ -**To retrieve a list of credentials** - -The following ``list-service-specific-credentials`` example lists the credentials generated for HTTPS access to AWS CodeCommit repositories for a user named ``developer``. :: - - aws iam list-service-specific-credentials \ - --user-name developer \ - --service-name codecommit.amazonaws.com - -Output:: - - { - "ServiceSpecificCredentials": [ - { - "UserName": "developer", - "Status": "Inactive", - "ServiceUserName": "developer-at-123456789012", - "CreateDate": "2019-10-01T04:31:41Z", - "ServiceSpecificCredentialId": "ACCAQFODXMPL4YFHP7DZE", - "ServiceName": "codecommit.amazonaws.com" - }, - { - "UserName": "developer", - "Status": "Active", - "ServiceUserName": "developer+1-at-123456789012", - "CreateDate": "2019-10-01T04:31:45Z", - "ServiceSpecificCredentialId": "ACCAQFOXMPL6VW57M7AJP", - "ServiceName": "codecommit.amazonaws.com" - } - ] - } +**To retrieve a list of credentials** + +The following ``list-service-specific-credentials`` example lists the credentials generated for HTTPS access to AWS CodeCommit repositories for a user named ``developer``. :: + + aws iam list-service-specific-credentials \ + --user-name developer \ + --service-name codecommit.amazonaws.com + +Output:: + + { + "ServiceSpecificCredentials": [ + { + "UserName": "developer", + "Status": "Inactive", + "ServiceUserName": "developer-at-123456789012", + "CreateDate": "2019-10-01T04:31:41Z", + "ServiceSpecificCredentialId": "ACCAQFODXMPL4YFHP7DZE", + "ServiceName": "codecommit.amazonaws.com" + }, + { + "UserName": "developer", + "Status": "Active", + "ServiceUserName": "developer+1-at-123456789012", + "CreateDate": "2019-10-01T04:31:45Z", + "ServiceSpecificCredentialId": "ACCAQFOXMPL6VW57M7AJP", + "ServiceName": "codecommit.amazonaws.com" + } + ] + } + +For more information, see `Create Git credentials for HTTPS connections to CodeCommit `__ in the *AWS CodeCommit User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-signing-certificates.rst b/awscli/examples/iam/list-signing-certificates.rst index 67b8847ec10b..a42fdecf64ca 100644 --- a/awscli/examples/iam/list-signing-certificates.rst +++ b/awscli/examples/iam/list-signing-certificates.rst @@ -19,4 +19,4 @@ Output:: ] } -For more information, see `Creating and Uploading a User Signing Certificate `__ in the *Using IAM* guide. \ No newline at end of file +For more information, see `Manage signing certificates `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-ssh-public-keys.rst b/awscli/examples/iam/list-ssh-public-keys.rst index c6e63d034b15..04633ac4df59 100644 --- a/awscli/examples/iam/list-ssh-public-keys.rst +++ b/awscli/examples/iam/list-ssh-public-keys.rst @@ -2,7 +2,8 @@ The following ``list-ssh-public-keys`` example lists the SSH public keys attached to the IAM user ``sofia``. :: - aws iam list-ssh-public-keys --user-name sofia + aws iam list-ssh-public-keys \ + --user-name sofia Output:: @@ -17,4 +18,4 @@ Output:: ] } -For more information about SSH keys in IAM, see `Use SSH Keys and SSH with CodeCommit `_ in the *AWS IAM User Guide* +For more information, see `Use SSH keys and SSH with CodeCommit `__ in the *AWS IAM User Guide* \ No newline at end of file diff --git a/awscli/examples/iam/list-user-policies.rst b/awscli/examples/iam/list-user-policies.rst index 99900d0aa44a..0a6d343dae43 100644 --- a/awscli/examples/iam/list-user-policies.rst +++ b/awscli/examples/iam/list-user-policies.rst @@ -1,21 +1,17 @@ **To list policies for an IAM user** -The following ``list-user-policies`` command lists the policies that are attached to the IAM user named ``Bob``:: +The following ``list-user-policies`` command lists the policies that are attached to the IAM user named ``Bob``. :: - aws iam list-user-policies --user-name Bob + aws iam list-user-policies \ + --user-name Bob Output:: - "PolicyNames": [ - "ExamplePolicy", - "TestPolicy" - ] - -For more information, see `Adding a New User to Your AWS Account`_ in the *Using IAM* guide. - -.. _`Adding a New User to Your AWS Account`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_SettingUpUser.html - - - - + { + "PolicyNames": [ + "ExamplePolicy", + "TestPolicy" + ] + } +For more information, see `Creating an IAM user in your AWS account `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-user-tags.rst b/awscli/examples/iam/list-user-tags.rst index c1e64660763f..02ffb85c5d88 100644 --- a/awscli/examples/iam/list-user-tags.rst +++ b/awscli/examples/iam/list-user-tags.rst @@ -2,24 +2,23 @@ The following ``list-user-tags`` command retrieves the list of tags associated with the specified IAM user. :: - aws iam list-user-tags --user-name alice + aws iam list-user-tags \ + --user-name alice - Output:: - { - "Tags": [ - { - "Key": "Department", - "Value": "Accounting" - }, - { - "Key": "DeptID", - "Value": "12345" - } - ], - "IsTruncated": false - } - +Output:: -For more information, see `Tagging IAM Entities`_ in the *AWS IAM User Guide* + { + "Tags": [ + { + "Key": "Department", + "Value": "Accounting" + }, + { + "Key": "DeptID", + "Value": "12345" + } + ], + "IsTruncated": false + } -.. _`Tagging IAM Entities`: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-users.rst b/awscli/examples/iam/list-users.rst index c2ca74f9ef5e..e095d3a68032 100644 --- a/awscli/examples/iam/list-users.rst +++ b/awscli/examples/iam/list-users.rst @@ -1,29 +1,28 @@ **To list IAM users** -The following ``list-users`` command lists the IAM users in the current account:: +The following ``list-users`` command lists the IAM users in the current account. :: - aws iam list-users + aws iam list-users Output:: - "Users": [ - { - "UserName": "Adele", - "Path": "/", - "CreateDate": "2013-03-07T05:14:48Z", - "UserId": "AKIAI44QH8DHBEXAMPLE", - "Arn": "arn:aws:iam::123456789012:user/Adele" - }, - { - "UserName": "Bob", - "Path": "/", - "CreateDate": "2012-09-21T23:03:13Z", - "UserId": "AKIAIOSFODNN7EXAMPLE", - "Arn": "arn:aws:iam::123456789012:user/Bob" - } - ] - -For more information, see `Listing Users`_ in the *Using IAM* guide. - -.. _`Listing Users`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_GetListOfUsers.html + { + "Users": [ + { + "UserName": "Adele", + "Path": "/", + "CreateDate": "2013-03-07T05:14:48Z", + "UserId": "AKIAI44QH8DHBEXAMPLE", + "Arn": "arn:aws:iam::123456789012:user/Adele" + }, + { + "UserName": "Bob", + "Path": "/", + "CreateDate": "2012-09-21T23:03:13Z", + "UserId": "AKIAIOSFODNN7EXAMPLE", + "Arn": "arn:aws:iam::123456789012:user/Bob" + } + ] + } +For more information, see `Listing IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/list-virtual-mfa-devices.rst b/awscli/examples/iam/list-virtual-mfa-devices.rst index 1208662c9122..a2f24326192a 100644 --- a/awscli/examples/iam/list-virtual-mfa-devices.rst +++ b/awscli/examples/iam/list-virtual-mfa-devices.rst @@ -1,23 +1,20 @@ **To list virtual MFA devices** -The following ``list-virtual-mfa-devices`` command lists the virtual MFA devices that have been configured for the current account:: +The following ``list-virtual-mfa-devices`` command lists the virtual MFA devices that have been configured for the current account. :: - aws iam list-virtual-mfa-devices + aws iam list-virtual-mfa-devices Output:: - { - "VirtualMFADevices": [ - { - "SerialNumber": "arn:aws:iam::123456789012:mfa/ExampleMFADevice" - }, - { - "SerialNumber": "arn:aws:iam::123456789012:mfa/Fred" - } - ] - } - -For more information, see `Using a Virtual MFA Device with AWS`_ in the *Using IAM* guide. - -.. _`Using a Virtual MFA Device with AWS`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_VirtualMFA.html + { + "VirtualMFADevices": [ + { + "SerialNumber": "arn:aws:iam::123456789012:mfa/ExampleMFADevice" + }, + { + "SerialNumber": "arn:aws:iam::123456789012:mfa/Fred" + } + ] + } +For more information, see `Enabling a virtual multi-factor authentication (MFA) device `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/put-group-policy.rst b/awscli/examples/iam/put-group-policy.rst index 585099121d59..07b8ff50913e 100644 --- a/awscli/examples/iam/put-group-policy.rst +++ b/awscli/examples/iam/put-group-policy.rst @@ -1,13 +1,15 @@ **To add a policy to a group** -The following ``put-group-policy`` command adds a policy to the IAM group named ``Admins``:: +The following ``put-group-policy`` command adds a policy to the IAM group named ``Admins``. :: - aws iam put-group-policy --group-name Admins --policy-document file://AdminPolicy.json --policy-name AdminRoot + aws iam put-group-policy \ + --group-name Admins \ + --policy-document file://AdminPolicy.json \ + --policy-name AdminRoot + +This command produces no output. The policy is defined as a JSON document in the *AdminPolicy.json* file. (The file name and extension do not have significance.) -For more information, see `Managing IAM Policies`_ in the *Using IAM* guide. - -.. _`Managing IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingPolicies.html - +For more information, see `Managing IAM policies `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/put-role-permissions-boundary.rst b/awscli/examples/iam/put-role-permissions-boundary.rst index f3b730e86310..1dcd5d37996a 100755 --- a/awscli/examples/iam/put-role-permissions-boundary.rst +++ b/awscli/examples/iam/put-role-permissions-boundary.rst @@ -1,19 +1,21 @@ -**To apply a permissions boundary based on a custom policy to an IAM role** - -The following ``put-role-permissions-boundary`` example applies the custom policy named ``intern-boundary`` as the permissions boundary for the specified IAM role. :: - - aws iam put-role-permissions-boundary \ - --permissions-boundary arn:aws:iam::123456789012:policy/intern-boundary \ - --role-name lambda-application-role - -This command produces no output. - -**To apply a permissions boundary based on an AWS managed policy to an IAM role** - -The following ``put-role-permissions-boundary`` example applies the AWS managed ``PowerUserAccess`` policy as the permissions boundary for the specified IAM role . :: - - aws iam put-role-permissions-boundary \ - --permissions-boundary arn:aws:iam::aws:policy/PowerUserAccess \ - --role-name x-account-admin - -This command produces no output. +**Example 1: To apply a permissions boundary based on a custom policy to an IAM role** + +The following ``put-role-permissions-boundary`` example applies the custom policy named ``intern-boundary`` as the permissions boundary for the specified IAM role. :: + + aws iam put-role-permissions-boundary \ + --permissions-boundary arn:aws:iam::123456789012:policy/intern-boundary \ + --role-name lambda-application-role + +This command produces no output. + +**Example 2: To apply a permissions boundary based on an AWS managed policy to an IAM role** + +The following ``put-role-permissions-boundary`` example applies the AWS managed ``PowerUserAccess`` policy as the permissions boundary for the specified IAM role. :: + + aws iam put-role-permissions-boundary \ + --permissions-boundary arn:aws:iam::aws:policy/PowerUserAccess \ + --role-name x-account-admin + +This command produces no output. + +For more information, see `Modifying a role `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/put-role-policy.rst b/awscli/examples/iam/put-role-policy.rst index fbe07e90697a..04b79788b152 100644 --- a/awscli/examples/iam/put-role-policy.rst +++ b/awscli/examples/iam/put-role-policy.rst @@ -1,14 +1,16 @@ **To attach a permissions policy to an IAM role** -The following ``put-role-policy`` command adds a permissions policy to the role named ``Test-Role``:: +The following ``put-role-policy`` command adds a permissions policy to the role named ``Test-Role``. :: - aws iam put-role-policy --role-name Test-Role --policy-name ExamplePolicy --policy-document file://AdminPolicy.json + aws iam put-role-policy \ + --role-name Test-Role \ + --policy-name ExamplePolicy \ + --policy-document file://AdminPolicy.json + +This command produces no output. The policy is defined as a JSON document in the *AdminPolicy.json* file. (The file name and extension do not have significance.) To attach a trust policy to a role, use the ``update-assume-role-policy`` command. -For more information, see `Creating a Role`_ in the *Using IAM* guide. - -.. _`Creating a Role`: http://docs.aws.amazon.com/IAM/latest/UserGuide/creating-role.html - +For more information, see `Modifying a role `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/put-user-permissions-boundary.rst b/awscli/examples/iam/put-user-permissions-boundary.rst index 50890e6cc999..3e32538061f8 100755 --- a/awscli/examples/iam/put-user-permissions-boundary.rst +++ b/awscli/examples/iam/put-user-permissions-boundary.rst @@ -1,19 +1,21 @@ -**To apply a permissions boundary based on a custom policy to an IAM user** - -The following ``put-user-permissions-boundary`` example applies a custom policy named ``intern-boundary`` as the permissions boundary for the specified IAM user. :: - - aws iam put-user-permissions-boundary \ - --permissions-boundary arn:aws:iam::123456789012:policy/intern-boundary \ - --user-name intern - -This command produces no output. - -**To apply a permissions boundary based on an AWS managed policy to an IAM user** - -The following ``put-user-permissions-boundary`` example applies the AWS managed pollicy named ``PowerUserAccess`` as the permissions boundary for the specified IAM user. :: - - aws iam put-user-permissions-boundary \ - --permissions-boundary arn:aws:iam::aws:policy/PowerUserAccess \ - --user-name developer - -This command produces no output. +**Example 1: To apply a permissions boundary based on a custom policy to an IAM user** + +The following ``put-user-permissions-boundary`` example applies a custom policy named ``intern-boundary`` as the permissions boundary for the specified IAM user. :: + + aws iam put-user-permissions-boundary \ + --permissions-boundary arn:aws:iam::123456789012:policy/intern-boundary \ + --user-name intern + +This command produces no output. + +**Example 2: To apply a permissions boundary based on an AWS managed policy to an IAM user** + +The following ``put-user-permissions-boundary`` example applies the AWS managed pollicy named ``PowerUserAccess`` as the permissions boundary for the specified IAM user. :: + + aws iam put-user-permissions-boundary \ + --permissions-boundary arn:aws:iam::aws:policy/PowerUserAccess \ + --user-name developer + +This command produces no output. + +For more information, see `Adding and removing IAM identity permissions `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/put-user-policy.rst b/awscli/examples/iam/put-user-policy.rst index 63a0de2620bd..c4f256b3877f 100644 --- a/awscli/examples/iam/put-user-policy.rst +++ b/awscli/examples/iam/put-user-policy.rst @@ -1,16 +1,14 @@ **To attach a policy to an IAM user** -The following ``put-user-policy`` command attaches a policy to the IAM user named ``Bob``:: - - aws iam put-user-policy --user-name Bob --policy-name ExamplePolicy --policy-document file://AdminPolicy.json - -The policy is defined as a JSON document in the *AdminPolicy.json* file. (The file name and extension do not have significance.) - -For more information, see `Adding a New User to Your AWS Account`_ in the *Using IAM* guide. - -.. _`Adding a New User to Your AWS Account`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_SettingUpUser.html - +The following ``put-user-policy`` command attaches a policy to the IAM user named ``Bob``. :: + aws iam put-user-policy \ + --user-name Bob \ + --policy-name ExamplePolicy \ + --policy-document file://AdminPolicy.json +This command produces no output. +The policy is defined as a JSON document in the *AdminPolicy.json* file. (The file name and extension do not have significance.) +For more information, see `Adding and removing IAM identity permissions `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/remove-client-id-from-open-id-connect-provider.rst b/awscli/examples/iam/remove-client-id-from-open-id-connect-provider.rst index 3f946d9205d7..c88c7aae3221 100644 --- a/awscli/examples/iam/remove-client-id-from-open-id-connect-provider.rst +++ b/awscli/examples/iam/remove-client-id-from-open-id-connect-provider.rst @@ -1,11 +1,12 @@ **To remove the specified client ID from the list of client IDs registered for the specified IAM OpenID Connect provider** This example removes the client ID ``My-TestApp-3`` from the list of client IDs associated with the IAM OIDC provider whose -ARN is ``arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com``:: +ARN is ``arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com``. :: - aws iam remove-client-id-from-open-id-connect-provider --client-id My-TestApp-3 --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com + aws iam remove-client-id-from-open-id-connect-provider + --client-id My-TestApp-3 \ + --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com +This command produces no output. -For more information, see `Using OpenID Connect Identity Providers`_ in the *Using IAM* guide. - -.. _`Using OpenID Connect Identity Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc.html \ No newline at end of file +For more information, see `Creating OpenID Connect (OIDC) identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/remove-role-from-instance-profile.rst b/awscli/examples/iam/remove-role-from-instance-profile.rst index 14d820151720..383b37a4be40 100644 --- a/awscli/examples/iam/remove-role-from-instance-profile.rst +++ b/awscli/examples/iam/remove-role-from-instance-profile.rst @@ -1,11 +1,10 @@ **To remove a role from an instance profile** The following ``remove-role-from-instance-profile`` command removes the role named ``Test-Role`` from the instance -profile named ``ExampleInstanceProfile``:: +profile named ``ExampleInstanceProfile``. :: - aws iam remove-role-from-instance-profile --instance-profile-name ExampleInstanceProfile --role-name Test-Role - -For more information, see `Instance Profiles`_ in the *Using IAM* guide. - -.. _`Instance Profiles`: http://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html + aws iam remove-role-from-instance-profile \ + --instance-profile-name ExampleInstanceProfile \ + --role-name Test-Role +For more information, see `Using instance profiles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/remove-user-from-group.rst b/awscli/examples/iam/remove-user-from-group.rst index 04787caf39f5..da568f7195aa 100644 --- a/awscli/examples/iam/remove-user-from-group.rst +++ b/awscli/examples/iam/remove-user-from-group.rst @@ -1,10 +1,11 @@ **To remove a user from an IAM group** -The following ``remove-user-from-group`` command removes the user named ``Bob`` from the IAM group named ``Admins``:: +The following ``remove-user-from-group`` command removes the user named ``Bob`` from the IAM group named ``Admins``. :: - aws iam remove-user-from-group --user-name Bob --group-name Admins + aws iam remove-user-from-group \ + --user-name Bob \ + --group-name Admins -For more information, see `Adding Users to and Removing Users from a Group`_ in the *Using IAM* guide. - -.. _`Adding Users to and Removing Users from a Group`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_AddOrRemoveUsersFromGroup.html +This command produces no output. +For more information, see `Adding and removing users in an IAM user group `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/reset-service-specific-credential.rst b/awscli/examples/iam/reset-service-specific-credential.rst index 74a3151c9093..d7f1471de32c 100644 --- a/awscli/examples/iam/reset-service-specific-credential.rst +++ b/awscli/examples/iam/reset-service-specific-credential.rst @@ -1,43 +1,44 @@ -**Reset the password for a service-specific credential attached to the user making the request** +**Example 1: Reset the password for a service-specific credential attached to the user making the request** The following ``reset-service-specific-credential`` example generates a new cryptographically strong password for the specified service-specific credential attached to the user making the request. :: - aws iam reset-service-specific-credential --service-specific-credential-id ACCAEXAMPLE123EXAMPLE - + aws iam reset-service-specific-credential \ + --service-specific-credential-id ACCAEXAMPLE123EXAMPLE + Output:: - { - "ServiceSpecificCredential": { - "CreateDate": "2019-04-18T20:45:36+00:00", - "ServiceName": "codecommit.amazonaws.com", - "ServiceUserName": "sofia-at-123456789012", - "ServicePassword": "+oaFsNk7tLco+C/obP9GhhcOzGcKOayTmE3LnAmAmH4=", - "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", - "UserName": "sofia", - "Status": "Active" - } - } + { + "ServiceSpecificCredential": { + "CreateDate": "2019-04-18T20:45:36+00:00", + "ServiceName": "codecommit.amazonaws.com", + "ServiceUserName": "sofia-at-123456789012", + "ServicePassword": "+oaFsNk7tLco+C/obP9GhhcOzGcKOayTmE3LnAmAmH4=", + "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", + "UserName": "sofia", + "Status": "Active" + } + } -**Reset the password for a service-specific credential attached to a specified user** +**Example 2: Reset the password for a service-specific credential attached to a specified user** The following ``reset-service-specific-credential`` example generates a new cryptographically strong password for a service-specific credential attached to the specified user. :: - aws iam reset-service-specific-credential --user-name sofia --service-specific-credential-id ACCAEXAMPLE123EXAMPLE - + aws iam reset-service-specific-credential \ + --user-name sofia \ + --service-specific-credential-id ACCAEXAMPLE123EXAMPLE + Output:: - { - "ServiceSpecificCredential": { - "CreateDate": "2019-04-18T20:45:36+00:00", - "ServiceName": "codecommit.amazonaws.com", - "ServiceUserName": "sofia-at-123456789012", - "ServicePassword": "+oaFsNk7tLco+C/obP9GhhcOzGcKOayTmE3LnAmAmH4=", - "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", - "UserName": "sofia", - "Status": "Active" - } - } - -For more information, see `Create Git Credentials for HTTPS Connections to CodeCommit`_ in the *AWS CodeCommit User Guide* - -.. _`Create Git Credentials for HTTPS Connections to CodeCommit`: https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html#setting-up-gc-iam + { + "ServiceSpecificCredential": { + "CreateDate": "2019-04-18T20:45:36+00:00", + "ServiceName": "codecommit.amazonaws.com", + "ServiceUserName": "sofia-at-123456789012", + "ServicePassword": "+oaFsNk7tLco+C/obP9GhhcOzGcKOayTmE3LnAmAmH4=", + "ServiceSpecificCredentialId": "ACCAEXAMPLE123EXAMPLE", + "UserName": "sofia", + "Status": "Active" + } + } + +For more information, see `Create Git credentials for HTTPS connections to CodeCommit `__ in the *AWS CodeCommit User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/resync-mfa-device.rst b/awscli/examples/iam/resync-mfa-device.rst index 413e4d4568bc..182c652a5d29 100644 --- a/awscli/examples/iam/resync-mfa-device.rst +++ b/awscli/examples/iam/resync-mfa-device.rst @@ -1,13 +1,13 @@ -**To synchronize an MFA device** - -The following ``resync-mfa-device`` example synchronizes the MFA device that is associated with the IAM user ``Bob`` and whose ARN is ``arn:aws:iam::123456789012:mfa/BobsMFADevice`` with an authenticator program that provided the two authentication codes. :: - - aws iam resync-mfa-device \ - --user-name Bob \ - --serial-number arn:aws:iam::210987654321:mfa/BobsMFADevice \ - --authentication-code1 123456 \ - --authentication-code2 987654 - -This command produces no output. - -For more information, see `Using Multi-Factor Authentication (MFA) Devices in AWS `__ in the *AWS Identity and Access Management User Guide*. \ No newline at end of file +**To synchronize an MFA device** + +The following ``resync-mfa-device`` example synchronizes the MFA device that is associated with the IAM user ``Bob`` and whose ARN is ``arn:aws:iam::123456789012:mfa/BobsMFADevice`` with an authenticator program that provided the two authentication codes. :: + + aws iam resync-mfa-device \ + --user-name Bob \ + --serial-number arn:aws:iam::210987654321:mfa/BobsMFADevice \ + --authentication-code1 123456 \ + --authentication-code2 987654 + +This command produces no output. + +For more information, see `Using multi-factor authentication (MFA) in AWS `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/set-default-policy-version.rst b/awscli/examples/iam/set-default-policy-version.rst index 44e672e67bdd..fd8268690fd9 100644 --- a/awscli/examples/iam/set-default-policy-version.rst +++ b/awscli/examples/iam/set-default-policy-version.rst @@ -1,10 +1,9 @@ **To set the specified version of the specified policy as the policy's default version.** -This example sets the ``v2`` version of the policy whose ARN is ``arn:aws:iam::123456789012:policy/MyPolicy`` as the default active version:: +This example sets the ``v2`` version of the policy whose ARN is ``arn:aws:iam::123456789012:policy/MyPolicy`` as the default active version. :: - aws iam set-default-policy-version --policy-arn arn:aws:iam::123456789012:policy/MyPolicy --version-id v2 + aws iam set-default-policy-version \ + --policy-arn arn:aws:iam::123456789012:policy/MyPolicy \ + --version-id v2 - -For more information, see `Overview of IAM Policies`_ in the *Using IAM* guide. - -.. _`Overview of IAM Policies`: http://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html \ No newline at end of file +For more information, see `Policies and permissions in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/set-security-token-service-preferences.rst b/awscli/examples/iam/set-security-token-service-preferences.rst index 0fd895e66372..36ad40b92895 100755 --- a/awscli/examples/iam/set-security-token-service-preferences.rst +++ b/awscli/examples/iam/set-security-token-service-preferences.rst @@ -1,8 +1,10 @@ -**To set the global endpoint token version** - -The following ``set-security-token-service-preferences`` example configures Amazon STS to use version 2 tokens when you authenticate against the global endpoint. :: - - aws iam set-security-token-service-preferences \ - --global-endpoint-token-version v2Token - -This command produces no output. +**To set the global endpoint token version** + +The following ``set-security-token-service-preferences`` example configures Amazon STS to use version 2 tokens when you authenticate against the global endpoint. :: + + aws iam set-security-token-service-preferences \ + --global-endpoint-token-version v2Token + +This command produces no output. + +For more information, see `Managing AWS STS in an AWS Region `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/simulate-custom-policy.rst b/awscli/examples/iam/simulate-custom-policy.rst index 80dca9e0705b..bc1ce447ecfa 100755 --- a/awscli/examples/iam/simulate-custom-policy.rst +++ b/awscli/examples/iam/simulate-custom-policy.rst @@ -1,4 +1,4 @@ -**To simulate the effects of all IAM policies associated with an IAM user or role** +**Example 1: To simulate the effects of all IAM policies associated with an IAM user or role** The following ``simulate-custom-policy`` shows how to provide both the policy and define variable values and simulate an API call to see if it is allowed or denied. The following example shows a policy that enables database access only after a specified date and time. The simulation succeeds because the simulated actions and the specified ``aws:CurrentTime`` variable all match the requirements of the policy. :: @@ -33,6 +33,9 @@ Output:: ] } + +**Example 2: To simulate a command that is prohibited by the policy** + The following ``simulate-custom-policy`` example shows the results of simulating a command that is prohibited by the policy. In this example, the provided date is before that required by the policy's condition. :: aws iam simulate-custom-policy \ @@ -54,6 +57,4 @@ Output:: ] } -For more information, see `Testing IAM Policies with the IAM Policy Simulator`_ in the *AWS IAM User Guide* - -.. _`Testing IAM Policies with the IAM Policy Simulator`: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html +For more information, see `Testing IAM policies with the IAM policy simulator `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/simulate-principal-policy.rst b/awscli/examples/iam/simulate-principal-policy.rst index 3566f5dc5015..79ab72977c7c 100755 --- a/awscli/examples/iam/simulate-principal-policy.rst +++ b/awscli/examples/iam/simulate-principal-policy.rst @@ -1,4 +1,4 @@ -**To simulate the effects of an arbitrary IAM policy** +**Example 1: To simulate the effects of an arbitrary IAM policy** The following ``simulate-principal-policy`` shows how to simulate a user calling an API action and determining whether the policies associated with that user allow or deny the action. In the following example, the user has a policy that allows only the ``codecommit:ListRepositories`` action. :: @@ -32,6 +32,8 @@ Output:: ] } +**Example 2: To simulate the effects of a prohibited command** + The following ``simulate-custom-policy`` example shows the results of simulating a command that is prohibited by one of the user's policies. In the following example, the user has a policy that permits access to a DynamoDB database only after a certain date and time. The simulation has the user attempting to access the database with an ``aws:CurrentTime`` value that is earlier than the policy's condition permits. :: aws iam simulate-principal-policy \ @@ -53,6 +55,4 @@ Output:: ] } -For more information, see `Testing IAM Policies with the IAM Policy Simulator`_ in the *AWS IAM User Guide* - -.. _`Testing IAM Policies with the IAM Policy Simulator`: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_testing-policies.html +For more information, see `Testing IAM policies with the IAM policy simulator `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/tag-instance-profile.rst b/awscli/examples/iam/tag-instance-profile.rst new file mode 100644 index 000000000000..6d636a63a15b --- /dev/null +++ b/awscli/examples/iam/tag-instance-profile.rst @@ -0,0 +1,11 @@ +**To add a tag to an instance profile** + +The following ``tag-instance-profile`` command adds a tag with a Department name to the specified instance profile. :: + + aws iam tag-instance-profile \ + --instance-profile-name deployment-role \ + --tags '[{"Key": "Department", "Value": "Accounting"}]' + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/tag-mfa-device.rst b/awscli/examples/iam/tag-mfa-device.rst new file mode 100644 index 000000000000..124a366dd98b --- /dev/null +++ b/awscli/examples/iam/tag-mfa-device.rst @@ -0,0 +1,11 @@ +**To add a tag to an MFA device** + +The following ``tag-mfa-device`` command adds a tag with a Department name to the specified MFA device. :: + + aws iam tag-mfa-device \ + --serial-number arn:aws:iam::123456789012:mfa/alice \ + --tags '[{"Key": "Department", "Value": "Accounting"}]' + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/tag-open-id-connect-provider.rst b/awscli/examples/iam/tag-open-id-connect-provider.rst new file mode 100644 index 000000000000..e535a16fd87f --- /dev/null +++ b/awscli/examples/iam/tag-open-id-connect-provider.rst @@ -0,0 +1,11 @@ +**To add a tag to an OpenID Connect (OIDC)-compatible identity provider** + +The following ``tag-open-id-connect-provider`` command adds a tag with a Department name to the specified OIDC identity provider. :: + + aws iam tag-open-id-connect-provider \ + --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/server.example.com \ + --tags '[{"Key": "Department", "Value": "Accounting"}]' + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/tag-policy.rst b/awscli/examples/iam/tag-policy.rst new file mode 100644 index 000000000000..8080c2d30cd4 --- /dev/null +++ b/awscli/examples/iam/tag-policy.rst @@ -0,0 +1,11 @@ +**To add a tag to a customer managed policy** + +The following ``tag-policy`` command adds a tag with a Department name to the specified customer managed policy. :: + + aws iam tag-policy \ + --policy-arn arn:aws:iam::123456789012:policy/billing-access \ + --tags '[{"Key": "Department", "Value": "Accounting"}]' + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/tag-role.rst b/awscli/examples/iam/tag-role.rst index 0b5dbee4159b..d2767d2db021 100644 --- a/awscli/examples/iam/tag-role.rst +++ b/awscli/examples/iam/tag-role.rst @@ -1,9 +1,10 @@ **To add a tag to a role** -The following ``tag-role`` command adds a tag with a Department name to the specified role. This command produces no output. :: +The following ``tag-role`` command adds a tag with a Department name to the specified role. :: - aws iam tag-role --role-name my-role --tags '{"Key": "Department", "Value": "Accounting"}' + aws iam tag-role --role-name my-role \ + --tags '{"Key": "Department", "Value": "Accounting"}' -For more information, see `Tagging IAM Entities`_ in the *AWS IAM User Guide* +This command produces no output. -.. _`Tagging IAM Entities`: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/tag-saml-provider.rst b/awscli/examples/iam/tag-saml-provider.rst new file mode 100644 index 000000000000..9be65b1d50f3 --- /dev/null +++ b/awscli/examples/iam/tag-saml-provider.rst @@ -0,0 +1,11 @@ +**To add a tag to a SAML provider** + +The following ``tag-saml-provider`` command adds a tag with a Department name to the specified SAML provider. :: + + aws iam tag-saml-provider \ + --saml-provider-arn arn:aws:iam::123456789012:saml-provider/ADFS \ + --tags '[{"Key": "Department", "Value": "Accounting"}]' + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/tag-server-certificate.rst b/awscli/examples/iam/tag-server-certificate.rst new file mode 100644 index 000000000000..234c8d57df57 --- /dev/null +++ b/awscli/examples/iam/tag-server-certificate.rst @@ -0,0 +1,11 @@ +**To add a tag to a server certificate** + +The following ``tag-saml-provider`` command adds a tag with a Department name to the specified sever certificate. :: + + aws iam tag-server-certificate \ + --server-certificate-name ExampleCertificate \ + --tags '[{"Key": "Department", "Value": "Accounting"}]' + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/tag-user.rst b/awscli/examples/iam/tag-user.rst index f27eee026e2d..398398ab7fe5 100644 --- a/awscli/examples/iam/tag-user.rst +++ b/awscli/examples/iam/tag-user.rst @@ -1,9 +1,11 @@ **To add a tag to a user** -The following ``tag-user`` command adds a tag with the associated Department to the specified user. This command produces no output. :: +The following ``tag-user`` command adds a tag with the associated Department to the specified user. :: - aws iam tag-user --user-name alice --tags '{"Key": "Department", "Value": "Accounting"}' + aws iam tag-user \ + --user-name alice \ + --tags '{"Key": "Department", "Value": "Accounting"}' -For more information, see `Tagging IAM Entities`_ in the *AWS IAM User Guide* +This command produces no output. -.. _`Tagging IAM Entities`: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/untag-instance-profile.rst b/awscli/examples/iam/untag-instance-profile.rst new file mode 100644 index 000000000000..8221bb9f68e6 --- /dev/null +++ b/awscli/examples/iam/untag-instance-profile.rst @@ -0,0 +1,11 @@ +**To remove a tag from an instance profile** + +The following ``untag-instance-profile`` command removes any tag with the key name 'Department' from the specified instance profile. :: + + aws iam untag-instance-profile \ + --instance-profile-name deployment-role \ + --tag-keys Department + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/untag-mfa-device.rst b/awscli/examples/iam/untag-mfa-device.rst new file mode 100644 index 000000000000..1ca852824228 --- /dev/null +++ b/awscli/examples/iam/untag-mfa-device.rst @@ -0,0 +1,11 @@ +**To remove a tag from an MFA device** + +The following ``untag-mfa-device`` command removes any tag with the key name 'Department' from the specified MFA device. :: + + aws iam untag-mfa-device \ + --serial-number arn:aws:iam::123456789012:mfa/alice \ + --tag-keys Department + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/untag-open-id-connect-provider.rst b/awscli/examples/iam/untag-open-id-connect-provider.rst new file mode 100644 index 000000000000..11a990375cb8 --- /dev/null +++ b/awscli/examples/iam/untag-open-id-connect-provider.rst @@ -0,0 +1,11 @@ +**To remove a tag from an OIDC identity provider** + +The following ``untag-open-id-connect-provider`` command removes any tag with the key name 'Department' from the specified OIDC identity provider. :: + + aws iam untag-open-id-connect-provider \ + --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/server.example.com \ + --tag-keys Department + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/untag-policy.rst b/awscli/examples/iam/untag-policy.rst new file mode 100644 index 000000000000..80471ca27c66 --- /dev/null +++ b/awscli/examples/iam/untag-policy.rst @@ -0,0 +1,11 @@ +**To remove a tag from a customer managed policy** + +The following ``untag-policy`` command removes any tag with the key name 'Department' from the specified customer managed policy. :: + + aws iam untag-policy \ + --policy-arn arn:aws:iam::452925170507:policy/billing-access \ + --tag-keys Department + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/untag-role.rst b/awscli/examples/iam/untag-role.rst index af20d503ce98..e71b6f34fb74 100644 --- a/awscli/examples/iam/untag-role.rst +++ b/awscli/examples/iam/untag-role.rst @@ -1,9 +1,11 @@ **To remove a tag from a role** -The following ``untag-role`` command removes any tag with the key name 'Department' from the specified role. This command produces no output. :: +The following ``untag-role`` command removes any tag with the key name 'Department' from the specified role. :: - aws iam untag-role --role-name my-role --tag-keys Department + aws iam untag-role \ + --role-name my-role \ + --tag-keys Department -For more information, see `Tagging IAM Entities`_ in the *AWS IAM User Guide* +This command produces no output. -.. _`Tagging IAM Entities`: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/untag-saml-provider.rst b/awscli/examples/iam/untag-saml-provider.rst new file mode 100644 index 000000000000..dea1ba3cbc83 --- /dev/null +++ b/awscli/examples/iam/untag-saml-provider.rst @@ -0,0 +1,11 @@ +**To remove a tag from a SAML provider** + +The following ``untag-saml-provider`` command removes any tag with the key name 'Department' from the specified instance profile. :: + + aws iam untag-saml-provider \ + --saml-provider-arn arn:aws:iam::123456789012:saml-provider/ADFS \ + --tag-keys Department + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/untag-server-certificate.rst b/awscli/examples/iam/untag-server-certificate.rst new file mode 100644 index 000000000000..a46e4bc9dcfb --- /dev/null +++ b/awscli/examples/iam/untag-server-certificate.rst @@ -0,0 +1,11 @@ +**To remove a tag from a server certificate** + +The following ``untag-server-certificate`` command removes any tag with the key name 'Department' from the specified server certificate. :: + + aws iam untag-server-certificate \ + --server-certificate-name ExampleCertificate \ + --tag-keys Department + +This command produces no output. + +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/untag-user.rst b/awscli/examples/iam/untag-user.rst index d09b0cb99ffd..b0ed68d78743 100644 --- a/awscli/examples/iam/untag-user.rst +++ b/awscli/examples/iam/untag-user.rst @@ -1,9 +1,11 @@ **To remove a tag from a user** -The following ``untag-user`` command removes any tag with the key name 'Department' from the specified user. This command produces no output. :: +The following ``untag-user`` command removes any tag with the key name 'Department' from the specified user. :: - aws iam untag-user --user-name alice --tag-keys Department + aws iam untag-user \ + --user-name alice \ + --tag-keys Department -For more information, see `Tagging IAM Entities`_ in the *AWS IAM User Guide* +This command produces no output. -.. _`Tagging IAM Entities`: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html +For more information, see `Tagging IAM resources `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-access-key.rst b/awscli/examples/iam/update-access-key.rst index 749f8541e447..f600c0494f31 100644 --- a/awscli/examples/iam/update-access-key.rst +++ b/awscli/examples/iam/update-access-key.rst @@ -1,14 +1,15 @@ **To activate or deactivate an access key for an IAM user** The following ``update-access-key`` command deactivates the specified access key (access key ID and secret access key) -for the IAM user named ``Bob``:: +for the IAM user named ``Bob``. :: - aws iam update-access-key --access-key-id AKIAIOSFODNN7EXAMPLE --status Inactive --user-name Bob + aws iam update-access-key \ + --access-key-id AKIAIOSFODNN7EXAMPLE \ + --status Inactive \ + --user-name Bob -Deactivating the key means that it cannot be used for programmatic access to AWS. However, the key is still available and can be reactivated. - -For more information, see `Creating, Modifying, and Viewing User Security Credentials`_ in the *Using IAM* guide. - -.. _`Creating, Modifying, and Viewing User Security Credentials`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_CreateAccessKey.html +This command produces no output. +Deactivating the key means that it cannot be used for programmatic access to AWS. However, the key is still available and can be reactivated. +For more information, see `Managing access keys for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-account-password-policy.rst b/awscli/examples/iam/update-account-password-policy.rst index 7d09e4520fec..c0adf8a3a9fe 100644 --- a/awscli/examples/iam/update-account-password-policy.rst +++ b/awscli/examples/iam/update-account-password-policy.rst @@ -1,14 +1,15 @@ **To set or change the current account password policy** The following ``update-account-password-policy`` command sets the password policy to require a minimum length of eight -characters and to require one or more numbers in the password:: +characters and to require one or more numbers in the password. :: - aws iam update-account-password-policy --minimum-password-length 8 --require-numbers + aws iam update-account-password-policy \ + --minimum-password-length 8 \ + --require-numbers + +This command produces no output. Changes to an account's password policy affect any new passwords that are created for IAM users in the account. Password policy changes do not affect existing passwords. -For more information, see `Setting an Account Password Policy for IAM Users`_ in the *Using IAM* guide. - -.. _`Setting an Account Password Policy for IAM Users`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingPasswordPolicies.html - +For more information, see `Setting an account password policy for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-assume-role-policy.rst b/awscli/examples/iam/update-assume-role-policy.rst index 0558285896c7..a3a10457efc9 100644 --- a/awscli/examples/iam/update-assume-role-policy.rst +++ b/awscli/examples/iam/update-assume-role-policy.rst @@ -1,16 +1,16 @@ **To update the trust policy for an IAM role** -The following ``update-assume-role-policy`` command updates the trust policy for the role named ``Test-Role``:: +The following ``update-assume-role-policy`` command updates the trust policy for the role named ``Test-Role``. :: - aws iam update-assume-role-policy --role-name Test-Role --policy-document file://Test-Role-Trust-Policy.json + aws iam update-assume-role-policy \ + --role-name Test-Role \ + --policy-document file://Test-Role-Trust-Policy.json + +This command produces no output. The trust policy is defined as a JSON document in the *Test-Role-Trust-Policy.json* file. (The file name and extension do not have significance.) The trust policy must specify a principal. To update the permissions policy for a role, use the ``put-role-policy`` command. -For more information, see `Creating a Role`_ in the *Using IAM* guide. - -.. _`Creating a Role`: http://docs.aws.amazon.com/IAM/latest/UserGuide/creating-role.html - - +For more information, see `Creating IAM roles `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-group.rst b/awscli/examples/iam/update-group.rst index 34e27160b45c..8ca111028dbb 100644 --- a/awscli/examples/iam/update-group.rst +++ b/awscli/examples/iam/update-group.rst @@ -1,10 +1,11 @@ **To rename an IAM group** -The following ``update-group`` command changes the name of the IAM group ``Test`` to ``Test-1``:: +The following ``update-group`` command changes the name of the IAM group ``Test`` to ``Test-1``. :: - aws iam update-group --group-name Test --new-group-name Test-1 + aws iam update-group \ + --group-name Test \ + --new-group-name Test-1 -For more information, see `Changing a Group's Name or Path`_ in the *Using IAM* guide. - -.. _`Changing a Group's Name or Path`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_RenamingGroup.html +This command produces no output. +For more information, see `Renaming an IAM user group `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-login-profile.rst b/awscli/examples/iam/update-login-profile.rst index 0ae208a4dca2..624ef5f7084a 100644 --- a/awscli/examples/iam/update-login-profile.rst +++ b/awscli/examples/iam/update-login-profile.rst @@ -1,8 +1,12 @@ **To update the password for an IAM user** -The following ``update-login-profile`` command creates a new password for the IAM user named ``Bob``:: +The following ``update-login-profile`` command creates a new password for the IAM user named ``Bob``. :: - aws iam update-login-profile --user-name Bob --password + aws iam update-login-profile \ + --user-name Bob \ + --password + +This command produces no output. To set a password policy for the account, use the ``update-account-password-policy`` command. If the new password violates the account password policy, the command returns a ``PasswordPolicyViolation`` error. @@ -11,8 +15,4 @@ If the account password policy allows them to, IAM users can change their own pa Store the password in a secure place. If the password is lost, it cannot be recovered, and you must create a new one using the ``create-login-profile`` command. -For more information, see `Managing Passwords`_ in the *Using IAM* guide. - -.. _`Managing Passwords`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html - - +For more information, see `Managing passwords for IAM users `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-open-id-connect-provider-thumbprint.rst b/awscli/examples/iam/update-open-id-connect-provider-thumbprint.rst index 582aa207d2cd..caeb731a6e90 100644 --- a/awscli/examples/iam/update-open-id-connect-provider-thumbprint.rst +++ b/awscli/examples/iam/update-open-id-connect-provider-thumbprint.rst @@ -1,11 +1,12 @@ **To replace the existing list of server certificate thumbprints with a new list** This example updates the certificate thumbprint list for the OIDC provider whose ARN is -``arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com`` to use a new thumbprint:: +``arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com`` to use a new thumbprint. :: - aws iam update-open-id-connect-provider-thumbprint --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com --thumbprint-list 7359755EXAMPLEabc3060bce3EXAMPLEec4542a3 + aws iam update-open-id-connect-provider-thumbprint \ + --open-id-connect-provider-arn arn:aws:iam::123456789012:oidc-provider/example.oidcprovider.com \ + --thumbprint-list 7359755EXAMPLEabc3060bce3EXAMPLEec4542a3 +This command produces no output. -For more information, see `Using OpenID Connect Identity Providers`_ in the *Using IAM* guide. - -.. _`Using OpenID Connect Identity Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc.html \ No newline at end of file +For more information, see `Creating OpenID Connect (OIDC) identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-role-description.rst b/awscli/examples/iam/update-role-description.rst index 60d6f906985d..a18a9338d6dc 100644 --- a/awscli/examples/iam/update-role-description.rst +++ b/awscli/examples/iam/update-role-description.rst @@ -2,35 +2,35 @@ The following ``update-role`` command changes the description of the IAM role ``production-role`` to ``Main production role``. :: - aws iam update-role-description --role-name production-role --description 'Main production role' + aws iam update-role-description \ + --role-name production-role \ + --description 'Main production role' - Output:: +Output:: - { - "Role": { - "Path": "/", - "RoleName": "production-role", - "RoleId": "AROA1234567890EXAMPLE", - "Arn": "arn:aws:iam::123456789012:role/production-role", - "CreateDate": "2017-12-06T17:16:37+00:00", - "AssumeRolePolicyDocument": { - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Principal": { - "AWS": "arn:aws:iam::123456789012:root" - }, - "Action": "sts:AssumeRole", - "Condition": {} - } - ] - }, - "Description": "Main production role" - } - } + { + "Role": { + "Path": "/", + "RoleName": "production-role", + "RoleId": "AROA1234567890EXAMPLE", + "Arn": "arn:aws:iam::123456789012:role/production-role", + "CreateDate": "2017-12-06T17:16:37+00:00", + "AssumeRolePolicyDocument": { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "AWS": "arn:aws:iam::123456789012:root" + }, + "Action": "sts:AssumeRole", + "Condition": {} + } + ] + }, + "Description": "Main production role" + } + } -For more information, see `Modifying a Role`_ in the *AWS IAM User's Guide*. - -.. _`Modifying a Role`: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_modify.html +For more information, see `Modifying a role `__ in the *AWS IAM User Guide*. diff --git a/awscli/examples/iam/update-role.rst b/awscli/examples/iam/update-role.rst index 002519d18c93..e28cae8fc01f 100644 --- a/awscli/examples/iam/update-role.rst +++ b/awscli/examples/iam/update-role.rst @@ -2,9 +2,11 @@ The following ``update-role`` command changes the description of the IAM role ``production-role`` to ``Main production role`` and sets the maximum session duration to 12 hours. :: - aws iam update-role --role-name production-role --description 'Main production role' --max-session-duration 43200 + aws iam update-role \ + --role-name production-role \ + --description 'Main production role' \ + --max-session-duration 43200 -For more information, see `Modifying a Role`_ in the *AWS IAM User's Guide*. - -.. _`Modifying a Role`: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_manage_modify.html +This command produces no output. +For more information, see `Modifying a role `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-saml-provider.rst b/awscli/examples/iam/update-saml-provider.rst index 4920dc474563..65b5fdd8909d 100644 --- a/awscli/examples/iam/update-saml-provider.rst +++ b/awscli/examples/iam/update-saml-provider.rst @@ -1,15 +1,15 @@ **To update the metadata document for an existing SAML provider** -This example updates the SAML provider in IAM whose ARN is ``arn:aws:iam::123456789012:saml-provider/SAMLADFS`` with a new SAML metadata document from the file ``SAMLMetaData.xml``:: +This example updates the SAML provider in IAM whose ARN is ``arn:aws:iam::123456789012:saml-provider/SAMLADFS`` with a new SAML metadata document from the file ``SAMLMetaData.xml``. :: - aws iam update-saml-provider --saml-metadata-document file://SAMLMetaData.xml --saml-provider-arn arn:aws:iam::123456789012:saml-provider/SAMLADFS + aws iam update-saml-provider \ + --saml-metadata-document file://SAMLMetaData.xml \ + --saml-provider-arn arn:aws:iam::123456789012:saml-provider/SAMLADFS Output:: - { - "SAMLProviderArn": "arn:aws:iam::123456789012:saml-provider/SAMLADFS" - } + { + "SAMLProviderArn": "arn:aws:iam::123456789012:saml-provider/SAMLADFS" + } -For more information, see `Using SAML Providers`_ in the *Using IAM* guide. - -.. _`Using SAML Providers`: http://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-saml.html \ No newline at end of file +For more information, see `Creating IAM SAML identity providers `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-server-certificate.rst b/awscli/examples/iam/update-server-certificate.rst index c45a1d9591da..e0a1ca1f6328 100644 --- a/awscli/examples/iam/update-server-certificate.rst +++ b/awscli/examples/iam/update-server-certificate.rst @@ -2,8 +2,11 @@ The following ``update-server-certificate`` command changes the name of the certificate from ``myServerCertificate`` to ``myUpdatedServerCertificate``. It also changes the path to ``/cloudfront/`` so that it can be accessed by the Amazon CloudFront service. This command produces no output. You can see the results of the update by running the ``list-server-certificates`` command. :: - aws-iam update-server-certificate --server-certificate-name myServerCertificate --new-server-certificate-name myUpdatedServerCertificate --new-path /cloudfront/ + aws-iam update-server-certificate \ + --server-certificate-name myServerCertificate \ + --new-server-certificate-name myUpdatedServerCertificate \ + --new-path /cloudfront/ -For more information, see `Creating, Uploading, and Deleting Server Certificates`_ in the *IAM Users Guide*. +This command produces no output. -.. _`Creating, Uploading, and Deleting Server Certificates`: http://docs.aws.amazon.com/IAM/latest/UserGuide/InstallCert.html +For more information, see `Managing server certificates in IAM `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-service-specific-credential.rst b/awscli/examples/iam/update-service-specific-credential.rst index 988086b08a76..6ee8c5b1c4ea 100644 --- a/awscli/examples/iam/update-service-specific-credential.rst +++ b/awscli/examples/iam/update-service-specific-credential.rst @@ -1,18 +1,22 @@ **Example 1: To update the status of the requesting user's service-specific credential** -The following ``update-service-specific-credential`` example changes the status for the specified credential for the user making the request to ``Inactive``. This command produces no output. :: +The following ``update-service-specific-credential`` example changes the status for the specified credential for the user making the request to ``Inactive``. :: aws iam update-service-specific-credential \ --service-specific-credential-id ACCAEXAMPLE123EXAMPLE \ --status Inactive +This command produces no output. + **Example 2: To update the status of a specified user's service-specific credential** -The following ``update-service-specific-credential`` example changes the status for the credential of the specified user to Inactive. This command produces no output. :: +The following ``update-service-specific-credential`` example changes the status for the credential of the specified user to Inactive. :: aws iam update-service-specific-credential \ --user-name sofia \ --service-specific-credential-id ACCAEXAMPLE123EXAMPLE \ --status Inactive -For more information, see `Create Git Credentials for HTTPS Connections to CodeCommit `_ in the *AWS CodeCommit User Guide* +This command produces no output. + +For more information, see `Create Git Credentials for HTTPS Connections to CodeCommit `__ in the *AWS CodeCommit User Guide* diff --git a/awscli/examples/iam/update-signing-certificate.rst b/awscli/examples/iam/update-signing-certificate.rst index 87567a674998..f4e30c7722e7 100644 --- a/awscli/examples/iam/update-signing-certificate.rst +++ b/awscli/examples/iam/update-signing-certificate.rst @@ -1,12 +1,12 @@ **To activate or deactivate a signing certificate for an IAM user** -The following ``update-signing-certificate`` command deactivates the specified signing certificate for the IAM user named ``Bob``:: +The following ``update-signing-certificate`` command deactivates the specified signing certificate for the IAM user named ``Bob``. :: - aws iam update-signing-certificate --certificate-id TA7SMP42TDN5Z26OBPJE7EXAMPLE --status Inactive --user-name Bob + aws iam update-signing-certificate \ + --certificate-id TA7SMP42TDN5Z26OBPJE7EXAMPLE \ + --status Inactive \ + --user-name Bob To get the ID for a signing certificate, use the ``list-signing-certificates`` command. -For more information, see `Creating and Uploading a User Signing Certificate`_ in the *Using IAM* guide. - -.. _`Creating and Uploading a User Signing Certificate`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_UploadCertificate.html - +For more information, see `Manage signing certificates `__ in the *Amazon EC2 User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-ssh-public-key.rst b/awscli/examples/iam/update-ssh-public-key.rst index a140a01db7ae..c9421593ee65 100644 --- a/awscli/examples/iam/update-ssh-public-key.rst +++ b/awscli/examples/iam/update-ssh-public-key.rst @@ -9,4 +9,4 @@ The following ``update-ssh-public-key`` command changes the status of the specif This command produces no output. -For more information about SSH keys in IAM, see `Use SSH Keys and SSH with CodeCommit `_ in the *AWS IAM User Guide* +For more information, see `Use SSH keys and SSH with CodeCommit `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/update-user.rst b/awscli/examples/iam/update-user.rst index 098f3259c26c..2e3dbc77532b 100644 --- a/awscli/examples/iam/update-user.rst +++ b/awscli/examples/iam/update-user.rst @@ -1,10 +1,11 @@ **To change an IAM user's name** -The following ``update-user`` command changes the name of the IAM user ``Bob`` to ``Robert``:: +The following ``update-user`` command changes the name of the IAM user ``Bob`` to ``Robert``. :: - aws iam update-user --user-name Bob --new-user-name Robert + aws iam update-user \ + --user-name Bob \ + --new-user-name Robert -For more information, see `Changing a Group's Name or Path`_ in the *Using IAM* guide. - -.. _`Changing a Group's Name or Path`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_RenamingGroup.html +This command produces no output. +For more information, see `Renaming an IAM user group `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/upload-server-certificate.rst b/awscli/examples/iam/upload-server-certificate.rst index 94ec2b2627cf..b0c8de7bb6d5 100644 --- a/awscli/examples/iam/upload-server-certificate.rst +++ b/awscli/examples/iam/upload-server-certificate.rst @@ -2,7 +2,11 @@ The following **upload-server-certificate** command uploads a server certificate to your AWS account. In this example, the certificate is in the file ``public_key_cert_file.pem``, the associated private key is in the file ``my_private_key.pem``, and the the certificate chain provided by the certificate authority (CA) is in the ``my_certificate_chain_file.pem`` file. When the file has finished uploading, it is available under the name *myServerCertificate*. Parameters that begin with ``file://`` tells the command to read the contents of the file and use that as the parameter value instead of the file name itself. :: - aws iam upload-server-certificate --server-certificate-name myServerCertificate --certificate-body file://public_key_cert_file.pem --private-key file://my_private_key.pem --certificate-chain file://my_certificate_chain_file.pem + aws iam upload-server-certificate \ + --server-certificate-name myServerCertificate \ + --certificate-body file://public_key_cert_file.pem \ + --private-key file://my_private_key.pem \ + --certificate-chain file://my_certificate_chain_file.pem Output:: @@ -17,7 +21,7 @@ Output:: } } -For more information, see `Creating, Uploading, and Deleting Server Certificates`_ in the *Using IAM* guide. +For more information, see `Creating, Uploading, and Deleting Server Certificates`__ in the *Using IAM* guide. .. _`Creating, Uploading, and Deleting Server Certificates`: http://docs.aws.amazon.com/IAM/latest/UserGuide/InstallCert.html diff --git a/awscli/examples/iam/upload-signing-certificate.rst b/awscli/examples/iam/upload-signing-certificate.rst index c995dd0783a1..96586751c3fb 100644 --- a/awscli/examples/iam/upload-signing-certificate.rst +++ b/awscli/examples/iam/upload-signing-certificate.rst @@ -1,24 +1,26 @@ **To upload a signing certificate for an IAM user** -The following ``upload-signing-certificate`` command uploads a signing certificate for the IAM user named ``Bob``:: +The following ``upload-signing-certificate`` command uploads a signing certificate for the IAM user named ``Bob``. :: - aws iam upload-signing-certificate --user-name Bob --certificate-body file://certificate.pem + aws iam upload-signing-certificate \ + --user-name Bob \ + --certificate-body file://certificate.pem Output:: - { - "Certificate": { - "UserName": "Bob", - "Status": "Active", - "CertificateBody": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", - "CertificateId": "TA7SMP42TDN5Z26OBPJE7EXAMPLE", - "UploadDate": "2013-06-06T21:40:08.121Z" - } - } + { + "Certificate": { + "UserName": "Bob", + "Status": "Active", + "CertificateBody": "-----BEGIN CERTIFICATE----------END CERTIFICATE-----", + "CertificateId": "TA7SMP42TDN5Z26OBPJE7EXAMPLE", + "UploadDate": "2013-06-06T21:40:08.121Z" + } + } The certificate is in a file named *certificate.pem* in PEM format. -For more information, see `Creating and Uploading a User Signing Certificate`_ in the *Using IAM* guide. +For more information, see `Creating and Uploading a User Signing Certificate`__ in the *Using IAM* guide. .. _`Creating and Uploading a User Signing Certificate`: http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_UploadCertificate.html diff --git a/awscli/examples/iam/upload-ssh-public-key.rst b/awscli/examples/iam/upload-ssh-public-key.rst index fb835634fd88..409c134a9e70 100644 --- a/awscli/examples/iam/upload-ssh-public-key.rst +++ b/awscli/examples/iam/upload-ssh-public-key.rst @@ -1,22 +1,22 @@ **To upload an SSH public key and associate it with a user** -The following ``upload-ssh-public-key`` command uploads the public key found in the file 'sshkey.pub' and attaches it to the user 'sofia'. :: +The following ``upload-ssh-public-key`` command uploads the public key found in the file ``sshkey.pub`` and attaches it to the user ``sofia``. :: - aws iam upload-ssh-public-key --user-name sofia --ssh-public-key-body file://sshkey.pub + aws iam upload-ssh-public-key \ + --user-name sofia \ + --ssh-public-key-body file://sshkey.pub Output:: - { - "SSHPublicKey": { - "UserName": "sofia", - "SSHPublicKeyId": "APKA1234567890EXAMPLE", - "Fingerprint": "12:34:56:78:90:ab:cd:ef:12:34:56:78:90:ab:cd:ef", - "SSHPublicKeyBody": "ssh-rsa <>", - "Status": "Active", - "UploadDate": "2019-04-18T17:04:49+00:00" - } - } + { + "SSHPublicKey": { + "UserName": "sofia", + "SSHPublicKeyId": "APKA1234567890EXAMPLE", + "Fingerprint": "12:34:56:78:90:ab:cd:ef:12:34:56:78:90:ab:cd:ef", + "SSHPublicKeyBody": "ssh-rsa <>", + "Status": "Active", + "UploadDate": "2019-04-18T17:04:49+00:00" + } + } -For more information about how to generate keys in a format suitable for this command, see `SSH and Linux, macOS, or Unix: Set Up the Public and Private Keys for Git and CodeCommit`_ or `SSH and Windows: Set Up the Public and Private Keys for Git and CodeCommit`_in the *AWS CodeCommit User Guide* -.. _`SSH and Linux, macOS, or Unix: Set Up the Public and Private Keys for Git and CodeCommit`: https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-ssh-unixes.html#setting-up-ssh-unixes-keys -.. _`SSH and Windows: Set Up the Public and Private Keys for Git and CodeCommit`: https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-ssh-windows.html#setting-up-ssh-windows-keys-windows +For more information about how to generate keys in a format suitable for this command, see `SSH and Linux, macOS, or Unix: Set up the public and private keys for Git and CodeCommit `__ or `SSH and Windows: Set up the public and private keys for Git and CodeCommit `__ in the *AWS CodeCommit User Guide*. \ No newline at end of file diff --git a/awscli/examples/iam/wait/instance-profile-exists.rst b/awscli/examples/iam/wait/instance-profile-exists.rst index 89e6c97c8a64..56652c10ea98 100644 --- a/awscli/examples/iam/wait/instance-profile-exists.rst +++ b/awscli/examples/iam/wait/instance-profile-exists.rst @@ -1,5 +1,8 @@ **To pause running until the specified instance profile exists** -The following ``wait instance-profile-exists`` command pauses and continues only after it can confirm that the specified instance profile exists. There is no output. :: +The following ``wait instance-profile-exists`` command pauses and continues only after it can confirm that the specified instance profile exists. :: - aws iam wait instance-profile-exists --instance-profile-name WebServer + aws iam wait instance-profile-exists \ + --instance-profile-name WebServer + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/iam/wait/policy-exists.rst b/awscli/examples/iam/wait/policy-exists.rst index ecfee9125ccb..8645b8c66b02 100644 --- a/awscli/examples/iam/wait/policy-exists.rst +++ b/awscli/examples/iam/wait/policy-exists.rst @@ -1,5 +1,8 @@ **To pause running until the specified role exists** -The following ``wait policy-exists`` command pauses and continues only after it can confirm that the specified policy exists. There is no output. :: +The following ``wait policy-exists`` command pauses and continues only after it can confirm that the specified policy exists. :: - aws iam wait policy-exists --policy-arn arn:aws:iam::123456789012:policy/MyPolicy + aws iam wait policy-exists \ + --policy-arn arn:aws:iam::123456789012:policy/MyPolicy + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/iam/wait/role-exists.rst b/awscli/examples/iam/wait/role-exists.rst index 35c42afd208f..1ce9039c6b3c 100644 --- a/awscli/examples/iam/wait/role-exists.rst +++ b/awscli/examples/iam/wait/role-exists.rst @@ -1,5 +1,8 @@ **To pause running until the specified role exists** -The following ``wait role-exists`` command pauses and continues only after it can confirm that the specified role exists. There is no output. :: +The following ``wait role-exists`` command pauses and continues only after it can confirm that the specified role exists. :: - aws iam wait role-exists --role-name MyRole + aws iam wait role-exists \ + --role-name MyRole + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/iam/wait/user-exists.rst b/awscli/examples/iam/wait/user-exists.rst index c1ea17a00adf..cec5f2f75d94 100644 --- a/awscli/examples/iam/wait/user-exists.rst +++ b/awscli/examples/iam/wait/user-exists.rst @@ -1,5 +1,8 @@ **To pause running until the specified user exists** -The following ``wait user-exists`` command pauses and continues only after it can confirm that the specified user exists. There is no output. :: +The following ``wait user-exists`` command pauses and continues only after it can confirm that the specified user exists. :: - aws iam wait user-exists --user-name marcia + aws iam wait user-exists \ + --user-name marcia + +This command produces no output. \ No newline at end of file diff --git a/awscli/examples/imagebuilder/get-image-recipe-policy.rst b/awscli/examples/imagebuilder/get-image-recipe-policy.rst index b30010a6548b..cca344330a82 100644 --- a/awscli/examples/imagebuilder/get-image-recipe-policy.rst +++ b/awscli/examples/imagebuilder/get-image-recipe-policy.rst @@ -3,7 +3,7 @@ The following ``get-image-recipe-policy`` example lists the details of an image recipe policy by specifying its ARN. :: aws imagebuilder get-image-recipe-policy \ - --image-arn arn:aws:imagebuilder:us-west-2:123456789012:image-recipe/my-example-image-recipe/2019.12.03/1 + --image-recipe-arn arn:aws:imagebuilder:us-west-2:123456789012:image-recipe/my-example-image-recipe/2019.12.03/1 Output:: @@ -11,4 +11,4 @@ Output:: "Policy": "{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": [ "123456789012" ] }, "Action": [ "imagebuilder:GetImageRecipe", "imagebuilder:ListImageRecipes" ], "Resource": [ "arn:aws:imagebuilder:us-west-2:123456789012:image-recipe/my-example-image-recipe/2019.12.03/1" ] } ] }" } -For more information, see `Setting Up and Managing an EC2 Image Builder Image Pipeline Using the AWS CLI `__ in the *EC2 Image Builder Users Guide*. +For more information, see `Setting Up and Managing an EC2 Image Builder Image Pipeline Using the AWS CLI `__ in the *EC2 Image Builder Users Guide*. \ No newline at end of file diff --git a/awscli/examples/imagebuilder/put-component-policy.rst b/awscli/examples/imagebuilder/put-component-policy.rst index 84e5c0a48291..bca64adf877b 100644 --- a/awscli/examples/imagebuilder/put-component-policy.rst +++ b/awscli/examples/imagebuilder/put-component-policy.rst @@ -1,9 +1,9 @@ **To apply a resource policy to a component** -The following ``put-component-policy`` command applies a resource policy to a build component to enable cross-account sharing of build components. We recommend you use the RAM CLI command create-resource-share. If you use the EC2 Image Builder CLI command put-component-policy, you must also use the RAM CLI command promote-resource-share-create-from-policy in order for the resource to be visible to all principals with whom the resource is shared. :: +The following ``put-component-policy`` command applies a resource policy to a build component to enable cross-account sharing of build components. We recommend you use the RAM CLI command ``create-resource-share``. If you use the EC2 Image Builder CLI command ``put-component-policy``, you must also use the RAM CLI command ``promote-resource-share-create-from-policy`` in order for the resource to be visible to all principals with whom the resource is shared. :: aws imagebuilder put-component-policy \ - --image-arn arn:aws:imagebuilder:us-west-2:123456789012:component/examplecomponent/2019.12.02/1 \ + --component-arn arn:aws:imagebuilder:us-west-2:123456789012:component/examplecomponent/2019.12.02/1 \ --policy '{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": [ "123456789012" ] }, "Action": [ "imagebuilder:GetComponent", "imagebuilder:ListComponents" ], "Resource": [ "arn:aws:imagebuilder:us-west-2:123456789012:component/examplecomponent/2019.12.02/1" ] } ] }' Output:: @@ -13,4 +13,4 @@ Output:: "componentArn": "arn:aws:imagebuilder:us-west-2:123456789012:component/examplecomponent/2019.12.02/1" } -For more information, see `Setting Up and Managing an EC2 Image Builder Image Pipeline Using the AWS CLI `__ in the *EC2 Image Builder Users Guide*. +For more information, see `Setting Up and Managing an EC2 Image Builder Image Pipeline Using the AWS CLI `__ in the *EC2 Image Builder Users Guide*. \ No newline at end of file diff --git a/awscli/examples/imagebuilder/put-image-recipe-policy.rst b/awscli/examples/imagebuilder/put-image-recipe-policy.rst index 8346b14720c5..cf1846355d24 100644 --- a/awscli/examples/imagebuilder/put-image-recipe-policy.rst +++ b/awscli/examples/imagebuilder/put-image-recipe-policy.rst @@ -3,8 +3,8 @@ The following ``put-image-recipe-policy`` command applies a resource policy to an image recipe to enable cross-account sharing of image recipes. We recommend that you use the RAM CLI command ``create-resource-share``. If you use the EC2 Image Builder CLI command ``put-image-recipe-policy``, you must also use the RAM CLI command ``promote-resource-share-create-from-policy`` in order for the resource to be visible to all principals with whom the resource is shared. :: aws imagebuilder put-image-recipe-policy \ - --image-recipe-arn arn:aws:imagebuilder:us-west-2:123456789012:image-recipe/example-image-recipe/2019.12.02/1 \ - --policy '{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": [ "123456789012" ] }, "Action": [ "imagebuilder:GetImageRecipe", "imagebuilder:ListImageRecipes" ], "Resource": [ "arn:aws:imagebuilder:us-west-2:123456789012:image-recipe/example-image-recipe/2019.12.02/1" ] } ] }' + --image-recipe-arn arn:aws:imagebuilder:us-west-2:123456789012:image-recipe/example-image-recipe/2019.12.02 \ + --policy '{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": [ "123456789012" ] }, "Action": [ "imagebuilder:GetImageRecipe", "imagebuilder:ListImageRecipes" ], "Resource": [ "arn:aws:imagebuilder:us-west-2:123456789012:image-recipe/example-image-recipe/2019.12.02" ] } ] }' Output:: @@ -13,4 +13,4 @@ Output:: "imageRecipeArn": "arn:aws:imagebuilder:us-west-2:123456789012:image-recipe/example-image-recipe/2019.12.02/1" } -For more information, see `Setting Up and Managing an EC2 Image Builder Image Pipeline Using the AWS CLI `__ in the *EC2 Image Builder Users Guide*. +For more information, see `Setting Up and Managing an EC2 Image Builder Image Pipeline Using the AWS CLI `__ in the *EC2 Image Builder Users Guide*. \ No newline at end of file diff --git a/awscli/examples/importexport/create-job.rst b/awscli/examples/importexport/create-job.rst index 4b6d75360e6f..84b6c701d10b 100644 --- a/awscli/examples/importexport/create-job.rst +++ b/awscli/examples/importexport/create-job.rst @@ -17,7 +17,7 @@ The file ``manifest`` is a YAML formatted text file in the current directory wit deviceId: 49382 eraseDevice: yes notificationEmail: john.doe@example.com;jane.roe@example.com - bucket: myBucket + bucket: amzn-s3-demo-bucket For more information on the manifest file format, see `Creating Import Manifests`_ in the *AWS Import/Export Developer Guide*. @@ -38,7 +38,7 @@ You can also pass the manifest as a string in quotes:: deviceId: 49382 eraseDevice: yes notificationEmail: john.doe@example.com;jane.roe@example.com - bucket: myBucket' + bucket: amzn-s3-demo-bucket' For information on quoting string arguments and using files, see `Specifying Parameter Values`_ in the *AWS CLI User Guide*. diff --git a/awscli/examples/importexport/get-shipping-label.rst b/awscli/examples/importexport/get-shipping-label.rst index 9f8a08ef5c21..c4ee1af28503 100644 --- a/awscli/examples/importexport/get-shipping-label.rst +++ b/awscli/examples/importexport/get-shipping-label.rst @@ -4,7 +4,7 @@ The following command creates a pre-paid shipping label for the specified job:: The output for the get-shipping-label command looks like the following:: - https://s3.amazonaws.com/myBucket/shipping-label-EX1ID.pdf + https://s3.amazonaws.com/amzn-s3-demo-bucket/shipping-label-EX1ID.pdf The link in the output contains the pre-paid shipping label generated in a PDF. It also contains shipping instructions with a unique bar code to identify and authenticate your device. For more information about using the pre-paid shipping label and shipping your device, see `Shipping Your Storage Device`_ in the *AWS Import/Export Developer Guide*. diff --git a/awscli/examples/importexport/get-status.rst b/awscli/examples/importexport/get-status.rst index 1770efea0c3c..c7c1bf9a18d5 100644 --- a/awscli/examples/importexport/get-status.rst +++ b/awscli/examples/importexport/get-status.rst @@ -6,7 +6,7 @@ The output for the get-status command looks like the following:: 2015-05-27T18:58:21Z manifestVersion:2.0 generator:Text editor - bucket:myBucket + bucket:amzn-s3-demo-bucket deviceId:49382 eraseDevice:yes notificationEmail:john.doe@example.com;jane.roe@example.com diff --git a/awscli/examples/inspector2/associate-member.rst b/awscli/examples/inspector2/associate-member.rst new file mode 100644 index 000000000000..7ab28c179c61 --- /dev/null +++ b/awscli/examples/inspector2/associate-member.rst @@ -0,0 +1,14 @@ +**Example: To associate an AWS account with an Amazon Inspector delegated administrator** + +The following ``associate-member`` example associates an AWS account with an Amazon Inspector delegated administrator. :: + + aws inspector2 associate-member \ + --account-id 123456789012 + +Output:: + + { + "accountId": "123456789012" + } + +For more information, see `Managing multiple accounts in Amazon Inspector with AWS Organizations `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/create-filter.rst b/awscli/examples/inspector2/create-filter.rst new file mode 100644 index 000000000000..647807f2b527 --- /dev/null +++ b/awscli/examples/inspector2/create-filter.rst @@ -0,0 +1,17 @@ +**To create a filter** + +The following ``create-filter`` example creates a suppression rule that omits ECR instance type findings. :: + + aws inspector2 create-filter \ + --name "ExampleSuppressionRuleECR" \ + --description "This suppression rule omits ECR instance type findings" \ + --action SUPPRESS \ + --filter-criteria 'resourceType=[{comparison="EQUALS", value="AWS_ECR_INSTANCE"}]' + +Output:: + + { + "arn": "arn:aws:inspector2:us-west-2:123456789012:owner/o-EXAMPLE222/filter/EXAMPLE444444444" + } + +For more information, see `Filtering Amazon Inspector findings `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/create-findings-report.rst b/awscli/examples/inspector2/create-findings-report.rst new file mode 100644 index 000000000000..cfdb05092504 --- /dev/null +++ b/awscli/examples/inspector2/create-findings-report.rst @@ -0,0 +1,16 @@ +**To create a findings report** + +The following ``create-findings-report`` example creates a finding report. :: + + aws inspector2 create-findings-report \ + --report-format CSV \ + --s3-destination bucketName=inspector-sbom-123456789012,keyPrefix=sbom-key,kmsKeyArn=arn:aws:kms:us-west-2:123456789012:key/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333 \ + --filter-criteria '{"ecrImageRepositoryName":[{"comparison":"EQUALS","value":"debian"}]}' + +Output:: + + { + "reportId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE33333" + } + +For more information, see `Managing findings in Amazon Inspector `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/create-sbom-export.rst b/awscli/examples/inspector2/create-sbom-export.rst new file mode 100644 index 000000000000..4de14dd5765f --- /dev/null +++ b/awscli/examples/inspector2/create-sbom-export.rst @@ -0,0 +1,16 @@ +**To create a software bill of materials (SBOM) report** + +The following ``create-sbom-export`` example creates a software bill of materials (SBOM) report. :: + + aws inspector2 create-sbom-export \ + --report-format SPDX_2_3 \ + --resource-filter-criteria 'ecrRepositoryName=[{comparison="EQUALS",value="debian"}]' \ + --s3-destination bucketName=inspector-sbom-123456789012,keyPrefix=sbom-key,kmsKeyArn=arn:aws:kms:us-west-2:123456789012:key/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333 + +Output:: + + { + "reportId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE33333" + } + +For more information, see `Exporting SBOMs with Amazon Inspector `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/delete-filter.rst b/awscli/examples/inspector2/delete-filter.rst new file mode 100644 index 000000000000..d7543a0a263a --- /dev/null +++ b/awscli/examples/inspector2/delete-filter.rst @@ -0,0 +1,14 @@ +**To delete a filter** + +The following ``delete-filter`` example deletes a filter. :: + + aws inspector2 delete-filter \ + --arn "arn:aws:inspector2:us-west-2:123456789012:owner/o-EXAMPLE222/filter/EXAMPLE444444444" + +Output:: + + { + "arn": "arn:aws:inspector2:us-west-2:123456789012:owner/o-EXAMPLE222/filter/EXAMPLE444444444" + } + +For more information, see `Filtering Amazon Inspector findings `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/disassociate-member.rst b/awscli/examples/inspector2/disassociate-member.rst new file mode 100644 index 000000000000..cc464ac156f9 --- /dev/null +++ b/awscli/examples/inspector2/disassociate-member.rst @@ -0,0 +1,14 @@ +**Example: To disassociate a member account from an Amazon Inspector delegated administrator** + +The following ``disassociate-member`` example disassociates an AWS account from an Amazon Inspector delegated administrator. :: + + aws inspector2 disassociate-member \ + --account-id 123456789012 + +Output:: + + { + "accountId": "123456789012" + } + +For more information, see `Managing multiple accounts in Amazon Inspector with AWS Organizations `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/get-configuration.rst b/awscli/examples/inspector2/get-configuration.rst new file mode 100644 index 000000000000..e8cd1790dc52 --- /dev/null +++ b/awscli/examples/inspector2/get-configuration.rst @@ -0,0 +1,26 @@ +**To get the setting configuration for Inspector scans** + +The following ``get-configuration`` example gets the setting configuration for Inspector scans. :: + + aws inspector2 get-configuration + +Output:: + + { + "ec2Configuration": { + "scanModeState": { + "scanMode": "EC2_HYBRID", + "scanModeStatus": "SUCCESS" + } + }, + "ecrConfiguration": { + "rescanDurationState": { + "pullDateRescanDuration": "DAYS_90", + "rescanDuration": "DAYS_30", + "status": "SUCCESS", + "updatedAt": "2024-05-14T21:16:20.237000+00:00" + } + } + } + +For more information, see `Automated resource scanning with Amazon Inspector `__ in the *Amazon Inspector User Guide*. \ No newline at end of file diff --git a/awscli/examples/inspector2/get-member.rst b/awscli/examples/inspector2/get-member.rst new file mode 100644 index 000000000000..068c3bb045c3 --- /dev/null +++ b/awscli/examples/inspector2/get-member.rst @@ -0,0 +1,17 @@ +**Example: To get member information for your organization** + + aws inspector2 get-member \ + --account-id 123456789012 + +Output:: + + { + "member": { + "accountId": "123456789012", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "ENABLED", + "updatedAt": "2023-09-11T09:57:20.520000-07:00" + } + } + +For more information, see `Managing multiple accounts in Amazon Inspector with AWS Organizations `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/list-account-permissions.rst b/awscli/examples/inspector2/list-account-permissions.rst new file mode 100644 index 000000000000..23bfa449f88c --- /dev/null +++ b/awscli/examples/inspector2/list-account-permissions.rst @@ -0,0 +1,46 @@ +**To list account permissions** + +The following ``list-account-permissions`` example lists your account permissions. :: + + aws inspector2 list-account-permissions + +Output:: + + { + "permissions": [ + { + "operation": "ENABLE_SCANNING", + "service": "ECR" + }, + { + "operation": "DISABLE_SCANNING", + "service": "ECR" + }, + { + "operation": "ENABLE_REPOSITORY", + "service": "ECR" + }, + { + "operation": "DISABLE_REPOSITORY", + "service": "ECR" + }, + { + "operation": "ENABLE_SCANNING", + "service": "EC2" + }, + { + "operation": "DISABLE_SCANNING", + "service": "EC2" + }, + { + "operation": "ENABLE_SCANNING", + "service": "LAMBDA" + }, + { + "operation": "DISABLE_SCANNING", + "service": "LAMBDA" + } + ] + } + +For more information, see `Identity and Access Management for Amazon Inspector `__ in the *Amazon Inspector User Guide*. \ No newline at end of file diff --git a/awscli/examples/inspector2/list-coverage-statistics.rst b/awscli/examples/inspector2/list-coverage-statistics.rst new file mode 100644 index 000000000000..a2793e82b767 --- /dev/null +++ b/awscli/examples/inspector2/list-coverage-statistics.rst @@ -0,0 +1,80 @@ +**Example 1: To list coverage statistics by groups** + +The following ``list-coverage-statistics`` example lists the coverage statistics of your AWS environment by groups. :: + + aws inspector2 list-coverage-statistics \ + --group-by RESOURCE_TYPE + +Output:: + + { + "countsByGroup": [ + { + "count": 56, + "groupKey": "AWS_LAMBDA_FUNCTION" + }, + { + "count": 27, + "groupKey": "AWS_ECR_REPOSITORY" + }, + { + "count": 18, + "groupKey": "AWS_EC2_INSTANCE" + }, + { + "count": 3, + "groupKey": "AWS_ECR_CONTAINER_IMAGE" + }, + { + "count": 1, + "groupKey": "AWS_ACCOUNT" + } + ], + "totalCounts": 105 + } + +For more information, see `Assessing Amazon Inspector coverage of your AWS environment `__ in the *Amazon Inspector User Guide*. + +**Example 2: To list coverage statistics by resource type** + +The following ``list-coverage-statistics`` example lists the coverage statistics of your AWS environment by resource type. :: + + aws inspector2 list-coverage-statistics + --filter-criteria '{"resourceType":[{"comparison":"EQUALS","value":"AWS_ECR_REPOSITORY"}]}' + --group-by SCAN_STATUS_REASON + +Output:: + + { + "countsByGroup": [ + { + "count": 27, + "groupKey": "SUCCESSFUL" + } + ], + "totalCounts": 27 + } + +For more information, see `Assessing Amazon Inspector coverage of your AWS environment `__ in the *Amazon Inspector User Guide*. + +**Example 3: To list coverage statistics by ECR repository name** + +The following ``list-coverage-statistics`` example lists the coverage statistics of your AWS environment by ECR repository name. :: + + aws inspector2 list-coverage-statistics + --filter-criteria '{"ecrRepositoryName":[{"comparison":"EQUALS","value":"debian"}]}' + --group-by SCAN_STATUS_REASON + +Output:: + + { + "countsByGroup": [ + { + "count": 3, + "groupKey": "SUCCESSFUL" + } + ], + "totalCounts": 3 + } + +For more information, see `Assessing Amazon Inspector coverage of your AWS environment `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/list-coverage.rst b/awscli/examples/inspector2/list-coverage.rst new file mode 100644 index 000000000000..e2316ae75a0f --- /dev/null +++ b/awscli/examples/inspector2/list-coverage.rst @@ -0,0 +1,61 @@ +**Example 1: To list coverage details about your environment** + +The following ``list-coverage`` example lists your environment's coverage details. :: + + aws inspector2 list-coverage + +Output:: + + { + "coveredResources": [ + { + "accountId": "123456789012", + "lastScannedAt": "2024-05-20T16:23:20-07:00", + "resourceId": "i-EXAMPLE55555555555", + "resourceMetadata": { + "ec2": { + "amiId": "ami-EXAMPLE6666666666", + "platform": "LINUX" + } + }, + "resourceType": "AWS_EC2_INSTANCE", + "scanStatus": { + "reason": "SUCCESSFUL", + "statusCode": "ACTIVE" + }, + "scanType": "PACKAGE" + } + ] + } + +**Example 2: To list coverage details about the Lambda function resource type** + +The following ``list-coverage`` example lists your Lamda function resource type details. :: + + aws inspector2 list-coverage + --filter-criteria '{"resourceType":[{"comparison":"EQUALS","value":"AWS_LAMBDA_FUNCTION"}]}' + +Output:: + + { + "coveredResources": [ + { + "accountId": "123456789012", + "resourceId": "arn:aws:lambda:us-west-2:123456789012:function:Eval-container-scan-results:$LATEST", + "resourceMetadata": { + "lambdaFunction": { + "functionName": "Eval-container-scan-results", + "functionTags": {}, + "layers": [], + "runtime": "PYTHON_3_7" + } + }, + "resourceType": "AWS_LAMBDA_FUNCTION", + "scanStatus": { + "reason": "SUCCESSFUL", + "statusCode": "ACTIVE" + }, + "scanType": "CODE" + } + ] + } diff --git a/awscli/examples/inspector2/list-delegated-admin-accounts.rst b/awscli/examples/inspector2/list-delegated-admin-accounts.rst new file mode 100644 index 000000000000..fb877f34b447 --- /dev/null +++ b/awscli/examples/inspector2/list-delegated-admin-accounts.rst @@ -0,0 +1,18 @@ +**To list information about the delegated administrator account of your organization** + +The following ``list-delegated-admin-accounts`` example lists information about the delegated administrator account of your organization. :: + + aws inspector2 list-delegated-admin-accounts + +Output:: + + { + "delegatedAdminAccounts": [ + { + "accountId": "123456789012", + "status": "ENABLED" + } + ] + } + +For more information, see `Designating a delegated administrator for Amazon Inspector `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/list-filters.rst b/awscli/examples/inspector2/list-filters.rst new file mode 100644 index 000000000000..11da430104db --- /dev/null +++ b/awscli/examples/inspector2/list-filters.rst @@ -0,0 +1,50 @@ +**To list filters associated with the account that you used to activated Amazon Inspector** + +The following ``list-filters`` examples lists filters associated with the account that you used to activated Amazon Inspector. :: + + aws inspector2 list-filters + +Output:: + + { + "filters": [ + { + "action": "SUPPRESS", + "arn": "arn:aws:inspector2:us-west-2:123456789012:owner/o-EXAMPLE222/filter/EXAMPLE444444444", + "createdAt": "2024-05-15T21:11:08.602000+00:00", + "criteria": { + "resourceType": [ + { + "comparison": "EQUALS", + "value": "AWS_EC2_INSTANCE" + }, + ] + }, + "description": "This suppression rule omits EC2 instance type findings", + "name": "ExampleSuppressionRuleEC2", + "ownerId": "o-EXAMPLE222", + "tags": {}, + "updatedAt": "2024-05-15T21:11:08.602000+00:00" + }, + { + "action": "SUPPRESS", + "arn": "arn:aws:inspector2:us-east-1:813737243517:owner/o-EXAMPLE222/filter/EXAMPLE444444444", + "createdAt": "2024-05-15T21:28:27.054000+00:00", + "criteria": { + "resourceType": [ + { + "comparison": "EQUALS", + "value": "AWS_ECR_INSTANCE" + } + ] + }, + "description": "This suppression rule omits ECR instance type findings", + "name": "ExampleSuppressionRuleECR", + "ownerId": "o-EXAMPLE222", + "tags": {}, + "updatedAt": "2024-05-15T21:28:27.054000+00:00" + } + ] + } + +For more information, see `Filtering Amazon Inspector findings `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/list-members.rst b/awscli/examples/inspector2/list-members.rst new file mode 100644 index 000000000000..5d5d0805cdd3 --- /dev/null +++ b/awscli/examples/inspector2/list-members.rst @@ -0,0 +1,83 @@ +**Example 1: To list all member accounts associated with the Amazon Inspector delegated administrator for your organization** + + aws inspector2 list-members \ + --only-associated + +Output:: + + { + { + "members": [ + { + "accountId": "123456789012", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "ENABLED", + "updatedAt": "2023-09-11T09:57:20.520000-07:00" + }, + { + "accountId": "123456789012", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "ENABLED", + "updatedAt": "2024-08-12T10:13:01.472000-07:00" + }, + { + "accountId": "625032911453", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "ENABLED", + "updatedAt": "2023-09-11T09:57:20.438000-07:00" + }, + { + "accountId": "715411239211", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "ENABLED", + "updatedAt": "2024-04-24T09:14:57.471000-07:00" + } + ] + } + +For more information, see `Managing multiple accounts in Amazon Inspector with AWS Organizations `__ in the *Amazon Inspector User Guide*. + +**Example 2: To list all member accounts associated with and disassociated from the Amazon Inspector delegated administrator for your organization** + + aws inspector2 list-members \ + --no-only-associated + +Output:: + + { + { + "members": [ + { + "accountId": "123456789012", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "REMOVED", + "updatedAt": "2024-05-15T11:34:53.326000-07:00" + }, + { + "accountId": "123456789012", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "ENABLED", + "updatedAt": "2023-09-11T09:57:20.520000-07:00" + }, + { + "accountId": "123456789012", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "ENABLED", + "updatedAt": "2024-08-12T10:13:01.472000-07:00" + }, + { + "accountId": "123456789012", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "ENABLED", + "updatedAt": "2023-09-11T09:57:20.438000-07:00" + }, + { + "accountId": "123456789012", + "delegatedAdminAccountId": "123456789012", + "relationshipStatus": "ENABLED", + "updatedAt": "2024-04-24T09:14:57.471000-07:00" + } + ] + } + +For more information, see `Managing multiple accounts in Amazon Inspector with AWS Organizations `__ in the *Amazon Inspector User Guide*. diff --git a/awscli/examples/inspector2/list-usage-totals.rst b/awscli/examples/inspector2/list-usage-totals.rst new file mode 100644 index 000000000000..ada17c6f8ffa --- /dev/null +++ b/awscli/examples/inspector2/list-usage-totals.rst @@ -0,0 +1,55 @@ +**To list usage totals over the last 30 days** + +The following ``list-usage-totals`` examples lists usage totals over the last 30 days. :: + + aws inspector2 list-usage-totals + +Output:: + + { + "totals": [ + { + "accountId": "123456789012", + "usage": [ + { + "currency": "USD", + "estimatedMonthlyCost": 4.6022044647, + "total": 1893.4784083333334, + "type": "EC2_AGENTLESS_INSTANCE_HOURS" + }, + { + "currency": "USD", + "estimatedMonthlyCost": 18.892449279, + "total": 10882.050784722222, + "type": "EC2_INSTANCE_HOURS" + }, + { + "currency": "USD", + "estimatedMonthlyCost": 5.4525363736, + "total": 6543.043648333333, + "type": "LAMBDA_FUNCTION_CODE_HOURS" + }, + { + "currency": "USD", + "estimatedMonthlyCost": 3.9064080309, + "total": 9375.379274166668, + "type": "LAMBDA_FUNCTION_HOURS" + }, + { + "currency": "USD", + "estimatedMonthlyCost": 0.06, + "total": 6.0, + "type": "ECR_RESCAN" + }, + { + "currency": "USD", + "estimatedMonthlyCost": 0.09, + "total": 1.0, + "type": "ECR_INITIAL_SCAN" + } + ] + } + ] + } + +For more information, see `Monitoring usage and cost in Amazon Inspector `__ in the *Amazon Inspector User Guide*. \ No newline at end of file diff --git a/awscli/examples/inspector2/update-filter.rst b/awscli/examples/inspector2/update-filter.rst new file mode 100644 index 000000000000..a3d98f10d08c --- /dev/null +++ b/awscli/examples/inspector2/update-filter.rst @@ -0,0 +1,37 @@ +**To update a filter** + +The following ``update-filter`` example updates a filter to omit Lambda findings instead of ECR instance findings. :: + + aws inspector2 update-filter \ + --filter-arn "arn:aws:inspector2:us-west-2:123456789012:owner/o-EXAMPLE222/filter/EXAMPLE444444444" \ + --name "ExampleSuppressionRuleLambda" \ + --description "This suppression rule omits Lambda instance findings" \ + --reason "Updating filter to omit Lambda instance findings instead of ECR instance findings" + +Output:: + + { + "filters": [ + { + "action": "SUPPRESS", + "arn": "arn:aws:inspector2:us-west-2:123456789012:owner/o-EXAMPLE222/filter/EXAMPLE444444444", + "createdAt": "2024-05-15T21:28:27.054000+00:00", + "criteria": { + "resourceType": [ + { + "comparison": "EQUALS", + "value": "AWS_ECR_INSTANCE" + } + ] + }, + "description": "This suppression rule omits Lambda instance findings", + "name": "ExampleSuppressionRuleLambda", + "ownerId": "o-EXAMPLE222", + "reason": "Updating filter to omit Lambda instance findings instead of ECR instance findings", + "tags": {}, + "updatedAt": "2024-05-15T22:23:13.665000+00:00" + } + ] + } + +For more information, see `Managing findings in Amazon Inspector `__ in the *Amazon Inspector User Guide*. \ No newline at end of file diff --git a/awscli/examples/iot/create-stream.rst b/awscli/examples/iot/create-stream.rst index 107f9f421e9f..1e7db3b6d2c2 100644 --- a/awscli/examples/iot/create-stream.rst +++ b/awscli/examples/iot/create-stream.rst @@ -18,7 +18,7 @@ Contents of ``create-stream.json``:: "key":"48c67f3c-63bb-4f92-a98a-4ee0fbc2bef6" } } - ] + ], "roleArn": "arn:aws:iam:123456789012:role/service-role/my_ota_stream_role" } @@ -31,4 +31,4 @@ Output:: "streamVersion": "1" } -For more information, see `CreateStream `__ in the *AWS IoT API Reference*. +For more information, see `CreateStream `__ in the *AWS IoT API Reference*. \ No newline at end of file diff --git a/awscli/examples/iot/list-job-executions-for-job.rst b/awscli/examples/iot/list-job-executions-for-job.rst index 910d99931565..1a5b97f201ae 100644 --- a/awscli/examples/iot/list-job-executions-for-job.rst +++ b/awscli/examples/iot/list-job-executions-for-job.rst @@ -1,22 +1,25 @@ **To list the jobs in your AWS account** -The following ``list-job-executions-for-job`` example lists all jobs in your AWS account, sorted by the job status. :: +The following ``list-job-executions-for-job`` example lists all job executions for a job in your AWS account, specified by the jobId. :: - aws iot list-jobs + aws iot list-job-executions-for-job \ + --job-id my-ota-job Output:: { - "jobs": [ - { - "jobArn": "arn:aws:iot:us-west-2:123456789012:job/example-job-01", - "jobId": "example-job-01", - "targetSelection": "SNAPSHOT", - "status": "IN_PROGRESS", - "createdAt": 1560787022.733, - "lastUpdatedAt": 1560787026.294 - } - ] - } + "executionSummaries": [ + { + "thingArn": "arn:aws:iot:us-east-1:123456789012:thing/my_thing", + "jobExecutionSummary": { + "status": "QUEUED", + "queuedAt": "2022-03-07T15:58:42.195000-08:00", + "lastUpdatedAt": "2022-03-07T15:58:42.195000-08:00", + "executionNumber": 1, + "retryAttempt": 0 + } + } + ] + } -For more information, see `Creating and Managing Jobs (CLI) `__ in the *AWS IoT Developer Guide*. +For more information, see `Creating and Managing Jobs (CLI) `__ in the *AWS IoT Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/iot1click-devices/claim-devices-by-claim-code.rst b/awscli/examples/iot1click-devices/claim-devices-by-claim-code.rst deleted file mode 100644 index 6cc1c3eb4ed7..000000000000 --- a/awscli/examples/iot1click-devices/claim-devices-by-claim-code.rst +++ /dev/null @@ -1,15 +0,0 @@ -**To claim one or more AWS IoT 1-Click devices using a claim code** - -The following ``claim-devices-by-claim-code`` example claims the specified AWS IoT 1-Click device using a claim code (instead of a device ID). :: - - aws iot1click-devices claim-devices-by-claim-code \ - --claim-code C-123EXAMPLE - -Output:: - - { - "Total": 9 - "ClaimCode": "C-123EXAMPLE" - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/describe-device.rst b/awscli/examples/iot1click-devices/describe-device.rst deleted file mode 100644 index b89d99bc72fb..000000000000 --- a/awscli/examples/iot1click-devices/describe-device.rst +++ /dev/null @@ -1,27 +0,0 @@ -**To describe a device** - -The following ``describe-device`` example describes the specified device. :: - - aws iot1click-devices describe-device \ - --device-id G030PM0123456789 - -Output:: - - { - "DeviceDescription": { - "Arn": "arn:aws:iot1click:us-west-2:012345678901:devices/G030PM0123456789", - "Attributes": { - "projectRegion": "us-west-2", - "projectName": "AnytownDumpsters", - "placementName": "customer217", - "deviceTemplateName": "empty-dumpster-request" - }, - "DeviceId": "G030PM0123456789", - "Enabled": false, - "RemainingLife": 99.9, - "Type": "button", - "Tags": {} - } - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/finalize-device-claim.rst b/awscli/examples/iot1click-devices/finalize-device-claim.rst deleted file mode 100644 index 6999dc44006a..000000000000 --- a/awscli/examples/iot1click-devices/finalize-device-claim.rst +++ /dev/null @@ -1,14 +0,0 @@ -**To finalize a claim request for an AWS IoT 1-Click device using a device ID** - -The following ``finalize-device-claim`` example finalizes a claim request for the specified AWS IoT 1-Click device using a device ID (instead of a claim code). :: - - aws iot1click-devices finalize-device-claim \ - --device-id G030PM0123456789 - -Output:: - - { - "State": "CLAIMED" - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/get-device-methods.rst b/awscli/examples/iot1click-devices/get-device-methods.rst deleted file mode 100644 index df8392d94032..000000000000 --- a/awscli/examples/iot1click-devices/get-device-methods.rst +++ /dev/null @@ -1,30 +0,0 @@ -**To list the available methods for a device** - -The following ``get-device-methods`` example lists the available methods for a device. :: - - aws iot1click-devices get-device-methods \ - --device-id G030PM0123456789 - -Output:: - - { - "DeviceMethods": [ - { - "MethodName": "getDeviceHealthParameters" - }, - { - "MethodName": "setDeviceHealthMonitorCallback" - }, - { - "MethodName": "getDeviceHealthMonitorCallback" - }, - { - "MethodName": "setOnClickCallback" - }, - { - "MethodName": "getOnClickCallback" - } - ] - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/initiate-device-claim.rst b/awscli/examples/iot1click-devices/initiate-device-claim.rst deleted file mode 100644 index 1899d1deb474..000000000000 --- a/awscli/examples/iot1click-devices/initiate-device-claim.rst +++ /dev/null @@ -1,14 +0,0 @@ -**To initiate a claim request for an AWS IoT 1-Click device using a device ID** - -The following ``initiate-device-claim`` example initiates a claim request for the specified AWS IoT 1-Click device using a device ID (instead of a claim code). :: - - aws iot1click-devices initiate-device-claim \ - --device-id G030PM0123456789 - -Output:: - - { - "State": "CLAIM_INITIATED" - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/invoke-device-method.rst b/awscli/examples/iot1click-devices/invoke-device-method.rst deleted file mode 100644 index 26889f1bb6e5..000000000000 --- a/awscli/examples/iot1click-devices/invoke-device-method.rst +++ /dev/null @@ -1,24 +0,0 @@ -**To invoke a device method on a device** - -The following ``invoke-device-method`` example invokes the specified method on a device. :: - - aws iot1click-devices invoke-device-method \ - --cli-input-json file://invoke-device-method.json - -Contents of ``invoke-device-method.json``:: - - { - "DeviceId": "G030PM0123456789", - "DeviceMethod": { - "DeviceType": "device", - "MethodName": "getDeviceHealthParameters" - } - } - -Output:: - - { - "DeviceMethodResponse": "{\"remainingLife\": 99.8}" - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/list-device-events.rst b/awscli/examples/iot1click-devices/list-device-events.rst deleted file mode 100644 index 51ed175560c7..000000000000 --- a/awscli/examples/iot1click-devices/list-device-events.rst +++ /dev/null @@ -1,32 +0,0 @@ -**To list a device's events for a specified time range** - -The following ``list-device-events`` example lists the specified device's events for the specified time range. :: - - aws iot1click-devices list-device-events \ - --device-id G030PM0123456789 \ - --from-time-stamp 2019-07-17T15:45:12.880Z --to-time-stamp 2019-07-19T15:45:12.880Z - -Output:: - - { - "Events": [ - { - "Device": { - "Attributes": {}, - "DeviceId": "G030PM0123456789", - "Type": "button" - }, - "StdEvent": "{\"clickType\": \"SINGLE\", \"reportedTime\": \"2019-07-18T23:47:55.015Z\", \"certificateId\": \"fe8798a6c97c62ef8756b80eeefdcf2280f3352f82faa8080c74cc4f4a4d1811\", \"remainingLife\": 99.85000000000001, \"testMode\": false}" - }, - { - "Device": { - "Attributes": {}, - "DeviceId": "G030PM0123456789", - "Type": "button" - }, - "StdEvent": "{\"clickType\": \"DOUBLE\", \"reportedTime\": \"2019-07-19T00:14:41.353Z\", \"certificateId\": \"fe8798a6c97c62ef8756b80eeefdcf2280f3352f82faa8080c74cc4f4a4d1811\", \"remainingLife\": 99.8, \"testMode\": false}" - } - ] - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/list-devices.rst b/awscli/examples/iot1click-devices/list-devices.rst deleted file mode 100644 index ef3d317cee27..000000000000 --- a/awscli/examples/iot1click-devices/list-devices.rst +++ /dev/null @@ -1,26 +0,0 @@ -**To list the devices of a specified type** - -The following ``list-devices`` example lists the devices of a specified type. :: - - aws iot1click-devices list-devices \ - --device-type button - -This command produces no output. - -Output:: - - { - "Devices": [ - { - "remainingLife": 99.9, - "attributes": { - "arn": "arn:aws:iot1click:us-west-2:123456789012:devices/G030PM0123456789", - "type": "button", - "deviceId": "G030PM0123456789", - "enabled": false - } - } - ] - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/list-tags-for-resource.rst b/awscli/examples/iot1click-devices/list-tags-for-resource.rst deleted file mode 100644 index 89cdc329f6f9..000000000000 --- a/awscli/examples/iot1click-devices/list-tags-for-resource.rst +++ /dev/null @@ -1,17 +0,0 @@ -**To list the tags for a device** - -The following ``list-tags-for-resource`` example list the tags for the specified device. :: - - aws iot1click-devices list-tags-for-resource \ - --resource-arn "arn:aws:iot1click:us-west-2:012345678901:devices/G030PM0123456789" - -Output:: - - { - "Tags": { - "Driver Phone": "123-555-0199", - "Driver": "Jorge Souza" - } - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/tag-resource.rst b/awscli/examples/iot1click-devices/tag-resource.rst deleted file mode 100644 index 51ef0a043953..000000000000 --- a/awscli/examples/iot1click-devices/tag-resource.rst +++ /dev/null @@ -1,20 +0,0 @@ -**To add tags to a device AWS resource** - -The following ``tag-resource`` example adds two tags to the specified resource. :: - - aws iot1click-devices tag-resource \ - --cli-input-json file://devices-tag-resource.json - -Contents of ``devices-tag-resource.json``:: - - { - "ResourceArn": "arn:aws:iot1click:us-west-2:123456789012:devices/G030PM0123456789", - "Tags": { - "Driver": "Jorge Souza", - "Driver Phone": "123-555-0199" - } - } - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/unclaim-device.rst b/awscli/examples/iot1click-devices/unclaim-device.rst deleted file mode 100644 index c69c5086452b..000000000000 --- a/awscli/examples/iot1click-devices/unclaim-device.rst +++ /dev/null @@ -1,14 +0,0 @@ -**To unclaim (deregister) a device from your AWS account** - -The following ``unclaim-device`` example unclaims (deregisters) the specified device from your AWS account. :: - - aws iot1click-devices unclaim-device \ - --device-id G030PM0123456789 - -Output:: - - { - "State": "UNCLAIMED" - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/untag-resource.rst b/awscli/examples/iot1click-devices/untag-resource.rst deleted file mode 100644 index 6ce9efe73dbb..000000000000 --- a/awscli/examples/iot1click-devices/untag-resource.rst +++ /dev/null @@ -1,12 +0,0 @@ -**To remove tags from a device AWS resource** - -The following ``untag-resource`` example removes the tags with the names ``Driver Phone`` and ``Driver`` from the specified device resource. :: - - aws iot1click-devices untag-resource \ - --resource-arn "arn:aws:iot1click:us-west-2:123456789012:projects/AnytownDumpsters" \ - --tag-keys "Driver Phone" "Driver" - - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-devices/update-device-state.rst b/awscli/examples/iot1click-devices/update-device-state.rst deleted file mode 100644 index 4d0b6c1b682d..000000000000 --- a/awscli/examples/iot1click-devices/update-device-state.rst +++ /dev/null @@ -1,11 +0,0 @@ -**To update the ``enabled`` state for a device** - -The following ``update-device-state`` sets the state of the specified device to ``enabled``. :: - - aws iot1click-devices update-device-state \ - --device-id G030PM0123456789 \ - --enabled - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/associate-device-with-placement.rst b/awscli/examples/iot1click-projects/associate-device-with-placement.rst deleted file mode 100644 index 37f928793e33..000000000000 --- a/awscli/examples/iot1click-projects/associate-device-with-placement.rst +++ /dev/null @@ -1,13 +0,0 @@ -**To associate an AWS IoT 1-Click device with an existing placement** - -The following ``associate-device-with-placement`` example associates the specified AWS IoT 1-Click device with an existing placement. :: - - aws iot1click-projects associate-device-with-placement \ - --project-name AnytownDumpsters \ - --placement-name customer217 \ - --device-template-name empty-dumpster-request \ - --device-id G030PM0123456789 - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/create-placement.rst b/awscli/examples/iot1click-projects/create-placement.rst deleted file mode 100644 index 28feb09ea97b..000000000000 --- a/awscli/examples/iot1click-projects/create-placement.rst +++ /dev/null @@ -1,12 +0,0 @@ -**To create an AWS IoT 1-Click placement for a project** - -The following ``create-placement`` example create an AWS IoT 1-Click placement for the specified project. :: - - aws iot1click-projects create-placement \ - --project-name AnytownDumpsters \ - --placement-name customer217 \ - --attributes "{"location": "123 Any Street Anytown, USA 10001", "phone": "123-456-7890"}" - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/create-project.rst b/awscli/examples/iot1click-projects/create-project.rst deleted file mode 100644 index 4ece7ec5cd46..000000000000 --- a/awscli/examples/iot1click-projects/create-project.rst +++ /dev/null @@ -1,27 +0,0 @@ -**To create an AWS IoT 1-Click project for zero or more placements** - -The following ``create-project`` example creates an AWS IoT 1-Click project for a placement. - - aws iot1click-projects create-project \ - --cli-input-json file://create-project.json - -Contents of ``create-project.json``:: - - { - "projectName": "AnytownDumpsters", - "description": "All dumpsters in the Anytown region.", - "placementTemplate": { - "defaultAttributes": { - "City" : "Anytown" - }, - "deviceTemplates": { - "empty-dumpster-request" : { - "deviceType": "button" - } - } - } - } - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/delete-placement.rst b/awscli/examples/iot1click-projects/delete-placement.rst deleted file mode 100644 index 1a76fcbcb601..000000000000 --- a/awscli/examples/iot1click-projects/delete-placement.rst +++ /dev/null @@ -1,11 +0,0 @@ -**To delete a placement from a project** - -The following ``delete-placement`` example deletes the specified placement from a project. :: - - aws iot1click-projects delete-placement \ - --project-name AnytownDumpsters \ - --placement-name customer217 - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/delete-project.rst b/awscli/examples/iot1click-projects/delete-project.rst deleted file mode 100644 index 936810b449ab..000000000000 --- a/awscli/examples/iot1click-projects/delete-project.rst +++ /dev/null @@ -1,10 +0,0 @@ -**To delete a project from your AWS account** - -The following ``delete-project`` example deletes the specified project from your AWS account. :: - - aws iot1click-projects delete-project \ - --project-name AnytownDumpsters - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/describe-placement.rst b/awscli/examples/iot1click-projects/describe-placement.rst deleted file mode 100644 index 980e175ea77e..000000000000 --- a/awscli/examples/iot1click-projects/describe-placement.rst +++ /dev/null @@ -1,24 +0,0 @@ -**To describe a placement for a project** - -The following ``describe-placement`` example describes a placement for the specified project. :: - - aws iot1click-projects describe-placement \ - --project-name AnytownDumpsters \ - --placement-name customer217 - -Output:: - - { - "placement": { - "projectName": "AnytownDumpsters", - "placementName": "customer217", - "attributes": { - "phone": "123-555-0110", - "location": "123 Any Street Anytown, USA 10001" - }, - "createdDate": 1563488454, - "updatedDate": 1563488454 - } - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/describe-project.rst b/awscli/examples/iot1click-projects/describe-project.rst deleted file mode 100644 index f57a786e400a..000000000000 --- a/awscli/examples/iot1click-projects/describe-project.rst +++ /dev/null @@ -1,32 +0,0 @@ -**To describe an AWS IoT 1-Click project** - -The following ``describe-project`` example describes the specified AWS IoT 1-Click project. :: - - aws iot1click-projects describe-project \ - --project-name AnytownDumpsters - -Output:: - - { - "project": { - "arn": "arn:aws:iot1click:us-west-2:012345678901:projects/AnytownDumpsters", - "projectName": "AnytownDumpsters", - "description": "All dumpsters in the Anytown region.", - "createdDate": 1563483100, - "updatedDate": 1563483100, - "placementTemplate": { - "defaultAttributes": { - "City": "Anytown" - }, - "deviceTemplates": { - "empty-dumpster-request": { - "deviceType": "button", - "callbackOverrides": {} - } - } - }, - "tags": {} - } - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/disassociate-device-from-placement.rst b/awscli/examples/iot1click-projects/disassociate-device-from-placement.rst deleted file mode 100644 index b66f2e844866..000000000000 --- a/awscli/examples/iot1click-projects/disassociate-device-from-placement.rst +++ /dev/null @@ -1,12 +0,0 @@ -**To disassociate a device from a placement** - -The following ``disassociate-device-from-placement`` example disassociates the specified device from a placement. :: - - aws iot1click-projects disassociate-device-from-placement \ - --project-name AnytownDumpsters \ - --placement-name customer217 \ - --device-template-name empty-dumpster-request - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/get-devices-in-placement.rst b/awscli/examples/iot1click-projects/get-devices-in-placement.rst deleted file mode 100644 index 2ef62a3b942d..000000000000 --- a/awscli/examples/iot1click-projects/get-devices-in-placement.rst +++ /dev/null @@ -1,17 +0,0 @@ -**To list all devices in a placement contained in a project** - -The following ``get-devices-in-placement`` example lists all devices in a the specified placement contained in the specified project. :: - - aws iot1click-projects get-devices-in-placement \ - --project-name AnytownDumpsters \ - --placement-name customer217 - -Output:: - - { - "devices": { - "empty-dumpster-request": "G030PM0123456789" - } - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/list-placements.rst b/awscli/examples/iot1click-projects/list-placements.rst deleted file mode 100644 index e28fd28ca049..000000000000 --- a/awscli/examples/iot1click-projects/list-placements.rst +++ /dev/null @@ -1,21 +0,0 @@ -**To list all AWS IoT 1-Click placements for a project** - -The following ``list-placements`` example lists all AWS IoT 1-Click placements for the specified project. :: - - aws iot1click-projects list-placements \ - --project-name AnytownDumpsters - -Output:: - - { - "placements": [ - { - "projectName": "AnytownDumpsters", - "placementName": "customer217", - "createdDate": 1563488454, - "updatedDate": 1563488454 - } - ] - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/list-projects.rst b/awscli/examples/iot1click-projects/list-projects.rst deleted file mode 100644 index 54efeedf4349..000000000000 --- a/awscli/examples/iot1click-projects/list-projects.rst +++ /dev/null @@ -1,21 +0,0 @@ -**To list all AWS IoT 1-Click projects** - -The following ``list-projects`` example list all AWS IoT 1-Click projects in your account. :: - - aws iot1click-projects list-projects - -Output:: - - { - "projects": [ - { - "arn": "arn:aws:iot1click:us-west-2:012345678901:projects/AnytownDumpsters", - "projectName": "AnytownDumpsters", - "createdDate": 1563483100, - "updatedDate": 1563483100, - "tags": {} - } - ] - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/list-tags-for-resource.rst b/awscli/examples/iot1click-projects/list-tags-for-resource.rst deleted file mode 100644 index 5ccba4fa102f..000000000000 --- a/awscli/examples/iot1click-projects/list-tags-for-resource.rst +++ /dev/null @@ -1,17 +0,0 @@ -**To list the tags for a project resource** - -The following ``list-tags-for-resource`` example list the tags for the specified project resource. :: - - aws iot1click-projects list-tags-for-resource \ - --resource-arn "arn:aws:iot1click:us-west-2:123456789012:projects/AnytownDumpsters" - -Output:: - - { - "tags": { - "Manager": "Li Juan", - "Account": "45215" - } - } - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/tag-resource.rst b/awscli/examples/iot1click-projects/tag-resource.rst deleted file mode 100644 index 8dc43f58acc1..000000000000 --- a/awscli/examples/iot1click-projects/tag-resource.rst +++ /dev/null @@ -1,20 +0,0 @@ -**To add tags to a project resource** - -The following ``tag-resource`` example adds two tags to the specified project resource. :: - - aws iot1click-projects tag-resource \ - --cli-input-json file://devices-tag-resource.json - -Contents of ``devices-tag-resource.json``:: - - { - "resourceArn": "arn:aws:iot1click:us-west-2:123456789012:projects/AnytownDumpsters", - "tags": { - "Account": "45215", - "Manager": "Li Juan" - } - } - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/untag-resource.rst b/awscli/examples/iot1click-projects/untag-resource.rst deleted file mode 100644 index 5bc6e7ee6e4d..000000000000 --- a/awscli/examples/iot1click-projects/untag-resource.rst +++ /dev/null @@ -1,11 +0,0 @@ -**To remove tags from a project resource** - -The following ``untag-resource`` example removes the tag with the key name ``Manager`` from the specified project. :: - - aws iot1click-projects untag-resource \ - --resource-arn "arn:aws:iot1click:us-west-2:123456789012:projects/AnytownDumpsters" \ - --tag-keys "Manager" - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/update-placement.rst b/awscli/examples/iot1click-projects/update-placement.rst deleted file mode 100644 index 1e996040594d..000000000000 --- a/awscli/examples/iot1click-projects/update-placement.rst +++ /dev/null @@ -1,21 +0,0 @@ -**To update the "attributes" key-value pairs of a placement** - -The following ``update-placement`` example update the "attributes" key-value pairs of a placement. :: - - aws iot1click-projects update-placement \ - --cli-input-json file://update-placement.json - -Contents of ``update-placement.json``:: - - { - "projectName": "AnytownDumpsters", - "placementName": "customer217", - "attributes": { - "phone": "123-456-7890", - "location": "123 Any Street Anytown, USA 10001" - } - } - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/iot1click-projects/update-project.rst b/awscli/examples/iot1click-projects/update-project.rst deleted file mode 100644 index 3bd7d9b8eb5e..000000000000 --- a/awscli/examples/iot1click-projects/update-project.rst +++ /dev/null @@ -1,11 +0,0 @@ -**To update settings for a project** - -The following ``update-project`` example updates the description for a project. :: - - aws iot1click-projects update-project \ - --project-name AnytownDumpsters \ - --description "All dumpsters (yard waste, recycling, garbage) in the Anytown region." - -This command produces no output. - -For more information, see `Using AWS IoT 1-Click with the AWS CLI `__ in the *AWS IoT 1-Click Developer Guide*. diff --git a/awscli/examples/ivs-realtime/create-encoder-configuration.rst b/awscli/examples/ivs-realtime/create-encoder-configuration.rst new file mode 100644 index 000000000000..9ec953bae8f6 --- /dev/null +++ b/awscli/examples/ivs-realtime/create-encoder-configuration.rst @@ -0,0 +1,24 @@ +**To create a composition encoder configuration** + +The following ``create-encoder-configuration`` example creates a composition encoder configuration with the specified properties. :: + + aws ivs-realtime create-encoder-configuration \ + --name test-ec --video bitrate=3500000,framerate=30.0,height=1080,width=1920 + +Output:: + + { + "encoderConfiguration": { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef", + "name": "test-ec", + "tags": {}, + "video": { + "bitrate": 3500000, + "framerate": 30, + "height": 1080, + "width": 1920 + } + } + } + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/create-ingest-configuration.rst b/awscli/examples/ivs-realtime/create-ingest-configuration.rst new file mode 100644 index 000000000000..6baf24dbed9b --- /dev/null +++ b/awscli/examples/ivs-realtime/create-ingest-configuration.rst @@ -0,0 +1,25 @@ +**To create an ingest configuration** + +The following ``create-ingest-configuration`` example creates an ingest configuration using RTMPS protocol. :: + + aws ivs-realtime create-ingest-configuration \ + --name ingest1 \ + --ingest-protocol rtmps + +Output:: + + { + "ingestConfiguration": { + "name": "ingest1", + "arn": "arn:aws:ivs:us-west-2:123456789012:ingest-configuration/AbCdEfGh1234", + "ingestProtocol": "RTMPS", + "streamKey": "rt_123456789012_us-west-2_AbCdEfGh1234_abcd1234efgh5678ijkl9012MNOP34", + "stageArn": "", + "participantId": "xyZ654abC321", + "state": "INACTIVE", + "userId": "", + "tags": {} + } + } + +For more information, see `IVS Stream Ingest | Real-Time Streaming `__ in the *Amazon Interactive Video Service User Guide*. diff --git a/awscli/examples/ivs-realtime/create-stage.rst b/awscli/examples/ivs-realtime/create-stage.rst index 788be13f844d..5b94fa41baf6 100644 --- a/awscli/examples/ivs-realtime/create-stage.rst +++ b/awscli/examples/ivs-realtime/create-stage.rst @@ -1,4 +1,4 @@ -**To create a stage** +**Example 1: To create a stage** The following ``create-stage`` example creates a stage and stage participant token for a specified user. :: @@ -19,9 +19,48 @@ Output:: "stage": { "activeSessionId": "st-a1b2c3d4e5f6g", "arn": "arn:aws:ivs:us-west-2:123456789012:stage/abcdABCDefgh", + "endpoints": { + "events": "wss://global.events.live-video.net", + "rtmp": "rtmp://9x0y8z7s6t5u.global-contribute-staging.live-video.net/app/", + "rtmps": "rtmps://9x0y8z7s6t5u.global-contribute-staging.live-video.net:443/app/", + "whip": "https://1a2b3c4d5e6f.global-bm.whip.live-video.net" + }, "name": "stage1", "tags": {} } } -For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. + +**Example 2: To create a stage and configure individial participant recording** + +The following ``create-stage`` example creates a stage and configures individual participant recording. :: + + aws ivs-realtime create-stage \ + --name stage1 \ + --auto-participant-recording-configuration '{"mediaTypes": ["AUDIO_VIDEO"],"storageConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:storage-configuration/abcdABCDefgh"}' + +Output:: + + { + "stage": { + "activeSessionId": "st-a1b2c3d4e5f6g", + "arn": "arn:aws:ivs:us-west-2:123456789012:stage/abcdABCDefgh", + "autoParticipantRecordingConfiguration": { + "mediaTypes": [ + "AUDIO_VIDEO" + ], + "storageConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:storage-configuration/abcdABCDefgh", + }, + "endpoints": { + "events": "wss://global.events.live-video.net", + "rtmp": "rtmp://9x0y8z7s6t5u.global-contribute-staging.live-video.net/app/", + "rtmps": "rtmps://9x0y8z7s6t5u.global-contribute-staging.live-video.net:443/app/", + "whip": "https://1a2b3c4d5e6f.global-bm.whip.live-video.net" + }, + "name": "stage1", + "tags": {} + } + } + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. diff --git a/awscli/examples/ivs-realtime/create-storage-configuration.rst b/awscli/examples/ivs-realtime/create-storage-configuration.rst new file mode 100644 index 000000000000..904e02a7b48d --- /dev/null +++ b/awscli/examples/ivs-realtime/create-storage-configuration.rst @@ -0,0 +1,21 @@ +**To create a composition storage configuration** + +The following ``create-storage-configuration`` example creates a composition storage configuration with the specified properties. :: + + aws ivs-realtime create-storage-configuration \ + --name "test-sc" --s3 "bucketName=amzn-s3-demo-bucket" + +Output:: + + { + "storageConfiguration": { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/ABabCDcdEFef", + "name": "test-sc", + "s3": { + "bucketName": "amzn-s3-demo-bucket" + }, + "tags": {} + } + } + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/delete-encoder-configuration.rst b/awscli/examples/ivs-realtime/delete-encoder-configuration.rst new file mode 100644 index 000000000000..0826c5e30972 --- /dev/null +++ b/awscli/examples/ivs-realtime/delete-encoder-configuration.rst @@ -0,0 +1,10 @@ +**To delete a composition encoder configuration** + +The following ``delete-encoder-configuration`` deletes the composition encoder configuration specified by the given ARN (Amazon Resource Name). :: + + aws ivs-realtime delete-encoder-configuration \ + --arn "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef" + +This command produces no output. + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/delete-ingest-configuration.rst b/awscli/examples/ivs-realtime/delete-ingest-configuration.rst new file mode 100644 index 000000000000..daa3e0eec53c --- /dev/null +++ b/awscli/examples/ivs-realtime/delete-ingest-configuration.rst @@ -0,0 +1,22 @@ +**Example 1: To delete an inactive ingest configuration** + +The following ``delete-ingest-configuration`` example deletes the inactive ingest configuration for a specified ingest-configuration ARN (Amazon Resource Name). :: + + aws ivs-realtime delete-ingest-configuration \ + --arn arn:aws:ivs:us-west-2:123456789012:ingest-configuration/AbCdEfGh1234 + +This command produces no output. + +For more information, see `IVS Stream Ingest | Real-Time Streaming `__ in the *Amazon Interactive Video Service User Guide*. + +**Example 2: To force delete an active ingest configuration** + +The following ``delete-ingest-configuration`` example forces deletion of the active ingest configuration for a specified ingest-configuration ARN (Amazon Resource Name). :: + + aws ivs-realtime delete-ingest-configuration \ + --arn arn:aws:ivs:us-west-2:123456789012:ingest-configuration/AbCdEfGh1234 \ + --force + +This command produces no output. + +For more information, see `IVS Stream Ingest | Real-Time Streaming `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/delete-public-key.rst b/awscli/examples/ivs-realtime/delete-public-key.rst new file mode 100644 index 000000000000..b4764d74be46 --- /dev/null +++ b/awscli/examples/ivs-realtime/delete-public-key.rst @@ -0,0 +1,10 @@ +**To delete a public key** + +The following ``delete-public-key`` deletes the specified public key. :: + + aws ivs-realtime delete-public-key \ + --arn arn:aws:ivs:us-west-2:123456789012:public-key/abcdABC1efg2 + +This command produces no output. + +For more information, see `Distribute Participant Tokens `__ in the *Amazon IVS Real-Time Streaming User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/delete-storage-configuration.rst b/awscli/examples/ivs-realtime/delete-storage-configuration.rst new file mode 100644 index 000000000000..fc532178008e --- /dev/null +++ b/awscli/examples/ivs-realtime/delete-storage-configuration.rst @@ -0,0 +1,10 @@ +**To delete a composition storage configuration** + +The following ``delete-storage-configuration`` deletes the composition storage configuration specified by the given ARN (Amazon Resource Name). :: + + aws ivs-realtime delete-storage-configuration \ + --arn "arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/ABabCDcdEFef" + +This command produces no output. + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/get-composition.rst b/awscli/examples/ivs-realtime/get-composition.rst new file mode 100644 index 000000000000..c85f680c10b2 --- /dev/null +++ b/awscli/examples/ivs-realtime/get-composition.rst @@ -0,0 +1,133 @@ +**Example 1: To get a composition with default layout settings** + +The following ``get-composition`` example gets the composition for the ARN (Amazon Resource Name) specified. :: + + aws ivs-realtime get-composition \ + --arn "arn:aws:ivs:ap-northeast-1:123456789012:composition/abcdABCDefgh" + +Output:: + + { + "composition": { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:composition/abcdABCDefgh", + "destinations": [ + { + "configuration": { + "channel": { + "channelArn": "arn:aws:ivs:ap-northeast-1:123456789012:channel/abcABCdefDEg", + "encoderConfigurationArn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef" + }, + "name": "" + }, + "id": "AabBCcdDEefF", + "startTime": "2023-10-16T23:26:00+00:00", + "state": "ACTIVE" + }, + { + "configuration": { + "name": "", + "s3": { + "encoderConfigurationArns": [ + "arn:aws:ivs:arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef" + ], + "recordingConfiguration": { + "format": "HLS" + }, + "storageConfigurationArn": "arn:arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/FefABabCDcdE" + } + }, + "detail": { + "s3": { + "recordingPrefix": "aBcDeFgHhGfE/AbCdEfGhHgFe/GHFabcgefABC/composite" + } + }, + "id": "GHFabcgefABC", + "startTime": "2023-10-16T23:26:00+00:00", + "state": "STARTING" + } + ], + "layout": { + "grid": { + "featuredParticipantAttribute": "" + "gridGap": 2, + "omitStoppedVideo": false, + "videoAspectRatio": "VIDEO", + "videoFillMode": "" } + }, + "stageArn": "arn:aws:ivs:ap-northeast-1:123456789012:stage/defgABCDabcd", + "startTime": "2023-10-16T23:24:00+00:00", + "state": "ACTIVE", + "tags": {} + } + } + +For more information, see `Composite Recording (Real-Time Streaming) `__ in the *Amazon Interactive Video Service User Guide*. + +**Example 2: To get a composition with PiP layout** + +The following ``get-composition`` example gets the composition for the ARN (Amazon Resource Name) specified, which uses PiP layout. :: + + aws ivs-realtime get-composition \ + --arn "arn:aws:ivs:ap-northeast-1:123456789012:composition/wxyzWXYZpqrs" + +Output:: + + { + "composition": { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:composition/wxyzWXYZpqrs", + "destinations": [ + { + "configuration": { + "channel": { + "channelArn": "arn:aws:ivs:ap-northeast-1:123456789012:channel/abcABCdefDEg", + "encoderConfigurationArn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef" + }, + "name": "" + }, + "id": "AabBCcdDEefF", + "startTime": "2023-10-16T23:26:00+00:00", + "state": "ACTIVE" + }, + { + "configuration": { + "name": "", + "s3": { + "encoderConfigurationArns": [ + "arn:aws:ivs:arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef" + ], + "recordingConfiguration": { + "format": "HLS" + }, + "storageConfigurationArn": "arn:arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/FefABabCDcdE" + } + }, + "detail": { + "s3": { + "recordingPrefix": "aBcDeFgHhGfE/AbCdEfGhHgFe/GHFabcgefABC/composite" + } + }, + "id": "GHFabcgefABC", + "startTime": "2023-10-16T23:26:00+00:00", + "state": "STARTING" + } + ], + "layout": { + "pip": { + "featuredParticipantAttribute": "abcdefg", + "gridGap": 0, + "omitStoppedVideo": false, + "pipBehavior": "STATIC", + "pipOffset": 0, + "pipParticipantAttribute": "", + "pipPosition": "BOTTOM_RIGHT", + "videoFillMode": "COVER" + } + }, + "stageArn": "arn:aws:ivs:ap-northeast-1:123456789012:stage/defgABCDabcd", + "startTime": "2023-10-16T23:24:00+00:00", + "state": "ACTIVE", + "tags": {} + } + } + +For more information, see `Composite Recording (Real-Time Streaming) `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/get-encoder-configuration.rst b/awscli/examples/ivs-realtime/get-encoder-configuration.rst new file mode 100644 index 000000000000..b8990199847b --- /dev/null +++ b/awscli/examples/ivs-realtime/get-encoder-configuration.rst @@ -0,0 +1,24 @@ +**To get a composition encoder configuration** + +The following ``get-encoder-configuration`` example gets the composition encoder configuration specified by the given ARN (Amazon Resource Name). :: + + aws ivs-realtime get-encoder-configuration \ + --arn "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/abcdABCDefgh" + +Output:: + + { + "encoderConfiguration": { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/abcdABCDefgh", + "name": "test-ec", + "tags": {}, + "video": { + "bitrate": 3500000, + "framerate": 30, + "height": 1080, + "width": 1920 + } + } + } + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/get-ingest-configuration.rst b/awscli/examples/ivs-realtime/get-ingest-configuration.rst new file mode 100644 index 000000000000..f38753d068a6 --- /dev/null +++ b/awscli/examples/ivs-realtime/get-ingest-configuration.rst @@ -0,0 +1,24 @@ +**To get ingest configuration information** + +The following ``get-ingest-configuration`` example gets the ingest configuration for a specified ingest-configuration ARN (Amazon Resource Name). :: + + aws ivs-realtime get-ingest-configuration \ + --arn arn:aws:ivs:us-west-2:123456789012:ingest-configuration/AbCdEfGh1234 + +Output:: + + { + "ingestConfiguration": { + "name": "ingest1", + "arn": "arn:aws:ivs:us-west-2:123456789012:ingest-configuration/AbCdEfGh1234", + "ingestProtocol": "RTMPS", + "streamKey": "rt_123456789012_us-west-2_AbCdEfGh1234_abcd1234efgh5678ijkl9012MNOP34", + "stageArn": "", + "participantId": "xyZ654abC321", + "state": "INACTIVE", + "userId": "", + "tags": {} + } + } + +For more information, see `IVS Stream Ingest | Real-Time Streaming `__ in the *Amazon Interactive Video Service User Guide*. diff --git a/awscli/examples/ivs-realtime/get-participant.rst b/awscli/examples/ivs-realtime/get-participant.rst index 11ee63a21466..55d98715863f 100644 --- a/awscli/examples/ivs-realtime/get-participant.rst +++ b/awscli/examples/ivs-realtime/get-participant.rst @@ -11,12 +11,21 @@ Output:: { "participant": { + "browserName", "Google Chrome", + "browserVersion", "116", "firstJoinTime": "2023-04-26T20:30:34+00:00", + "ispName", "Comcast", + "osName", "Microsoft Windows 10 Pro", + "osVersion", "10.0.19044" "participantId": "abCDEf12GHIj", "published": true, - "state": "DISCONNECTED", - "userId": "" + "recordingS3BucketName": "bucket-name", + "recordingS3Prefix": "abcdABCDefgh/st-a1b2c3d4e5f6g/abCDEf12GHIj/1234567890", + "recordingState": "ACTIVE", + "sdkVersion", "", + "state": "CONNECTED", + "userId": "", } } -For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/get-public-key.rst b/awscli/examples/ivs-realtime/get-public-key.rst new file mode 100644 index 000000000000..642d0fb4c931 --- /dev/null +++ b/awscli/examples/ivs-realtime/get-public-key.rst @@ -0,0 +1,20 @@ +**To get an existing public key used to sign stage participant tokens** + +The following ``get-public-key`` example gets a public key specified by the provided ARN, for sigining stage participant tokens. :: + + aws ivs-realtime get-public-key \ + --arn arn:aws:ivs:us-west-2:123456789012:public-key/abcdABC1efg2 + +Output:: + + { + "publicKey": { + "arn": "arn:aws:ivs:us-west-2:123456789012:public-key/abcdABC1efg2", + "name": "", + "publicKeyMaterial": "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqVWUtqs6EktQMR1sCYmEzGvRwtaycI16\n9pmzcpiWu/uhNStGlteJ5odRfRwVkoQUMnSZXTCcbn9bBTTmiWo4mJcFOOAzsthH\n0UAb8NdD4tUE0At4a9hYP9IETEXAMPLE\n-----END PUBLIC KEY-----", + "fingerprint": "12:a3:44:56:bc:7d:e8:9f:10:2g:34:hi:56:78:90:12", + "tags": {} + } + } + +For more information, see `Distribute Participant Tokens `__ in the *Amazon IVS Real-Time Streaming User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/get-stage.rst b/awscli/examples/ivs-realtime/get-stage.rst index 72289f44ae8e..cf56514a5a99 100644 --- a/awscli/examples/ivs-realtime/get-stage.rst +++ b/awscli/examples/ivs-realtime/get-stage.rst @@ -11,9 +11,21 @@ Output:: "stage": { "activeSessionId": "st-a1b2c3d4e5f6g", "arn": "arn:aws:ivs:us-west-2:123456789012:stage/abcdABCDefgh", + "autoParticipantRecordingConfiguration": { + "mediaTypes": [ + "AUDIO_VIDEO" + ], + "storageConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:storage-configuration/abcdABCDefgh", + }, + "endpoints": { + "events": "wss://global.events.live-video.net", + "rtmp": "rtmp://9x0y8z7s6t5u.global-contribute-staging.live-video.net/app/", + "rtmps": "rtmps://9x0y8z7s6t5u.global-contribute-staging.live-video.net:443/app/", + "whip": "https://1a2b3c4d5e6f.global-bm.whip.live-video.net" + }, "name": "test", "tags": {} } } -For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. diff --git a/awscli/examples/ivs-realtime/get-storage-configuration.rst b/awscli/examples/ivs-realtime/get-storage-configuration.rst new file mode 100644 index 000000000000..c04c3c2cfe02 --- /dev/null +++ b/awscli/examples/ivs-realtime/get-storage-configuration.rst @@ -0,0 +1,21 @@ +**To get a composition storage configuration** + +The following ``get-storage-configuration`` example gets the composition storage configuration specified by the given ARN (Amazon Resource Name). :: + + aws ivs-realtime get-storage-configuration \ + --name arn "arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/abcdABCDefgh" + +Output:: + + { + "storageConfiguration": { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/abcdABCDefgh", + "name": "test-sc", + "s3": { + "bucketName": "amzn-s3-demo-bucket" + }, + "tags": {} + } + } + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/import-public-key.rst b/awscli/examples/ivs-realtime/import-public-key.rst new file mode 100644 index 000000000000..ff6e78fee0ab --- /dev/null +++ b/awscli/examples/ivs-realtime/import-public-key.rst @@ -0,0 +1,20 @@ +**To import an existing public key to be used to sign stage participant tokens** + +The following ``import-public-key`` example imports a public key from a material file, to be used for sigining stage participant tokens. :: + + aws ivs-realtime import-public-key \ + --public-key-material="`cat public.pem`" + +Output:: + + { + "publicKey": { + "arn": "arn:aws:ivs:us-west-2:123456789012:public-key/abcdABC1efg2", + "name": "", + "publicKeyMaterial": "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEqVWUtqs6EktQMR1sCYmEzGvRwtaycI16\n9pmzcpiWu/uhNStGlteJ5odRfRwVkoQUMnSZXTCcbn9bBTTmiWo4mJcFOOAzsthH\n0UAb8NdD4tUE0At4a9hYP9IETEXAMPLE\n-----END PUBLIC KEY-----", + "fingerprint": "12:a3:44:56:bc:7d:e8:9f:10:2g:34:hi:56:78:90:12", + "tags": {} + } + } + +For more information, see `Distribute Participant Tokens `__ in the *Amazon IVS Real-Time Streaming User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/list-compositions.rst b/awscli/examples/ivs-realtime/list-compositions.rst new file mode 100644 index 000000000000..9a0409bcee91 --- /dev/null +++ b/awscli/examples/ivs-realtime/list-compositions.rst @@ -0,0 +1,50 @@ +**To get a list of compositions** + +The following ``list-compositions`` lists all compositions for your AWS account, in the AWS region where the API request is processed. :: + + aws ivs-realtime list-compositions + +Output:: + + { + "compositions": [ + { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:composition/abcdABCDefgh", + "destinations": [ + { + "id": "AabBCcdDEefF", + "startTime": "2023-10-16T23:25:23+00:00", + "state": "ACTIVE" + } + ], + "stageArn": "arn:aws:ivs:ap-northeast-1:123456789012:stage/defgABCDabcd", + "startTime": "2023-10-16T23:25:21+00:00", + "state": "ACTIVE", + "tags": {} + }, + { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:composition/ABcdabCDefgh", + "destinations": [ + { + "endTime": "2023-10-16T23:25:00.786512+00:00", + "id": "aABbcCDdeEFf", + "startTime": "2023-10-16T23:24:01+00:00", + "state": "STOPPED" + }, + { + "endTime": "2023-10-16T23:25:00.786512+00:00", + "id": "deEFfaABbcCD", + "startTime": "2023-10-16T23:24:01+00:00", + "state": "STOPPED" + } + ], + "endTime": "2023-10-16T23:25:00+00:00", + "stageArn": "arn:aws:ivs:ap-northeast-1:123456789012:stage/efghabcdABCD", + "startTime": "2023-10-16T23:24:00+00:00", + "state": "STOPPED", + "tags": {} + } + ] + } + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/list-encoder-configurations.rst b/awscli/examples/ivs-realtime/list-encoder-configurations.rst new file mode 100644 index 000000000000..3bbcbe2654fc --- /dev/null +++ b/awscli/examples/ivs-realtime/list-encoder-configurations.rst @@ -0,0 +1,24 @@ +**To list composition encoder configurations** + +The following ``list-encoder-configurations`` lists all composition encoder configurations for your AWS account, in the AWS region where the API request is processed. :: + + aws ivs-realtime list-encoder-configurations + +Output:: + + { + "encoderConfigurations": [ + { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/abcdABCDefgh", + "name": "test-ec-1", + "tags": {} + }, + { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABCefgEFGabc", + "name": "test-ec-2", + "tags": {} + } + ] + } + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/list-ingest-configurations.rst b/awscli/examples/ivs-realtime/list-ingest-configurations.rst new file mode 100644 index 000000000000..842348c03e93 --- /dev/null +++ b/awscli/examples/ivs-realtime/list-ingest-configurations.rst @@ -0,0 +1,23 @@ +**To get summary information about all ingest configurations** + +The following ``list-ingest-configurations`` example lists all ingest configurations for your AWS account, in the AWS region where the API request is processed. :: + + aws ivs-realtime list-ingest-configurations + +Output:: + + { + "ingestConfigurations": [ + { + "name": "", + "arn": "arn:aws:ivs:us-west-2:123456789012:ingest-configuration/XYZuvwSt4567", + "ingestProtocol": "RTMPS", + "stageArn": "arn:aws:ivs:us-west-2:123456789012:stage/abcdABCDefgh", + "participnatId": "abC789Xyz456", + "state": "INACTIVE" + "userId": "", + } + ] + } + +For more information, see `IVS Stream Ingest | Real-Time Streaming `__ in the *Amazon Interactive Video Service User Guide*. diff --git a/awscli/examples/ivs-realtime/list-participants.rst b/awscli/examples/ivs-realtime/list-participants.rst index ddfefef98429..80cb7c8a21d2 100644 --- a/awscli/examples/ivs-realtime/list-participants.rst +++ b/awscli/examples/ivs-realtime/list-participants.rst @@ -14,10 +14,11 @@ Output:: "firstJoinTime": "2023-04-26T20:30:34+00:00", "participantId": "abCDEf12GHIj" "published": true, + "recordingState": "STOPPED", "state": "DISCONNECTED", "userId": "" } ] } -For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/list-public-keys.rst b/awscli/examples/ivs-realtime/list-public-keys.rst new file mode 100644 index 000000000000..c2d45027e01a --- /dev/null +++ b/awscli/examples/ivs-realtime/list-public-keys.rst @@ -0,0 +1,24 @@ +**To list existing public keys available to sign stage participant tokens** + +The following ``list-public-keys`` example lists all public keys available for sigining stage participant tokens, in the AWS region where the API request is processed. :: + + aws ivs-realtime list-public-keys + +Output:: + + { + "publicKeys": [ + { + "arn": "arn:aws:ivs:us-west-2:123456789012:public-key/abcdABC1efg2", + "name": "", + "tags": {} + }, + { + "arn": "arn:aws:ivs:us-west-2:123456789012:public-key/3bcdABCDefg4", + "name": "", + "tags": {} + } + ] + } + +For more information, see `Distribute Participant Tokens `__ in the *Amazon IVS Real-Time Streaming User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/list-stages.rst b/awscli/examples/ivs-realtime/list-stages.rst index eead7899740f..4aa41e517476 100644 --- a/awscli/examples/ivs-realtime/list-stages.rst +++ b/awscli/examples/ivs-realtime/list-stages.rst @@ -1,6 +1,6 @@ **To get summary information about all stages** -The following ``list-stages`` example lists all channels for your AWS account, in the AWS region where the API request is processed. :: +The following ``list-stages`` example lists all stages for your AWS account, in the AWS region where the API request is processed. :: aws ivs-realtime list-stages @@ -29,4 +29,4 @@ Output:: ] } -For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/list-storage-configurations.rst b/awscli/examples/ivs-realtime/list-storage-configurations.rst new file mode 100644 index 000000000000..11bd1f872fae --- /dev/null +++ b/awscli/examples/ivs-realtime/list-storage-configurations.rst @@ -0,0 +1,30 @@ +**To list composition storage configurations** + +The following ``list-storage-configurations`` lists all composition storage configurations for your AWS account, in the AWS region where the API request is processed. :: + + aws ivs-realtime list-storage-configurations + +Output:: + + { + "storageConfigurations": [ + { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/abcdABCDefgh", + "name": "test-sc-1", + "s3": { + "bucketName": "amzn-s3-demo-bucket-1" + }, + "tags": {} + }, + { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/ABCefgEFGabc", + "name": "test-sc-2", + "s3": { + "bucketName": "amzn-s3-demo-bucket-2" + }, + "tags": {} + } + ] + } + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/start-composition.rst b/awscli/examples/ivs-realtime/start-composition.rst new file mode 100644 index 000000000000..fbfac59128a3 --- /dev/null +++ b/awscli/examples/ivs-realtime/start-composition.rst @@ -0,0 +1,139 @@ +**Example 1: To start a composition with default layout settings** + +The following ``start-composition`` example starts a composition for the specified stage to be streamed to the specified locations. :: + + aws ivs-realtime start-composition \ + --stage-arn arn:aws:ivs:ap-northeast-1:123456789012:stage/defgABCDabcd \ + --destinations '[{"channel": {"channelArn": "arn:aws:ivs:ap-northeast-1:123456789012:channel/abcABCdefDEg", \ + "encoderConfigurationArn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef"}}, \ + {"s3":{"encoderConfigurationArns":["arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef"], \ + "storageConfigurationArn":"arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/FefABabCDcdE"}}]' + +Output:: + + { + "composition": { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:composition/abcdABCDefgh", + "destinations": [ + { + "configuration": { + "channel": { + "channelArn": "arn:aws:ivs:ap-northeast-1:123456789012:channel/abcABCdefDEg", + "encoderConfigurationArn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef" + }, + "name": "" + }, + "id": "AabBCcdDEefF", + "state": "STARTING" + }, + { + "configuration": { + "name": "", + "s3": { + "encoderConfigurationArns": [ + "arn:aws:ivs:arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef" + ], + "recordingConfiguration": { + "format": "HLS" + }, + "storageConfigurationArn": "arn:arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/FefABabCDcdE" + } + }, + "detail": { + "s3": { + "recordingPrefix": "aBcDeFgHhGfE/AbCdEfGhHgFe/GHFabcgefABC/composite" + } + }, + "id": "GHFabcgefABC", + "state": "STARTING" + } + ], + "layout": { + "grid": { + "featuredParticipantAttribute": "" + "gridGap": 2, + "omitStoppedVideo": false, + "videoAspectRatio": "VIDEO", + "videoFillMode": "" + } + }, + "stageArn": "arn:aws:ivs:ap-northeast-1:123456789012:stage/defgABCDabcd", + "startTime": "2023-10-16T23:24:00+00:00", + "state": "STARTING", + "tags": {} + } + } + +For more information, see `Composite Recording (Real-Time Streaming) `__ in the *Amazon Interactive Video Service User Guide*. + +**Example 2: To start a composition with PiP layout** + +The following ``start-composition`` example starts a composition for the specified stage to be streamed to the specified locations using PiP layout. :: + + aws ivs-realtime start-composition \ + --stage-arn arn:aws:ivs:ap-northeast-1:123456789012:stage/defgABCDabcd \ + --destinations '[{"channel": {"channelArn": "arn:aws:ivs:ap-northeast-1:123456789012:channel/abcABCdefDEg", \ + "encoderConfigurationArn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef"}}, \ + {"s3":{"encoderConfigurationArns":["arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef"], \ + "storageConfigurationArn":"arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/FefABabCDcdE"}}]' \ + --layout pip='{featuredParticipantAttribute="abcdefg"}' + +Output:: + + { + "composition": { + "arn": "arn:aws:ivs:ap-northeast-1:123456789012:composition/wxyzWXYZpqrs", + "destinations": [ + { + "configuration": { + "channel": { + "channelArn": "arn:aws:ivs:ap-northeast-1:123456789012:channel/abcABCdefDEg", + "encoderConfigurationArn": "arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef" + }, + "name": "" + }, + "id": "AabBCcdDEefF", + "state": "STARTING" + }, + { + "configuration": { + "name": "", + "s3": { + "encoderConfigurationArns": [ + "arn:aws:ivs:arn:aws:ivs:ap-northeast-1:123456789012:encoder-configuration/ABabCDcdEFef" + ], + "recordingConfiguration": { + "format": "HLS" + }, + "storageConfigurationArn": "arn:arn:aws:ivs:ap-northeast-1:123456789012:storage-configuration/FefABabCDcdE" + } + }, + "detail": { + "s3": { + "recordingPrefix": "aBcDeFgHhGfE/AbCdEfGhHgFe/GHFabcgefABC/composite" + } + }, + "id": "GHFabcgefABC", + "state": "STARTING" + } + ], + "layout": { + "pip": { + "featuredParticipantAttribute": "abcdefg", + "gridGap": 0, + "omitStoppedVideo": false, + "pipBehavior": "STATIC", + "pipOffset": 0, + "pipParticipantAttribute": "", + "pipPosition": "BOTTOM_RIGHT", + "videoFillMode": "COVER" + } + }, + "stageArn": "arn:aws:ivs:ap-northeast-1:123456789012:stage/defgABCDabcd", + "startTime": "2023-10-16T23:24:00+00:00", + "state": "STARTING", + "tags": {} + } + } + +For more information, see `Composite Recording (Real-Time Streaming) `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/stop-composition.rst b/awscli/examples/ivs-realtime/stop-composition.rst new file mode 100644 index 000000000000..e88e78bdc5dc --- /dev/null +++ b/awscli/examples/ivs-realtime/stop-composition.rst @@ -0,0 +1,10 @@ +**To stop a composition** + +The following ``stop-composition`` stops the composition specified by the given ARN (Amazon Resource Name). :: + + aws ivs-realtime stop-composition \ + --arn "arn:aws:ivs:ap-northeast-1:123456789012:composition/abcdABCDefgh" + +This command produces no output. + +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs-realtime/update-ingest-configuration.rst b/awscli/examples/ivs-realtime/update-ingest-configuration.rst new file mode 100644 index 000000000000..990416099996 --- /dev/null +++ b/awscli/examples/ivs-realtime/update-ingest-configuration.rst @@ -0,0 +1,25 @@ +**To update an ingest configuration** + +The following ``update-inegst-configuration`` example updates an ingest configuration to attach it to a stage. :: + + aws ivs-realtime update-ingest-configuration \ + --arn arn:aws:ivs:us-west-2:123456789012:ingest-configuration/AbCdEfGh1234 \ + --stage-arn arn:aws:ivs:us-west-2:123456789012:stage/abcdABCDefgh + +Output:: + + { + "ingestConfiguration": { + "name": "ingest1", + "arn": "arn:aws:ivs:us-west-2:123456789012:ingest-configuration/AbCdEfGh1234", + "ingestProtocol": "RTMPS", + "streamKey": "rt_123456789012_us-west-2_AbCdEfGh1234_abcd1234efgh5678ijkl9012MNOP34", + "stageArn": "arn:aws:ivs:us-west-2:123456789012:stage/abcdABCDefgh", + "participantId": "xyZ654abC321", + "state": "INACTIVE", + "userId": "", + "tags": {} + } + } + +For more information, see `IVS Stream Ingest | Real-Time Streaming `__ in the *Amazon Interactive Video Service User Guide*. diff --git a/awscli/examples/ivs-realtime/update-stage.rst b/awscli/examples/ivs-realtime/update-stage.rst index 9ae116b18e91..8a566d6a9631 100644 --- a/awscli/examples/ivs-realtime/update-stage.rst +++ b/awscli/examples/ivs-realtime/update-stage.rst @@ -1,9 +1,10 @@ **To update a stage's configuration** -The following ``update-stage`` example updates a stage for a specified stage ARN to update the stage name. :: +The following ``update-stage`` example updates a stage for a specified stage ARN to update the stage name and configure individual participant recording. :: aws ivs-realtime update-stage \ --arn arn:aws:ivs:us-west-2:123456789012:stage/abcdABCDefgh \ + --auto-participant-recording-configuration '{"mediaTypes": ["AUDIO_VIDEO"],"storageConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:storage-configuration/abcdABCDefgh"}' \ --name stage1a Output:: @@ -11,8 +12,21 @@ Output:: { "stage": { "arn": "arn:aws:ivs:us-west-2:123456789012:stage/abcdABCDefgh", - "name": "stage1a" + "autoParticipantRecordingConfiguration": { + "mediaTypes": [ + "AUDIO_VIDEO" + ], + "storageConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:storage-configuration/abcdABCDefgh", + }, + "endpoints": { + "events": "wss://global.events.live-video.net", + "rtmp": "rtmp://9x0y8z7s6t5u.global-contribute-staging.live-video.net/app/", + "rtmps": "rtmps://9x0y8z7s6t5u.global-contribute-staging.live-video.net:443/app/", + "whip": "https://1a2b3c4d5e6f.global-bm.whip.live-video.net" + }, + "name": "stage1a", + "tags": {} } } -For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Enabling Multiple Hosts on an Amazon IVS Stream `__ in the *Amazon Interactive Video Service User Guide*. diff --git a/awscli/examples/ivs/batch-get-channel.rst b/awscli/examples/ivs/batch-get-channel.rst index 11c9efe0705b..9c97daf96c82 100644 --- a/awscli/examples/ivs/batch-get-channel.rst +++ b/awscli/examples/ivs/batch-get-channel.rst @@ -13,30 +13,52 @@ Output:: { "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", "authorized": false, + "containerFormat": "TS", "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", "insecureIngest": false, "latencyMode": "LOW", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, "name": "channel-1", "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel-1.abcdEFGH.m3u8", "preset": "", + "playbackRestrictionPolicyArn": "", "recordingConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2defGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, "tags": {}, "type": "STANDARD" }, { "arn": "arn:aws:ivs:us-west-2:123456789012:channel/efghEFGHijkl", "authorized": false, + "containerFormat": "FRAGMENTED_MP4", "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", - "insecureIngest": true, + "insecureIngest": false, "latencyMode": "LOW", + "multitrackInputConfiguration": { + "enabled": true, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, "name": "channel-2", "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel-2.abcdEFGH.m3u8", "preset": "", + "playbackRestrictionPolicyArn": "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ"", "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "BA1C2defGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, "tags": {}, "type": "STANDARD" } ] } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. diff --git a/awscli/examples/ivs/batch-get-stream-key.rst b/awscli/examples/ivs/batch-get-stream-key.rst index ce80a38e8b50..226e83c4cdd1 100644 --- a/awscli/examples/ivs/batch-get-stream-key.rst +++ b/awscli/examples/ivs/batch-get-stream-key.rst @@ -25,4 +25,4 @@ Output:: ] } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/create-channel.rst b/awscli/examples/ivs/create-channel.rst index 642ec923dc2e..1248f54a718b 100644 --- a/awscli/examples/ivs/create-channel.rst +++ b/awscli/examples/ivs/create-channel.rst @@ -3,7 +3,7 @@ The following ``create-channel`` example creates a new channel and an associated stream key to start streaming. :: aws ivs create-channel \ - --name "test-channel" \ + --name 'test-channel' \ --no-insecure-ingest Output:: @@ -12,9 +12,20 @@ Output:: "channel": { "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", "authorized": false, + "containerFormat": "TS", "name": "test-channel", "latencyMode": "LOW", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, + "playbackRestrictionPolicyArn": "", "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2defGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", "insecureIngest": false, "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", @@ -30,7 +41,7 @@ Output:: } } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. **Example 2: To create a channel with recording enabled, using the RecordingConfiguration resource specified by its ARN** @@ -39,17 +50,28 @@ The following ``create-channel`` example creates a new channel and an associated aws ivs create-channel \ --name test-channel-with-recording \ --insecure-ingest \ - --recording-configuration-arn "arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh" + --recording-configuration-arn 'arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh' Output:: { "channel": { "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", + "containerFormat": "TS", "name": "test-channel-with-recording", "latencyMode": "LOW", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, "type": "STANDARD", + "playbackRestrictionPolicyArn": "", "recordingConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "BA1C2defGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", "insecureIngest": true, "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", @@ -66,4 +88,98 @@ Output:: } } -For more information, see `Record to Amazon S3 `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Record to Amazon S3 `__ in the *IVS Low-Latency User Guide*. + +**Example 3: To create a channel with a playback restriction policy specified by its ARN** + +The following ``create-channel`` example creates a new channel and an associated stream key to start streaming, and sets up a playback restriction policy for the channel:: + + aws ivs create-channel \ + --name test-channel-with-playback-restriction-policy\ + --insecure-ingest \ + --playback-restriction-policy-arn 'arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ' + +Output:: + + { + "channel": { + "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", + "containerFormat": "TS", + "name": "test-channel-with-playback-restriction-policy", + "latencyMode": "LOW", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, + "type": "STANDARD", + "playbackRestrictionPolicyArn": "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ", + "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2edfGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, + "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", + "insecureIngest": true, + "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", + "preset": "", + "authorized": false, + "tags": {}, + "type": "STANDARD" + }, + "streamKey": { + "arn": "arn:aws:ivs:us-west-2:123456789012:stream-key/abcdABCDefgh", + "value": "sk_us-west-2_abcdABCDefgh_567890abcdef", + "channelArn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", + "tags": {} + } + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. + +**Example 4: To create a channel with multitrack enabled** + +The following ``create-channel`` example creates a new channel and an associated stream key to start streaming, and enables multitrack. :: + + aws ivs create-channel \ + --name 'test-channel' \ + --no-insecure-ingest \ + --container-format 'FRAGMENTED_MP4' \ + --multitrack-input-configuration '{"enabled": true,"maximumResolution": "FULL_HD","policy": "ALLOW"}' + +Output:: + + { + "channel": { + "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", + "authorized": false, + "containerFormat": "FRAGMENTED_MP4", + "name": "test-channel", + "latencyMode": "LOW", + "multitrackInputConfiguration": { + "enabled": true, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, + "playbackRestrictionPolicyArn": "", + "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2defGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, + "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", + "insecureIngest": false, + "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", + "preset": "", + "tags": {}, + "type": "STANDARD" + }, + "streamKey": { + "arn": "arn:aws:ivs:us-west-2:123456789012:stream-key/g1H2I3j4k5L6", + "value": "sk_us-west-2_abcdABCDefgh_567890abcdef", + "channelArn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", + "tags": {} + } + } + +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/create-playback-restriction-policy.rst b/awscli/examples/ivs/create-playback-restriction-policy.rst new file mode 100644 index 000000000000..7179e20d6a9b --- /dev/null +++ b/awscli/examples/ivs/create-playback-restriction-policy.rst @@ -0,0 +1,35 @@ +**To create a playback restriction policy** + +The following ``create-playback-restriction-policy`` example creates a new playback resriction policy. :: + + aws ivs create-playback-restriction-policy \ + --name "test-playback-restriction-policy" \ + --enable-strict-origin-enforcement \ + --tags "key1=value1, key2=value2" \ + --allowed-countries US MX \ + --allowed-origins https://www.website1.com https://www.website2.com + +Output:: + + { + "playbackRestrictionPolicy": { + "arn": "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ", + "allowedCountries": [ + "US", + "MX" + ], + "allowedOrigins": [ + "https://www.website1.com", + "https://www.website2.com" + ], + "enableStrictOriginEnforcement": true, + "name": "test-playback-restriction-policy", + "tags": { + "key1": "value1", + "key2": "value2" + } + } + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. + diff --git a/awscli/examples/ivs/create-stream-key.rst b/awscli/examples/ivs/create-stream-key.rst index aeb6edba160a..29bcb27c65fe 100644 --- a/awscli/examples/ivs/create-stream-key.rst +++ b/awscli/examples/ivs/create-stream-key.rst @@ -16,4 +16,4 @@ Output:: } } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/delete-channel.rst b/awscli/examples/ivs/delete-channel.rst index 7fdf27577dc9..e8cab7dffa01 100644 --- a/awscli/examples/ivs/delete-channel.rst +++ b/awscli/examples/ivs/delete-channel.rst @@ -3,8 +3,8 @@ The following ``delete-channel`` example deletes the channel with the specified ARN (Amazon Resource Name). :: aws ivs delete-channel \ - --arn arn:aws:ivs:us-west-2:123456789012:stream-key/abcdABCDefgh + --arn arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh This command produces no output. -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/delete-playback-restriction-policy.rst b/awscli/examples/ivs/delete-playback-restriction-policy.rst new file mode 100644 index 000000000000..89478972da72 --- /dev/null +++ b/awscli/examples/ivs/delete-playback-restriction-policy.rst @@ -0,0 +1,10 @@ +**To delete a playback restriction policy** + +The following ``delete-playback-restriction-policy`` example deletes the playback resriction policy with the specified policy ARN (Amazon Resource Name). :: + + aws ivs delete-playback-restriction-policy \ + --arn "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ" + +This command produces no output. + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. diff --git a/awscli/examples/ivs/delete-stream-key.rst b/awscli/examples/ivs/delete-stream-key.rst index 1070f280391e..657c11c8f9dd 100644 --- a/awscli/examples/ivs/delete-stream-key.rst +++ b/awscli/examples/ivs/delete-stream-key.rst @@ -1,10 +1,10 @@ **To delete a stream key** -The following ``delete-stream-key`` example deletes the stream key for a specified ARN (Amazon Resource Name), so it can no longer be used to stream. :: +The following ``delete-stream-key`` example deletes the stream key for a specified ARN (Amazon Resource Name), so it can no longer be used to stream. :: aws ivs delete-stream-key \ --arn arn:aws:ivs:us-west-2:123456789012:stream-key/g1H2I3j4k5L6 This command produces no output. -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/get-channel.rst b/awscli/examples/ivs/get-channel.rst index ea16710f904f..40e43b644555 100644 --- a/awscli/examples/ivs/get-channel.rst +++ b/awscli/examples/ivs/get-channel.rst @@ -3,23 +3,35 @@ The following ``get-channel`` example gets the channel configuration for a specified channel ARN (Amazon Resource Name). :: aws ivs get-channel \ - --arn arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh + --arn 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh' Output:: { "channel": { "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", - "name": "channel-1", - "latencyMode": "LOW", - "type": "STANDARD", - "preset": "", - "recordingConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh", + "authorized": false, + "containerFormat": "TS", "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", "insecureIngest": false, + "latencyMode": "LOW", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, + "name": "channel-1", + "playbackRestrictionPolicyArn": "", "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", + "preset": "", + "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2defGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, "tags": {} + "type": "STANDARD", } } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/get-playback-restriction-policy.rst b/awscli/examples/ivs/get-playback-restriction-policy.rst new file mode 100644 index 000000000000..30b01f1a1180 --- /dev/null +++ b/awscli/examples/ivs/get-playback-restriction-policy.rst @@ -0,0 +1,30 @@ +**To get a playback restriction policy's configuration information** + +The following ``get-playback-restriction-policy`` example gets the playback restriciton policy configuration with the specified policy ARN (Amazon Resource Name). :: + + aws ivs get-playback-restriction-policy \ + --arn "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ" + +Output:: + + { + "playbackRestrictionPolicy": { + "arn": "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ", + "allowedCountries": [ + "US", + "MX" + ], + "allowedOrigins": [ + "https://www.website1.com", + "https://www.website2.com" + ], + "enableStrictOriginEnforcement": true, + "name": "test-playback-restriction-policy", + "tags": { + "key1": "value1", + "key2": "value2" + } + } + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/get-stream-key.rst b/awscli/examples/ivs/get-stream-key.rst index b54ef9fe6297..1b0a851b6e49 100644 --- a/awscli/examples/ivs/get-stream-key.rst +++ b/awscli/examples/ivs/get-stream-key.rst @@ -3,8 +3,7 @@ The following ``get-stream-key`` example gets information about the specified stream key. :: aws ivs get-stream-key \ - --arn arn:aws:ivs:us-west-2:123456789012:stream-key/skSKABCDefgh \ - --region=us-west-2 + --arn arn:aws:ivs:us-west-2:123456789012:stream-key/skSKABCDefgh --region=us-west-2 Output:: @@ -17,4 +16,4 @@ Output:: } } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/get-stream-session.rst b/awscli/examples/ivs/get-stream-session.rst index f5b8a0a4cc08..fe270b5ec94a 100644 --- a/awscli/examples/ivs/get-stream-session.rst +++ b/awscli/examples/ivs/get-stream-session.rst @@ -1,10 +1,10 @@ **To get metadata for a specified stream** -The following ``get-stream-session`` example gets the metadata configuration for the specified channel ARN (Amazon Resource Name) and the specified stream; if streamId is not provided, the most recent stream for the channel is selected. :: +The following ``get-stream-session`` example gets the metadata configuration for the specified channel ARN (Amazon Resource Name) and the specified stream; if ``streamId`` is not provided, the most recent stream for the channel is selected. :: aws ivs get-stream-session \ - --channel-arn arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh \ - --stream-id "mystream" + --channel-arn 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh' \ + --stream-id 'mystream' Output:: @@ -25,23 +25,51 @@ Output:: "preset": "" }, "ingestConfiguration": { + "audio": { + "channels": 2, + "codec": "mp4a.40.2", + "sampleRate": 8000, + "targetBitrate": 46875, + "track": "Track0" + }, "video": { "avcProfile": "Baseline", "avcLevel": "4.2", "codec": "avc1.42C02A", "encoder": "Lavf58.45.100", + "level": "4.2", + "profile": "Baseline", "targetBitrate": 8789062, "targetFramerate": 60, + "track": "Track0", "videoHeight": 1080, "videoWidth": 1920 - }, - "audio": { - "codec": "mp4a.40.2", - "targetBitrate": 46875, - "sampleRate": 8000, - "channels": 2 } }, + "ingestConfigurations": { + "audioConfigurations": [ + { + "channels": 2, + "codec": "mp4a.40.2", + "sampleRate": 8000, + "targetBitrate": 46875, + "track": "Track0" + } + ], + "videoConfigurations": [ + { + "codec": "avc1.42C02A", + "encoder": "Lavf58.45.100", + "level": "4.2", + "profile": "Baseline", + "targetBitrate": 8789062, + "targetFramerate": 60, + "track": "Track0", + "videoHeight": 1080, + "videoWidth": 1920 + } + ] + }, "recordingConfiguration": { "arn": "arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABcdef34ghIJ", "name": "test-recording-config", @@ -72,6 +100,17 @@ Output:: } }, "truncatedEvents": [ + { + "code": "StreamTakeoverInvalidPriority", + "name": "Stream Takeover Failure", + "type": "IVS Stream State Change", + "eventTime": "2023-06-26T19:09:48+00:00" + }, + { + "name": "Stream Takeover", + "type": "IVS Stream State Change", + "eventTime": "2023-06-26T19:09:47+00:00" + }, { "name": "Recording Start", "type": "IVS Recording State Change", @@ -91,4 +130,4 @@ Output:: } } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. diff --git a/awscli/examples/ivs/get-stream.rst b/awscli/examples/ivs/get-stream.rst index c308683ded32..f5a294c8878e 100644 --- a/awscli/examples/ivs/get-stream.rst +++ b/awscli/examples/ivs/get-stream.rst @@ -19,4 +19,4 @@ Output:: } } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/list-channels.rst b/awscli/examples/ivs/list-channels.rst index c2712667b313..7d7eff4335ce 100644 --- a/awscli/examples/ivs/list-channels.rst +++ b/awscli/examples/ivs/list-channels.rst @@ -15,6 +15,7 @@ Output:: "authorized": false, "insecureIngest": false, "preset": "", + "playbackRestrictionPolicyArn": "", "recordingConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh", "tags": {}, "type": "STANDARD" @@ -25,6 +26,7 @@ Output:: "latencyMode": "LOW", "authorized": false, "preset": "", + "playbackRestrictionPolicyArn": "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ", "recordingConfigurationArn": "", "tags": {}, "type": "STANDARD" @@ -32,7 +34,7 @@ Output:: ] } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. **Example 2: To get summary information about all channels, filtered by the specified RecordingConfiguration ARN** @@ -52,6 +54,7 @@ Output:: "authorized": false, "insecureIngest": false, "preset": "", + "playbackRestrictionPolicyArn": "", "recordingConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh", "tags": {}, "type": "STANDARD" @@ -59,4 +62,31 @@ Output:: ] } -For more information, see `Record to Amazon S3 `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Record to Amazon S3 `__ in the *IVS Low-Latency User Guide*. + +**Example 3: To get summary information about all channels, filtered by the specified PlaybackRestrictionPolicy ARN** + +The following ``list-channels`` example lists all channels for your AWS account, that are associated with the specified PlaybackRestrictionPolicy ARN. :: + + aws ivs list-channels \ + --filter-by-playback-restriction-policy-arn "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ" + +Output:: + + { + "channels": [ + { + "arn": "arn:aws:ivs:us-west-2:123456789012:channel/efghEFGHijkl", + "name": "channel-2", + "latencyMode": "LOW", + "authorized": false, + "preset": "", + "playbackRestrictionPolicyArn": "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ", + "recordingConfigurationArn": "", + "tags": {}, + "type": "STANDARD" + } + ] + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/list-playback-restriction-policies.rst b/awscli/examples/ivs/list-playback-restriction-policies.rst new file mode 100644 index 000000000000..9fa1440ca6ea --- /dev/null +++ b/awscli/examples/ivs/list-playback-restriction-policies.rst @@ -0,0 +1,31 @@ +**To get summary information about all playback restriction policies** + +The following ``list-playback-restriction-policies`` example lists all playback restriction policies for your AWS account. :: + + aws ivs list-playback-restriction-policies + +Output:: + + { + "playbackRestrictionPolicies": [ + { + "arn": "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ", + "allowedCountries": [ + "US", + "MX" + ], + "allowedOrigins": [ + "https://www.website1.com", + "https://www.website2.com" + ], + "enableStrictOriginEnforcement": true, + "name": "test-playback-restriction-policy", + "tags": { + "key1": "value1", + "key2": "value2" + } + } + ] + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/list-stream-keys.rst b/awscli/examples/ivs/list-stream-keys.rst index cd43b8110786..e4faf17915aa 100644 --- a/awscli/examples/ivs/list-stream-keys.rst +++ b/awscli/examples/ivs/list-stream-keys.rst @@ -17,4 +17,4 @@ Output:: ] } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +FFor more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/list-stream-sessions.rst b/awscli/examples/ivs/list-stream-sessions.rst index e01a85a06ada..bce4444f7730 100644 --- a/awscli/examples/ivs/list-stream-sessions.rst +++ b/awscli/examples/ivs/list-stream-sessions.rst @@ -21,5 +21,5 @@ Output:: ... ] } - -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file + +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/list-streams.rst b/awscli/examples/ivs/list-streams.rst index 3629226a1a0e..927ac2177991 100644 --- a/awscli/examples/ivs/list-streams.rst +++ b/awscli/examples/ivs/list-streams.rst @@ -18,4 +18,4 @@ Output:: ] } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/put-metadata.rst b/awscli/examples/ivs/put-metadata.rst index fbdb36b7e39e..8d8232c0b09f 100644 --- a/awscli/examples/ivs/put-metadata.rst +++ b/awscli/examples/ivs/put-metadata.rst @@ -8,4 +8,4 @@ The following ``put-metadata`` example inserts the given metadata into the strea This command produces no output. -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/stop-stream.rst b/awscli/examples/ivs/stop-stream.rst index 4e56c52c6d68..e1838ed5ff39 100644 --- a/awscli/examples/ivs/stop-stream.rst +++ b/awscli/examples/ivs/stop-stream.rst @@ -7,4 +7,4 @@ The following ``stop-stream`` example stops the stream on the specified channel. This command produces no output. -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/update-channel.rst b/awscli/examples/ivs/update-channel.rst index 1f4eaf7d9707..e5fd733ef3e0 100644 --- a/awscli/examples/ivs/update-channel.rst +++ b/awscli/examples/ivs/update-channel.rst @@ -3,8 +3,8 @@ The following ``update-channel`` example updates the channel configuration for a specified channel ARN to change the channel name. This does not affect an ongoing stream of this channel; you must stop and restart the stream for the changes to take effect. :: aws ivs update-channel \ - --arn arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh \ - --name "channel-1" \ + --arn 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh' \ + --name 'channel-1' \ --insecure-ingest Output:: @@ -14,8 +14,19 @@ Output:: "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", "name": "channel-1", "latencyMode": "LOW", + "containerFormat": "TS", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, "type": "STANDARD", + "playbackRestrictionPolicyArn": "", "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2defGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", "insecureIngest": true, "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", @@ -24,16 +35,16 @@ Output:: "tags": {} } -For more information, see `Create a Channel `__ in the *Amazon Interactive Video Service User Guide*. +For more information, see `Create a Channel `__ in the *IVS Low-Latency User Guide*. **Example 2: To update a channel's configuration to enable recording** The following ``update-channel`` example updates the channel configuration for a specified channel ARN to enable recording. This does not affect an ongoing stream of this channel; you must stop and restart the stream for the changes to take effect. :: aws ivs update-channel \ - --arn "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh" \ + --arn 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh' \ --no-insecure-ingest \ - --recording-configuration-arn "arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh" + --recording-configuration-arn 'arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh' Output:: @@ -42,8 +53,19 @@ Output:: "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", "name": "test-channel-with-recording", "latencyMode": "LOW", + "containerFormat": "TS", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, "type": "STANDARD", + "playbackRestrictionPolicyArn": "", "recordingConfigurationArn": "arn:aws:ivs:us-west-2:123456789012:recording-configuration/ABCD12cdEFgh", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "BA1C2defGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", "insecureIngest": false, "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", @@ -53,15 +75,15 @@ Output:: } } -For more information, see `Record to Amazon S3 `__ in the *Amazon Interactive Video Service User Guide*. +For more information, see `Record to Amazon S3 `__ in the *IVS Low-Latency User Guide*. **Example 3: To update a channel's configuration to disable recording** The following ``update-channel`` example updates the channel configuration for a specified channel ARN to disable recording. This does not affect an ongoing stream of this channel; you must stop and restart the stream for the changes to take effect. :: aws ivs update-channel \ - --arn "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh" \ - --recording-configuration-arn "" + --arn 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh' \ + --recording-configuration-arn '' Output:: @@ -70,8 +92,19 @@ Output:: "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", "name": "test-channel-with-recording", "latencyMode": "LOW", + "containerFormat": "TS", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, "type": "STANDARD", + "playbackRestrictionPolicyArn": "", "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2edfGHijkLMNo3PqQRstUvwxyzaBCDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", "insecureIngest": false, "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", @@ -81,4 +114,163 @@ Output:: } } -For more information, see `Record to Amazon S3 `__ in the *Amazon Interactive Video Service User Guide*. \ No newline at end of file +For more information, see `Record to Amazon S3 `__ in the *IVS Low-Latency User Guide*. + +**Example 4: To update a channel's configuration to enable playback restriction** + +The following ``update-channel`` example updates the channel configuration for a specified channel ARN to apply a playback restriction policy. This does not affect an ongoing stream of this channel; you must stop and restart the stream for the changes to take effect. :: + + aws ivs update-channel \ + --arn 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh' \ + --no-insecure-ingest \ + --playback-restriction-policy-arn 'arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ' + +Output:: + + { + "channel": { + "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", + "name": "test-channel-with-playback-restriction-policy", + "latencyMode": "LOW", + "containerFormat": "TS", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, + "type": "STANDARD", + "playbackRestrictionPolicyArn": "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ", + "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2defGHijkLMNo3PqQRstUvwxyzaCBDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, + "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", + "insecureIngest": false, + "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", + "preset": "", + "authorized": false, + "tags": {} + } + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. + +**Example 5: To update a channel's configuration to disable playback restriction** + +The following ``update-channel`` example updates the channel configuration for a specified channel ARN to disable playback restriction. This does not affect an ongoing stream of this channel; you must stop and restart the stream for the changes to take effect. :: + + aws ivs update-channel \ + --arn 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh' \ + --playback-restriction-policy-arn '' + +Output:: + + { + "channel": { + "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", + "name": "test-channel-with-playback-restriction-policy", + "latencyMode": "LOW", + "containerFormat": "TS", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, + "type": "STANDARD", + "playbackRestrictionPolicyArn": "", + "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2defGHijkLMNo3PqQRstUvwxyzaBCDeFghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, + "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", + "insecureIngest": false, + "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", + "preset": "", + "authorized": false, + "tags": {} + } + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. + +**Example 6: To update a channel's configuration to enable multitrack** + +The following ``update-channel`` example updates the channel configuration for a specified channel ARN to enable multitrack. This does not affect an ongoing stream of this channel; you must stop and restart the stream for the changes to take effect. :: + + aws ivs update-channel \ + --arn 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh' \ + --container-format 'FRAGMENTED_MP4' \ + --multitrack-input-configuration '{"enabled": true,"maximumResolution": "FULL_HD","policy": "ALLOW"}' + +Output:: + + { + "channel": { + "arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", + "containerFormat": "FRAGMENTED_MP4", + "name": "test-channel-with-multitrack", + "latencyMode": "LOW", + "multitrackInputConfiguration": { + "enabled": true, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, + "type": "STANDARD", + "playbackRestrictionPolicyArn": "", + "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2defGHijkLMNo3PqQRstUvwxyzaCBDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, + "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", + "insecureIngest": false, + "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", + "preset": "", + "authorized": false, + "tags": {} + } + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. + +**Example 7: To update a channel's configuration to disable playback restriction** + +The following ``update-channel`` example updates the channel configuration for a specified channel ARN to disable multitrack. This does not affect an ongoing stream of this channel; you must stop and restart the stream for the changes to take effect. :: + + aws ivs update-channel \ + --arn 'arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh' \ + --container-format 'TS' \ + --multitrack-input-configuration '{"enabled": false}' + +Output:: + + { + "channel": { + ""arn": "arn:aws:ivs:us-west-2:123456789012:channel/abcdABCDefgh", + "containerFormat": "TS", + "name": "test-channel-with-multitrack", + "latencyMode": "LOW", + "multitrackInputConfiguration": { + "enabled": false, + "maximumResolution": "FULL_HD", + "policy": "ALLOW" + }, + "type": "STANDARD", + "playbackRestrictionPolicyArn": "", + "recordingConfigurationArn": "", + "srt": { + "endpoint": "a1b2c3d4e5f6.srt.live-video.net", + "passphrase": "AB1C2defGHijkLMNo3PqQRstUvwxyzaCBDEfghh4ijklMN5opqrStuVWxyzAbCDEfghIJ" + }, + "ingestEndpoint": "a1b2c3d4e5f6.global-contribute.live-video.net", + "insecureIngest": false, + "playbackUrl": "https://a1b2c3d4e5f6.us-west-2.playback.live-video.net/api/video/v1/us-west-2.123456789012.channel.abcdEFGH.m3u8", + "preset": "", + "authorized": false, + "tags": {} + } + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. \ No newline at end of file diff --git a/awscli/examples/ivs/update-playback-restriction-policy.rst b/awscli/examples/ivs/update-playback-restriction-policy.rst new file mode 100644 index 000000000000..34f440f5f7eb --- /dev/null +++ b/awscli/examples/ivs/update-playback-restriction-policy.rst @@ -0,0 +1,31 @@ +**To update a playback restriction policy** + +The following ``update-playback-restriction-policy`` example updates the playback restriction policy with the specified policy ARN to disable strict origin enforcement. This does not affect an ongoing stream of the associated channel; you must stop and restart the stream for the changes to take effect. :: + + aws ivs update-playback-restriction-policy \ + --arn "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ" \ + --no-enable-strict-origin-enforcement + +Output:: + + { + "playbackRestrictionPolicy": { + "arn": "arn:aws:ivs:us-west-2:123456789012:playback-restriction-policy/ABcdef34ghIJ", + "allowedCountries": [ + "US", + "MX" + ], + "allowedOrigins": [ + "https://www.website1.com", + "https://www.website2.com" + ], + "enableStrictOriginEnforcement": false, + "name": "test-playback-restriction-policy", + "tags": { + "key1": "value1", + "key2": "value2" + } + } + } + +For more information, see `Undesired Content and Viewers `__ in the *IVS Low-Latency User Guide*. diff --git a/awscli/examples/kendra/create-data-source.rst b/awscli/examples/kendra/create-data-source.rst new file mode 100644 index 000000000000..e1020f24d0a7 --- /dev/null +++ b/awscli/examples/kendra/create-data-source.rst @@ -0,0 +1,24 @@ +**To create an Amazon Kendra data source connector** + +The following ``create-data-source`` creates and configures an Amazon Kendra data source connector. You can use ``describe-data-source`` to view the status of a data source connector, and read any error messages if the status shows a data source connector "FAILED" to completely create. :: + + aws kendra create-data-source \ + --name "example data source 1" \ + --description "Example data source 1 for example index 1 contains the first set of example documents" \ + --tags '{"Key": "test resources", "Value": "kendra"}, {"Key": "test resources", "Value": "aws"}' \ + --role-arn "arn:aws:iam::my-account-id:role/KendraRoleForS3TemplateConfigDataSource" \ + --index-id exampleindex1 \ + --language-code "es" \ + --schedule "0 0 18 ? * TUE,MON,WED,THU,FRI,SAT *" \ + --configuration '{"TemplateConfiguration": {"Template": file://s3schemaconfig.json}}' \ + --type "TEMPLATE" \ + --custom-document-enrichment-configuration '{"PostExtractionHookConfiguration": {"LambdaArn": "arn:aws:iam::my-account-id:function/my-function-ocr-docs", "S3Bucket": "s3://amzn-s3-demo-bucket/scanned-image-text-example-docs"}, "RoleArn": "arn:aws:iam:my-account-id:role/KendraRoleForCDE"}' \ + --vpc-configuration '{"SecurityGroupIds": ["sg-1234567890abcdef0"], "SubnetIds": ["subnet-1c234","subnet-2b134"]}' + +Output:: + + { + "Id": "exampledatasource1" + } + +For more information, see `Getting started with an Amazon Kendra index and data source connector `__ in the *Amazon Kendra Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/kendra/create-index.rst b/awscli/examples/kendra/create-index.rst new file mode 100644 index 000000000000..422a9c39847c --- /dev/null +++ b/awscli/examples/kendra/create-index.rst @@ -0,0 +1,21 @@ +**To create an Amazon Kendra index** + +The following ``create-index`` creates and configures an Amazon Kendra index. You can use ``describe-index`` to view the status of an index, and read any error messages if the status shows an index "FAILED" to completely create. :: + + aws kendra create-index \ + --name "example index 1" \ + --description "Example index 1 contains the first set of example documents" \ + --tags '{"Key": "test resources", "Value": "kendra"}, {"Key": "test resources", "Value": "aws"}' \ + --role-arn "arn:aws:iam::my-account-id:role/KendraRoleForExampleIndex" \ + --edition "DEVELOPER_EDITION" \ + --server-side-encryption-configuration '{"KmsKeyId": "my-kms-key-id"}' \ + --user-context-policy "USER_TOKEN" \ + --user-token-configurations '{"JsonTokenTypeConfiguration": {"GroupAttributeField": "groupNameField", "UserNameAttributeField": "userNameField"}}' + +Output:: + + { + "Id": index1 + } + +For more information, see `Getting started with an Amazon Kendra index and data source connector `__ in the *Amazon Kendra Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/kendra/describe-data-source.rst b/awscli/examples/kendra/describe-data-source.rst new file mode 100644 index 000000000000..9494458e7ec7 --- /dev/null +++ b/awscli/examples/kendra/describe-data-source.rst @@ -0,0 +1,84 @@ +**To get information about an Amazon Kendra data source connector** + +The following ``describe-data-source`` gets information about an Amazon Kendra data soource connector. You can view the configuration of a data source connector, and read any error messages if the status shows a data source connector "FAILED" to completely create. :: + + aws kendra describe-data-source \ + --id exampledatasource1 \ + --index-id exampleindex1 + +Output:: + + { + "Configuration": { + "TemplateConfiguration": { + "Template": { + "connectionConfiguration": { + "repositoryEndpointMetadata": { + "BucketName": "amzn-s3-demo-bucket" + } + }, + "repositoryConfigurations": { + "document":{ + "fieldMappings": [ + { + "indexFieldName":"_document_title", + "indexFieldType":"STRING", + "dataSourceFieldName": "title" + }, + { + "indexFieldName":"_last_updated_at", + "indexFieldType":"DATE", + "dataSourceFieldName": "modified_date" + } + ] + } + }, + "additionalProperties": { + "inclusionPatterns": [ + "*.txt", + "*.doc", + "*.docx" + ], + "exclusionPatterns": [ + "*.json" + ], + "inclusionPrefixes": [ + "PublicExampleDocsFolder" + ], + "exclusionPrefixes": [ + "PrivateDocsFolder/private" + ], + "aclConfigurationFilePath": "ExampleDocsFolder/AclConfig.json", + "metadataFilesPrefix": "metadata" + }, + "syncMode": "FULL_CRAWL", + "type" : "S3", + "version": "1.0.0" + } + } + }, + "CreatedAt": 2024-02-25T13:30:10+00:00, + "CustomDocumentEnrichmentConfiguration": { + "PostExtractionHookConfiguration": { + "LambdaArn": "arn:aws:iam::my-account-id:function/my-function-ocr-docs", + "S3Bucket": "s3://amzn-s3-demo-bucket/scanned-image-text-example-docs/function" + }, + "RoleArn": "arn:aws:iam:my-account-id:role/KendraRoleForCDE" + } + "Description": "Example data source 1 for example index 1 contains the first set of example documents", + "Id": exampledatasource1, + "IndexId": exampleindex1, + "LanguageCode": "en", + "Name": "example data source 1", + "RoleArn": "arn:aws:iam::my-account-id:role/KendraRoleForS3TemplateConfigDataSource", + "Schedule": "0 0 18 ? * TUE,MON,WED,THU,FRI,SAT *", + "Status": "ACTIVE", + "Type": "TEMPLATE", + "UpdatedAt": 1709163615, + "VpcConfiguration": { + "SecurityGroupIds": ["sg-1234567890abcdef0"], + "SubnetIds": ["subnet-1c234","subnet-2b134"] + } + } + +For more information, see `Getting started with an Amazon Kendra index and data source connector `__ in the *Amazon Kendra Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/kendra/describe-index.rst b/awscli/examples/kendra/describe-index.rst new file mode 100644 index 000000000000..e2a659245fe6 --- /dev/null +++ b/awscli/examples/kendra/describe-index.rst @@ -0,0 +1,108 @@ +**To get information about an Amazon Kendra index** + +The following ``describe-index`` gets information about an Amazon Kendra index. You can view the configuration of an index, and read any error messages if the status shows an index "FAILED" to completely create. :: + + aws kendra describe-index \ + --id exampleindex1 + +Output:: + + { + "CapacityUnits": { + "QueryCapacityUnits": 0, + "StorageCapacityUnits": 0 + }, + "CreatedAt": 2024-02-25T12:30:10+00:00, + "Description": "Example index 1 contains the first set of example documents", + "DocumentMetadataConfigurations": [ + { + "Name": "_document_title", + "Relevance": { + "Importance": 8 + }, + "Search": { + "Displayable": true, + "Facetable": false, + "Searchable": true, + "Sortable": false + }, + "Type": "STRING_VALUE" + }, + { + "Name": "_document_body", + "Relevance": { + "Importance": 5 + }, + "Search": { + "Displayable": true, + "Facetable": false, + "Searchable": true, + "Sortable": false + }, + "Type": "STRING_VALUE" + }, + { + "Name": "_last_updated_at", + "Relevance": { + "Importance": 6, + "Duration": "2628000s", + "Freshness": true + }, + "Search": { + "Displayable": true, + "Facetable": false, + "Searchable": true, + "Sortable": true + }, + "Type": "DATE_VALUE" + }, + { + "Name": "department_custom_field", + "Relevance": { + "Importance": 7, + "ValueImportanceMap": { + "Human Resources" : 4, + "Marketing and Sales" : 2, + "Research and innvoation" : 3, + "Admin" : 1 + } + }, + "Search": { + "Displayable": true, + "Facetable": true, + "Searchable": true, + "Sortable": true + }, + "Type": "STRING_VALUE" + } + ], + "Edition": "DEVELOPER_EDITION", + "Id": "index1", + "IndexStatistics": { + "FaqStatistics": { + "IndexedQuestionAnswersCount": 10 + }, + "TextDocumentStatistics": { + "IndexedTextBytes": 1073741824, + "IndexedTextDocumentsCount": 1200 + } + }, + "Name": "example index 1", + "RoleArn": "arn:aws:iam::my-account-id:role/KendraRoleForExampleIndex", + "ServerSideEncryptionConfiguration": { + "KmsKeyId": "my-kms-key-id" + }, + "Status": "ACTIVE", + "UpdatedAt": 1709163615, + "UserContextPolicy": "USER_TOKEN", + "UserTokenConfigurations": [ + { + "JsonTokenTypeConfiguration": { + "GroupAttributeField": "groupNameField", + "UserNameAttributeField": "userNameField" + } + } + ] + } + +For more information, see `Getting started with an Amazon Kendra index and data source connector `__ in the *Amazon Kendra Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/kendra/update-data-source.rst b/awscli/examples/kendra/update-data-source.rst new file mode 100644 index 000000000000..68146e9d05a9 --- /dev/null +++ b/awscli/examples/kendra/update-data-source.rst @@ -0,0 +1,19 @@ +**To update an Amazon Kendra data source connector** + +The following ``update-data-source`` updates the configuration of an Amazon Kendra data source connector. If the action is successful, the service either sends back no output, the HTTP status code 200, or the AWS CLI return code 0. You can use ``describe-data-source`` to view the configuration and status of a data source connector. :: + + aws kendra update-data-source \ + --id exampledatasource1 \ + --index-id exampleindex1 \ + --name "new name for example data source 1" \ + --description "new description for example data source 1" \ + --role-arn arn:aws:iam::my-account-id:role/KendraNewRoleForExampleDataSource \ + --configuration '{"TemplateConfiguration": {"Template": file://s3schemanewconfig.json}}' \ + --custom-document-enrichment-configuration '{"PostExtractionHookConfiguration": {"LambdaArn": "arn:aws:iam::my-account-id:function/my-function-ocr-docs", "S3Bucket": "s3://amzn-s3-demo-bucket/scanned-image-text-example-docs"}, "RoleArn": "arn:aws:iam:my-account-id:role/KendraNewRoleForCDE"}' \ + --language-code "es" \ + --schedule "0 0 18 ? * MON,WED,FRI *" \ + --vpc-configuration '{"SecurityGroupIds": ["sg-1234567890abcdef0"], "SubnetIds": ["subnet-1c234","subnet-2b134"]}' + +This command produces no output. + +For more information, see `Getting started with an Amazon Kendra index and data source connector `__ in the *Amazon Kendra Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/kendra/update-index.rst b/awscli/examples/kendra/update-index.rst new file mode 100644 index 000000000000..c89b3ccac701 --- /dev/null +++ b/awscli/examples/kendra/update-index.rst @@ -0,0 +1,17 @@ +**To update an Amazon Kendra index** + +The following ``update-index`` updates the configuration of an Amazon Kendra index. If the action is successful, the service either sends back no output, the HTTP status code 200, or the AWS CLI return code 0. You can use ``describe-index`` to view the configuration and status of an index. :: + + aws kendra update-index \ + --id enterpriseindex1 \ + --name "new name for Enterprise Edition index 1" \ + --description "new description for Enterprise Edition index 1" \ + --role-arn arn:aws:iam::my-account-id:role/KendraNewRoleForEnterpriseIndex \ + --capacity-units '{"QueryCapacityUnits": 2, "StorageCapacityUnits": 1}' \ + --document-metadata-configuration-updates '{"Name": "_document_title", "Relevance": {"Importance": 6}}, {"Name": "_last_updated_at", "Relevance": {"Importance": 8}}' \ + --user-context-policy "USER_TOKEN" \ + --user-token-configurations '{"JsonTokenTypeConfiguration": {"GroupAttributeField": "groupNameField", "UserNameAttributeField": "userNameField"}}' + +This command produces no output. + +For more information, see `Getting started with an Amazon Kendra index and data source connector `__ in the *Amazon Kendra Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/kms/derive-shared-secret.rst b/awscli/examples/kms/derive-shared-secret.rst new file mode 100644 index 000000000000..80f9ccc660be --- /dev/null +++ b/awscli/examples/kms/derive-shared-secret.rst @@ -0,0 +1,21 @@ +**To derive a shared secret** + +The following ``derive-shared-secret`` example derives a shared secret using a key agreement algorithm. + +You must use an asymmetric NIST-recommended elliptic curve (ECC) or SM2 (China Regions only) KMS key pair with a ``KeyUsage`` value of ``KEY_AGREEMENT`` to call DeriveSharedSecret. :: + + aws kms derive-shared-secret \ + --key-id 1234abcd-12ab-34cd-56ef-1234567890ab \ + --key-agreement-algorithm ECDH \ + --public-key "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvH3Yj0wbkLEpUl95Cv1cJVjsVNSjwGq3tCLnzXfhVwVvmzGN8pYj3U8nKwgouaHbBWNJYjP5VutbbkKS4Kv4GojwZBJyHN17kmxo8yTjRmjR15SKIQ8cqRA2uaERMLnpztIXdZp232PQPbWGxDyXYJ0aJ5EFSag" + +Output:: + + { + "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab", + "SharedSecret": "MEYCIQCKZLWyTk5runarx6XiAkU9gv3lbwPO/pHa+DXFehzdDwIhANwpsIV2g/9SPWLLsF6p/hiSskuIXMTRwqrMdVKWTMHG", + "KeyAgreementAlgorithm": "ECDH", + "KeyOrigin": "AWS_KMS" + } + +For more information, see `DeriveSharedSecret `__ in the *AWS Key Management Service API Reference*. \ No newline at end of file diff --git a/awscli/examples/kms/enable-key-rotation.rst b/awscli/examples/kms/enable-key-rotation.rst index 4f77412b125a..2d391bfb8778 100644 --- a/awscli/examples/kms/enable-key-rotation.rst +++ b/awscli/examples/kms/enable-key-rotation.rst @@ -1,9 +1,15 @@ **To enable automatic rotation of a KMS key** -The following ``enable-key-rotation`` example enables automatic rotation of a customer managed KMS key. The KMS key will be rotated one year (approximate 365 days) from the date that this command completes and every year thereafter. :: +The following ``enable-key-rotation`` example enables automatic rotation of a customer managed KMS key with a rotation period of 180 days. The KMS key will be rotated one year (approximate 365 days) from the date that this command completes and every year thereafter. + +* The ``--key-id`` parameter identifies the KMS key. This example uses a key ARN value, but you can use either the key ID or the ARN of the KMS key. +* The ``--rotation-period-in-days`` parameter specifies the number of days between each rotation date. Specify a value between 90 and 2560 days. If no value is specified, the default value is 365 days. + +:: aws kms enable-key-rotation \ - --key-id arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab + --key-id arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab \ + --rotation-period-in-days 180 This command produces no output. To verify that the KMS key is enabled, use the ``get-key-rotation-status`` command. diff --git a/awscli/examples/kms/get-key-rotation-status.rst b/awscli/examples/kms/get-key-rotation-status.rst index e30903c366e7..c9e0cf6540d8 100644 --- a/awscli/examples/kms/get-key-rotation-status.rst +++ b/awscli/examples/kms/get-key-rotation-status.rst @@ -1,6 +1,6 @@ -**To determine whether a KMS key is automatically rotated.** +**To retrieve the rotation status for a KMS key.** -The following ``get-key-rotation-status`` example determines whether a KMS key is automatically rotated. You can use this command on customer managed KMS keys and AWS managed KMS keys. However, all AWS managed KMS keys are automatically rotated every year. :: +The following ``get-key-rotation-status`` example returns information about the rotation status of the specified KMS key, including whether automatic rotation is enabled, the rotation period, and the next scheduled rotation date. You can use this command on customer managed KMS keys and AWS managed KMS keys. However, all AWS managed KMS keys are automatically rotated every year. :: aws kms get-key-rotation-status \ --key-id 1234abcd-12ab-34cd-56ef-1234567890ab @@ -8,7 +8,10 @@ The following ``get-key-rotation-status`` example determines whether a KMS key i Output:: { - "KeyRotationEnabled": true + "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab", + "KeyRotationEnabled": true, + "NextRotationDate": "2024-02-14T18:14:33.587000+00:00", + "RotationPeriodInDays": 365 } For more information, see `Rotating keys `__ in the *AWS Key Management Service Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/kms/list-key-rotations.rst b/awscli/examples/kms/list-key-rotations.rst new file mode 100644 index 000000000000..403e2d218488 --- /dev/null +++ b/awscli/examples/kms/list-key-rotations.rst @@ -0,0 +1,26 @@ +**To retrieve information about all completed key material rotations** + +The following ``list-key-rotations`` example lists information about all completed key material rotations for the specified KMS key. :: + + aws kms list-key-rotations \ + --key-id 1234abcd-12ab-34cd-56ef-1234567890ab + +Output:: + + { + "Rotations": [ + { + "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab", + "RotationDate": "2024-03-02T10:11:36.564000+00:00", + "RotationType": "AUTOMATIC" + }, + { + "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab", + "RotationDate": "2024-04-05T15:14:47.757000+00:00", + "RotationType": "ON_DEMAND" + } + ], + "Truncated": false + } + +For more information, see `Rotating keys `__ in the *AWS Key Management Service Developer Guide*. diff --git a/awscli/examples/kms/put-key-policy.rst b/awscli/examples/kms/put-key-policy.rst index 5f6fae879196..2964b95dc941 100755 --- a/awscli/examples/kms/put-key-policy.rst +++ b/awscli/examples/kms/put-key-policy.rst @@ -4,7 +4,7 @@ The following ``put-key-policy`` example changes the key policy for a customer m To begin, create a key policy and save it in a local JSON file. In this example, the file is ``key_policy.json``. You can also specify the key policy as a string value of the ``policy`` parameter. -The first statement in this key policy gives the AWS account permission to use IAM policies to control access to the KMS key. The second statement gives the ``test-user`` user permission to run the ``describe-key`` and ``list-keys`` commands on the KMS key. +The first statement in this key policy gives the AWS account permission to use IAM policies to control access to the KMS key. The second statement gives the ``test-user`` user permission to run the ``describe-key`` and ``list-keys`` commands on the KMS key. Contents of ``key_policy.json``:: @@ -36,7 +36,7 @@ Contents of ``key_policy.json``:: ] } -To identify the KMS key, this example uses the key ID, but you can also usa key ARN. To specify the key policy, the command uses the ``policy`` parameter. To indicate that the policy is in a file, it uses the required ``file://`` prefix. This prefix is required to identify files on all supported operating systems. Finally, the command uses the ``policy-name`` parameter with a value of ``default``. This parameter is required, even though ``default`` is the only valid value. :: +To identify the KMS key, this example uses the key ID, but you can also use a key ARN. To specify the key policy, the command uses the ``policy`` parameter. To indicate that the policy is in a file, it uses the required ``file://`` prefix. This prefix is required to identify files on all supported operating systems. Finally, the command uses the ``policy-name`` parameter with a value of ``default``. If no policy name is specified, the default value is ``default``. The only valid value is ``default``. :: aws kms put-key-policy \ --policy-name default \ @@ -77,4 +77,4 @@ Output:: ] } -For more information, see `Changing a Key Policy `__ in the *AWS Key Management Service Developer Guide*. +For more information, see `Changing a Key Policy `__ in the *AWS Key Management Service Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/kms/rotate-key-on-demand.rst b/awscli/examples/kms/rotate-key-on-demand.rst new file mode 100644 index 000000000000..6d1eb7375106 --- /dev/null +++ b/awscli/examples/kms/rotate-key-on-demand.rst @@ -0,0 +1,14 @@ +**To perform on-demand rotation of a KMS key** + +The following ``rotate-key-on-demand`` example immediately initiates rotation of the key material for the specified KMS key. :: + + aws kms rotate-key-on-demand \ + --key-id 1234abcd-12ab-34cd-56ef-1234567890ab + +Output:: + + { + "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab" + } + +For more information, see `How to perform on-demand key rotation `__ in the *AWS Key Management Service Developer Guide*. diff --git a/awscli/examples/lambda/create-function.rst b/awscli/examples/lambda/create-function.rst index eda3aca47dce..40fe331b8775 100755 --- a/awscli/examples/lambda/create-function.rst +++ b/awscli/examples/lambda/create-function.rst @@ -4,13 +4,14 @@ The following ``create-function`` example creates a Lambda function named ``my-f aws lambda create-function \ --function-name my-function \ - --runtime nodejs14.x \ + --runtime nodejs18.x \ --zip-file fileb://my-function.zip \ --handler my-function.handler \ --role arn:aws:iam::123456789012:role/service-role/MyTestFunction-role-tges6bf4 -Contents of ``my-function.zip``: -This file is a deployment package that contains your function code and any dependencies. +Contents of ``my-function.zip``:: + + This file is a deployment package that contains your function code and any dependencies. Output:: @@ -27,9 +28,9 @@ Output:: "Version": "$LATEST", "Role": "arn:aws:iam::123456789012:role/service-role/MyTestFunction-role-zgur6bf4", "Timeout": 3, - "LastModified": "2019-08-14T22:26:11.234+0000", + "LastModified": "2023-10-14T22:26:11.234+0000", "Handler": "my-function.handler", - "Runtime": "nodejs14.x", + "Runtime": "nodejs18.x", "Description": "" } diff --git a/awscli/examples/lambda/get-layer-version-by-arn.rst b/awscli/examples/lambda/get-layer-version-by-arn.rst index 643f3ec7d4a5..3d589e820d9b 100755 --- a/awscli/examples/lambda/get-layer-version-by-arn.rst +++ b/awscli/examples/lambda/get-layer-version-by-arn.rst @@ -3,15 +3,15 @@ The following ``get-layer-version-by-arn`` example displays information about the layer version with the specified Amazon Resource Name (ARN). :: aws lambda get-layer-version-by-arn \ - --arn "arn:aws:lambda:us-west-2:123456789012:layer:AWSLambda-Python37-SciPy1x:2" + --arn "arn:aws:lambda:us-west-2:123456789012:layer:AWSLambda-Python311-SciPy1x:2" Output:: { - "LayerVersionArn": "arn:aws:lambda:us-west-2:123456789012:layer:AWSLambda-Python37-SciPy1x:2", - "Description": "AWS Lambda SciPy layer for Python 3.7 (scipy-1.1.0, numpy-1.15.4) https://github.com/scipy/scipy/releases/tag/v1.1.0 https://github.com/numpy/numpy/releases/tag/v1.15.4", - "CreatedDate": "2018-11-12T10:09:38.398+0000", - "LayerArn": "arn:aws:lambda:us-west-2:123456789012:layer:AWSLambda-Python37-SciPy1x", + "LayerVersionArn": "arn:aws:lambda:us-west-2:123456789012:layer:AWSLambda-Python311-SciPy1x:2", + "Description": "AWS Lambda SciPy layer for Python 3.11 (scipy-1.1.0, numpy-1.15.4) https://github.com/scipy/scipy/releases/tag/v1.1.0 https://github.com/numpy/numpy/releases/tag/v1.15.4", + "CreatedDate": "2023-10-12T10:09:38.398+0000", + "LayerArn": "arn:aws:lambda:us-west-2:123456789012:layer:AWSLambda-Python311-SciPy1x", "Content": { "CodeSize": 41784542, "CodeSha256": "GGmv8ocUw4cly0T8HL0Vx/f5V4RmSCGNjDIslY4VskM=", @@ -19,9 +19,9 @@ Output:: }, "Version": 2, "CompatibleRuntimes": [ - "python3.7" + "python3.11" ], "LicenseInfo": "SciPy: https://github.com/scipy/scipy/blob/main/LICENSE.txt, NumPy: https://github.com/numpy/numpy/blob/main/LICENSE.txt" } -For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. +For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/lambda/get-layer-version.rst b/awscli/examples/lambda/get-layer-version.rst index ac2bb5a27e24..690f9e26ca0e 100755 --- a/awscli/examples/lambda/get-layer-version.rst +++ b/awscli/examples/lambda/get-layer-version.rst @@ -21,9 +21,9 @@ Output:: "Version": 1, "LicenseInfo": "MIT", "CompatibleRuntimes": [ - "python3.6", - "python3.7" + "python3.10", + "python3.11" ] } -For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. +For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/lambda/list-functions.rst b/awscli/examples/lambda/list-functions.rst index 83576e9a35ff..7cf2d23e10cc 100755 --- a/awscli/examples/lambda/list-functions.rst +++ b/awscli/examples/lambda/list-functions.rst @@ -22,8 +22,8 @@ Output:: "Handler": "helloworld.handler", "Role": "arn:aws:iam::123456789012:role/service-role/MyTestFunction-role-zgur6bf4", "Timeout": 3, - "LastModified": "2019-09-23T18:32:33.857+0000", - "Runtime": "nodejs10.x", + "LastModified": "2023-09-23T18:32:33.857+0000", + "Runtime": "nodejs18.x", "Description": "" }, { @@ -45,8 +45,8 @@ Output:: "Handler": "index.handler", "Role": "arn:aws:iam::123456789012:role/service-role/helloWorldPython-role-uy3l9qyq", "Timeout": 3, - "LastModified": "2019-10-01T16:47:28.490+0000", - "Runtime": "nodejs10.x", + "LastModified": "2023-10-01T16:47:28.490+0000", + "Runtime": "nodejs18.x", "Description": "" }, { @@ -78,11 +78,11 @@ Output:: "Handler": "lambda_function.lambda_handler", "Role": "arn:aws:iam::123456789012:role/service-role/my-python-function-role-z5g7dr6n", "Timeout": 3, - "LastModified": "2019-10-01T19:40:41.643+0000", - "Runtime": "python3.7", + "LastModified": "2023-10-01T19:40:41.643+0000", + "Runtime": "python3.11", "Description": "" } ] } -For more information, see `AWS Lambda Function Configuration `__ in the *AWS Lambda Developer Guide*. +For more information, see `AWS Lambda Function Configuration `__ in the *AWS Lambda Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/lambda/list-layer-versions.rst b/awscli/examples/lambda/list-layer-versions.rst index a78bf4b98261..1511430d125f 100755 --- a/awscli/examples/lambda/list-layer-versions.rst +++ b/awscli/examples/lambda/list-layer-versions.rst @@ -10,18 +10,16 @@ Output:: { "Layers": [ { - "LayerVersionArn": "arn:aws:lambda:us-east-2:123456789012:layer:my-layer:2", "Version": 2, "Description": "My layer", - "CreatedDate": "2018-11-15T00:37:46.592+0000", + "CreatedDate": "2023-11-15T00:37:46.592+0000", "CompatibleRuntimes": [ - "python3.6", - "python3.7" + "python3.10", + "python3.11" ] - } ] } -For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. +For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/lambda/list-layers.rst b/awscli/examples/lambda/list-layers.rst index d633f50e4beb..b57fcb7c2003 100755 --- a/awscli/examples/lambda/list-layers.rst +++ b/awscli/examples/lambda/list-layers.rst @@ -1,9 +1,9 @@ **To list the layers that are compatible with your function's runtime** -The following ``list-layers`` example displays information about layers that are compatible with the Python 3.7 runtime. :: +The following ``list-layers`` example displays information about layers that are compatible with the Python 3.11 runtime. :: aws lambda list-layers \ - --compatible-runtime python3.7 + --compatible-runtime python3.11 Output:: @@ -16,15 +16,14 @@ Output:: "LayerVersionArn": "arn:aws:lambda:us-east-2:123456789012:layer:my-layer:2", "Version": 2, "Description": "My layer", - "CreatedDate": "2018-11-15T00:37:46.592+0000", + "CreatedDate": "2023-11-15T00:37:46.592+0000", "CompatibleRuntimes": [ - "python3.6", - "python3.7" + "python3.10", + "python3.11" ] } } ] } - -For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. +For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/lambda/publish-layer-version.rst b/awscli/examples/lambda/publish-layer-version.rst index 00e4efbf8b5d..daf955176ef4 100755 --- a/awscli/examples/lambda/publish-layer-version.rst +++ b/awscli/examples/lambda/publish-layer-version.rst @@ -7,7 +7,7 @@ The following ``publish-layer-version`` example creates a new Python library lay --description "My Python layer" \ --license-info "MIT" \ --content S3Bucket=lambda-layers-us-west-2-123456789012,S3Key=layer.zip \ - --compatible-runtimes python3.6 python3.7 + --compatible-runtimes python3.10 python3.11 Output:: @@ -20,13 +20,13 @@ Output:: "LayerArn": "arn:aws:lambda:us-west-2:123456789012:layer:my-layer", "LayerVersionArn": "arn:aws:lambda:us-west-2:123456789012:layer:my-layer:1", "Description": "My Python layer", - "CreatedDate": "2018-11-14T23:03:52.894+0000", + "CreatedDate": "2023-11-14T23:03:52.894+0000", "Version": 1, "LicenseInfo": "MIT", "CompatibleRuntimes": [ - "python3.6", - "python3.7" + "python3.10", + "python3.11" ] } -For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. +For more information, see `AWS Lambda Layers `__ in the *AWS Lambda Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/lightsail/create-instances-from-snapshot.rst b/awscli/examples/lightsail/create-instances-from-snapshot.rst index 34e4d2200901..a432a1d82a42 100644 --- a/awscli/examples/lightsail/create-instances-from-snapshot.rst +++ b/awscli/examples/lightsail/create-instances-from-snapshot.rst @@ -1,6 +1,6 @@ **To create an instance from a snapshot** -The following ``create-instances-from-snapshot`` example creates an instance from the specified instance snapshot, in the specified AWS Region and Availability Zone, using the $10 USD bundle. +The following ``create-instances-from-snapshot`` example creates an instance from the specified instance snapshot, in the specified AWS Region and Availability Zone, using the $12 USD bundle. **Note:** The bundle that you specify must be equal to or greater in specifications than the bundle of the original source instance used to create the snapshot. :: @@ -8,7 +8,7 @@ The following ``create-instances-from-snapshot`` example creates an instance fro --instance-snapshot-name WordPress-1-1569866208 \ --instance-names WordPress-2 \ --availability-zone us-west-2a \ - --bundle-id medium_2_0 + --bundle-id small_3_0 Output:: @@ -29,4 +29,4 @@ Output:: "statusChangedAt": 1569865914.908 } ] - } + } \ No newline at end of file diff --git a/awscli/examples/lightsail/create-instances.rst b/awscli/examples/lightsail/create-instances.rst index 7850fd1a80d9..bcf2d49cf844 100644 --- a/awscli/examples/lightsail/create-instances.rst +++ b/awscli/examples/lightsail/create-instances.rst @@ -1,12 +1,12 @@ **Example 1: To create a single instance** -The following ``create-instances`` example creates an instance in the specified AWS Region and Availability Zone, using the WordPress blueprint, and the $3.50 USD bundle. :: +The following ``create-instances`` example creates an instance in the specified AWS Region and Availability Zone, using the WordPress blueprint, and the $5.00 USD bundle. :: aws lightsail create-instances \ --instance-names Instance-1 \ --availability-zone us-west-2a \ - --blueprint-id wordpress_5_1_1_2 \ - --bundle-id nano_2_0 + --blueprint-id wordpress \ + --bundle-id nano_3_0 Output:: @@ -31,13 +31,13 @@ Output:: **Example 2: To create multiple instances at one time** -The following ``create-instances`` example creates three instances in the specified AWS Region and Availability Zone, using the WordPress blueprint, and the $3.50 USD bundle. :: +The following ``create-instances`` example creates three instances in the specified AWS Region and Availability Zone, using the WordPress blueprint, and the $5.00 USD bundle. :: aws lightsail create-instances \ --instance-names {"Instance1","Instance2","Instance3"} \ --availability-zone us-west-2a \ - --blueprint-id wordpress_5_1_1_2 \ - --bundle-id nano_2_0 + --blueprint-id wordpress \ + --bundle-id nano_3_0 Output:: @@ -86,4 +86,4 @@ Output:: "statusChangedAt": 1569448780.054 } ] - } + } \ No newline at end of file diff --git a/awscli/examples/lightsail/get-blueprints.rst b/awscli/examples/lightsail/get-blueprints.rst index 61859a95cacc..04c6d84cf074 100644 --- a/awscli/examples/lightsail/get-blueprints.rst +++ b/awscli/examples/lightsail/get-blueprints.rst @@ -16,24 +16,24 @@ Output:: "description": "Bitnami, the leaders in application packaging, and Automattic, the experts behind WordPress, have teamed up to offer this official WordPress image. This image is a pre-configured, ready-to-run image for running WordPress on Amazon Lightsail. WordPress is the world's most popular content management platform. Whether it's for an enterprise or small business website, or a personal or corporate blog, content authors can easily create content using its new Gutenberg editor, and developers can extend the base platform with additional features. Popular plugins like Jetpack, Akismet, All in One SEO Pack, WP Mail, Google Analytics for WordPress, and Amazon Polly are all pre-installed in this image. Let's Encrypt SSL certificates are supported through an auto-configuration script.", "isActive": true, "minPower": 0, - "version": "5.2.2-3", + "version": "6.5.3-0", "versionCode": "1", "productUrl": "https://aws.amazon.com/marketplace/pp/B00NN8Y43U", - "licenseUrl": "https://d7umqicpi7263.cloudfront.net/eula/product/7d426cb7-9522-4dd7-a56b-55dd8cc1c8d0/588fd495-6492-4610-b3e8-d15ce864454c.txt", + "licenseUrl": "https://aws.amazon.com/marketplace/pp/B00NN8Y43U#pdp-usage", "platform": "LINUX_UNIX" }, { - "blueprintId": "lamp_7_1_28", - "name": "LAMP (PHP 7)", - "group": "lamp_7", + "blueprintId": "lamp_8_bitnami", + "name": "LAMP (PHP 8)", + "group": "lamp_8", "type": "app", - "description": "LAMP with PHP 7.x certified by Bitnami greatly simplifies the development and deployment of PHP applications. It includes the latest versions of PHP 7.x, Apache and MySQL together with phpMyAdmin and popular PHP frameworks Zend, Symfony, CodeIgniter, CakePHP, Smarty, and Laravel. Other pre-configured components and PHP modules include FastCGI, ModSecurity, SQLite, Varnish, ImageMagick, xDebug, Xcache, OpenLDAP, Memcache, OAuth, PEAR, PECL, APC, GD and cURL. It is secure by default and supports multiple applications, each with its own virtual host and project directory. Let's Encrypt SSL certificates are supported through an auto-configuration script.", + "description": "LAMP with PHP 8.X packaged by Bitnami enables you to quickly start building your websites and applications by providing a coding framework. As a developer, it provides standalone project directories to store your applications. This blueprint is configured for production environments. It includes SSL auto-configuration with Let's Encrypt certificates, and the latest releases of PHP, Apache, and MariaDB on Linux. This application also includes phpMyAdmin, PHP main modules and Composer.", "isActive": true, "minPower": 0, - "version": "7.1.28", + "version": "8.2.18-4", "versionCode": "1", - "productUrl": "https://aws.amazon.com/marketplace/pp/B072JNJZ5C", - "licenseUrl": "https://d7umqicpi7263.cloudfront.net/eula/product/cb6afd05-a3b2-4916-a3e6-bccd414f5f21/12ab56cc-6a8c-4977-9611-dcd770824aad.txt", + "productUrl": "https://aws.amazon.com/marketplace/pp/prodview-6g3gzfcih6dvu", + "licenseUrl": "https://aws.amazon.com/marketplace/pp/prodview-6g3gzfcih6dvu#pdp-usage", "platform": "LINUX_UNIX" }, { @@ -41,16 +41,16 @@ Output:: "name": "Node.js", "group": "node", "type": "app", - "description": "Node.js certified by Bitnami is a pre-configured, ready to run image for Node.js on Amazon EC2. It includes the latest version of Node.js, Apache, Python and Redis. The image supports multiple Node.js applications, each with its own virtual host and project directory. It is configured for production use and is secure by default, as all ports except HTTP, HTTPS and SSH ports are closed. Let's Encrypt SSL certificates are supported through an auto-configuration script. Developers benefit from instant access to a secure, update and consistent Node.js environment without having to manually install and configure multiple components and libraries.", + "description": "Node.js packaged by Bitnami is a pre-configured, ready to run image for Node.js on Amazon EC2. It includes the latest version of Node.js, Apache, Python and Redis. The image supports multiple Node.js applications, each with its own virtual host and project directory. It is configured for production use and is secure by default, as all ports except HTTP, HTTPS and SSH ports are closed. Let's Encrypt SSL certificates are supported through an auto-configuration script. Developers benefit from instant access to a secure, update and consistent Node.js environment without having to manually install and configure multiple components and libraries.", "isActive": true, "minPower": 0, - "version": "12.7.0", + "version": "18.20.2-0", "versionCode": "1", "productUrl": "https://aws.amazon.com/marketplace/pp/B00NNZUAKO", - "licenseUrl": "https://d7umqicpi7263.cloudfront.net/eula/product/033793fe-951d-47d0-aa94-5fbd0afb3582/25f8fa66-c868-4d80-adf8-4a2b602064ae.txt", + "licenseUrl": "https://aws.amazon.com/marketplace/pp/B00NNZUAKO#pdp-usage", "platform": "LINUX_UNIX" }, ... } ] - } + } \ No newline at end of file diff --git a/awscli/examples/lightsail/get-bundles.rst b/awscli/examples/lightsail/get-bundles.rst index 1624015cb2ef..b2c95da027e5 100644 --- a/awscli/examples/lightsail/get-bundles.rst +++ b/awscli/examples/lightsail/get-bundles.rst @@ -9,14 +9,14 @@ Output:: { "bundles": [ { - "price": 3.5, - "cpuCount": 1, + "price": 5.0, + "cpuCount": 2, "diskSizeInGb": 20, - "bundleId": "nano_2_0", + "bundleId": "nano_3_0", "instanceType": "nano", "isActive": true, "name": "Nano", - "power": 300, + "power": 298, "ramSizeInGb": 0.5, "transferPerMonthInGb": 1024, "supportedPlatforms": [ @@ -24,10 +24,10 @@ Output:: ] }, { - "price": 5.0, - "cpuCount": 1, + "price": 7.0, + "cpuCount": 2, "diskSizeInGb": 40, - "bundleId": "micro_2_0", + "bundleId": "micro_3_0", "instanceType": "micro", "isActive": true, "name": "Micro", @@ -39,10 +39,10 @@ Output:: ] }, { - "price": 10.0, - "cpuCount": 1, + "price": 12.0, + "cpuCount": 2, "diskSizeInGb": 60, - "bundleId": "small_2_0", + "bundleId": "small_3_0", "instanceType": "small", "isActive": true, "name": "Small", @@ -56,4 +56,4 @@ Output:: ... } ] - } + } \ No newline at end of file diff --git a/awscli/examples/lightsail/get-instance-snapshot.rst b/awscli/examples/lightsail/get-instance-snapshot.rst index b776fb4a842a..e5358fff1f49 100644 --- a/awscli/examples/lightsail/get-instance-snapshot.rst +++ b/awscli/examples/lightsail/get-instance-snapshot.rst @@ -23,9 +23,9 @@ Output:: "fromAttachedDisks": [], "fromInstanceName": "MEAN-1", "fromInstanceArn": "arn:aws:lightsail:us-west-2:111122223333:Instance/bd470fc5-a68b-44c5-8dbc-8EXAMPLEbada", - "fromBlueprintId": "mean_4_0_9", - "fromBundleId": "medium_2_0", + "fromBlueprintId": "mean", + "fromBundleId": "medium_3_0", "isFromAutoSnapshot": false, "sizeInGb": 80 } - } + } \ No newline at end of file diff --git a/awscli/examples/lightsail/get-instance-snapshots.rst b/awscli/examples/lightsail/get-instance-snapshots.rst index 6f9a5a414b6b..0d6662cbe9c4 100644 --- a/awscli/examples/lightsail/get-instance-snapshots.rst +++ b/awscli/examples/lightsail/get-instance-snapshots.rst @@ -27,8 +27,8 @@ Output:: "fromAttachedDisks": [], "fromInstanceName": "MEAN-1", "fromInstanceArn": "arn:aws:lightsail:us-west-2:111122223333:Instance/1761aa0a-6038-4f25-8b94-2EXAMPLE19fd", - "fromBlueprintId": "wordpress_5_1_1_2", - "fromBundleId": "micro_2_0", + "fromBlueprintId": "wordpress", + "fromBundleId": "micro_3_0", "isFromAutoSnapshot": false, "sizeInGb": 40 }, @@ -47,10 +47,10 @@ Output:: "fromAttachedDisks": [], "fromInstanceName": "MEAN-1", "fromInstanceArn": "arn:aws:lightsail:us-west-2:111122223333:Instance/bd470fc5-a68b-44c5-8dbc-8EXAMPLEbada", - "fromBlueprintId": "mean_4_0_9", - "fromBundleId": "medium_2_0", + "fromBlueprintId": "mean", + "fromBundleId": "medium_3_0", "isFromAutoSnapshot": false, "sizeInGb": 80 } ] - } + } \ No newline at end of file diff --git a/awscli/examples/lightsail/get-instance.rst b/awscli/examples/lightsail/get-instance.rst index 3d66d785d0c4..a41a757a988a 100644 --- a/awscli/examples/lightsail/get-instance.rst +++ b/awscli/examples/lightsail/get-instance.rst @@ -19,9 +19,9 @@ Output:: }, "resourceType": "Instance", "tags": [], - "blueprintId": "mean_4_0_9", + "blueprintId": "mean", "blueprintName": "MEAN", - "bundleId": "medium_2_0", + "bundleId": "medium_3_0", "isStaticIp": false, "privateIpAddress": "192.0.2.0", "publicIpAddress": "192.0.2.0", @@ -33,7 +33,7 @@ Output:: "sizeInGb": 80, "isSystemDisk": true, "iops": 240, - "path": "/dev/sda1", + "path": "/dev/xvda", "attachedTo": "MEAN-1", "attachmentState": "attached" } @@ -81,4 +81,4 @@ Output:: "username": "bitnami", "sshKeyName": "MyKey" } - } + } \ No newline at end of file diff --git a/awscli/examples/lightsail/get-instances.rst b/awscli/examples/lightsail/get-instances.rst index 10bb9221105a..049e4af65e80 100644 --- a/awscli/examples/lightsail/get-instances.rst +++ b/awscli/examples/lightsail/get-instances.rst @@ -9,7 +9,7 @@ Output:: { "instances": [ { - "name": "Windows_Server_2016-1", + "name": "Windows_Server_2022-1", "arn": "arn:aws:lightsail:us-west-2:111122223333:Instance/0f44fbb9-8f55-4e47-a25e-EXAMPLE04763", "supportCode": "62EXAMPLE362/i-0bEXAMPLE71a686b9", "createdAt": 1571332358.665, @@ -19,9 +19,9 @@ Output:: }, "resourceType": "Instance", "tags": [], - "blueprintId": "windows_server_2016", - "blueprintName": "Windows Server 2016", - "bundleId": "small_win_2_0", + "blueprintId": "windows_server_2022", + "blueprintName": "Windows Server 2022", + "bundleId": "large_win_3_0", "isStaticIp": false, "privateIpAddress": "192.0.2.0", "publicIpAddress": "192.0.2.0", @@ -30,11 +30,11 @@ Output:: "disks": [ { "createdAt": 1571332358.665, - "sizeInGb": 60, + "sizeInGb": 160, "isSystemDisk": true, "iops": 180, "path": "/dev/sda1", - "attachedTo": "Windows_Server_2016-1", + "attachedTo": "Windows_Server_2022-1", "attachmentState": "attached" }, { @@ -53,12 +53,12 @@ Output:: "iops": 384, "path": "/dev/xvdf", "state": "in-use", - "attachedTo": "Windows_Server_2016-1", + "attachedTo": "Windows_Server_2022-1", "isAttached": true, "attachmentState": "attached" } ], - "ramSizeInGb": 2.0 + "ramSizeInGb": 8.0 }, "networking": { "monthlyTransfer": { @@ -112,9 +112,9 @@ Output:: }, "resourceType": "Instance", "tags": [], - "blueprintId": "mean_4_0_9", + "blueprintId": "mean", "blueprintName": "MEAN", - "bundleId": "medium_2_0", + "bundleId": "medium_3_0", "isStaticIp": false, "privateIpAddress": "192.0.2.0", "publicIpAddress": "192.0.2.0", @@ -138,7 +138,7 @@ Output:: ], "sizeInGb": 8, "isSystemDisk": false, - "iops": 100, + "iops": 240, "path": "/dev/xvdf", "state": "in-use", "attachedTo": "MEAN-1", @@ -199,4 +199,4 @@ Output:: "sshKeyName": "MyTestKey" } ] - } + } \ No newline at end of file diff --git a/awscli/examples/macie2/describe-buckets.rst b/awscli/examples/macie2/describe-buckets.rst index 29e08c9c6d02..171d524d3f3f 100644 --- a/awscli/examples/macie2/describe-buckets.rst +++ b/awscli/examples/macie2/describe-buckets.rst @@ -1,9 +1,9 @@ **To query data about one or more S3 buckets that Amazon Macie monitors and analyzes for your account** -The following ``describe-buckets`` example queries metadata for all S3 buckets whose names begin with MY-S3 and are in the current AWS Region. :: +The following ``describe-buckets`` example queries metadata for all S3 buckets whose names begin with amzn-s3-demo-bucket and are in the current AWS Region. :: aws macie2 describe-buckets \ - --criteria '{"bucketName":{"prefix":"my-S3"}}' + --criteria '{"bucketName":{"prefix":"amzn-s3-demo-bucket"}}' Output:: @@ -12,19 +12,20 @@ Output:: { "accountId": "123456789012", "allowsUnencryptedObjectUploads": "FALSE", - "bucketArn": "arn:aws:s3:::MY-S3-DOC-EXAMPLE-BUCKET1", + "automatedDiscoveryMonitoringStatus": "MONITORED", + "bucketArn": "arn:aws:s3:::amzn-s3-demo-bucket1", "bucketCreatedAt": "2020-05-18T19:54:00+00:00", - "bucketName": "MY-S3-DOC-EXAMPLE-BUCKET1", + "bucketName": "amzn-s3-demo-bucket1", "classifiableObjectCount": 13, "classifiableSizeInBytes": 1592088, "jobDetails": { "isDefinedInJob": "TRUE", "isMonitoredByJob": "TRUE", - "lastJobId": "08c81dc4a2f3377fae45c9ddaexample", - "lastJobRunTime": "2021-04-26T14:55:30.270000+00:00" + "lastJobId": "08c81dc4a2f3377fae45c9ddaEXAMPLE", + "lastJobRunTime": "2024-08-19T14:55:30.270000+00:00" }, - "lastAutomatedDiscoveryTime": "2022-12-10T19:11:25.364000+00:00", - "lastUpdated": "2022-12-13T07:33:06.337000+00:00", + "lastAutomatedDiscoveryTime": "2024-10-22T19:11:25.364000+00:00", + "lastUpdated": "2024-10-25T07:33:06.337000+00:00", "objectCount": 13, "objectCountByEncryptionType": { "customerManaged": 0, @@ -101,19 +102,20 @@ Output:: { "accountId": "123456789012", "allowsUnencryptedObjectUploads": "TRUE", - "bucketArn": "arn:aws:s3:::MY-S3-DOC-EXAMPLE-BUCKET2", + "automatedDiscoveryMonitoringStatus": "MONITORED", + "bucketArn": "arn:aws:s3:::amzn-s3-demo-bucket2", "bucketCreatedAt": "2020-11-25T18:24:38+00:00", - "bucketName": "MY-S3-DOC-EXAMPLE-BUCKET2", + "bucketName": "amzn-s3-demo-bucket2", "classifiableObjectCount": 8, "classifiableSizeInBytes": 133810, "jobDetails": { "isDefinedInJob": "TRUE", "isMonitoredByJob": "FALSE", - "lastJobId": "188d4f6044d621771ef7d65f2example", - "lastJobRunTime": "2021-04-09T19:37:11.511000+00:00" + "lastJobId": "188d4f6044d621771ef7d65f2EXAMPLE", + "lastJobRunTime": "2024-07-09T19:37:11.511000+00:00" }, - "lastAutomatedDiscoveryTime": "2022-12-12T19:11:25.364000+00:00", - "lastUpdated": "2022-12-13T07:33:06.337000+00:00", + "lastAutomatedDiscoveryTime": "2024-10-24T19:11:25.364000+00:00", + "lastUpdated": "2024-10-25T07:33:06.337000+00:00", "objectCount": 8, "objectCountByEncryptionType": { "customerManaged": 0, @@ -190,4 +192,4 @@ Output:: ] } -For more information, see `Filtering your S3 bucket inventory `__ in the *Amazon Macie User Guide*. \ No newline at end of file +For more information, see `Filtering your S3 bucket inventory `__ in the *Amazon Macie User Guide*. diff --git a/awscli/examples/mediapackage-vod/list-assets.rst b/awscli/examples/mediapackage-vod/list-assets.rst index 03f347a8bb62..d1bf81094909 100644 --- a/awscli/examples/mediapackage-vod/list-assets.rst +++ b/awscli/examples/mediapackage-vod/list-assets.rst @@ -1,6 +1,6 @@ **To list all assets** -The following ``list-assets`` example ists all of the assets that are configured in the current AWS account. :: +The following ``list-assets`` example lists all of the assets that are configured in the current AWS account. :: aws mediapackage-vod list-assets diff --git a/awscli/examples/medical-imaging/copy-image-set.rst b/awscli/examples/medical-imaging/copy-image-set.rst new file mode 100644 index 000000000000..4d823ac9fe0e --- /dev/null +++ b/awscli/examples/medical-imaging/copy-image-set.rst @@ -0,0 +1,96 @@ +**Example 1: To copy an image set without a destination.** + +The following ``copy-image-set`` example makes a duplicate copy of an image set without a destination. :: + + aws medical-imaging copy-image-set \ + --datastore-id 12345678901234567890123456789012 \ + --source-image-set-id ea92b0d8838c72a3f25d00d13616f87e \ + --copy-image-set-information '{"sourceImageSet": {"latestVersionId": "1" } }' + +Output:: + + { + "destinationImageSetProperties": { + "latestVersionId": "2", + "imageSetWorkflowStatus": "COPYING", + "updatedAt": 1680042357.432, + "imageSetId": "b9a06fef182a5f992842f77f8e0868e5", + "imageSetState": "LOCKED", + "createdAt": 1680042357.432 + }, + "sourceImageSetProperties": { + "latestVersionId": "1", + "imageSetWorkflowStatus": "COPYING_WITH_READ_ONLY_ACCESS", + "updatedAt": 1680042357.432, + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "LOCKED", + "createdAt": 1680027126.436 + }, + "datastoreId": "12345678901234567890123456789012" + } + +**Example 2: To copy an image set with a destination.** + +The following ``copy-image-set`` example makes a duplicate copy of an image set with a destination. :: + + aws medical-imaging copy-image-set \ + --datastore-id 12345678901234567890123456789012 \ + --source-image-set-id ea92b0d8838c72a3f25d00d13616f87e \ + --copy-image-set-information '{"sourceImageSet": {"latestVersionId": "1" }, "destinationImageSet": { "imageSetId": "b9a06fef182a5f992842f77f8e0868e5", "latestVersionId": "1"} }' + +Output:: + + { + "destinationImageSetProperties": { + "latestVersionId": "2", + "imageSetWorkflowStatus": "COPYING", + "updatedAt": 1680042505.135, + "imageSetId": "b9a06fef182a5f992842f77f8e0868e5", + "imageSetState": "LOCKED", + "createdAt": 1680042357.432 + }, + "sourceImageSetProperties": { + "latestVersionId": "1", + "imageSetWorkflowStatus": "COPYING_WITH_READ_ONLY_ACCESS", + "updatedAt": 1680042505.135, + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "LOCKED", + "createdAt": 1680027126.436 + }, + "datastoreId": "12345678901234567890123456789012" + } + +**Example 3: To copy a subset of instances from a source image set to a destination image set.** + +The following ``copy-image-set`` example copies one DICOM instance from the source image set to the destination image set. +The force parameter is provided to override inconsistencies in the Patient, Study, and Series level attributes. :: + + aws medical-imaging copy-image-set \ + --datastore-id 12345678901234567890123456789012 \ + --source-image-set-id ea92b0d8838c72a3f25d00d13616f87e \ + --copy-image-set-information '{"sourceImageSet": {"latestVersionId": "1","DICOMCopies": {"copiableAttributes": "{\"SchemaVersion\":\"1.1\",\"Study\":{\"Series\":{\"1.3.6.1.4.1.5962.99.1.3673257865.2104868982.1369432891697.3666.0\":{\"Instances\":{\"1.3.6.1.4.1.5962.99.1.3673257865.2104868982.1369432891697.3669.0\":{}}}}}}"}},"destinationImageSet": {"imageSetId": "b9eb50d8ee682eb9fcf4acbf92f62bb7","latestVersionId": "1"}}' \ + --force + +Output:: + + { + "destinationImageSetProperties": { + "latestVersionId": "2", + "imageSetWorkflowStatus": "COPYING", + "updatedAt": 1680042505.135, + "imageSetId": "b9eb50d8ee682eb9fcf4acbf92f62bb7", + "imageSetState": "LOCKED", + "createdAt": 1680042357.432 + }, + "sourceImageSetProperties": { + "latestVersionId": "1", + "imageSetWorkflowStatus": "COPYING_WITH_READ_ONLY_ACCESS", + "updatedAt": 1680042505.135, + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "LOCKED", + "createdAt": 1680027126.436 + }, + "datastoreId": "12345678901234567890123456789012" + } + +For more information, see `Copying an image set `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/create-datastore.rst b/awscli/examples/medical-imaging/create-datastore.rst new file mode 100644 index 000000000000..7adbfd889ea0 --- /dev/null +++ b/awscli/examples/medical-imaging/create-datastore.rst @@ -0,0 +1,15 @@ +**To create a data store** + +The following ``create-datastore`` code example creates a data store with the name ``my-datastore``. :: + + aws medical-imaging create-datastore \ + --datastore-name "my-datastore" + +Output:: + + { + "datastoreId": "12345678901234567890123456789012", + "datastoreStatus": "CREATING" + } + +For more information, see `Creating a data store `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/delete-datastore.rst b/awscli/examples/medical-imaging/delete-datastore.rst new file mode 100644 index 000000000000..f7f381331cd5 --- /dev/null +++ b/awscli/examples/medical-imaging/delete-datastore.rst @@ -0,0 +1,15 @@ +**To delete a data store** + +The following ``delete-datastore`` code example deletes a data store. :: + + aws medical-imaging delete-datastore \ + --datastore-id "12345678901234567890123456789012" + +Output:: + + { + "datastoreId": "12345678901234567890123456789012", + "datastoreStatus": "DELETING" + } + +For more information, see `Deleting a data store `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/delete-image-set.rst b/awscli/examples/medical-imaging/delete-image-set.rst new file mode 100644 index 000000000000..6d0affc402f7 --- /dev/null +++ b/awscli/examples/medical-imaging/delete-image-set.rst @@ -0,0 +1,18 @@ +**To delete an image set** + +The following ``delete-image-set`` code example deletes an image set. :: + + aws medical-imaging delete-image-set \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id ea92b0d8838c72a3f25d00d13616f87e + +Output:: + + { + "imageSetWorkflowStatus": "DELETING", + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "LOCKED", + "datastoreId": "12345678901234567890123456789012" + } + +For more information, see `Deleting an image set `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/get-datastore.rst b/awscli/examples/medical-imaging/get-datastore.rst new file mode 100644 index 000000000000..2aa89a15d4dc --- /dev/null +++ b/awscli/examples/medical-imaging/get-datastore.rst @@ -0,0 +1,22 @@ +**To get a data store's properties** + +The following ``get-datastore`` code example gets a data store's properties. :: + + aws medical-imaging get-datastore \ + --datastore-id 12345678901234567890123456789012 + + +Output:: + + { + "datastoreProperties": { + "datastoreId": "12345678901234567890123456789012", + "datastoreName": "TestDatastore123", + "datastoreStatus": "ACTIVE", + "datastoreArn": "arn:aws:medical-imaging:us-east-1:123456789012:datastore/12345678901234567890123456789012", + "createdAt": "2022-11-15T23:33:09.643000+00:00", + "updatedAt": "2022-11-15T23:33:09.643000+00:00" + } + } + +For more information, see `Getting data store properties `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/get-dicom-import-job.rst b/awscli/examples/medical-imaging/get-dicom-import-job.rst new file mode 100644 index 000000000000..80661a348c46 --- /dev/null +++ b/awscli/examples/medical-imaging/get-dicom-import-job.rst @@ -0,0 +1,26 @@ +**To get a dicom import job's properties** + +The following ``get-dicom-import-job`` code example gets a dicom import job's properties. :: + + aws medical-imaging get-dicom-import-job \ + --datastore-id "12345678901234567890123456789012" \ + --job-id "09876543210987654321098765432109" + + +Output:: + + { + "jobProperties": { + "jobId": "09876543210987654321098765432109", + "jobName": "my-job", + "jobStatus": "COMPLETED", + "datastoreId": "12345678901234567890123456789012", + "dataAccessRoleArn": "arn:aws:iam::123456789012:role/ImportJobDataAccessRole", + "endedAt": "2022-08-12T11:29:42.285000+00:00", + "submittedAt": "2022-08-12T11:28:11.152000+00:00", + "inputS3Uri": "s3://medical-imaging-dicom-input/dicom_input/", + "outputS3Uri": "s3://medical-imaging-output/job_output/12345678901234567890123456789012-DicomImport-09876543210987654321098765432109/" + } + } + +For more information, see `Getting import job properties `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/get-image-frame.rst b/awscli/examples/medical-imaging/get-image-frame.rst new file mode 100644 index 000000000000..e4a1d16520a8 --- /dev/null +++ b/awscli/examples/medical-imaging/get-image-frame.rst @@ -0,0 +1,16 @@ +**To get image set pixel data** + +The following ``get-image-frame`` code example gets an image frame. :: + + aws medical-imaging get-image-frame \ + --datastore-id "12345678901234567890123456789012" \ + --image-set-id "98765412345612345678907890789012" \ + --image-frame-information imageFrameId=3abf5d5d7ae72f80a0ec81b2c0de3ef4 \ + imageframe.jph + + +Note: +This code example does not include output because the GetImageFrame action returns a stream of pixel data to the imageframe.jph file. For information about decoding and viewing image frames, see HTJ2K decoding libraries. + + +For more information, see `Getting image set pixel data `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/get-image-set-metadata.rst b/awscli/examples/medical-imaging/get-image-set-metadata.rst new file mode 100644 index 000000000000..a35c6747e736 --- /dev/null +++ b/awscli/examples/medical-imaging/get-image-set-metadata.rst @@ -0,0 +1,42 @@ +**Example 1: To get image set metadata without version** + +The following ``get-image-set-metadata`` code example gets metadata for an image set without specifying a version. + +Note: ``outfile`` is a required parameter :: + + aws medical-imaging get-image-set-metadata \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id ea92b0d8838c72a3f25d00d13616f87e \ + studymetadata.json.gz + +The returned metadata is compressed with gzip and stored in the studymetadata.json.gz file. To view the contents of the returned JSON object, you must first decompress it. + +Output:: + + { + "contentType": "application/json", + "contentEncoding": "gzip" + } + +**Example 2: To get image set metadata with version** + +The following ``get-image-set-metadata`` code example gets metadata for an image set with a specified version. + +Note: ``outfile`` is a required parameter :: + + aws medical-imaging get-image-set-metadata \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id ea92b0d8838c72a3f25d00d13616f87e \ + --version-id 1 \ + studymetadata.json.gz + +The returned metadata is compressed with gzip and stored in the studymetadata.json.gz file. To view the contents of the returned JSON object, you must first decompress it. + +Output:: + + { + "contentType": "application/json", + "contentEncoding": "gzip" + } + +For more information, see `Getting image set metadata `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/get-image-set.rst b/awscli/examples/medical-imaging/get-image-set.rst new file mode 100644 index 000000000000..ad1ee5c5f879 --- /dev/null +++ b/awscli/examples/medical-imaging/get-image-set.rst @@ -0,0 +1,23 @@ +**To get image set properties** + +The following ``get-image-set`` code example gets the properties for an image set. :: + + aws medical-imaging get-image-set \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id 18f88ac7870584f58d56256646b4d92b \ + --version-id 1 + +Output:: + + { + "versionId": "1", + "imageSetWorkflowStatus": "COPIED", + "updatedAt": 1680027253.471, + "imageSetId": "18f88ac7870584f58d56256646b4d92b", + "imageSetState": "ACTIVE", + "createdAt": 1679592510.753, + "datastoreId": "12345678901234567890123456789012" + } + + +For more information, see `Getting image set properties `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/list-datastores.rst b/awscli/examples/medical-imaging/list-datastores.rst new file mode 100644 index 000000000000..306d79c08082 --- /dev/null +++ b/awscli/examples/medical-imaging/list-datastores.rst @@ -0,0 +1,23 @@ +**To list data stores** + +The following ``list-datastores`` code example lists available data stores. :: + + aws medical-imaging list-datastores + +Output:: + + { + "datastoreSummaries": [ + { + "datastoreId": "12345678901234567890123456789012", + "datastoreName": "TestDatastore123", + "datastoreStatus": "ACTIVE", + "datastoreArn": "arn:aws:medical-imaging:us-east-1:123456789012:datastore/12345678901234567890123456789012", + "createdAt": "2022-11-15T23:33:09.643000+00:00", + "updatedAt": "2022-11-15T23:33:09.643000+00:00" + } + ] + } + + +For more information, see `Listing data stores `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/list-dicom-import-jobs.rst b/awscli/examples/medical-imaging/list-dicom-import-jobs.rst new file mode 100644 index 000000000000..445bff823f4c --- /dev/null +++ b/awscli/examples/medical-imaging/list-dicom-import-jobs.rst @@ -0,0 +1,24 @@ +**To list dicom import jobs** + +The following ``list-dicom-import-jobs`` code example lists dicom import jobs. :: + + aws medical-imaging list-dicom-import-jobs \ + --datastore-id "12345678901234567890123456789012" + +Output:: + + { + "jobSummaries": [ + { + "jobId": "09876543210987654321098765432109", + "jobName": "my-job", + "jobStatus": "COMPLETED", + "datastoreId": "12345678901234567890123456789012", + "dataAccessRoleArn": "arn:aws:iam::123456789012:role/ImportJobDataAccessRole", + "endedAt": "2022-08-12T11:21:56.504000+00:00", + "submittedAt": "2022-08-12T11:20:21.734000+00:00" + } + ] + } + +For more information, see `Listing import jobs `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/list-image-set-versions.rst b/awscli/examples/medical-imaging/list-image-set-versions.rst new file mode 100644 index 000000000000..10c6f5b225a5 --- /dev/null +++ b/awscli/examples/medical-imaging/list-image-set-versions.rst @@ -0,0 +1,48 @@ +**To list image set versions** + +The following ``list-image-set-versions`` code example lists the version history for an image set. :: + + aws medical-imaging list-image-set-versions \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id ea92b0d8838c72a3f25d00d13616f87e + +Output:: + + { + "imageSetPropertiesList": [ + { + "ImageSetWorkflowStatus": "UPDATED", + "versionId": "4", + "updatedAt": 1680029436.304, + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "ACTIVE", + "createdAt": 1680027126.436 + }, + { + "ImageSetWorkflowStatus": "UPDATED", + "versionId": "3", + "updatedAt": 1680029163.325, + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "ACTIVE", + "createdAt": 1680027126.436 + }, + { + "ImageSetWorkflowStatus": "COPY_FAILED", + "versionId": "2", + "updatedAt": 1680027455.944, + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "ACTIVE", + "message": "INVALID_REQUEST: Series of SourceImageSet and DestinationImageSet don't match.", + "createdAt": 1680027126.436 + }, + { + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "ACTIVE", + "versionId": "1", + "ImageSetWorkflowStatus": "COPIED", + "createdAt": 1680027126.436 + } + ] + } + +For more information, see `Listing image set versions `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/list-tags-for-resource.rst b/awscli/examples/medical-imaging/list-tags-for-resource.rst new file mode 100644 index 000000000000..697d3d9a3a85 --- /dev/null +++ b/awscli/examples/medical-imaging/list-tags-for-resource.rst @@ -0,0 +1,32 @@ +**Example 1: To list resource tags for a data store** + +The following ``list-tags-for-resource`` code example lists tags for a data store. :: + + aws medical-imaging list-tags-for-resource \ + --resource-arn "arn:aws:medical-imaging:us-east-1:123456789012:datastore/12345678901234567890123456789012" + +Output:: + + { + "tags":{ + "Deployment":"Development" + } + } + +**Example 2: To list resource tags for an image set** + +The following ``list-tags-for-resource`` code example lists tags for an image set. :: + + + aws medical-imaging list-tags-for-resource \ + --resource-arn "arn:aws:medical-imaging:us-east-1:123456789012:datastore/12345678901234567890123456789012/imageset/18f88ac7870584f58d56256646b4d92b" + +Output:: + + { + "tags":{ + "Deployment":"Development" + } + } + +For more information, see `Tagging resources with AWS HealthImaging `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/search-image-sets.rst b/awscli/examples/medical-imaging/search-image-sets.rst new file mode 100644 index 000000000000..4502f8949412 --- /dev/null +++ b/awscli/examples/medical-imaging/search-image-sets.rst @@ -0,0 +1,205 @@ +**Example 1: To search image sets with an EQUAL operator** + +The following ``search-image-sets`` code example uses the EQUAL operator to search image sets based on a specific value. :: + + aws medical-imaging search-image-sets \ + --datastore-id 12345678901234567890123456789012 \ + --search-criteria file://search-criteria.json + +Contents of ``search-criteria.json`` :: + + { + "filters": [{ + "values": [{"DICOMPatientId" : "SUBJECT08701"}], + "operator": "EQUAL" + }] + } + +Output:: + + { + "imageSetsMetadataSummaries": [{ + "imageSetId": "09876543210987654321098765432109", + "createdAt": "2022-12-06T21:40:59.429000+00:00", + "version": 1, + "DICOMTags": { + "DICOMStudyId": "2011201407", + "DICOMStudyDate": "19991122", + "DICOMPatientSex": "F", + "DICOMStudyInstanceUID": "1.2.840.99999999.84710745.943275268089", + "DICOMPatientBirthDate": "19201120", + "DICOMStudyDescription": "UNKNOWN", + "DICOMPatientId": "SUBJECT08701", + "DICOMPatientName": "Melissa844 Huel628", + "DICOMNumberOfStudyRelatedInstances": 1, + "DICOMStudyTime": "140728", + "DICOMNumberOfStudyRelatedSeries": 1 + }, + "updatedAt": "2022-12-06T21:40:59.429000+00:00" + }] + } + +**Example 2: To search image sets with a BETWEEN operator using DICOMStudyDate and DICOMStudyTime** + +The following ``search-image-sets`` code example searches for image sets with DICOM Studies generated between January 1, 1990 (12:00 AM) and January 1, 2023 (12:00 AM). + +Note: +DICOMStudyTime is optional. If it is not present, 12:00 AM (start of the day) is the time value for the dates provided for filtering. :: + + aws medical-imaging search-image-sets \ + --datastore-id 12345678901234567890123456789012 \ + --search-criteria file://search-criteria.json + +Contents of ``search-criteria.json`` :: + + { + "filters": [{ + "values": [{ + "DICOMStudyDateAndTime": { + "DICOMStudyDate": "19900101", + "DICOMStudyTime": "000000" + } + }, + { + "DICOMStudyDateAndTime": { + "DICOMStudyDate": "20230101", + "DICOMStudyTime": "000000" + } + }], + "operator": "BETWEEN" + }] + } + +Output:: + + { + "imageSetsMetadataSummaries": [{ + "imageSetId": "09876543210987654321098765432109", + "createdAt": "2022-12-06T21:40:59.429000+00:00", + "version": 1, + "DICOMTags": { + "DICOMStudyId": "2011201407", + "DICOMStudyDate": "19991122", + "DICOMPatientSex": "F", + "DICOMStudyInstanceUID": "1.2.840.99999999.84710745.943275268089", + "DICOMPatientBirthDate": "19201120", + "DICOMStudyDescription": "UNKNOWN", + "DICOMPatientId": "SUBJECT08701", + "DICOMPatientName": "Melissa844 Huel628", + "DICOMNumberOfStudyRelatedInstances": 1, + "DICOMStudyTime": "140728", + "DICOMNumberOfStudyRelatedSeries": 1 + }, + "updatedAt": "2022-12-06T21:40:59.429000+00:00" + }] + } + +**Example 3: To search image sets with a BETWEEN operator using createdAt (time studies were previously persisted)** + +The following ``search-image-sets`` code example searches for image sets with DICOM Studies persisted in HealthImaging between the time ranges in UTC time zone. + +Note: +Provide createdAt in example format ("1985-04-12T23:20:50.52Z"). :: + + aws medical-imaging search-image-sets \ + --datastore-id 12345678901234567890123456789012 \ + --search-criteria file://search-criteria.json + + +Contents of ``search-criteria.json`` :: + + { + "filters": [{ + "values": [{ + "createdAt": "1985-04-12T23:20:50.52Z" + }, + { + "createdAt": "2022-04-12T23:20:50.52Z" + }], + "operator": "BETWEEN" + }] + } + +Output:: + + { + "imageSetsMetadataSummaries": [{ + "imageSetId": "09876543210987654321098765432109", + "createdAt": "2022-12-06T21:40:59.429000+00:00", + "version": 1, + "DICOMTags": { + "DICOMStudyId": "2011201407", + "DICOMStudyDate": "19991122", + "DICOMPatientSex": "F", + "DICOMStudyInstanceUID": "1.2.840.99999999.84710745.943275268089", + "DICOMPatientBirthDate": "19201120", + "DICOMStudyDescription": "UNKNOWN", + "DICOMPatientId": "SUBJECT08701", + "DICOMPatientName": "Melissa844 Huel628", + "DICOMNumberOfStudyRelatedInstances": 1, + "DICOMStudyTime": "140728", + "DICOMNumberOfStudyRelatedSeries": 1 + }, + "lastUpdatedAt": "2022-12-06T21:40:59.429000+00:00" + }] + } + +**Example 4: To search image sets with an EQUAL operator on DICOMSeriesInstanceUID and BETWEEN on updatedAt and sort response in ASC order on updatedAt field** + +The following ``search-image-sets`` code example searches for image sets with an EQUAL operator on DICOMSeriesInstanceUID and BETWEEN on updatedAt and sort response in ASC order on updatedAt field. + +Note: +Provide updatedAt in example format ("1985-04-12T23:20:50.52Z"). :: + + aws medical-imaging search-image-sets \ + --datastore-id 12345678901234567890123456789012 \ + --search-criteria file://search-criteria.json + + +Contents of ``search-criteria.json`` :: + + { + "filters": [{ + "values": [{ + "updatedAt": "2024-03-11T15:00:05.074000-07:00" + }, { + "updatedAt": "2024-03-11T16:00:05.074000-07:00" + }], + "operator": "BETWEEN" + }, { + "values": [{ + "DICOMSeriesInstanceUID": "1.2.840.99999999.84710745.943275268089" + }], + "operator": "EQUAL" + }], + "sort": { + "sortField": "updatedAt", + "sortOrder": "ASC" + } + } + +Output:: + + { + "imageSetsMetadataSummaries": [{ + "imageSetId": "09876543210987654321098765432109", + "createdAt": "2022-12-06T21:40:59.429000+00:00", + "version": 1, + "DICOMTags": { + "DICOMStudyId": "2011201407", + "DICOMStudyDate": "19991122", + "DICOMPatientSex": "F", + "DICOMStudyInstanceUID": "1.2.840.99999999.84710745.943275268089", + "DICOMPatientBirthDate": "19201120", + "DICOMStudyDescription": "UNKNOWN", + "DICOMPatientId": "SUBJECT08701", + "DICOMPatientName": "Melissa844 Huel628", + "DICOMNumberOfStudyRelatedInstances": 1, + "DICOMStudyTime": "140728", + "DICOMNumberOfStudyRelatedSeries": 1 + }, + "lastUpdatedAt": "2022-12-06T21:40:59.429000+00:00" + }] + } + +For more information, see `Searching image sets `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/start-dicom-import-job.rst b/awscli/examples/medical-imaging/start-dicom-import-job.rst new file mode 100644 index 000000000000..d93e27d2b2d0 --- /dev/null +++ b/awscli/examples/medical-imaging/start-dicom-import-job.rst @@ -0,0 +1,21 @@ +**To start a dicom import job** + +The following ``start-dicom-import-job`` code example starts a dicom import job. :: + + aws medical-imaging start-dicom-import-job \ + --job-name "my-job" \ + --datastore-id "12345678901234567890123456789012" \ + --input-s3-uri "s3://medical-imaging-dicom-input/dicom_input/" \ + --output-s3-uri "s3://medical-imaging-output/job_output/" \ + --data-access-role-arn "arn:aws:iam::123456789012:role/ImportJobDataAccessRole" + +Output:: + + { + "datastoreId": "12345678901234567890123456789012", + "jobId": "09876543210987654321098765432109", + "jobStatus": "SUBMITTED", + "submittedAt": "2022-08-12T11:28:11.152000+00:00" + } + +For more information, see `Starting an import job `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/medical-imaging/tag-resource.rst b/awscli/examples/medical-imaging/tag-resource.rst new file mode 100644 index 000000000000..ec069cd4dc2c --- /dev/null +++ b/awscli/examples/medical-imaging/tag-resource.rst @@ -0,0 +1,22 @@ +**Example 1: To tag a data store** + +The following ``tag-resource`` code examples tags a data store. :: + + aws medical-imaging tag-resource \ + --resource-arn "arn:aws:medical-imaging:us-east-1:123456789012:datastore/12345678901234567890123456789012" \ + --tags '{"Deployment":"Development"}' + +This command produces no output. + +**Example 2: To tag an image set** + +The following ``tag-resource`` code examples tags an image set. :: + + aws medical-imaging tag-resource \ + --resource-arn "arn:aws:medical-imaging:us-east-1:123456789012:datastore/12345678901234567890123456789012/imageset/18f88ac7870584f58d56256646b4d92b" \ + --tags '{"Deployment":"Development"}' + +This command produces no output. + +For more information, see `Tagging resources with AWS HealthImaging `__ in the *AWS HealthImaging Developer Guide*. + diff --git a/awscli/examples/medical-imaging/untag-resource.rst b/awscli/examples/medical-imaging/untag-resource.rst new file mode 100644 index 000000000000..0910f18cc2c8 --- /dev/null +++ b/awscli/examples/medical-imaging/untag-resource.rst @@ -0,0 +1,24 @@ +**Example 1: To untag a data store** + +The following ``untag-resource`` code example untags a data store. :: + + aws medical-imaging untag-resource \ + --resource-arn "arn:aws:medical-imaging:us-east-1:123456789012:datastore/12345678901234567890123456789012" \ + --tag-keys '["Deployment"]' + + +This command produces no output. + +**Example 2: To untag an image set** + +The following ``untag-resource`` code example untags an image set. :: + + aws medical-imaging untag-resource \ + --resource-arn "arn:aws:medical-imaging:us-east-1:123456789012:datastore/12345678901234567890123456789012/imageset/18f88ac7870584f58d56256646b4d92b" \ + --tag-keys '["Deployment"]' + + +This command produces no output. + +For more information, see `Tagging resources with AWS HealthImaging `__ in the *AWS HealthImaging Developer Guide*. + diff --git a/awscli/examples/medical-imaging/update-image-set-metadata.rst b/awscli/examples/medical-imaging/update-image-set-metadata.rst new file mode 100644 index 000000000000..e596508bdfaa --- /dev/null +++ b/awscli/examples/medical-imaging/update-image-set-metadata.rst @@ -0,0 +1,215 @@ +**Example 1: To insert or update an attribute in image set metadata** + +The following ``update-image-set-metadata`` example inserts or updates an attribute in image set metadata. :: + + aws medical-imaging update-image-set-metadata \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id ea92b0d8838c72a3f25d00d13616f87e \ + --latest-version-id 1 \ + --cli-binary-format raw-in-base64-out \ + --update-image-set-metadata-updates file://metadata-updates.json + +Contents of ``metadata-updates.json`` :: + + { + "DICOMUpdates": { + "updatableAttributes": "{\"SchemaVersion\":1.1,\"Patient\":{\"DICOM\":{\"PatientName\":\"MX^MX\"}}}" + } + } + +Output:: + + { + "latestVersionId": "2", + "imageSetWorkflowStatus": "UPDATING", + "updatedAt": 1680042257.908, + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "LOCKED", + "createdAt": 1680027126.436, + "datastoreId": "12345678901234567890123456789012" + } + +**Example 2: To remove an attribute from image set metadata** + +The following ``update-image-set-metadata`` example removes an attribute from image set metadata. :: + + aws medical-imaging update-image-set-metadata \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id ea92b0d8838c72a3f25d00d13616f87e \ + --latest-version-id 1 \ + --cli-binary-format raw-in-base64-out \ + --update-image-set-metadata-updates file://metadata-updates.json + +Contents of ``metadata-updates.json`` :: + + { + "DICOMUpdates": { + "removableAttributes": "{\"SchemaVersion\":1.1,\"Study\":{\"DICOM\":{\"StudyDescription\":\"CHEST\"}}}" + } + } + +Output:: + + { + "latestVersionId": "2", + "imageSetWorkflowStatus": "UPDATING", + "updatedAt": 1680042257.908, + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "LOCKED", + "createdAt": 1680027126.436, + "datastoreId": "12345678901234567890123456789012" + } + +**Example 3: To remove an instance from image set metadata** + +The following ``update-image-set-metadata`` example removes an instance from image set metadata. :: + + aws medical-imaging update-image-set-metadata \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id ea92b0d8838c72a3f25d00d13616f87e \ + --latest-version-id 1 \ + --cli-binary-format raw-in-base64-out \ + --update-image-set-metadata-updates file://metadata-updates.json + +Contents of ``metadata-updates.json`` :: + + { + "DICOMUpdates": { + "removableAttributes": "{\"SchemaVersion\": 1.1,\"Study\": {\"Series\": {\"1.1.1.1.1.1.12345.123456789012.123.12345678901234.1\": {\"Instances\": {\"1.1.1.1.1.1.12345.123456789012.123.12345678901234.1\": {}}}}}}" + } + } + +Output:: + + { + "latestVersionId": "2", + "imageSetWorkflowStatus": "UPDATING", + "updatedAt": 1680042257.908, + "imageSetId": "ea92b0d8838c72a3f25d00d13616f87e", + "imageSetState": "LOCKED", + "createdAt": 1680027126.436, + "datastoreId": "12345678901234567890123456789012" + } + + +**Example 4: To revert an image set to a previous version** + +The following ``update-image-set-metadata`` example shows how to revert an image set to a prior version. CopyImageSet and UpdateImageSetMetadata actions create new versions of image sets. :: + + aws medical-imaging update-image-set-metadata \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id 53d5fdb05ca4d46ac7ca64b06545c66e \ + --latest-version-id 3 \ + --cli-binary-format raw-in-base64-out \ + --update-image-set-metadata-updates '{"revertToVersionId": "1"}' + +Output:: + + { + "datastoreId": "12345678901234567890123456789012", + "imageSetId": "53d5fdb05ca4d46ac7ca64b06545c66e", + "latestVersionId": "4", + "imageSetState": "LOCKED", + "imageSetWorkflowStatus": "UPDATING", + "createdAt": 1680027126.436, + "updatedAt": 1680042257.908 + } + +**Example 5: To add a private DICOM data element to an instance** + +The following ``update-image-set-metadata`` example shows how to add a private element to a specified instance within an image set. The DICOM standard permits private data elements for communication of information that cannot be contained in standard data elements. You can create, update, and delete private data elements with the +UpdateImageSetMetadata action. :: + + aws medical-imaging update-image-set-metadata \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id 53d5fdb05ca4d46ac7ca64b06545c66e \ + --latest-version-id 1 \ + --cli-binary-format raw-in-base64-out \ + --force \ + --update-image-set-metadata-updates file://metadata-updates.json + +Contents of ``metadata-updates.json`` :: + + { + "DICOMUpdates": { + "updatableAttributes": "{\"SchemaVersion\": 1.1,\"Study\": {\"Series\": {\"1.1.1.1.1.1.12345.123456789012.123.12345678901234.1\": {\"Instances\": {\"1.1.1.1.1.1.12345.123456789012.123.12345678901234.1\": {\"DICOM\": {\"001910F9\": \"97\"},\"DICOMVRs\": {\"001910F9\": \"DS\"}}}}}}}" + } + } + +Output:: + + { + "latestVersionId": "2", + "imageSetWorkflowStatus": "UPDATING", + "updatedAt": 1680042257.908, + "imageSetId": "53d5fdb05ca4d46ac7ca64b06545c66e", + "imageSetState": "LOCKED", + "createdAt": 1680027126.436, + "datastoreId": "12345678901234567890123456789012" + } + +**Example 6: To update a private DICOM data element to an instance** + +The following ``update-image-set-metadata`` example shows how to update the value of a private data element belonging to an instance within an image set. :: + + aws medical-imaging update-image-set-metadata \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id 53d5fdb05ca4d46ac7ca64b06545c66e \ + --latest-version-id 1 \ + --cli-binary-format raw-in-base64-out \ + --force \ + --update-image-set-metadata-updates file://metadata-updates.json + +Contents of ``metadata-updates.json`` :: + + { + "DICOMUpdates": { + "updatableAttributes": "{\"SchemaVersion\": 1.1,\"Study\": {\"Series\": {\"1.1.1.1.1.1.12345.123456789012.123.12345678901234.1\": {\"Instances\": {\"1.1.1.1.1.1.12345.123456789012.123.12345678901234.1\": {\"DICOM\": {\"00091001\": \"GE_GENESIS_DD\"}}}}}}}" + } + } + +Output:: + + { + "latestVersionId": "2", + "imageSetWorkflowStatus": "UPDATING", + "updatedAt": 1680042257.908, + "imageSetId": "53d5fdb05ca4d46ac7ca64b06545c66e", + "imageSetState": "LOCKED", + "createdAt": 1680027126.436, + "datastoreId": "12345678901234567890123456789012" + } + +**Example 7: To update a SOPInstanceUID with the force parameter** + +The following ``update-image-set-metadata`` example shows how to update a SOPInstanceUID, using the force parameter to override the DICOM metadata constraints. :: + + aws medical-imaging update-image-set-metadata \ + --datastore-id 12345678901234567890123456789012 \ + --image-set-id 53d5fdb05ca4d46ac7ca64b06545c66e \ + --latest-version-id 1 \ + --cli-binary-format raw-in-base64-out \ + --force \ + --update-image-set-metadata-updates file://metadata-updates.json + +Contents of ``metadata-updates.json`` :: + + { + "DICOMUpdates": { + "updatableAttributes": "{\"SchemaVersion\":1.1,\"Study\":{\"Series\":{\"1.3.6.1.4.1.5962.99.1.3633258862.2104868982.1369432891697.3656.0\":{\"Instances\":{\"1.3.6.1.4.1.5962.99.1.3633258862.2104868982.1369432891697.3659.0\":{\"DICOM\":{\"SOPInstanceUID\":\"1.3.6.1.4.1.5962.99.1.3633258862.2104868982.1369432891697.3659.9\"}}}}}}}" + } + } + +Output:: + + { + "latestVersionId": "2", + "imageSetWorkflowStatus": "UPDATING", + "updatedAt": 1680042257.908, + "imageSetId": "53d5fdb05ca4d46ac7ca64b06545c66e", + "imageSetState": "LOCKED", + "createdAt": 1680027126.436, + "datastoreId": "12345678901234567890123456789012" + } + +For more information, see `Updating image set metadata `__ in the *AWS HealthImaging Developer Guide*. diff --git a/awscli/examples/memorydb/create-user.rst b/awscli/examples/memorydb/create-user.rst index 430a23627212..359cf912ef7f 100644 --- a/awscli/examples/memorydb/create-user.rst +++ b/awscli/examples/memorydb/create-user.rst @@ -1,4 +1,4 @@ -**To creat a user** +**To create a user** The following ``create-user`` example creates a new user. :: diff --git a/awscli/examples/networkflowmonitor/create-monitor.rst b/awscli/examples/networkflowmonitor/create-monitor.rst new file mode 100644 index 000000000000..90508cbd60b3 --- /dev/null +++ b/awscli/examples/networkflowmonitor/create-monitor.rst @@ -0,0 +1,19 @@ +**To create a monitor** + +The following ``create-monitor`` example creates a monitor named ``demo`` in the specified account. :: + + aws networkflowmonitor create-monitor \ + --monitor-name demo \ + --local-resources type="AWS::EC2::VPC",identifier="arn:aws:ec2:us-east-1:123456789012:vpc/vpc-03ea55eeda25adbb0" \ + --scope-arn arn:aws:networkflowmonitor:us-east-1:123456789012:scope/e21cda79-30a0-4c12-9299-d8629d76d8cf + +Output:: + + { + "monitorArn": "arn:aws:networkflowmonitor:us-east-1:123456789012:monitor/demo", + "monitorName": "demo", + "monitorStatus": "ACTIVE", + "tags": {} + } + +For more information, see `Create a monitor in Network Flow Monitor `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/create-scope.rst b/awscli/examples/networkflowmonitor/create-scope.rst new file mode 100644 index 000000000000..9e7f3af4883b --- /dev/null +++ b/awscli/examples/networkflowmonitor/create-scope.rst @@ -0,0 +1,16 @@ +**To create a scope** + +The following ``create-scope`` example creates a scope that includes a set of resources for which Network Flow Monitor will generate network traffic metrics. :: + + aws networkflowmonitor create-scope \ + --targets '[{"targetIdentifier":{"targetId":{"accountId":"123456789012"},"targetType":"ACCOUNT"},"region":"us-east-1"}]' + +Output:: + + { + "scopeId": "97626f8d-8a21-4b5d-813a-1a0962dd4615", + "status": "IN_PROGRESS", + "tags": {} + } + +For more information, see `Components and features of Network Flow Monitor `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/delete-monitor.rst b/awscli/examples/networkflowmonitor/delete-monitor.rst new file mode 100644 index 000000000000..1911b20ca793 --- /dev/null +++ b/awscli/examples/networkflowmonitor/delete-monitor.rst @@ -0,0 +1,10 @@ +**To delete a monitor** + +The following ``delete-monitor`` example deletes a monitor named ``demo`` in the specified account. :: + + aws networkflowmonitor delete-monitor \ + --monitor-name demo + +This command produces no output. + +For more information, see `Delete a monitor in Network Flow Monitor `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/delete-scope.rst b/awscli/examples/networkflowmonitor/delete-scope.rst new file mode 100644 index 000000000000..b8e2c8375211 --- /dev/null +++ b/awscli/examples/networkflowmonitor/delete-scope.rst @@ -0,0 +1,10 @@ +**To delete a scope** + +The following ``delete-scope`` example deletes a specified scope. :: + + aws networkflowmonitor delete-scope \ + --scope-id fdc20616-6bb4-4242-a24e-a748e65ca7ac + +This command produces no output. + +For more information, see `Components and features of Network Flow Monitor `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/get-monitor.rst b/awscli/examples/networkflowmonitor/get-monitor.rst new file mode 100644 index 000000000000..e15be2d6c4f5 --- /dev/null +++ b/awscli/examples/networkflowmonitor/get-monitor.rst @@ -0,0 +1,26 @@ +**To retrieve information about a monitor** + +The following ``get-monitor`` example displays information about the monitor named ``demo`` in the specified account. :: + + aws networkflowmonitor get-monitor \ + --monitor-name Demo + +Output:: + + { + "monitorArn": "arn:aws:networkflowmonitor:us-east-1:123456789012:monitor/Demo", + "monitorName": "Demo", + "monitorStatus": "ACTIVE", + "localResources": [ + { + "type": "AWS::EC2::VPC", + "identifier": "arn:aws:ec2:us-east-1:123456789012:vpc/vpc-03ea55eeda25adbb0" + } + ], + "remoteResources": [], + "createdAt": "2024-12-09T12:21:51.616000-06:00", + "modifiedAt": "2024-12-09T12:21:55.412000-06:00", + "tags": {} + } + +For more information, see `Components and features of Network Flow Monitor `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/get-query-results-workload-insights-top-contributors-data.rst b/awscli/examples/networkflowmonitor/get-query-results-workload-insights-top-contributors-data.rst new file mode 100644 index 000000000000..adcdc1f127e8 --- /dev/null +++ b/awscli/examples/networkflowmonitor/get-query-results-workload-insights-top-contributors-data.rst @@ -0,0 +1,30 @@ +**To retrieve the top contributor data on workload insights** + +The following ``get-query-results-workload-insights-top-contributors-data`` example returns the data for the specified query. :: + + aws networkflowmonitor get-query-results-workload-insights-top-contributors-data \ + --scope-id e21cda79-30a0-4c12-9299-d8629d76d8cf \ + --query-id cc4f4ab3-3103-33b8-80ff-d6597a0c6cea + +Output:: + + { + "datapoints": [ + { + "timestamps": [ + "2024-12-09T19:00:00+00:00", + "2024-12-09T19:05:00+00:00", + "2024-12-09T19:10:00+00:00" + ], + "values": [ + 259943.0, + 194856.0, + 216432.0 + ], + "label": "use1-az6" + } + ], + "unit": "Bytes" + } + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/get-query-results-workload-insights-top-contributors.rst b/awscli/examples/networkflowmonitor/get-query-results-workload-insights-top-contributors.rst new file mode 100644 index 000000000000..8b8bb1b65107 --- /dev/null +++ b/awscli/examples/networkflowmonitor/get-query-results-workload-insights-top-contributors.rst @@ -0,0 +1,27 @@ +**To retrieve the top contributors on workload insights** + +The following ``get-query-results-workload-insights-top-contributors`` example returns the data for the specified query. :: + + aws networkflowmonitor get-query-results-workload-insights-top-contributors \ + --scope-id e21cda79-30a0-4c12-9299-d8629d76d8cf \ + --query-id 1fc423d3-b144-37a6-80e6-e2c7d26eea0c + +Output:: + + { + "topContributors": [ + { + "accountId": "123456789012", + "localSubnetId": "subnet-0a5b30fb95dca2c14", + "localAz": "use1-az6", + "localVpcId": "vpc-03ea55eeda25adbb0", + "localRegion": "us-east-1", + "remoteIdentifier": "", + "value": 908443, + "localSubnetArn": "arn:aws:ec2:us-east-1:123456789012:subnet/subnet-0a5b30fb95dca2c14", + "localVpcArn": "arn:aws:ec2:us-east-1:123456789012:vpc/vpc-03ea55eeda25adbb0" + } + ] + } + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/get-query-status-monitor-top-contributors.rst b/awscli/examples/networkflowmonitor/get-query-status-monitor-top-contributors.rst new file mode 100644 index 000000000000..74acb44bcd32 --- /dev/null +++ b/awscli/examples/networkflowmonitor/get-query-status-monitor-top-contributors.rst @@ -0,0 +1,15 @@ +**To retrieve the status of the query** + +The following ``get-query-status-monitor-top-contributors`` example displays the current status of the query in the specified account. :: + + aws networkflowmonitor get-query-status-monitor-top-contributors \ + --monitor-name Demo \ + --query-id 5398eabd-bc40-3f5f-aba3-bcb639d3c7ca + +Output:: + + { + "status": "SUCCEEDED" + } + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/get-query-status-workload-insights-top-contributors-data.rst b/awscli/examples/networkflowmonitor/get-query-status-workload-insights-top-contributors-data.rst new file mode 100644 index 000000000000..b28892592959 --- /dev/null +++ b/awscli/examples/networkflowmonitor/get-query-status-workload-insights-top-contributors-data.rst @@ -0,0 +1,15 @@ +**To retrieve the status of the query** + +The following ``get-query-status-workload-insights-top-contributors-data`` example displays the current status of the query in the specified account. :: + + aws networkflowmonitor get-query-status-workload-insights-top-contributors-data \ + --scope-id e21cda79-30a0-4c12-9299-d8629d76d8cf \ + --query-id 4333754d-8ae1-3f29-b6b7-c36db2e7f8ac + +Output:: + + { + "status": "SUCCEEDED" + } + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/get-query-status-workload-insights-top-contributors.rst b/awscli/examples/networkflowmonitor/get-query-status-workload-insights-top-contributors.rst new file mode 100644 index 000000000000..1b4c4930b9c8 --- /dev/null +++ b/awscli/examples/networkflowmonitor/get-query-status-workload-insights-top-contributors.rst @@ -0,0 +1,15 @@ +**To retrieve the status of the query** + +The following ``get-query-status-workload-insights-top-contributors`` example displays the current status of the query in the specified account. :: + + aws networkflowmonitor get-query-status-workload-insights-top-contributors \ + --scope-id e21cda79-30a0-4c12-9299-d8629d76d8cf \ + --query-id f2a87c70-3e5a-362e-8beb-4747d13d8419 + +Output:: + + { + "status": "SUCCEEDED" + } + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/get-scope.rst b/awscli/examples/networkflowmonitor/get-scope.rst new file mode 100644 index 000000000000..cf073a0dcba2 --- /dev/null +++ b/awscli/examples/networkflowmonitor/get-scope.rst @@ -0,0 +1,28 @@ +**To retrieve information about a scope** + +The following ``get-scope`` example displays information about a scope, such as status, tags, name and target details. :: + + aws networkflowmonitor get-scope \ + --scope-id e21cda79-30a0-4c12-9299-d8629d76d8cf + +Output:: + + { + "scopeId": "e21cda79-30a0-4c12-9299-d8629d76d8cf", + "status": "SUCCEEDED", + "scopeArn": "arn:aws:networkflowmonitor:us-east-1:123456789012:scope/e21cda79-30a0-4c12-9299-d8629d76d8cf", + "targets": [ + { + "targetIdentifier": { + "targetId": { + "accountId": "123456789012" + }, + "targetType": "ACCOUNT" + }, + "region": "us-east-1" + } + ], + "tags": {} + } + +For more information, see `Components and features of Network Flow Monitor `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/list-monitors.rst b/awscli/examples/networkflowmonitor/list-monitors.rst new file mode 100644 index 000000000000..bb5fac04456e --- /dev/null +++ b/awscli/examples/networkflowmonitor/list-monitors.rst @@ -0,0 +1,19 @@ +**To retrieve a list of monitors** + +The following ``list-monitors`` example returns returns all the monitors in the specified account. :: + + aws networkflowmonitor list-monitors + +Output:: + + { + "monitors": [ + { + "monitorArn": "arn:aws:networkflowmonitor:us-east-1:123456789012:monitor/Demo", + "monitorName": "Demo", + "monitorStatus": "ACTIVE" + } + ] + } + +For more information, see `Components and features of Network Flow Monitor `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/list-scopes.rst b/awscli/examples/networkflowmonitor/list-scopes.rst new file mode 100644 index 000000000000..cb6f8695f68b --- /dev/null +++ b/awscli/examples/networkflowmonitor/list-scopes.rst @@ -0,0 +1,19 @@ +**To retrieve a list of scopes** + +The following ``list-scopes`` example lists all scopes in the specified account. :: + + aws networkflowmonitor list-scopes + +Output:: + + { + "scopes": [ + { + "scopeId": "fdc20616-6bb4-4242-a24e-a748e65ca7ac", + "status": "SUCCEEDED", + "scopeArn": "arn:aws:networkflowmonitor:us-east-1:123456789012:scope/fdc20616-6bb4-4242-a24e-a748e65ca7ac" + } + ] + } + +For more information, see `Components and features of Network Flow Monitor `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/list-tags-for-resource.rst b/awscli/examples/networkflowmonitor/list-tags-for-resource.rst new file mode 100644 index 000000000000..7a93df77040e --- /dev/null +++ b/awscli/examples/networkflowmonitor/list-tags-for-resource.rst @@ -0,0 +1,17 @@ +**To list the tags** + +The following ``list-tags-for-resource`` example returns all the tags associated with the specified resource. :: + + aws networkflowmonitor list-tags-for-resource \ + --resource-arn arn:aws:networkflowmonitor:us-east-1:123456789012:monitor/Demo + +Output:: + + { + "tags": { + "Value": "Production", + "Key": "stack" + } + } + +For more information, see `Tagging your Amazon CloudWatch resources `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/start-query-monitor-top-contributors.rst b/awscli/examples/networkflowmonitor/start-query-monitor-top-contributors.rst new file mode 100644 index 000000000000..bf06a321e278 --- /dev/null +++ b/awscli/examples/networkflowmonitor/start-query-monitor-top-contributors.rst @@ -0,0 +1,18 @@ +**To start a query** + +The following ``start-query-monitor-top-contributors`` example starts the query which returns a query ID to retrieve the top contributors. :: + + aws networkflowmonitor start-query-monitor-top-contributors \ + --monitor-name Demo \ + --start-time 2024-12-09T19:00:00Z \ + --end-time 2024-12-09T19:15:00Z \ + --metric-name DATA_TRANSFERRED \ + --destination-category UNCLASSIFIED + +Output:: + + { + "queryId": "aecd3a88-0283-35b0-a17d-6e944dc8531d" + } + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/start-query-workload-insights-top-contributors-data.rst b/awscli/examples/networkflowmonitor/start-query-workload-insights-top-contributors-data.rst new file mode 100644 index 000000000000..f0bdade153e5 --- /dev/null +++ b/awscli/examples/networkflowmonitor/start-query-workload-insights-top-contributors-data.rst @@ -0,0 +1,18 @@ +**To start a query** + +The following ``start-query-workload-insights-top-contributors-data`` example starts the query which returns a query ID to retrieve the top contributors. :: + + aws networkflowmonitor start-query-workload-insights-top-contributors-data \ + --scope-id e21cda79-30a0-4c12-9299-d8629d76d8cf \ + --start-time 2024-12-09T19:00:00Z \ + --end-time 2024-12-09T19:15:00Z \ + --metric-name DATA_TRANSFERRED \ + --destination-category UNCLASSIFIED + +Output:: + + { + "queryId": "cc4f4ab3-3103-33b8-80ff-d6597a0c6cea" + } + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. diff --git a/awscli/examples/networkflowmonitor/start-query-workload-insights-top-contributors.rst b/awscli/examples/networkflowmonitor/start-query-workload-insights-top-contributors.rst new file mode 100644 index 000000000000..2e9f58032e86 --- /dev/null +++ b/awscli/examples/networkflowmonitor/start-query-workload-insights-top-contributors.rst @@ -0,0 +1,18 @@ +**To start a query** + +The following ``start-query-workload-insights-top-contributors`` example starts the query which returns a query ID to retrieve the top contributors. :: + + aws networkflowmonitor start-query-workload-insights-top-contributors \ + --scope-id e21cda79-30a0-4c12-9299-d8629d76d8cf \ + --start-time 2024-12-09T19:00:00Z \ + --end-time 2024-12-09T19:15:00Z \ + --metric-name DATA_TRANSFERRED \ + --destination-category UNCLASSIFIED + +Output:: + + { + "queryId": "1fc423d3-b144-37a6-80e6-e2c7d26eea0c" + } + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/stop-query-monitor-top-contributors.rst b/awscli/examples/networkflowmonitor/stop-query-monitor-top-contributors.rst new file mode 100644 index 000000000000..a0584f2bde6d --- /dev/null +++ b/awscli/examples/networkflowmonitor/stop-query-monitor-top-contributors.rst @@ -0,0 +1,11 @@ +**To stop a query** + +The following ``stop-query-monitor-top-contributors`` example stops the query in the specified account. :: + + aws networkflowmonitor stop-query-monitor-top-contributors \ + --monitor-name Demo \ + --query-id aecd3a88-0283-35b0-a17d-6e944dc8531d + +This command produces no output. + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/stop-query-workload-insights-top-contributors-data.rst b/awscli/examples/networkflowmonitor/stop-query-workload-insights-top-contributors-data.rst new file mode 100644 index 000000000000..713a278c14fc --- /dev/null +++ b/awscli/examples/networkflowmonitor/stop-query-workload-insights-top-contributors-data.rst @@ -0,0 +1,11 @@ +**To stop a query** + +The following ``stop-query-workload-insights-top-contributors-data`` example stops the query in the specified account. :: + + aws networkflowmonitor stop-query-workload-insights-top-contributors-data \ + --scope-id e21cda79-30a0-4c12-9299-d8629d76d8cf \ + --query-id cc4f4ab3-3103-33b8-80ff-d6597a0c6cea + +This command produces no output. + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. diff --git a/awscli/examples/networkflowmonitor/stop-query-workload-insights-top-contributors.rst b/awscli/examples/networkflowmonitor/stop-query-workload-insights-top-contributors.rst new file mode 100644 index 000000000000..f90e788be97f --- /dev/null +++ b/awscli/examples/networkflowmonitor/stop-query-workload-insights-top-contributors.rst @@ -0,0 +1,11 @@ +**To stop a query** + +The following ``stop-query-workload-insights-top-contributors`` example stops the query in the specified account. :: + + aws networkflowmonitor stop-query-workload-insights-top-contributors \ + --scope-id e21cda79-30a0-4c12-9299-d8629d76d8cf \ + --query-id 1fc423d3-b144-37a6-80e6-e2c7d26eea0c + +This command produces no output. + +For more information, see `Evaluate network flows with workload insights `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/tag-resource.rst b/awscli/examples/networkflowmonitor/tag-resource.rst new file mode 100644 index 000000000000..a974a71740c5 --- /dev/null +++ b/awscli/examples/networkflowmonitor/tag-resource.rst @@ -0,0 +1,11 @@ +**To add a tag to the specified resource** + +The following ``tag-resource`` example adds a tag to the monitor in the specified account. :: + + aws networkflowmonitor tag-resource \ + --resource-arn arn:aws:networkflowmonitor:us-east-1:123456789012:monitor/Demo \ + --tags Key=stack,Value=Production + +This command produces no output. + +For more information, see `Tagging your Amazon CloudWatch resources `__ in the *Amazon CloudWatch User Guide*. diff --git a/awscli/examples/networkflowmonitor/untag-resource.rst b/awscli/examples/networkflowmonitor/untag-resource.rst new file mode 100644 index 000000000000..bc80c4b0a9c1 --- /dev/null +++ b/awscli/examples/networkflowmonitor/untag-resource.rst @@ -0,0 +1,11 @@ +**To remove a tag from the specified resource** + +The following ``untag-resource`` example removes a tag from the monitor in the specified account. :: + + aws networkflowmonitor untag-resource \ + --resource-arn arn:aws:networkflowmonitor:us-east-1:123456789012:monitor/Demo \ + --tag-keys stack + +This command produces no output. + +For more information, see `Tagging your Amazon CloudWatch resources `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkflowmonitor/update-monitor.rst b/awscli/examples/networkflowmonitor/update-monitor.rst new file mode 100644 index 000000000000..a97a288bf801 --- /dev/null +++ b/awscli/examples/networkflowmonitor/update-monitor.rst @@ -0,0 +1,21 @@ +**To update an existing monitor** + +The following ``update-monitor`` example updates the monitor named ``Demo`` in the specified account. :: + + aws networkflowmonitor update-monitor \ + --monitor-name Demo \ + --local-resources-to-add type="AWS::EC2::VPC",identifier="arn:aws:ec2:us-east-1:123456789012:vpc/vpc-048d08dfbec623f94" + +Output:: + + { + "monitorArn": "arn:aws:networkflowmonitor:us-east-1:123456789012:monitor/Demo", + "monitorName": "Demo", + "monitorStatus": "ACTIVE", + "tags": { + "Value": "Production", + "Key": "stack" + } + } + +For more information, see `Components and features of Network Flow Monitor `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmanager/create-core-network.rst b/awscli/examples/networkmanager/create-core-network.rst index ae811ead4907..6817bcce2d6a 100644 --- a/awscli/examples/networkmanager/create-core-network.rst +++ b/awscli/examples/networkmanager/create-core-network.rst @@ -3,17 +3,17 @@ The following ``create-core-network`` example creates a core network using an optional description and tags within an AWS Cloud WAN global network. :: aws networkmanager create-core-network \ - --global-network-id global-network-0d59060f16a73bc41\ - --description "Main headquarters location"\ + --global-network-id global-network-cdef-EXAMPLE22222 \ + --description "Main headquarters location" \ --tags Key=Name,Value="New York City office" Output:: { "CoreNetwork": { - "GlobalNetworkId": "global-network-0d59060f16a73bc41", - "CoreNetworkId": "core-network-0fab62fe438d94db6", - "CoreNetworkArn": "arn:aws:networkmanager::987654321012:core-network/core-network-0fab62fe438d94db6", + "GlobalNetworkId": "global-network-cdef-EXAMPLE22222", + "CoreNetworkId": "core-network-cdef-EXAMPLE33333", + "CoreNetworkArn": "arn:aws:networkmanager::987654321012:core-network/core-network-cdef-EXAMPLE33333", "Description": "Main headquarters location", "CreatedAt": "2022-01-10T19:53:59+00:00", "State": "AVAILABLE", @@ -26,4 +26,4 @@ Output:: } } -For more information, see `Core networks `__ in the *AWS Cloud WAN User Guide*. \ No newline at end of file +For more information, see `Global and core networks `__ in the *AWS Cloud WAN User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmanager/delete-bucket-analytics-configuration.rst b/awscli/examples/networkmanager/delete-bucket-analytics-configuration.rst index 47d350e423f5..51c3d0a5f88a 100755 --- a/awscli/examples/networkmanager/delete-bucket-analytics-configuration.rst +++ b/awscli/examples/networkmanager/delete-bucket-analytics-configuration.rst @@ -3,7 +3,7 @@ The following ``delete-bucket-analytics-configuration`` example removes the analytics configuration for the specified bucket and ID. :: aws s3api delete-bucket-analytics-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 1 This command produces no output. \ No newline at end of file diff --git a/awscli/examples/networkmanager/delete-bucket-metrics-configuration.rst b/awscli/examples/networkmanager/delete-bucket-metrics-configuration.rst index 325d31ce2dc7..6b428609f898 100755 --- a/awscli/examples/networkmanager/delete-bucket-metrics-configuration.rst +++ b/awscli/examples/networkmanager/delete-bucket-metrics-configuration.rst @@ -3,7 +3,7 @@ The following ``delete-bucket-metrics-configuration`` example removes the metrics configuration for the specified bucket and ID. :: aws s3api delete-bucket-metrics-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 123 This command produces no output. \ No newline at end of file diff --git a/awscli/examples/networkmanager/delete-public-access-block.rst b/awscli/examples/networkmanager/delete-public-access-block.rst index 563a8b5069b9..54fd0ee6dc40 100755 --- a/awscli/examples/networkmanager/delete-public-access-block.rst +++ b/awscli/examples/networkmanager/delete-public-access-block.rst @@ -3,6 +3,6 @@ The following ``delete-public-access-block`` example removes the block public access configuration on the specified bucket. :: aws s3api delete-public-access-block \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket This command produces no output. diff --git a/awscli/examples/networkmanager/get-bucket-analytics-configuration.rst b/awscli/examples/networkmanager/get-bucket-analytics-configuration.rst index e9e0bba7eb41..b6f1ffe97f48 100755 --- a/awscli/examples/networkmanager/get-bucket-analytics-configuration.rst +++ b/awscli/examples/networkmanager/get-bucket-analytics-configuration.rst @@ -3,7 +3,7 @@ The following ``get-bucket-analytics-configuration`` example displays the analytics configuration for the specified bucket and ID. :: aws s3api get-bucket-analytics-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 1 Output:: diff --git a/awscli/examples/networkmanager/get-bucket-metrics-configuration.rst b/awscli/examples/networkmanager/get-bucket-metrics-configuration.rst index d0628a55f7e2..bfed5f1804de 100755 --- a/awscli/examples/networkmanager/get-bucket-metrics-configuration.rst +++ b/awscli/examples/networkmanager/get-bucket-metrics-configuration.rst @@ -3,7 +3,7 @@ The following ``get-bucket-metrics-configuration`` example displays the metrics configuration for the specified bucket and ID. :: aws s3api get-bucket-metrics-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 123 Output:: diff --git a/awscli/examples/networkmanager/get-object-retention.rst b/awscli/examples/networkmanager/get-object-retention.rst index ebd67e632b54..d2930010a993 100755 --- a/awscli/examples/networkmanager/get-object-retention.rst +++ b/awscli/examples/networkmanager/get-object-retention.rst @@ -3,7 +3,7 @@ The following ``get-object-retention`` example retrieves the object retention configuration for the specified object. :: aws s3api get-object-retention \ - --bucket my-bucket-with-object-lock \ + --bucket amzn-s3-demo-bucket-with-object-lock \ --key doc1.rtf Output:: diff --git a/awscli/examples/networkmanager/get-public-access-block.rst b/awscli/examples/networkmanager/get-public-access-block.rst index 8bf9dcdbea6d..abd1b972aac5 100755 --- a/awscli/examples/networkmanager/get-public-access-block.rst +++ b/awscli/examples/networkmanager/get-public-access-block.rst @@ -2,7 +2,7 @@ The following ``get-public-access-block`` example displays the block public access configuration for the specified bucket. :: - aws s3api get-public-access-block --bucket my-bucket + aws s3api get-public-access-block --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/networkmanager/list-bucket-analytics-configurations.rst b/awscli/examples/networkmanager/list-bucket-analytics-configurations.rst index cedf797292d1..93d5131d76cc 100755 --- a/awscli/examples/networkmanager/list-bucket-analytics-configurations.rst +++ b/awscli/examples/networkmanager/list-bucket-analytics-configurations.rst @@ -3,7 +3,7 @@ The following ``list-bucket-analytics-configurations`` retrieves a list of analytics configurations for the specified bucket. :: aws s3api list-bucket-analytics-configurations \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/networkmanager/list-bucket-metrics-configurations.rst b/awscli/examples/networkmanager/list-bucket-metrics-configurations.rst index 769c4d7404b6..79145dd11cc0 100755 --- a/awscli/examples/networkmanager/list-bucket-metrics-configurations.rst +++ b/awscli/examples/networkmanager/list-bucket-metrics-configurations.rst @@ -3,7 +3,7 @@ The following ``list-bucket-metrics-configurations`` example retrieves a list of metrics configurations for the specified bucket. :: aws s3api list-bucket-metrics-configurations \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/networkmanager/put-bucket-metrics-configuration.rst b/awscli/examples/networkmanager/put-bucket-metrics-configuration.rst index 024118e03e96..7e6b3123eab3 100755 --- a/awscli/examples/networkmanager/put-bucket-metrics-configuration.rst +++ b/awscli/examples/networkmanager/put-bucket-metrics-configuration.rst @@ -3,7 +3,7 @@ The following ``put-bucket-metrics-configuration`` example sets a metric configuration with ID 123 for the specified bucket. :: aws s3api put-bucket-metrics-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 123 \ --metrics-configuration '{"Id": "123", "Filter": {"Prefix": "logs"}}' diff --git a/awscli/examples/networkmanager/put-object-retention.rst b/awscli/examples/networkmanager/put-object-retention.rst index f2fc164f16cf..092a22937b15 100755 --- a/awscli/examples/networkmanager/put-object-retention.rst +++ b/awscli/examples/networkmanager/put-object-retention.rst @@ -3,7 +3,7 @@ The following ``put-object-retention`` example sets an object retention configuration for the specified object until 2025-01-01. :: aws s3api put-object-retention \ - --bucket my-bucket-with-object-lock \ + --bucket amzn-s3-demo-bucket-with-object-lock \ --key doc1.rtf \ --retention '{ "Mode": "GOVERNANCE", "RetainUntilDate": "2025-01-01T00:00:00" }' diff --git a/awscli/examples/networkmanager/put-public-access-block.rst b/awscli/examples/networkmanager/put-public-access-block.rst index f06bf915f85d..5d082bc98d34 100755 --- a/awscli/examples/networkmanager/put-public-access-block.rst +++ b/awscli/examples/networkmanager/put-public-access-block.rst @@ -3,7 +3,7 @@ The following ``put-public-access-block`` example sets a restrictive block public access configuration for the specified bucket. :: aws s3api put-public-access-block \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --public-access-block-configuration "BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true" This command produces no output. diff --git a/awscli/examples/networkmanager/start-route-analysis.rst b/awscli/examples/networkmanager/start-route-analysis.rst new file mode 100644 index 000000000000..ef563c285d2c --- /dev/null +++ b/awscli/examples/networkmanager/start-route-analysis.rst @@ -0,0 +1,35 @@ +**To start route analysis** + +The following ``start-route-analysis`` example starts the analysis between a source and destination, including the optional ``include-return-path``. :: + + aws networkmanager start-route-analysis \ + --global-network-id global-network-00aa0aaa0b0aaa000 \ + --source TransitGatewayAttachmentArn=arn:aws:ec2:us-east-1:503089527312:transit-gateway-attachment/tgw-attach-0d4a2d491bf68c093,IpAddress=10.0.0.0 \ + --destination TransitGatewayAttachmentArn=arn:aws:ec2:us-west-1:503089527312:transit-gateway-attachment/tgw-attach-002577f30bb181742,IpAddress=11.0.0.0 \ + --include-return-path + +Output:: + + { + "RouteAnalysis": { + "GlobalNetworkId": "global-network-00aa0aaa0b0aaa000 + "OwnerAccountId": "1111222233333", + "RouteAnalysisId": "a1873de1-273c-470c-1a2bc2345678", + "StartTimestamp": 1695760154.0, + "Status": "RUNNING", + "Source": { + "TransitGatewayAttachmentArn": "arn:aws:ec2:us-east-1:111122223333:transit-gateway-attachment/tgw-attach-1234567890abcdef0, + "TransitGatewayArn": "arn:aws:ec2:us-east-1:111122223333:transit-gateway/tgw-abcdef01234567890", + "IpAddress": "10.0.0.0" + }, + "Destination": { + "TransitGatewayAttachmentArn": "arn:aws:ec2:us-west-1:555555555555:transit-gateway-attachment/tgw-attach-021345abcdef6789", + "TransitGatewayArn": "arn:aws:ec2:us-west-1:111122223333:transit-gateway/tgw-09876543210fedcba0", + "IpAddress": "11.0.0.0" + }, + "IncludeReturnPath": true, + "UseMiddleboxes": false + } + } + +For more information, see `Route Analyzer `__ in the *AWS Global Networks for Transit Gateways User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/create-monitor.rst b/awscli/examples/networkmonitor/create-monitor.rst new file mode 100644 index 000000000000..cdc595852cd4 --- /dev/null +++ b/awscli/examples/networkmonitor/create-monitor.rst @@ -0,0 +1,66 @@ +**Example 1: To create a network monitor with an aggregation period** + +The following ``create-monitor`` example creates a monitor named ``Example_NetworkMonitor`` with an ``aggregationPeriod`` set to ``30`` seconds. The initial ``state`` of the monitor will be ``INACTIVE`` because there are no probes associated with it. The state changes to ``ACTIVE`` only when probes are added. You can use the `update-monitor `__ or `create-probe `__ commands to add probes to this monitor. :: + + aws networkmonitor create-monitor \ + --monitor-name Example_NetworkMonitor \ + --aggregation-period 30 + +Output:: + + { + "monitorArn": "arn:aws:networkmonitor:region:111122223333:monitor/Example_NetworkMonitor", + "monitorName": "Example_NetworkMonitor", + "state": "INACTIVE", + "aggregationPeriod": 30, + "tags": {} + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. + +**Example 2: To create a network monitor with a probe using TCP and also includes tags** + +The following ``create-monitor`` example creates a monitor named ``Example_NetworkMonitor``. The command also creates one probe that uses the ``ICMP`` protocol and includes tags. Since no ``aggregationPeriod`` is passed in the request, ``60`` seconds is set as the default. The ``state`` of the monitor with the probe will be ``PENDING`` until the monitor is ``ACTIVE``. This might take several minutes, at which point the ``state`` will change to ``ACTIVE``, and you can start viewing CloudWatch metrics. :: + + aws networkmonitor create-monitor \ + --monitor-name Example_NetworkMonitor \ + --probes sourceArn=arn:aws:ec2:region:111122223333:subnet/subnet-id,destination=10.0.0.100,destinationPort=80,protocol=TCP,packetSize=56,probeTags={Name=Probe1} \ + --tags Monitor=Monitor1 + +Output:: + + { + "monitorArn": "arn:aws:networkmonitor:region111122223333:monitor/Example_NetworkMonitor", + "monitorName": "Example_NetworkMonitor", + "state": "PENDING", + "aggregationPeriod": 60, + "tags": { + "Monitor": "Monitor1" + } + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. + +**Example 3: To create a network monitor with a probe using ICMP and also includes tags** + +The following ``create-monitor`` example creates a monitor named ``Example_NetworkMonitor`` with an ``aggregationPeriod`` of ``30`` seconds. The command also creates one probe that uses the ``ICMP`` protocol and includes tags. Since no ``aggregationPeriod`` is passed in the request, ``60`` seconds is set as the default. The ``state`` of the monitor with the probe will be ``PENDING`` until the monitor is ``ACTIVE``. This might take several minutes, at which point the ``state`` will change to ``ACTIVE``, and you can start viewing CloudWatch metrics. :: + + aws networkmonitor create-monitor \ + --monitor-name Example_NetworkMonitor \ + --aggregation-period 30 \ + --probes sourceArn=arn:aws:ec2:region111122223333:subnet/subnet-id,destination=10.0.0.100,protocol=ICMP,packetSize=56,probeTags={Name=Probe1} \ + --tags Monitor=Monitor1 + +Output:: + + { + "monitorArn": "arn:aws:networkmonitor:region:111122223333:monitor/Example_NetworkMonitor", + "monitorName": "Example_NetworkMonitor", + "state": "PENDING", + "aggregationPeriod": 30, + "tags": { + "Monitor": "Monitor1" + } + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/create-probe.rst b/awscli/examples/networkmonitor/create-probe.rst new file mode 100644 index 000000000000..8c7a8904a3bf --- /dev/null +++ b/awscli/examples/networkmonitor/create-probe.rst @@ -0,0 +1,52 @@ +**Example 1: To create a probe that uses TCP and add it to a network monitor** + +The following ``create-probe`` example creates a probe that uses the ``TCP`` ``protocol`` and adds the probe to a monitor named ``Example_NetworkMonitor``. Once created, the ``state`` of the monitor with the probe will be ``PENDING`` until the monitor is ``ACTIVE``. This might take several minutes, at which point the state will change to ``ACTIVE``, and you can start viewing CloudWatch metrics. :: + + aws networkmonitor create-probe \ + --monitor-name Example_NetworkMonitor \ + --probe sourceArn=arn:aws:ec2:region:111122223333:subnet/subnet-id,destination=10.0.0.100,destinationPort=80,protocol=TCP,packetSize=56,tags={Name=Probe1} + +Output:: + + { + "probeId": "probe-12345", + "probeArn": "arn:aws:networkmonitor:region:111122223333:probe/probe-12345", + "destination": "10.0.0.100", + "destinationPort": 80, + "packetSize": 56, + "addressFamily": "IPV4", + "vpcId": "vpc-12345", + "state": "PENDING", + "createdAt": "2024-03-29T12:41:57.314000-04:00", + "modifiedAt": "2024-03-29T12:41:57.314000-04:00", + "tags": { + "Name": "Probe1" + } + } + +**Example 2: To create a probe that uses probe using ICMP and add it to a network monitor** + +The following ``create-probe`` example creates a probe that uses the ``ICMP`` ``protocol`` and adds the probe to a monitor named ``Example_NetworkMonitor``. Once created, the ``state`` of the monitor with the probe will be ``PENDING`` until the monitor is ``ACTIVE``. This might take several minutes, at which point the state will change to ``ACTIVE``, and you can start viewing CloudWatch metrics. :: + + aws networkmonitor create-probe \ + --monitor-name Example_NetworkMonitor \ + --probe sourceArn=arn:aws:ec2:region:012345678910:subnet/subnet-id,destination=10.0.0.100,protocol=ICMP,packetSize=56,tags={Name=Probe1} + +Output:: + + { + "probeId": "probe-12345", + "probeArn": "arn:aws:networkmonitor:region:111122223333:probe/probe-12345", + "destination": "10.0.0.100", + "packetSize": 56, + "addressFamily": "IPV4", + "vpcId": "vpc-12345", + "state": "PENDING", + "createdAt": "2024-03-29T12:44:02.452000-04:00", + "modifiedAt": "2024-03-29T12:44:02.452000-04:00", + "tags": { + "Name": "Probe1" + } + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/delete-monitor.rst b/awscli/examples/networkmonitor/delete-monitor.rst new file mode 100644 index 000000000000..7d7c8d268dde --- /dev/null +++ b/awscli/examples/networkmonitor/delete-monitor.rst @@ -0,0 +1,10 @@ +**To delete a monitor** + +The following ``delete-monitor`` example deletes a monitor named ``Example_NetworkMonitor``. :: + + aws networkmonitor delete-monitor \ + --monitor-name Example_NetworkMonitor + +This command produces no output. + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/delete-probe.rst b/awscli/examples/networkmonitor/delete-probe.rst new file mode 100644 index 000000000000..f5455fddd141 --- /dev/null +++ b/awscli/examples/networkmonitor/delete-probe.rst @@ -0,0 +1,11 @@ +**To delete a probe** + +The following ``delete-probe`` example deletes a probe with the ID ``probe-12345`` from a network monitor named ``Example_NetworkMonitor``. :: + + aws networkmonitor delete-probe \ + --monitor-name Example_NetworkMonitor \ + --probe-id probe-12345 + +This command produces no output. + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/get-monitor.rst b/awscli/examples/networkmonitor/get-monitor.rst new file mode 100644 index 000000000000..8971977d43ab --- /dev/null +++ b/awscli/examples/networkmonitor/get-monitor.rst @@ -0,0 +1,21 @@ +**To get monitor information** + +The following ``get-monitor`` example gets information about a monitor named ``Example_NetworkMonitor``. :: + + aws networkmonitor get-monitor \ + --monitor-name Example_NetworkMonitor + +Output:: + + { + "monitorArn": "arn:aws:networkmonitor:region:012345678910:monitor/Example_NetworkMonitor", + "monitorName": "Example_NetworkMonitor", + "state": "ACTIVE", + "aggregationPeriod": 60, + "tags": {}, + "probes": [], + "createdAt": "2024-04-01T17:58:07.211000-04:00", + "modifiedAt": "2024-04-01T17:58:07.211000-04:00" + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/get-probe.rst b/awscli/examples/networkmonitor/get-probe.rst new file mode 100644 index 000000000000..1c5c0ae2b19b --- /dev/null +++ b/awscli/examples/networkmonitor/get-probe.rst @@ -0,0 +1,29 @@ +**To view probe details** + +The following ``get-probe`` example returns details about a probe with the ``probeID`` ``probe-12345`` that's associated with a monitor named ``Example_NetworkMonitor``. :: + + aws networkmonitor get-probe \ + --monitor-name Example_NetworkMonitor \ + --probe-id probe-12345 + +Output:: + + { + "probeId": "probe-12345", + "probeArn": "arn:aws:networkmonitor:region:012345678910:probe/probe-12345", + "sourceArn": "arn:aws:ec2:region:012345678910:subnet/subnet-12345", + "destination": "10.0.0.100", + "destinationPort": 80, + "protocol": "TCP", + "packetSize": 56, + "addressFamily": "IPV4", + "vpcId": "vpc-12345", + "state": "ACTIVE", + "createdAt": "2024-03-29T12:41:57.314000-04:00", + "modifiedAt": "2024-03-29T12:42:28.610000-04:00", + "tags": { + "Name": "Probe1" + } + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/list-monitors.rst b/awscli/examples/networkmonitor/list-monitors.rst new file mode 100644 index 000000000000..4c805d1b915d --- /dev/null +++ b/awscli/examples/networkmonitor/list-monitors.rst @@ -0,0 +1,60 @@ +**Example 1: To list all monitors (single monitor)** + +The following ``list-monitors`` example returns a list of only a single monitor. The monitor's ``state`` is ``ACTIVE`` and it has an ``aggregationPeriod`` of 60 seconds. :: + + aws networkmonitor list-monitors + +Output:: + + { + "monitors": [{ + "monitorArn": "arn:aws:networkmonitor:region:012345678910:monitor/Example_NetworkMonitor", + "monitorName": "Example_NetworkMonitor", + "state": "ACTIVE", + "aggregationPeriod": 60, + "tags": { + "Monitor": "Monitor1" + } + } + ] + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. + +**Example 2: To list all monitors (multiple monitors)** + +The following ``list-monitors`` example returns a list of three monitors. The ``state`` of one monitor is ``ACTIVE`` and generating CloudWatch metrics. The states of the other two monitors are ``INACTIVE`` and not generating CloudWatch metrics. All three monitors use an ``aggregationPeriod`` of 60 seconds. :: + + aws networkmonitor list-monitors + +Output:: + + { + "monitors": [ + { + "monitorArn": "arn:aws:networkmonitor:us-east-1:111122223333:monitor/Example_NetworkMonitor", + "monitorName": "Example_NetworkMonitor", + "state": "INACTIVE", + "aggregationPeriod": 60, + "tags": {} + }, + { + "monitorArn": "arn:aws:networkmonitor:us-east-1:111122223333:monitor/Example_NetworkMonitor2", + "monitorName": "Example_NetworkMonitor2", + "state": "ACTIVE", + "aggregationPeriod": 60, + "tags": { + "Monitor": "Monitor1" + } + }, + { + "monitorArn": "arn:aws:networkmonitor:us-east-1:111122223333:monitor/TestNetworkMonitor_CLI", + "monitorName": "TestNetworkMonitor_CLI", + "state": "INACTIVE", + "aggregationPeriod": 60, + "tags": {} + } + ] + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/list-tags-for-resource.rst b/awscli/examples/networkmonitor/list-tags-for-resource.rst new file mode 100644 index 000000000000..90dd21f74b99 --- /dev/null +++ b/awscli/examples/networkmonitor/list-tags-for-resource.rst @@ -0,0 +1,17 @@ +**To list tags for a resource** + +The following ``list-tags-for-resource`` example returns a list of the tags for a monitor named ``Example_NetworkMonitor``. :: + + aws networkmonitor list-tags-for-resource \ + --resource-arn arn:aws:networkmonitor:region:012345678910:monitor/Example_NetworkMonitor + +Output:: + + { + "tags": { + "Environment": "Dev", + "Application": "PetStore" + } + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/tag-resource.rst b/awscli/examples/networkmonitor/tag-resource.rst new file mode 100644 index 000000000000..f19860563517 --- /dev/null +++ b/awscli/examples/networkmonitor/tag-resource.rst @@ -0,0 +1,11 @@ +**To tag a resource** + +The following ``tag-resource`` example tags a monitor named ``Example_NetworkMonitor`` with ``Environment=Dev`` and ``Application=PetStore`` tags. :: + + aws networkmonitor tag-resource \ + --resource-arn arn:aws:networkmonitor:region:012345678910:monitor/Example_NetworkMonitor \ + --tags Environment=Dev,Application=PetStore + +This command produces no output. + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/untag-resource.rst b/awscli/examples/networkmonitor/untag-resource.rst new file mode 100644 index 000000000000..0d4930688471 --- /dev/null +++ b/awscli/examples/networkmonitor/untag-resource.rst @@ -0,0 +1,11 @@ +**To untag a resource** + +The following ``untag-resource`` example removes a ``tag-keys`` parameter with the key-value pair of ``Environment Application`` from its association with a monitor named ``Example_NetworkMonitor``. :: + + aws networkmonitor untag-resource \ + --resource-arn arn:aws:networkmonitor:region:012345678910:monitor/Example_NetworkMonitor \ + --tag-keys Environment Application + +This command produces no output. + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/update-monitor.rst b/awscli/examples/networkmonitor/update-monitor.rst new file mode 100644 index 000000000000..41b58e31cd9d --- /dev/null +++ b/awscli/examples/networkmonitor/update-monitor.rst @@ -0,0 +1,21 @@ +**To update a monitor** + +The following ``update-monitor`` example changes a monitor's ``aggregationPeriod`` from ``60`` seconds to ``30`` seconds. :: + + aws networkmonitor update-monitor \ + --monitor-name Example_NetworkMonitor \ + --aggregation-period 30 + +Output:: + + { + "monitorArn": "arn:aws:networkmonitor:region:012345678910:monitor/Example_NetworkMonitor", + "monitorName": "Example_NetworkMonitor", + "state": "PENDING", + "aggregationPeriod": 30, + "tags": { + "Monitor": "Monitor1" + } + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/networkmonitor/update-probe.rst b/awscli/examples/networkmonitor/update-probe.rst new file mode 100644 index 000000000000..aa3d47326f75 --- /dev/null +++ b/awscli/examples/networkmonitor/update-probe.rst @@ -0,0 +1,31 @@ +**To update a probe** + +The following ``update-probe`` example updates a probe's original ``destination`` IP address and also updates the ``packetSize`` to ``60``. :: + + aws networkmonitor update-probe \ + --monitor-name Example_NetworkMonitor \ + --probe-id probe-12345 \ + --destination 10.0.0.150 \ + --packet-size 60 + +Output:: + + { + "probeId": "probe-12345", + "probeArn": "arn:aws:networkmonitor:region:012345678910:probe/probe-12345", + "sourceArn": "arn:aws:ec2:region:012345678910:subnet/subnet-12345", + "destination": "10.0.0.150", + "destinationPort": 80, + "protocol": "TCP", + "packetSize": 60, + "addressFamily": "IPV4", + "vpcId": "vpc-12345", + "state": "PENDING", + "createdAt": "2024-03-29T12:41:57.314000-04:00", + "modifiedAt": "2024-03-29T13:52:23.115000-04:00", + "tags": { + "Name": "Probe1" + } + } + +For more information, see `How Amazon CloudWatch Network Monitor Works `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/nimble/get-eula.rst b/awscli/examples/nimble/get-eula.rst deleted file mode 100644 index 47cac3d7e23c..000000000000 --- a/awscli/examples/nimble/get-eula.rst +++ /dev/null @@ -1,20 +0,0 @@ -**To get information about your studio** - -The following ``get-eula`` example lists the information about an EULA. :: - - aws nimble get-eula \ - --eula-id "EULAid" - -Output:: - - { - "eula": { - "content": "https://www.mozilla.org/en-US/MPL/2.0/", - "createdAt": "2021-04-20T16:45:23+00:00", - "eulaId": "gJZLygd-Srq_5NNbSfiaLg", - "name": "Mozilla-FireFox", - "updatedAt": "2021-04-20T16:45:23+00:00" - } - } - -For more information, see `Accept the EULA `__ in the *Amazon Nimble Studio User Guide*. \ No newline at end of file diff --git a/awscli/examples/nimble/get-launch-profile-details.rst b/awscli/examples/nimble/get-launch-profile-details.rst deleted file mode 100644 index b4d4aa271cab..000000000000 --- a/awscli/examples/nimble/get-launch-profile-details.rst +++ /dev/null @@ -1,154 +0,0 @@ -**To list the available widgets** - -The following ``get-launch-profile-details`` example lists the details about a launch profile. :: - - aws nimble get-launch-profile-details \ - --studio-id "StudioID" \ - --launch-profile-id "LaunchProfileID" - -Output:: - - { - "launchProfile": { - "arn": "arn:aws:nimble:us-west-2:123456789012:launch-profile/yeG7lDwNQEiwNTRT7DrV7Q", - "createdAt": "2022-01-27T21:18:59+00:00", - "createdBy": "AROA3OO2NEHCCYRNDDIFT:i-EXAMPLE11111", - "description": "The Launch Profile for the Render workers created by StudioBuilder.", - "ec2SubnetIds": [ - "subnet-EXAMPLE11111" - ], - "launchProfileId": "yeG7lDwNQEiwNTRT7DrV7Q", - "launchProfileProtocolVersions": [ - "2021-03-31" - ], - "name": "RenderWorker-Default", - "state": "READY", - "statusCode": "LAUNCH_PROFILE_CREATED", - "statusMessage": "Launch Profile has been created", - "streamConfiguration": { - "clipboardMode": "ENABLED", - "ec2InstanceTypes": [ - "g4dn.4xlarge", - "g4dn.8xlarge" - ], - "maxSessionLengthInMinutes": 690, - "maxStoppedSessionLengthInMinutes": 0, - "streamingImageIds": [ - "Cw_jXnp1QcSSXhE2hkNRoQ", - "YGXAqgoWTnCNSV8VP20sHQ" - ] - }, - "studioComponentIds": [ - "_hR_-RaAReSOjAnLakbX7Q", - "vQ5w_TbIRayPkAZgcbyYRA", - "ZQuMxN99Qfa_Js6ma9TwdA", - "45KjOSPPRzK2OyvpCuQ6qw" - ], - "tags": { - "resourceArn": "arn:aws:nimble:us-west-2:123456789012:launch-profile/yeG7lDwNQEiwNTRT7DrV7Q" - }, - "updatedAt": "2022-01-27T21:19:13+00:00", - "updatedBy": "AROA3OO2NEHCCYRNDDIFT:i-00b98256b04d9e989", - "validationResults": [ - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_ACTIVE_DIRECTORY_STUDIO_COMPONENT" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_SUBNET_ASSOCIATION" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_NETWORK_ACL_ASSOCIATION" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_SECURITY_GROUP_ASSOCIATION" - } - ] - }, - "streamingImages": [ - { - "arn": "arn:aws:nimble:us-west-2:123456789012:streaming-image/Cw_jXnp1QcSSXhE2hkNRoQ", - "description": "Base windows image for NimbleStudio", - "ec2ImageId": "ami-EXAMPLE11111", - "eulaIds": [ - "gJZLygd-Srq_5NNbSfiaLg", - "ggK2eIw6RQyt8PIeeOlD3g", - "a-D9Wc0VQCKUfxAinCDxaw", - "RvoNmVXiSrS4LhLTb6ybkw", - "wtp85BcSTa2NZeNRnMKdjw", - "Rl-J0fM5Sl2hyIiwWIV6hw" - ], - "name": "NimbleStudioWindowsStreamImage", - "owner": "amazon", - "platform": "WINDOWS", - "state": "READY", - "streamingImageId": "Cw_jXnp1QcSSXhE2hkNRoQ", - "tags": { - "resourceArn": "arn:aws:nimble:us-west-2:123456789012:streaming-image/Cw_jXnp1QcSSXhE2hkNRoQ" - } - }, - { - "arn": "arn:aws:nimble:us-west-2:123456789012:streaming-image/YGXAqgoWTnCNSV8VP20sHQ", - "description": "Base linux image for NimbleStudio", - "ec2ImageId": "ami-EXAMPLE11111", - "eulaIds": [ - "gJZLygd-Srq_5NNbSfiaLg", - "ggK2eIw6RQyt8PIeeOlD3g", - "a-D9Wc0VQCKUfxAinCDxaw", - "RvoNmVXiSrS4LhLTb6ybkw", - "wtp85BcSTa2NZeNRnMKdjw", - "Rl-J0fM5Sl2hyIiwWIV6hw" - ], - "name": "NimbleStudioLinuxStreamImage", - "owner": "amazon", - "platform": "LINUX", - "state": "READY", - "streamingImageId": "YGXAqgoWTnCNSV8VP20sHQ", - "tags": { - "resourceArn": "arn:aws:nimble:us-west-2:123456789012:streaming-image/YGXAqgoWTnCNSV8VP20sHQ" - } - } - ], - "studioComponentSummaries": [ - { - "description": "FSx for Windows", - "name": "FSxWindows", - "studioComponentId": "ZQuMxN99Qfa_Js6ma9TwdA", - "subtype": "AMAZON_FSX_FOR_WINDOWS", - "type": "SHARED_FILE_SYSTEM" - }, - { - "description": "Instance configuration studio component.", - "name": "InstanceConfiguration", - "studioComponentId": "vQ5w_TbIRayPkAZgcbyYRA", - "subtype": "CUSTOM", - "type": "CUSTOM" - }, - { - "name": "ActiveDirectory", - "studioComponentId": "_hR_-RaAReSOjAnLakbX7Q", - "subtype": "AWS_MANAGED_MICROSOFT_AD", - "type": "ACTIVE_DIRECTORY" - }, - { - "description": "Render farm running Deadline", - "name": "RenderFarm", - "studioComponentId": "45KjOSPPRzK2OyvpCuQ6qw", - "subtype": "CUSTOM", - "type": "COMPUTE_FARM" - } - ] - } - -For more information, see `Creating launch profiles `__ in the *Amazon Nimble Studio User Guide*. \ No newline at end of file diff --git a/awscli/examples/nimble/get-launch-profile.rst b/awscli/examples/nimble/get-launch-profile.rst deleted file mode 100644 index 554bfbb5eecb..000000000000 --- a/awscli/examples/nimble/get-launch-profile.rst +++ /dev/null @@ -1,79 +0,0 @@ -**To list the available widgets** - -The following ``get-launch-profile`` example lists information about a launch profile. :: - - aws nimble get-launch-profile \ - --studio-id "StudioID" \ - --launch-profile-id "LaunchProfileID" - -Output:: - - { - "launchProfile": { - "arn": "arn:aws:nimble:us-west-2:123456789012:launch-profile/yeG7lDwNQEiwNTRT7DrV7Q", - "createdAt": "2022-01-27T21:18:59+00:00", - "createdBy": "AROA3OO2NEHCCYRNDDIFT:i-EXAMPLE11111", - "description": "The Launch Profile for the Render workers created by StudioBuilder.", - "ec2SubnetIds": [ - "subnet-EXAMPLE11111" - ], - "launchProfileId": "yeG7lDwNQEiwNTRT7DrV7Q", - "launchProfileProtocolVersions": [ - "2021-03-31" - ], - "name": "RenderWorker-Default", - "state": "READY", - "statusCode": "LAUNCH_PROFILE_CREATED", - "statusMessage": "Launch Profile has been created", - "streamConfiguration": { - "clipboardMode": "ENABLED", - "ec2InstanceTypes": [ - "g4dn.4xlarge", - "g4dn.8xlarge" - ], - "maxSessionLengthInMinutes": 690, - "maxStoppedSessionLengthInMinutes": 0, - "streamingImageIds": [ - "Cw_jXnp1QcSSXhE2hkNRoQ", - "YGXAqgoWTnCNSV8VP20sHQ" - ] - }, - "studioComponentIds": [ - "_hR_-RaAReSOjAnLakbX7Q", - "vQ5w_TbIRayPkAZgcbyYRA", - "ZQuMxN99Qfa_Js6ma9TwdA", - "45KjOSPPRzK2OyvpCuQ6qw" - ], - "tags": {}, - "updatedAt": "2022-01-27T21:19:13+00:00", - "updatedBy": "AROA3OO2NEHCCYRNDDIFT:i-00b98256b04d9e989", - "validationResults": [ - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_ACTIVE_DIRECTORY_STUDIO_COMPONENT" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_SUBNET_ASSOCIATION" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_NETWORK_ACL_ASSOCIATION" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_SECURITY_GROUP_ASSOCIATION" - } - ] - } - } - -For more information, see `Creating launch profiles `__ in the *Amazon Nimble Studio User Guide*. \ No newline at end of file diff --git a/awscli/examples/nimble/get-studio.rst b/awscli/examples/nimble/get-studio.rst deleted file mode 100644 index 1cf82fdb6888..000000000000 --- a/awscli/examples/nimble/get-studio.rst +++ /dev/null @@ -1,33 +0,0 @@ -**To get information about your studio** - -The following ``get-studio`` example lists the studios in your AWS account. :: - - aws nimble get-studio \ - --studio-id "StudioID" - -Output:: - - { - "studio": { - "adminRoleArn": "arn:aws:iam::123456789012:role/studio-admin-role", - "arn": "arn:aws:nimble:us-west-2:123456789012:studio/stid-EXAMPLE11111", - "createdAt": "2022-01-27T20:29:35+00:00", - "displayName": "studio-name", - "homeRegion": "us-west-2", - "ssoClientId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", - "state": "READY", - "statusCode": "STUDIO_CREATED", - "statusMessage": "The studio has been created successfully ", - "studioEncryptionConfiguration": { - "keyType": "AWS_OWNED_KEY" - }, - "studioId": "us-west-2:stid-EXAMPLE11111", - "studioName": "studio-name", - "studioUrl": "https://studio-name.nimblestudio.us-west-2.amazonaws.com", - "tags": {}, - "updatedAt": "2022-01-27T20:29:37+00:00", - "userRoleArn": "arn:aws:iam::123456789012:role/studio-user-role" - } - } - -For more information, see `What is Amazon Nimble Studio? `__ in the *Amazon Nimble Studio User Guide*. diff --git a/awscli/examples/nimble/list-eula-acceptances.rst b/awscli/examples/nimble/list-eula-acceptances.rst deleted file mode 100644 index 96b68500e417..000000000000 --- a/awscli/examples/nimble/list-eula-acceptances.rst +++ /dev/null @@ -1,57 +0,0 @@ -**To list the available widgets** - -The following ``list-eula-acceptances`` example lists the accepted EULAs in your AWS account. :: - - aws nimble list-eula-acceptances \ - --studio-id "StudioID" - -Output:: - - { - "eulaAcceptances": [ - { - "acceptedAt": "2022-01-28T17:44:35+00:00", - "acceptedBy": "92677b4b19-e9fd012a-94ad-4f16-9866-c69a63ab6486", - "accepteeId": "us-west-2:stid-nyoqq12fteqy1x48", - "eulaAcceptanceId": "V0JlpZQaSx6yHcUuX0qfQw", - "eulaId": "Rl-J0fM5Sl2hyIiwWIV6hw" - }, - { - "acceptedAt": "2022-01-28T17:44:35+00:00", - "acceptedBy": "92677b4b19-e9fd012a-94ad-4f16-9866-c69a63ab6486", - "accepteeId": "us-west-2:stid-nyoqq12fteqy1x48", - "eulaAcceptanceId": "YY_uDFW-SVibc627qbug0Q", - "eulaId": "RvoNmVXiSrS4LhLTb6ybkw" - }, - { - "acceptedAt": "2022-01-28T17:44:35+00:00", - "acceptedBy": "92677b4b19-e9fd012a-94ad-4f16-9866-c69a63ab6486", - "accepteeId": "us-west-2:stid-nyoqq12fteqy1x48", - "eulaAcceptanceId": "ovO87PnhQ4-MpttiL5uN6Q", - "eulaId": "a-D9Wc0VQCKUfxAinCDxaw" - }, - { - "acceptedAt": "2022-01-28T17:44:35+00:00", - "acceptedBy": "92677b4b19-e9fd012a-94ad-4f16-9866-c69a63ab6486", - "accepteeId": "us-west-2:stid-nyoqq12fteqy1x48", - "eulaAcceptanceId": "5YeXje4yROamuTESGvqIAQ", - "eulaId": "gJZLygd-Srq_5NNbSfiaLg" - }, - { - "acceptedAt": "2022-01-28T17:44:35+00:00", - "acceptedBy": "92677b4b19-e9fd012a-94ad-4f16-9866-c69a63ab6486", - "accepteeId": "us-west-2:stid-nyoqq12fteqy1x48", - "eulaAcceptanceId": "W1sIn8PtScqeJEn8sxxhgw", - "eulaId": "ggK2eIw6RQyt8PIeeOlD3g" - }, - { - "acceptedAt": "2022-01-28T17:44:35+00:00", - "acceptedBy": "92677b4b19-e9fd012a-94ad-4f16-9866-c69a63ab6486", - "accepteeId": "us-west-2:stid-nyoqq12fteqy1x48", - "eulaAcceptanceId": "Zq9KNEQPRMWJ7FolSoQgUA", - "eulaId": "wtp85BcSTa2NZeNRnMKdjw" - } - ] - } - -For more information, see `Accept the EULA `__ in the *Amazon Nimble Studio User Guide*. \ No newline at end of file diff --git a/awscli/examples/nimble/list-eulas.rst b/awscli/examples/nimble/list-eulas.rst deleted file mode 100644 index 08798a967813..000000000000 --- a/awscli/examples/nimble/list-eulas.rst +++ /dev/null @@ -1,77 +0,0 @@ -**To list the available widgets** - -The following ``list-eulas`` example lists the EULAs in your AWS account. :: - - aws nimble list-eulas - -Output:: - - { - "eulas": [ - { - "content": "https://www.mozilla.org/en-US/MPL/2.0/", - "createdAt": "2021-04-20T16:45:23+00:00", - "eulaId": "gJZLygd-Srq_5NNbSfiaLg", - "name": "Mozilla-FireFox", - "updatedAt": "2021-04-20T16:45:23+00:00" - }, - { - "content": "https://www.awsthinkbox.com/end-user-license-agreement", - "createdAt": "2021-04-20T16:45:24+00:00", - "eulaId": "RvoNmVXiSrS4LhLTb6ybkw", - "name": "Thinkbox-Deadline", - "updatedAt": "2021-04-20T16:45:24+00:00" - }, - { - "content": "https://www.videolan.org/legal.html", - "createdAt": "2021-04-20T16:45:24+00:00", - "eulaId": "Rl-J0fM5Sl2hyIiwWIV6hw", - "name": "Videolan-VLC", - "updatedAt": "2021-04-20T16:45:24+00:00" - }, - { - "content": "https://code.visualstudio.com/license", - "createdAt": "2021-04-20T16:45:23+00:00", - "eulaId": "ggK2eIw6RQyt8PIeeOlD3g", - "name": "Microsoft-VSCode", - "updatedAt": "2021-04-20T16:45:23+00:00" - }, - { - "content": "https://darbyjohnston.github.io/DJV/legal.html#License", - "createdAt": "2021-04-20T16:45:23+00:00", - "eulaId": "wtp85BcSTa2NZeNRnMKdjw", - "name": "DJV-DJV", - "updatedAt": "2021-04-20T16:45:23+00:00" - }, - { - "content": "https://www.sidefx.com/legal/license-agreement/", - "createdAt": "2021-04-20T16:45:24+00:00", - "eulaId": "uu2VDLo-QJeIGWWLBae_UA", - "name": "SideFX-Houdini", - "updatedAt": "2021-04-20T16:45:24+00:00" - }, - { - "content": "https://www.chaosgroup.com/eula", - "createdAt": "2021-04-20T16:45:23+00:00", - "eulaId": "L0HS4P3CRYKVXc2J2LO7Vw", - "name": "ChaosGroup-Vray", - "updatedAt": "2021-04-20T16:45:23+00:00" - }, - { - "content": "https://www.foundry.com/eula", - "createdAt": "2021-04-20T16:45:23+00:00", - "eulaId": "SAuhfHmmSAeUuq3wsMiMlw", - "name": "Foundry-Nuke", - "updatedAt": "2021-04-20T16:45:23+00:00" - }, - { - "content": "https://download.blender.org/release/GPL3-license.txt", - "createdAt": "2021-04-20T16:45:23+00:00", - "eulaId": "a-D9Wc0VQCKUfxAinCDxaw", - "name": "BlenderFoundation-Blender", - "updatedAt": "2021-04-20T16:45:23+00:00" - } - ] - } - -For more information, see `Accept the EULA `__ in the *Amazon Nimble Studio User Guide*. \ No newline at end of file diff --git a/awscli/examples/nimble/list-launch-profiles.rst b/awscli/examples/nimble/list-launch-profiles.rst deleted file mode 100644 index ab0d2d9cf701..000000000000 --- a/awscli/examples/nimble/list-launch-profiles.rst +++ /dev/null @@ -1,146 +0,0 @@ -**To list the available widgets** - -The following ``list-launch-profiles`` example lists the launch profiles in your AWS account. :: - - aws nimble list-launch-profiles \ - --studio-id "StudioID" - -Output:: - - { - "launchProfiles": [ - { - "arn": "arn:aws:nimble:us-west-2:123456789012:launch-profile/yeG7lDwNQEiwNTRT7DrV7Q", - "createdAt": "2022-01-27T21:18:59+00:00", - "createdBy": "AROA3OO2NEHCCYRNDDIFT:i-EXAMPLE11111", - "description": "The Launch Profile for the Render workers created by StudioBuilder.", - "ec2SubnetIds": [ - "subnet-EXAMPLE11111" - ], - "launchProfileId": "yeG7lDwNQEiwNTRT7DrV7Q", - "launchProfileProtocolVersions": [ - "2021-03-31" - ], - "name": "RenderWorker-Default", - "state": "READY", - "statusCode": "LAUNCH_PROFILE_CREATED", - "statusMessage": "Launch Profile has been created", - "streamConfiguration": { - "clipboardMode": "ENABLED", - "ec2InstanceTypes": [ - "g4dn.4xlarge", - "g4dn.8xlarge" - ], - "maxSessionLengthInMinutes": 690, - "maxStoppedSessionLengthInMinutes": 0, - "streamingImageIds": [ - "Cw_jXnp1QcSSXhE2hkNRoQ", - "YGXAqgoWTnCNSV8VP20sHQ" - ] - }, - "studioComponentIds": [ - "_hR_-RaAReSOjAnLakbX7Q", - "vQ5w_TbIRayPkAZgcbyYRA", - "ZQuMxN99Qfa_Js6ma9TwdA", - "45KjOSPPRzK2OyvpCuQ6qw" - ], - "tags": {}, - "updatedAt": "2022-01-27T21:19:13+00:00", - "updatedBy": "AROA3OO2NEHCCYRNDDIFT:i-EXAMPLE11111", - "validationResults": [ - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_ACTIVE_DIRECTORY_STUDIO_COMPONENT" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_SUBNET_ASSOCIATION" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_NETWORK_ACL_ASSOCIATION" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_SECURITY_GROUP_ASSOCIATION" - } - ] - }, - { - "arn": "arn:aws:nimble:us-west-2:123456789012:launch-profile/jDCIm1jRSaa9e44PZ3w7gg", - "createdAt": "2022-01-27T21:19:26+00:00", - "createdBy": "AROA3OO2NEHCCYRNDDIFT:i-EXAMPLE11111", - "description": "This Workstation Launch Profile was created by StudioBuilder", - "ec2SubnetIds": [ - "subnet-046f4205ae535b2cc" - ], - "launchProfileId": "jDCIm1jRSaa9e44PZ3w7gg", - "launchProfileProtocolVersions": [ - "2021-03-31" - ], - "name": "Workstation-Default", - "state": "READY", - "statusCode": "LAUNCH_PROFILE_CREATED", - "statusMessage": "Launch Profile has been created", - "streamConfiguration": { - "clipboardMode": "ENABLED", - "ec2InstanceTypes": [ - "g4dn.4xlarge", - "g4dn.8xlarge" - ], - "maxSessionLengthInMinutes": 690, - "maxStoppedSessionLengthInMinutes": 0, - "streamingImageIds": [ - "Cw_jXnp1QcSSXhE2hkNRoQ", - "YGXAqgoWTnCNSV8VP20sHQ" - ] - }, - "studioComponentIds": [ - "_hR_-RaAReSOjAnLakbX7Q", - "vQ5w_TbIRayPkAZgcbyYRA", - "ZQuMxN99Qfa_Js6ma9TwdA", - "yJSbsHXAQYWk9FXLNusXlQ", - "45KjOSPPRzK2OyvpCuQ6qw" - ], - "tags": {}, - "updatedAt": "2022-01-27T21:19:40+00:00", - "updatedBy": "AROA3OO2NEHCCYRNDDIFT:i-EXAMPLE11111", - "validationResults": [ - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_ACTIVE_DIRECTORY_STUDIO_COMPONENT" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_SUBNET_ASSOCIATION" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_NETWORK_ACL_ASSOCIATION" - }, - { - "state": "VALIDATION_SUCCESS", - "statusCode": "VALIDATION_SUCCESS", - "statusMessage": "The validation succeeded.", - "type": "VALIDATE_SECURITY_GROUP_ASSOCIATION" - } - ] - } - ] - } - -For more information, see `Creating launch profiles `__ in the *Amazon Nimble Studio User Guide*. \ No newline at end of file diff --git a/awscli/examples/nimble/list-studio-components.rst b/awscli/examples/nimble/list-studio-components.rst deleted file mode 100644 index c8fa4f47bfb6..000000000000 --- a/awscli/examples/nimble/list-studio-components.rst +++ /dev/null @@ -1,42 +0,0 @@ -**To list the available widgets** - -The following ``list-studio-components`` example lists the studio components in your AWS account. :: - - aws nimble list-studio-components \ - --studio-id "StudioID" - -Output:: - - { - "studioComponents": [ - { - "arn": "arn:aws:nimble:us-west-2:123456789012:studio-component/ZQuMxN99Qfa_Js6ma9TwdA", - "configuration": { - "sharedFileSystemConfiguration": { - "fileSystemId": "fs-EXAMPLE11111", - "linuxMountPoint": "/mnt/fsxshare", - "shareName": "share", - "windowsMountDrive": "Z" - } - }, - "createdAt": "2022-01-27T21:15:34+00:00", - "createdBy": "AROA3OO2NEHCCYRNDDIFT:i-EXAMPLE11111", - "description": "FSx for Windows", - "ec2SecurityGroupIds": [ - "sg-EXAMPLE11111" - ], - "name": "FSxWindows", - "state": "READY", - "statusCode": "STUDIO_COMPONENT_CREATED", - "statusMessage": "Studio Component has been created", - "studioComponentId": "ZQuMxN99Qfa_Js6ma9TwdA", - "subtype": "AMAZON_FSX_FOR_WINDOWS", - "tags": {}, - "type": "SHARED_FILE_SYSTEM", - "updatedAt": "2022-01-27T21:15:35+00:00", - "updatedBy": "AROA3OO2NEHCCYRNDDIFT:i-EXAMPLE11111" - }, - ... - } - -For more information, see `How StudioBuilder works with Amazon Nimble Studio `__ in the *Amazon Nimble Studio User Guide*. \ No newline at end of file diff --git a/awscli/examples/nimble/list-studio-members.rst b/awscli/examples/nimble/list-studio-members.rst deleted file mode 100644 index a6952e6fc531..000000000000 --- a/awscli/examples/nimble/list-studio-members.rst +++ /dev/null @@ -1,20 +0,0 @@ -**To list the available widgets** - -The following ``list-studio-members`` example lists the available studio members in your AWS account. :: - - aws nimble list-studio-members \ - --studio-id "StudioID" - -Output:: - - { - "members": [ - { - "identityStoreId": "d-EXAMPLE11111", - "persona": "ADMINISTRATOR", - "principalId": "EXAMPLE11111-e9fd012a-94ad-4f16-9866-c69a63ab6486" - } - ] - } - -For more information, see `Adding studio users `__ in the *Amazon Nimble Studio User Guide*. \ No newline at end of file diff --git a/awscli/examples/nimble/list-studios.rst b/awscli/examples/nimble/list-studios.rst deleted file mode 100644 index 10c90110898a..000000000000 --- a/awscli/examples/nimble/list-studios.rst +++ /dev/null @@ -1,34 +0,0 @@ -**To list your studios** - -The following ``list-studios`` example lists the studios in your AWS account. :: - - aws nimble list-studios - -Output:: - - { - "studios": [ - { - "adminRoleArn": "arn:aws:iam::123456789012:role/studio-admin-role", - "arn": "arn:aws:nimble:us-west-2:123456789012:studio/studio-id", - "createdAt": "2022-01-27T20:29:35+00:00", - "displayName": "studio-name", - "homeRegion": "us-west-2", - "ssoClientId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", - "state": "READY", - "statusCode": "STUDIO_CREATED", - "statusMessage": "The studio has been created successfully ", - "studioEncryptionConfiguration": { - "keyType": "AWS_OWNED_KEY" - }, - "studioId": "us-west-2:studio-id", - "studioName": "studio-name", - "studioUrl": "https://studio-name.nimblestudio.us-west-2.amazonaws.com", - "tags": {}, - "updatedAt": "2022-01-27T20:29:37+00:00", - "userRoleArn": "arn:aws:iam::123456789012:role/studio-user-role" - } - ] - } - -For more information, see `What is Amazon Nimble Studio? `__ in the *Amazon Nimble Studio User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/create-link.rst b/awscli/examples/oam/create-link.rst new file mode 100644 index 000000000000..5a028db80ccf --- /dev/null +++ b/awscli/examples/oam/create-link.rst @@ -0,0 +1,24 @@ +**To create a link** + +The following ``create-link`` example creates a link between a source account and a sink that you have created in a monitoring account. :: + + aws oam create-link \ + --label-template sourceAccount \ + --resource-types AWS::CloudWatch::Metric \ + --sink-identifier arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345 + +Output:: + + { + "Arn": "arn:aws:oam:us-east-2:123456789111:link/a1b2c3d4-5678-90ab-cdef-example11111", + "Id": "a1b2c3d4-5678-90ab-cdef-example11111", + "Label": "sourceAccount", + "LabelTemplate": "sourceAccount", + "ResourceTypes": [ + "AWS::CloudWatch::Metric" + ], + "SinkArn": "arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345", + "Tags": {} + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/create-sink.rst b/awscli/examples/oam/create-sink.rst new file mode 100644 index 000000000000..a0afda540b38 --- /dev/null +++ b/awscli/examples/oam/create-sink.rst @@ -0,0 +1,17 @@ +**To create a sink** + +The following ``create-sink`` example creates a sink in the current account, so that it can be used as a monitoring account in CloudWatch cross-account observability. :: + + aws oam create-sink \ + --name DemoSink + +Output:: + + { + "Arn": "arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345", + "Id": "a1b2c3d4-5678-90ab-cdef-example12345", + "Name": "DemoSink", + "Tags": {} + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/delete-link.rst b/awscli/examples/oam/delete-link.rst new file mode 100644 index 000000000000..6e1d6a2f531e --- /dev/null +++ b/awscli/examples/oam/delete-link.rst @@ -0,0 +1,10 @@ +**To delete a link** + +The following ``delete-link`` example deletes a link between a monitoring account sink and a source account. :: + + aws oam delete-link \ + --identifier arn:aws:oam:us-east-2:123456789111:link/a1b2c3d4-5678-90ab-cdef-example11111 + +This command produces no output. + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/delete-sink.rst b/awscli/examples/oam/delete-sink.rst new file mode 100644 index 000000000000..0b5b0a99b6b1 --- /dev/null +++ b/awscli/examples/oam/delete-sink.rst @@ -0,0 +1,10 @@ +**To delete a sink** + +The following ``delete-sink`` example deletes a sink. You must delete all links to a sink before you can delete that sink. :: + + aws oam delete-sink \ + --identifier arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345 + +This command produces no output. + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/get-link.rst b/awscli/examples/oam/get-link.rst new file mode 100644 index 000000000000..efc8215c809c --- /dev/null +++ b/awscli/examples/oam/get-link.rst @@ -0,0 +1,22 @@ +**To return complete information about one link** + +The following ``get-link`` example returns complete information about a link. :: + + aws oam get-link \ + --identifier arn:aws:oam:us-east-2:123456789111:link/a1b2c3d4-5678-90ab-cdef-example11111 + +Output:: + + { + "Arn": "arn:aws:oam:us-east-2:123456789111:link/a1b2c3d4-5678-90ab-cdef-example11111", + "Id": "a1b2c3d4-5678-90ab-cdef-example11111", + "Label": "sourceAccount", + "LabelTemplate": "sourceAccount", + "ResourceTypes": [ + "AWS::CloudWatch::Metric" + ], + "SinkArn": "arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345", + "Tags": {} + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/get-sink-policy.rst b/awscli/examples/oam/get-sink-policy.rst new file mode 100644 index 000000000000..b297c7b41841 --- /dev/null +++ b/awscli/examples/oam/get-sink-policy.rst @@ -0,0 +1,16 @@ +**To return the current sink policy attached to the sink** + +The following ``get-sink-policy`` example returns the current sink policy attached to the sink. :: + + aws oam get-sink-policy \ + --sink-identifier arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345 + +Output:: + + { + "SinkArn": "arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345", + "SinkId": "a1b2c3d4-5678-90ab-cdef-example12345", + "Policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789111:root\"},\"Action\":[\"oam:CreateLink\",\"oam:UpdateLink\"],\"Resource\":\"*\",\"Condition\":{\"ForAllValues:StringEquals\":{\"oam:ResourceTypes\":[\"AWS::Logs::LogGroup\",\"AWS::CloudWatch::Metric\",\"AWS::XRay::Trace\",\"AWS::ApplicationInsights::Application\"]}}}]}" + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/get-sink.rst b/awscli/examples/oam/get-sink.rst new file mode 100644 index 000000000000..3d10760dc35c --- /dev/null +++ b/awscli/examples/oam/get-sink.rst @@ -0,0 +1,17 @@ +**To return complete information about one monitoring account sink** + +The following ``get-sink`` example returns complete information about a monitoring account sink. :: + + aws oam get-sink \ + --identifier arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345 + +Output:: + + { + "Arn": "arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345", + "Id": "a1b2c3d4-5678-90ab-cdef-example12345", + "Name": "DemoSink", + "Tags": {} + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/list-attached-links.rst b/awscli/examples/oam/list-attached-links.rst new file mode 100644 index 000000000000..85bc7ba44fff --- /dev/null +++ b/awscli/examples/oam/list-attached-links.rst @@ -0,0 +1,23 @@ +**To return a list of source account links that are linked to this monitoring account sink** + +The following ``list-attached-links`` example returns a list of source account links that are linked to this monitoring account sink. :: + + aws oam list-attached-links \ + --sink-identifier arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345 + +Output:: + + { + "Items": [{ + "Label": "Monitoring account", + "LinkArn": "arn:aws:oam:us-east-2:123456789111:link/a1b2c3d4-5678-90ab-cdef-example11111", + "ResourceTypes": [ + "AWS::ApplicationInsights::Application", + "AWS::Logs::LogGroup", + "AWS::CloudWatch::Metric", + "AWS::XRay::Trace" + ] + }] + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/list-links.rst b/awscli/examples/oam/list-links.rst new file mode 100644 index 000000000000..a2bb04270675 --- /dev/null +++ b/awscli/examples/oam/list-links.rst @@ -0,0 +1,21 @@ +**To return a list of links for one monitoring account sink** + +The following ``list-links`` example returns a list of links for one monitoring account sink. Run this operation in a source account to return a list of links to monitoring account sinks that this source account has. :: + + aws oam list-links + +Output:: + + { + "Items": [{ + "Arn": "arn:aws:oam:us-east-2:123456789111:link/a1b2c3d4-5678-90ab-cdef-example11111", + "Id": "a1b2c3d4-5678-90ab-cdef-example11111", + "Label": "sourceAccount", + "ResourceTypes": [ + "AWS::CloudWatch::Metric" + ], + "SinkArn": "arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345" + }] + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/list-sinks.rst b/awscli/examples/oam/list-sinks.rst new file mode 100644 index 000000000000..63c172209439 --- /dev/null +++ b/awscli/examples/oam/list-sinks.rst @@ -0,0 +1,19 @@ +**To return the list of sinks created in the monitoring account** + +The following ``list-sinks`` example returns a list of sinks created in the monitoring account. Run this operation in a monitoring account. :: + + aws oam list-sinks + +Output:: + + { + "Items": [ + { + "Arn": "arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345", + "Id": "a1b2c3d4-5678-90ab-cdef-example12345", + "Name": "DemoSink" + } + ] + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/list-tags-for-resource.rst b/awscli/examples/oam/list-tags-for-resource.rst new file mode 100644 index 000000000000..7ed746ae114e --- /dev/null +++ b/awscli/examples/oam/list-tags-for-resource.rst @@ -0,0 +1,16 @@ +**To display the tags associated with a resource** + +The following ``list-tags-for-resource`` example displays the tags associated with a sink. :: + + aws oam list-tags-for-resource \ + --resource-arn arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345 + +Output:: + + { + "Tags": { + "Team": "Devops" + } + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/put-sink-policy.rst b/awscli/examples/oam/put-sink-policy.rst new file mode 100644 index 000000000000..5821fceac850 --- /dev/null +++ b/awscli/examples/oam/put-sink-policy.rst @@ -0,0 +1,17 @@ +**To create or update the resource policy** + +The following ``put-sink-policy`` example creates the resource policy that grants permissions to source accounts to link to the monitoring account sink. :: + + aws oam put-sink-policy \ + --policy '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"AWS":"arn:aws:iam::123456789111:root"},"Action":["oam:CreateLink","oam:UpdateLink"],"Resource":"*","Condition":{"ForAllValues:StringEquals":{"oam:ResourceTypes":["AWS::Logs::LogGroup","AWS::CloudWatch::Metric","AWS::XRay::Trace","AWS::ApplicationInsights::Application"]}}}]}' \ + --sink-identifier arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345 + +Output:: + + { + "SinkArn": "arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345", + "SinkId": "a1b2c3d4-5678-90ab-cdef-example12345", + "Policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"arn:aws:iam::123456789111:root\"},\"Action\":[\"oam:CreateLink\",\"oam:UpdateLink\"],\"Resource\":\"*\",\"Condition\":{\"ForAllValues:StringEquals\":{\"oam:ResourceTypes\":[\"AWS::Logs::LogGroup\",\"AWS::CloudWatch::Metric\",\"AWS::XRay::Trace\",\"AWS::ApplicationInsights::Application\"]}}}]}" + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/tag-resource.rst b/awscli/examples/oam/tag-resource.rst new file mode 100644 index 000000000000..15d73dfadfa2 --- /dev/null +++ b/awscli/examples/oam/tag-resource.rst @@ -0,0 +1,11 @@ +**To assign one or more tags to the specified resource** + +The following ``tag-resource`` example tags a sink ``arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345``. :: + + aws oam tag-resource \ + --resource-arn arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345 \ + --tags team=Devops + +This command produces no output. + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/untag-resource.rst b/awscli/examples/oam/untag-resource.rst new file mode 100644 index 000000000000..b00c192fa7d2 --- /dev/null +++ b/awscli/examples/oam/untag-resource.rst @@ -0,0 +1,11 @@ +**To remove one or more tags from the specified resource.** + +The following ``untag-resource`` example removes a tag with the key ``team`` from sink ``arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345``. :: + + aws oam untag-resource \ + --resource-arn arn:aws:oam:us-east-2:123456789012:sink/f3f42f60-f0f2-425c-1234-12347bdd821f \ + --tag-keys team + +This command produces no output. + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/oam/update-link.rst b/awscli/examples/oam/update-link.rst new file mode 100644 index 000000000000..b034a6141d59 --- /dev/null +++ b/awscli/examples/oam/update-link.rst @@ -0,0 +1,24 @@ +**To change what types of data are shared from a source account to its linked monitoring account sink** + +The following ``update-link`` example updates the link ``arn:aws:oam:us-east-2:123456789111:link/0123e691-e7ef-43fa-1234-c57c837fced0`` with resource types ``AWS::CloudWatch::Metric`` and ``AWS::Logs::LogGroup``. :: + + aws oam update-link \ + --identifier arn:aws:oam:us-east-2:123456789111:link/a1b2c3d4-5678-90ab-cdef-example11111 \ + --resource-types "AWS::CloudWatch::Metric" "AWS::Logs::LogGroup" + +Output:: + + { + "Arn": "arn:aws:oam:us-east-2:123456789111:link/a1b2c3d4-5678-90ab-cdef-example11111", + "Id": "a1b2c3d4-5678-90ab-cdef-example11111", + "Label": "sourceAccount", + "LabelTemplate": "sourceAccount", + "ResourceTypes": [ + "AWS::CloudWatch::Metric", + "AWS::Logs::LogGroup" + ], + "SinkArn": "arn:aws:oam:us-east-2:123456789012:sink/a1b2c3d4-5678-90ab-cdef-example12345", + "Tags": {} + } + +For more information, see `CloudWatch cross-account observability `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/observabilityadmin/get-telemetry-evaluation-status-for-organization.rst b/awscli/examples/observabilityadmin/get-telemetry-evaluation-status-for-organization.rst new file mode 100644 index 000000000000..59c574403504 --- /dev/null +++ b/awscli/examples/observabilityadmin/get-telemetry-evaluation-status-for-organization.rst @@ -0,0 +1,13 @@ +**To get telemetry onboarding status for the organization** + +The following ``get-telemetry-evaluation-status-for-organization`` example returns the current onboarding status of the telemetry config feature for the organization. :: + + aws observabilityadmin get-telemetry-evaluation-status-for-organization + +Output:: + + { + "Status": "RUNNING" + } + +For more information, see `Auditing CloudWatch telemetry configurations `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/observabilityadmin/get-telemetry-evaluation-status.rst b/awscli/examples/observabilityadmin/get-telemetry-evaluation-status.rst new file mode 100644 index 000000000000..f953b8dea072 --- /dev/null +++ b/awscli/examples/observabilityadmin/get-telemetry-evaluation-status.rst @@ -0,0 +1,13 @@ +**To get telemetry onboarding status for the account** + +The following ``get-telemetry-evaluation-status`` example returns the current onboarding status of the telemetry config feature in the specified account. :: + + aws observabilityadmin get-telemetry-evaluation-status + +Output:: + + { + "Status": "RUNNING" + } + +For more information, see `Auditing CloudWatch telemetry configurations `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/observabilityadmin/list-resource-telemetry-for-organization.rst b/awscli/examples/observabilityadmin/list-resource-telemetry-for-organization.rst new file mode 100644 index 000000000000..db79eb32d366 --- /dev/null +++ b/awscli/examples/observabilityadmin/list-resource-telemetry-for-organization.rst @@ -0,0 +1,43 @@ +**To retrieve the telemetry configurations for the organization** + +The following ``list-resource-telemetry-for-organization`` example returns a list of telemetry configurations in the organization for AWS resources supported by telemetry config. :: + + aws observabilityadmin list-resource-telemetry-for-organization \ + --resource-types AWS::EC2::Instance + +Output:: + + { + "TelemetryConfigurations": [ + { + "AccountIdentifier": "111111111111", + "TelemetryConfigurationState": { + "Logs": "NotApplicable", + "Metrics": "Disabled", + "Traces": "NotApplicable" + }, + "ResourceType": "AWS::EC2::Instance", + "ResourceIdentifier": "i-a166400b", + "ResourceTags": { + "Name": "dev" + }, + "LastUpdateTimeStamp": 1733168548521 + }, + { + "AccountIdentifier": "222222222222", + "TelemetryConfigurationState": { + "Logs": "NotApplicable", + "Metrics": "Disabled", + "Traces": "NotApplicable" + }, + "ResourceType": "AWS::EC2::Instance", + "ResourceIdentifier": "i-b188560f", + "ResourceTags": { + "Name": "apache" + }, + "LastUpdateTimeStamp": 1732744260182 + } + ] + } + +For more information, see `Auditing CloudWatch telemetry configurations `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/observabilityadmin/list-resource-telemetry.rst b/awscli/examples/observabilityadmin/list-resource-telemetry.rst new file mode 100644 index 000000000000..f175e1143d46 --- /dev/null +++ b/awscli/examples/observabilityadmin/list-resource-telemetry.rst @@ -0,0 +1,29 @@ +**To retrieve the telemetry configurations for the account** + +The following ``list-resource-telemetry`` example returns a list of telemetry configurations for AWS resources supported by telemetry config in the specified account. :: + + aws observabilityadmin list-resource-telemetry \ + --resource-types AWS::EC2::Instance + +Output:: + + { + "TelemetryConfigurations": [ + { + "AccountIdentifier": "111111111111", + "TelemetryConfigurationState": { + "Logs": "NotApplicable", + "Metrics": "Disabled", + "Traces": "NotApplicable" + }, + "ResourceType": "AWS::EC2::Instance", + "ResourceIdentifier": "i-0e979d278b040f856", + "ResourceTags": { + "Name": "apache" + }, + "LastUpdateTimeStamp": 1732744260182 + } + ] + } + +For more information, see `Auditing CloudWatch telemetry configurations `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/observabilityadmin/start-telemetry-evaluation-for-organization.rst b/awscli/examples/observabilityadmin/start-telemetry-evaluation-for-organization.rst new file mode 100644 index 000000000000..feb8bcf93fbf --- /dev/null +++ b/awscli/examples/observabilityadmin/start-telemetry-evaluation-for-organization.rst @@ -0,0 +1,9 @@ +**To enable the telemetry config feature** + +The following ``start-telemetry-evaluation-for-organization`` example enables the telemetry config feature for the organization. :: + + aws observabilityadmin start-telemetry-evaluation-for-organization + +This command produces no output. + +For more information, see `Turning on CloudWatch telemetry auditing `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/observabilityadmin/start-telemetry-evaluation.rst b/awscli/examples/observabilityadmin/start-telemetry-evaluation.rst new file mode 100644 index 000000000000..e3f7051232a9 --- /dev/null +++ b/awscli/examples/observabilityadmin/start-telemetry-evaluation.rst @@ -0,0 +1,9 @@ +**To enable the telemetry config feature** + +The following ``start-telemetry-evaluation`` example enables the telemetry config feature in the specified account. :: + + aws observabilityadmin start-telemetry-evaluation + +This command produces no output. + +For more information, see `Turning on CloudWatch telemetry auditing `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/observabilityadmin/stop-telemetry-evaluation-for-organization.rst b/awscli/examples/observabilityadmin/stop-telemetry-evaluation-for-organization.rst new file mode 100644 index 000000000000..fc86280e7292 --- /dev/null +++ b/awscli/examples/observabilityadmin/stop-telemetry-evaluation-for-organization.rst @@ -0,0 +1,9 @@ +**To disable the telemetry config feature** + +The following ``stop-telemetry-evaluation-for-organization`` example disables the telemetry config feature for the organization. :: + + aws observabilityadmin stop-telemetry-evaluation-for-organization + +This command produces no output. + +For more information, see `Turning off CloudWatch telemetry auditing `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/observabilityadmin/stop-telemetry-evaluation.rst b/awscli/examples/observabilityadmin/stop-telemetry-evaluation.rst new file mode 100644 index 000000000000..28957c59728e --- /dev/null +++ b/awscli/examples/observabilityadmin/stop-telemetry-evaluation.rst @@ -0,0 +1,9 @@ +**To disable the telemetry config feature** + +The following ``stop-telemetry-evaluation`` example disables the telemetry config feature in the specified account. :: + + aws observabilityadmin stop-telemetry-evaluation + +This command produces no output. + +For more information, see `Turning off CloudWatch telemetry auditing `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/abort-multipart-read-set-upload.rst b/awscli/examples/omics/abort-multipart-read-set-upload.rst new file mode 100644 index 000000000000..c4f8795a176b --- /dev/null +++ b/awscli/examples/omics/abort-multipart-read-set-upload.rst @@ -0,0 +1,11 @@ +**To stop a multipart read set upload** + +The following ``abort-multipart-read-set-upload`` example stops a multipart read set upload into your HealthOmics sequence store. :: + + aws omics abort-multipart-read-set-upload \ + --sequence-store-id 0123456789 \ + --upload-id 1122334455 + +This command produces no output. + +For more information, see `Direct upload to a sequence store `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/accept-share.rst b/awscli/examples/omics/accept-share.rst new file mode 100644 index 000000000000..6bc9d062641d --- /dev/null +++ b/awscli/examples/omics/accept-share.rst @@ -0,0 +1,14 @@ +**To accept a share of analytics store data** + +The following ``accept-share`` example accepts a share of HealthOmics analytics store data. :: + + aws omics accept-share \ + ----share-id "495c21bedc889d07d0ab69d710a6841e-dd75ab7a1a9c384fa848b5bd8e5a7e0a" + +Output:: + + { + "status": "ACTIVATING" + } + +For more information, see `Cross-account sharing `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/complete-multipart-read-set-upload.rst b/awscli/examples/omics/complete-multipart-read-set-upload.rst new file mode 100644 index 000000000000..cc253f1b805d --- /dev/null +++ b/awscli/examples/omics/complete-multipart-read-set-upload.rst @@ -0,0 +1,19 @@ +**To conclude a multipart upload once you have uploaded all of the components.** + +The following ``complete-multipart-read-set-upload`` example concludes a multipart upload into a sequence store once all of the components have been uploaded. :: + + aws omics complete-multipart-read-set-upload \ + --sequence-store-id 0123456789 \ + --upload-id 1122334455 \ + --parts '[{"checksum":"gaCBQMe+rpCFZxLpoP6gydBoXaKKDA/Vobh5zBDb4W4=","partNumber":1,"partSource":"SOURCE1"}]' + + +Output:: + + { + "readSetId": "0000000001" + "readSetId": "0000000002" + "readSetId": "0000000003" + } + +For more information, see `Direct upload to a sequence store `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/create-annotation-store-version.rst b/awscli/examples/omics/create-annotation-store-version.rst new file mode 100644 index 000000000000..0e7f37021596 --- /dev/null +++ b/awscli/examples/omics/create-annotation-store-version.rst @@ -0,0 +1,22 @@ +**To create a new version of an annotation store** + +The following ``create-annotation-store-version`` example creates a new version of an annotation store. :: + + aws omics create-annotation-store-version \ + --name my_annotation_store \ + --version-name my_version + +Output:: + + { + "creationTime": "2023-07-21T17:15:49.251040+00:00", + "id": "3b93cdef69d2", + "name": "my_annotation_store", + "reference": { + "referenceArn": "arn:aws:omics:us-west-2:555555555555:referenceStore/6505293348/reference/5987565360" + }, + "status": "CREATING", + "versionName": "my_version" + } + +For more information, see `Creating new versions of annotation stores `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/create-multipart-read-set-upload.rst b/awscli/examples/omics/create-multipart-read-set-upload.rst new file mode 100644 index 000000000000..327ecd1ef8da --- /dev/null +++ b/awscli/examples/omics/create-multipart-read-set-upload.rst @@ -0,0 +1,29 @@ +**To begin a multipart read set upload.** + +The following ``create-multipart-read-set-upload`` example initiates a multipart read set upload. :: + + aws omics create-multipart-read-set-upload \ + --sequence-store-id 0123456789 \ + --name HG00146 \ + --source-file-type FASTQ \ + --subject-id mySubject\ + --sample-id mySample\ + --description "FASTQ for HG00146"\ + --generated-from "1000 Genomes" + + +Output:: + + { + "creationTime": "2022-07-13T23:25:20Z", + "description": "FASTQ for HG00146", + "generatedFrom": "1000 Genomes", + "name": "HG00146", + "sampleId": "mySample", + "sequenceStoreId": "0123456789", + "sourceFileType": "FASTQ", + "subjectId": "mySubject", + "uploadId": "1122334455" + } + +For more information, see `Direct upload to a sequence store `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/create-share.rst b/awscli/examples/omics/create-share.rst new file mode 100644 index 000000000000..d4778e6bb261 --- /dev/null +++ b/awscli/examples/omics/create-share.rst @@ -0,0 +1,18 @@ +**To create a share of a HealthOmics analytics store** + +The following ``create-share`` example shows how to create a share of a HealthOmics analytics store that can be accepted by a subscriber outside the account. :: + + aws omics create-share \ + --resource-arn "arn:aws:omics:us-west-2:555555555555:variantStore/omics_dev_var_store" \ + --principal-subscriber "123456789012" \ + --name "my_Share-123" + +Output:: + + { + "shareId": "495c21bedc889d07d0ab69d710a6841e-dd75ab7a1a9c384fa848b5bd8e5a7e0a", + "name": "my_Share-123", + "status": "PENDING" + } + +For more information, see `Cross-acount sharing `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/delete-annotation-store-versions.rst b/awscli/examples/omics/delete-annotation-store-versions.rst new file mode 100644 index 000000000000..44aa2c7beab7 --- /dev/null +++ b/awscli/examples/omics/delete-annotation-store-versions.rst @@ -0,0 +1,15 @@ +**To delete an annotation store version** + +The following ``delete-annotation-store-versions`` example deletes an annotation store version. :: + + aws omics delete-annotation-store-versions \ + --name my_annotation_store \ + --versions my_version + +Output:: + + { + "errors": [] + } + +For more information, see `Creating new versions of annotation stores `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/delete-share.rst b/awscli/examples/omics/delete-share.rst new file mode 100644 index 000000000000..b8b089c6f96f --- /dev/null +++ b/awscli/examples/omics/delete-share.rst @@ -0,0 +1,14 @@ +**To delete a share of HealthOmics analytics data** + +The following ``delete-share`` example deletes a cross-account share of analytics data. :: + + aws omics delete-share \ + --share-id "495c21bedc889d07d0ab69d710a6841e-dd75ab7a1a9c384fa848b5bd8e5a7e0a" + +Output:: + + { + "status": "DELETING" + } + +For more information, see `Cross-account sharing `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/get-annotation-store-version.rst b/awscli/examples/omics/get-annotation-store-version.rst new file mode 100644 index 000000000000..5ef9c5e86def --- /dev/null +++ b/awscli/examples/omics/get-annotation-store-version.rst @@ -0,0 +1,24 @@ +**To retrieve the metadata for an annotation store version** + +The following ``get-annotation-store-version`` example retrieves the metadata for the requested annotation store version. :: + + aws omics get-annotation-store-version \ + --name my_annotation_store \ + --version-name my_version + +Output:: + + { + "storeId": "4934045d1c6d", + "id": "2a3f4a44aa7b", + "status": "ACTIVE", + "versionArn": "arn:aws:omics:us-west-2:555555555555:annotationStore/my_annotation_store/version/my_version", + "name": "my_annotation_store", + "versionName": "my_version", + "creationTime": "2023-07-21T17:15:49.251040+00:00", + "updateTime": "2023-07-21T17:15:56.434223+00:00", + "statusMessage": "", + "versionSizeBytes": 0 + } + +For more information, see `Creating new versions of annotation stores `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/get-share.rst b/awscli/examples/omics/get-share.rst new file mode 100644 index 000000000000..118bf4c95049 --- /dev/null +++ b/awscli/examples/omics/get-share.rst @@ -0,0 +1,21 @@ +**To retrieves the metadata about a share of a HealthOmics analytics data** + +The following ``get-share`` example retrieves the metadata for a cross-account share of analytics data. :: + + aws omics get-share \ + --share-id "495c21bedc889d07d0ab69d710a6841e-dd75ab7a1a9c384fa848b5bd8e5a7e0a" + +Output:: + + { + "share": { + "shareId": "495c21bedc889d07d0ab69d710a6841e-dd75ab7a1a9c384fa848b5bd8e5a7e0a", + "name": "my_Share-123", + "resourceArn": "arn:aws:omics:us-west-2:555555555555:variantStore/omics_dev_var_store", + "principalSubscriber": "123456789012", + "ownerId": "555555555555", + "status": "PENDING" + } + } + +For more information, see `Cross-account sharing `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/list-annotation-store-versions.rst b/awscli/examples/omics/list-annotation-store-versions.rst new file mode 100644 index 000000000000..cfc251b7642d --- /dev/null +++ b/awscli/examples/omics/list-annotation-store-versions.rst @@ -0,0 +1,37 @@ +**To list all the versions of an annotation store.** + +The following ``list-annotation-store-versions`` example lists all versions that exist of an annotation store. :: + + aws omics list-annotation-store-versions \ + --name my_annotation_store + +Output:: + + { + "annotationStoreVersions": [ + { + "storeId": "4934045d1c6d", + "id": "2a3f4a44aa7b", + "status": "CREATING", + "versionArn": "arn:aws:omics:us-west-2:555555555555:annotationStore/my_annotation_store/version/my_version_2", + "name": "my_annotation_store", + "versionName": "my_version_2", + "creation Time": "2023-07-21T17:20:59.380043+00:00", + "versionSizeBytes": 0 + }, + { + "storeId": "4934045d1c6d", + "id": "4934045d1c6d", + "status": "ACTIVE", + "versionArn": "arn:aws:omics:us-west-2:555555555555:annotationStore/my_annotation_store/version/my_version_1", + "name": "my_annotation_store", + "versionName": "my_version_1", + "creationTime": "2023-07-21T17:15:49.251040+00:00", + "updateTime": "2023-07-21T17:15:56.434223+00:00", + "statusMessage": "", + "versionSizeBytes": 0 + } + + } + +For more information, see `Creating new versions of annotation stores `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/list-multipart-read-set-uploads.rst b/awscli/examples/omics/list-multipart-read-set-uploads.rst new file mode 100644 index 000000000000..51e7c221183a --- /dev/null +++ b/awscli/examples/omics/list-multipart-read-set-uploads.rst @@ -0,0 +1,51 @@ +**To list all multipart read set uploads and their statuses.** + +The following ``list-multipart-read-set-uploads`` example lists all multipart read set uploads and their statuses. :: + + aws omics list-multipart-read-set-uploads \ + --sequence-store-id 0123456789 + +Output:: + + { + "uploads": + [ + { + "sequenceStoreId": "0123456789", + "uploadId": "8749584421", + "sourceFileType": "FASTQ", + "subjectId": "mySubject", + "sampleId": "mySample", + "generatedFrom": "1000 Genomes", + "name": "HG00146", + "description": "FASTQ for HG00146", + "creationTime": "2023-11-29T19:22:51.349298+00:00" + }, + { + "sequenceStoreId": "0123456789", + "uploadId": "5290538638", + "sourceFileType": "BAM", + "subjectId": "mySubject", + "sampleId": "mySample", + "generatedFrom": "1000 Genomes", + "referenceArn": "arn:aws:omics:us-west-2:845448930428:referenceStore/8168613728/reference/2190697383", + "name": "HG00146", + "description": "BAM for HG00146", + "creationTime": "2023-11-29T19:23:33.116516+00:00" + }, + { + "sequenceStoreId": "0123456789", + "uploadId": "4174220862", + "sourceFileType": "BAM", + "subjectId": "mySubject", + "sampleId": "mySample", + "generatedFrom": "1000 Genomes", + "referenceArn": "arn:aws:omics:us-west-2:845448930428:referenceStore/8168613728/reference/2190697383", + "name": "HG00147", + "description": "BAM for HG00147", + "creationTime": "2023-11-29T19:23:47.007866+00:00" + } + ] + } + +For more information, see `Direct upload to a sequence store `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/list-read-set-upload-parts.rst b/awscli/examples/omics/list-read-set-upload-parts.rst new file mode 100644 index 000000000000..50def7b31604 --- /dev/null +++ b/awscli/examples/omics/list-read-set-upload-parts.rst @@ -0,0 +1,32 @@ +**To list all parts in a requested multipart upload for a sequence store.** + +The following ``list-read-set-upload-parts`` example list all parts in a requested multipart upload for a sequence store. :: + + aws omics list-read-set-upload-parts \ + --sequence-store-id 0123456789 \ + --upload-id 1122334455 \ + --part-source SOURCE1 + +Output:: + + { + "parts": [ + { + "partNumber": 1, + "partSize": 94371840, + "file": "SOURCE1", + "checksum": "984979b9928ae8d8622286c4a9cd8e99d964a22d59ed0f5722e1733eb280e635", + "lastUpdatedTime": "2023-02-02T20:14:47.533000+00:00" + } + { + "partNumber": 2, + "partSize": 10471840, + "file": "SOURCE1", + "checksum": "984979b9928ae8d8622286c4a9cd8e99d964a22d59ed0f5722e1733eb280e635", + "lastUpdatedTime": "2023-02-02T20:14:47.533000+00:00" + } + ] + + } + +For more information, see `Direct upload to a sequence store `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/list-shares.rst b/awscli/examples/omics/list-shares.rst new file mode 100644 index 000000000000..755e470aba0d --- /dev/null +++ b/awscli/examples/omics/list-shares.rst @@ -0,0 +1,41 @@ +**To list the available shares of a HealthOmics analytics data** + +The following ``list-shares`` example lists all shares that have been created for a resource-owner. :: + + aws omics list-shares \ + --resource-owner SELF + +Output:: + + { + "shares": [ + { + "shareId": "595c1cbd-a008-4eca-a887-954d30c91c6e", + "name": "myShare", + "resourceArn": "arn:aws:omics:us-west-2:555555555555:variantStore/store_1", + "principalSubscriber": "123456789012", + "ownerId": "555555555555", + "status": "PENDING" + } + { + "shareId": "39b65d0d-4368-4a19-9814-b0e31d73c10a", + "name": "myShare3456", + "resourceArn": "arn:aws:omics:us-west-2:555555555555:variantStore/store_2", + "principalSubscriber": "123456789012", + "ownerId": "555555555555", + "status": "ACTIVE" + }, + { + "shareId": "203152f5-eef9-459d-a4e0-a691668d44ef", + "name": "myShare4", + "resourceArn": "arn:aws:omics:us-west-2:555555555555:variantStore/store_3", + "principalSubscriber": "123456789012", + "ownerId": "555555555555", + "status": "ACTIVE" + } + ] + } + + + +For more information, see `Cross-account sharing `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/omics/upload-read-set-part.rst b/awscli/examples/omics/upload-read-set-part.rst new file mode 100644 index 000000000000..ef9f5458819d --- /dev/null +++ b/awscli/examples/omics/upload-read-set-part.rst @@ -0,0 +1,18 @@ +**To upload a read set part.** + +The following ``upload-read-set-part`` example uploads a specified part of a read set. :: + + aws omics upload-read-set-part \ + --sequence-store-id 0123456789 \ + --upload-id 1122334455 \ + --part-source SOURCE1 \ + --part-number 1 \ + --payload /path/to/file/read_1_part_1.fastq.gz + +Output:: + + { + "checksum": "984979b9928ae8d8622286c4a9cd8e99d964a22d59ed0f5722e1733eb280e635" + } + +For more information, see `Direct upload to a sequence store `__ in the *AWS HealthOmics User Guide*. \ No newline at end of file diff --git a/awscli/examples/opsworks/describe-commands.rst b/awscli/examples/opsworks/describe-commands.rst index b11f0591514a..421fe24135af 100644 --- a/awscli/examples/opsworks/describe-commands.rst +++ b/awscli/examples/opsworks/describe-commands.rst @@ -1,6 +1,6 @@ **To describe commands** -The following ``describe-commands`` commmand describes the commands in a specified instance. :: +The following ``describe-commands`` command describes the commands in a specified instance. :: aws opsworks describe-commands \ --instance-id 8c2673b9-3fe5-420d-9cfa-78d875ee7687 \ diff --git a/awscli/examples/opsworks/describe-deployments.rst b/awscli/examples/opsworks/describe-deployments.rst index f1c0dc577642..acb6d55a7cae 100644 --- a/awscli/examples/opsworks/describe-deployments.rst +++ b/awscli/examples/opsworks/describe-deployments.rst @@ -1,6 +1,6 @@ **To describe deployments** -The following ``describe-deployments`` commmand describes the deployments in a specified stack. :: +The following ``describe-deployments`` command describes the deployments in a specified stack. :: aws opsworks --region us-east-1 describe-deployments --stack-id 38ee91e2-abdc-4208-a107-0b7168b3cc7a diff --git a/awscli/examples/opsworks/describe-elastic-ips.rst b/awscli/examples/opsworks/describe-elastic-ips.rst index 277da76e5046..72677cedba3c 100644 --- a/awscli/examples/opsworks/describe-elastic-ips.rst +++ b/awscli/examples/opsworks/describe-elastic-ips.rst @@ -1,6 +1,6 @@ **To describe Elastic IP instances** -The following ``describe-elastic-ips`` commmand describes the Elastic IP addresses in a specified instance. :: +The following ``describe-elastic-ips`` command describes the Elastic IP addresses in a specified instance. :: aws opsworks --region us-east-1 describe-elastic-ips --instance-id b62f3e04-e9eb-436c-a91f-d9e9a396b7b0 diff --git a/awscli/examples/opsworks/describe-instances.rst b/awscli/examples/opsworks/describe-instances.rst index 213e13550e91..359f99222cdf 100644 --- a/awscli/examples/opsworks/describe-instances.rst +++ b/awscli/examples/opsworks/describe-instances.rst @@ -1,6 +1,6 @@ **To describe instances** -The following ``describe-instances`` commmand describes the instances in a specified stack:: +The following ``describe-instances`` command describes the instances in a specified stack:: aws opsworks --region us-east-1 describe-instances --stack-id 8c428b08-a1a1-46ce-a5f8-feddc43771b8 diff --git a/awscli/examples/opsworks/describe-layers.rst b/awscli/examples/opsworks/describe-layers.rst index d45a3bdcd403..c0702129944f 100644 --- a/awscli/examples/opsworks/describe-layers.rst +++ b/awscli/examples/opsworks/describe-layers.rst @@ -1,6 +1,6 @@ **To describe a stack's layers** -The following ``describe-layers`` commmand describes the layers in a specified stack:: +The following ``describe-layers`` command describes the layers in a specified stack:: aws opsworks --region us-east-1 describe-layers --stack-id 38ee91e2-abdc-4208-a107-0b7168b3cc7a diff --git a/awscli/examples/pipes/create-pipe.rst b/awscli/examples/pipes/create-pipe.rst new file mode 100644 index 000000000000..9185c24c6fa3 --- /dev/null +++ b/awscli/examples/pipes/create-pipe.rst @@ -0,0 +1,23 @@ +**To Create a pipe** + +The following ``create-pipe`` example creates a Pipe named ``Demo_Pipe`` with SQS as the source and CloudWatch Log Group as the target for the Pipe. :: + + aws pipes create-pipe \ + --name Demo_Pipe \ + --desired-state RUNNING \ + --role-arn arn:aws:iam::123456789012:role/service-role/Amazon_EventBridge_Pipe_Demo_Pipe_28b3aa4f \ + --source arn:aws:sqs:us-east-1:123456789012:Demo_Queue \ + --target arn:aws:logs:us-east-1:123456789012:log-group:/aws/pipes/Demo_LogGroup + +Output:: + + { + "Arn": "arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe", + "Name": "Demo_Pipe", + "DesiredState": "RUNNING", + "CurrentState": "CREATING", + "CreationTime": "2024-10-08T12:33:59-05:00", + "LastModifiedTime": "2024-10-08T12:33:59.684839-05:00" + } + +For more information, see `Amazon EventBridge Pipes concepts `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/pipes/delete-pipe.rst b/awscli/examples/pipes/delete-pipe.rst new file mode 100644 index 000000000000..1d33e88ae01a --- /dev/null +++ b/awscli/examples/pipes/delete-pipe.rst @@ -0,0 +1,19 @@ +**To delete an existing pipe** + +The following ``delete-pipe`` example deletes a Pipe named ``Demo_Pipe`` in the specified account. :: + + aws pipes delete-pipe \ + --name Demo_Pipe + +Output:: + + { + "Arn": "arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe", + "Name": "Demo_Pipe", + "DesiredState": "STOPPED", + "CurrentState": "DELETING", + "CreationTime": "2024-10-08T09:29:10-05:00", + "LastModifiedTime": "2024-10-08T11:57:22-05:00" + } + +For more information, see `Amazon EventBridge Pipes concepts `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/pipes/describe-pipe.rst b/awscli/examples/pipes/describe-pipe.rst new file mode 100644 index 000000000000..41ecb7cd7aa9 --- /dev/null +++ b/awscli/examples/pipes/describe-pipe.rst @@ -0,0 +1,37 @@ +**To retrieve information about a Pipe** + +The following ``describe-pipe`` example displays information about the Pipe ``Demo_Pipe`` in the specified account. :: + + aws pipes describe-pipe \ + --name Demo_Pipe + +Output:: + + { + "Arn": "arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe", + "Name": "Demo_Pipe", + "DesiredState": "RUNNING", + "CurrentState": "RUNNING", + "StateReason": "User initiated", + "Source": "arn:aws:sqs:us-east-1:123456789012:Demo_Queue", + "SourceParameters": { + "SqsQueueParameters": { + "BatchSize": 1 + } + }, + "EnrichmentParameters": {}, + "Target": "arn:aws:logs:us-east-1:123456789012:log-group:/aws/pipes/Demo_LogGroup", + "TargetParameters": {}, + "RoleArn": "arn:aws:iam::123456789012:role/service-role/Amazon_EventBridge_Pipe_Demo_Pipe_28b3aa4f", + "Tags": {}, + "CreationTime": "2024-10-08T09:29:10-05:00", + "LastModifiedTime": "2024-10-08T10:23:47-05:00", + "LogConfiguration": { + "CloudwatchLogsLogDestination": { + "LogGroupArn": "arn:aws:logs:us-east-1:123456789012:log-group:/aws/vendedlogs/pipes/Demo_Pipe" + }, + "Level": "ERROR" + } + } + +For more information, see `Amazon EventBridge Pipes concepts `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/pipes/list-pipes.rst b/awscli/examples/pipes/list-pipes.rst new file mode 100644 index 000000000000..c44bf99d028e --- /dev/null +++ b/awscli/examples/pipes/list-pipes.rst @@ -0,0 +1,25 @@ +**To retrieve a list of Pipes** + +The following ``list-pipes`` example shows all the pipes in the specified account. :: + + aws pipes list-pipes + +Output:: + + { + "Pipes": [ + { + "Name": "Demo_Pipe", + "Arn": "arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe", + "DesiredState": "RUNNING", + "CurrentState": "RUNNING", + "StateReason": "User initiated", + "CreationTime": "2024-10-08T09:29:10-05:00", + "LastModifiedTime": "2024-10-08T10:23:47-05:00", + "Source": "arn:aws:sqs:us-east-1:123456789012:Demo_Queue", + "Target": "arn:aws:logs:us-east-1:123456789012:log-group:/aws/pipes/Demo_LogGroup" + } + ] + } + +For more information, see `Amazon EventBridge Pipes concepts `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/pipes/list-tags-for-resource.rst b/awscli/examples/pipes/list-tags-for-resource.rst new file mode 100644 index 000000000000..c3c07fccd3fc --- /dev/null +++ b/awscli/examples/pipes/list-tags-for-resource.rst @@ -0,0 +1,17 @@ +**To list the tags associated with an existing pipe** + +The following ``list-tags-for-resource`` example lists all the tags associated with a pipe named ``Demo_Pipe`` in the specified account. :: + + aws pipes list-tags-for-resource \ + --resource-arn arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe + +Output:: + + { + "tags": { + "stack": "Production", + "team": "DevOps" + } + } + +For more information, see `Amazon EventBridge Pipes concepts `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/pipes/start-pipe.rst b/awscli/examples/pipes/start-pipe.rst new file mode 100644 index 000000000000..f621e7332772 --- /dev/null +++ b/awscli/examples/pipes/start-pipe.rst @@ -0,0 +1,19 @@ +**To start an existing pipe** + +The following ``start-pipe`` example starts a Pipe named ``Demo_Pipe`` in the specified account. :: + + aws pipes start-pipe \ + --name Demo_Pipe + +Output:: + + { + "Arn": "arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe", + "Name": "Demo_Pipe", + "DesiredState": "RUNNING", + "CurrentState": "STARTING", + "CreationTime": "2024-10-08T09:29:10-05:00", + "LastModifiedTime": "2024-10-08T10:17:24-05:00" + } + +For more information, see `Starting or stopping an Amazon EventBridge pipe `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/pipes/stop-pipe.rst b/awscli/examples/pipes/stop-pipe.rst new file mode 100644 index 000000000000..5248d8673a01 --- /dev/null +++ b/awscli/examples/pipes/stop-pipe.rst @@ -0,0 +1,19 @@ +**To stop an existing pipe** + +The following ``stop-pipe`` example stops a Pipe named ``Demo_Pipe`` in the specified account. :: + + aws pipes stop-pipe \ + --name Demo_Pipe + +Output:: + + { + "Arn": "arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe", + "Name": "Demo_Pipe", + "DesiredState": "STOPPED", + "CurrentState": "STOPPING", + "CreationTime": "2024-10-08T09:29:10-05:00", + "LastModifiedTime": "2024-10-08T09:29:49-05:00" + } + +For more information, see `Starting or stopping an Amazon EventBridge pipe `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/pipes/tag-resource.rst b/awscli/examples/pipes/tag-resource.rst new file mode 100644 index 000000000000..c6c7d281ad9f --- /dev/null +++ b/awscli/examples/pipes/tag-resource.rst @@ -0,0 +1,9 @@ +**To Tag an existing pipe** + +The following ``tag-resource`` example tags a Pipe named ``Demo_Pipe``. If the command succeeds, no output is returned. :: + + aws pipes tag-resource \ + --resource-arn arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe \ + --tags stack=Production + +For more information, see `Amazon EventBridge Pipes concepts `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/pipes/untag-resource.rst b/awscli/examples/pipes/untag-resource.rst new file mode 100644 index 000000000000..3f342430a1c8 --- /dev/null +++ b/awscli/examples/pipes/untag-resource.rst @@ -0,0 +1,9 @@ +**To remove a Tag from an existing pipe** + +The following ``untag-resource`` example removes a tag with the key ``stack`` from the Pipe named ``Demo_Pipe``. If the command succeeds, no output is returned. :: + + aws pipes untag-resource \ + --resource-arn arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe \ + --tags stack + +For more information, see `Amazon EventBridge Pipes concepts `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/pipes/update-pipe.rst b/awscli/examples/pipes/update-pipe.rst new file mode 100644 index 000000000000..c6d7f4168ce5 --- /dev/null +++ b/awscli/examples/pipes/update-pipe.rst @@ -0,0 +1,22 @@ +**To update an existing pipe** + +The following ``update-pipe`` example updates the Pipe named ``Demo_Pipe`` by adding a CloudWatch Log configuration parameter, enure to update the execution role of the pipe so that it has the correct permissions for Log destination. :: + + aws pipes update-pipe \ + --name Demo_Pipe \ + --desired-state RUNNING \ + --log-configuration CloudwatchLogsLogDestination={LogGroupArn=arn:aws:logs:us-east-1:123456789012:log-group:/aws/vendedlogs/pipes/Demo_Pipe},Level=TRACE \ + --role-arn arn:aws:iam::123456789012:role/service-role/Amazon_EventBridge_Pipe_Demo_Pipe_28b3aa4f + +Output:: + + { + "Arn": "arn:aws:pipes:us-east-1:123456789012:pipe/Demo_Pipe", + "Name": "Demo_Pipe", + "DesiredState": "RUNNING", + "CurrentState": "UPDATING", + "CreationTime": "2024-10-08T09:29:10-05:00", + "LastModifiedTime": "2024-10-08T11:35:48-05:00" + } + +For more information, see `Amazon EventBridge Pipes concepts `__ in the *Amazon EventBridge User Guide*. \ No newline at end of file diff --git a/awscli/examples/polly/get-speech-synthesis-task.rst b/awscli/examples/polly/get-speech-synthesis-task.rst index 3d25165e19b2..64b726d9c0c0 100644 --- a/awscli/examples/polly/get-speech-synthesis-task.rst +++ b/awscli/examples/polly/get-speech-synthesis-task.rst @@ -1,23 +1,23 @@ -**To get information about a speech synthesis task** - -The following ``get-speech-synthesis-task`` example retrieves information about the specified speech synthesis task. :: - - aws polly get-speech-synthesis-task \ - --task-id 70b61c0f-57ce-4715-a247-cae8729dcce9 - -Output:: - - { - "SynthesisTask": { - "TaskId": "70b61c0f-57ce-4715-a247-cae8729dcce9", - "TaskStatus": "completed", - "OutputUri": "https://s3.us-west-2.amazonaws.com/my-s3-bucket/70b61c0f-57ce-4715-a247-cae8729dcce9.mp3", - "CreationTime": 1603911042.689, - "RequestCharacters": 1311, - "OutputFormat": "mp3", - "TextType": "text", - "VoiceId": "Joanna" - } - } - -For more information, see `Creating long audio files `__ in the *Amazon Polly Developer Guide*. +**To get information about a speech synthesis task** + +The following ``get-speech-synthesis-task`` example retrieves information about the specified speech synthesis task. :: + + aws polly get-speech-synthesis-task \ + --task-id 70b61c0f-57ce-4715-a247-cae8729dcce9 + +Output:: + + { + "SynthesisTask": { + "TaskId": "70b61c0f-57ce-4715-a247-cae8729dcce9", + "TaskStatus": "completed", + "OutputUri": "https://s3.us-west-2.amazonaws.com/amzn-s3-demo-bucket/70b61c0f-57ce-4715-a247-cae8729dcce9.mp3", + "CreationTime": 1603911042.689, + "RequestCharacters": 1311, + "OutputFormat": "mp3", + "TextType": "text", + "VoiceId": "Joanna" + } + } + +For more information, see `Creating long audio files `__ in the *Amazon Polly Developer Guide*. diff --git a/awscli/examples/polly/list-speech-synthesis-tasks.rst b/awscli/examples/polly/list-speech-synthesis-tasks.rst index 99ba9891aa3c..5ddbdccb0cd0 100644 --- a/awscli/examples/polly/list-speech-synthesis-tasks.rst +++ b/awscli/examples/polly/list-speech-synthesis-tasks.rst @@ -1,25 +1,25 @@ -**To list your speech synthesis tasks** - -The following ``list-speech-synthesis-tasks`` example lists your speech synthesis tasks. :: - - aws polly list-speech-synthesis-tasks - -Output:: - - { - "SynthesisTasks": [ - { - "TaskId": "70b61c0f-57ce-4715-a247-cae8729dcce9", - "TaskStatus": "completed", - "OutputUri": "https://s3.us-west-2.amazonaws.com/my-s3-bucket/70b61c0f-57ce-4715-a247-cae8729dcce9.mp3", - "CreationTime": 1603911042.689, - "RequestCharacters": 1311, - "OutputFormat": "mp3", - "TextType": "text", - "VoiceId": "Joanna" - } - ] - } - -For more information, see `Creating long audio files `__ in the *Amazon Polly Developer Guide*. - +**To list your speech synthesis tasks** + +The following ``list-speech-synthesis-tasks`` example lists your speech synthesis tasks. :: + + aws polly list-speech-synthesis-tasks + +Output:: + + { + "SynthesisTasks": [ + { + "TaskId": "70b61c0f-57ce-4715-a247-cae8729dcce9", + "TaskStatus": "completed", + "OutputUri": "https://s3.us-west-2.amazonaws.com/amzn-s3-demo-bucket/70b61c0f-57ce-4715-a247-cae8729dcce9.mp3", + "CreationTime": 1603911042.689, + "RequestCharacters": 1311, + "OutputFormat": "mp3", + "TextType": "text", + "VoiceId": "Joanna" + } + ] + } + +For more information, see `Creating long audio files `__ in the *Amazon Polly Developer Guide*. + diff --git a/awscli/examples/polly/start-speech-synthesis-task.rst b/awscli/examples/polly/start-speech-synthesis-task.rst index aa85d49d52d3..740fcde3f1a6 100644 --- a/awscli/examples/polly/start-speech-synthesis-task.rst +++ b/awscli/examples/polly/start-speech-synthesis-task.rst @@ -1,27 +1,27 @@ -**To synthesize text** - -The following ``start-speech-synthesis-task`` example synthesizes the text in ``text_file.txt`` and stores the resulting MP3 file in the specified bucket. :: - - aws polly start-speech-synthesis-task \ - --output-format mp3 \ - --output-s3-bucket-name my-s3-bucket \ - --text file://text_file.txt \ - --voice-id Joanna - -Output:: - - { - "SynthesisTask": { - "TaskId": "70b61c0f-57ce-4715-a247-cae8729dcce9", - "TaskStatus": "scheduled", - "OutputUri": "https://s3.us-east-2.amazonaws.com/my-s3-bucket/70b61c0f-57ce-4715-a247-cae8729dcce9.mp3", - "CreationTime": 1603911042.689, - "RequestCharacters": 1311, - "OutputFormat": "mp3", - "TextType": "text", - "VoiceId": "Joanna" - } - } - -For more information, see `Creating long audio files `__ in the *Amazon Polly Developer Guide*. - +**To synthesize text** + +The following ``start-speech-synthesis-task`` example synthesizes the text in ``text_file.txt`` and stores the resulting MP3 file in the specified bucket. :: + + aws polly start-speech-synthesis-task \ + --output-format mp3 \ + --output-s3-bucket-name amzn-s3-demo-bucket \ + --text file://text_file.txt \ + --voice-id Joanna + +Output:: + + { + "SynthesisTask": { + "TaskId": "70b61c0f-57ce-4715-a247-cae8729dcce9", + "TaskStatus": "scheduled", + "OutputUri": "https://s3.us-east-2.amazonaws.com/amzn-s3-demo-bucket/70b61c0f-57ce-4715-a247-cae8729dcce9.mp3", + "CreationTime": 1603911042.689, + "RequestCharacters": 1311, + "OutputFormat": "mp3", + "TextType": "text", + "VoiceId": "Joanna" + } + } + +For more information, see `Creating long audio files `__ in the *Amazon Polly Developer Guide*. + diff --git a/awscli/examples/qldb/describe-journal-s3-export.rst b/awscli/examples/qldb/describe-journal-s3-export.rst index 5c20514b0c9e..05279de7f315 100644 --- a/awscli/examples/qldb/describe-journal-s3-export.rst +++ b/awscli/examples/qldb/describe-journal-s3-export.rst @@ -11,7 +11,7 @@ Output:: { "ExportDescription": { "S3ExportConfiguration": { - "Bucket": "awsExampleBucket", + "Bucket": "amzn-s3-demo-bucket", "Prefix": "ledgerexport1/", "EncryptionConfiguration": { "ObjectEncryptionType": "SSE_S3" diff --git a/awscli/examples/qldb/export-journal-to-s3.rst b/awscli/examples/qldb/export-journal-to-s3.rst index f935178c75af..11c89b185188 100644 --- a/awscli/examples/qldb/export-journal-to-s3.rst +++ b/awscli/examples/qldb/export-journal-to-s3.rst @@ -12,7 +12,7 @@ The following ``export-journal-to-s3`` example creates an export job for journal Contents of ``my-s3-export-config.json``:: { - "Bucket": "awsExampleBucket", + "Bucket": "amzn-s3-demo-bucket", "Prefix": "ledgerexport1/", "EncryptionConfiguration": { "ObjectEncryptionType": "SSE_S3" diff --git a/awscli/examples/qldb/list-journal-s3-exports-for-ledger.rst b/awscli/examples/qldb/list-journal-s3-exports-for-ledger.rst index 14b784d75039..4c3db2b7a6e9 100644 --- a/awscli/examples/qldb/list-journal-s3-exports-for-ledger.rst +++ b/awscli/examples/qldb/list-journal-s3-exports-for-ledger.rst @@ -14,7 +14,7 @@ Output:: "ExclusiveEndTime": 1568847599.0, "ExportCreationTime": 1568847801.418, "S3ExportConfiguration": { - "Bucket": "awsExampleBucket", + "Bucket": "amzn-s3-demo-bucket", "Prefix": "ledgerexport1/", "EncryptionConfiguration": { "ObjectEncryptionType": "SSE_S3" diff --git a/awscli/examples/qldb/list-journal-s3-exports.rst b/awscli/examples/qldb/list-journal-s3-exports.rst index 641e77ab1519..e4add1552bca 100644 --- a/awscli/examples/qldb/list-journal-s3-exports.rst +++ b/awscli/examples/qldb/list-journal-s3-exports.rst @@ -15,7 +15,7 @@ Output:: "EncryptionConfiguration": { "ObjectEncryptionType": "SSE_S3" }, - "Bucket": "awsExampleBucket", + "Bucket": "amzn-s3-demo-bucket", "Prefix": "ledgerexport1/" }, "RoleArn": "arn:aws:iam::123456789012:role/my-s3-export-role", @@ -31,7 +31,7 @@ Output:: "EncryptionConfiguration": { "ObjectEncryptionType": "SSE_S3" }, - "Bucket": "awsExampleBucket", + "Bucket": "amzn-s3-demo-bucket", "Prefix": "ledgerexport1/" }, "RoleArn": "arn:aws:iam::123456789012:role/my-s3-export-role", diff --git a/awscli/examples/rds/create-db-proxy-endpoint.rst b/awscli/examples/rds/create-db-proxy-endpoint.rst new file mode 100644 index 000000000000..3af58a32fb5e --- /dev/null +++ b/awscli/examples/rds/create-db-proxy-endpoint.rst @@ -0,0 +1,34 @@ +**To create a DB proxy endpoint for an RDS database** + +The following ``create-db-proxy-endpoint`` example creates a DB proxy endpoint. :: + + aws rds create-db-proxy-endpoint \ + --db-proxy-name proxyExample \ + --db-proxy-endpoint-name "proxyep1" \ + --vpc-subnet-ids subnetgroup1 subnetgroup2 + +Output:: + + { + "DBProxyEndpoint": { + "DBProxyEndpointName": "proxyep1", + "DBProxyEndpointArn": "arn:aws:rds:us-east-1:123456789012:db-proxy-endpoint:prx-endpoint-0123a01b12345c0ab", + "DBProxyName": "proxyExample", + "Status": "creating", + "VpcId": "vpc-1234567", + "VpcSecurityGroupIds": [ + "sg-1234", + "sg-5678" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Endpoint": "proxyep1.endpoint.proxy-ab0cd1efghij.us-east-1.rds.amazonaws.com", + "CreatedDate": "2023-04-05T16:09:33.452000+00:00", + "TargetRole": "READ_WRITE", + "IsDefault": false + } + } + +For more information, see `Creating a proxy endpoint `__ in the *Amazon RDS User Guide* and `Creating a proxy endpoint `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/create-db-proxy.rst b/awscli/examples/rds/create-db-proxy.rst new file mode 100644 index 000000000000..03f470e1d221 --- /dev/null +++ b/awscli/examples/rds/create-db-proxy.rst @@ -0,0 +1,47 @@ +**To create a DB proxy for an RDS database** + +The following ``create-db-proxy`` example creates a DB proxy. :: + + aws rds create-db-proxy \ + --db-proxy-name proxyExample \ + --engine-family MYSQL \ + --auth Description="proxydescription1",AuthScheme="SECRETS",SecretArn="arn:aws:secretsmanager:us-west-2:123456789123:secret:secretName-1234f",IAMAuth="DISABLED",ClientPasswordAuthType="MYSQL_NATIVE_PASSWORD" \ + --role-arn arn:aws:iam::123456789123:role/ProxyRole \ + --vpc-subnet-ids subnetgroup1 subnetgroup2 + +Output:: + + { + "DBProxy": { + "DBProxyName": "proxyExample", + "DBProxyArn": "arn:aws:rds:us-east-1:123456789012:db-proxy:prx-0123a01b12345c0ab", + "EngineFamily": "MYSQL", + "VpcId": "vpc-1234567", + "VpcSecuritytGroupIds": [ + "sg-1234", + "sg-5678", + "sg-9101" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Auth": "[ + { + "Description": "proxydescription1", + "AuthScheme": "SECRETS", + "SecretArn": "arn:aws:secretsmanager:us-west-2:123456789123:secret:proxysecret1-Abcd1e", + "IAMAuth": "DISABLED" + } + ]", + "RoleArn": "arn:aws:iam::12345678912:role/ProxyRole", + "Endpoint": "proxyExample.proxy-ab0cd1efghij.us-east-1.rds.amazonaws.com", + "RequireTLS": false, + "IdleClientTimeout": 1800, + "DebuggingLogging": false, + "CreatedDate": "2023-04-05T16:09:33.452000+00:00", + "UpdatedDate": "2023-04-13T01:49:38.568000+00:00" + } + } + +For more information, see `Creating an RDS Proxy `__ in the *Amazon RDS User Guide* and `Creating an RDS Proxy `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/create-db-shard-group.rst b/awscli/examples/rds/create-db-shard-group.rst new file mode 100644 index 000000000000..7234e86a945d --- /dev/null +++ b/awscli/examples/rds/create-db-shard-group.rst @@ -0,0 +1,216 @@ +**Example 1: To create an Aurora PostgreSQL primary DB cluster** + +The following ``create-db-cluster`` example creates an Aurora PostgreSQL SQL primary DB cluster that's compatible with Aurora Serverless v2 and Aurora Limitless Database. :: + + aws rds create-db-cluster \ + --db-cluster-identifier my-sv2-cluster \ + --engine aurora-postgresql \ + --engine-version 15.2-limitless \ + --storage-type aurora-iopt1 \ + --serverless-v2-scaling-configuration MinCapacity=2,MaxCapacity=16 \ + --enable-limitless-database \ + --master-username myuser \ + --master-user-password mypassword \ + --enable-cloudwatch-logs-exports postgresql + +Output:: + + { + "DBCluster": { + "AllocatedStorage": 1, + "AvailabilityZones": [ + "us-east-2b", + "us-east-2c", + "us-east-2a" + ], + "BackupRetentionPeriod": 1, + "DBClusterIdentifier": "my-sv2-cluster", + "DBClusterParameterGroup": "default.aurora-postgresql15", + "DBSubnetGroup": "default", + "Status": "creating", + "Endpoint": "my-sv2-cluster.cluster-cekycexample.us-east-2.rds.amazonaws.com", + "ReaderEndpoint": "my-sv2-cluster.cluster-ro-cekycexample.us-east-2.rds.amazonaws.com", + "MultiAZ": false, + "Engine": "aurora-postgresql", + "EngineVersion": "15.2-limitless", + "Port": 5432, + "MasterUsername": "myuser", + "PreferredBackupWindow": "06:05-06:35", + "PreferredMaintenanceWindow": "mon:08:25-mon:08:55", + "ReadReplicaIdentifiers": [], + "DBClusterMembers": [], + "VpcSecurityGroups": [ + { + "VpcSecurityGroupId": "sg-########", + "Status": "active" + } + ], + "HostedZoneId": "Z2XHWR1EXAMPLE", + "StorageEncrypted": false, + "DbClusterResourceId": "cluster-XYEDT6ML6FHIXH4Q2J1EXAMPLE", + "DBClusterArn": "arn:aws:rds:us-east-2:123456789012:cluster:my-sv2-cluster", + "AssociatedRoles": [], + "IAMDatabaseAuthenticationEnabled": false, + "ClusterCreateTime": "2024-02-19T16:24:07.771000+00:00", + "EnabledCloudwatchLogsExports": [ + "postgresql" + ], + "EngineMode": "provisioned", + "DeletionProtection": false, + "HttpEndpointEnabled": false, + "CopyTagsToSnapshot": false, + "CrossAccountClone": false, + "DomainMemberships": [], + "TagList": [], + "StorageType": "aurora-iopt1", + "AutoMinorVersionUpgrade": true, + "ServerlessV2ScalingConfiguration": { + "MinCapacity": 2.0, + "MaxCapacity": 16.0 + }, + "NetworkType": "IPV4", + "IOOptimizedNextAllowedModificationTime": "2024-03-21T16:24:07.781000+00:00", + "LimitlessDatabase": { + "Status": "not-in-use", + "MinRequiredACU": 96.0 + } + } + } + +**Example 2: To create the primary (writer) DB instance** + +The following ``create-db-instance`` example creates an Aurora Serverless v2 primary (writer) DB instance. When you use the console to create a DB cluster, Amazon RDS automatically creates the writer DB instance for your DB cluster. However, when you use the AWS CLI to create a DB cluster, you must explicitly create the writer DB instance for your DB cluster using the ``create-db-instance`` AWS CLI command. :: + + aws rds create-db-instance \ + --db-instance-identifier my-sv2-instance \ + --db-cluster-identifier my-sv2-cluster \ + --engine aurora-postgresql \ + --db-instance-class db.serverless + +Output:: + + { + "DBInstance": { + "DBInstanceIdentifier": "my-sv2-instance", + "DBInstanceClass": "db.serverless", + "Engine": "aurora-postgresql", + "DBInstanceStatus": "creating", + "MasterUsername": "myuser", + "AllocatedStorage": 1, + "PreferredBackupWindow": "06:05-06:35", + "BackupRetentionPeriod": 1, + "DBSecurityGroups": [], + "VpcSecurityGroups": [ + { + "VpcSecurityGroupId": "sg-########", + "Status": "active" + } + ], + "DBParameterGroups": [ + { + "DBParameterGroupName": "default.aurora-postgresql15", + "ParameterApplyStatus": "in-sync" + } + ], + "DBSubnetGroup": { + "DBSubnetGroupName": "default", + "DBSubnetGroupDescription": "default", + "VpcId": "vpc-########", + "SubnetGroupStatus": "Complete", + "Subnets": [ + { + "SubnetIdentifier": "subnet-########", + "SubnetAvailabilityZone": { + "Name": "us-east-2c" + }, + "SubnetOutpost": {}, + "SubnetStatus": "Active" + }, + { + "SubnetIdentifier": "subnet-########", + "SubnetAvailabilityZone": { + "Name": "us-east-2a" + }, + "SubnetOutpost": {}, + "SubnetStatus": "Active" + }, + { + "SubnetIdentifier": "subnet-########", + "SubnetAvailabilityZone": { + "Name": "us-east-2b" + }, + "SubnetOutpost": {}, + "SubnetStatus": "Active" + } + ] + }, + "PreferredMaintenanceWindow": "fri:09:01-fri:09:31", + "PendingModifiedValues": { + "PendingCloudwatchLogsExports": { + "LogTypesToEnable": [ + "postgresql" + ] + } + }, + "MultiAZ": false, + "EngineVersion": "15.2-limitless", + "AutoMinorVersionUpgrade": true, + "ReadReplicaDBInstanceIdentifiers": [], + "LicenseModel": "postgresql-license", + "OptionGroupMemberships": [ + { + "OptionGroupName": "default:aurora-postgresql-15", + "Status": "in-sync" + } + ], + "PubliclyAccessible": false, + "StorageType": "aurora-iopt1", + "DbInstancePort": 0, + "DBClusterIdentifier": "my-sv2-cluster", + "StorageEncrypted": false, + "DbiResourceId": "db-BIQTE3B3K3RM7M74SK5EXAMPLE", + "CACertificateIdentifier": "rds-ca-rsa2048-g1", + "DomainMemberships": [], + "CopyTagsToSnapshot": false, + "MonitoringInterval": 0, + "PromotionTier": 1, + "DBInstanceArn": "arn:aws:rds:us-east-2:123456789012:db:my-sv2-instance", + "IAMDatabaseAuthenticationEnabled": false, + "PerformanceInsightsEnabled": false, + "DeletionProtection": false, + "AssociatedRoles": [], + "TagList": [], + "CustomerOwnedIpEnabled": false, + "BackupTarget": "region", + "NetworkType": "IPV4", + "StorageThroughput": 0, + "CertificateDetails": { + "CAIdentifier": "rds-ca-rsa2048-g1" + }, + "DedicatedLogVolume": false + } + } + +**Example 3: To create the DB shard group** + +The following ``create-db-shard-group`` example creates a DB shard group in your Aurora PostgreSQL primary DB cluster. :: + + aws rds create-db-shard-group \ + --db-shard-group-identifier my-db-shard-group \ + --db-cluster-identifier my-sv2-cluster \ + --max-acu 768 + +Output:: + + { + "DBShardGroupResourceId": "shardgroup-a6e3a0226aa243e2ac6c7a1234567890", + "DBShardGroupIdentifier": "my-db-shard-group", + "DBClusterIdentifier": "my-sv2-cluster", + "MaxACU": 768.0, + "ComputeRedundancy": 0, + "Status": "creating", + "PubliclyAccessible": false, + "Endpoint": "my-sv2-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + } + +For more information, see `Using Aurora Serverless v2 `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/delete-db-parameter-group.rst b/awscli/examples/rds/delete-db-parameter-group.rst index f62bbee8acd4..2037be52b13c 100644 --- a/awscli/examples/rds/delete-db-parameter-group.rst +++ b/awscli/examples/rds/delete-db-parameter-group.rst @@ -1,6 +1,6 @@ **To delete a DB parameter group** -The following ``commmand`` example deletes a DB parameter group. :: +The following ``command`` example deletes a DB parameter group. :: aws rds delete-db-parameter-group \ --db-parameter-group-name mydbparametergroup diff --git a/awscli/examples/rds/delete-db-proxy-endpoint.rst b/awscli/examples/rds/delete-db-proxy-endpoint.rst new file mode 100644 index 000000000000..e7ad996318b8 --- /dev/null +++ b/awscli/examples/rds/delete-db-proxy-endpoint.rst @@ -0,0 +1,33 @@ +**To delete a DB proxy endpoint for an RDS database** + +The following ``delete-db-proxy-endpoint`` example deletes a DB proxy endpoint for the target database. :: + + aws rds delete-db-proxy-endpoint \ + --db-proxy-endpoint-name proxyEP1 + +Output:: + + { + "DBProxyEndpoint": + { + "DBProxyEndpointName": "proxyEP1", + "DBProxyEndpointArn": "arn:aws:rds:us-east-1:123456789012:db-proxy-endpoint:prx-endpoint-0123a01b12345c0ab", + "DBProxyName": "proxyExample", + "Status": "deleting", + "VpcId": "vpc-1234567", + "VpcSecurityGroupIds": [ + "sg-1234", + "sg-5678" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Endpoint": "proxyEP1.endpoint.proxy-ab0cd1efghij.us-east-1.rds.amazonaws.com", + "CreatedDate": "2023-04-13T01:49:38.568000+00:00", + "TargetRole": "READ_ONLY", + "IsDefault": false + } + } + +For more information, see `Deleting a proxy endpoint `__ in the *Amazon RDS User Guide* and `Deleting a proxy endpoint `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/delete-db-proxy.rst b/awscli/examples/rds/delete-db-proxy.rst new file mode 100644 index 000000000000..04d72bf41264 --- /dev/null +++ b/awscli/examples/rds/delete-db-proxy.rst @@ -0,0 +1,43 @@ +**To delete a DB proxy for an RDS database** + +The following ``delete-db-proxy`` example deletes a DB proxy. :: + + aws rds delete-db-proxy \ + --db-proxy-name proxyExample + +Output:: + + { + "DBProxy": + { + "DBProxyName": "proxyExample", + "DBProxyArn": "arn:aws:rds:us-east-1:123456789012:db-proxy:prx-0123a01b12345c0ab", + "Status": "deleting", + "EngineFamily": "PostgreSQL", + "VpcId": "vpc-1234567", + "VpcSecurityGroupIds": [ + "sg-1234", + "sg-5678" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Auth": "[ + { + "Description": "proxydescription`" + "AuthScheme": "SECRETS", + "SecretArn": "arn:aws:secretsmanager:us-west-2:123456789123:secret:proxysecret1-Abcd1e", + "IAMAuth": "DISABLED" + } ], + "RoleArn": "arn:aws:iam::12345678912:role/ProxyPostgreSQLRole", + "Endpoint": "proxyExample.proxy-ab0cd1efghij.us-east-1.rds.amazonaws.com", + "RequireTLS": false, + "IdleClientTimeout": 1800, + "DebuggingLogging": false, + "CreatedDate": "2023-04-05T16:09:33.452000+00:00", + "UpdatedDate": "2023-04-13T01:49:38.568000+00:00" + } + } + +For more information, see `Deleting an RDS Proxy `__ in the *Amazon RDS User Guide* and `Deleting an RDS Proxy `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/delete-db-shard-group.rst b/awscli/examples/rds/delete-db-shard-group.rst new file mode 100644 index 000000000000..dd6f806ec1b9 --- /dev/null +++ b/awscli/examples/rds/delete-db-shard-group.rst @@ -0,0 +1,33 @@ +**Example 1: To delete a DB shard group unsuccessfully** + +The following ``delete-db-shard-group`` example shows the error that occurs when you try to delete a DB shard group before deleting all of your databases and schemas. :: + + aws rds delete-db-shard-group \ + --db-shard-group-identifier limitless-test-shard-grp + +Output:: + + An error occurred (InvalidDBShardGroupState) when calling the DeleteDBShardGroup operation: Unable to delete the DB shard group limitless-test-db-shard-group. + Delete all of your Limitless Database databases and schemas, then try again. + +**Example 2: To delete a DB shard group successfully** + +The following ``delete-db-shard-group`` example deletes a DB shard group after you've deleted all of your databases and schemas, including the ``public`` schema. :: + + aws rds delete-db-shard-group \ + --db-shard-group-identifier limitless-test-shard-grp + +Output:: + + { + "DBShardGroupResourceId": "shardgroup-7bb446329da94788b3f957746example", + "DBShardGroupIdentifier": "limitless-test-shard-grp", + "DBClusterIdentifier": "limitless-test-cluster", + "MaxACU": 768.0, + "ComputeRedundancy": 0, + "Status": "deleting", + "PubliclyAccessible": true, + "Endpoint": "limitless-test-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + } + +For more information, see `Deleting Aurora DB clusters and DB instances `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/deregister-db-proxy-targets.rst b/awscli/examples/rds/deregister-db-proxy-targets.rst new file mode 100644 index 000000000000..f345d0671b84 --- /dev/null +++ b/awscli/examples/rds/deregister-db-proxy-targets.rst @@ -0,0 +1,11 @@ +**To deregister a DB proxy target from database target group** + +The following ``deregister-db-proxy-targets`` example removes the association between the proxy ``proxyExample`` and its target. :: + + aws rds deregister-db-proxy-targets \ + --db-proxy-name proxyExample \ + --db-instance-identifiers database-1 + +This command produces no output. + +For more information, see `Deleting an RDS Proxy `__ in the *Amazon RDS User Guide* and `Deleting an RDS Proxy `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/describe-certificates.rst b/awscli/examples/rds/describe-certificates.rst index 168660e0317f..087d5ba64c57 100644 --- a/awscli/examples/rds/describe-certificates.rst +++ b/awscli/examples/rds/describe-certificates.rst @@ -9,12 +9,44 @@ Output:: { "Certificates": [ { - "Thumbprint": "34478a908a83ae45dcb61676d235ece975c62c63", - "ValidFrom": "2015-02-05T21:54:04Z", - "CertificateIdentifier": "rds-ca-2015", - "ValidTill": "2020-03-05T21:54:04Z", + "CertificateIdentifier": "rds-ca-ecc384-g1", "CertificateType": "CA", - "CertificateArn": "arn:aws:rds:us-east-1::cert:rds-ca-2015" + "Thumbprint": "2ee3dcc06e50192559b13929e73484354f23387d", + "ValidFrom": "2021-05-24T22:06:59+00:00", + "ValidTill": "2121-05-24T23:06:59+00:00", + "CertificateArn": "arn:aws:rds:us-west-2::cert:rds-ca-ecc384-g1", + "CustomerOverride": false + }, + { + "CertificateIdentifier": "rds-ca-rsa4096-g1", + "CertificateType": "CA", + "Thumbprint": "19da4f2af579a8ae1f6a0fa77aa5befd874b4cab", + "ValidFrom": "2021-05-24T22:03:20+00:00", + "ValidTill": "2121-05-24T23:03:20+00:00", + "CertificateArn": "arn:aws:rds:us-west-2::cert:rds-ca-rsa4096-g1", + "CustomerOverride": false + }, + { + "CertificateIdentifier": "rds-ca-rsa2048-g1", + "CertificateType": "CA", + "Thumbprint": "7c40cb42714b6fdb2b296f9bbd0e8bb364436a76", + "ValidFrom": "2021-05-24T21:59:00+00:00", + "ValidTill": "2061-05-24T22:59:00+00:00", + "CertificateArn": "arn:aws:rds:us-west-2::cert:rds-ca-rsa2048-g1", + "CustomerOverride": true, + "CustomerOverrideValidTill": "2061-05-24T22:59:00+00:00" + }, + { + "CertificateIdentifier": "rds-ca-2019", + "CertificateType": "CA", + "Thumbprint": "d40ddb29e3750dffa671c3140bbf5f478d1c8096", + "ValidFrom": "2019-08-22T17:08:50+00:00", + "ValidTill": "2024-08-22T17:08:50+00:00", + "CertificateArn": "arn:aws:rds:us-west-2::cert:rds-ca-2019", + "CustomerOverride": false } - ] + ], + "DefaultCertificateForNewLaunches": "rds-ca-rsa2048-g1" } + +For more information, see `Using SSL/TLS to encrypt a connection to a DB instance `__ in the *Amazon RDS User Guide* and `Using SSL/TLS to encrypt a connection to a DB cluster `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/describe-db-proxies.rst b/awscli/examples/rds/describe-db-proxies.rst new file mode 100644 index 000000000000..a3097c6c784f --- /dev/null +++ b/awscli/examples/rds/describe-db-proxies.rst @@ -0,0 +1,72 @@ +**To describe a DB proxy for an RDS database** + +The following ``describe-db-proxies`` example returns information about DB proxies. :: + + aws rds describe-db-proxies + +Output:: + + { + "DBProxies": [ + { + "DBProxyName": "proxyExample1", + "DBProxyArn": "arn:aws:rds:us-east-1:123456789012:db-proxy:prx-0123a01b12345c0ab", + "Status": "available", + "EngineFamily": "PostgreSQL", + "VpcId": "vpc-1234567", + "VpcSecurityGroupIds": [ + "sg-1234" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Auth": "[ + { + "Description": "proxydescription1" + "AuthScheme": "SECRETS", + "SecretArn": "arn:aws:secretsmanager:us-west-2:123456789123:secret:secretName-1234f", + "IAMAuth": "DISABLED" + } + ]", + "RoleArn": "arn:aws:iam::12345678912??:role/ProxyPostgreSQLRole", + "Endpoint": "proxyExample1.proxy-ab0cd1efghij.us-east-1.rds.amazonaws.com", + "RequireTLS": false, + "IdleClientTimeout": 1800, + "DebuggingLogging": false, + "CreatedDate": "2023-04-05T16:09:33.452000+00:00", + "UpdatedDate": "2023-04-13T01:49:38.568000+00:00" + }, + { + "DBProxyName": "proxyExample2", + "DBProxyArn": "arn:aws:rds:us-east-1:123456789012:db-proxy:prx-1234a12b23456c1ab", + "Status": "available", + "EngineFamily": "PostgreSQL", + "VpcId": "sg-1234567", + "VpcSecurityGroupIds": [ + "sg-1234" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Auth": "[ + { + "Description": "proxydescription2" + "AuthScheme": "SECRETS", + "SecretArn": "aarn:aws:secretsmanager:us-west-2:123456789123:secret:secretName-1234f", + "IAMAuth": "DISABLED" + } + ]", + "RoleArn": "arn:aws:iam::12345678912:role/ProxyPostgreSQLRole", + "Endpoint": "proxyExample2.proxy-ab0cd1efghij.us-east-1.rds.amazonaws.com", + "RequireTLS": false, + "IdleClientTimeout": 1800, + "DebuggingLogging": false, + "CreatedDate": "2022-01-05T16:19:33.452000+00:00", + "UpdatedDate": "2023-04-13T01:49:38.568000+00:00" + } + ] + } + +For more information, see `Viewing an RDS Proxy `__ in the *Amazon RDS User Guide* and `Viewing an RDS Proxy `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/describe-db-proxy-endpoints.rst b/awscli/examples/rds/describe-db-proxy-endpoints.rst new file mode 100644 index 000000000000..9662850b0cde --- /dev/null +++ b/awscli/examples/rds/describe-db-proxy-endpoints.rst @@ -0,0 +1,50 @@ +**To describe a DB proxy endpoints** + +The following ``describe-db-proxy-endpoints`` example returns information about DB proxy endpoints. :: + + aws rds describe-db-proxy-endpoints + +Output:: + + { + "DBProxyEndpoints": [ + { + "DBProxyEndpointName": "proxyEndpoint1", + "DBProxyEndpointArn": "arn:aws:rds:us-east-1:123456789012:db-proxy-endpoint:prx-endpoint-0123a01b12345c0ab", + "DBProxyName": "proxyExample", + "Status": "available", + "VpcId": "vpc-1234567", + "VpcSecurityGroupIds": [ + "sg-1234" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Endpoint": "proxyEndpoint1.endpoint.proxy-ab0cd1efghij.us-east-1.rds.amazonaws.com", + "CreatedDate": "2023-04-05T16:09:33.452000+00:00", + "TargetRole": "READ_WRITE", + "IsDefault": false + }, + { + "DBProxyEndpointName": "proxyEndpoint2", + "DBProxyEndpointArn": "arn:aws:rds:us-east-1:123456789012:db-proxy-endpoint:prx-endpoint-4567a01b12345c0ab", + "DBProxyName": "proxyExample2", + "Status": "available", + "VpcId": "vpc1234567", + "VpcSecurityGroupIds": [ + "sg-5678" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Endpoint": "proxyEndpoint2.endpoint.proxy-cd1ef2klmnop.us-east-1.rds.amazonaws.com", + "CreatedDate": "2023-04-05T16:09:33.452000+00:00", + "TargetRole": "READ_WRITE", + "IsDefault": false + } + ] + } + +For more information, see `Viewing a proxy endpoint `__ in the *Amazon RDS User Guide* and `Creating a proxy endpoint `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/describe-db-proxy-target-groups.rst b/awscli/examples/rds/describe-db-proxy-target-groups.rst new file mode 100644 index 000000000000..241f1867cbe1 --- /dev/null +++ b/awscli/examples/rds/describe-db-proxy-target-groups.rst @@ -0,0 +1,29 @@ +**To describe a DB proxy endpoints** + +The following ``describe-db-proxy-target-groups`` example returns information about DB proxy target groups. :: + + aws rds describe-db-proxy-target-groups \ + --db-proxy-name proxyExample + +Output:: + + { + "TargetGroups": + { + "DBProxyName": "proxyExample", + "TargetGroupName": "default", + "TargetGroupArn": "arn:aws:rds:us-east-1:123456789012:target-group:prx-tg-0123a01b12345c0ab", + "IsDefault": true, + "Status": "available", + "ConnectionPoolConfig": { + "MaxConnectionsPercent": 100, + "MaxIdleConnectionsPercent": 50, + "ConnectionBorrowTimeout": 120, + "SessionPinningFilters": [] + }, + "CreatedDate": "2023-05-02T18:41:19.495000+00:00", + "UpdatedDate": "2023-05-02T18:41:21.762000+00:00" + } + } + +For more information, see `Viewing an RDS Proxy `__ in the *Amazon RDS User Guide* and `Viewing an RDS Proxy `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/describe-db-proxy-targets.rst b/awscli/examples/rds/describe-db-proxy-targets.rst new file mode 100644 index 000000000000..8b09b3a9438a --- /dev/null +++ b/awscli/examples/rds/describe-db-proxy-targets.rst @@ -0,0 +1,28 @@ +**To describe DB proxy targets** + +The following ``describe-db-proxy-targets`` example returns information about DB proxy targets. :: + + aws rds describe-db-proxy-targets \ + --db-proxy-name proxyExample + +Output:: + + { + "Targets": [ + { + "Endpoint": "database1.ab0cd1efghij.us-east-1.rds.amazonaws.com", + "TrackedClusterId": "database1", + "RdsResourceId": "database1-instance-1", + "Port": 3306, + "Type": "RDS_INSTANCE", + "Role": "READ_WRITE", + "TargetHealth": { + "State": "UNAVAILABLE", + "Reason": "PENDING_PROXY_CAPACITY", + "Description": "DBProxy Target is waiting for proxy to scale to desired capacity" + } + } + ] + } + +For more information, see `Viewing an RDS proxy `__ in the *Amazon RDS User Guide* and `Viewing an RDS proxy `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/describe-db-recommendations.rst b/awscli/examples/rds/describe-db-recommendations.rst new file mode 100644 index 000000000000..f66da5c00205 --- /dev/null +++ b/awscli/examples/rds/describe-db-recommendations.rst @@ -0,0 +1,302 @@ +**Example 1: To list all DB recommendations** + +The following ``describe-db-recommendations`` example lists all DB recommendations in your AWS account. :: + + aws rds describe-db-recommendations + +Output:: + + { + "DBRecommendations": [ + { + "RecommendationId": "12ab3cde-f456-7g8h-9012-i3j45678k9lm", + "TypeId": "config_recommendation::old_minor_version", + "Severity": "informational", + "ResourceArn": "arn:aws:rds:us-west-2:111122223333:db:database-1", + "Status": "active", + "CreatedTime": "2024-02-21T23:14:19.292000+00:00", + "UpdatedTime": "2024-02-21T23:14:19+00:00", + "Detection": "**[resource-name]** is not running the latest minor DB engine version", + "Recommendation": "Upgrade to latest engine version", + "Description": "Your database resources aren't running the latest minor DB engine version. The latest minor version contains the latest security fixes and other improvements.", + "RecommendedActions": [ + { + "ActionId": "12ab34c5de6fg7h89i0jk1lm234n5678", + "Operation": "modifyDbInstance", + "Parameters": [ + { + "Key": "EngineVersion", + "Value": "5.7.44" + }, + { + "Key": "DBInstanceIdentifier", + "Value": "database-1" + } + ], + "ApplyModes": [ + "immediately", + "next-maintenance-window" + ], + "Status": "ready", + "ContextAttributes": [ + { + "Key": "Recommended value", + "Value": "5.7.44" + }, + { + "Key": "Current engine version", + "Value": "5.7.42" + } + ] + } + ], + "Category": "security", + "Source": "RDS", + "TypeDetection": "**[resource-count] resources** are not running the latest minor DB engine version", + "TypeRecommendation": "Upgrade to latest engine version", + "Impact": "Reduced database performance and data security at risk", + "AdditionalInfo": "We recommend that you maintain your database with the latest DB engine minor version as this version includes the latest security and functionality fixes. The DB engine minor version upgrades contain only the changes which are backward-compatible with earlier minor versions of the same major version of the DB engine.", + "Links": [ + { + "Text": "Upgrading an RDS DB instance engine version", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html" + }, + { + "Text": "Using Amazon RDS Blue/Green Deployments for database updates for Amazon Aurora", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/blue-green-deployments.html" + }, + { + "Text": "Using Amazon RDS Blue/Green Deployments for database updates for Amazon RDS", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/blue-green-deployments.html" + } + ] + } + ] + } + +For more information, see `Viewing and responding to Amazon RDS recommendations `__ in the *Amazon RDS User Guide* and `Viewing and responding to Amazon RDS recommendations `__ in the *Amazon Aurora User Guide*. + +**Example 2: To list high severity DB recommendations** + +The following ``describe-db-recommendations`` example lists high severity DB recommendations in your AWS account. :: + + aws rds describe-db-recommendations \ + --filters Name=severity,Values=high + +Output:: + + { + "DBRecommendations": [ + { + "RecommendationId": "12ab3cde-f456-7g8h-9012-i3j45678k9lm", + "TypeId": "config_recommendation::rds_extended_support", + "Severity": "high", + "ResourceArn": "arn:aws:rds:us-west-2:111122223333:db:database-1", + "Status": "active", + "CreatedTime": "2024-02-21T23:14:19.392000+00:00", + "UpdatedTime": "2024-02-21T23:14:19+00:00", + "Detection": "Your databases will be auto-enrolled to RDS Extended Support on February 29", + "Recommendation": "Upgrade your major version before February 29, 2024 to avoid additional charges", + "Description": "Your PostgreSQL 11 and MySQL 5.7 databases will be automatically enrolled into RDS Extended Support on February 29, 2024. To avoid the increase in charges due to RDS Extended Support, we recommend upgrading your databases to a newer major engine version before February 29, 2024.\nTo learn more about the RDS Extended Support pricing, refer to the pricing page.", + "RecommendedActions": [ + { + "ActionId": "12ab34c5de6fg7h89i0jk1lm234n5678", + "Parameters": [], + "ApplyModes": [ + "manual" + ], + "Status": "ready", + "ContextAttributes": [] + } + ], + "Category": "cost optimization", + "Source": "RDS", + "TypeDetection": "Your database will be auto-enrolled to RDS Extended Support on February 29", + "TypeRecommendation": "Upgrade your major version before February 29, 2024 to avoid additional charges", + "Impact": "Increase in charges due to RDS Extended Support", + "AdditionalInfo": "With Amazon RDS Extended Support, you can continue running your database on a major engine version past the RDS end of standard support date for an additional cost. This paid feature gives you more time to upgrade to a supported major engine version.\nDuring Extended Support, Amazon RDS will supply critical CVE patches and bug fixes.", + "Links": [ + { + "Text": "Amazon RDS Extended Support pricing for RDS for MySQL", + "Url": "https://aws.amazon.com/rds/mysql/pricing/" + }, + { + "Text": "Amazon RDS Extended Support for RDS for MySQL and PostgreSQL databases", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/extended-support.html" + }, + { + "Text": "Amazon RDS Extended Support pricing for Amazon Aurora PostgreSQL", + "Url": "https://aws.amazon.com/rds/aurora/pricing/" + }, + { + "Text": "Amazon RDS Extended Support for Aurora PostgreSQL databases", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/extended-support.html" + }, + { + "Text": "Amazon RDS Extended Support pricing for RDS for PostgreSQL", + "Url": "https://aws.amazon.com/rds/postgresql/pricing/" + } + ] + } + ] + } + +For more information, see `Viewing and responding to Amazon RDS recommendations `__ in the *Amazon RDS User Guide* and `Viewing and responding to Amazon RDS recommendations `__ in the *Amazon Aurora User Guide*. + +**Example 3: To list DB recommendations for a specified DB instance** + +The following ``describe-db-recommendations`` example lists all DB recommendations for a specified DB instance. :: + + aws rds describe-db-recommendations \ + --filters Name=dbi-resource-id,Values=database-1 + +Output:: + + { + "DBRecommendations": [ + { + "RecommendationId": "12ab3cde-f456-7g8h-9012-i3j45678k9lm", + "TypeId": "config_recommendation::old_minor_version", + "Severity": "informational", + "ResourceArn": "arn:aws:rds:us-west-2:111122223333:db:database-1", + "Status": "active", + "CreatedTime": "2024-02-21T23:14:19.292000+00:00", + "UpdatedTime": "2024-02-21T23:14:19+00:00", + "Detection": "**[resource-name]** is not running the latest minor DB engine version", + "Recommendation": "Upgrade to latest engine version", + "Description": "Your database resources aren't running the latest minor DB engine version. The latest minor version contains the latest security fixes and other improvements.", + "RecommendedActions": [ + { + "ActionId": "12ab34c5de6fg7h89i0jk1lm234n5678", + "Operation": "modifyDbInstance", + "Parameters": [ + { + "Key": "EngineVersion", + "Value": "5.7.44" + }, + { + "Key": "DBInstanceIdentifier", + "Value": "database-1" + } + ], + "ApplyModes": [ + "immediately", + "next-maintenance-window" + ], + "Status": "ready", + "ContextAttributes": [ + { + "Key": "Recommended value", + "Value": "5.7.44" + }, + { + "Key": "Current engine version", + "Value": "5.7.42" + } + ] + } + ], + "Category": "security", + "Source": "RDS", + "TypeDetection": "**[resource-count] resources** are not running the latest minor DB engine version", + "TypeRecommendation": "Upgrade to latest engine version", + "Impact": "Reduced database performance and data security at risk", + "AdditionalInfo": "We recommend that you maintain your database with the latest DB engine minor version as this version includes the latest security and functionality fixes. The DB engine minor version upgrades contain only the changes which are backward-compatible with earlier minor versions of the same major version of the DB engine.", + "Links": [ + { + "Text": "Upgrading an RDS DB instance engine version", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html" + }, + { + "Text": "Using Amazon RDS Blue/Green Deployments for database updates for Amazon Aurora", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/blue-green-deployments.html" + }, + { + "Text": "Using Amazon RDS Blue/Green Deployments for database updates for Amazon RDS", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/blue-green-deployments.html" + } + ] + } + ] + } + +For more information, see `Viewing and responding to Amazon RDS recommendations `__ in the *Amazon RDS User Guide* and `Viewing and responding to Amazon RDS recommendations `__ in the *Amazon Aurora User Guide*. + +**Example 4: To list all active DB recommendations** + +The following ``describe-db-recommendations`` example lists all active DB recommendations in your AWS account. :: + + aws rds describe-db-recommendations \ + --filters Name=status,Values=active + +Output:: + + { + "DBRecommendations": [ + { + "RecommendationId": "12ab3cde-f456-7g8h-9012-i3j45678k9lm", + "TypeId": "config_recommendation::old_minor_version", + "Severity": "informational", + "ResourceArn": "arn:aws:rds:us-west-2:111122223333:db:database-1", + "Status": "active", + "CreatedTime": "2024-02-21T23:14:19.292000+00:00", + "UpdatedTime": "2024-02-21T23:14:19+00:00", + "Detection": "**[resource-name]** is not running the latest minor DB engine version", + "Recommendation": "Upgrade to latest engine version", + "Description": "Your database resources aren't running the latest minor DB engine version. The latest minor version contains the latest security fixes and other improvements.", + "RecommendedActions": [ + { + "ActionId": "12ab34c5de6fg7h89i0jk1lm234n5678", + "Operation": "modifyDbInstance", + "Parameters": [ + { + "Key": "EngineVersion", + "Value": "5.7.44" + }, + { + "Key": "DBInstanceIdentifier", + "Value": "database-1" + } + ], + "ApplyModes": [ + "immediately", + "next-maintenance-window" + ], + "Status": "ready", + "ContextAttributes": [ + { + "Key": "Recommended value", + "Value": "5.7.44" + }, + { + "Key": "Current engine version", + "Value": "5.7.42" + } + ] + } + ], + "Category": "security", + "Source": "RDS", + "TypeDetection": "**[resource-count] resources** are not running the latest minor DB engine version", + "TypeRecommendation": "Upgrade to latest engine version", + "Impact": "Reduced database performance and data security at risk", + "AdditionalInfo": "We recommend that you maintain your database with the latest DB engine minor version as this version includes the latest security and functionality fixes. The DB engine minor version upgrades contain only the changes which are backward-compatible with earlier minor versions of the same major version of the DB engine.", + "Links": [ + { + "Text": "Upgrading an RDS DB instance engine version", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Upgrading.html" + }, + { + "Text": "Using Amazon RDS Blue/Green Deployments for database updates for Amazon Aurora", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/blue-green-deployments.html" + }, + { + "Text": "Using Amazon RDS Blue/Green Deployments for database updates for Amazon RDS", + "Url": "https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/blue-green-deployments.html" + } + ] + } + ] + } + +For more information, see `Viewing and responding to Amazon RDS recommendations `__ in the *Amazon RDS User Guide* and `Viewing and responding to Amazon RDS recommendations `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/describe-db-shard-groups.rst b/awscli/examples/rds/describe-db-shard-groups.rst new file mode 100644 index 000000000000..8f6a04abe7c8 --- /dev/null +++ b/awscli/examples/rds/describe-db-shard-groups.rst @@ -0,0 +1,34 @@ +**Example 1: To describe DB shard groups** + +The following ``describe-db-shard-groups`` example retrieves the details of your DB shard groups. :: + + aws rds describe-db-shard-groups + +Output:: + + { + "DBShardGroups": [ + { + "DBShardGroupResourceId": "shardgroup-7bb446329da94788b3f957746example", + "DBShardGroupIdentifier": "limitless-test-shard-grp", + "DBClusterIdentifier": "limitless-test-cluster", + "MaxACU": 768.0, + "ComputeRedundancy": 0, + "Status": "available", + "PubliclyAccessible": true, + "Endpoint": "limitless-test-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + }, + { + "DBShardGroupResourceId": "shardgroup-a6e3a0226aa243e2ac6c7a1234567890", + "DBShardGroupIdentifier": "my-db-shard-group", + "DBClusterIdentifier": "my-sv2-cluster", + "MaxACU": 768.0, + "ComputeRedundancy": 0, + "Status": "available", + "PubliclyAccessible": false, + "Endpoint": "my-sv2-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + } + ] + } + +For more information, see `Amazon Aurora DB Clusters `__ in the *Amazon Aurora User Guide*. diff --git a/awscli/examples/rds/download-db-log-file-portion.rst b/awscli/examples/rds/download-db-log-file-portion.rst index 3434b57b6034..3dd10e8523ef 100644 --- a/awscli/examples/rds/download-db-log-file-portion.rst +++ b/awscli/examples/rds/download-db-log-file-portion.rst @@ -1,4 +1,4 @@ -**To download a DB log file** +**Example 1: To download the latest part of a DB log file** The following ``download-db-log-file-portion`` example downloads only the latest part of your log file, saving it to a local file named ``tail.txt``. :: @@ -7,7 +7,11 @@ The following ``download-db-log-file-portion`` example downloads only the latest --log-file-name log.txt \ --output text > tail.txt -To download the entire file, you need to include the ``--starting-token 0`` parameter. The following example saves the output to a local file named ``full.txt``. :: +The saved file might contain blank lines. They appear at the end of each part of the log file while being downloaded. + +**Example 2: To download an entire DB log file** + +The following ``download-db-log-file-portion`` example downloads the entire log file, using the ``--starting-token 0`` parameter, and saves the output to a local file named ``full.txt``. :: aws rds download-db-log-file-portion \ --db-instance-identifier test-instance \ @@ -15,4 +19,4 @@ To download the entire file, you need to include the ``--starting-token 0`` para --starting-token 0 \ --output text > full.txt -The saved file might contain blank lines. They appear at the end of each part of the log file while being downloaded. This generally doesn't cause any trouble in your log file analysis. +The saved file might contain blank lines. They appear at the end of each part of the log file while being downloaded. \ No newline at end of file diff --git a/awscli/examples/rds/modify-db-cluster.rst b/awscli/examples/rds/modify-db-cluster.rst index fd60a0d99bbd..ba40e3579ff8 100644 --- a/awscli/examples/rds/modify-db-cluster.rst +++ b/awscli/examples/rds/modify-db-cluster.rst @@ -1,71 +1,125 @@ -**To modify a DB cluster** - -The following ``modify-db-cluster`` example changes the master user password for the DB cluster named ``cluster-2`` and sets the backup retention period to 14 days. The ``--apply-immediately`` parameter causes the changes to be made immediately, instead of waiting until the next maintenance window. :: - - aws rds modify-db-cluster \ - --db-cluster-identifier cluster-2 \ - --backup-retention-period 14 \ - --master-user-password newpassword99 \ - --apply-immediately - - -Output:: - - { - "DBCluster": { - "AllocatedStorage": 1, - "AvailabilityZones": [ - "eu-central-1b", - "eu-central-1c", - "eu-central-1a" - ], - "BackupRetentionPeriod": 14, - "DatabaseName": "", - "DBClusterIdentifier": "cluster-2", - "DBClusterParameterGroup": "default.aurora5.6", - "DBSubnetGroup": "default-vpc-2305ca49", - "Status": "available", - "EarliestRestorableTime": "2020-06-03T02:07:29.637Z", - "Endpoint": "cluster-2.cluster-############.eu-central-1.rds.amazonaws.com", - "ReaderEndpoint": "cluster-2.cluster-ro-############.eu-central-1.rds.amazonaws.com", - "MultiAZ": false, - "Engine": "aurora", - "EngineVersion": "5.6.10a", - "LatestRestorableTime": "2020-06-04T15:11:25.748Z", - "Port": 3306, - "MasterUsername": "admin", - "PreferredBackupWindow": "01:55-02:25", - "PreferredMaintenanceWindow": "thu:21:14-thu:21:44", - "ReadReplicaIdentifiers": [], - "DBClusterMembers": [ - { - "DBInstanceIdentifier": "cluster-2-instance-1", - "IsClusterWriter": true, - "DBClusterParameterGroupStatus": "in-sync", - "PromotionTier": 1 - } - ], - "VpcSecurityGroups": [ - { - "VpcSecurityGroupId": "sg-20a5c047", - "Status": "active" - } - ], - "HostedZoneId": "Z1RLNU0EXAMPLE", - "StorageEncrypted": true, - "KmsKeyId": "arn:aws:kms:eu-central-1:123456789012:key/d1bd7c8f-5cdb-49ca-8a62-a1b2c3d4e5f6", - "DbClusterResourceId": "cluster-AGJ7XI77XVIS6FUXHU1EXAMPLE", - "DBClusterArn": "arn:aws:rds:eu-central-1:123456789012:cluster:cluster-2", - "AssociatedRoles": [], - "IAMDatabaseAuthenticationEnabled": false, - "ClusterCreateTime": "2020-04-03T14:44:02.764Z", - "EngineMode": "provisioned", - "DeletionProtection": false, - "HttpEndpointEnabled": false, - "CopyTagsToSnapshot": true, - "CrossAccountClone": false, - "DomainMemberships": [] - } - } - -For more information, see `Modifying an Amazon Aurora DB Cluster `__ in the *Amazon Aurora User Guide*. +**Example 1: To modify a DB cluster** + +The following ``modify-db-cluster`` example changes the master user password for the DB cluster named ``cluster-2`` and sets the backup retention period to 14 days. The ``--apply-immediately`` parameter causes the changes to be made immediately, instead of waiting until the next maintenance window. :: + + aws rds modify-db-cluster \ + --db-cluster-identifier cluster-2 \ + --backup-retention-period 14 \ + --master-user-password newpassword99 \ + --apply-immediately + +Output:: + + { + "DBCluster": { + "AllocatedStorage": 1, + "AvailabilityZones": [ + "eu-central-1b", + "eu-central-1c", + "eu-central-1a" + ], + "BackupRetentionPeriod": 14, + "DatabaseName": "", + "DBClusterIdentifier": "cluster-2", + "DBClusterParameterGroup": "default.aurora5.6", + "DBSubnetGroup": "default-vpc-2305ca49", + "Status": "available", + "EarliestRestorableTime": "2020-06-03T02:07:29.637Z", + "Endpoint": "cluster-2.cluster-############.eu-central-1.rds.amazonaws.com", + "ReaderEndpoint": "cluster-2.cluster-ro-############.eu-central-1.rds.amazonaws.com", + "MultiAZ": false, + "Engine": "aurora", + "EngineVersion": "5.6.10a", + "LatestRestorableTime": "2020-06-04T15:11:25.748Z", + "Port": 3306, + "MasterUsername": "admin", + "PreferredBackupWindow": "01:55-02:25", + "PreferredMaintenanceWindow": "thu:21:14-thu:21:44", + "ReadReplicaIdentifiers": [], + "DBClusterMembers": [ + { + "DBInstanceIdentifier": "cluster-2-instance-1", + "IsClusterWriter": true, + "DBClusterParameterGroupStatus": "in-sync", + "PromotionTier": 1 + } + ], + "VpcSecurityGroups": [ + { + "VpcSecurityGroupId": "sg-20a5c047", + "Status": "active" + } + ], + "HostedZoneId": "Z1RLNU0EXAMPLE", + "StorageEncrypted": true, + "KmsKeyId": "arn:aws:kms:eu-central-1:123456789012:key/d1bd7c8f-5cdb-49ca-8a62-a1b2c3d4e5f6", + "DbClusterResourceId": "cluster-AGJ7XI77XVIS6FUXHU1EXAMPLE", + "DBClusterArn": "arn:aws:rds:eu-central-1:123456789012:cluster:cluster-2", + "AssociatedRoles": [], + "IAMDatabaseAuthenticationEnabled": false, + "ClusterCreateTime": "2020-04-03T14:44:02.764Z", + "EngineMode": "provisioned", + "DeletionProtection": false, + "HttpEndpointEnabled": false, + "CopyTagsToSnapshot": true, + "CrossAccountClone": false, + "DomainMemberships": [] + } + } + +For more information, see `Modifying an Amazon Aurora DB Cluster `__ in the *Amazon Aurora User Guide*. + +**Example 2: To associate VPC security group with a DB cluster** + +The following ``modify-db-instance`` example associates a specific VPC security group and removes DB security groups from a DB cluster. :: + + aws rds modify-db-cluster \ + --db-cluster-identifier dbName \ + --vpc-security-group-ids sg-ID + +Output:: + + { + "DBCluster": { + "AllocatedStorage": 1, + "AvailabilityZones": [ + "us-west-2c", + "us-west-2b", + "us-west-2a" + ], + "BackupRetentionPeriod": 1, + "DBClusterIdentifier": "dbName", + "DBClusterParameterGroup": "default.aurora-mysql8.0", + "DBSubnetGroup": "default", + "Status": "available", + "EarliestRestorableTime": "2024-02-15T01:12:13.966000+00:00", + "Endpoint": "dbName.cluster-abcdefghji.us-west-2.rds.amazonaws.com", + "ReaderEndpoint": "dbName.cluster-ro-abcdefghji.us-west-2.rds.amazonaws.com", + "MultiAZ": false, + "Engine": "aurora-mysql", + "EngineVersion": "8.0.mysql_aurora.3.04.1", + "LatestRestorableTime": "2024-02-15T02:25:33.696000+00:00", + "Port": 3306, + "MasterUsername": "admin", + "PreferredBackupWindow": "10:59-11:29", + "PreferredMaintenanceWindow": "thu:08:54-thu:09:24", + "ReadReplicaIdentifiers": [], + "DBClusterMembers": [ + { + "DBInstanceIdentifier": "dbName-instance-1", + "IsClusterWriter": true, + "DBClusterParameterGroupStatus": "in-sync", + "PromotionTier": 1 + } + ], + "VpcSecurityGroups": [ + { + "VpcSecurityGroupId": "sg-ID", + "Status": "active" + } + ], + ...output omitted... + } + } + +For more information, see `Controlling access with security groups `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/modify-db-instance.rst b/awscli/examples/rds/modify-db-instance.rst index d45b798ed156..38f903f9138f 100644 --- a/awscli/examples/rds/modify-db-instance.rst +++ b/awscli/examples/rds/modify-db-instance.rst @@ -1,4 +1,4 @@ -**To modify a DB instance** +**Example 1: To modify a DB instance** The following ``modify-db-instance`` example associates an option group and a parameter group with a compatible Microsoft SQL Server DB instance. The ``--apply-immediately`` parameter causes the option and parameter groups to be associated immediately, instead of waiting until the next maintenance window. :: @@ -54,3 +54,49 @@ Output:: } For more information, see `Modifying an Amazon RDS DB Instance `__ in the *Amazon RDS User Guide*. + +**Example 2: To associate VPC security group with a DB instance** + +The following ``modify-db-instance`` example associates a specific VPC security group and removes DB security groups from a DB instance:: + + aws rds modify-db-instance \ + --db-instance-identifier dbName \ + --vpc-security-group-ids sg-ID + +Output:: + + { + "DBInstance": { + "DBInstanceIdentifier": "dbName", + "DBInstanceClass": "db.t3.micro", + "Engine": "mysql", + "DBInstanceStatus": "available", + "MasterUsername": "admin", + "Endpoint": { + "Address": "dbName.abcdefghijk.us-west-2.rds.amazonaws.com", + "Port": 3306, + "HostedZoneId": "ABCDEFGHIJK1234" + }, + "AllocatedStorage": 20, + "InstanceCreateTime": "2024-02-15T00:37:58.793000+00:00", + "PreferredBackupWindow": "11:57-12:27", + "BackupRetentionPeriod": 7, + "DBSecurityGroups": [], + "VpcSecurityGroups": [ + { + "VpcSecurityGroupId": "sg-ID", + "Status": "active" + } + ], + ... output omitted ... + "MultiAZ": false, + "EngineVersion": "8.0.35", + "AutoMinorVersionUpgrade": true, + "ReadReplicaDBInstanceIdentifiers": [], + "LicenseModel": "general-public-license", + + ... output ommited ... + } + } + +For more information, see `Controlling access with security groups `__ in the *Amazon RDS User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/modify-db-proxy-endpoint.rst b/awscli/examples/rds/modify-db-proxy-endpoint.rst new file mode 100644 index 000000000000..9ffd97dd1fe4 --- /dev/null +++ b/awscli/examples/rds/modify-db-proxy-endpoint.rst @@ -0,0 +1,33 @@ +**To modify a DB proxy endpoint for an RDS database** + +The following ``modify-db-proxy-endpoint`` example modifies a DB proxy endpoint ``proxyEndpoint`` to set the read-timeout to 65 seconds. :: + + aws rds modify-db-proxy-endpoint \ + --db-proxy-endpoint-name proxyEndpoint \ + --cli-read-timeout 65 + +Output:: + + { + "DBProxyEndpoint": + { + "DBProxyEndpointName": "proxyEndpoint", + "DBProxyEndpointArn": "arn:aws:rds:us-east-1:123456789012:db-proxy-endpoint:prx-endpoint-0123a01b12345c0ab", + "DBProxyName": "proxyExample", + "Status": "available", + "VpcId": "vpc-1234567", + "VpcSecurityGroupIds": [ + "sg-1234" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Endpoint": "proxyEndpoint.endpoint.proxyExample-ab0cd1efghij.us-east-1.rds.amazonaws.com", + "CreatedDate": "2023-04-05T16:09:33.452000+00:00", + "TargetRole": "READ_WRITE", + "IsDefault": "false" + } + } + +For more information, see `Modifying a proxy endpoint `__ in the *Amazon RDS User Guide* and `Modifying a proxy endpoint `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/modify-db-proxy-target-group.rst b/awscli/examples/rds/modify-db-proxy-target-group.rst new file mode 100644 index 000000000000..5b80bea4b2d5 --- /dev/null +++ b/awscli/examples/rds/modify-db-proxy-target-group.rst @@ -0,0 +1,34 @@ +**To modify a DB proxy endpoints** + +The following ``modify-db-proxy-target-group`` example modifies a DB proxy target group to set the maximum connections to 80 percent and maximum idle connections to 10 percent. :: + + aws rds modify-db-proxy-target-group \ + --target-group-name default \ + --db-proxy-name proxyExample \ + --connection-pool-config MaxConnectionsPercent=80,MaxIdleConnectionsPercent=10 + + +Output:: + + { + "DBProxyTargetGroup": + { + "DBProxyName": "proxyExample", + "TargetGroupName": "default", + "TargetGroupArn": "arn:aws:rds:us-east-1:123456789012:target-group:prx-tg-0123a01b12345c0ab", + "IsDefault": true, + "Status": "available", + "ConnectionPoolConfig": { + "MaxConnectionsPercent": 80, + "MaxIdleConnectionsPercent": 10, + "ConnectionBorrowTimeout": 120, + "SessionPinningFilters": [] + }, + "CreatedDate": "2023-05-02T18:41:19.495000+00:00", + "UpdatedDate": "2023-05-02T18:41:21.762000+00:00" + } + } + +For more information, see `Modifying an RDS Proxy `__ in the *Amazon RDS User Guide* and `Modifying an RDS Proxy `__ in the *Amazon Aurora User Guide*. + + diff --git a/awscli/examples/rds/modify-db-proxy.rst b/awscli/examples/rds/modify-db-proxy.rst new file mode 100644 index 000000000000..aefbd0cd7a8b --- /dev/null +++ b/awscli/examples/rds/modify-db-proxy.rst @@ -0,0 +1,44 @@ +**To modify a DB proxy for an RDS database** + +The following ``modify-db-proxy`` example modifies a DB proxy named ``proxyExample`` to require SSL for its connections. :: + + aws rds modify-db-proxy \ + --db-proxy-name proxyExample \ + --require-tls + +Output:: + + { + "DBProxy": + { + "DBProxyName": "proxyExample", + "DBProxyArn": "arn:aws:rds:us-east-1:123456789012:db-proxy:prx-0123a01b12345c0ab", + "Status": "modifying" + "EngineFamily": "PostgreSQL", + "VpcId": "sg-1234567", + "VpcSecurityGroupIds": [ + "sg-1234" + ], + "VpcSubnetIds": [ + "subnetgroup1", + "subnetgroup2" + ], + "Auth": "[ + { + "Description": "proxydescription1", + "AuthScheme": "SECRETS", + "SecretArn": "arn:aws:secretsmanager:us-west-2:123456789123:secret:proxysecret1-Abcd1e", + "IAMAuth": "DISABLED" + } + ]", + "RoleArn": "arn:aws:iam::12345678912:role/ProxyPostgreSQLRole", + "Endpoint": "proxyExample.proxy-ab0cd1efghij.us-east-1.rds.amazonaws.com", + "RequireTLS": true, + "IdleClientTimeout": 1800, + "DebuggingLogging": false, + "CreatedDate": "2023-04-05T16:09:33.452000+00:00", + "UpdatedDate": "2023-04-13T01:49:38.568000+00:00" + } + } + +For more information, see `Modify an RDS Proxy `__ in the *Amazon RDS User Guide* and `Creating an RDS Proxy `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/modify-db-shard-group.rst b/awscli/examples/rds/modify-db-shard-group.rst new file mode 100644 index 000000000000..cb45a8b38cb8 --- /dev/null +++ b/awscli/examples/rds/modify-db-shard-group.rst @@ -0,0 +1,61 @@ +**Example 1: To modify a DB shard group** + +The following ``modify-db-shard-group`` example changes the maximum capacity of a DB shard group. :: + + aws rds modify-db-shard-group \ + --db-shard-group-identifier my-db-shard-group \ + --max-acu 1000 + +Output:: + + { + "DBShardGroups": [ + { + "DBShardGroupResourceId": "shardgroup-a6e3a0226aa243e2ac6c7a1234567890", + "DBShardGroupIdentifier": "my-db-shard-group", + "DBClusterIdentifier": "my-sv2-cluster", + "MaxACU": 768.0, + "ComputeRedundancy": 0, + "Status": "available", + "PubliclyAccessible": false, + "Endpoint": "my-sv2-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + } + ] + } + +For more information, see `Amazon Aurora DB Clusters `__ in the *Amazon Aurora User Guide*. + +**Example 2: To describe your DB shard groups** + +The following ``describe-db-shard-groups`` example retrieves the details of your DB shard groups after you run the ``modify-db-shard-group`` command. The maximum capacity of the DB shard group ``my-db-shard-group`` is now 1000 Aurora capacity units (ACUs). :: + + aws rds describe-db-shard-groups + +Output:: + + { + "DBShardGroups": [ + { + "DBShardGroupResourceId": "shardgroup-7bb446329da94788b3f957746example", + "DBShardGroupIdentifier": "limitless-test-shard-grp", + "DBClusterIdentifier": "limitless-test-cluster", + "MaxACU": 768.0, + "ComputeRedundancy": 0, + "Status": "available", + "PubliclyAccessible": true, + "Endpoint": "limitless-test-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + }, + { + "DBShardGroupResourceId": "shardgroup-a6e3a0226aa243e2ac6c7a1234567890", + "DBShardGroupIdentifier": "my-db-shard-group", + "DBClusterIdentifier": "my-sv2-cluster", + "MaxACU": 1000.0, + "ComputeRedundancy": 0, + "Status": "available", + "PubliclyAccessible": false, + "Endpoint": "my-sv2-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + } + ] + } + +For more information, see `Amazon Aurora DB Clusters `__ in the *Amazon Aurora User Guide*. diff --git a/awscli/examples/rds/reboot-db-shard-group.rst b/awscli/examples/rds/reboot-db-shard-group.rst new file mode 100644 index 000000000000..5fa635d08f4c --- /dev/null +++ b/awscli/examples/rds/reboot-db-shard-group.rst @@ -0,0 +1,60 @@ +**Example 1: To reboot a DB shard group** + +The following ``reboot-db-shard-group`` example reboots a DB shard group. :: + + aws rds reboot-db-shard-group \ + --db-shard-group-identifier my-db-shard-group + +Output:: + + { + "DBShardGroups": [ + { + "DBShardGroupResourceId": "shardgroup-a6e3a0226aa243e2ac6c7a1234567890", + "DBShardGroupIdentifier": "my-db-shard-group", + "DBClusterIdentifier": "my-sv2-cluster", + "MaxACU": 1000.0, + "ComputeRedundancy": 0, + "Status": "available", + "PubliclyAccessible": false, + "Endpoint": "my-sv2-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + } + ] + } + +For more information, see `Rebooting an Amazon Aurora DB cluster or Amazon Aurora DB instance `__ in the *Amazon Aurora User Guide*. + +**Example 2: To describe your DB shard groups** + +The following ``describe-db-shard-groups`` example retrieves the details of your DB shard groups after you run the ``reboot-db-shard-group`` command. The DB shard group ``my-db-shard-group`` is now rebooting. :: + + aws rds describe-db-shard-groups + +Output:: + + { + "DBShardGroups": [ + { + "DBShardGroupResourceId": "shardgroup-7bb446329da94788b3f957746example", + "DBShardGroupIdentifier": "limitless-test-shard-grp", + "DBClusterIdentifier": "limitless-test-cluster", + "MaxACU": 768.0, + "ComputeRedundancy": 0, + "Status": "available", + "PubliclyAccessible": true, + "Endpoint": "limitless-test-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + }, + { + "DBShardGroupResourceId": "shardgroup-a6e3a0226aa243e2ac6c7a1234567890", + "DBShardGroupIdentifier": "my-db-shard-group", + "DBClusterIdentifier": "my-sv2-cluster", + "MaxACU": 1000.0, + "ComputeRedundancy": 0, + "Status": "rebooting", + "PubliclyAccessible": false, + "Endpoint": "my-sv2-cluster.limitless-cekycexample.us-east-2.rds.amazonaws.com" + } + ] + } + +For more information, see `Rebooting an Amazon Aurora DB cluster or Amazon Aurora DB instance `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/rds/register-db-proxy-targets.rst b/awscli/examples/rds/register-db-proxy-targets.rst new file mode 100644 index 000000000000..6883ba28bd2b --- /dev/null +++ b/awscli/examples/rds/register-db-proxy-targets.rst @@ -0,0 +1,33 @@ +**To register a DB proxy with a database** + +The following ``register-db-proxy-targets`` example creates the association between a database and a proxy. :: + + aws rds register-db-proxy-targets \ + --db-proxy-name proxyExample \ + --db-cluster-identifiers database-5 + +Output:: + + { + "DBProxyTargets": [ + { + "RdsResourceId": "database-5", + "Port": 3306, + "Type": "TRACKED_CLUSTER", + "TargetHealth": { + "State": "REGISTERING" + } + }, + { + "Endpoint": "database-5instance-1.ab0cd1efghij.us-east-1.rds.amazonaws.com", + "RdsResourceId": "database-5", + "Port": 3306, + "Type": "RDS_INSTANCE", + "TargetHealth": { + "State": "REGISTERING" + } + } + ] + } + +For more information, see `Creating an RDS proxy `__ in the *Amazon RDS User Guide* and `Creating an RDS proxy `__ in the *Amazon Aurora User Guide*. \ No newline at end of file diff --git a/awscli/examples/resource-explorer-2/batch-get-view.rst b/awscli/examples/resource-explorer-2/batch-get-view.rst index 6ef58acffc34..a4406047d373 100644 --- a/awscli/examples/resource-explorer-2/batch-get-view.rst +++ b/awscli/examples/resource-explorer-2/batch-get-view.rst @@ -1,6 +1,6 @@ **To retrieve details about multiple Resource Explorer views** -The following ``batch-get-view`` example displays the details about two views specified by their ARNs. Use spaces to separate the multiple ARNs in the --view-arn paramter. :: +The following ``batch-get-view`` example displays the details about two views specified by their ARNs. Use spaces to separate the multiple ARNs in the --view-arn parameter. :: aws resource-explorer-2 batch-get-view \ --view-arns arn:aws:resource-explorer-2:us-east-1:123456789012:view/My-EC2-Only-View/EXAMPLE8-90ab-cdef-fedc-EXAMPLE22222, \ diff --git a/awscli/examples/resourcegroupstaggingapi/untag-resources.rst b/awscli/examples/resourcegroupstaggingapi/untag-resources.rst index e614cd992990..bc11b93abeda 100644 --- a/awscli/examples/resourcegroupstaggingapi/untag-resources.rst +++ b/awscli/examples/resourcegroupstaggingapi/untag-resources.rst @@ -3,7 +3,7 @@ The following ``untag-resources`` example removes the specified tag keys and any associated values from the specified resource. :: aws resourcegroupstaggingapi untag-resources \ - --resource-arn-list arn:aws:s3:::awsexamplebucket \ + --resource-arn-list arn:aws:s3:::amzn-s3-demo-bucket \ --tag-keys Environment CostCenter Output:: diff --git a/awscli/examples/robomaker/create-robot-application-version.rst b/awscli/examples/robomaker/create-robot-application-version.rst index a3ff727f1fe5..bc080204de6d 100644 --- a/awscli/examples/robomaker/create-robot-application-version.rst +++ b/awscli/examples/robomaker/create-robot-application-version.rst @@ -14,7 +14,7 @@ Output:: "version": "1", "sources": [ { - "s3Bucket": "my-bucket", + "s3Bucket": "amzn-s3-demo-bucket", "s3Key": "my-robot-application.tar.gz", "etag": "f8cf5526f1c6e7b3a72c3ed3f79c5493-70", "architecture": "ARMHF" diff --git a/awscli/examples/robomaker/create-robot-application.rst b/awscli/examples/robomaker/create-robot-application.rst index ae992690ed9c..372c81d992e4 100644 --- a/awscli/examples/robomaker/create-robot-application.rst +++ b/awscli/examples/robomaker/create-robot-application.rst @@ -4,7 +4,7 @@ This example creates a robot application. Command:: - aws robomaker create-robot-application --name MyRobotApplication --sources s3Bucket=my-bucket,s3Key=my-robot-application.tar.gz,architecture=X86_64 --robot-software-suite name=ROS,version=Kinetic + aws robomaker create-robot-application --name MyRobotApplication --sources s3Bucket=amzn-s3-demo-bucket,s3Key=my-robot-application.tar.gz,architecture=X86_64 --robot-software-suite name=ROS,version=Kinetic Output:: @@ -14,7 +14,7 @@ Output:: "version": "$LATEST", "sources": [ { - "s3Bucket": "my-bucket", + "s3Bucket": "amzn-s3-demo-bucket", "s3Key": "my-robot-application.tar.gz", "architecture": "ARMHF" } diff --git a/awscli/examples/robomaker/create-simulation-application-version.rst b/awscli/examples/robomaker/create-simulation-application-version.rst index 446b86928b29..b4a1e6e759cd 100644 --- a/awscli/examples/robomaker/create-simulation-application-version.rst +++ b/awscli/examples/robomaker/create-simulation-application-version.rst @@ -14,7 +14,7 @@ Output:: "version": "1", "sources": [ { - "s3Bucket": "my-bucket", + "s3Bucket": "amzn-s3-demo-bucket", "s3Key": "my-simulation-application.tar.gz", "etag": "00d8a94ff113856688c4fce618ae0f45-94", "architecture": "X86_64" diff --git a/awscli/examples/robomaker/create-simulation-application.rst b/awscli/examples/robomaker/create-simulation-application.rst index 4c528e80f453..4f6cf95732c0 100644 --- a/awscli/examples/robomaker/create-simulation-application.rst +++ b/awscli/examples/robomaker/create-simulation-application.rst @@ -4,7 +4,7 @@ This example creates a simulation application. Command:: - aws robomaker create-simulation-application --name MyRobotApplication --sources s3Bucket=my-bucket,s3Key=my-simulation-application.tar.gz,architecture=ARMHF --robot-software-suite name=ROS,version=Kinetic --simulation-software-suite name=Gazebo,version=7 --rendering-engine name=OGRE,version=1.x + aws robomaker create-simulation-application --name MyRobotApplication --sources s3Bucket=amzn-s3-demo-bucket,s3Key=my-simulation-application.tar.gz,architecture=ARMHF --robot-software-suite name=ROS,version=Kinetic --simulation-software-suite name=Gazebo,version=7 --rendering-engine name=OGRE,version=1.x Output:: @@ -14,7 +14,7 @@ Output:: "version": "$LATEST", "sources": [ { - "s3Bucket": "my-bucket", + "s3Bucket": "amzn-s3-demo-bucket", "s3Key": "my-simulation-application.tar.gz", "architecture": "X86_64" } diff --git a/awscli/examples/robomaker/describe-robot-application.rst b/awscli/examples/robomaker/describe-robot-application.rst index 137513c01503..52f7fe664b38 100644 --- a/awscli/examples/robomaker/describe-robot-application.rst +++ b/awscli/examples/robomaker/describe-robot-application.rst @@ -14,7 +14,7 @@ Output:: "version": "$LATEST", "sources": [ { - "s3Bucket": "my-bucket", + "s3Bucket": "amzn-s3-demo-bucket", "s3Key": "my-robot-application.tar.gz", "architecture": "X86_64" } diff --git a/awscli/examples/robomaker/describe-simulation-application.rst b/awscli/examples/robomaker/describe-simulation-application.rst index 578a7c7b1f35..d946bf8886dc 100644 --- a/awscli/examples/robomaker/describe-simulation-application.rst +++ b/awscli/examples/robomaker/describe-simulation-application.rst @@ -14,7 +14,7 @@ Output:: "version": "$LATEST", "sources": [ { - "s3Bucket": "my-bucket", + "s3Bucket": "amzn-s3-demo-bucket", "s3Key": "my-simulation-application.tar.gz", "architecture": "X86_64" } diff --git a/awscli/examples/robomaker/update-robot-application.rst b/awscli/examples/robomaker/update-robot-application.rst index d6057c8ee468..429135c15601 100644 --- a/awscli/examples/robomaker/update-robot-application.rst +++ b/awscli/examples/robomaker/update-robot-application.rst @@ -4,7 +4,7 @@ This example updates a robot application. Command:: - aws robomaker update-robot-application --application arn:aws:robomaker:us-west-2:111111111111:robot-application/MyRobotApplication/1551203485821 --sources s3Bucket=my-bucket,s3Key=my-robot-application.tar.gz,architecture=X86_64 --robot-software-suite name=ROS,version=Kinetic + aws robomaker update-robot-application --application arn:aws:robomaker:us-west-2:111111111111:robot-application/MyRobotApplication/1551203485821 --sources s3Bucket=amzn-s3-demo-bucket,s3Key=my-robot-application.tar.gz,architecture=X86_64 --robot-software-suite name=ROS,version=Kinetic Output:: @@ -14,7 +14,7 @@ Output:: "version": "$LATEST", "sources": [ { - "s3Bucket": "my-bucket", + "s3Bucket": "amzn-s3-demo-bucket", "s3Key": "my-robot-application.tar.gz", "architecture": "X86_64" } diff --git a/awscli/examples/robomaker/update-simulation-application.rst b/awscli/examples/robomaker/update-simulation-application.rst index 54388e3fe804..b69a2a2b5236 100644 --- a/awscli/examples/robomaker/update-simulation-application.rst +++ b/awscli/examples/robomaker/update-simulation-application.rst @@ -4,7 +4,7 @@ This example updates a simulation application. Command:: - aws robomaker update-simulation-application --application arn:aws:robomaker:us-west-2:111111111111:simulation-application/MySimulationApplication/1551203427605 --sources s3Bucket=my-bucket,s3Key=my-simulation-application.tar.gz,architecture=X86_64 --robot-software-suite name=ROS,version=Kinetic --simulation-software-suite name=Gazebo,version=7 --rendering-engine name=OGRE,version=1.x + aws robomaker update-simulation-application --application arn:aws:robomaker:us-west-2:111111111111:simulation-application/MySimulationApplication/1551203427605 --sources s3Bucket=amzn-s3-demo-bucket,s3Key=my-simulation-application.tar.gz,architecture=X86_64 --robot-software-suite name=ROS,version=Kinetic --simulation-software-suite name=Gazebo,version=7 --rendering-engine name=OGRE,version=1.x Output:: @@ -14,7 +14,7 @@ Output:: "version": "$LATEST", "sources": [ { - "s3Bucket": "my-bucket", + "s3Bucket": "amzn-s3-demo-bucket", "s3Key": "my-simulation-application.tar.gz", "architecture": "X86_64" } diff --git a/awscli/examples/route53profiles/associate-profile.rst b/awscli/examples/route53profiles/associate-profile.rst new file mode 100644 index 000000000000..f9c8a7efecfd --- /dev/null +++ b/awscli/examples/route53profiles/associate-profile.rst @@ -0,0 +1,26 @@ +**To associate a Profile** + +The following ``associate-profile`` example associates a Profile to a VPC. :: + + aws route53profiles associate-profile \ + --name test-association \ + --profile-id rp-4987774726example \ + --resource-id vpc-0af3b96b3example + +Output:: + + { + "ProfileAssociation": { + "CreationTime": 1710851336.527, + "Id": "rpassoc-489ce212fexample", + "ModificationTime": 1710851336.527, + "Name": "test-association", + "OwnerId": "123456789012", + "ProfileId": "rp-4987774726example", + "ResourceId": "vpc-0af3b96b3example", + "Status": "CREATING", + "StatusMessage": "Creating Profile Association" + } + } + +For more information, see `Using Profiles `__ in the *Amazon Route 53 Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/route53profiles/associate-resource-to-profile.rst b/awscli/examples/route53profiles/associate-resource-to-profile.rst new file mode 100644 index 000000000000..80c144cef84e --- /dev/null +++ b/awscli/examples/route53profiles/associate-resource-to-profile.rst @@ -0,0 +1,28 @@ +**To associate a resource to a Profile** + +The following ``associate-resource-to-profile`` example associates a DNS Firewall rule group with the priority of 102 to a Profile. :: + + aws route53profiles associate-resource-to-profile \ + --name test-resource-association \ + --profile-id rp-4987774726example \ + --resource-arn arn:aws:route53resolver:us-east-1:123456789012:firewall-rule-group/rslvr-frg-cfe7f72example \ + --resource-properties "{\"priority\": 102}" + +Output:: + + { + "ProfileResourceAssociation": { + "CreationTime": 1710851216.613, + "Id": "rpr-001913120a7example", + "ModificationTime": 1710851216.613, + "Name": "test-resource-association", + "OwnerId": "123456789012", + "ProfileId": "rp-4987774726example", + "ResourceArn": "arn:aws:route53resolver:us-east-1:123456789012:firewall-rule-group/rslvr-frg-cfe7f72example", + "ResourceProperties": "{\"priority\":102}", + "ResourceType": "FIREWALL_RULE_GROUP", + "Status": "UPDATING", + "StatusMessage": "Updating the Profile to DNS Firewall rule group association" + } + } + diff --git a/awscli/examples/route53profiles/create-profile.rst b/awscli/examples/route53profiles/create-profile.rst new file mode 100644 index 000000000000..e45db24e3e85 --- /dev/null +++ b/awscli/examples/route53profiles/create-profile.rst @@ -0,0 +1,23 @@ +**To create a Profile** + +The following ``create-profile`` example creates a Profile. :: + + aws route53profiles create-profile \ + --name test + +Output:: + + { + "Profile": { + "Arn": "arn:aws:route53profiles:us-east-1:123456789012:profile/rp-6ffe47d5example", + "ClientToken": "2ca1a304-32b3-4f5f-bc4c-EXAMPLE11111", + "CreationTime": 1710850903.578, + "Id": "rp-6ffe47d5example", + "ModificationTime": 1710850903.578, + "Name": "test", + "OwnerId": "123456789012", + "ShareStatus": "NOT_SHARED", + "Status": "COMPLETE", + "StatusMessage": "Created Profile" + } + } diff --git a/awscli/examples/route53profiles/delete-profile.rst b/awscli/examples/route53profiles/delete-profile.rst new file mode 100644 index 000000000000..d20b5c39649d --- /dev/null +++ b/awscli/examples/route53profiles/delete-profile.rst @@ -0,0 +1,23 @@ +**To delete a Profile** + +The following ``delete-profile`` example deletes a Profile. :: + + aws route53profiles delete-profile \ + --profile-id rp-6ffe47d5example + +Output:: + + { + "Profile": { + "Arn": "arn:aws:route53profiles:us-east-1:123456789012:profile/rp-6ffe47d5example", + "ClientToken": "0a15fec0-05d9-4f78-bec0-EXAMPLE11111", + "CreationTime": 1710850903.578, + "Id": "rp-6ffe47d5example", + "ModificationTime": 1710850903.578, + "Name": "test", + "OwnerId": "123456789012", + "ShareStatus": "NOT_SHARED", + "Status": "DELETED", + "StatusMessage": "Deleted Profile" + } + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/disassociate-profile.rst b/awscli/examples/route53profiles/disassociate-profile.rst new file mode 100644 index 000000000000..e005d592b754 --- /dev/null +++ b/awscli/examples/route53profiles/disassociate-profile.rst @@ -0,0 +1,23 @@ +**To disassociate a Profile** + +The following ``disassociate-profile`` example disassociates a Profile from a VPC. :: + + aws route53profiles disassociate-profile \ + --profile-id rp-4987774726example \ + --resource-id vpc-0af3b96b3example + +Output:: + + { + "ProfileAssociation": { + "CreationTime": 1710851336.527, + "Id": "rpassoc-489ce212fexample", + "ModificationTime": 1710851401.362, + "Name": "test-association", + "OwnerId": "123456789012", + "ProfileId": "rp-4987774726example", + "ResourceId": "vpc-0af3b96b3example", + "Status": "DELETING", + "StatusMessage": "Deleting Profile Association" + } + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/disassociate-resource-from-profile.rst b/awscli/examples/route53profiles/disassociate-resource-from-profile.rst new file mode 100644 index 000000000000..a1427e647172 --- /dev/null +++ b/awscli/examples/route53profiles/disassociate-resource-from-profile.rst @@ -0,0 +1,25 @@ +**To disassociate a resource from Profile** + +The following ``disassociate-resource-from-profile`` example disassociates a DNS Firewall rule group from a Profile. :: + + aws route53profiles disassociate-resource-from-profile \ + --profile-id rp-4987774726example \ + --resource-arn arn:aws:route53resolver:us-east-1:123456789012:firewall-rule-group/rslvr-frg-cfe7f72example + +Output:: + + { + "ProfileResourceAssociation": { + "CreationTime": 1710851216.613, + "Id": "rpr-001913120a7example", + "ModificationTime": 1710852624.36, + "Name": "test-resource-association", + "OwnerId": "123456789012", + "ProfileId": "rp-4987774726example", + "ResourceArn": "arn:aws:route53resolver:us-east-1:123456789012:firewall-rule-group/rslvr-frg-cfe7f72example", + "ResourceProperties": "{\"priority\":105}", + "ResourceType": "FIREWALL_RULE_GROUP", + "Status": "DELETING", + "StatusMessage": "Deleting the Profile to DNS Firewall rule group association" + } + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/get-profile-association.rst b/awscli/examples/route53profiles/get-profile-association.rst new file mode 100644 index 000000000000..764b1f63db0c --- /dev/null +++ b/awscli/examples/route53profiles/get-profile-association.rst @@ -0,0 +1,22 @@ +**To get information about a Profile association** + +The following ``get-profile-association`` returns information about the specified Profile association. :: + + aws route53profiles get-profile-association \ + --profile-association-id rpassoc-489ce212fexample + +Output:: + + { + "ProfileAssociation": { + "CreationTime": 1709338817.148, + "Id": "rrpassoc-489ce212fexample", + "ModificationTime": 1709338974.772, + "Name": "test-association", + "OwnerId": "123456789012", + "ProfileId": "rp-4987774726example", + "ResourceId": "vpc-0af3b96b3example", + "Status": "COMPLETE", + "StatusMessage": "Created Profile Association" + } + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/get-profile-resource-association.rst b/awscli/examples/route53profiles/get-profile-resource-association.rst new file mode 100644 index 000000000000..53603493ba0e --- /dev/null +++ b/awscli/examples/route53profiles/get-profile-resource-association.rst @@ -0,0 +1,24 @@ +**To get information about a resource associated to a Profile** + +The following ``get-profile-resource-association`` returns information about the specified resource association to a Profile. :: + + aws route53profiles get-profile-resource-association \ + --profile-resource-association-id rpr-001913120a7example + +Output:: + + { + "ProfileResourceAssociation": { + "CreationTime": 1710851216.613, + "Id": "rpr-001913120a7example", + "ModificationTime": 1710852303.798, + "Name": "test-resource-association", + "OwnerId": "123456789012", + "ProfileId": "rp-4987774726example", + "ResourceArn": "arn:aws:route53resolver:us-east-1:123456789012:firewall-rule-group/rslvr-frg-cfe7f72example", + "ResourceProperties": "{\"priority\":105}", + "ResourceType": "FIREWALL_RULE_GROUP", + "Status": "COMPLETE", + "StatusMessage": "Completed creation of Profile to DNS Firewall rule group association" + } + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/get-profile.rst b/awscli/examples/route53profiles/get-profile.rst new file mode 100644 index 000000000000..5e99d0c3db3d --- /dev/null +++ b/awscli/examples/route53profiles/get-profile.rst @@ -0,0 +1,23 @@ +**To get information about a Profile** + +The following ``get-profile`` returns information about the specified Profile. :: + + aws route53profiles get-profile \ + --profile-id rp-4987774726example + +Output:: + + { + "Profile": { + "Arn": "arn:aws:route53profiles:us-east-1:123456789012:profile/rp-4987774726example", + "ClientToken": "0cbc5ae7-4921-4204-bea9-EXAMPLE11111", + "CreationTime": 1710851044.288, + "Id": "rp-4987774726example", + "ModificationTime": 1710851044.288, + "Name": "test", + "OwnerId": "123456789012", + "ShareStatus": "NOT_SHARED", + "Status": "COMPLETE", + "StatusMessage": "Created Profile" + } + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/list-profile-associations.rst b/awscli/examples/route53profiles/list-profile-associations.rst new file mode 100644 index 000000000000..49ab92e31fac --- /dev/null +++ b/awscli/examples/route53profiles/list-profile-associations.rst @@ -0,0 +1,23 @@ +**To list Profile associations** + +The following ``list-profile-associations`` lists the Profile associations in your AWS account. :: + + aws route53profiles list-profile-associations + +Output:: + + { + "ProfileAssociations": [ + { + "CreationTime": 1709338817.148, + "Id": "rpassoc-489ce212fexample", + "ModificationTime": 1709338974.772, + "Name": "test-association", + "OwnerId": "123456789012", + "ProfileId": "rp-4987774726example", + "ResourceId": "vpc-0af3b96b3example", + "Status": "COMPLETE", + "StatusMessage": "Created Profile Association" + } + ] + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/list-profile-resource-associations.rst b/awscli/examples/route53profiles/list-profile-resource-associations.rst new file mode 100644 index 000000000000..24b6a1fc3045 --- /dev/null +++ b/awscli/examples/route53profiles/list-profile-resource-associations.rst @@ -0,0 +1,26 @@ +**To list Profile resource associations** + +The following ``list-profile-resource-associations`` list the Profile resource associations for the specified Profile. :: + + aws route53profiles list-profile-resource-associations \ + --profile-id rp-4987774726example + +Output:: + + { + "ProfileResourceAssociations": [ + { + "CreationTime": 1710851216.613, + "Id": "rpr-001913120a7example", + "ModificationTime": 1710851216.613, + "Name": "test-resource-association", + "OwnerId": "123456789012", + "ProfileId": "rp-4987774726example", + "ResourceArn": "arn:aws:route53resolver:us-east-1:123456789012:firewall-rule-group/rslvr-frg-cfe7f72example", + "ResourceProperties": "{\"priority\":102}", + "ResourceType": "FIREWALL_RULE_GROUP", + "Status": "COMPLETE", + "StatusMessage": "Completed creation of Profile to DNS Firewall rule group association" + } + ] + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/list-profiles.rst b/awscli/examples/route53profiles/list-profiles.rst new file mode 100644 index 000000000000..4abcc8b8bba5 --- /dev/null +++ b/awscli/examples/route53profiles/list-profiles.rst @@ -0,0 +1,18 @@ +**To list Profiles** + +The following ``list-profiles`` lists the Profiles in your AWS account and displays additional information about them. :: + + aws route53profiles list-profiles + +Output:: + + { + "ProfileSummaries": [ + { + "Arn": "arn:aws:route53profiles:us-east-1:123456789012:profile/rp-4987774726example", + "Id": "rp-4987774726example", + "Name": "test", + "ShareStatus": "NOT_SHARED" + } + ] + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/list-tags-for-resource.rst b/awscli/examples/route53profiles/list-tags-for-resource.rst new file mode 100644 index 000000000000..852751d716dc --- /dev/null +++ b/awscli/examples/route53profiles/list-tags-for-resource.rst @@ -0,0 +1,15 @@ +**To list tags for a resource** + +The following ``list-tags-for-resource`` lists tags for the specified resource. :: + + aws route53profiles list-tags-for-resource \ + --resource-arn arn:aws:route53profiles:us-east-1:123456789012:profile/rp-4987774726example + +Output:: + + { + "Tags": { + "my-key-2": "my-value-2", + "my-key-1": "my-value-1" + } + } \ No newline at end of file diff --git a/awscli/examples/route53profiles/update-profile-resource-association.rst b/awscli/examples/route53profiles/update-profile-resource-association.rst new file mode 100644 index 000000000000..2f05e7520472 --- /dev/null +++ b/awscli/examples/route53profiles/update-profile-resource-association.rst @@ -0,0 +1,25 @@ +**To update a resource associated to a Profile** + +The following ``update-profile-resource-association`` updates a priority of a DNS Firewall rule group that is associated to the Profile. :: + + aws route53profiles update-profile-resource-association \ + --profile-resource-association-id rpr-001913120a7example \ + --resource-properties "{\"priority\": 105}" + +Output:: + + { + "ProfileResourceAssociation": { + "CreationTime": 1710851216.613, + "Id": "rpr-001913120a7example", + "ModificationTime": 1710852303.798, + "Name": "test-resource-association", + "OwnerId": "123456789012", + "ProfileId": "rp-4987774726example", + "ResourceArn": "arn:aws:route53resolver:us-east-1:123456789012:firewall-rule-group/rslvr-frg-cfe7f72example", + "ResourceProperties": "{\"priority\":105}", + "ResourceType": "FIREWALL_RULE_GROUP", + "Status": "UPDATING", + "StatusMessage": "Updating the Profile to DNS Firewall rule group association" + } + } \ No newline at end of file diff --git a/awscli/examples/s3/cp.rst b/awscli/examples/s3/cp.rst index 5bc17353e1b6..c89ddef1b666 100644 --- a/awscli/examples/s3/cp.rst +++ b/awscli/examples/s3/cp.rst @@ -1,4 +1,4 @@ -**Copying a local file to S3** +**Example 1: Copying a local file to S3** The following ``cp`` command copies a single file to a specified bucket and key:: @@ -9,19 +9,19 @@ Output:: upload: test.txt to s3://mybucket/test2.txt -**Copying a local file to S3 with an expiration date** +**Example 2: Copying a local file to S3 with an expiration date** The following ``cp`` command copies a single file to a specified bucket and key that expires at the specified ISO 8601 timestamp:: - aws s3 cp test.txt s3://mybucket/test2.txt --expires 2014-10-01T20:30:00Z + aws s3 cp test.txt s3://mybucket/test2.txt \ + --expires 2014-10-01T20:30:00Z Output:: upload: test.txt to s3://mybucket/test2.txt - -**Copying a file from S3 to S3** +**Example 3: Copying a file from S3 to S3** The following ``cp`` command copies a single s3 object to a specified bucket and key:: @@ -31,8 +31,7 @@ Output:: copy: s3://mybucket/test.txt to s3://mybucket/test2.txt - -**Copying an S3 object to a local file** +**Example 4: Copying an S3 object to a local file** The following ``cp`` command copies a single object to a specified file locally:: @@ -42,69 +41,77 @@ Output:: download: s3://mybucket/test.txt to test2.txt - -**Copying an S3 object from one bucket to another** +**Example 5: Copying an S3 object from one bucket to another** The following ``cp`` command copies a single object to a specified bucket while retaining its original name:: - aws s3 cp s3://mybucket/test.txt s3://mybucket2/ + aws s3 cp s3://mybucket/test.txt s3://amzn-s3-demo-bucket2/ Output:: - copy: s3://mybucket/test.txt to s3://mybucket2/test.txt + copy: s3://mybucket/test.txt to s3://amzn-s3-demo-bucket2/test.txt -**Recursively copying S3 objects to a local directory** +**Example 6: Recursively copying S3 objects to a local directory** When passed with the parameter ``--recursive``, the following ``cp`` command recursively copies all objects under a specified prefix and bucket to a specified directory. In this example, the bucket ``mybucket`` has the objects ``test1.txt`` and ``test2.txt``:: - aws s3 cp s3://mybucket . --recursive + aws s3 cp s3://mybucket . \ + --recursive Output:: download: s3://mybucket/test1.txt to test1.txt download: s3://mybucket/test2.txt to test2.txt -**Recursively copying local files to S3** +**Example 7: Recursively copying local files to S3** When passed with the parameter ``--recursive``, the following ``cp`` command recursively copies all files under a specified directory to a specified bucket and prefix while excluding some files by using an ``--exclude`` parameter. In this example, the directory ``myDir`` has the files ``test1.txt`` and ``test2.jpg``:: - aws s3 cp myDir s3://mybucket/ --recursive --exclude "*.jpg" + aws s3 cp myDir s3://mybucket/ \ + --recursive \ + --exclude "*.jpg" Output:: upload: myDir/test1.txt to s3://mybucket/test1.txt -**Recursively copying S3 objects to another bucket** +**Example 8: Recursively copying S3 objects to another bucket** When passed with the parameter ``--recursive``, the following ``cp`` command recursively copies all objects under a specified bucket to another bucket while excluding some objects by using an ``--exclude`` parameter. In this example, the bucket ``mybucket`` has the objects ``test1.txt`` and ``another/test1.txt``:: - aws s3 cp s3://mybucket/ s3://mybucket2/ --recursive --exclude "another/*" + aws s3 cp s3://mybucket/ s3://amzn-s3-demo-bucket2/ \ + --recursive \ + --exclude "another/*" Output:: - copy: s3://mybucket/test1.txt to s3://mybucket2/test1.txt + copy: s3://mybucket/test1.txt to s3://amzn-s3-demo-bucket2/test1.txt You can combine ``--exclude`` and ``--include`` options to copy only objects that match a pattern, excluding all others:: - aws s3 cp s3://mybucket/logs/ s3://mybucket2/logs/ --recursive --exclude "*" --include "*.log" + aws s3 cp s3://mybucket/logs/ s3://amzn-s3-demo-bucket2/logs/ \ + --recursive \ + --exclude "*" \ + --include "*.log" Output:: - copy: s3://mybucket/logs/test/test.log to s3://mybucket2/logs/test/test.log - copy: s3://mybucket/logs/test3.log to s3://mybucket2/logs/test3.log + copy: s3://mybucket/logs/test/test.log to s3://amzn-s3-demo-bucket2/logs/test/test.log + copy: s3://mybucket/logs/test3.log to s3://amzn-s3-demo-bucket2/logs/test3.log -**Setting the Access Control List (ACL) while copying an S3 object** +**Example 9: Setting the Access Control List (ACL) while copying an S3 object** The following ``cp`` command copies a single object to a specified bucket and key while setting the ACL to ``public-read-write``:: - aws s3 cp s3://mybucket/test.txt s3://mybucket/test2.txt --acl public-read-write + aws s3 cp s3://mybucket/test.txt s3://mybucket/test2.txt \ + --acl public-read-write Output:: @@ -113,7 +120,9 @@ Output:: Note that if you're using the ``--acl`` option, ensure that any associated IAM policies include the ``"s3:PutObjectAcl"`` action:: - aws iam get-user-policy --user-name myuser --policy-name mypolicy + aws iam get-user-policy \ + --user-name myuser \ + --policy-name mypolicy Output:: @@ -138,7 +147,7 @@ Output:: } } -**Granting permissions for an S3 object** +**Example 10: Granting permissions for an S3 object** The following ``cp`` command illustrates the use of the ``--grants`` option to grant read access to all users identified by URI and full control to a specific user identified by their Canonical ID:: @@ -149,7 +158,7 @@ Output:: upload: file.txt to s3://mybucket/file.txt -**Uploading a local file stream to S3** +**Example 11: Uploading a local file stream to S3** .. WARNING:: PowerShell may alter the encoding of or add a CRLF to piped input. @@ -157,13 +166,13 @@ The following ``cp`` command uploads a local file stream from standard input to aws s3 cp - s3://mybucket/stream.txt -**Uploading a local file stream that is larger than 50GB to S3** +**Example 12: Uploading a local file stream that is larger than 50GB to S3** The following ``cp`` command uploads a 51GB local file stream from standard input to a specified bucket and key. The ``--expected-size`` option must be provided, or the upload may fail when it reaches the default part limit of 10,000:: aws s3 cp - s3://mybucket/stream.txt --expected-size 54760833024 -**Downloading an S3 object as a local file stream** +**Example 13: Downloading an S3 object as a local file stream** .. WARNING:: PowerShell may alter the encoding of or add a CRLF to piped or redirected output. @@ -171,7 +180,7 @@ The following ``cp`` command downloads an S3 object locally as a stream to stand aws s3 cp s3://mybucket/stream.txt - -**Uploading to an S3 access point** +**Example 14: Uploading to an S3 access point** The following ``cp`` command uploads a single file (``mydoc.txt``) to the access point (``myaccesspoint``) at the key (``mykey``):: @@ -182,7 +191,7 @@ Output:: upload: mydoc.txt to s3://arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint/mykey -**Downloading from an S3 access point** +**Example 15: Downloading from an S3 access point** The following ``cp`` command downloads a single object (``mykey``) from the access point (``myaccesspoint``) to the local file (``mydoc.txt``):: diff --git a/awscli/examples/s3/ls.rst b/awscli/examples/s3/ls.rst index 9321695ea283..decd5e168daa 100644 --- a/awscli/examples/s3/ls.rst +++ b/awscli/examples/s3/ls.rst @@ -1,17 +1,17 @@ **Example 1: Listing all user owned buckets** -The following ``ls`` command lists all of the bucket owned by the user. In this example, the user owns the buckets ``mybucket`` and ``mybucket2``. The timestamp is the date the bucket was created, shown in your machine's time zone. This date can change when making changes to your bucket, such as editing its bucket policy. Note if ``s3://`` is used for the path argument ````, it will list all of the buckets as well:: +The following ``ls`` command lists all of the bucket owned by the user. In this example, the user owns the buckets ``mybucket`` and ``amzn-s3-demo-bucket2``. The timestamp is the date the bucket was created, shown in your machine's time zone. This date can change when making changes to your bucket, such as editing its bucket policy. Note if ``s3://`` is used for the path argument ````, it will list all of the buckets as well. :: aws s3 ls Output:: 2013-07-11 17:08:50 mybucket - 2013-07-24 14:55:44 mybucket2 + 2013-07-24 14:55:44 amzn-s3-demo-bucket2 **Example 2: Listing all prefixes and objects in a bucket** -The following ``ls`` command lists objects and common prefixes under a specified bucket and prefix. In this example, the user owns the bucket ``mybucket`` with the objects ``test.txt`` and ``somePrefix/test.txt``. The ``LastWriteTime`` and ``Length`` are arbitrary. Note that since the ``ls`` command has no interaction with the local filesystem, the ``s3://`` URI scheme is not required to resolve ambiguity and may be omitted:: +The following ``ls`` command lists objects and common prefixes under a specified bucket and prefix. In this example, the user owns the bucket ``mybucket`` with the objects ``test.txt`` and ``somePrefix/test.txt``. The ``LastWriteTime`` and ``Length`` are arbitrary. Note that since the ``ls`` command has no interaction with the local filesystem, the ``s3://`` URI scheme is not required to resolve ambiguity and may be omitted. :: aws s3 ls s3://mybucket @@ -22,7 +22,7 @@ Output:: **Example 3: Listing all prefixes and objects in a specific bucket and prefix** -The following ``ls`` command lists objects and common prefixes under a specified bucket and prefix. However, there are no objects nor common prefixes under the specified bucket and prefix:: +The following ``ls`` command lists objects and common prefixes under a specified bucket and prefix. However, there are no objects nor common prefixes under the specified bucket and prefix. :: aws s3 ls s3://mybucket/noExistPrefix @@ -32,9 +32,10 @@ Output:: **Example 4: Recursively listing all prefixes and objects in a bucket** -The following ``ls`` command will recursively list objects in a bucket. Rather than showing ``PRE dirname/`` in the output, all the content in a bucket will be listed in order:: +The following ``ls`` command will recursively list objects in a bucket. Rather than showing ``PRE dirname/`` in the output, all the content in a bucket will be listed in order. :: - aws s3 ls s3://mybucket --recursive + aws s3 ls s3://mybucket \ + --recursive Output:: @@ -53,7 +54,10 @@ Output:: The following ``ls`` command demonstrates the same command using the --human-readable and --summarize options. --human-readable displays file size in Bytes/MiB/KiB/GiB/TiB/PiB/EiB. --summarize displays the total number of objects and total size at the end of the result listing:: - aws s3 ls s3://mybucket --recursive --human-readable --summarize + aws s3 ls s3://mybucket \ + --recursive \ + --human-readable \ + --summarize Output:: diff --git a/awscli/examples/s3/mb.rst b/awscli/examples/s3/mb.rst index 18110cc7f3df..aa1e15234bb5 100644 --- a/awscli/examples/s3/mb.rst +++ b/awscli/examples/s3/mb.rst @@ -1,3 +1,5 @@ +**Example 1: Create a bucket** + The following ``mb`` command creates a bucket. In this example, the user makes the bucket ``mybucket``. The bucket is created in the region specified in the user's configuration file:: @@ -7,10 +9,13 @@ Output:: make_bucket: s3://mybucket +**Example 2: Create a bucket in the specified region** + The following ``mb`` command creates a bucket in a region specified by the ``--region`` parameter. In this example, the user makes the bucket ``mybucket`` in the region ``us-west-1``:: - aws s3 mb s3://mybucket --region us-west-1 + aws s3 mb s3://mybucket \ + --region us-west-1 Output:: diff --git a/awscli/examples/s3/mv.rst b/awscli/examples/s3/mv.rst index 6e146b190cca..62f9860adfe1 100644 --- a/awscli/examples/s3/mv.rst +++ b/awscli/examples/s3/mv.rst @@ -1,4 +1,6 @@ -The following ``mv`` command moves a single file to a specified bucket and key:: +**Example 1: Move a local file to the specified bucket** + +The following ``mv`` command moves a single file to a specified bucket and key. :: aws s3 mv test.txt s3://mybucket/test2.txt @@ -6,7 +8,9 @@ Output:: move: test.txt to s3://mybucket/test2.txt -The following ``mv`` command moves a single s3 object to a specified bucket and key:: +**Example 2: Move an object to the specified bucket and key** + +The following ``mv`` command moves a single s3 object to a specified bucket and key. :: aws s3 mv s3://mybucket/test.txt s3://mybucket/test2.txt @@ -14,7 +18,9 @@ Output:: move: s3://mybucket/test.txt to s3://mybucket/test2.txt -The following ``mv`` command moves a single object to a specified file locally:: +**Example 3: Move an S3 object to the local directory** + +The following ``mv`` command moves a single object to a specified file locally. :: aws s3 mv s3://mybucket/test.txt test2.txt @@ -22,71 +28,88 @@ Output:: move: s3://mybucket/test.txt to test2.txt +**Example 4: Move an object with it's original name to the specified bucket** + The following ``mv`` command moves a single object to a specified bucket while retaining its original name:: - aws s3 mv s3://mybucket/test.txt s3://mybucket2/ + aws s3 mv s3://mybucket/test.txt s3://amzn-s3-demo-bucket2/ Output:: - move: s3://mybucket/test.txt to s3://mybucket2/test.txt + move: s3://mybucket/test.txt to s3://amzn-s3-demo-bucket2/test.txt + +**Example 5: Move all objects and prefixes in a bucket to the local directory** When passed with the parameter ``--recursive``, the following ``mv`` command recursively moves all objects under a specified prefix and bucket to a specified directory. In this example, the bucket ``mybucket`` has the objects -``test1.txt`` and ``test2.txt``:: +``test1.txt`` and ``test2.txt``. :: - aws s3 mv s3://mybucket . --recursive + aws s3 mv s3://mybucket . \ + --recursive Output:: move: s3://mybucket/test1.txt to test1.txt move: s3://mybucket/test2.txt to test2.txt +**Example 6: Move all objects and prefixes in a bucket to the local directory, except ``.jpg`` files** + When passed with the parameter ``--recursive``, the following ``mv`` command recursively moves all files under a specified directory to a specified bucket and prefix while excluding some files by using an ``--exclude`` parameter. In -this example, the directory ``myDir`` has the files ``test1.txt`` and ``test2.jpg``:: +this example, the directory ``myDir`` has the files ``test1.txt`` and ``test2.jpg``. :: - aws s3 mv myDir s3://mybucket/ --recursive --exclude "*.jpg" + aws s3 mv myDir s3://mybucket/ \ + --recursive \ + --exclude "*.jpg" Output:: - move: myDir/test1.txt to s3://mybucket2/test1.txt + move: myDir/test1.txt to s3://amzn-s3-demo-bucket2/test1.txt + +**Example 7: Move all objects and prefixes in a bucket to the local directory, except specified prefix** When passed with the parameter ``--recursive``, the following ``mv`` command recursively moves all objects under a specified bucket to another bucket while excluding some objects by using an ``--exclude`` parameter. In this example, -the bucket ``mybucket`` has the objects ``test1.txt`` and ``another/test1.txt``:: +the bucket ``mybucket`` has the objects ``test1.txt`` and ``another/test1.txt``. :: - aws s3 mv s3://mybucket/ s3://mybucket2/ --recursive --exclude "mybucket/another/*" + aws s3 mv s3://mybucket/ s3://amzn-s3-demo-bucket2/ \ + --recursive \ + --exclude "mybucket/another/*" Output:: - move: s3://mybucket/test1.txt to s3://mybucket2/test1.txt + move: s3://mybucket/test1.txt to s3://amzn-s3-demo-bucket2/test1.txt + +**Example 8: Move an object to the specified bucket and set the ACL** The following ``mv`` command moves a single object to a specified bucket and key while setting the ACL to -``public-read-write``:: +``public-read-write``. :: - aws s3 mv s3://mybucket/test.txt s3://mybucket/test2.txt --acl public-read-write + aws s3 mv s3://mybucket/test.txt s3://mybucket/test2.txt \ + --acl public-read-write Output:: move: s3://mybucket/test.txt to s3://mybucket/test2.txt +**Example 9: Move a local file to the specified bucket and grant permissions** + The following ``mv`` command illustrates the use of the ``--grants`` option to grant read access to all users and full -control to a specific user identified by their email address:: +control to a specific user identified by their email address. :: - aws s3 mv file.txt s3://mybucket/ --grants read=uri=http://acs.amazonaws.com/groups/global/AllUsers full=emailaddress=user@example.com + aws s3 mv file.txt s3://mybucket/ \ + --grants read=uri=http://acs.amazonaws.com/groups/global/AllUsers full=emailaddress=user@example.com Output:: move: file.txt to s3://mybucket/file.txt +**Example 10: Move a file to an S3 access point** -**Moving a file to an S3 access point** - -The following ``mv`` command moves a single file (``mydoc.txt``) to the access point (``myaccesspoint``) at the key (``mykey``):: +The following ``mv`` command moves a single file named ``mydoc.txt`` to the access point named ``myaccesspoint`` at the key named ``mykey``. :: aws s3 mv mydoc.txt s3://arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint/mykey Output:: - move: mydoc.txt to s3://arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint/mykey - + move: mydoc.txt to s3://arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint/mykey \ No newline at end of file diff --git a/awscli/examples/s3/mv/_description.rst b/awscli/examples/s3/mv/_description.rst new file mode 100644 index 000000000000..26ae0990a81e --- /dev/null +++ b/awscli/examples/s3/mv/_description.rst @@ -0,0 +1,15 @@ +Moves a local file or S3 object to another location locally or in S3. +The ``mv`` command copies the source object or file to the specified +destination and then deletes the source object or file. + +.. WARNING:: + If you are using any type of access point ARNs or access point aliases + in your S3 URIs, you must take extra care to make sure that your source + and destination S3 URIs resolve to different underlying buckets. If the + source and destination buckets are the same, the source file or object + can be moved onto itself, which can result in accidental deletion of + your source file or object. + + To verify that the source and destination buckets are not the same, + use the ``--validate-same-s3-paths`` parameter, or set the environment + variable ``AWS_CLI_S3_MV_VALIDATE_SAME_S3_PATHS`` to ``true``. \ No newline at end of file diff --git a/awscli/examples/s3/presign.rst b/awscli/examples/s3/presign.rst index 32e245732d6e..7af4b374f81f 100644 --- a/awscli/examples/s3/presign.rst +++ b/awscli/examples/s3/presign.rst @@ -2,21 +2,21 @@ The following ``presign`` command generates a pre-signed URL for a specified bucket and key that is valid for one hour. :: - aws s3 presign s3://DOC-EXAMPLE-BUCKET/test2.txt + aws s3 presign s3://amzn-s3-demo-bucket/test2.txt Output:: - https://DOC-EXAMPLE-BUCKET.s3.us-west-2.amazonaws.com/key?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAEXAMPLE123456789%2F20210621%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20210621T041609Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=EXAMBLE1234494d5fba3fed607f98018e1dfc62e2529ae96d844123456 + https://amzn-s3-demo-bucket.s3.us-west-2.amazonaws.com/key?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAEXAMPLE123456789%2F20210621%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20210621T041609Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=EXAMBLE1234494d5fba3fed607f98018e1dfc62e2529ae96d844123456 **Example 2: To create a pre-signed URL with a custom lifetime that links to an object in an S3 bucket** The following ``presign`` command generates a pre-signed URL for a specified bucket and key that is valid for one week. :: - aws s3 presign s3://DOC-EXAMPLE-BUCKET/test2.txt \ + aws s3 presign s3://amzn-s3-demo-bucket/test2.txt \ --expires-in 604800 Output:: - https://DOC-EXAMPLE-BUCKET.s3.us-west-2.amazonaws.com/key?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAEXAMPLE123456789%2F20210621%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20210621T041609Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=EXAMBLE1234494d5fba3fed607f98018e1dfc62e2529ae96d844123456 + https://amzn-s3-demo-bucket.s3.us-west-2.amazonaws.com/key?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAEXAMPLE123456789%2F20210621%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20210621T041609Z&X-Amz-Expires=604800&X-Amz-SignedHeaders=host&X-Amz-Signature=EXAMBLE1234494d5fba3fed607f98018e1dfc62e2529ae96d844123456 For more information, see `Share an Object with Others `__ in the *S3 Developer Guide* guide. diff --git a/awscli/examples/s3/rb.rst b/awscli/examples/s3/rb.rst index 68b7d03ac157..1abecb67ae92 100644 --- a/awscli/examples/s3/rb.rst +++ b/awscli/examples/s3/rb.rst @@ -1,3 +1,5 @@ +**Example 1: Delete a bucket** + The following ``rb`` command removes a bucket. In this example, the user's bucket is ``mybucket``. Note that the bucket must be empty in order to remove:: aws s3 rb s3://mybucket @@ -6,15 +8,17 @@ Output:: remove_bucket: mybucket +**Example 2: Force delete a bucket** + The following ``rb`` command uses the ``--force`` parameter to first remove all of the objects in the bucket and then remove the bucket itself. In this example, the user's bucket is ``mybucket`` and the objects in ``mybucket`` are ``test1.txt`` and ``test2.txt``:: - aws s3 rb s3://mybucket --force + aws s3 rb s3://mybucket \ + --force Output:: delete: s3://mybucket/test1.txt delete: s3://mybucket/test2.txt - remove_bucket: mybucket - + remove_bucket: mybucket \ No newline at end of file diff --git a/awscli/examples/s3/rm.rst b/awscli/examples/s3/rm.rst index ee92fb5b3775..73cb6ce4905d 100644 --- a/awscli/examples/s3/rm.rst +++ b/awscli/examples/s3/rm.rst @@ -1,3 +1,5 @@ +**Example 1: Delete an S3 object** + The following ``rm`` command deletes a single s3 object:: aws s3 rm s3://mybucket/test2.txt @@ -6,41 +8,53 @@ Output:: delete: s3://mybucket/test2.txt +**Example 2: Delete all contents in a bucket** + The following ``rm`` command recursively deletes all objects under a specified bucket and prefix when passed with the parameter ``--recursive``. In this example, the bucket ``mybucket`` contains the objects ``test1.txt`` and ``test2.txt``:: - aws s3 rm s3://mybucket --recursive + aws s3 rm s3://mybucket \ + --recursive Output:: delete: s3://mybucket/test1.txt delete: s3://mybucket/test2.txt +**Example 3: Delete all contents in a bucket, except ``.jpg`` files** + + The following ``rm`` command recursively deletes all objects under a specified bucket and prefix when passed with the parameter ``--recursive`` while excluding some objects by using an ``--exclude`` parameter. In this example, the bucket ``mybucket`` has the objects ``test1.txt`` and ``test2.jpg``:: - aws s3 rm s3://mybucket/ --recursive --exclude "*.jpg" + aws s3 rm s3://mybucket/ \ + --recursive \ + --exclude "*.jpg" Output:: delete: s3://mybucket/test1.txt +**Example 4: Delete all contents in a bucket, except objects under the specified prefix** + The following ``rm`` command recursively deletes all objects under a specified bucket and prefix when passed with the parameter ``--recursive`` while excluding all objects under a particular prefix by using an ``--exclude`` parameter. In this example, the bucket ``mybucket`` has the objects ``test1.txt`` and ``another/test.txt``:: - aws s3 rm s3://mybucket/ --recursive --exclude "another/*" + aws s3 rm s3://mybucket/ \ + --recursive \ + --exclude "another/*" Output:: delete: s3://mybucket/test1.txt +**Example 5: Delete an object from an S3 access point** -**Deleting an object from an S3 access point** - -The following ``rm`` command deletes a single object (``mykey``) from the access point (``myaccesspoint``):: +The following ``rm`` command deletes a single object (``mykey``) from the access point (``myaccesspoint``). :: +The following ``rm`` command deletes a single object (``mykey``) from the access point (``myaccesspoint``). :: aws s3 rm s3://arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint/mykey diff --git a/awscli/examples/s3/sync.rst b/awscli/examples/s3/sync.rst index 9176e584a87f..1e6966678da3 100644 --- a/awscli/examples/s3/sync.rst +++ b/awscli/examples/s3/sync.rst @@ -1,9 +1,11 @@ -The following ``sync`` command syncs objects from a local diretory to the specified prefix and bucket by -uploading the local files to s3. A local file will require uploading if the size of the local file is different than -the size of the s3 object, the last modified time of the local file is newer than the last modified time of the s3 +**Example 1: Sync all local objects to the specified bucket** + +The following ``sync`` command syncs objects from a local directory to the specified prefix and bucket by +uploading the local files to S3. A local file will require uploading if the size of the local file is different than +the size of the S3 object, the last modified time of the local file is newer than the last modified time of the S3 object, or the local file does not exist under the specified bucket and prefix. In this example, the user syncs the bucket ``mybucket`` to the local current directory. The local current directory contains the files ``test.txt`` and -``test2.txt``. The bucket ``mybucket`` contains no objects:: +``test2.txt``. The bucket ``mybucket`` contains no objects. :: aws s3 sync . s3://mybucket @@ -12,26 +14,31 @@ Output:: upload: test.txt to s3://mybucket/test.txt upload: test2.txt to s3://mybucket/test2.txt +**Example 2: Sync all S3 objects from the specified S3 bucket to another bucket** + The following ``sync`` command syncs objects under a specified prefix and bucket to objects under another specified -prefix and bucket by copying s3 objects. A s3 object will require copying if the sizes of the two s3 objects differ, -the last modified time of the source is newer than the last modified time of the destination, or the s3 object does not -exist under the specified bucket and prefix destination. In this example, the user syncs the bucket ``mybucket`` to -the bucket ``mybucket2``. The bucket ``mybucket`` contains the objects ``test.txt`` and ``test2.txt``. The bucket -``mybucket2`` contains no objects:: +prefix and bucket by copying S3 objects. An S3 object will require copying if the sizes of the two S3 objects differ, +the last modified time of the source is newer than the last modified time of the destination, or the S3 object does not +exist under the specified bucket and prefix destination. - aws s3 sync s3://mybucket s3://mybucket2 +In this example, the user syncs the bucket ``mybucket`` to the bucket ``amzn-s3-demo-bucket2``. The bucket ``mybucket`` contains the objects ``test.txt`` and ``test2.txt``. The bucket +``amzn-s3-demo-bucket2`` contains no objects:: + + aws s3 sync s3://mybucket s3://amzn-s3-demo-bucket2 Output:: - copy: s3://mybucket/test.txt to s3://mybucket2/test.txt - copy: s3://mybucket/test2.txt to s3://mybucket2/test2.txt + copy: s3://mybucket/test.txt to s3://amzn-s3-demo-bucket2/test.txt + copy: s3://mybucket/test2.txt to s3://amzn-s3-demo-bucket2/test2.txt + +**Example 3: Sync all S3 objects from the specified S3 bucket to the local directory** -The following ``sync`` command syncs files in a local directory to objects under a specified prefix and bucket by -downloading s3 objects. A s3 object will require downloading if the size of the s3 object differs from the size of the -local file, the last modified time of the s3 object is newer than the last modified time of the local file, or the s3 -object does not exist in the local directory. Take note that when objects are downloaded from s3, the last modified -time of the local file is changed to the last modified time of the s3 object. In this example, the user syncs the -current local directory to the bucket ``mybucket``. The bucket ``mybucket`` contains the objects ``test.txt`` and +The following ``sync`` command syncs files from the specified S3 bucket to the local directory by +downloading S3 objects. An S3 object will require downloading if the size of the S3 object differs from the size of the +local file, the last modified time of the S3 object is newer than the last modified time of the local file, or the S3 +object does not exist in the local directory. Take note that when objects are downloaded from S3, the last modified +time of the local file is changed to the last modified time of the S3 object. In this example, the user syncs the +bucket ``mybucket`` to the current local directory. The bucket ``mybucket`` contains the objects ``test.txt`` and ``test2.txt``. The current local directory has no files:: aws s3 sync s3://mybucket . @@ -41,13 +48,16 @@ Output:: download: s3://mybucket/test.txt to test.txt download: s3://mybucket/test2.txt to test2.txt +**Example 4: Sync all local objects to the specified bucket and delete all files that do not match** + The following ``sync`` command syncs objects under a specified prefix and bucket to files in a local directory by -uploading the local files to s3. Because the ``--delete`` parameter flag is thrown, any files existing under the +uploading the local files to S3. Because of the ``--delete`` parameter, any files existing under the specified prefix and bucket but not existing in the local directory will be deleted. In this example, the user syncs the bucket ``mybucket`` to the local current directory. The local current directory contains the files ``test.txt`` and ``test2.txt``. The bucket ``mybucket`` contains the object ``test3.txt``:: - aws s3 sync . s3://mybucket --delete + aws s3 sync . s3://mybucket \ + --delete Output:: @@ -55,52 +65,49 @@ Output:: upload: test2.txt to s3://mybucket/test2.txt delete: s3://mybucket/test3.txt +**Example 5: Sync all local objects to the specified bucket except ``.jpg`` files** + The following ``sync`` command syncs objects under a specified prefix and bucket to files in a local directory by -uploading the local files to s3. Because the ``--exclude`` parameter flag is thrown, all files matching the pattern -existing both in s3 and locally will be excluded from the sync. In this example, the user syncs the bucket ``mybucket`` +uploading the local files to S3. Because of the ``--exclude`` parameter, all files matching the pattern +existing both in S3 and locally will be excluded from the sync. In this example, the user syncs the bucket ``mybucket`` to the local current directory. The local current directory contains the files ``test.jpg`` and ``test2.txt``. The bucket ``mybucket`` contains the object ``test.jpg`` of a different size than the local ``test.jpg``:: - aws s3 sync . s3://mybucket --exclude "*.jpg" + aws s3 sync . s3://mybucket \ + --exclude "*.jpg" Output:: upload: test2.txt to s3://mybucket/test2.txt +**Example 6: Sync all local objects to the specified bucket except specified directory files** + The following ``sync`` command syncs files under a local directory to objects under a specified prefix and bucket by -downloading s3 objects. This example uses the ``--exclude`` parameter flag to exclude a specified directory -and s3 prefix from the ``sync`` command. In this example, the user syncs the local current directory to the bucket +downloading S3 objects. This example uses the ``--exclude`` parameter flag to exclude a specified directory +and S3 prefix from the ``sync`` command. In this example, the user syncs the local current directory to the bucket ``mybucket``. The local current directory contains the files ``test.txt`` and ``another/test2.txt``. The bucket ``mybucket`` contains the objects ``another/test5.txt`` and ``test1.txt``:: - aws s3 sync s3://mybucket/ . --exclude "*another/*" + aws s3 sync s3://mybucket/ . \ + --exclude "*another/*" Output:: download: s3://mybucket/test1.txt to test1.txt -**Sync from S3 bucket to another S3 bucket while excluding and including objects that match a specified pattern** - -The following ``sync`` command syncs objects under a specified prefix and bucket to objects under another specified -prefix and bucket by copying s3 objects. Because both the ``--exclude`` and ``--include`` parameter flags are thrown, -the second flag will take precedence over the first flag. In this example, all files are excluded from the ``sync`` -command except for files ending with .txt. The bucket ``mybucket`` contains the objects ``test.txt``, ``image1.png``, -and ``image2.png``. The bucket``mybucket2`` contains no objects:: - - aws s3 sync s3://mybucket s3://mybucket2 \ - --exclude "*" \ - --include "*txt" - -Output:: - - copy: s3://mybucket/test.txt to s3://mybucket2/test.txt +**Example 7: Sync all objects between buckets in different regions** The following ``sync`` command syncs files between two buckets in different regions:: - aws s3 sync s3://my-us-west-2-bucket s3://my-us-east-1-bucket --source-region us-west-2 --region us-east-1 + aws s3 sync s3://my-us-west-2-bucket s3://my-us-east-1-bucket \ + --source-region us-west-2 \ + --region us-east-1 + +Output:: + download: s3://my-us-west-2-bucket/test1.txt to s3://my-us-east-1-bucket/test1.txt -**Sync to an S3 access point** +**Example 8: Sync to an S3 access point** The following ``sync`` command syncs the current directory to the access point (``myaccesspoint``):: diff --git a/awscli/examples/s3/website.rst b/awscli/examples/s3/website.rst index b1bd89c8b445..2326e6d002bb 100644 --- a/awscli/examples/s3/website.rst +++ b/awscli/examples/s3/website.rst @@ -1,9 +1,11 @@ -The following command configures a bucket named ``my-bucket`` as a static website:: +**Configure an S3 bucket as a static website** - aws s3 website s3://my-bucket/ --index-document index.html --error-document error.html +The following command configures a bucket named ``amzn-s3-demo-bucket`` as a static website. The index document option specifies the file in ``amzn-s3-demo-bucket`` that visitors will be directed to when they navigate to the website URL. In this case, the bucket is in the us-west-2 region, so the site would appear at ``http://amzn-s3-demo-bucket.s3-website-us-west-2.amazonaws.com``. -The index document option specifies the file in ``my-bucket`` that visitors will be directed to when they navigate to the website URL. In this case, the bucket is in the us-west-2 region, so the site would appear at ``http://my-bucket.s3-website-us-west-2.amazonaws.com``. +All files in the bucket that appear on the static site must be configured to allow visitors to open them. File permissions are configured separately from the bucket website configuration. :: -All files in the bucket that appear on the static site must be configured to allow visitors to open them. File permissions are configured separately from the bucket website configuration. For information on hosting a static website in Amazon S3, see `Hosting a Static Website`_ in the *Amazon Simple Storage Service Developer Guide*. + aws s3 website s3://amzn-s3-demo-bucket/ \ + --index-document index.html \ + --error-document error.html -.. _`Hosting a Static Website`: http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html \ No newline at end of file +For information on hosting a static website in Amazon S3, see `Hosting a Static Website `__ in the *Amazon Simple Storage Service Developer Guide*. \ No newline at end of file diff --git a/awscli/examples/s3api/abort-multipart-upload.rst b/awscli/examples/s3api/abort-multipart-upload.rst index 0ab11e334f86..2a2ba1a85e47 100644 --- a/awscli/examples/s3api/abort-multipart-upload.rst +++ b/awscli/examples/s3api/abort-multipart-upload.rst @@ -1,9 +1,9 @@ **To abort the specified multipart upload** -The following ``abort-multipart-upload`` command aborts a multipart upload for the key ``multipart/01`` in the bucket ``my-bucket``. :: +The following ``abort-multipart-upload`` command aborts a multipart upload for the key ``multipart/01`` in the bucket ``amzn-s3-demo-bucket``. :: aws s3api abort-multipart-upload \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key multipart/01 \ --upload-id dfRtDYU0WWCCcH43C3WFbkRONycyCpTJJvxu2i5GYkZljF.Yxwh6XG7WfS2vC4to6HiV6Yjlx.cph0gtNBtJ8P3URCSbB7rjxI5iEwVDmgaXZOGgkk5nVTW16HOQ5l0R diff --git a/awscli/examples/s3api/complete-multipart-upload.rst b/awscli/examples/s3api/complete-multipart-upload.rst index c6b82347cf21..f1271ec6e671 100644 --- a/awscli/examples/s3api/complete-multipart-upload.rst +++ b/awscli/examples/s3api/complete-multipart-upload.rst @@ -1,6 +1,6 @@ -The following command completes a multipart upload for the key ``multipart/01`` in the bucket ``my-bucket``:: +The following command completes a multipart upload for the key ``multipart/01`` in the bucket ``amzn-s3-demo-bucket``:: - aws s3api complete-multipart-upload --multipart-upload file://mpustruct --bucket my-bucket --key 'multipart/01' --upload-id dfRtDYU0WWCCcH43C3WFbkRONycyCpTJJvxu2i5GYkZljF.Yxwh6XG7WfS2vC4to6HiV6Yjlx.cph0gtNBtJ8P3URCSbB7rjxI5iEwVDmgaXZOGgkk5nVTW16HOQ5l0R + aws s3api complete-multipart-upload --multipart-upload file://mpustruct --bucket amzn-s3-demo-bucket --key 'multipart/01' --upload-id dfRtDYU0WWCCcH43C3WFbkRONycyCpTJJvxu2i5GYkZljF.Yxwh6XG7WfS2vC4to6HiV6Yjlx.cph0gtNBtJ8P3URCSbB7rjxI5iEwVDmgaXZOGgkk5nVTW16HOQ5l0R The upload ID required by this command is output by ``create-multipart-upload`` and can also be retrieved with ``list-multipart-uploads``. @@ -31,7 +31,7 @@ Output:: { "ETag": "\"3944a9f7a4faab7f78788ff6210f63f0-3\"", - "Bucket": "my-bucket", - "Location": "https://my-bucket.s3.amazonaws.com/multipart%2F01", + "Bucket": "amzn-s3-demo-bucket", + "Location": "https://amzn-s3-demo-bucket.s3.amazonaws.com/multipart%2F01", "Key": "multipart/01" } diff --git a/awscli/examples/s3api/create-bucket.rst b/awscli/examples/s3api/create-bucket.rst index 8bbe58af45c7..62370f5e427d 100644 --- a/awscli/examples/s3api/create-bucket.rst +++ b/awscli/examples/s3api/create-bucket.rst @@ -1,52 +1,52 @@ **Example 1: To create a bucket** -The following ``create-bucket`` example creates a bucket named ``my-bucket``:: +The following ``create-bucket`` example creates a bucket named ``amzn-s3-demo-bucket``:: aws s3api create-bucket \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --region us-east-1 Output:: { - "Location": "/my-bucket" + "Location": "/amzn-s3-demo-bucket" } For more information, see `Creating a bucket `__ in the *Amazon S3 User Guide*. **Example 2: To create a bucket with owner enforced** -The following ``create-bucket`` example creates a bucket named ``my-bucket`` that uses the bucket owner enforced setting for S3 Object Ownership. :: +The following ``create-bucket`` example creates a bucket named ``amzn-s3-demo-bucket`` that uses the bucket owner enforced setting for S3 Object Ownership. :: aws s3api create-bucket \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --region us-east-1 \ --object-ownership BucketOwnerEnforced Output:: { - "Location": "/my-bucket" + "Location": "/amzn-s3-demo-bucket" } For more information, see `Controlling ownership of objects and disabling ACLs `__ in the *Amazon S3 User Guide*. **Example 3: To create a bucket outside of the ``us-east-1`` region** -The following ``create-bucket`` example creates a bucket named ``my-bucket`` in the +The following ``create-bucket`` example creates a bucket named ``amzn-s3-demo-bucket`` in the ``eu-west-1`` region. Regions outside of ``us-east-1`` require the appropriate ``LocationConstraint`` to be specified in order to create the bucket in the desired region. :: aws s3api create-bucket \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --region eu-west-1 \ --create-bucket-configuration LocationConstraint=eu-west-1 Output:: { - "Location": "http://my-bucket.s3.amazonaws.com/" + "Location": "http://amzn-s3-demo-bucket.s3.amazonaws.com/" } For more information, see `Creating a bucket `__ in the *Amazon S3 User Guide*. \ No newline at end of file diff --git a/awscli/examples/s3api/create-multipart-upload.rst b/awscli/examples/s3api/create-multipart-upload.rst index a0552e99a0de..ed096f03cee8 100644 --- a/awscli/examples/s3api/create-multipart-upload.rst +++ b/awscli/examples/s3api/create-multipart-upload.rst @@ -1,13 +1,13 @@ -The following command creates a multipart upload in the bucket ``my-bucket`` with the key ``multipart/01``:: +The following command creates a multipart upload in the bucket ``amzn-s3-demo-bucket`` with the key ``multipart/01``:: - aws s3api create-multipart-upload --bucket my-bucket --key 'multipart/01' + aws s3api create-multipart-upload --bucket amzn-s3-demo-bucket --key 'multipart/01' Output:: { - "Bucket": "my-bucket", + "Bucket": "amzn-s3-demo-bucket", "UploadId": "dfRtDYU0WWCCcH43C3WFbkRONycyCpTJJvxu2i5GYkZljF.Yxwh6XG7WfS2vC4to6HiV6Yjlx.cph0gtNBtJ8P3URCSbB7rjxI5iEwVDmgaXZOGgkk5nVTW16HOQ5l0R", "Key": "multipart/01" } -The completed file will be named ``01`` in a folder called ``multipart`` in the bucket ``my-bucket``. Save the upload ID, key and bucket name for use with the ``upload-part`` command. \ No newline at end of file +The completed file will be named ``01`` in a folder called ``multipart`` in the bucket ``amzn-s3-demo-bucket``. Save the upload ID, key and bucket name for use with the ``upload-part`` command. \ No newline at end of file diff --git a/awscli/examples/s3api/delete-bucket-analytics-configuration.rst b/awscli/examples/s3api/delete-bucket-analytics-configuration.rst index 47d350e423f5..51c3d0a5f88a 100755 --- a/awscli/examples/s3api/delete-bucket-analytics-configuration.rst +++ b/awscli/examples/s3api/delete-bucket-analytics-configuration.rst @@ -3,7 +3,7 @@ The following ``delete-bucket-analytics-configuration`` example removes the analytics configuration for the specified bucket and ID. :: aws s3api delete-bucket-analytics-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 1 This command produces no output. \ No newline at end of file diff --git a/awscli/examples/s3api/delete-bucket-cors.rst b/awscli/examples/s3api/delete-bucket-cors.rst index 53ca2a4e8f08..6c9ceeb74883 100644 --- a/awscli/examples/s3api/delete-bucket-cors.rst +++ b/awscli/examples/s3api/delete-bucket-cors.rst @@ -1,3 +1,3 @@ -The following command deletes a Cross-Origin Resource Sharing configuration from a bucket named ``my-bucket``:: +The following command deletes a Cross-Origin Resource Sharing configuration from a bucket named ``amzn-s3-demo-bucket``:: - aws s3api delete-bucket-cors --bucket my-bucket + aws s3api delete-bucket-cors --bucket amzn-s3-demo-bucket diff --git a/awscli/examples/s3api/delete-bucket-encryption.rst b/awscli/examples/s3api/delete-bucket-encryption.rst index da439a3203af..fd6e966909d3 100755 --- a/awscli/examples/s3api/delete-bucket-encryption.rst +++ b/awscli/examples/s3api/delete-bucket-encryption.rst @@ -3,6 +3,6 @@ The following ``delete-bucket-encryption`` example deletes the server-side encryption configuration of the specified bucket. :: aws s3api delete-bucket-encryption \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket This command produces no output. diff --git a/awscli/examples/s3api/delete-bucket-intelligent-tiering-configuration.rst b/awscli/examples/s3api/delete-bucket-intelligent-tiering-configuration.rst index 2bcbd07fc59f..8e5691e7f406 100644 --- a/awscli/examples/s3api/delete-bucket-intelligent-tiering-configuration.rst +++ b/awscli/examples/s3api/delete-bucket-intelligent-tiering-configuration.rst @@ -3,7 +3,7 @@ The following ``delete-bucket-intelligent-tiering-configuration`` example removes an S3 Intelligent-Tiering configuration, named ExampleConfig, on a bucket. :: aws s3api delete-bucket-intelligent-tiering-configuration \ - --bucket DOC-EXAMPLE-BUCKET \ + --bucket amzn-s3-demo-bucket \ --id ExampleConfig This command produces no output. diff --git a/awscli/examples/s3api/delete-bucket-inventory-configuration.rst b/awscli/examples/s3api/delete-bucket-inventory-configuration.rst index a9e062df24d4..6ddd5ab6d545 100755 --- a/awscli/examples/s3api/delete-bucket-inventory-configuration.rst +++ b/awscli/examples/s3api/delete-bucket-inventory-configuration.rst @@ -3,7 +3,7 @@ The following ``delete-bucket-inventory-configuration`` example deletes the inventory configuration with ID ``1`` for the specified bucket. :: aws s3api delete-bucket-inventory-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 1 This command produces no output. diff --git a/awscli/examples/s3api/delete-bucket-lifecycle.rst b/awscli/examples/s3api/delete-bucket-lifecycle.rst index 8d06f89305e7..3235ef5caa48 100644 --- a/awscli/examples/s3api/delete-bucket-lifecycle.rst +++ b/awscli/examples/s3api/delete-bucket-lifecycle.rst @@ -1,3 +1,3 @@ -The following command deletes a lifecycle configuration from a bucket named ``my-bucket``:: +The following command deletes a lifecycle configuration from a bucket named ``amzn-s3-demo-bucket``:: - aws s3api delete-bucket-lifecycle --bucket my-bucket + aws s3api delete-bucket-lifecycle --bucket amzn-s3-demo-bucket diff --git a/awscli/examples/s3api/delete-bucket-metrics-configuration.rst b/awscli/examples/s3api/delete-bucket-metrics-configuration.rst index 325d31ce2dc7..6b428609f898 100755 --- a/awscli/examples/s3api/delete-bucket-metrics-configuration.rst +++ b/awscli/examples/s3api/delete-bucket-metrics-configuration.rst @@ -3,7 +3,7 @@ The following ``delete-bucket-metrics-configuration`` example removes the metrics configuration for the specified bucket and ID. :: aws s3api delete-bucket-metrics-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 123 This command produces no output. \ No newline at end of file diff --git a/awscli/examples/s3api/delete-bucket-ownership-controls.rst b/awscli/examples/s3api/delete-bucket-ownership-controls.rst index 00ca9b95e6cd..d947325f7d58 100644 --- a/awscli/examples/s3api/delete-bucket-ownership-controls.rst +++ b/awscli/examples/s3api/delete-bucket-ownership-controls.rst @@ -3,7 +3,7 @@ The following ``delete-bucket-ownership-controls`` example removes the bucket ownership settings of a bucket. :: aws s3api delete-bucket-ownership-controls \ - --bucket DOC-EXAMPLE-BUCKET + --bucket amzn-s3-demo-bucket This command produces no output. diff --git a/awscli/examples/s3api/delete-bucket-policy.rst b/awscli/examples/s3api/delete-bucket-policy.rst index 0e104e57e475..bbd01103c8dd 100644 --- a/awscli/examples/s3api/delete-bucket-policy.rst +++ b/awscli/examples/s3api/delete-bucket-policy.rst @@ -1,3 +1,3 @@ -The following command deletes a bucket policy from a bucket named ``my-bucket``:: +The following command deletes a bucket policy from a bucket named ``amzn-s3-demo-bucket``:: - aws s3api delete-bucket-policy --bucket my-bucket + aws s3api delete-bucket-policy --bucket amzn-s3-demo-bucket diff --git a/awscli/examples/s3api/delete-bucket-replication.rst b/awscli/examples/s3api/delete-bucket-replication.rst index 50f9dfc38e5d..db8faac83e35 100644 --- a/awscli/examples/s3api/delete-bucket-replication.rst +++ b/awscli/examples/s3api/delete-bucket-replication.rst @@ -1,3 +1,3 @@ -The following command deletes a replication configuration from a bucket named ``my-bucket``:: +The following command deletes a replication configuration from a bucket named ``amzn-s3-demo-bucket``:: - aws s3api delete-bucket-replication --bucket my-bucket + aws s3api delete-bucket-replication --bucket amzn-s3-demo-bucket diff --git a/awscli/examples/s3api/delete-bucket-tagging.rst b/awscli/examples/s3api/delete-bucket-tagging.rst index 713a6ad29f48..cdce318063d8 100644 --- a/awscli/examples/s3api/delete-bucket-tagging.rst +++ b/awscli/examples/s3api/delete-bucket-tagging.rst @@ -1,3 +1,3 @@ -The following command deletes a tagging configuration from a bucket named ``my-bucket``:: +The following command deletes a tagging configuration from a bucket named ``amzn-s3-demo-bucket``:: - aws s3api delete-bucket-tagging --bucket my-bucket + aws s3api delete-bucket-tagging --bucket amzn-s3-demo-bucket diff --git a/awscli/examples/s3api/delete-bucket-website.rst b/awscli/examples/s3api/delete-bucket-website.rst index 155cd1e474a0..781e3322be9c 100644 --- a/awscli/examples/s3api/delete-bucket-website.rst +++ b/awscli/examples/s3api/delete-bucket-website.rst @@ -1,3 +1,3 @@ -The following command deletes a website configuration from a bucket named ``my-bucket``:: +The following command deletes a website configuration from a bucket named ``amzn-s3-demo-bucket``:: - aws s3api delete-bucket-website --bucket my-bucket + aws s3api delete-bucket-website --bucket amzn-s3-demo-bucket diff --git a/awscli/examples/s3api/delete-bucket.rst b/awscli/examples/s3api/delete-bucket.rst index 761eafb15e94..b1cc31522761 100644 --- a/awscli/examples/s3api/delete-bucket.rst +++ b/awscli/examples/s3api/delete-bucket.rst @@ -1,3 +1,3 @@ -The following command deletes a bucket named ``my-bucket``:: +The following command deletes a bucket named ``amzn-s3-demo-bucket``:: - aws s3api delete-bucket --bucket my-bucket --region us-east-1 + aws s3api delete-bucket --bucket amzn-s3-demo-bucket --region us-east-1 diff --git a/awscli/examples/s3api/delete-object-tagging.rst b/awscli/examples/s3api/delete-object-tagging.rst index dbfd27da53f1..d29617f81859 100755 --- a/awscli/examples/s3api/delete-object-tagging.rst +++ b/awscli/examples/s3api/delete-object-tagging.rst @@ -3,7 +3,7 @@ The following ``delete-object-tagging`` example deletes the tag with the specified key from the object ``doc1.rtf``. :: aws s3api delete-object-tagging \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key doc1.rtf This command produces no output. \ No newline at end of file diff --git a/awscli/examples/s3api/delete-object.rst b/awscli/examples/s3api/delete-object.rst index 3a5df3c4e062..6f1a23963f38 100644 --- a/awscli/examples/s3api/delete-object.rst +++ b/awscli/examples/s3api/delete-object.rst @@ -1,6 +1,6 @@ -The following command deletes an object named ``test.txt`` from a bucket named ``my-bucket``:: +The following command deletes an object named ``test.txt`` from a bucket named ``amzn-s3-demo-bucket``:: - aws s3api delete-object --bucket my-bucket --key test.txt + aws s3api delete-object --bucket amzn-s3-demo-bucket --key test.txt If bucket versioning is enabled, the output will contain the version ID of the delete marker:: diff --git a/awscli/examples/s3api/delete-objects.rst b/awscli/examples/s3api/delete-objects.rst index 2446efd51ab4..f08f728f26d1 100644 --- a/awscli/examples/s3api/delete-objects.rst +++ b/awscli/examples/s3api/delete-objects.rst @@ -1,6 +1,6 @@ -The following command deletes an object from a bucket named ``my-bucket``:: +The following command deletes an object from a bucket named ``amzn-s3-demo-bucket``:: - aws s3api delete-objects --bucket my-bucket --delete file://delete.json + aws s3api delete-objects --bucket amzn-s3-demo-bucket --delete file://delete.json ``delete.json`` is a JSON document in the current directory that specifies the object to delete:: diff --git a/awscli/examples/s3api/delete-public-access-block.rst b/awscli/examples/s3api/delete-public-access-block.rst index 563a8b5069b9..54fd0ee6dc40 100755 --- a/awscli/examples/s3api/delete-public-access-block.rst +++ b/awscli/examples/s3api/delete-public-access-block.rst @@ -3,6 +3,6 @@ The following ``delete-public-access-block`` example removes the block public access configuration on the specified bucket. :: aws s3api delete-public-access-block \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket This command produces no output. diff --git a/awscli/examples/s3api/get-bucket-accelerate-configuration.rst b/awscli/examples/s3api/get-bucket-accelerate-configuration.rst index c40bd611d6b4..3f18aa88bcfb 100644 --- a/awscli/examples/s3api/get-bucket-accelerate-configuration.rst +++ b/awscli/examples/s3api/get-bucket-accelerate-configuration.rst @@ -3,7 +3,7 @@ The following ``get-bucket-accelerate-configuration`` example retrieves the accelerate configuration for the specified bucket. :: aws s3api get-bucket-accelerate-configuration \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-acl.rst b/awscli/examples/s3api/get-bucket-acl.rst index 42f40386a31a..33870686cf53 100644 --- a/awscli/examples/s3api/get-bucket-acl.rst +++ b/awscli/examples/s3api/get-bucket-acl.rst @@ -1,6 +1,6 @@ -The following command retrieves the access control list for a bucket named ``my-bucket``:: +The following command retrieves the access control list for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-acl --bucket my-bucket + aws s3api get-bucket-acl --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-analytics-configuration.rst b/awscli/examples/s3api/get-bucket-analytics-configuration.rst index e9e0bba7eb41..b6f1ffe97f48 100755 --- a/awscli/examples/s3api/get-bucket-analytics-configuration.rst +++ b/awscli/examples/s3api/get-bucket-analytics-configuration.rst @@ -3,7 +3,7 @@ The following ``get-bucket-analytics-configuration`` example displays the analytics configuration for the specified bucket and ID. :: aws s3api get-bucket-analytics-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 1 Output:: diff --git a/awscli/examples/s3api/get-bucket-cors.rst b/awscli/examples/s3api/get-bucket-cors.rst index 2bbf9f68e6ae..b712b011e9ed 100644 --- a/awscli/examples/s3api/get-bucket-cors.rst +++ b/awscli/examples/s3api/get-bucket-cors.rst @@ -1,6 +1,6 @@ -The following command retrieves the Cross-Origin Resource Sharing configuration for a bucket named ``my-bucket``:: +The following command retrieves the Cross-Origin Resource Sharing configuration for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-cors --bucket my-bucket + aws s3api get-bucket-cors --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-encryption.rst b/awscli/examples/s3api/get-bucket-encryption.rst index f442f11b58c7..376f4bbdaecc 100755 --- a/awscli/examples/s3api/get-bucket-encryption.rst +++ b/awscli/examples/s3api/get-bucket-encryption.rst @@ -1,9 +1,9 @@ **To retrieve the server-side encryption configuration for a bucket** -The following ``get-bucket-encryption`` example retrieves the server-side encryption configuration for the bucket ``my-bucket``. :: +The following ``get-bucket-encryption`` example retrieves the server-side encryption configuration for the bucket ``amzn-s3-demo-bucket``. :: aws s3api get-bucket-encryption \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-intelligent-tiering-configuration.rst b/awscli/examples/s3api/get-bucket-intelligent-tiering-configuration.rst index 6bf9e17ab049..ac57d76f4e94 100644 --- a/awscli/examples/s3api/get-bucket-intelligent-tiering-configuration.rst +++ b/awscli/examples/s3api/get-bucket-intelligent-tiering-configuration.rst @@ -3,7 +3,7 @@ The following ``get-bucket-intelligent-tiering-configuration`` example retrieves an S3 Intelligent-Tiering configuration, named ExampleConfig, on a bucket. :: aws s3api get-bucket-intelligent-tiering-configuration \ - --bucket DOC-EXAMPLE-BUCKET \ + --bucket amzn-s3-demo-bucket \ --id ExampleConfig Output:: diff --git a/awscli/examples/s3api/get-bucket-inventory-configuration.rst b/awscli/examples/s3api/get-bucket-inventory-configuration.rst index 90a9524a2f79..52bc5d78099d 100755 --- a/awscli/examples/s3api/get-bucket-inventory-configuration.rst +++ b/awscli/examples/s3api/get-bucket-inventory-configuration.rst @@ -3,7 +3,7 @@ The following ``get-bucket-inventory-configuration`` example retrieves the inventory configuration for the specified bucket with ID ``1``. :: aws s3api get-bucket-inventory-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 1 Output:: @@ -14,7 +14,7 @@ Output:: "Destination": { "S3BucketDestination": { "Format": "ORC", - "Bucket": "arn:aws:s3:::my-bucket", + "Bucket": "arn:aws:s3:::amzn-s3-demo-bucket", "AccountId": "123456789012" } }, diff --git a/awscli/examples/s3api/get-bucket-lifecycle-configuration.rst b/awscli/examples/s3api/get-bucket-lifecycle-configuration.rst index 4a10dc8bd642..f279be5d73d5 100644 --- a/awscli/examples/s3api/get-bucket-lifecycle-configuration.rst +++ b/awscli/examples/s3api/get-bucket-lifecycle-configuration.rst @@ -1,6 +1,6 @@ -The following command retrieves the lifecycle configuration for a bucket named ``my-bucket``:: +The following command retrieves the lifecycle configuration for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-lifecycle-configuration --bucket my-bucket + aws s3api get-bucket-lifecycle-configuration --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-lifecycle.rst b/awscli/examples/s3api/get-bucket-lifecycle.rst index fcb23fa8bf07..f58960e1e8ff 100644 --- a/awscli/examples/s3api/get-bucket-lifecycle.rst +++ b/awscli/examples/s3api/get-bucket-lifecycle.rst @@ -1,6 +1,6 @@ -The following command retrieves the lifecycle configuration for a bucket named ``my-bucket``:: +The following command retrieves the lifecycle configuration for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-lifecycle --bucket my-bucket + aws s3api get-bucket-lifecycle --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-location.rst b/awscli/examples/s3api/get-bucket-location.rst index 092fa5e8afe0..0ad5c7ec973d 100644 --- a/awscli/examples/s3api/get-bucket-location.rst +++ b/awscli/examples/s3api/get-bucket-location.rst @@ -1,6 +1,6 @@ -The following command retrieves the location constraint for a bucket named ``my-bucket``, if a constraint exists:: +The following command retrieves the location constraint for a bucket named ``amzn-s3-demo-bucket``, if a constraint exists:: - aws s3api get-bucket-location --bucket my-bucket + aws s3api get-bucket-location --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-logging.rst b/awscli/examples/s3api/get-bucket-logging.rst index f1398a5b914b..6a1876ba3bfc 100755 --- a/awscli/examples/s3api/get-bucket-logging.rst +++ b/awscli/examples/s3api/get-bucket-logging.rst @@ -3,13 +3,13 @@ The following ``get-bucket-logging`` example retrieves the logging status for the specified bucket. :: aws s3api get-bucket-logging \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: { "LoggingEnabled": { "TargetPrefix": "", - "TargetBucket": "my-bucket-logs" + "TargetBucket": "amzn-s3-demo-bucket-logs" } } diff --git a/awscli/examples/s3api/get-bucket-metrics-configuration.rst b/awscli/examples/s3api/get-bucket-metrics-configuration.rst index d0628a55f7e2..bfed5f1804de 100755 --- a/awscli/examples/s3api/get-bucket-metrics-configuration.rst +++ b/awscli/examples/s3api/get-bucket-metrics-configuration.rst @@ -3,7 +3,7 @@ The following ``get-bucket-metrics-configuration`` example displays the metrics configuration for the specified bucket and ID. :: aws s3api get-bucket-metrics-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 123 Output:: diff --git a/awscli/examples/s3api/get-bucket-notification-configuration.rst b/awscli/examples/s3api/get-bucket-notification-configuration.rst index 8eca1c3fa895..1f39bedd7481 100644 --- a/awscli/examples/s3api/get-bucket-notification-configuration.rst +++ b/awscli/examples/s3api/get-bucket-notification-configuration.rst @@ -1,6 +1,6 @@ -The following command retrieves the notification configuration for a bucket named ``my-bucket``:: +The following command retrieves the notification configuration for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-notification-configuration --bucket my-bucket + aws s3api get-bucket-notification-configuration --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-notification.rst b/awscli/examples/s3api/get-bucket-notification.rst index e8a591e66ee1..91eafc505918 100644 --- a/awscli/examples/s3api/get-bucket-notification.rst +++ b/awscli/examples/s3api/get-bucket-notification.rst @@ -1,6 +1,6 @@ -The following command retrieves the notification configuration for a bucket named ``my-bucket``:: +The following command retrieves the notification configuration for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-notification --bucket my-bucket + aws s3api get-bucket-notification --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-ownership-controls.rst b/awscli/examples/s3api/get-bucket-ownership-controls.rst index 1db8866d157c..84fc0d75f4ab 100644 --- a/awscli/examples/s3api/get-bucket-ownership-controls.rst +++ b/awscli/examples/s3api/get-bucket-ownership-controls.rst @@ -3,7 +3,7 @@ The following ``get-bucket-ownership-controls`` example retrieves the bucket ownership settings of a bucket. :: aws s3api get-bucket-ownership-controls \ - --bucket DOC-EXAMPLE-BUCKET + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-policy-status.rst b/awscli/examples/s3api/get-bucket-policy-status.rst index 599f1f128a17..5164c3e30173 100755 --- a/awscli/examples/s3api/get-bucket-policy-status.rst +++ b/awscli/examples/s3api/get-bucket-policy-status.rst @@ -1,9 +1,9 @@ **To retrieve the policy status for a bucket indicating whether the bucket is public** -The following ``get-bucket-policy-status`` example retrieves the policy status for the bucket ``my-bucket``. :: +The following ``get-bucket-policy-status`` example retrieves the policy status for the bucket ``amzn-s3-demo-bucket``. :: aws s3api get-bucket-policy-status \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-policy.rst b/awscli/examples/s3api/get-bucket-policy.rst index 606e3297fbd9..e0279f3a2f7f 100644 --- a/awscli/examples/s3api/get-bucket-policy.rst +++ b/awscli/examples/s3api/get-bucket-policy.rst @@ -1,11 +1,11 @@ -The following command retrieves the bucket policy for a bucket named ``my-bucket``:: +The following command retrieves the bucket policy for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-policy --bucket my-bucket + aws s3api get-bucket-policy --bucket amzn-s3-demo-bucket Output:: { - "Policy": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::my-bucket/*\"},{\"Sid\":\"\",\"Effect\":\"Deny\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::my-bucket/secret/*\"}]}" + "Policy": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::amzn-s3-demo-bucket/*\"},{\"Sid\":\"\",\"Effect\":\"Deny\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::amzn-s3-demo-bucket/secret/*\"}]}" } Get and put a bucket policy diff --git a/awscli/examples/s3api/get-bucket-replication.rst b/awscli/examples/s3api/get-bucket-replication.rst index c056c701e844..23e1aae1e3ae 100644 --- a/awscli/examples/s3api/get-bucket-replication.rst +++ b/awscli/examples/s3api/get-bucket-replication.rst @@ -1,6 +1,6 @@ -The following command retrieves the replication configuration for a bucket named ``my-bucket``:: +The following command retrieves the replication configuration for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-replication --bucket my-bucket + aws s3api get-bucket-replication --bucket amzn-s3-demo-bucket Output:: @@ -11,7 +11,7 @@ Output:: "Status": "Enabled", "Prefix": "", "Destination": { - "Bucket": "arn:aws:s3:::my-bucket-backup", + "Bucket": "arn:aws:s3:::amzn-s3-demo-bucket-backup", "StorageClass": "STANDARD" }, "ID": "ZmUwNzE4ZmQ4tMjVhOS00MTlkLOGI4NDkzZTIWJjNTUtYTA1" diff --git a/awscli/examples/s3api/get-bucket-request-payment.rst b/awscli/examples/s3api/get-bucket-request-payment.rst index 41c9f8d8f8d8..d53d664d8e8b 100644 --- a/awscli/examples/s3api/get-bucket-request-payment.rst +++ b/awscli/examples/s3api/get-bucket-request-payment.rst @@ -3,7 +3,7 @@ The following ``get-bucket-request-payment`` example retrieves the requester pays configuration for the specified bucket. :: aws s3api get-bucket-request-payment \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-tagging.rst b/awscli/examples/s3api/get-bucket-tagging.rst index fbbee96e7d9d..8d8906462e6c 100644 --- a/awscli/examples/s3api/get-bucket-tagging.rst +++ b/awscli/examples/s3api/get-bucket-tagging.rst @@ -1,6 +1,6 @@ -The following command retrieves the tagging configuration for a bucket named ``my-bucket``:: +The following command retrieves the tagging configuration for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-tagging --bucket my-bucket + aws s3api get-bucket-tagging --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-versioning.rst b/awscli/examples/s3api/get-bucket-versioning.rst index fea8280d06af..7ba6890a28c9 100644 --- a/awscli/examples/s3api/get-bucket-versioning.rst +++ b/awscli/examples/s3api/get-bucket-versioning.rst @@ -1,6 +1,6 @@ -The following command retrieves the versioning configuration for a bucket named ``my-bucket``:: +The following command retrieves the versioning configuration for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-versioning --bucket my-bucket + aws s3api get-bucket-versioning --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-bucket-website.rst b/awscli/examples/s3api/get-bucket-website.rst index e4a3682b4fe4..b0945d07e068 100644 --- a/awscli/examples/s3api/get-bucket-website.rst +++ b/awscli/examples/s3api/get-bucket-website.rst @@ -1,6 +1,6 @@ -The following command retrieves the static website configuration for a bucket named ``my-bucket``:: +The following command retrieves the static website configuration for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-bucket-website --bucket my-bucket + aws s3api get-bucket-website --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/get-object-acl.rst b/awscli/examples/s3api/get-object-acl.rst index b487cdd93b94..5d89a58b2a86 100644 --- a/awscli/examples/s3api/get-object-acl.rst +++ b/awscli/examples/s3api/get-object-acl.rst @@ -1,6 +1,6 @@ -The following command retrieves the access control list for an object in a bucket named ``my-bucket``:: +The following command retrieves the access control list for an object in a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-object-acl --bucket my-bucket --key index.html + aws s3api get-object-acl --bucket amzn-s3-demo-bucket --key index.html Output:: diff --git a/awscli/examples/s3api/get-object-attributes.rst b/awscli/examples/s3api/get-object-attributes.rst index 12f10f72bd3f..d9cc78c685df 100644 --- a/awscli/examples/s3api/get-object-attributes.rst +++ b/awscli/examples/s3api/get-object-attributes.rst @@ -3,7 +3,7 @@ The following ``get-object-attributes`` example retrieves metadata from the object ``doc1.rtf``. :: aws s3api get-object-attributes \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key doc1.rtf \ --object-attributes "StorageClass" "ETag" "ObjectSize" diff --git a/awscli/examples/s3api/get-object-legal-hold.rst b/awscli/examples/s3api/get-object-legal-hold.rst index 1163d94a0c35..74bd0f05f6a3 100644 --- a/awscli/examples/s3api/get-object-legal-hold.rst +++ b/awscli/examples/s3api/get-object-legal-hold.rst @@ -3,7 +3,7 @@ The following ``get-object-legal-hold`` example retrieves the Legal Hold status for the specified object. :: aws s3api get-object-legal-hold \ - --bucket my-bucket-with-object-lock \ + --bucket amzn-s3-demo-bucket-with-object-lock \ --key doc1.rtf Output:: diff --git a/awscli/examples/s3api/get-object-lock-configuration.rst b/awscli/examples/s3api/get-object-lock-configuration.rst index 3be8c620185f..d75b2ba6a1ca 100755 --- a/awscli/examples/s3api/get-object-lock-configuration.rst +++ b/awscli/examples/s3api/get-object-lock-configuration.rst @@ -3,7 +3,7 @@ The following ``get-object-lock-configuration`` example retrieves the object lock configuration for the specified bucket. :: aws s3api get-object-lock-configuration \ - --bucket my-bucket-with-object-lock + --bucket amzn-s3-demo-bucket-with-object-lock Output:: diff --git a/awscli/examples/s3api/get-object-retention.rst b/awscli/examples/s3api/get-object-retention.rst index ebd67e632b54..d2930010a993 100755 --- a/awscli/examples/s3api/get-object-retention.rst +++ b/awscli/examples/s3api/get-object-retention.rst @@ -3,7 +3,7 @@ The following ``get-object-retention`` example retrieves the object retention configuration for the specified object. :: aws s3api get-object-retention \ - --bucket my-bucket-with-object-lock \ + --bucket amzn-s3-demo-bucket-with-object-lock \ --key doc1.rtf Output:: diff --git a/awscli/examples/s3api/get-object-tagging.rst b/awscli/examples/s3api/get-object-tagging.rst index 8fe3225c26a8..d942238876d2 100755 --- a/awscli/examples/s3api/get-object-tagging.rst +++ b/awscli/examples/s3api/get-object-tagging.rst @@ -3,7 +3,7 @@ The following ``get-object-tagging`` example retrieves the values for the specified key from the specified object. :: aws s3api get-object-tagging \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key doc1.rtf Output:: @@ -20,7 +20,7 @@ Output:: The following ``get-object-tagging`` example tries to retrieve the tag sets of the object ``doc2.rtf``, which has no tags. :: aws s3api get-object-tagging \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key doc2.rtf Output:: @@ -33,7 +33,7 @@ Output:: The following ``get-object-tagging`` example retrieves the tag sets of the object ``doc3.rtf``, which has multiple tags. :: aws s3api get-object-tagging \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key doc3.rtf Output:: diff --git a/awscli/examples/s3api/get-object-torrent.rst b/awscli/examples/s3api/get-object-torrent.rst index dc23e558d75a..989e9e6cfbb7 100644 --- a/awscli/examples/s3api/get-object-torrent.rst +++ b/awscli/examples/s3api/get-object-torrent.rst @@ -1,5 +1,5 @@ -The following command creates a torrent for an object in a bucket named ``my-bucket``:: +The following command creates a torrent for an object in a bucket named ``amzn-s3-demo-bucket``:: - aws s3api get-object-torrent --bucket my-bucket --key large-video-file.mp4 large-video-file.torrent + aws s3api get-object-torrent --bucket amzn-s3-demo-bucket --key large-video-file.mp4 large-video-file.torrent The torrent file is saved locally in the current folder. Note that the output filename (``large-video-file.torrent``) is specified without an option name and must be the last argument in the command. \ No newline at end of file diff --git a/awscli/examples/s3api/get-public-access-block.rst b/awscli/examples/s3api/get-public-access-block.rst index 7cd897d1ea5d..2c2dea9220e8 100755 --- a/awscli/examples/s3api/get-public-access-block.rst +++ b/awscli/examples/s3api/get-public-access-block.rst @@ -3,7 +3,7 @@ The following ``get-public-access-block`` example displays the block public access configuration for the specified bucket. :: aws s3api get-public-access-block \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/head-bucket.rst b/awscli/examples/s3api/head-bucket.rst index 695c90f580a0..1a08f13f22e5 100644 --- a/awscli/examples/s3api/head-bucket.rst +++ b/awscli/examples/s3api/head-bucket.rst @@ -1,6 +1,6 @@ -The following command verifies access to a bucket named ``my-bucket``:: +The following command verifies access to a bucket named ``amzn-s3-demo-bucket``:: - aws s3api head-bucket --bucket my-bucket + aws s3api head-bucket --bucket amzn-s3-demo-bucket If the bucket exists and you have access to it, no output is returned. Otherwise, an error message will be shown. For example:: diff --git a/awscli/examples/s3api/head-object.rst b/awscli/examples/s3api/head-object.rst index e432a649c85a..1c87881b65e0 100644 --- a/awscli/examples/s3api/head-object.rst +++ b/awscli/examples/s3api/head-object.rst @@ -1,6 +1,6 @@ -The following command retrieves metadata for an object in a bucket named ``my-bucket``:: +The following command retrieves metadata for an object in a bucket named ``amzn-s3-demo-bucket``:: - aws s3api head-object --bucket my-bucket --key index.html + aws s3api head-object --bucket amzn-s3-demo-bucket --key index.html Output:: diff --git a/awscli/examples/s3api/list-bucket-analytics-configurations.rst b/awscli/examples/s3api/list-bucket-analytics-configurations.rst index cedf797292d1..93d5131d76cc 100755 --- a/awscli/examples/s3api/list-bucket-analytics-configurations.rst +++ b/awscli/examples/s3api/list-bucket-analytics-configurations.rst @@ -3,7 +3,7 @@ The following ``list-bucket-analytics-configurations`` retrieves a list of analytics configurations for the specified bucket. :: aws s3api list-bucket-analytics-configurations \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/list-bucket-intelligent-tiering-configurations.rst b/awscli/examples/s3api/list-bucket-intelligent-tiering-configurations.rst index b30b240954ff..6e09ea78086c 100644 --- a/awscli/examples/s3api/list-bucket-intelligent-tiering-configurations.rst +++ b/awscli/examples/s3api/list-bucket-intelligent-tiering-configurations.rst @@ -3,7 +3,7 @@ The following ``list-bucket-intelligent-tiering-configurations`` example retrieves all S3 Intelligent-Tiering configuration on a bucket. :: aws s3api list-bucket-intelligent-tiering-configurations \ - --bucket DOC-EXAMPLE-BUCKET + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/list-bucket-inventory-configurations.rst b/awscli/examples/s3api/list-bucket-inventory-configurations.rst index 2b40ede04fdf..1a8c2e5fcbdc 100755 --- a/awscli/examples/s3api/list-bucket-inventory-configurations.rst +++ b/awscli/examples/s3api/list-bucket-inventory-configurations.rst @@ -3,7 +3,7 @@ The following ``list-bucket-inventory-configurations`` example lists the inventory configurations for the specified bucket. :: aws s3api list-bucket-inventory-configurations \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: @@ -14,7 +14,7 @@ Output:: "Destination": { "S3BucketDestination": { "Format": "ORC", - "Bucket": "arn:aws:s3:::my-bucket", + "Bucket": "arn:aws:s3:::amzn-s3-demo-bucket", "AccountId": "123456789012" } }, @@ -29,7 +29,7 @@ Output:: "Destination": { "S3BucketDestination": { "Format": "CSV", - "Bucket": "arn:aws:s3:::my-bucket", + "Bucket": "arn:aws:s3:::amzn-s3-demo-bucket", "AccountId": "123456789012" } }, diff --git a/awscli/examples/s3api/list-bucket-metrics-configurations.rst b/awscli/examples/s3api/list-bucket-metrics-configurations.rst index 769c4d7404b6..79145dd11cc0 100755 --- a/awscli/examples/s3api/list-bucket-metrics-configurations.rst +++ b/awscli/examples/s3api/list-bucket-metrics-configurations.rst @@ -3,7 +3,7 @@ The following ``list-bucket-metrics-configurations`` example retrieves a list of metrics configurations for the specified bucket. :: aws s3api list-bucket-metrics-configurations \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/list-multipart-uploads.rst b/awscli/examples/s3api/list-multipart-uploads.rst index 34d825f5b0bf..082bae3443e2 100644 --- a/awscli/examples/s3api/list-multipart-uploads.rst +++ b/awscli/examples/s3api/list-multipart-uploads.rst @@ -1,6 +1,6 @@ -The following command lists all of the active multipart uploads for a bucket named ``my-bucket``:: +The following command lists all of the active multipart uploads for a bucket named ``amzn-s3-demo-bucket``:: - aws s3api list-multipart-uploads --bucket my-bucket + aws s3api list-multipart-uploads --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/list-object-versions.rst b/awscli/examples/s3api/list-object-versions.rst index dce635a23f90..5f21a6114e13 100644 --- a/awscli/examples/s3api/list-object-versions.rst +++ b/awscli/examples/s3api/list-object-versions.rst @@ -1,6 +1,6 @@ -The following command retrieves version information for an object in a bucket named ``my-bucket``:: +The following command retrieves version information for an object in a bucket named ``amzn-s3-demo-bucket``:: - aws s3api list-object-versions --bucket my-bucket --prefix index.html + aws s3api list-object-versions --bucket amzn-s3-demo-bucket --prefix index.html Output:: diff --git a/awscli/examples/s3api/list-objects-v2.rst b/awscli/examples/s3api/list-objects-v2.rst index 0e98fcb3d1ea..2ecf04b7cbcc 100644 --- a/awscli/examples/s3api/list-objects-v2.rst +++ b/awscli/examples/s3api/list-objects-v2.rst @@ -3,7 +3,7 @@ The following ``list-objects-v2`` example lists the objects in the specified bucket. :: aws s3api list-objects-v2 \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket Output:: diff --git a/awscli/examples/s3api/list-parts.rst b/awscli/examples/s3api/list-parts.rst index 2e574da1c224..0328f7133fc9 100644 --- a/awscli/examples/s3api/list-parts.rst +++ b/awscli/examples/s3api/list-parts.rst @@ -1,6 +1,6 @@ -The following command lists all of the parts that have been uploaded for a multipart upload with key ``multipart/01`` in the bucket ``my-bucket``:: +The following command lists all of the parts that have been uploaded for a multipart upload with key ``multipart/01`` in the bucket ``amzn-s3-demo-bucket``:: - aws s3api list-parts --bucket my-bucket --key 'multipart/01' --upload-id dfRtDYU0WWCCcH43C3WFbkRONycyCpTJJvxu2i5GYkZljF.Yxwh6XG7WfS2vC4to6HiV6Yjlx.cph0gtNBtJ8P3URCSbB7rjxI5iEwVDmgaXZOGgkk5nVTW16HOQ5l0R + aws s3api list-parts --bucket amzn-s3-demo-bucket --key 'multipart/01' --upload-id dfRtDYU0WWCCcH43C3WFbkRONycyCpTJJvxu2i5GYkZljF.Yxwh6XG7WfS2vC4to6HiV6Yjlx.cph0gtNBtJ8P3URCSbB7rjxI5iEwVDmgaXZOGgkk5nVTW16HOQ5l0R Output:: diff --git a/awscli/examples/s3api/put-bucket-accelerate-configuration.rst b/awscli/examples/s3api/put-bucket-accelerate-configuration.rst index 0cbb96053791..0bad93b16b78 100644 --- a/awscli/examples/s3api/put-bucket-accelerate-configuration.rst +++ b/awscli/examples/s3api/put-bucket-accelerate-configuration.rst @@ -3,7 +3,7 @@ The following ``put-bucket-accelerate-configuration`` example enables the accelerate configuration for the specified bucket. :: aws s3api put-bucket-accelerate-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --accelerate-configuration Status=Enabled This command produces no output. diff --git a/awscli/examples/s3api/put-bucket-acl.rst b/awscli/examples/s3api/put-bucket-acl.rst index 42418a8160aa..91a1ed127336 100644 --- a/awscli/examples/s3api/put-bucket-acl.rst +++ b/awscli/examples/s3api/put-bucket-acl.rst @@ -1,7 +1,7 @@ This example grants ``full control`` to two AWS users (*user1@example.com* and *user2@example.com*) and ``read`` permission to everyone:: - aws s3api put-bucket-acl --bucket MyBucket --grant-full-control emailaddress=user1@example.com,emailaddress=user2@example.com --grant-read uri=http://acs.amazonaws.com/groups/global/AllUsers + aws s3api put-bucket-acl --bucket amzn-s3-demo-bucket --grant-full-control emailaddress=user1@example.com,emailaddress=user2@example.com --grant-read uri=http://acs.amazonaws.com/groups/global/AllUsers See http://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTacl.html for details on custom ACLs (the s3api ACL commands, such as ``put-bucket-acl``, use the same shorthand argument notation). diff --git a/awscli/examples/s3api/put-bucket-analytics-configuration.rst b/awscli/examples/s3api/put-bucket-analytics-configuration.rst index 25dea1fcfbae..64ae218931ae 100644 --- a/awscli/examples/s3api/put-bucket-analytics-configuration.rst +++ b/awscli/examples/s3api/put-bucket-analytics-configuration.rst @@ -3,7 +3,7 @@ The following ``put-bucket-analytics-configuration`` example configures analytics for the specified bucket. :: aws s3api put-bucket-analytics-configuration \ - --bucket my-bucket --id 1 \ + --bucket amzn-s3-demo-bucket --id 1 \ --analytics-configuration '{"Id": "1","StorageClassAnalysis": {}}' This command produces no output. diff --git a/awscli/examples/s3api/put-bucket-cors.rst b/awscli/examples/s3api/put-bucket-cors.rst index 83494f3c058c..65be5da0b721 100644 --- a/awscli/examples/s3api/put-bucket-cors.rst +++ b/awscli/examples/s3api/put-bucket-cors.rst @@ -1,7 +1,7 @@ The following example enables ``PUT``, ``POST``, and ``DELETE`` requests from *www.example.com*, and enables ``GET`` requests from any domain:: - aws s3api put-bucket-cors --bucket MyBucket --cors-configuration file://cors.json + aws s3api put-bucket-cors --bucket amzn-s3-demo-bucket --cors-configuration file://cors.json cors.json: { diff --git a/awscli/examples/s3api/put-bucket-encryption.rst b/awscli/examples/s3api/put-bucket-encryption.rst index da892f68aad0..c9bed5350fca 100644 --- a/awscli/examples/s3api/put-bucket-encryption.rst +++ b/awscli/examples/s3api/put-bucket-encryption.rst @@ -3,7 +3,7 @@ The following ``put-bucket-encryption`` example sets AES256 encryption as the default for the specified bucket. :: aws s3api put-bucket-encryption \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --server-side-encryption-configuration '{"Rules": [{"ApplyServerSideEncryptionByDefault": {"SSEAlgorithm": "AES256"}}]}' This command produces no output. \ No newline at end of file diff --git a/awscli/examples/s3api/put-bucket-intelligent-tiering-configuration.rst b/awscli/examples/s3api/put-bucket-intelligent-tiering-configuration.rst index 5d46dfa17475..e3bf35547f77 100644 --- a/awscli/examples/s3api/put-bucket-intelligent-tiering-configuration.rst +++ b/awscli/examples/s3api/put-bucket-intelligent-tiering-configuration.rst @@ -3,7 +3,7 @@ The following ``put-bucket-intelligent-tiering-configuration`` example updates an S3 Intelligent-Tiering configuration, named ExampleConfig, on a bucket. The configuration will transition objects that have not been accessed under the prefix images to Archive Access after 90 days and Deep Archive Access after 180 days. :: aws s3api put-bucket-intelligent-tiering-configuration \ - --bucket DOC-EXAMPLE-BUCKET \ + --bucket amzn-s3-demo-bucket \ --id "ExampleConfig" \ --intelligent-tiering-configuration file://intelligent-tiering-configuration.json diff --git a/awscli/examples/s3api/put-bucket-inventory-configuration.rst b/awscli/examples/s3api/put-bucket-inventory-configuration.rst index a5f260604033..71cb607dbf63 100755 --- a/awscli/examples/s3api/put-bucket-inventory-configuration.rst +++ b/awscli/examples/s3api/put-bucket-inventory-configuration.rst @@ -1,21 +1,21 @@ **Example 1: To set an inventory configuration for a bucket** -The following ``put-bucket-inventory-configuration`` example sets a weekly ORC-formatted inventory report for the bucket ``my-bucket``. :: +The following ``put-bucket-inventory-configuration`` example sets a weekly ORC-formatted inventory report for the bucket ``amzn-s3-demo-bucket``. :: aws s3api put-bucket-inventory-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 1 \ - --inventory-configuration '{"Destination": { "S3BucketDestination": { "AccountId": "123456789012", "Bucket": "arn:aws:s3:::my-bucket", "Format": "ORC" }}, "IsEnabled": true, "Id": "1", "IncludedObjectVersions": "Current", "Schedule": { "Frequency": "Weekly" }}' + --inventory-configuration '{"Destination": { "S3BucketDestination": { "AccountId": "123456789012", "Bucket": "arn:aws:s3:::amzn-s3-demo-bucket", "Format": "ORC" }}, "IsEnabled": true, "Id": "1", "IncludedObjectVersions": "Current", "Schedule": { "Frequency": "Weekly" }}' This command produces no output. **Example 2: To set an inventory configuration for a bucket** -The following ``put-bucket-inventory-configuration`` example sets a daily CSV-formatted inventory report for the bucket ``my-bucket``. :: +The following ``put-bucket-inventory-configuration`` example sets a daily CSV-formatted inventory report for the bucket ``amzn-s3-demo-bucket``. :: aws s3api put-bucket-inventory-configuration \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --id 2 \ - --inventory-configuration '{"Destination": { "S3BucketDestination": { "AccountId": "123456789012", "Bucket": "arn:aws:s3:::my-bucket", "Format": "CSV" }}, "IsEnabled": true, "Id": "2", "IncludedObjectVersions": "Current", "Schedule": { "Frequency": "Daily" }}' + --inventory-configuration '{"Destination": { "S3BucketDestination": { "AccountId": "123456789012", "Bucket": "arn:aws:s3:::amzn-s3-demo-bucket", "Format": "CSV" }}, "IsEnabled": true, "Id": "2", "IncludedObjectVersions": "Current", "Schedule": { "Frequency": "Daily" }}' This command produces no output. diff --git a/awscli/examples/s3api/put-bucket-lifecycle-configuration.rst b/awscli/examples/s3api/put-bucket-lifecycle-configuration.rst index 243ea8ea51f5..c47e452d2aa8 100644 --- a/awscli/examples/s3api/put-bucket-lifecycle-configuration.rst +++ b/awscli/examples/s3api/put-bucket-lifecycle-configuration.rst @@ -1,6 +1,6 @@ -The following command applies a lifecycle configuration to a bucket named ``my-bucket``:: +The following command applies a lifecycle configuration to a bucket named ``amzn-s3-demo-bucket``:: - aws s3api put-bucket-lifecycle-configuration --bucket my-bucket --lifecycle-configuration file://lifecycle.json + aws s3api put-bucket-lifecycle-configuration --bucket amzn-s3-demo-bucket --lifecycle-configuration file://lifecycle.json The file ``lifecycle.json`` is a JSON document in the current folder that specifies two rules:: diff --git a/awscli/examples/s3api/put-bucket-lifecycle.rst b/awscli/examples/s3api/put-bucket-lifecycle.rst index c236b7d220ca..f4fc8582bcc9 100644 --- a/awscli/examples/s3api/put-bucket-lifecycle.rst +++ b/awscli/examples/s3api/put-bucket-lifecycle.rst @@ -1,6 +1,6 @@ -The following command applies a lifecycle configuration to the bucket ``my-bucket``:: +The following command applies a lifecycle configuration to the bucket ``amzn-s3-demo-bucket``:: - aws s3api put-bucket-lifecycle --bucket my-bucket --lifecycle-configuration file://lifecycle.json + aws s3api put-bucket-lifecycle --bucket amzn-s3-demo-bucket --lifecycle-configuration file://lifecycle.json The file ``lifecycle.json`` is a JSON document in the current folder that specifies two rules:: diff --git a/awscli/examples/s3api/put-bucket-logging.rst b/awscli/examples/s3api/put-bucket-logging.rst index 8c1242943989..17beeef1226e 100644 --- a/awscli/examples/s3api/put-bucket-logging.rst +++ b/awscli/examples/s3api/put-bucket-logging.rst @@ -1,9 +1,9 @@ **Example 1: To set bucket policy logging** -The following ``put-bucket-logging`` example sets the logging policy for *MyBucket*. First, grant the logging service principal permission in your bucket policy using the ``put-bucket-policy`` command. :: +The following ``put-bucket-logging`` example sets the logging policy for *amzn-s3-demo-bucket*. First, grant the logging service principal permission in your bucket policy using the ``put-bucket-policy`` command. :: aws s3api put-bucket-policy \ - --bucket MyBucket \ + --bucket amzn-s3-demo-bucket \ --policy file://policy.json Contents of ``policy.json``:: @@ -16,7 +16,7 @@ Contents of ``policy.json``:: "Effect": "Allow", "Principal": {"Service": "logging.s3.amazonaws.com"}, "Action": "s3:PutObject", - "Resource": "arn:aws:s3:::MyBucket/Logs/*", + "Resource": "arn:aws:s3:::amzn-s3-demo-bucket/Logs/*", "Condition": { "ArnLike": {"aws:SourceARN": "arn:aws:s3:::SOURCE-BUCKET-NAME"}, "StringEquals": {"aws:SourceAccount": "SOURCE-AWS-ACCOUNT-ID"} @@ -28,14 +28,14 @@ Contents of ``policy.json``:: To apply the logging policy, use ``put-bucket-logging``. :: aws s3api put-bucket-logging \ - --bucket MyBucket \ + --bucket amzn-s3-demo-bucket \ --bucket-logging-status file://logging.json Contents of ``logging.json``:: { "LoggingEnabled": { - "TargetBucket": "MyBucket", + "TargetBucket": "amzn-s3-demo-bucket", "TargetPrefix": "Logs/" } } @@ -46,26 +46,26 @@ For more information, see `Amazon S3 Server Access Logging `__ in the *Amazon S3 Developer Guide*. -For more information about uploading objects, see `Uploading Objects`_ in the *Amazon S3 Developer Guide*. +**Example 2: Upload a video file to Amazon S3** -.. _`Uploading Objects`: http://docs.aws.amazon.com/AmazonS3/latest/dev/UploadingObjects.html +The following ``put-object`` command example uploads a video file. :: + aws s3api put-object \ + --bucket amzn-s3-demo-bucket \ + --key my-dir/big-video-file.mp4 \ + --body /media/videos/f-sharp-3-data-services.mp4 + +For more information about uploading objects, see `Uploading Objects < http://docs.aws.amazon.com/AmazonS3/latest/dev/UploadingObjects.html>`__ in the *Amazon S3 Developer Guide*. diff --git a/awscli/examples/s3api/put-public-access-block.rst b/awscli/examples/s3api/put-public-access-block.rst index f06bf915f85d..5d082bc98d34 100755 --- a/awscli/examples/s3api/put-public-access-block.rst +++ b/awscli/examples/s3api/put-public-access-block.rst @@ -3,7 +3,7 @@ The following ``put-public-access-block`` example sets a restrictive block public access configuration for the specified bucket. :: aws s3api put-public-access-block \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --public-access-block-configuration "BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true" This command produces no output. diff --git a/awscli/examples/s3api/select-object-content.rst b/awscli/examples/s3api/select-object-content.rst index 0385f8e30f22..5462af4f1f39 100755 --- a/awscli/examples/s3api/select-object-content.rst +++ b/awscli/examples/s3api/select-object-content.rst @@ -3,7 +3,7 @@ The following ``select-object-content`` example filters the object ``my-data-file.csv`` with the specified SQL statement and sends output to a file. :: aws s3api select-object-content \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key my-data-file.csv \ --expression "select * from s3object limit 100" \ --expression-type 'SQL' \ diff --git a/awscli/examples/s3api/upload-part-copy.rst b/awscli/examples/s3api/upload-part-copy.rst index 2c0504261e23..a1194464ca35 100755 --- a/awscli/examples/s3api/upload-part-copy.rst +++ b/awscli/examples/s3api/upload-part-copy.rst @@ -3,9 +3,9 @@ The following ``upload-part-copy`` example uploads a part by copying data from an existing object as a data source. :: aws s3api upload-part-copy \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key "Map_Data_June.mp4" \ - --copy-source "my-bucket/copy_of_Map_Data_June.mp4" \ + --copy-source "amzn-s3-demo-bucket/copy_of_Map_Data_June.mp4" \ --part-number 1 \ --upload-id "bq0tdE1CDpWQYRPLHuNG50xAT6pA5D.m_RiBy0ggOH6b13pVRY7QjvLlf75iFdJqp_2wztk5hvpUM2SesXgrzbehG5hViyktrfANpAD0NO.Nk3XREBqvGeZF6U3ipiSm" diff --git a/awscli/examples/s3api/upload-part.rst b/awscli/examples/s3api/upload-part.rst index e8a35eb1f7c6..fb8f4a704040 100644 --- a/awscli/examples/s3api/upload-part.rst +++ b/awscli/examples/s3api/upload-part.rst @@ -1,6 +1,6 @@ The following command uploads the first part in a multipart upload initiated with the ``create-multipart-upload`` command:: - aws s3api upload-part --bucket my-bucket --key 'multipart/01' --part-number 1 --body part01 --upload-id "dfRtDYU0WWCCcH43C3WFbkRONycyCpTJJvxu2i5GYkZljF.Yxwh6XG7WfS2vC4to6HiV6Yjlx.cph0gtNBtJ8P3URCSbB7rjxI5iEwVDmgaXZOGgkk5nVTW16HOQ5l0R" + aws s3api upload-part --bucket amzn-s3-demo-bucket --key 'multipart/01' --part-number 1 --body part01 --upload-id "dfRtDYU0WWCCcH43C3WFbkRONycyCpTJJvxu2i5GYkZljF.Yxwh6XG7WfS2vC4to6HiV6Yjlx.cph0gtNBtJ8P3URCSbB7rjxI5iEwVDmgaXZOGgkk5nVTW16HOQ5l0R" The ``body`` option takes the name or path of a local file for upload (do not use the file:// prefix). The minimum part size is 5 MB. Upload ID is returned by ``create-multipart-upload`` and can also be retrieved with ``list-multipart-uploads``. Bucket and key are specified when you create the multipart upload. diff --git a/awscli/examples/s3api/wait/bucket-exists.rst b/awscli/examples/s3api/wait/bucket-exists.rst index 35d0060386ad..b6c1d27fa7da 100755 --- a/awscli/examples/s3api/wait/bucket-exists.rst +++ b/awscli/examples/s3api/wait/bucket-exists.rst @@ -3,6 +3,6 @@ The following ``wait bucket-exists`` example pauses and continues only after it can confirm that the specified bucket exists. :: aws s3api wait bucket-exists \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket This command produces no output. diff --git a/awscli/examples/s3api/wait/bucket-not-exists.rst b/awscli/examples/s3api/wait/bucket-not-exists.rst index 941f9f02ff7f..ef975b1ea132 100755 --- a/awscli/examples/s3api/wait/bucket-not-exists.rst +++ b/awscli/examples/s3api/wait/bucket-not-exists.rst @@ -3,6 +3,6 @@ The following ``wait bucket-not-exists`` example pauses and continues only after it can confirm that the specified bucket doesn't exist. :: aws s3api wait bucket-not-exists \ - --bucket my-bucket + --bucket amzn-s3-demo-bucket This command produces no output. diff --git a/awscli/examples/s3api/wait/object-exists.rst b/awscli/examples/s3api/wait/object-exists.rst index 787f4f838d7e..ddef8f8ea625 100755 --- a/awscli/examples/s3api/wait/object-exists.rst +++ b/awscli/examples/s3api/wait/object-exists.rst @@ -3,7 +3,7 @@ The following ``wait object-not-exists`` example pauses and continues only after it can confirm that the specified object (``--key``) in the specified bucket exists. :: aws s3api wait object-exists \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key doc1.rtf This command produces no output. \ No newline at end of file diff --git a/awscli/examples/s3api/wait/object-not-exists.rst b/awscli/examples/s3api/wait/object-not-exists.rst index 416cb930d07e..a19df3e412c4 100755 --- a/awscli/examples/s3api/wait/object-not-exists.rst +++ b/awscli/examples/s3api/wait/object-not-exists.rst @@ -3,7 +3,7 @@ The following ``wait object-not-exists`` example pauses and continues only after it can confirm that the specified object (``--key``) in the specified bucket doesn't exist. :: aws s3api wait object-not-exists \ - --bucket my-bucket \ + --bucket amzn-s3-demo-bucket \ --key doc1.rtf This command produces no output. \ No newline at end of file diff --git a/awscli/examples/s3control/get-multi-region-access-point-routes.rst b/awscli/examples/s3control/get-multi-region-access-point-routes.rst index 20f6d0d7153d..d1853f1575b8 100644 --- a/awscli/examples/s3control/get-multi-region-access-point-routes.rst +++ b/awscli/examples/s3control/get-multi-region-access-point-routes.rst @@ -13,12 +13,12 @@ Output:: "Mrap": "arn:aws:s3::111122223333:accesspoint/0000000000000.mrap", "Routes": [ { - "Bucket": "DOC-EXAMPLE-BUCKET-1", + "Bucket": "amzn-s3-demo-bucket1", "Region": "ap-southeast-2", "TrafficDialPercentage": 100 }, { - "Bucket": "DOC-EXAMPLE-BUCKET-2", + "Bucket": "amzn-s3-demo-bucket2", "Region": "us-west-1", "TrafficDialPercentage": 0 } diff --git a/awscli/examples/s3control/submit-multi-region-access-point-routes.rst b/awscli/examples/s3control/submit-multi-region-access-point-routes.rst index 9ff33d7283a1..988cce5d40fe 100644 --- a/awscli/examples/s3control/submit-multi-region-access-point-routes.rst +++ b/awscli/examples/s3control/submit-multi-region-access-point-routes.rst @@ -1,11 +1,11 @@ **To update your Multi-Region Access Point routing configuration** -The following ``submit-multi-region-access-point-routes`` example updates the routing statuses of ``DOC-EXAMPLE-BUCKET-1`` and ``DOC-EXAMPLE-BUCKET-2`` in the ``ap-southeast-2`` Region for your Multi-Region Access Point. :: +The following ``submit-multi-region-access-point-routes`` example updates the routing statuses of ``amzn-s3-demo-bucket1`` and ``amzn-s3-demo-bucket2`` in the ``ap-southeast-2`` Region for your Multi-Region Access Point. :: aws s3control submit-multi-region-access-point-routes \ --region ap-southeast-2 \ --account-id 111122223333 \ --mrap MultiRegionAccessPoint_ARN \ - --route-updates Bucket=DOC-EXAMPLE-BUCKET-1,TrafficDialPercentage=100 Bucket=DOC-EXAMPLE-BUCKET-2,TrafficDialPercentage=0 + --route-updates Bucket=amzn-s3-demo-bucket1,TrafficDialPercentage=100 Bucket=amzn-s3-demo-bucket2,TrafficDialPercentage=0 This command produces no output. \ No newline at end of file diff --git a/awscli/examples/secretsmanager/batch-get-secret-value.rst b/awscli/examples/secretsmanager/batch-get-secret-value.rst new file mode 100644 index 000000000000..05ed420d21ef --- /dev/null +++ b/awscli/examples/secretsmanager/batch-get-secret-value.rst @@ -0,0 +1,94 @@ +**Example 1: To retrieve the secret value for a group of secrets listed by name** + +The following ``batch-get-secret-value`` example gets the secret value secrets for three secrets. :: + + aws secretsmanager batch-get-secret-value \ + --secret-id-list MySecret1 MySecret2 MySecret3 + +Output:: + + + { + "SecretValues": [ + { + "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret1-a1b2c3", + "Name": "MySecret1", + "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEaaaaa", + "SecretString": "{\"username\":\"diego_ramirez\",\"password\":\"EXAMPLE-PASSWORD\",\"engine\":\"mysql\",\"host\":\"secretsmanagertutorial.cluster.us-west-2.rds.amazonaws.com\",\"port\":3306,\"dbClusterIdentifier\":\"secretsmanagertutorial\"}", + "VersionStages": [ + "AWSCURRENT" + ], + "CreatedDate": "1523477145.729" + }, + { + "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret2-a1b2c3", + "Name": "MySecret2", + "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEbbbbb", + "SecretString": "{\"username\":\"akua_mansa\",\"password\":\"EXAMPLE-PASSWORD\"", + "VersionStages": [ + "AWSCURRENT" + ], + "CreatedDate": "1673477781.275" + }, + { + "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret3-a1b2c3", + "Name": "MySecret3", + "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEccccc", + "SecretString": "{\"username\":\"jie_liu\",\"password\":\"EXAMPLE-PASSWORD\"", + "VersionStages": [ + "AWSCURRENT" + ], + "CreatedDate": "1373477721.124" + } + ], + "Errors": [] + } + +For more information, see `Retrieve a group of secrets in a batch `__ in the *AWS Secrets Manager User Guide*. + +**Example 2: To retrieve the secret value for a group of secrets selected by filter** + +The following ``batch-get-secret-value`` example gets the secret value secrets in your account that have ``MySecret`` in the name. Filtering by name is case sensitive. :: + + aws secretsmanager batch-get-secret-value \ + --filters Key="name",Values="MySecret" + +Output:: + + { + "SecretValues": [ + { + "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret1-a1b2c3", + "Name": "MySecret1", + "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEaaaaa", + "SecretString": "{\"username\":\"diego_ramirez\",\"password\":\"EXAMPLE-PASSWORD\",\"engine\":\"mysql\",\"host\":\"secretsmanagertutorial.cluster.us-west-2.rds.amazonaws.com\",\"port\":3306,\"dbClusterIdentifier\":\"secretsmanagertutorial\"}", + "VersionStages": [ + "AWSCURRENT" + ], + "CreatedDate": "1523477145.729" + }, + { + "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret2-a1b2c3", + "Name": "MySecret2", + "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEbbbbb", + "SecretString": "{\"username\":\"akua_mansa\",\"password\":\"EXAMPLE-PASSWORD\"", + "VersionStages": [ + "AWSCURRENT" + ], + "CreatedDate": "1673477781.275" + }, + { + "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret3-a1b2c3", + "Name": "MySecret3", + "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLEccccc", + "SecretString": "{\"username\":\"jie_liu\",\"password\":\"EXAMPLE-PASSWORD\"", + "VersionStages": [ + "AWSCURRENT" + ], + "CreatedDate": "1373477721.124" + } + ], + "Errors": [] + } + +For more information, see `Retrieve a group of secrets in a batch `__ in the *AWS Secrets Manager User Guide*. \ No newline at end of file diff --git a/awscli/examples/secretsmanager/create-secret.rst b/awscli/examples/secretsmanager/create-secret.rst index 56465559a2cf..63447d9e32d6 100755 --- a/awscli/examples/secretsmanager/create-secret.rst +++ b/awscli/examples/secretsmanager/create-secret.rst @@ -1,23 +1,4 @@ -**Example 1: To create a secret** - -The following ``create-secret`` example creates a secret with two key-value pairs. :: - - aws secretsmanager create-secret \ - --name MyTestSecret \ - --description "My test secret created with the CLI." \ - --secret-string "{\"user\":\"diegor\",\"password\":\"EXAMPLE-PASSWORD\"}" - -Output:: - - { - "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestSecret-a1b2c3", - "Name": "MyTestSecret", - "VersionId": "EXAMPLE1-90ab-cdef-fedc-ba987EXAMPLE" - } - -For more information, see `Create a secret `__ in the *Secrets Manager User Guide*. - -**Example 2: To create a secret from credentials in a JSON file** +**Example 1: To create a secret from credentials in a JSON file** The following ``create-secret`` example creates a secret from credentials in a file. For more information, see `Loading AWS CLI parameters from a file `__ in the *AWS CLI User Guide*. :: @@ -44,4 +25,23 @@ Output:: "VersionId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" } +For more information, see `Create a secret `__ in the *Secrets Manager User Guide*. + +**Example 2: To create a secret** + +The following ``create-secret`` example creates a secret with two key-value pairs. When you enter commands in a command shell, there is a risk of the command history being accessed or utilities having access to your command parameters. This is a concern if the command includes the value of a secret. For more information, see `Mitigate the risks of using command-line tools to store secrets `__ in the *Secrets Manager User Guide*. :: + + aws secretsmanager create-secret \ + --name MyTestSecret \ + --description "My test secret created with the CLI." \ + --secret-string "{\"user\":\"diegor\",\"password\":\"EXAMPLE-PASSWORD\"}" + +Output:: + + { + "ARN": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestSecret-a1b2c3", + "Name": "MyTestSecret", + "VersionId": "EXAMPLE1-90ab-cdef-fedc-ba987EXAMPLE" + } + For more information, see `Create a secret `__ in the *Secrets Manager User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/batch-get-configuration-policy-associations.rst b/awscli/examples/securityhub/batch-get-configuration-policy-associations.rst new file mode 100644 index 000000000000..9ac66cdfb1de --- /dev/null +++ b/awscli/examples/securityhub/batch-get-configuration-policy-associations.rst @@ -0,0 +1,20 @@ +**To get configuration association details for a batch of targets** + +The following ``batch-get-configuration-policy-associations`` example retrieves association details for the specified targets. You can provide account IDs, organizational unit IDs, or the root ID for the target. :: + + aws securityhub batch-get-configuration-policy-associations \ + --target '{"OrganizationalUnitId": "ou-6hi7-8j91kl2m"}' + +Output:: + + { + "ConfigurationPolicyId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE33333", + "TargetId": "ou-6hi7-8j91kl2m", + "TargetType": "ORGANIZATIONAL_UNIT", + "AssociationType": "APPLIED", + "UpdatedAt": "2023-09-26T21:13:01.816000+00:00", + "AssociationStatus": "SUCCESS", + "AssociationStatusMessage": "Association applied successfully on this target." + } + +For more information, see `Viewing Security Hub configuration policies `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/batch-get-security-controls.rst b/awscli/examples/securityhub/batch-get-security-controls.rst index 742dd494b190..487d31c84964 100644 --- a/awscli/examples/securityhub/batch-get-security-controls.rst +++ b/awscli/examples/securityhub/batch-get-security-controls.rst @@ -1,31 +1,43 @@ -**To get control details** +**To get security control details** -The following ``batch-get-security-controls`` example gets details for Config.1 and IAM.1 in the current AWS account and AWS Region. :: +The following ``batch-get-security-controls`` example gets details for the security controls ACM.1 and IAM.1 in the current AWS account and AWS Region. :: aws securityhub batch-get-security-controls \ - --security-control-ids '["Config.1", "IAM.1"]' + --security-control-ids '["ACM.1", "IAM.1"]' Output:: { "SecurityControls": [ { - "SecurityControlId": "Config.1", - "SecurityControlArn": "arn:aws:securityhub:us-east-2:068873283051:security-control/Config.1", - "Title": "AWS Config should be enabled", - "Description": "This AWS control checks whether the Config service is enabled in the account for the local region and is recording all resources.", - "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/Config.1/remediation", + "SecurityControlId": "ACM.1", + "SecurityControlArn": "arn:aws:securityhub:us-east-2:123456789012:security-control/ACM.1", + "Title": "Imported and ACM-issued certificates should be renewed after a specified time period", + "Description": "This control checks whether an AWS Certificate Manager (ACM) certificate is renewed within the specified time period. It checks both imported certificates and certificates provided by ACM. The control fails if the certificate isn't renewed within the specified time period. Unless you provide a custom parameter value for the renewal period, Security Hub uses a default value of 30 days.", + "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/ACM.1/remediation", "SeverityRating": "MEDIUM", "SecurityControlStatus": "ENABLED" + "UpdateStatus": "READY", + "Parameters": { + "daysToExpiration": { + "ValueType": CUSTOM, + "Value": { + "Integer": 15 + } + } + }, + "LastUpdateReason": "Updated control parameter" }, { "SecurityControlId": "IAM.1", - "SecurityControlArn": "arn:aws:securityhub:us-east-2:068873283051:security-control/IAM.1", + "SecurityControlArn": "arn:aws:securityhub:us-east-2:123456789012:security-control/IAM.1", "Title": "IAM policies should not allow full \"*\" administrative privileges", "Description": "This AWS control checks whether the default version of AWS Identity and Access Management (IAM) policies (also known as customer managed policies) do not have administrator access with a statement that has \"Effect\": \"Allow\" with \"Action\": \"*\" over \"Resource\": \"*\". It only checks for the Customer Managed Policies that you created, but not inline and AWS Managed Policies.", "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/IAM.1/remediation", "SeverityRating": "HIGH", "SecurityControlStatus": "ENABLED" + "UpdateStatus": "READY", + "Parameters": {} } ] } diff --git a/awscli/examples/securityhub/create-configuration-policy.rst b/awscli/examples/securityhub/create-configuration-policy.rst new file mode 100644 index 000000000000..51583fe957a3 --- /dev/null +++ b/awscli/examples/securityhub/create-configuration-policy.rst @@ -0,0 +1,49 @@ +**To create a configuration policy** + +The following ``create-configuration-policy`` example creates a configuration policy with the specified settings. :: + + aws securityhub create-configuration-policy \ + --name "SampleConfigurationPolicy" \ + --description "SampleDescription" \ + --configuration-policy '{"SecurityHub": {"ServiceEnabled": true, "EnabledStandardIdentifiers": ["arn:aws:securityhub:eu-central-1::standards/aws-foundational-security-best-practices/v/1.0.0","arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"],"SecurityControlsConfiguration":{"DisabledSecurityControlIdentifiers": ["CloudTrail.2"], "SecurityControlCustomParameters": [{"SecurityControlId": "ACM.1", "Parameters": {"daysToExpiration": {"ValueType": "CUSTOM", "Value": {"Integer": 15}}}}]}}}' \ + --tags '{"Environment": "Prod"}' + +Output:: + + { + "Arn": "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "Id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "Name": "SampleConfigurationPolicy", + "Description": "SampleDescription", + "UpdatedAt": "2023-11-28T20:28:04.494000+00:00", + "CreatedAt": "2023-11-28T20:28:04.494000+00:00", + "ConfigurationPolicy": { + "SecurityHub": { + "ServiceEnabled": true, + "EnabledStandardIdentifiers": [ + "arn:aws:securityhub:eu-central-1::standards/aws-foundational-security-best-practices/v/1.0.0", + "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0" + ], + "SecurityControlsConfiguration": { + "DisabledSecurityControlIdentifiers": [ + "CloudTrail.2" + ], + "SecurityControlCustomParameters": [ + { + "SecurityControlId": "ACM.1", + "Parameters": { + "daysToExpiration": { + "ValueType": "CUSTOM", + "Value": { + "Integer": 15 + } + } + } + } + ] + } + } + } + } + +For more information, see `Creating and associating Security Hub configuration policies `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/delete-configuration-policy.rst b/awscli/examples/securityhub/delete-configuration-policy.rst new file mode 100644 index 000000000000..aa38d68a625e --- /dev/null +++ b/awscli/examples/securityhub/delete-configuration-policy.rst @@ -0,0 +1,10 @@ +**To delete a configuration policy** + +The following ``delete-configuration-policy`` example deletes the specified configuration policy. :: + + aws securityhub delete-configuration-policy \ + --identifier "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + +This command produces no output. + +For more information, see `Deleting and disassociating Security Hub configuration policies `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/describe-organization-configuration.rst b/awscli/examples/securityhub/describe-organization-configuration.rst index 8d688ebaed1b..23257b3d0279 100644 --- a/awscli/examples/securityhub/describe-organization-configuration.rst +++ b/awscli/examples/securityhub/describe-organization-configuration.rst @@ -1,14 +1,20 @@ -**To view information about an integration with AWS Organizations** +**To view how Security Hub is configured for an organization** -The following ``describe-organization-configuration`` example returns information about the integration with Organizations. :: +The following ``describe-organization-configuration`` example returns information about the way an organization is configured in Security Hub. In this example, the organization uses central configuration. Only the Security Hub administrator account can run this command. :: - aws securityhub describe-organization-configuration + aws securityhub describe-organization-configuration Output:: { - "autoEnable": true, - "memberAccountLimitReached": false + "AutoEnable": false, + "MemberAccountLimitReached": false, + "AutoEnableStandards": "NONE", + "OrganizationConfiguration": { + "ConfigurationType": "LOCAL", + "Status": "ENABLED", + "StatusMessage": "Central configuration has been enabled successfully" + } } -For more information, see `Managing accounts `__ in the *AWS Security Hub User Guide*. +For more information, see `Managing accounts with AWS Organizations `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/get-configuration-policy-association.rst b/awscli/examples/securityhub/get-configuration-policy-association.rst new file mode 100644 index 000000000000..8d8e1471f9ea --- /dev/null +++ b/awscli/examples/securityhub/get-configuration-policy-association.rst @@ -0,0 +1,20 @@ +**To get configuration association details for a target** + +The following ``get-configuration-policy-association`` example retrieves association details for the specified target. You can provide an account ID, organizational unit ID, or the root ID for the target. :: + + aws securityhub get-configuration-policy-association \ + --target '{"OrganizationalUnitId": "ou-6hi7-8j91kl2m"}' + +Output:: + + { + "ConfigurationPolicyId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE33333", + "TargetId": "ou-6hi7-8j91kl2m", + "TargetType": "ORGANIZATIONAL_UNIT", + "AssociationType": "APPLIED", + "UpdatedAt": "2023-09-26T21:13:01.816000+00:00", + "AssociationStatus": "SUCCESS", + "AssociationStatusMessage": "Association applied successfully on this target." + } + +For more information, see `Viewing Security Hub configuration policies `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/get-configuration-policy.rst b/awscli/examples/securityhub/get-configuration-policy.rst new file mode 100644 index 000000000000..3fe74d959fbb --- /dev/null +++ b/awscli/examples/securityhub/get-configuration-policy.rst @@ -0,0 +1,46 @@ +**To view configuration policy details** + +The following ``get-configuration-policy`` example retrieves details about the specified configuration policy. :: + + aws securityhub get-configuration-policy \ + --identifier "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + +Output:: + + { + "Arn": "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "Id": "ce5ed1e7-9639-4e2f-9313-fa87fcef944b", + "Name": "SampleConfigurationPolicy", + "Description": "SampleDescription", + "UpdatedAt": "2023-11-28T20:28:04.494000+00:00", + "CreatedAt": "2023-11-28T20:28:04.494000+00:00", + "ConfigurationPolicy": { + "SecurityHub": { + "ServiceEnabled": true, + "EnabledStandardIdentifiers": [ + "arn:aws:securityhub:eu-central-1::standards/aws-foundational-security-best-practices/v/1.0.0", + "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0" + ], + "SecurityControlsConfiguration": { + "DisabledSecurityControlIdentifiers": [ + "CloudTrail.2" + ], + "SecurityControlCustomParameters": [ + { + "SecurityControlId": "ACM.1", + "Parameters": { + "daysToExpiration": { + "ValueType": "CUSTOM", + "Value": { + "Integer": 15 + } + } + } + } + ] + } + } + } + } + +For more information, see `Viewing Security Hub configuration policies `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/get-security-control-definition.rst b/awscli/examples/securityhub/get-security-control-definition.rst new file mode 100644 index 000000000000..b13be4e2a893 --- /dev/null +++ b/awscli/examples/securityhub/get-security-control-definition.rst @@ -0,0 +1,33 @@ +**To get security control definition details** + +The following ``get-security-control-definition`` example retrieves definition details for a Security Hub security control. Details include the control title, description, Region availability, parameters, and other information. :: + + aws securityhub get-security-control-definition \ + --security-control-id ACM.1 + +Output:: + + { + "SecurityControlDefinition": { + "SecurityControlId": "ACM.1", + "Title": "Imported and ACM-issued certificates should be renewed after a specified time period", + "Description": "This control checks whether an AWS Certificate Manager (ACM) certificate is renewed within the specified time period. It checks both imported certificates and certificates provided by ACM. The control fails if the certificate isn't renewed within the specified time period. Unless you provide a custom parameter value for the renewal period, Security Hub uses a default value of 30 days.", + "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/ACM.1/remediation", + "SeverityRating": "MEDIUM", + "CurrentRegionAvailability": "AVAILABLE", + "ParameterDefinitions": { + "daysToExpiration": { + "Description": "Number of days within which the ACM certificate must be renewed", + "ConfigurationOptions": { + "Integer": { + "DefaultValue": 30, + "Min": 14, + "Max": 365 + } + } + } + } + } + } + +For more information, see `Custom control parameters `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/list-configuration-policies.rst b/awscli/examples/securityhub/list-configuration-policies.rst new file mode 100644 index 000000000000..462e6a429aa7 --- /dev/null +++ b/awscli/examples/securityhub/list-configuration-policies.rst @@ -0,0 +1,38 @@ +**To list configuration policy summaries** + +The following ``list-configuration-policies`` example lists a summary of configuration policies for the organization. :: + + aws securityhub list-configuration-policies \ + --max-items 3 + +Output:: + + { + "ConfigurationPolicySummaries": [ + { + "Arn": "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "Id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "Name": "SampleConfigurationPolicy1", + "Description": "SampleDescription1", + "UpdatedAt": "2023-09-26T21:08:36.214000+00:00", + "ServiceEnabled": true + }, + { + "Arn": "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222", + "Id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE22222", + "Name": "SampleConfigurationPolicy2", + "Description": "SampleDescription2" + "UpdatedAt": "2023-11-28T19:26:25.207000+00:00", + "ServiceEnabled": true + }, + { + "Arn": "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333", + "Id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE33333", + "Name": "SampleConfigurationPolicy3", + "Description": "SampleDescription3", + "UpdatedAt": "2023-11-28T20:28:04.494000+00:00", + "ServiceEnabled": true + } + } + +For more information, see `Viewing Security Hub configuration policies `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/list-configuration-policy-associations.rst b/awscli/examples/securityhub/list-configuration-policy-associations.rst new file mode 100644 index 000000000000..09f2f0bf21a8 --- /dev/null +++ b/awscli/examples/securityhub/list-configuration-policy-associations.rst @@ -0,0 +1,50 @@ +**To list configuration associations** + +The following ``list-configuration-policy-associations`` example lists a summary of configuration associations for the organization. The response include associations with configuration policies and self-managed behavior. :: + + aws securityhub list-configuration-policy-associations \ + --filters '{"AssociationType": "APPLIED"}' \ + --max-items 4 + +Output:: + + { + "ConfigurationPolicyAssociationSummaries": [ + { + "ConfigurationPolicyId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "TargetId": "r-1ab2", + "TargetType": "ROOT", + "AssociationType": "APPLIED", + "UpdatedAt": "2023-11-28T19:26:49.417000+00:00", + "AssociationStatus": "FAILED", + "AssociationStatusMessage": "Policy association failed because 2 organizational units or accounts under this root failed." + }, + { + "ConfigurationPolicyId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE22222", + "TargetId": "ou-1ab2-c3de4f5g", + "TargetType": "ORGANIZATIONAL_UNIT", + "AssociationType": "APPLIED", + "UpdatedAt": "2023-09-26T21:14:05.283000+00:00", + "AssociationStatus": "FAILED", + "AssociationStatusMessage": "One or more children under this target failed association." + }, + { + "ConfigurationPolicyId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE33333", + "TargetId": "ou-6hi7-8j91kl2m", + "TargetType": "ORGANIZATIONAL_UNIT", + "AssociationType": "APPLIED", + "UpdatedAt": "2023-09-26T21:13:01.816000+00:00", + "AssociationStatus": "SUCCESS", + "AssociationStatusMessage": "Association applied successfully on this target." + }, + { + "ConfigurationPolicyId": "SELF_MANAGED_SECURITY_HUB", + "TargetId": "111122223333", + "TargetType": "ACCOUNT", + "AssociationType": "APPLIED", + "UpdatedAt": "2023-11-28T22:01:26.409000+00:00", + "AssociationStatus": "SUCCESS" + } + } + +For more information, see `Viewing configuration policy status and details `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/list-security-control-definitions.rst b/awscli/examples/securityhub/list-security-control-definitions.rst index 7f8cb0fb4444..b6e10794b1da 100644 --- a/awscli/examples/securityhub/list-security-control-definitions.rst +++ b/awscli/examples/securityhub/list-security-control-definitions.rst @@ -1,4 +1,4 @@ -**Example 1: To list available security controls** +**Example 1: To list all available security controls** The following ``list-security-control-definitions`` example lists the available security controls across all Security Hub standards. This example limits the results to three controls. :: @@ -12,10 +12,13 @@ Output:: { "SecurityControlId": "ACM.1", "Title": "Imported and ACM-issued certificates should be renewed after a specified time period", - "Description": "This AWS control checks whether ACM Certificates in your account are marked for expiration within a specified time period. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import.", + "Description": "This control checks whether an AWS Certificate Manager (ACM) certificate is renewed within the specified time period. It checks both imported certificates and certificates provided by ACM. The control fails if the certificate isn't renewed within the specified time period. Unless you provide a custom parameter value for the renewal period, Security Hub uses a default value of 30 days.", "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/ACM.1/remediation", "SeverityRating": "MEDIUM", - "CurrentRegionAvailability": "AVAILABLE" + "CurrentRegionAvailability": "AVAILABLE", + "CustomizableProperties": [ + "Parameters" + ] }, { "SecurityControlId": "ACM.2", @@ -23,15 +26,19 @@ Output:: "Description": "This control checks whether RSA certificates managed by AWS Certificate Manager use a key length of at least 2,048 bits. The control fails if the key length is smaller than 2,048 bits.", "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/ACM.2/remediation", "SeverityRating": "HIGH", - "CurrentRegionAvailability": "AVAILABLE" + "CurrentRegionAvailability": "AVAILABLE", + "CustomizableProperties": [] }, { "SecurityControlId": "APIGateway.1", "Title": "API Gateway REST and WebSocket API execution logging should be enabled", - "Description": "This control checks whether all stages of Amazon API Gateway REST and WebSocket APIs have logging enabled. The control fails if logging is not enabled for all methods of a stage or if loggingLevel is neither ERROR nor INFO.", + "Description": "This control checks whether all stages of an Amazon API Gateway REST or WebSocket API have logging enabled. The control fails if the 'loggingLevel' isn't 'ERROR' or 'INFO' for all stages of the API. Unless you provide custom parameter values to indicate that a specific log type should be enabled, Security Hub produces a passed finding if the logging level is either 'ERROR' or 'INFO'.", "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/APIGateway.1/remediation", "SeverityRating": "MEDIUM", - "CurrentRegionAvailability": "AVAILABLE" + "CurrentRegionAvailability": "AVAILABLE", + "CustomizableProperties": [ + "Parameters" + ] } ], "NextToken": "U2FsdGVkX1/UprCPzxVbkDeHikDXbDxfgJZ1w2RG1XWsFPTMTIQPVE0m/FduIGxS7ObRtAbaUt/8/RCQcg2PU0YXI20hH/GrhoOTgv+TSm0qvQVFhkJepWmqh+NYawjocVBeos6xzn/8qnbF9IuwGg==" @@ -57,7 +64,8 @@ Output:: "Description": "This AWS control checks that there is at least one multi-region AWS CloudTrail trail includes read and write management events.", "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/CloudTrail.1/remediation", "SeverityRating": "HIGH", - "CurrentRegionAvailability": "AVAILABLE" + "CurrentRegionAvailability": "AVAILABLE", + "CustomizableProperties": [] }, { "SecurityControlId": "CloudTrail.2", @@ -65,7 +73,8 @@ Output:: "Description": "This AWS control checks whether AWS CloudTrail is configured to use the server side encryption (SSE) AWS Key Management Service (AWS KMS) customer master key (CMK) encryption. The check will pass if the KmsKeyId is defined.", "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/CloudTrail.2/remediation", "SeverityRating": "MEDIUM", - "CurrentRegionAvailability": "AVAILABLE" + "CurrentRegionAvailability": "AVAILABLE", + "CustomizableProperties": [] }, { "SecurityControlId": "CloudTrail.4", @@ -73,7 +82,8 @@ Output:: "Description": "This AWS control checks whether CloudTrail log file validation is enabled.", "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/CloudTrail.4/remediation", "SeverityRating": "MEDIUM", - "CurrentRegionAvailability": "AVAILABLE" + "CurrentRegionAvailability": "AVAILABLE", + "CustomizableProperties": [] } ], "NextToken": "eyJOZXh0VG9rZW4iOiBudWxsLCAiYm90b190cnVuY2F0ZV9hbW91bnQiOiAzfQ==" diff --git a/awscli/examples/securityhub/start-configuration-policy-association.rst b/awscli/examples/securityhub/start-configuration-policy-association.rst new file mode 100644 index 000000000000..316c7fbde931 --- /dev/null +++ b/awscli/examples/securityhub/start-configuration-policy-association.rst @@ -0,0 +1,41 @@ +**Example 1: To associate a configuration policy** + +The following ``start-configuration-policy-association`` example associates the specified configuration policy with the specified organizational unit. A configuration may be associated with a target account, organizational unit, or the root. :: + + aws securityhub start-configuration-policy-association \ + --configuration-policy-identifier "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333" \ + --target '{"OrganizationalUnitId": "ou-6hi7-8j91kl2m"}' + +Output:: + + { + "ConfigurationPolicyId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE33333", + "TargetId": "ou-6hi7-8j91kl2m", + "TargetType": "ORGANIZATIONAL_UNIT", + "AssociationType": "APPLIED", + "UpdatedAt": "2023-11-29T17:40:52.468000+00:00", + "AssociationStatus": "PENDING" + } + +For more information, see `Creating and associating Security Hub configuration policies `__ in the *AWS Security Hub User Guide*. + +**Example 2: To associate a self-managed configuration** + +The following ``start-configuration-policy-association`` example associates a self-managed configuration with the specified account. :: + + aws securityhub start-configuration-policy-association \ + --configuration-policy-identifier "SELF_MANAGED_SECURITY_HUB" \ + --target '{"OrganizationalUnitId": "123456789012"}' + +Output:: + + { + "ConfigurationPolicyId": "SELF_MANAGED_SECURITY_HUB", + "TargetId": "123456789012", + "TargetType": "ACCOUNT", + "AssociationType": "APPLIED", + "UpdatedAt": "2023-11-29T17:40:52.468000+00:00", + "AssociationStatus": "PENDING" + } + +For more information, see `Creating and associating Security Hub configuration policies `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/start-configuration-policy-disassociation.rst b/awscli/examples/securityhub/start-configuration-policy-disassociation.rst new file mode 100644 index 000000000000..9a0ca613c30c --- /dev/null +++ b/awscli/examples/securityhub/start-configuration-policy-disassociation.rst @@ -0,0 +1,23 @@ +**Example 1: To disassociate a configuration policy** + +The following ``start-configuration-policy-disassociation`` example disassociates a configuration policy from the specified organizational unit. A configuration may be disassociated from a target account, organizational unit, or the root. :: + + aws securityhub start-configuration-policy-disassociation \ + --configuration-policy-identifier "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333" \ + --target '{"OrganizationalUnitId": "ou-6hi7-8j91kl2m"}' + +This command produces no output. + +For more information, see `Disassociating a configuration from accounts and OUs `__ in the *AWS Security Hub User Guide*. + +**Example 2: To disassociate a self-managed configuration** + +The following ``start-configuration-policy-disassociation`` example disassociates a self-managed configuration from the specified account. :: + + aws securityhub start-configuration-policy-disassociation \ + --configuration-policy-identifier "SELF_MANAGED_SECURITY_HUB" \ + --target '{"AccountId": "123456789012"}' + +This command produces no output. + +For more information, see `Disassociating a configuration from accounts and OUs `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/update-configuration-policy.rst b/awscli/examples/securityhub/update-configuration-policy.rst new file mode 100644 index 000000000000..5987d3f9fcc9 --- /dev/null +++ b/awscli/examples/securityhub/update-configuration-policy.rst @@ -0,0 +1,50 @@ +**To update a configuration policy** + +The following ``update-configuration-policy`` example updates an existing configuration policy to use the specified settings. :: + + aws securityhub update-configuration-policy \ + --identifier "arn:aws:securityhub:eu-central-1:508236694226:configuration-policy/09f37766-57d8-4ede-9d33-5d8b0fecf70e" \ + --name "SampleConfigurationPolicyUpdated" \ + --description "SampleDescriptionUpdated" \ + --configuration-policy '{"SecurityHub": {"ServiceEnabled": true, "EnabledStandardIdentifiers": ["arn:aws:securityhub:eu-central-1::standards/aws-foundational-security-best-practices/v/1.0.0","arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"],"SecurityControlsConfiguration":{"DisabledSecurityControlIdentifiers": ["CloudWatch.1"], "SecurityControlCustomParameters": [{"SecurityControlId": "ACM.1", "Parameters": {"daysToExpiration": {"ValueType": "CUSTOM", "Value": {"Integer": 21}}}}]}}}' \ + --updated-reason "Disabling CloudWatch.1 and changing parameter value" + +Output:: + + { + "Arn": "arn:aws:securityhub:eu-central-1:123456789012:configuration-policy/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "Id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "Name": "SampleConfigurationPolicyUpdated", + "Description": "SampleDescriptionUpdated", + "UpdatedAt": "2023-11-28T20:28:04.494000+00:00", + "CreatedAt": "2023-11-28T20:28:04.494000+00:00", + "ConfigurationPolicy": { + "SecurityHub": { + "ServiceEnabled": true, + "EnabledStandardIdentifiers": [ + "arn:aws:securityhub:eu-central-1::standards/aws-foundational-security-best-practices/v/1.0.0", + "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0" + ], + "SecurityControlsConfiguration": { + "DisabledSecurityControlIdentifiers": [ + "CloudWatch.1" + ], + "SecurityControlCustomParameters": [ + { + "SecurityControlId": "ACM.1", + "Parameters": { + "daysToExpiration": { + "ValueType": "CUSTOM", + "Value": { + "Integer": 21 + } + } + } + } + ] + } + } + } + } + +For more information, see `Updating Security Hub configuration policies `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/update-organization-configuration.rst b/awscli/examples/securityhub/update-organization-configuration.rst index f40f6080bb3f..a66822ea2998 100644 --- a/awscli/examples/securityhub/update-organization-configuration.rst +++ b/awscli/examples/securityhub/update-organization-configuration.rst @@ -1,10 +1,11 @@ -**To configure Security Hub to automatically enable new organization accounts** +**To update how Security Hub is configured for an organization** -The following ``update-organization-configuration`` example configures Security Hub to automatically enable new accounts in an organization. :: +The following ``update-organization-configuration`` example specifies that Security Hub should use central configuration to configure an organization. After running this command, the delegated Security Hub administrator can create and manage configuration policies to configure the organization. The delegated administrator can also use this command to switch from central to local configuration. If local configuration is the configuration type, the delegated administrator can choose whether to automatically enable Security Hub and default security standards in new organization accounts. :: aws securityhub update-organization-configuration \ - --auto-enable + --no-auto-enable \ + --organization-configuration '{"ConfigurationType": "CENTRAL"}' This command produces no output. -For more information, see `Automatically enabling new organization accounts `__ in the *AWS Security Hub User Guide*. +For more information, see `Managing accounts with AWS Organizations `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securityhub/update-security-control.rst b/awscli/examples/securityhub/update-security-control.rst new file mode 100644 index 000000000000..66eecffd9cd1 --- /dev/null +++ b/awscli/examples/securityhub/update-security-control.rst @@ -0,0 +1,12 @@ +**To update security control properties** + +The following ``update-security-control`` example specifies custom values for a Security Hub security control parameter. :: + + aws securityhub update-security-control \ + --security-control-id ACM.1 \ + --parameters '{"daysToExpiration": {"ValueType": "CUSTOM", "Value": {"Integer": 15}}}' \ + --last-update-reason "Internal compliance requirement" + +This command produces no output. + +For more information, see `Custom control parameters `__ in the *AWS Security Hub User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/create-aws-log-source.rst b/awscli/examples/securitylake/create-aws-log-source.rst new file mode 100644 index 000000000000..5bf14da2ec88 --- /dev/null +++ b/awscli/examples/securitylake/create-aws-log-source.rst @@ -0,0 +1,16 @@ +**To add a natively supported Amazon Web Service as an Amazon Security Lake source** + +The following ``create-aws-logsource`` example adds VPC Flow Logs as a Security Lake source in the designated accounts and Regions. :: + + aws securitylake create-aws-log-source \ + --sources '[{"regions": ["us-east-1"], "accounts": ["123456789012"], "sourceName": "SH_FINDINGS", "sourceVersion": "2.0"}]' + +Output:: + + { + "failed": [ + "123456789012" + ] + } + +For more information, see `Adding an AWS service as a source `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/create-custom-log-source.rst b/awscli/examples/securitylake/create-custom-log-source.rst new file mode 100644 index 000000000000..ef1f01241c78 --- /dev/null +++ b/awscli/examples/securitylake/create-custom-log-source.rst @@ -0,0 +1,28 @@ +**To add a custom source as an Amazon Security Lake source** + +The following ``create-custom-logsource`` example adds a custom source as a Security Lake source in the designated log provider account and the designated Region. :: + + aws securitylake create-custom-log-source \ + --source-name "VPC_FLOW" \ + --event-classes '["DNS_ACTIVITY", "NETWORK_ACTIVITY"]' \ + --configuration '{"crawlerConfiguration": {"roleArn": "arn:aws:glue:eu-west-2:123456789012:crawler/E1WG1ZNPRXT0D4"},"providerIdentity": {"principal": "029189416600","externalId": "123456789012"}}' --region "us-east-1" + +Output:: + + { + "customLogSource": { + "attributes": { + "crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/E1WG1ZNPRXT0D4", + "databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/E1WG1ZNPRXT0D4", + "tableArn": "arn:aws:glue:eu-west-2:123456789012:table/E1WG1ZNPRXT0D4" + }, + "provider": { + "location": "amzn-s3-demo-bucket--usw2-az1--x-s3", + "roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-Provider-testCustom2-eu-west-2" + }, + "sourceName": "testCustom2" + "sourceVersion": "2.0" + } + } + +For more information, see `Adding a custom source `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/create-data-lake-exception-subscription.rst b/awscli/examples/securitylake/create-data-lake-exception-subscription.rst new file mode 100644 index 000000000000..a08894ade3a0 --- /dev/null +++ b/awscli/examples/securitylake/create-data-lake-exception-subscription.rst @@ -0,0 +1,12 @@ +**To send notifications of Security Lake exceptions** + +The following ``create-data-lake-exception-subscription`` example sends notifications of Security Lake exceptions to the specified account through SMS delivery. The exception message remains for the specified time period. :: + + aws securitylake create-data-lake-exception-subscription \ + --notification-endpoint "123456789012" \ + --exception-time-to-live 30 \ + --subscription-protocol "sms" + +This command produces no output. + +For more information, see `Troubleshooting Amazon Security Lake `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/create-data-lake-organization-configuration.rst b/awscli/examples/securitylake/create-data-lake-organization-configuration.rst new file mode 100644 index 000000000000..cc1629bb9fc5 --- /dev/null +++ b/awscli/examples/securitylake/create-data-lake-organization-configuration.rst @@ -0,0 +1,10 @@ +**To configure Security Lake in new organization accounts** + +The following ``create-data-lake-organization-configuration`` example enables Security Lake and the collection of the specified source events and logs in new organization accounts. :: + + aws securitylake create-data-lake-organization-configuration \ + --auto-enable-new-account '[{"region":"us-east-1","sources":[{"sourceName":"SH_FINDINGS","sourceVersion": "1.0"}]}]' + +This command produces no output. + +For more information, see `Managing multiple accounts with AWS Organizations `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/create-data-lake.rst b/awscli/examples/securitylake/create-data-lake.rst new file mode 100644 index 000000000000..27e18643e3c1 --- /dev/null +++ b/awscli/examples/securitylake/create-data-lake.rst @@ -0,0 +1,126 @@ +**Example 1: To configure your data lake in multiple Regions** + +The following ``create-data-lake`` example enables Amazon Security Lake in multiple AWS Regions and configures your data lake. :: + + aws securitylake create-data-lake \ + --configurations '[{"encryptionConfiguration": {"kmsKeyId":"S3_MANAGED_KEY"},"region":"us-east-1","lifecycleConfiguration": {"expiration":{"days":365},"transitions":[{"days":60,"storageClass":"ONEZONE_IA"}]}}, {"encryptionConfiguration": {"kmsKeyId":"S3_MANAGED_KEY"},"region":"us-east-2","lifecycleConfiguration": {"expiration":{"days":365},"transitions":[{"days":60,"storageClass":"ONEZONE_IA"}]}}]' \ + --meta-store-manager-role-arn "arn:aws:iam:us-east-1:123456789012:role/service-role/AmazonSecurityLakeMetaStoreManager" + +Output:: + + { + "dataLakes": [ + { + "createStatus": "COMPLETED", + "dataLakeArn": "arn:aws:securitylake:us-east-1:522481757177:data-lake/default", + "encryptionConfiguration": { + "kmsKeyId": "S3_MANAGED_KEY" + }, + "lifecycleConfiguration": { + "expiration": { + "days": 365 + }, + "transitions": [ + { + "days": 60, + "storageClass": "ONEZONE_IA" + } + ] + }, + "region": "us-east-1", + "replicationConfiguration": { + "regions": [ + "ap-northeast-3" + ], + "roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default" + }, + "s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-1-gnevt6s8z7bzby8oi3uiaysbr8v2ml", + "updateStatus": { + "exception": {}, + "requestId": "f20a6450-d24a-4f87-a6be-1d4c075a59c2", + "status": "INITIALIZED" + } + }, + { + "createStatus": "COMPLETED", + "dataLakeArn": "arn:aws:securitylake:us-east-2:522481757177:data-lake/default", + "encryptionConfiguration": { + "kmsKeyId": "S3_MANAGED_KEY" + }, + "lifecycleConfiguration": { + "expiration": { + "days": 365 + }, + "transitions": [ + { + "days": 60, + "storageClass": "ONEZONE_IA" + } + ] + }, + "region": "us-east-2", + "replicationConfiguration": { + "regions": [ + "ap-northeast-3" + ], + "roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default" + }, + "s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-2-cehuifzl5rwmhm6m62h7zhvtseogr9", + "updateStatus": { + "exception": {}, + "requestId": "f20a6450-d24a-4f87-a6be-1d4c075a59c2", + "status": "INITIALIZED" + } + } + ] + } + +For more information, see `Getting started with Amazon Security Lake `__ in the *Amazon Security Lake User Guide*. + +**Example 2: To configure your data lake in a single Region** + +The following ``create-data-lake`` example enables Amazon Security Lake in a single AWS Region and configures your data lake. :: + + aws securitylake create-data-lake \ + --configurations '[{"encryptionConfiguration": {"kmsKeyId":"1234abcd-12ab-34cd-56ef-1234567890ab"},"region":"us-east-2","lifecycleConfiguration": {"expiration":{"days":500},"transitions":[{"days":30,"storageClass":"GLACIER"}]}}]' \ + --meta-store-manager-role-arn "arn:aws:iam:us-east-1:123456789012:role/service-role/AmazonSecurityLakeMetaStoreManager" + +Output:: + + { + "dataLakes": [ + { + "createStatus": "COMPLETED", + "dataLakeArn": "arn:aws:securitylake:us-east-2:522481757177:data-lake/default", + "encryptionConfiguration": { + "kmsKeyId": "1234abcd-12ab-34cd-56ef-1234567890ab" + }, + "lifecycleConfiguration": { + "expiration": { + "days": 500 + }, + "transitions": [ + { + "days": 30, + "storageClass": "GLACIER" + } + ] + }, + "region": "us-east-2", + "replicationConfiguration": { + "regions": [ + "ap-northeast-3" + ], + "roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default" + }, + "s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-2-cehuifzl5rwmhm6m62h7zhvtseogr9", + "updateStatus": { + "exception": {}, + "requestId": "77702a53-dcbf-493e-b8ef-518e362f3003", + "status": "INITIALIZED" + } + } + ] + } + +For more information, see `Getting started with Amazon Security Lake `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/create-subscriber-notification.rst b/awscli/examples/securitylake/create-subscriber-notification.rst new file mode 100644 index 000000000000..bdb701b9f9d2 --- /dev/null +++ b/awscli/examples/securitylake/create-subscriber-notification.rst @@ -0,0 +1,17 @@ +**To create a subscriber notification** + +The following ``create-subscriber-notification`` example shows how to specify subscriber notification to create a notification when new data is written to the data lake. :: + + aws securitylake create-subscriber-notification \ + --subscriber-id "12345ab8-1a34-1c34-1bd4-12345ab9012" \ + --configuration '{"httpsNotificationConfiguration": {"targetRoleArn":"arn:aws:iam::XXX:role/service-role/RoleName", "endpoint":"https://account-management.$3.$2.securitylake.aws.dev/v1/datalake"}}' + +Output:: + + { + "subscriberEndpoint": [ + "https://account-management.$3.$2.securitylake.aws.dev/v1/datalake" + ] + } + +For more information, see `Subscriber management `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/create-subscriber.rst b/awscli/examples/securitylake/create-subscriber.rst new file mode 100644 index 000000000000..516f0611ec59 --- /dev/null +++ b/awscli/examples/securitylake/create-subscriber.rst @@ -0,0 +1,83 @@ +**Example 1: To create a subscriber with data access** + +The following ``create-subscriber`` example creates a subscriber in Security Lake with access to data in the current AWS Region for the specified subscriber identity for an AWS source. :: + + aws securitylake create-subscriber \ + --access-types "S3" \ + --sources '[{"awsLogSource": {"sourceName": "VPC_FLOW","sourceVersion": "2.0"}}]' \ + --subscriber-name 'opensearch-s3' \ + --subscriber-identity '{"principal": "029189416600","externalId": "123456789012"}' + +Output:: + + { + "subscriber": { + "accessTypes": [ + "S3" + ], + "createdAt": "2024-07-17T19:08:26.787000+00:00", + "roleArn": "arn:aws:iam::773172568199:role/AmazonSecurityLake-896f218b-cfba-40be-a255-8b49a65d0407", + "s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-1-um632ufwpvxkyz0bc5hkb64atycnf3", + "sources": [ + { + "awsLogSource": { + "sourceName": "VPC_FLOW", + "sourceVersion": "2.0" + } + } + ], + "subscriberArn": "arn:aws:securitylake:us-east-1:773172568199:subscriber/896f218b-cfba-40be-a255-8b49a65d0407", + "subscriberId": "896f218b-cfba-40be-a255-8b49a65d0407", + "subscriberIdentity": { + "externalId": "123456789012", + "principal": "029189416600" + }, + "subscriberName": "opensearch-s3", + "subscriberStatus": "ACTIVE", + "updatedAt": "2024-07-17T19:08:27.133000+00:00" + } + } + +For more information, see `Creating a subscriber with data access `__ in the *Amazon Security Lake User Guide*. + +**Example 2: To create a subscriber with query access** + +The following ``create-subscriber`` example creates a subscriber in Security Lake with query access in the current AWS Region for the specified subscriber identity. :: + + aws securitylake create-subscriber \ + --access-types "LAKEFORMATION" \ + --sources '[{"awsLogSource": {"sourceName": "VPC_FLOW","sourceVersion": "2.0"}}]' \ + --subscriber-name 'opensearch-s3' \ + --subscriber-identity '{"principal": "029189416600","externalId": "123456789012"}' + +Output:: + + { + "subscriber": { + "accessTypes": [ + "LAKEFORMATION" + ], + "createdAt": "2024-07-18T01:05:55.853000+00:00", + "resourceShareArn": "arn:aws:ram:us-east-1:123456789012:resource-share/8c31da49-c224-4f1e-bb12-37ab756d6d8a", + "resourceShareName": "LakeFormation-V2-NAMENAMENA-123456789012", + "sources": [ + { + "awsLogSource": { + "sourceName": "VPC_FLOW", + "sourceVersion": "2.0" + } + } + ], + "subscriberArn": "arn:aws:securitylake:us-east-1:123456789012:subscriber/e762aabb-ce3d-4585-beab-63474597845d", + "subscriberId": "e762aabb-ce3d-4585-beab-63474597845d", + "subscriberIdentity": { + "externalId": "123456789012", + "principal": "029189416600" + }, + "subscriberName": "opensearch-s3", + "subscriberStatus": "ACTIVE", + "updatedAt": "2024-07-18T01:05:58.393000+00:00" + } + } + +For more information, see `Creating a subscriber with query access `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/delete-aws-log-source.rst b/awscli/examples/securitylake/delete-aws-log-source.rst new file mode 100644 index 000000000000..5d99d761d0c3 --- /dev/null +++ b/awscli/examples/securitylake/delete-aws-log-source.rst @@ -0,0 +1,16 @@ +**To remove a natively-supported AWS service.** + +The following ``delete-aws-logsource`` example deletes VPC Flow Logs as a Security Lake source in the designated accounts and Regions. :: + + aws securitylake delete-aws-log-source \ + --sources '[{"regions": ["us-east-1"], "accounts": ["123456789012"], "sourceName": "SH_FINDINGS", "sourceVersion": "2.0"}]' + +Output:: + + { + "failed": [ + "123456789012" + ] + } + +For more information, see `Removing an AWS service as a source `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/delete-custom-log-source.rst b/awscli/examples/securitylake/delete-custom-log-source.rst new file mode 100644 index 000000000000..41aeb46b9ad0 --- /dev/null +++ b/awscli/examples/securitylake/delete-custom-log-source.rst @@ -0,0 +1,10 @@ +**To remove a custom source.** + +The following ``delete-custom-logsource`` example deletes a custom source in the designated log provider account in the designated Region. :: + + aws securitylake delete-custom-log-source \ + --source-name "CustomSourceName" + +This command produces no output. + +For more information, see `Deleting a custom source `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/delete-data-lake-organization-configuration.rst b/awscli/examples/securitylake/delete-data-lake-organization-configuration.rst new file mode 100644 index 000000000000..9118049d528c --- /dev/null +++ b/awscli/examples/securitylake/delete-data-lake-organization-configuration.rst @@ -0,0 +1,10 @@ +**To stop automatic source collection in member accounts** + +The following ``delete-data-lake-organization-configuration`` example stops the automatic collection of AWS Security Hub findings from new member accounts that join the organization. Only the delegated Security Lake administrator can run this command. It prevents new member accounts from automatically contributing data to the data lake. :: + + aws securitylake delete-data-lake-organization-configuration \ + --auto-enable-new-account '[{"region":"us-east-1","sources":[{"sourceName":"SH_FINDINGS"}]}]' + +This command produces no output. + +For more information, see `Managing multiple accounts with AWS Organizations `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/delete-data-lake.rst b/awscli/examples/securitylake/delete-data-lake.rst new file mode 100644 index 000000000000..e8d3a6baef18 --- /dev/null +++ b/awscli/examples/securitylake/delete-data-lake.rst @@ -0,0 +1,10 @@ +**To disable your data lake** + +The following ``delete-data-lake`` example disables your data lake in the specified AWS Regions. In the specified Regions, sources no longer contribute data to the data lake. For a Security Lake deployment utilizing AWS Organizations, only the delegated Security Lake administrator for the organization can disable Security Lake for accounts in the organization. :: + + aws securitylake delete-data-lake \ + --regions "ap-northeast-1" "eu-central-1" + +This command produces no output. + +For more information, see `Disabling Amazon Security Lake `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/delete-subscriber-notification.rst b/awscli/examples/securitylake/delete-subscriber-notification.rst new file mode 100644 index 000000000000..dd98ca339058 --- /dev/null +++ b/awscli/examples/securitylake/delete-subscriber-notification.rst @@ -0,0 +1,10 @@ +**To delete a subscriber notification** + +The following ``delete-subscriber-notification`` example shows how to delete the subscriber notification for specific Security Lake subscriber. :: + + aws securitylake delete-subscriber-notification \ + --subscriber-id "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + +This command produces no output. + +For more information, see `Subscriber management `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/delete-subscriber.rst b/awscli/examples/securitylake/delete-subscriber.rst new file mode 100644 index 000000000000..d5839d72ae93 --- /dev/null +++ b/awscli/examples/securitylake/delete-subscriber.rst @@ -0,0 +1,10 @@ +**To delete a subscriber** + +The following ``delete-subscriber`` example shows how to remove a subscriber if you no longer want a subscriber to consume data from Security Lake. :: + + aws securitylake delete-subscriber \ + --subscriber-id "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111" + +This command produces no output. + +For more information, see `Subscriber management `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/get-data-lake-exception-subscription.rst b/awscli/examples/securitylake/get-data-lake-exception-subscription.rst new file mode 100644 index 000000000000..4835bae5ba48 --- /dev/null +++ b/awscli/examples/securitylake/get-data-lake-exception-subscription.rst @@ -0,0 +1,15 @@ +**To get details about an exception subscription** + +The following ``get-data-lake-exception-subscription`` example provides details about a Security Lake exception subscription. In this example, the user of the specified AWS account is notified of errors through SMS delivery. The exception message remains in the account for the specified time period. An exception subscription notifies a Security Lake user about an error through the requester's preferred protocol. :: + + aws securitylake get-data-lake-exception-subscription + +Output:: + + { + "exceptionTimeToLive": 30, + "notificationEndpoint": "123456789012", + "subscriptionProtocol": "sms" + } + +For more information, see `Troubleshooting data lake status `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/get-data-lake-organization-configuration.rst b/awscli/examples/securitylake/get-data-lake-organization-configuration.rst new file mode 100644 index 000000000000..3e9d9029fb98 --- /dev/null +++ b/awscli/examples/securitylake/get-data-lake-organization-configuration.rst @@ -0,0 +1,31 @@ +**To get details about the configuration for new organization accounts** + +The following ``get-data-lake-organization-configuration`` example retrieves details about the source logs that new organization accounts will send after onboarding to Amazon Security Lake. :: + + aws securitylake get-data-lake-organization-configuration + +Output:: + + { + "autoEnableNewAccount": [ + { + "region": "us-east-1", + "sources": [ + { + "sourceName": "VPC_FLOW", + "sourceVersion": "1.0" + }, + { + "sourceName": "ROUTE53", + "sourceVersion": "1.0" + }, + { + "sourceName": "SH_FINDINGS", + "sourceVersion": "1.0" + } + ] + } + ] + } + +For more information, see `Managing multiple accounts with AWS Organizations `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/get-data-lake-sources.rst b/awscli/examples/securitylake/get-data-lake-sources.rst new file mode 100644 index 000000000000..9054de8a432a --- /dev/null +++ b/awscli/examples/securitylake/get-data-lake-sources.rst @@ -0,0 +1,66 @@ +**To get the status of log collection** + +The following ``get-data-lake-sources`` example gets a snapshot of log collection for the specified account in the current AWS Region. The account has Amazon Security Lake enabled. :: + + aws securitylake get-data-lake-sources \ + --accounts "123456789012" + +Output:: + + { + "dataLakeSources": [ + { + "account": "123456789012", + "sourceName": "SH_FINDINGS", + "sourceStatuses": [ + { + "resource": "vpc-1234567890abcdef0", + "status": "COLLECTING" + } + ] + }, + { + "account": "123456789012", + "sourceName": "VPC_FLOW", + "sourceStatuses": [ + { + "resource": "vpc-1234567890abcdef0", + "status": "NOT_COLLECTING" + } + ] + }, + { + "account": "123456789012", + "sourceName": "LAMBDA_EXECUTION", + "sourceStatuses": [ + { + "resource": "vpc-1234567890abcdef0", + "status": "COLLECTING" + } + ] + }, + { + "account": "123456789012", + "sourceName": "ROUTE53", + "sourceStatuses": [ + { + "resource": "vpc-1234567890abcdef0", + "status": "COLLECTING" + } + ] + }, + { + "account": "123456789012", + "sourceName": "CLOUD_TRAIL_MGMT", + "sourceStatuses": [ + { + "resource": "vpc-1234567890abcdef0", + "status": "COLLECTING" + } + ] + } + ], + "dataLakeArn": null + } + +For more information, see `Collecting data from AWS services `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/get-subscriber.rst b/awscli/examples/securitylake/get-subscriber.rst new file mode 100644 index 000000000000..2770a895da9c --- /dev/null +++ b/awscli/examples/securitylake/get-subscriber.rst @@ -0,0 +1,90 @@ +**To retrieve the subscription information** + +The following ``get-subscriber`` example retrieves the subscription information for the specified Securiy Lake subscriber. :: + + aws securitylake get-subscriber \ + --subscriber-id a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 + +Output:: + + { + "subscriber": { + "accessTypes": [ + "LAKEFORMATION" + ], + "createdAt": "2024-04-19T15:19:44.421803+00:00", + "resourceShareArn": "arn:aws:ram:eu-west-2:123456789012:resource-share/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "resourceShareName": "LakeFormation-V3-TKJGBHCKTZ-123456789012", + "sources": [ + { + "awsLogSource": { + "sourceName": "LAMBDA_EXECUTION", + "sourceVersion": "1.0" + } + }, + { + "awsLogSource": { + "sourceName": "EKS_AUDIT", + "sourceVersion": "2.0" + } + }, + { + "awsLogSource": { + "sourceName": "ROUTE53", + "sourceVersion": "1.0" + } + }, + { + "awsLogSource": { + "sourceName": "SH_FINDINGS", + "sourceVersion": "1.0" + } + }, + { + "awsLogSource": { + "sourceName": "VPC_FLOW", + "sourceVersion": "1.0" + } + }, + { + "customLogSource": { + "attributes": { + "crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/testCustom2", + "databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/amazon_security_lake_glue_db_eu_west_2", + "tableArn": "arn:aws:glue:eu-west-2:123456789012:table/amazon_security_lake_table_eu_west_2_ext_testcustom2" + }, + "provider": { + "location": "s3://aws-security-data-lake-eu-west-2-8ugsus4ztnsfpjbldwbgf4vge98av9/ext/testCustom2/", + "roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-Provider-testCustom2-eu-west-2" + }, + "sourceName": "testCustom2" + } + }, + { + "customLogSource": { + "attributes": { + "crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/TestCustom", + "databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/amazon_security_lake_glue_db_eu_west_2", + "tableArn": "arn:aws:glue:eu-west-2:123456789012:table/amazon_security_lake_table_eu_west_2_ext_testcustom" + }, + "provider": { + "location": "s3://aws-security-data-lake-eu-west-2-8ugsus4ztnsfpjbldwbgf4vge98av9/ext/TestCustom/", + "roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-Provider-TestCustom-eu-west-2" + }, + "sourceName": "TestCustom" + } + } + ], + "subscriberArn": "arn:aws:securitylake:eu-west-2:123456789012:subscriber/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "subscriberId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "subscriberIdentity": { + "externalId": "123456789012", + "principal": "123456789012" + }, + "subscriberName": "test", + "subscriberStatus": "ACTIVE", + "updatedAt": "2024-04-19T15:19:55.230588+00:00" + } + } + +For more information, see `Subscriber management `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/list-data-lake-exceptions.rst b/awscli/examples/securitylake/list-data-lake-exceptions.rst new file mode 100644 index 000000000000..4b9f7d21adc4 --- /dev/null +++ b/awscli/examples/securitylake/list-data-lake-exceptions.rst @@ -0,0 +1,25 @@ +**To list the issues affecting your data lake** + +The following ``list-data-lake-exceptions`` example lists the issues that are affecting your data lake in the last 14 days in the specified AWS Regions. :: + + aws securitylake list-data-lake-exceptions \ + --regions "us-east-1" "eu-west-3" + +Output:: + + { + "exceptions": [ + { + "exception": "The account does not have the required role permissions. Update your role permissions to use the new data source version.", + "region": "us-east-1", + "timestamp": "2024-02-29T12:24:15.641725+00:00" + }, + { + "exception": "The account does not have the required role permissions. Update your role permissions to use the new data source version.", + "region": "eu-west-3", + "timestamp": "2024-02-29T12:24:15.641725+00:00" + } + ] + } + +For more information, see `Troubleshooting Amazon Security Lake `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/list-data-lakes.rst b/awscli/examples/securitylake/list-data-lakes.rst new file mode 100644 index 000000000000..4f9a200a27ab --- /dev/null +++ b/awscli/examples/securitylake/list-data-lakes.rst @@ -0,0 +1,49 @@ +**To list the Security Lake configuration object** + +The following ``list-data-lakes`` example lists the Amazon Security Lake configuration object for the specified AWS Region. You can use this command to determine whether Security Lake is enabled in a specified Region or Regions. :: + + aws securitylake list-data-lakes \ + --regions "us-east-1" + +Output:: + + { + "dataLakes": [ + { + "createStatus": "COMPLETED", + "dataLakeArn": "arn:aws:securitylake:us-east-1:123456789012:data-lake/default", + "encryptionConfiguration": { + "kmsKeyId": "S3_MANAGED_KEY" + }, + "lifecycleConfiguration": { + "expiration": { + "days": 365 + }, + "transitions": [ + { + "days": 60, + "storageClass": "ONEZONE_IA" + } + ] + }, + "region": "us-east-1", + "replicationConfiguration": { + "regions": [ + "ap-northeast-3" + ], + "roleArn": "arn:aws:securitylake:ap-northeast-3:123456789012:data-lake/default" + }, + "s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-1-1234567890abcdef0", + "updateStatus": { + "exception": { + "code": "software.amazon.awssdk.services.s3.model.S3Exception", + "reason": "" + }, + "requestId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "status": "FAILED" + } + } + ] + } + +For more information, see `Checking Region status `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/list-log-sources.rst b/awscli/examples/securitylake/list-log-sources.rst new file mode 100644 index 000000000000..3875ad94dd96 --- /dev/null +++ b/awscli/examples/securitylake/list-log-sources.rst @@ -0,0 +1,29 @@ +**To retrieve the Amazon Security Lake log sources** + +The following ``list-log-sources`` example lists the Amazon Security Lake log sources in a specified account. :: + + aws securitylake list-log-sources \ + --accounts "123456789012" + +Output:: + + { + "account": "123456789012", + "region": "xy-region-1", + "sources": [ + { + "awsLogSource": { + "sourceName": "VPC_FLOW", + "sourceVersion": "2.0" + } + }, + { + "awsLogSource": { + "sourceName": "SH_FINDINGS", + "sourceVersion": "2.0" + } + } + ] + } + +For more information, see `Source management `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/list-subscribers.rst b/awscli/examples/securitylake/list-subscribers.rst new file mode 100644 index 000000000000..0c8048acdd0d --- /dev/null +++ b/awscli/examples/securitylake/list-subscribers.rst @@ -0,0 +1,60 @@ +**To retrieve the Amazon Security Lake subscribers** + +The following ``list-subscribers`` example lists all the Amazon Security Lake subscribers in a specific account. :: + + aws securitylake list-subscribers + +Output:: + + { + "subscribers": [ + { + "accessTypes": [ + "S3" + ], + "createdAt": "2024-06-04T15:02:28.921000+00:00", + "roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-E1WG1ZNPRXT0D4", + "s3BucketArn": "amzn-s3-demo-bucket--usw2-az1--x-s3", + "sources": [ + { + "awsLogSource": { + "sourceName": "CLOUD_TRAIL_MGMT", + "sourceVersion": "2.0" + } + }, + { + "awsLogSource": { + "sourceName": "LAMBDA_EXECUTION", + "sourceVersion": "1.0" + } + }, + { + "customLogSource": { + "attributes": { + "crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/E1WG1ZNPRXT0D4", + "databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/E1WG1ZNPRXT0D4", + "tableArn": "arn:aws:glue:eu-west-2:123456789012:table/E1WG1ZNPRXT0D4" + }, + "provider": { + "location": "amzn-s3-demo-bucket--usw2-az1--x-s3", + "roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-E1WG1ZNPRXT0D4" + }, + "sourceName": "testCustom2" + } + } + ], + "subscriberArn": "arn:aws:securitylake:eu-west-2:123456789012:subscriber/E1WG1ZNPRXT0D4", + "subscriberEndpoint": "arn:aws:sqs:eu-west-2:123456789012:AmazonSecurityLake-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111-Main-Queue", + "subscriberId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "subscriberIdentity": { + "externalId": "ext123456789012", + "principal": "123456789012" + }, + "subscriberName": "Test", + "subscriberStatus": "ACTIVE", + "updatedAt": "2024-06-04T15:02:35.617000+00:00" + } + ] + } + +For more information, see `Subscriber management `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/list-tags-for-resource.rst b/awscli/examples/securitylake/list-tags-for-resource.rst new file mode 100644 index 000000000000..91382761d590 --- /dev/null +++ b/awscli/examples/securitylake/list-tags-for-resource.rst @@ -0,0 +1,27 @@ +**To list tags for an existing resource** + +The following ``list-tags-for-resource`` example lists tags for the specified Amazon Security Lake subscriber. In this example, the Owner tag key doesn't have an associated tag value. You can use this operation to list tags for other existing Security Lake resources as well. :: + + aws securitylake list-tags-for-resource \ + --resource-arn "arn:aws:securitylake:us-east-1:123456789012:subscriber/1234abcd-12ab-34cd-56ef-1234567890ab" + +Output:: + + { + "tags": [ + { + "key": "Environment", + "value": "Cloud" + }, + { + "key": "CostCenter", + "value": "12345" + }, + { + "key": "Owner", + "value": "" + } + ] + } + +For more information, see `Tagging Amazon Security Lake resources `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/register-data-lake-delegated-administrator.rst b/awscli/examples/securitylake/register-data-lake-delegated-administrator.rst new file mode 100644 index 000000000000..be008ea565f0 --- /dev/null +++ b/awscli/examples/securitylake/register-data-lake-delegated-administrator.rst @@ -0,0 +1,10 @@ +**To designate the delegated administratore** + +The following ``register-data-lake-delegated-administrator`` example designates the specified AWS account as the delegated Amazon Security Lake administrator. :: + + aws securitylake register-data-lake-delegated-administrator \ + --account-id 123456789012 + +This command produces no output. + +For more information, see `Managing multiple accounts with AWS Organizations `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/tag-resource.rst b/awscli/examples/securitylake/tag-resource.rst new file mode 100644 index 000000000000..5512262112ad --- /dev/null +++ b/awscli/examples/securitylake/tag-resource.rst @@ -0,0 +1,11 @@ +**To add tags to an existing resource** + +The following ``tag-resource`` example add tags to an existing subscriber resource. To create a new resource and add one or more tags to it, don't use this operation. Instead, use the appropriate Create operation for the the type of resource that you want to create. :: + + aws securitylake tag-resource \ + --resource-arn "arn:aws:securitylake:us-east-1:123456789012:subscriber/1234abcd-12ab-34cd-56ef-1234567890ab" \ + --tags key=Environment,value=Cloud + +This command produces no output. + +For more information, see `Tagging Amazon Security Lake resources `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/untag-resource.rst b/awscli/examples/securitylake/untag-resource.rst new file mode 100644 index 000000000000..15d3bab171ed --- /dev/null +++ b/awscli/examples/securitylake/untag-resource.rst @@ -0,0 +1,11 @@ +**To remove tags from an existing resource** + +The following ``untag-resource`` example removes the specified tags from an existing subscriber resource. :: + + aws securitylake untag-resource \ + --resource-arn "arn:aws:securitylake:us-east-1:123456789012:subscriber/1234abcd-12ab-34cd-56ef-1234567890ab" \ + --tags Environment Owner + +This command produces no output. + +For more information, see `Tagging Amazon Security Lake resources `__ in the *Amazon Security Lake User Guide*. diff --git a/awscli/examples/securitylake/update-data-lake-exception-subscription.rst b/awscli/examples/securitylake/update-data-lake-exception-subscription.rst new file mode 100644 index 000000000000..0070f99edcb9 --- /dev/null +++ b/awscli/examples/securitylake/update-data-lake-exception-subscription.rst @@ -0,0 +1,12 @@ +**To update notification subscription for Security Lake exceptions** + +The following ``update-data-lake-exception-subscription`` example updates the notification subscription that notifies users of Security Lake exceptions. :: + + aws securitylake update-data-lake-exception-subscription \ + --notification-endpoint "123456789012" \ + --exception-time-to-live 30 \ + --subscription-protocol "email" + +This command produces no output. + +For more information, see `Troubleshooting Amazon Security Lake `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/update-data-lake.rst b/awscli/examples/securitylake/update-data-lake.rst new file mode 100644 index 000000000000..209541e0c643 --- /dev/null +++ b/awscli/examples/securitylake/update-data-lake.rst @@ -0,0 +1,126 @@ +**Example 1: To update your data lake settings** + +The following ``update-data-lake`` example updates the settings of your Amazon Security Lake data lake. You can use this operation to specify data encryption, storage, and rollup Region settings. :: + + aws securitylake update-data-lake \ + --configurations '[{"encryptionConfiguration": {"kmsKeyId":"S3_MANAGED_KEY"},"region":"us-east-1","lifecycleConfiguration": {"expiration":{"days":365},"transitions":[{"days":60,"storageClass":"ONEZONE_IA"}]}}, {"encryptionConfiguration": {"kmsKeyId":"S3_MANAGED_KEY"},"region":"us-east-2","lifecycleConfiguration": {"expiration":{"days":365},"transitions":[{"days":60,"storageClass":"ONEZONE_IA"}]}}]' \ + --meta-store-manager-role-arn "arn:aws:iam:us-east-1:123456789012:role/service-role/AmazonSecurityLakeMetaStoreManager" + +Output:: + + { + "dataLakes": [ + { + "createStatus": "COMPLETED", + "dataLakeArn": "arn:aws:securitylake:us-east-1:522481757177:data-lake/default", + "encryptionConfiguration": { + "kmsKeyId": "S3_MANAGED_KEY" + }, + "lifecycleConfiguration": { + "expiration": { + "days": 365 + }, + "transitions": [ + { + "days": 60, + "storageClass": "ONEZONE_IA" + } + ] + }, + "region": "us-east-1", + "replicationConfiguration": { + "regions": [ + "ap-northeast-3" + ], + "roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default" + }, + "s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-1-gnevt6s8z7bzby8oi3uiaysbr8v2ml", + "updateStatus": { + "exception": {}, + "requestId": "f20a6450-d24a-4f87-a6be-1d4c075a59c2", + "status": "INITIALIZED" + } + }, + { + "createStatus": "COMPLETED", + "dataLakeArn": "arn:aws:securitylake:us-east-2:522481757177:data-lake/default", + "encryptionConfiguration": { + "kmsKeyId": "S3_MANAGED_KEY" + }, + "lifecycleConfiguration": { + "expiration": { + "days": 365 + }, + "transitions": [ + { + "days": 60, + "storageClass": "ONEZONE_IA" + } + ] + }, + "region": "us-east-2", + "replicationConfiguration": { + "regions": [ + "ap-northeast-3" + ], + "roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default" + }, + "s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-2-cehuifzl5rwmhm6m62h7zhvtseogr9", + "updateStatus": { + "exception": {}, + "requestId": "f20a6450-d24a-4f87-a6be-1d4c075a59c2", + "status": "INITIALIZED" + } + } + ] + } + +For more information, see `Getting started with Amazon Security Lake `__ in the *Amazon Security Lake User Guide*. + +**Example 2: To configure your data lake in a single Region** + +The following ``create-data-lake`` example enables Amazon Security Lake in a single AWS Region and configures your data lake. :: + + aws securitylake create-data-lake \ + --configurations '[{"encryptionConfiguration": {"kmsKeyId":"1234abcd-12ab-34cd-56ef-1234567890ab"},"region":"us-east-2","lifecycleConfiguration": {"expiration":{"days":500},"transitions":[{"days":30,"storageClass":"GLACIER"}]}}]' \ + --meta-store-manager-role-arn "arn:aws:iam:us-east-1:123456789012:role/service-role/AmazonSecurityLakeMetaStoreManager" + +Output:: + + { + "dataLakes": [ + { + "createStatus": "COMPLETED", + "dataLakeArn": "arn:aws:securitylake:us-east-2:522481757177:data-lake/default", + "encryptionConfiguration": { + "kmsKeyId": "1234abcd-12ab-34cd-56ef-1234567890ab" + }, + "lifecycleConfiguration": { + "expiration": { + "days": 500 + }, + "transitions": [ + { + "days": 30, + "storageClass": "GLACIER" + } + ] + }, + "region": "us-east-2", + "replicationConfiguration": { + "regions": [ + "ap-northeast-3" + ], + "roleArn": "arn:aws:securitylake:ap-northeast-3:522481757177:data-lake/default" + }, + "s3BucketArn": "arn:aws:s3:::aws-security-data-lake-us-east-2-cehuifzl5rwmhm6m62h7zhvtseogr9", + "updateStatus": { + "exception": {}, + "requestId": "77702a53-dcbf-493e-b8ef-518e362f3003", + "status": "INITIALIZED" + } + } + ] + } + +For more information, see `Getting started with Amazon Security Lake `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/update-subscriber-notification.rst b/awscli/examples/securitylake/update-subscriber-notification.rst new file mode 100644 index 000000000000..f41338d4a6bf --- /dev/null +++ b/awscli/examples/securitylake/update-subscriber-notification.rst @@ -0,0 +1,17 @@ +**To update a subscriber notification** + +The following ``update-subscriber-notification`` example shows how you can update the notification method for a subscriber. :: + + aws securitylake update-subscriber-notification \ + --subscriber-id "12345ab8-1a34-1c34-1bd4-12345ab9012" \ + --configuration '{"httpsNotificationConfiguration": {"targetRoleArn":"arn:aws:iam::XXX:role/service-role/RoleName", "endpoint":"https://account-management.$3.$2.securitylake.aws.dev/v1/datalake"}}' + +Output:: + + { + "subscriberEndpoint": [ + "https://account-management.$3.$2.securitylake.aws.dev/v1/datalake" + ] + } + +For more information, see `Subscriber management `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/securitylake/update-subscriber.rst b/awscli/examples/securitylake/update-subscriber.rst new file mode 100644 index 000000000000..599286c96253 --- /dev/null +++ b/awscli/examples/securitylake/update-subscriber.rst @@ -0,0 +1,76 @@ +**To update an Amazon Security Lake subscriber.** + +The following ``update-subscriber`` example updates the security lake data access sources for a specific Security Lake subscriber. :: + + aws securitylake update-subscriber \ + --subscriber-id a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 + +Output:: + + { + "subscriber": { + "accessTypes": [ + "LAKEFORMATION" + ], + "createdAt": "2024-04-19T15:19:44.421803+00:00", + "resourceShareArn": "arn:aws:ram:eu-west-2:123456789012:resource-share/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "resourceShareName": "LakeFormation-V3-TKJGBHCKTZ-123456789012", + "sources": [ + { + "awsLogSource": { + "sourceName": "LAMBDA_EXECUTION", + "sourceVersion": "1.0" + } + }, + { + "awsLogSource": { + "sourceName": "EKS_AUDIT", + "sourceVersion": "2.0" + } + }, + { + "awsLogSource": { + "sourceName": "ROUTE53", + "sourceVersion": "1.0" + } + }, + { + "awsLogSource": { + "sourceName": "SH_FINDINGS", + "sourceVersion": "1.0" + } + }, + { + "awsLogSource": { + "sourceName": "VPC_FLOW", + "sourceVersion": "1.0" + } + }, + { + "customLogSource": { + "attributes": { + "crawlerArn": "arn:aws:glue:eu-west-2:123456789012:crawler/E1WG1ZNPRXT0D4", + "databaseArn": "arn:aws:glue:eu-west-2:123456789012:database/E1WG1ZNPRXT0D4", + "tableArn": "arn:aws:glue:eu-west-2:123456789012:table/E1WG1ZNPRXT0D4" + }, + "provider": { + "location": "amzn-s3-demo-bucket--usw2-az1--x-s3", + "roleArn": "arn:aws:iam::123456789012:role/AmazonSecurityLake-E1WG1ZNPRXT0D4" + }, + "sourceName": "testCustom2" + } + } + ], + "subscriberArn": "arn:aws:securitylake:eu-west-2:123456789012:subscriber/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "subscriberId": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", + "subscriberIdentity": { + "externalId": "123456789012", + "principal": "123456789012" + }, + "subscriberName": "test", + "subscriberStatus": "ACTIVE", + "updatedAt": "2024-07-18T20:47:37.098000+00:00" + } + } + +For more information, see `Subscriber management `__ in the *Amazon Security Lake User Guide*. \ No newline at end of file diff --git a/awscli/examples/servicecatalog/create-product.rst b/awscli/examples/servicecatalog/create-product.rst index d6682e698e23..d7c5ea482904 100644 --- a/awscli/examples/servicecatalog/create-product.rst +++ b/awscli/examples/servicecatalog/create-product.rst @@ -20,7 +20,7 @@ Contents of ``create-product-input.json``:: "Tags": [ { "Key": "region", - "Value": "iad" + "Value": "us-east-1" } ], "ProvisioningArtifactParameters": { @@ -39,7 +39,7 @@ Output:: "Tags": [ { "Key": "region", - "Value": "iad" + "Value": "us-east-1" } ], "ProductViewDetail": { diff --git a/awscli/examples/ssm/deregister-managed-instance.rst b/awscli/examples/ssm/deregister-managed-instance.rst index 209565502950..b91fa53b461c 100644 --- a/awscli/examples/ssm/deregister-managed-instance.rst +++ b/awscli/examples/ssm/deregister-managed-instance.rst @@ -2,9 +2,9 @@ The following ``deregister-managed-instance`` example deregisters the specified managed instance. :: - aws ssm deregister-managed-instance - --instance-id "mi-08ab247cdfEXAMPLE" + aws ssm deregister-managed-instance \ + --instance-id 'mi-08ab247cdfEXAMPLE' This command produces no output. -For more information, see `Deregistering Managed Instances in a Hybrid Environment `__ in the *AWS Systems Manager User Guide*. +For more information, see `Deregistering managed nodes in a hybrid and multicloud environment `__ in the *AWS Systems Manager User Guide*. diff --git a/awscli/examples/ssm/describe-maintenance-windows-for-target.rst b/awscli/examples/ssm/describe-maintenance-windows-for-target.rst index bd908bf6801f..e0590f470164 100755 --- a/awscli/examples/ssm/describe-maintenance-windows-for-target.rst +++ b/awscli/examples/ssm/describe-maintenance-windows-for-target.rst @@ -1,6 +1,6 @@ **To list all maintenance windows associated with a specific instance** -The follwoing ``describe-maintenance-windows-for-target`` example lists the maintenance windows that have targets or tasks associated with the specified instance. :: +The following ``describe-maintenance-windows-for-target`` example lists the maintenance windows that have targets or tasks associated with the specified instance. :: aws ssm describe-maintenance-windows-for-target \ --targets Key=InstanceIds,Values=i-1234567890EXAMPLE \ diff --git a/awscli/examples/ssm/send-automation-signal.rst b/awscli/examples/ssm/send-automation-signal.rst index 338375bf3259..7c7779bac063 100644 --- a/awscli/examples/ssm/send-automation-signal.rst +++ b/awscli/examples/ssm/send-automation-signal.rst @@ -1,4 +1,4 @@ -**To send a singal to an automation execution** +**To send a signal to an automation execution** The following ``send-automation-signal`` example sends an Approve signal to an Automation execution. :: diff --git a/awscli/examples/ssm/update-patch-baseline.rst b/awscli/examples/ssm/update-patch-baseline.rst index 4fbef1a9c49a..69b4629b4edb 100755 --- a/awscli/examples/ssm/update-patch-baseline.rst +++ b/awscli/examples/ssm/update-patch-baseline.rst @@ -53,7 +53,7 @@ Output:: **Example 2: To rename a patch baseline** -The following ``update-patch-baseline`` example renames theh specified patch baseline. :: +The following ``update-patch-baseline`` example renames the specified patch baseline. :: aws ssm update-patch-baseline \ --baseline-id "pb-0713accee01234567" \ diff --git a/awscli/examples/sts/assume-role-with-saml.rst b/awscli/examples/sts/assume-role-with-saml.rst index 5b0276668524..63e87729ab61 100644 --- a/awscli/examples/sts/assume-role-with-saml.rst +++ b/awscli/examples/sts/assume-role-with-saml.rst @@ -1,31 +1,31 @@ -**To get short-term credentials for a role authenticated with SAML** - -The following ``assume-role-with-saml`` example retrieves a set of short-term credentials for the IAM role ``TestSaml``. The request in this example is authenticated by using the SAML assertion supplied by your identity provider when you authenticate to it. :: - - aws sts assume-role-with-saml \ - --role-arn arn:aws:iam::123456789012:role/TestSaml \ - --principal-arn arn:aws:iam::123456789012:saml-provider/SAML-test \ - --saml-assertion "VERYLONGENCODEDASSERTIONEXAMPLExzYW1sOkF1ZGllbmNlPmJsYW5rPC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50Ij5TYW1sRXhhbXBsZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxOS0xMS0wMVQyMDoyNTowNS4xNDVaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2lnbmluLmF3cy5hbWF6b24uY29tL3NhbWwiLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRoPD94bWwgdmpSZXNwb25zZT4=" - -Output:: - - { - "Issuer": "https://integ.example.com/idp/shibboleth`__ in the *IAM User Guide*. +**To get short-term credentials for a role authenticated with SAML** + +The following ``assume-role-with-saml`` command retrieves a set of short-term credentials for the IAM role ``TestSaml``. The request in this example is authenticated by using the SAML assertion supplied by your identity provider when you authenticate to it. :: + + aws sts assume-role-with-saml \ + --role-arn arn:aws:iam::123456789012:role/TestSaml \ + --principal-arn arn:aws:iam::123456789012:saml-provider/SAML-test \ + --saml-assertion "VERYLONGENCODEDASSERTIONEXAMPLExzYW1sOkF1ZGllbmNlPmJsYW5rPC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50Ij5TYW1sRXhhbXBsZTwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIE5vdE9uT3JBZnRlcj0iMjAxOS0xMS0wMVQyMDoyNTowNS4xNDVaIiBSZWNpcGllbnQ9Imh0dHBzOi8vc2lnbmluLmF3cy5hbWF6b24uY29tL3NhbWwiLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRoPD94bWwgdmpSZXNwb25zZT4=" + +Output:: + + { + "Issuer": "https://integ.example.com/idp/shibboleth`__ in the *AWS IAM User Guide*. diff --git a/awscli/examples/sts/assume-role-with-web-identity.rst b/awscli/examples/sts/assume-role-with-web-identity.rst index d098d3ef189b..fbabfa6aa97a 100644 --- a/awscli/examples/sts/assume-role-with-web-identity.rst +++ b/awscli/examples/sts/assume-role-with-web-identity.rst @@ -1,31 +1,31 @@ -**To get short-term credentials for a role authenticated with Web Identity (OAuth 2."0)** - -The following ``assume-role-with-web-identity`` example retrieves a set of short-term credentials for the IAM role ``app1``. The request is authenticated by using the web identity token supplied by the specified web identity provider. Two additional policies are applied to the session to further restrict what the user can do. The returned credentials expire one hour after they are generated. :: - - aws sts assume-role-with-web-identity \ - --duration-seconds 3600 \ - --role-session-name "app1" \ - --provider-id "www.amazon.com" \ - --policy-arns "arn:aws:iam::123456789012:policy/q=webidentitydemopolicy1","arn:aws:iam::123456789012:policy/webidentitydemopolicy2" \ - --role-arn arn:aws:iam::123456789012:role/FederatedWebIdentityRole \ - --web-identity-token "Atza%7CIQEBLjAsAhRFiXuWpUXuRvQ9PZL3GMFcYevydwIUFAHZwXZXXXXXXXXJnrulxKDHwy87oGKPznh0D6bEQZTSCzyoCtL_8S07pLpr0zMbn6w1lfVZKNTBdDansFBmtGnIsIapjI6xKR02Yc_2bQ8LZbUXSGm6Ry6_BG7PrtLZtj_dfCTj92xNGed-CrKqjG7nPBjNIL016GGvuS5gSvPRUxWES3VYfm1wl7WTI7jn-Pcb6M-buCgHhFOzTQxod27L9CqnOLio7N3gZAGpsp6n1-AJBOCJckcyXe2c6uD0srOJeZlKUm2eTDVMf8IehDVI0r1QOnTV6KzzAI3OY87Vd_cVMQ" - -Output:: - - { - "SubjectFromWebIdentityToken": "amzn1.account.AF6RHO7KZU5XRVQJGXK6HB56KR2A" - "Audience": "client.5498841531868486423.1548@apps.example.com", - "AssumedRoleUser": { - "Arn": "arn:aws:sts::123456789012:assumed-role/FederatedWebIdentityRole/app1", - "AssumedRoleId": "AROACLKWSDQRAOEXAMPLE:app1" - } - "Credentials": { - "AccessKeyId": "AKIAIOSFODNN7EXAMPLE", - "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY", - "SessionToken": "AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5TthT+FvwqnKwRcOIfrRh3c/LTo6UDdyJwOOvEVPvLXCrrrUtdnniCEXAMPLE/IvU1dYUg2RVAJBanLiHb4IgRmpRV3zrkuWJOgQs8IZZaIv2BXIa2R4OlgkBN9bkUDNCJiBeb/AXlzBBko7b15fjrBs2+cTQtpZ3CYWFXG8C5zqx37wnOE49mRl/+OtkIKGO7fAE", - "Expiration": "2020-05-19T18:06:10+00:00" - }, - "Provider": "www.amazon.com" - } - -For more information, see `Requesting Temporary Security Credentials `__ in the *IAM User Guide*. +**To get short-term credentials for a role authenticated with Web Identity (OAuth 2."0)** + +The following ``assume-role-with-web-identity`` command retrieves a set of short-term credentials for the IAM role ``app1``. The request is authenticated by using the web identity token supplied by the specified web identity provider. Two additional policies are applied to the session to further restrict what the user can do. The returned credentials expire one hour after they are generated. :: + + aws sts assume-role-with-web-identity \ + --duration-seconds 3600 \ + --role-session-name "app1" \ + --provider-id "www.amazon.com" \ + --policy-arns "arn:aws:iam::123456789012:policy/q=webidentitydemopolicy1","arn:aws:iam::123456789012:policy/webidentitydemopolicy2" \ + --role-arn arn:aws:iam::123456789012:role/FederatedWebIdentityRole \ + --web-identity-token "Atza%7CIQEBLjAsAhRFiXuWpUXuRvQ9PZL3GMFcYevydwIUFAHZwXZXXXXXXXXJnrulxKDHwy87oGKPznh0D6bEQZTSCzyoCtL_8S07pLpr0zMbn6w1lfVZKNTBdDansFBmtGnIsIapjI6xKR02Yc_2bQ8LZbUXSGm6Ry6_BG7PrtLZtj_dfCTj92xNGed-CrKqjG7nPBjNIL016GGvuS5gSvPRUxWES3VYfm1wl7WTI7jn-Pcb6M-buCgHhFOzTQxod27L9CqnOLio7N3gZAGpsp6n1-AJBOCJckcyXe2c6uD0srOJeZlKUm2eTDVMf8IehDVI0r1QOnTV6KzzAI3OY87Vd_cVMQ" + +Output:: + + { + "SubjectFromWebIdentityToken": "amzn1.account.AF6RHO7KZU5XRVQJGXK6HB56KR2A", + "Audience": "client.5498841531868486423.1548@apps.example.com", + "AssumedRoleUser": { + "Arn": "arn:aws:sts::123456789012:assumed-role/FederatedWebIdentityRole/app1", + "AssumedRoleId": "AROACLKWSDQRAOEXAMPLE:app1" + }, + "Credentials": { + "AccessKeyId": "AKIAIOSFODNN7EXAMPLE", + "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY", + "SessionToken": "AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5TthT+FvwqnKwRcOIfrRh3c/LTo6UDdyJwOOvEVPvLXCrrrUtdnniCEXAMPLE/IvU1dYUg2RVAJBanLiHb4IgRmpRV3zrkuWJOgQs8IZZaIv2BXIa2R4OlgkBN9bkUDNCJiBeb/AXlzBBko7b15fjrBs2+cTQtpZ3CYWFXG8C5zqx37wnOE49mRl/+OtkIKGO7fAE", + "Expiration": "2020-05-19T18:06:10+00:00" + }, + "Provider": "www.amazon.com" + } + +For more information, see `Requesting Temporary Security Credentials `__ in the *AWS IAM User Guide*. diff --git a/awscli/examples/sts/assume-role.rst b/awscli/examples/sts/assume-role.rst index 18be67c5ef89..2f90017844cd 100644 --- a/awscli/examples/sts/assume-role.rst +++ b/awscli/examples/sts/assume-role.rst @@ -1,22 +1,26 @@ -To assume a role:: +**To assume a role** - aws sts assume-role --role-arn arn:aws:iam::123456789012:role/xaccounts3access --role-session-name s3-access-example +The following ``assume-role`` command retrieves a set of short-term credentials for the IAM role ``s3-access-example``. :: -The output of the command contains an access key, secret key, and session token that you can use to authenticate to AWS:: + aws sts assume-role \ + --role-arn arn:aws:iam::123456789012:role/xaccounts3access \ + --role-session-name s3-access-example - { - "AssumedRoleUser": { - "AssumedRoleId": "AROA3XFRBF535PLBIFPI4:s3-access-example", - "Arn": "arn:aws:sts::123456789012:assumed-role/xaccounts3access/s3-access-example" - }, - "Credentials": { - "SecretAccessKey": "9drTJvcXLB89EXAMPLELB8923FB892xMFI", - "SessionToken": "AQoXdzELDDY//////////wEaoAK1wvxJY12r2IrDFT2IvAzTCn3zHoZ7YNtpiQLF0MqZye/qwjzP2iEXAMPLEbw/m3hsj8VBTkPORGvr9jM5sgP+w9IZWZnU+LWhmg+a5fDi2oTGUYcdg9uexQ4mtCHIHfi4citgqZTgco40Yqr4lIlo4V2b2Dyauk0eYFNebHtYlFVgAUj+7Indz3LU0aTWk1WKIjHmmMCIoTkyYp/k7kUG7moeEYKSitwQIi6Gjn+nyzM+PtoA3685ixzv0R7i5rjQi0YE0lf1oeie3bDiNHncmzosRM6SFiPzSvp6h/32xQuZsjcypmwsPSDtTPYcs0+YN/8BRi2/IcrxSpnWEXAMPLEXSDFTAQAM6Dl9zR0tXoybnlrZIwMLlMi1Kcgo5OytwU=", - "Expiration": "2016-03-15T00:05:07Z", - "AccessKeyId": "ASIAJEXAMPLEXEG2JICEA" - } - } +Output:: -For AWS CLI use, you can set up a named profile associated with a role. When you use the profile, the AWS CLI will call assume-role and manage credentials for you. See `Assuming a Role`_ in the *AWS CLI User Guide* for instructions. + { + "AssumedRoleUser": { + "AssumedRoleId": "AROA3XFRBF535PLBIFPI4:s3-access-example", + "Arn": "arn:aws:sts::123456789012:assumed-role/xaccounts3access/s3-access-example" + }, + "Credentials": { + "SecretAccessKey": "9drTJvcXLB89EXAMPLELB8923FB892xMFI", + "SessionToken": "AQoXdzELDDY//////////wEaoAK1wvxJY12r2IrDFT2IvAzTCn3zHoZ7YNtpiQLF0MqZye/qwjzP2iEXAMPLEbw/m3hsj8VBTkPORGvr9jM5sgP+w9IZWZnU+LWhmg+a5fDi2oTGUYcdg9uexQ4mtCHIHfi4citgqZTgco40Yqr4lIlo4V2b2Dyauk0eYFNebHtYlFVgAUj+7Indz3LU0aTWk1WKIjHmmMCIoTkyYp/k7kUG7moeEYKSitwQIi6Gjn+nyzM+PtoA3685ixzv0R7i5rjQi0YE0lf1oeie3bDiNHncmzosRM6SFiPzSvp6h/32xQuZsjcypmwsPSDtTPYcs0+YN/8BRi2/IcrxSpnWEXAMPLEXSDFTAQAM6Dl9zR0tXoybnlrZIwMLlMi1Kcgo5OytwU=", + "Expiration": "2016-03-15T00:05:07Z", + "AccessKeyId": "ASIAJEXAMPLEXEG2JICEA" + } + } -.. _`Assuming a Role`: http://docs.aws.amazon.com/cli/latest/userguide/cli-roles.html \ No newline at end of file +The output of the command contains an access key, secret key, and session token that you can use to authenticate to AWS. + +For AWS CLI use, you can set up a named profile associated with a role. When you use the profile, the AWS CLI will call assume-role and manage credentials for you. For more information, see `Use an IAM role in the AWS CLI `__ in the *AWS CLI User Guide*. \ No newline at end of file diff --git a/awscli/examples/sts/assume-root.rst b/awscli/examples/sts/assume-root.rst new file mode 100644 index 000000000000..56ec7fd4b6b7 --- /dev/null +++ b/awscli/examples/sts/assume-root.rst @@ -0,0 +1,22 @@ +**To launch a privileged session** + +The following ``assume-root`` command retrieves a set of short-term credentials you can use to remove a misconfigured Amazon S3 bucket policy for a member account in your organization. :: + + aws sts assume-root \ + --duration-seconds 900 \ + --target-principal 111122223333 \ + --task-policy-arn arn=arn:aws:iam::aws:policy/root-task/S3UnlockBucketPolicy + +Output:: + + { + "Credentials": { + "SecretAccessKey": "9drTJvcXLB89EXAMPLELB8923FB892xMFI", + "SessionToken": "AQoXdzELDDY//////////wEaoAK1wvxJY12r2IrDFT2IvAzTCn3zHoZ7YNtpiQLF0MqZye/qwjzP2iEXAMPLEbw/m3hsj8VBTkPORGvr9jM5sgP+w9IZWZnU+LWhmg+a5fDi2oTGUYcdg9uexQ4mtCHIHfi4citgqZTgco40Yqr4lIlo4V2b2Dyauk0eYFNebHtYlFVgAUj+7Indz3LU0aTWk1WKIjHmmMCIoTkyYp/k7kUG7moeEYKSitwQIi6Gjn+nyzM+PtoA3685ixzv0R7i5rjQi0YE0lf1oeie3bDiNHncmzosRM6SFiPzSvp6h/32xQuZsjcypmwsPSDtTPYcs0+YN/8BRi2/IcrxSpnWEXAMPLEXSDFTAQAM6Dl9zR0tXoybnlrZIwMLlMi1Kcgo5OytwU=", + "Expiration": "2024-11-15T00:05:07Z", + "AccessKeyId": "ASIAJEXAMPLEXEG2JICEA" + }, + "SourceIdentity": "Alice", + } + +The output of the command contains an access key, secret key, and session token that you can use to to perform privileged actions in the member account. For more information, see `Perform a privileged task on an AWS Organizations member account `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/sts/decode-authorization-message.rst b/awscli/examples/sts/decode-authorization-message.rst new file mode 100644 index 000000000000..bd56f1526eef --- /dev/null +++ b/awscli/examples/sts/decode-authorization-message.rst @@ -0,0 +1,14 @@ +**To decode an encoded authorization message returned in response to a request** + +The following ``decode-authorization-message`` example decodes additional information about the authorization status of a request from an encoded message returned in response to an Amazon Web Services request. :: + + aws sts decode-authorization-message \ + --encoded-message EXAMPLEWodyRNrtlQARDip-eTA6i6DrlUhHhPQrLWB_lAbl5pAKxl9mPDLexYcGBreyIKQC1BGBIpBKr3dFDkwqeO7e2NMk5j_hmzAiChJN-8oy3EwiCjkUW5fdRNjcRvscGlUo_MhqHqHpR-Ojau7BMjOTWwOtHPhV_Zaz87yENdipr745EjQwRd5LaoL3vN8_5ZfA9UiBMKDgVh1gjqZJFUiQoubv78V1RbHNYnK44ElGKmUWYa020I1y6TNS9LXoNmc62GzkfGvoPGhD13br5tXEOo1rAm3vsPewRDFNkYL-4_1MWWezhRNEpqvXBDXLI9xEux7YYkRtjd45NJLFzZynBUubV8NHOevVuighd1Mvz3OiA-1_oPSe4TBtjfN9s7kjU1z70WpVbUgrLVp1xXTK1rf9Ea7t8shPd-3VzKhjS5tLrweFxNOKwV2GtT76B_fRp8HTYz-pOu3FZjwYStfvTb3GHs3-6rLribGO9jZOktkfE6vqxlFzLyeDr4P2ihC1wty9tArCvvGzIAUNmARQJ2VVWPxioqgoqCzMaDMZEO7wkku7QeakEVZdf00qlNLMmcaVZb1UPNqD-JWP5pwe_mAyqh0NLw-r1S56YC_90onj9A80sNrHlI-tIiNd7tgNTYzDuPQYD2FMDBnp82V9eVmYGtPp5NIeSpuf3fOHanFuBZgENxZQZ2dlH3xJGMTtYayzZrRXjiq_SfX9zeBbpCvrD-0AJK477RM84vmtCrsUpJgx-FaoPIb8LmmKVBLpIB0iFhU9sEHPqKHVPi6jdxXqKaZaFGvYVmVOiuQdNQKuyk0p067POFrZECLjjOtNPBOZCcuEKEXAMPLE + +Output:: + + { + "DecodedMessage": "{\"allowed\":false,\"explicitDeny\":true,\"matchedStatements\":{\"items\":[{\"statementId\":\"VisualEditor0\",\"effect\":\"DENY\",\"principals\":{\"items\":[{\"value\":\"AROA123456789EXAMPLE\"}]},\"principalGroups\":{\"items\":[]},\"actions\":{\"items\":[{\"value\":\"ec2:RunInstances\"}]},\"resources\":{\"items\":[{\"value\":\"*\"}]},\"conditions\":{\"items\":[]}}]},\"failures\":{\"items\":[]},\"context\":{\"principal\":{\"id\":\"AROA123456789EXAMPLE:Ana\",\"arn\":\"arn:aws:sts::111122223333:assumed-role/Developer/Ana\"},\"action\":\"RunInstances\",\"resource\":\"arn:aws:ec2:us-east-1:111122223333:instance/*\",\"conditions\":{\"items\":[{\"key\":\"ec2:MetadataHttpPutResponseHopLimit\",\"values\":{\"items\":[{\"value\":\"2\"}]}},{\"key\":\"ec2:InstanceMarketType\",\"values\":{\"items\":[{\"value\":\"on-demand\"}]}},{\"key\":\"aws:Resource\",\"values\":{\"items\":[{\"value\":\"instance/*\"}]}},{\"key\":\"aws:Account\",\"values\":{\"items\":[{\"value\":\"111122223333\"}]}},{\"key\":\"ec2:AvailabilityZone\",\"values\":{\"items\":[{\"value\":\"us-east-1f\"}]}},{\"key\":\"ec2:ebsOptimized\",\"values\":{\"items\":[{\"value\":\"false\"}]}},{\"key\":\"ec2:IsLaunchTemplateResource\",\"values\":{\"items\":[{\"value\":\"false\"}]}},{\"key\":\"ec2:InstanceType\",\"values\":{\"items\":[{\"value\":\"t2.micro\"}]}},{\"key\":\"ec2:RootDeviceType\",\"values\":{\"items\":[{\"value\":\"ebs\"}]}},{\"key\":\"aws:Region\",\"values\":{\"items\":[{\"value\":\"us-east-1\"}]}},{\"key\":\"ec2:MetadataHttpEndpoint\",\"values\":{\"items\":[{\"value\":\"enabled\"}]}},{\"key\":\"aws:Service\",\"values\":{\"items\":[{\"value\":\"ec2\"}]}},{\"key\":\"ec2:InstanceID\",\"values\":{\"items\":[{\"value\":\"*\"}]}},{\"key\":\"ec2:MetadataHttpTokens\",\"values\":{\"items\":[{\"value\":\"required\"}]}},{\"key\":\"aws:Type\",\"values\":{\"items\":[{\"value\":\"instance\"}]}},{\"key\":\"ec2:Tenancy\",\"values\":{\"items\":[{\"value\":\"default\"}]}},{\"key\":\"ec2:Region\",\"values\":{\"items\":[{\"value\":\"us-east-1\"}]}},{\"key\":\"aws:ARN\",\"values\":{\"items\":[{\"value\":\"arn:aws:ec2:us-east-1:111122223333:instance/*\"}]}}]}}}" + } + +For more information, see `Policy evaluation logic `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/sts/get-caller-identity.rst b/awscli/examples/sts/get-caller-identity.rst index 841cc8976fd4..c420139bc740 100644 --- a/awscli/examples/sts/get-caller-identity.rst +++ b/awscli/examples/sts/get-caller-identity.rst @@ -1,13 +1,13 @@ -**To get details about the current IAM identity** - -The following ``get-caller-identity`` example displays information about the IAM identity used to authenticate the request. The caller is an IAM user. :: - - aws sts get-caller-identity - -Output:: - - { - "UserId": "AIDASAMPLEUSERID", - "Account": "123456789012", - "Arn": "arn:aws:iam::123456789012:user/DevAdmin" - } +**To get details about the current IAM identity** + +The following ``get-caller-identity`` command displays information about the IAM identity used to authenticate the request. The caller is an IAM user. :: + + aws sts get-caller-identity + +Output:: + + { + "UserId": "AIDASAMPLEUSERID", + "Account": "123456789012", + "Arn": "arn:aws:iam::123456789012:user/DevAdmin" + } diff --git a/awscli/examples/sts/get-federation-token.rst b/awscli/examples/sts/get-federation-token.rst new file mode 100644 index 000000000000..40818ec40dad --- /dev/null +++ b/awscli/examples/sts/get-federation-token.rst @@ -0,0 +1,59 @@ +**To return a set of temporary security credentials using IAM user access key credentials** + +The following ``get-federation-token`` example returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a user. You must call the ``GetFederationToken`` operation using the long-term security credentials of an IAM user. :: + + aws sts get-federation-token \ + --name Bob \ + --policy file://myfile.json \ + --policy-arns arn=arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess \ + --duration-seconds 900 + +Contents of ``myfile.json``:: + + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Action": "ec2:Describe*", + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": "elasticloadbalancing:Describe*", + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": [ + "cloudwatch:ListMetrics", + "cloudwatch:GetMetricStatistics", + "cloudwatch:Describe*" + ], + "Resource": "*" + }, + { + "Effect": "Allow", + "Action": "autoscaling:Describe*", + "Resource": "*" + } + ] + } + +Output:: + + { + "Credentials": { + "AccessKeyId": "ASIAIOSFODNN7EXAMPLE", + "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", + "SessionToken": "EXAMPLEpZ2luX2VjEGoaCXVzLXdlc3QtMiJIMEYCIQC/W9pL5ArQyDD5JwFL3/h5+WGopQ24GEXweNctwhi9sgIhAMkg+MZE35iWM8s4r5Lr25f9rSTVPFH98G42QQunWMTfKq0DCOP//////////wEQAxoMNDUyOTI1MTcwNTA3Igxuy3AOpuuoLsk3MJwqgQPg8QOd9HuoClUxq26wnc/nm+eZLjHDyGf2KUAHK2DuaS/nrGSEXAMPLE", + "Expiration": "2023-12-20T02:06:07+00:00" + }, + "FederatedUser": { + "FederatedUserId": "111122223333:Bob", + "Arn": "arn:aws:sts::111122223333:federated-user/Bob" + }, + "PackedPolicySize": 36 + } + +For more information, see `Requesting Temporary Security Credentials `__ in the *AWS IAM User Guide*. diff --git a/awscli/examples/sts/get-session-token.rst b/awscli/examples/sts/get-session-token.rst index 61946eda1705..fab51149246b 100644 --- a/awscli/examples/sts/get-session-token.rst +++ b/awscli/examples/sts/get-session-token.rst @@ -1,21 +1,21 @@ -**To get a set of short term credentials for an IAM identity** - -The following ``get-session-token`` example retrieves a set of short-term credentials for the IAM identity making the call. The resulting credentials can be used for requests where multi-factor authentication (MFA) is required by policy. The credentials expire 15 minutes after they are generated. :: - - aws sts get-session-token \ - --duration-seconds 900 \ - --serial-number "YourMFADeviceSerialNumber" \ - --token-code 123456 - -Output:: - - { - "Credentials": { - "AccessKeyId": "ASIAIOSFODNN7EXAMPLE", - "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY", - "SessionToken": "AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5TthT+FvwqnKwRcOIfrRh3c/LTo6UDdyJwOOvEVPvLXCrrrUtdnniCEXAMPLE/IvU1dYUg2RVAJBanLiHb4IgRmpRV3zrkuWJOgQs8IZZaIv2BXIa2R4OlgkBN9bkUDNCJiBeb/AXlzBBko7b15fjrBs2+cTQtpZ3CYWFXG8C5zqx37wnOE49mRl/+OtkIKGO7fAE", - "Expiration": "2020-05-19T18:06:10+00:00" - } - } - -For more information, see `Requesting Temporary Security Credentials `__ in the *IAM User Guide*. \ No newline at end of file +**To get a set of short term credentials for an IAM identity** + +The following ``get-session-token`` command retrieves a set of short-term credentials for the IAM identity making the call. The resulting credentials can be used for requests where multi-factor authentication (MFA) is required by policy. The credentials expire 15 minutes after they are generated. :: + + aws sts get-session-token \ + --duration-seconds 900 \ + --serial-number "YourMFADeviceSerialNumber" \ + --token-code 123456 + +Output:: + + { + "Credentials": { + "AccessKeyId": "ASIAIOSFODNN7EXAMPLE", + "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY", + "SessionToken": "AQoEXAMPLEH4aoAH0gNCAPyJxz4BlCFFxWNE1OPTgk5TthT+FvwqnKwRcOIfrRh3c/LTo6UDdyJwOOvEVPvLXCrrrUtdnniCEXAMPLE/IvU1dYUg2RVAJBanLiHb4IgRmpRV3zrkuWJOgQs8IZZaIv2BXIa2R4OlgkBN9bkUDNCJiBeb/AXlzBBko7b15fjrBs2+cTQtpZ3CYWFXG8C5zqx37wnOE49mRl/+OtkIKGO7fAE", + "Expiration": "2020-05-19T18:06:10+00:00" + } + } + +For more information, see `Requesting Temporary Security Credentials `__ in the *AWS IAM User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/associate-resource.rst b/awscli/examples/synthetics/associate-resource.rst new file mode 100644 index 000000000000..3c774b8f4f12 --- /dev/null +++ b/awscli/examples/synthetics/associate-resource.rst @@ -0,0 +1,11 @@ +**To associate a canary with a group** + +The following ``associate-resource`` example associates a canary with a group named ``demo_group``. :: + + aws synthetics associate-resource \ + --group-identifier demo_group \ + --resource-arn arn:aws:synthetics:us-east-1:123456789012:canary:demo_canary + +This command produces no output. + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/create-canary.rst b/awscli/examples/synthetics/create-canary.rst new file mode 100644 index 000000000000..d48ba66002f4 --- /dev/null +++ b/awscli/examples/synthetics/create-canary.rst @@ -0,0 +1,48 @@ +**To create a canary** + +The following ``create-canary`` example creates a canary named ``demo_canary``. :: + + aws synthetics create-canary \ + --name demo_canary \ + --code '{"S3Bucket": "artifacts3bucket", "S3Key":"demo_canary.zip", "Handler": "index.lambda_handler"}' \ + --artifact-s3-location s3://amzn-s3-demo-bucket/demo_canary.zip \ + --execution-role-arn arn:aws:iam::123456789012:role/demo_canary_role \ + --schedule Expression="rate(10 minutes)" \ + --runtime-version syn-nodejs-puppeteer-9.1 + +Output:: + + { + "Canary": { + "Id": "a1b2c3d4-5678-90ab-cdef-example11111", + "Name": "demo_canary", + "Code": { + "Handler": "index.lambda_handler" + }, + "ExecutionRoleArn": "arn:aws:iam::123456789012:role/demo_canary_role", + "Schedule": { + "Expression": "rate(10 minutes)", + "DurationInSeconds": 0 + }, + "RunConfig": { + "TimeoutInSeconds": 600, + "MemoryInMB": 1000, + "ActiveTracing": false + }, + "SuccessRetentionPeriodInDays": 31, + "FailureRetentionPeriodInDays": 31, + "Status": { + "State": "CREATING", + "StateReasonCode": "CREATE_PENDING" + }, + "Timeline": { + "Created": "2024-10-15T19:03:08.826000+05:30", + "LastModified": "2024-10-15T19:03:08.826000+05:30" + }, + "ArtifactS3Location": "amzn-s3-demo-bucket/demo_canary.zip", + "RuntimeVersion": "syn-nodejs-puppeteer-9.1", + "Tags": {} + } + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/create-group.rst b/awscli/examples/synthetics/create-group.rst new file mode 100644 index 000000000000..781b0f9ed359 --- /dev/null +++ b/awscli/examples/synthetics/create-group.rst @@ -0,0 +1,21 @@ +**To create a group** + +The following ``create-group`` example creates a group named ``demo_group``. :: + + aws synthetics create-group \ + --name demo_group + +Output:: + + { + "Group": { + "Id": "example123", + "Name": "demo_group", + "Arn": "arn:aws:synthetics:us-east-1:123456789012:group:example123", + "Tags": {}, + "CreatedTime": "2024-10-15T14:47:23.811000+05:30", + "LastModifiedTime": "2024-10-15T14:47:23.811000+05:30" + } + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/delete-canary.rst b/awscli/examples/synthetics/delete-canary.rst new file mode 100644 index 000000000000..a84d626ba1ef --- /dev/null +++ b/awscli/examples/synthetics/delete-canary.rst @@ -0,0 +1,10 @@ +**To permanently delete a canary** + +The following ``delete-canary`` example deletes a canary named ``demo_canary``. :: + + aws synthetics delete-canary \ + --name demo_canary + +This command produces no output. + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/delete-group.rst b/awscli/examples/synthetics/delete-group.rst new file mode 100644 index 000000000000..41b5b6628e0b --- /dev/null +++ b/awscli/examples/synthetics/delete-group.rst @@ -0,0 +1,10 @@ +**To delete a group** + +The following ``delete-group`` example deletes a group named ``demo_group``. :: + + aws synthetics delete-group \ + --group-identifier demo_group + +This command produces no output. + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/describe-canaries-last-run.rst b/awscli/examples/synthetics/describe-canaries-last-run.rst new file mode 100644 index 000000000000..74fbb8ab573d --- /dev/null +++ b/awscli/examples/synthetics/describe-canaries-last-run.rst @@ -0,0 +1,31 @@ +**To see information from the most recent run of each canary** + +The following ``describe-canaries-last-run`` example returns the most recent run of each canary that you have created. :: + + aws synthetics describe-canaries-last-run + +Output:: + + { + "CanariesLastRun": [ + { + "CanaryName": "demo_canary", + "LastRun": { + "Id": "a1b2c3d4-5678-90ab-cdef-example11111", + "Name": "demo_canary", + "Status": { + "State": "PASSED", + "StateReason": "", + "StateReasonCode": "" + }, + "Timeline": { + "Started": "2024-10-15T19:20:39.691000+05:30", + "Completed": "2024-10-15T19:20:58.211000+05:30" + }, + "ArtifactS3Location": "cw-syn-results-123456789012-us-east-1/canary/us-east-1/demo_canary-abc-example1234/2024/10/15/13/50-39-690" + } + } + ] + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/describe-canaries.rst b/awscli/examples/synthetics/describe-canaries.rst new file mode 100644 index 000000000000..319e48d4409c --- /dev/null +++ b/awscli/examples/synthetics/describe-canaries.rst @@ -0,0 +1,48 @@ +**To list canaries in your account** + +The following ``describe-canaries`` example lists the details of canaries in your account. :: + + aws synthetics describe-canaries + +Output:: + + { + "Canaries": [ + { + "Id": "a1b2c3d4-5678-90ab-cdef-example11111", + "Name": "demo_canary", + "Code": { + "SourceLocationArn": "arn:aws:lambda:us-east-1:123456789012:layer:cwsyn-demo_canary-a1b2c3d4-5678-90ab-cdef-example11111b8:1", + "Handler": "pageLoadBlueprint.handler" + }, + "ExecutionRoleArn": "arn:aws:iam::123456789012:role/service-role/CloudWatchSyntheticsRole-demo_canary-a12-a123bc456789", + "Schedule": { + "Expression": "rate(5 minutes)", + "DurationInSeconds": 0 + }, + "RunConfig": { + "TimeoutInSeconds": 300, + "MemoryInMB": 1000, + "ActiveTracing": false + }, + "SuccessRetentionPeriodInDays": 31, + "FailureRetentionPeriodInDays": 31, + "Status": { + "State": "RUNNING" + }, + "Timeline": { + "Created": "2024-10-15T18:55:15.168000+05:30", + "LastModified": "2024-10-15T18:55:40.540000+05:30", + "LastStarted": "2024-10-15T18:55:40.540000+05:30" + }, + "ArtifactS3Location": "cw-syn-results-123456789012-us-east-1/canary/us-east-1/demo_canary-a12-a123bc456789", + "EngineArn": "arn:aws:lambda:us-east-1:123456789012:function:cwsyn-demo_canary-a1b2c3d4-5678-90ab-cdef-example111118:1", + "RuntimeVersion": "syn-nodejs-puppeteer-9.1", + "Tags": { + "blueprint": "heartbeat" + } + } + ] + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/describe-runtime-versions.rst b/awscli/examples/synthetics/describe-runtime-versions.rst new file mode 100644 index 000000000000..7ba3841d4002 --- /dev/null +++ b/awscli/examples/synthetics/describe-runtime-versions.rst @@ -0,0 +1,74 @@ +**To return a list of synthetics canary runtime versions** + +The following ``describe-runtime-versions`` example returns the list of synthetics canary runtime versions. :: + + aws synthetics describe-runtime-versions + +Output:: + + { + "RuntimeVersions": [ + { + "VersionName": "syn-nodejs-puppeteer-9.1", + "Description": "Security fixes and bug fix for date range error in har. Dependencies: Node JS 20.x, Puppeteer-core 22.12.1, Chromium 126.0.6478.126", + "ReleaseDate": "2024-10-02T05:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-9.0", + "Description": "Upgraded Chromium and Puppeteer. Dependencies: Node JS 20.x, Puppeteer-core 22.12.1, Chromium 126.0.6478.126", + "ReleaseDate": "2024-07-22T05:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-8.0", + "Description": "Upgraded Chromium and Puppeteer. Dependencies: Node JS 20.x, Puppeteer-core 22.10.0, Chromium 125.0.6422.112", + "ReleaseDate": "2024-06-21T05:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-7.0", + "Description": "Upgraded Chromium and Puppeteer. Dependencies: Node JS 18.x, Puppeteer-core 21.9.0, Chromium 121.0.6167.139", + "ReleaseDate": "2024-03-08T05:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-6.2", + "Description": "Updated shared libraries for Chromium and added ephemeral storage monitoring. Dependencies: Node JS 18.x, Puppeteer-core 19.7.0, Chromium 111.0.5563.146", + "ReleaseDate": "2024-02-02T05:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-6.1", + "Description": "Added puppeteer launch retry. Dependencies: Node JS 18.x, Puppeteer-core 19.7.0, Chromium 111.0.5563.146", + "ReleaseDate": "2023-11-13T05:30:00+05:30", + "DeprecationDate": "2024-03-08T13:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-6.0", + "Description": "Reduced X-Ray traces of a canary run, improved duration metric and upgraded to NodeJS 18.x. Dependencies: Node JS 18.x, Puppeteer-core 19.7.0, Chromium 111.0.5563.146", + "ReleaseDate": "2023-09-15T05:30:00+05:30", + "DeprecationDate": "2024-03-08T13:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-5.2", + "Description": "Updated shared libraries for Chromium. Dependencies: Node JS 16.x, Puppeteer-core 19.7.0, Chromium 111.0.5563.146", + "ReleaseDate": "2024-02-01T05:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-5.1", + "Description": "Fixes a bug about missing request headers in har. Dependencies: Node JS 16.x, Puppeteer-core 19.7.0, Chromium 111.0.5563.146", + "ReleaseDate": "2023-08-09T05:30:00+05:30", + "DeprecationDate": "2024-03-08T13:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-5.0", + "Description": "Upgraded Puppeteer and Chromium. Dependencies: Node JS 16.x, Puppeteer-core 19.7.0, Chromium 111.0.5563.146", + "ReleaseDate": "2023-07-21T05:30:00+05:30", + "DeprecationDate": "2024-03-08T13:30:00+05:30" + }, + { + "VersionName": "syn-nodejs-puppeteer-4.0", + "Description": "Upgraded to NodeJS 16.x. Dependencies: Node JS 16.x, Puppeteer-core 5.5.0, Chromium 92.0.4512.0", + "ReleaseDate": "2023-05-01T05:30:00+05:30", + "DeprecationDate": "2024-03-08T13:30:00+05:30" + } + ] + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/disassociate-resource.rst b/awscli/examples/synthetics/disassociate-resource.rst new file mode 100644 index 000000000000..fe0856c16f60 --- /dev/null +++ b/awscli/examples/synthetics/disassociate-resource.rst @@ -0,0 +1,11 @@ +**To remove a canary from a group** + +The following ``disassociate-resource`` example removes a canary from the group named ``demo_group``. :: + + aws synthetics disassociate-resource \ + --group-identifier demo_group \ + --resource-arn arn:aws:synthetics:us-east-1:123456789012:canary:demo_canary + +This command produces no output. + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/get-canary-runs.rst b/awscli/examples/synthetics/get-canary-runs.rst new file mode 100644 index 000000000000..c329684a9933 --- /dev/null +++ b/awscli/examples/synthetics/get-canary-runs.rst @@ -0,0 +1,29 @@ +**To retrieve a list of runs for a specified canary** + +The following ``get-canary-runs`` example retrieves a list of runs for the canary named ``demo_canary``. :: + + aws synthetics get-canary-runs \ + --name demo_canary + +Output:: + + { + "CanaryRuns": [ + { + "Id": "a1b2c3d4-5678-90ab-cdef-example11111", + "Name": "demo_canary", + "Status": { + "State": "PASSED", + "StateReason": "", + "StateReasonCode": "" + }, + "Timeline": { + "Started": "2024-10-16T10:38:57.013000+05:30", + "Completed": "2024-10-16T10:39:25.793000+05:30" + }, + "ArtifactS3Location": "cw-syn-results-123456789012-us-east-1/canary/us-east-1/demo_canary-abc-example1234/2024/10/15/13/50-39-690" + } + ] + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/get-canary.rst b/awscli/examples/synthetics/get-canary.rst new file mode 100644 index 000000000000..4812dae10dcf --- /dev/null +++ b/awscli/examples/synthetics/get-canary.rst @@ -0,0 +1,47 @@ +**To retrieve complete information about one canary** + +The following ``get-canary`` example retrieves complete information about the canary named ``demo_canary``. :: + + aws synthetics get-canary \ + --name demo_canary + +Output:: + + { + "Canary": { + "Id": "a1b2c3d4-5678-90ab-cdef-example11111", + "Name": "demo_canary", + "Code": { + "SourceLocationArn": "arn:aws:lambda:us-east-1:123456789012:layer:cwsyn-demo_canary-a1b2c3d4-5678-90ab-cdef-example111118:1", + "Handler": "pageLoadBlueprint.handler" + }, + "ExecutionRoleArn": "arn:aws:iam::123456789012:role/demo_canary_role", + "Schedule": { + "Expression": "rate(10 minutes)", + "DurationInSeconds": 0 + }, + "RunConfig": { + "TimeoutInSeconds": 300, + "MemoryInMB": 1000, + "ActiveTracing": false + }, + "SuccessRetentionPeriodInDays": 31, + "FailureRetentionPeriodInDays": 31, + "Status": { + "State": "RUNNING" + }, + "Timeline": { + "Created": "2024-10-15T18:55:15.168000+05:30", + "LastModified": "2024-10-15T18:55:40.540000+05:30", + "LastStarted": "2024-10-15T18:55:40.540000+05:30" + }, + "ArtifactS3Location": "cw-syn-results-123456789012-us-east-1/canary/us-east-1/demo_canary-a12-a123bc456789", + "EngineArn": "arn:aws:lambda:us-east-1:123456789012:function:cwsyn-demo_canary-a1b2c3d4-5678-90ab-cdef-example111118:1", + "RuntimeVersion": "syn-nodejs-puppeteer-9.1", + "Tags": { + "blueprint": "heartbeat" + } + } + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/get-group.rst b/awscli/examples/synthetics/get-group.rst new file mode 100644 index 000000000000..3db2e092451b --- /dev/null +++ b/awscli/examples/synthetics/get-group.rst @@ -0,0 +1,21 @@ +**To return information about one group** + +The following ``get-group`` example returns information about the group named ``demo_group``. :: + + aws synthetics get-group \ + --group-identifier demo_group + +Output:: + + { + "Group": { + "Id": "example123", + "Name": "demo_group", + "Arn": "arn:aws:synthetics:us-east-1:123456789012:group:example123", + "Tags": {}, + "CreatedTime": "2024-10-15T14:47:23.811000+05:30", + "LastModifiedTime": "2024-10-15T14:47:23.811000+05:30" + } + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/list-associated-groups.rst b/awscli/examples/synthetics/list-associated-groups.rst new file mode 100644 index 000000000000..bdb618539103 --- /dev/null +++ b/awscli/examples/synthetics/list-associated-groups.rst @@ -0,0 +1,20 @@ +**To return a list of the groups** + +The following ``list-associated-groups`` example returns a list of the groups associated with the canary named ``demo_canary``. :: + + aws synthetics list-associated-groups \ + --resource-arn arn:aws:synthetics:us-east-1:123456789012:canary:demo_canary + +Output:: + + { + "Groups": [ + { + "Id": "example123", + "Name": "demo_group", + "Arn": "arn:aws:synthetics:us-east-1:123456789012:group:example123" + } + ] + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/list-group-resources.rst b/awscli/examples/synthetics/list-group-resources.rst new file mode 100644 index 000000000000..1d74dfa97a41 --- /dev/null +++ b/awscli/examples/synthetics/list-group-resources.rst @@ -0,0 +1,16 @@ +**To return a list of the ARNs of the canaries that are associated with the specified group** + +The following ``list-group-resources`` example returns a list of the ARNs of the canaries that are associated with the group named ``demo_group``. :: + + aws synthetics list-group-resources \ + --group-identifier demo_group + +Output:: + + { + "Resources": [ + "arn:aws:synthetics:us-east-1:123456789012:canary:demo_canary" + ] + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/list-groups.rst b/awscli/examples/synthetics/list-groups.rst new file mode 100644 index 000000000000..88cb068874de --- /dev/null +++ b/awscli/examples/synthetics/list-groups.rst @@ -0,0 +1,19 @@ +**To return a list of all groups in the account** + +The following ``list-groups`` example returns a list of all groups in the account. :: + + aws synthetics list-groups + +Output:: + + { + "Groups": [ + { + "Id": "example123", + "Name": "demo_group", + "Arn": "arn:aws:synthetics:us-east-1:123456789012:group:example123" + } + ] + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/list-tags-for-resource.rst b/awscli/examples/synthetics/list-tags-for-resource.rst new file mode 100644 index 000000000000..fbf7529e5fa6 --- /dev/null +++ b/awscli/examples/synthetics/list-tags-for-resource.rst @@ -0,0 +1,31 @@ +**Example 1: To display the tags associated with a canary** + +The following ``list-tags-for-resource`` example returns the tags associated with a canary named ``demo_canary``. :: + + aws synthetics list-tags-for-resource \ + --resource-arn arn:aws:synthetics:us-east-1:123456789012:canary:demo_canary + +Output:: + + { + "Tags": { + "blueprint": "heartbeat" + } + } + +**Example 2: To display the tags associated with a group** + +The following ``list-tags-for-resource`` example returns the tags associated with a group named ``demo_group``. :: + + aws synthetics list-tags-for-resource \ + --resource-arn arn:aws:synthetics:us-east-1:123456789012:group:example123 + +Output:: + + { + "Tags": { + "team": "Devops" + } + } + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/start-canary.rst b/awscli/examples/synthetics/start-canary.rst new file mode 100644 index 000000000000..87802f04ce9a --- /dev/null +++ b/awscli/examples/synthetics/start-canary.rst @@ -0,0 +1,10 @@ +**To run a canary** + +The following ``start-canary`` example runs a canary named ``demo_canary``. :: + + aws synthetics start-canary \ + --name demo_canary + +This command produces no output. + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/stop-canary.rst b/awscli/examples/synthetics/stop-canary.rst new file mode 100644 index 000000000000..24b69b51c185 --- /dev/null +++ b/awscli/examples/synthetics/stop-canary.rst @@ -0,0 +1,10 @@ +**To stop a canary** + +The following ``stop-canary`` example stops the canary named ``demo_canary``. :: + + aws synthetics stop-canary \ + --name demo_canary + +This command produces no output. + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/tag-resource.rst b/awscli/examples/synthetics/tag-resource.rst new file mode 100644 index 000000000000..aa82e0718bd1 --- /dev/null +++ b/awscli/examples/synthetics/tag-resource.rst @@ -0,0 +1,21 @@ +**Example 1: To assign a tag to the canary** + +The following ``tag-resource`` example assigns a tag to the canary named ``demo_canary``. :: + + aws synthetics tag-resource \ + --resource-arn arn:aws:synthetics:us-east-1:123456789012:canary:demo_canary \ + --tags blueprint=heartbeat + +This command produces no output. + +**Example 2: To assign a tag to the group** + +The following ``tag-resource`` example assigns a tag to the group named ``demo_group``. :: + + aws synthetics tag-resource \ + --resource-arn arn:aws:synthetics:us-east-1:123456789012:group:example123 \ + --tags team=Devops + +This command produces no output. + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/untag-resource.rst b/awscli/examples/synthetics/untag-resource.rst new file mode 100644 index 000000000000..bc747619ee3b --- /dev/null +++ b/awscli/examples/synthetics/untag-resource.rst @@ -0,0 +1,21 @@ +**Example 1: To remove a tag from the canary** + +The following ``untag-resource`` example removes a tag from the canary named ``demo_canary``. :: + + aws synthetics untag-resource \ + --resource-arn arn:aws:synthetics:us-east-1:123456789012:canary:demo_canary \ + --tag-keys blueprint + +This command produces no output. + +**Example 2: To remove a tag from the group** + +The following ``untag-resource`` example assigns a removes a tag from the group named ``demo_group``. :: + + aws synthetics untag-resource \ + --resource-arn arn:aws:synthetics:us-east-1:123456789012:group:example123 \ + --tag-keys team + +This command produces no output. + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/synthetics/update-canary.rst b/awscli/examples/synthetics/update-canary.rst new file mode 100644 index 000000000000..2949c35ce0de --- /dev/null +++ b/awscli/examples/synthetics/update-canary.rst @@ -0,0 +1,11 @@ +**To update a canary** + +The following ``update-canary`` example updates the configuration of a canary named ``demo_canary``. :: + + aws synthetics update-canary \ + --name demo_canary \ + --schedule Expression="rate(15 minutes)" + +This command produces no output. + +For more information, see `Synthetic monitoring (canaries) `__ in the *Amazon CloudWatch User Guide*. \ No newline at end of file diff --git a/awscli/examples/transcribe/create-language-model.rst b/awscli/examples/transcribe/create-language-model.rst index a9aadfb8476b..aeaab9088779 100644 --- a/awscli/examples/transcribe/create-language-model.rst +++ b/awscli/examples/transcribe/create-language-model.rst @@ -6,7 +6,7 @@ The following ``create-language-model`` example creates a custom language model. --language-code language-code \ --base-model-name base-model-name \ --model-name cli-clm-example \ - --input-data-config S3Uri="s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix-for-training-data",TuningDataS3Uri="s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix-for-tuning-data",DataAccessRoleArn="arn:aws:iam::AWS-account-number:role/IAM-role-with-permissions-to-create-a-custom-language-model" + --input-data-config S3Uri="s3://amzn-s3-demo-bucket/Amazon-S3-Prefix-for-training-data",TuningDataS3Uri="s3://amzn-s3-demo-bucket/Amazon-S3-Prefix-for-tuning-data",DataAccessRoleArn="arn:aws:iam::AWS-account-number:role/IAM-role-with-permissions-to-create-a-custom-language-model" Output:: @@ -15,8 +15,8 @@ Output:: "BaseModelName": "base-model-name", "ModelName": "cli-clm-example", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix/", - "TuningDataS3Uri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix/", + "S3Uri": "s3://amzn-s3-demo-bucket/Amazon-S3-Prefix/", + "TuningDataS3Uri": "s3://amzn-s3-demo-bucket/Amazon-S3-Prefix/", "DataAccessRoleArn": "arn:aws:iam::AWS-account-number:role/IAM-role-with-permissions-create-a-custom-language-model" }, "ModelStatus": "IN_PROGRESS" @@ -32,7 +32,7 @@ The following ``create-language-model`` example transcribes your audio file. You --language-code en-US \ --base-model-name base-model-name \ --model-name cli-clm-example \ - --input-data-config S3Uri="s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix-For-Training-Data",DataAccessRoleArn="arn:aws:iam::AWS-account-number:role/IAM-role-with-permissions-to-create-a-custom-language-model" + --input-data-config S3Uri="s3://amzn-s3-demo-bucket/Amazon-S3-Prefix-For-Training-Data",DataAccessRoleArn="arn:aws:iam::AWS-account-number:role/IAM-role-with-permissions-to-create-a-custom-language-model" Output:: @@ -41,7 +41,7 @@ Output:: "BaseModelName": "base-model-name", "ModelName": "cli-clm-example", "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix-For-Training-Data/", + "S3Uri": "s3://amzn-s3-demo-bucket/Amazon-S3-Prefix-For-Training-Data/", "DataAccessRoleArn": "arn:aws:iam::your-AWS-account-number:role/IAM-role-with-permissions-to-create-a-custom-language-model" }, "ModelStatus": "IN_PROGRESS" diff --git a/awscli/examples/transcribe/create-medical-vocabulary.rst b/awscli/examples/transcribe/create-medical-vocabulary.rst index c28f177872f0..038511a4124d 100644 --- a/awscli/examples/transcribe/create-medical-vocabulary.rst +++ b/awscli/examples/transcribe/create-medical-vocabulary.rst @@ -5,7 +5,7 @@ The following ``create-medical-vocabulary`` example creates a custom vocabulary. aws transcribe create-medical-vocabulary \ --vocabulary-name cli-medical-vocab-example \ --language-code language-code \ - --vocabulary-file-uri https://DOC-EXAMPLE-BUCKET.AWS-Region.amazonaws.com/the-text-file-for-the-medical-custom-vocabulary.txt + --vocabulary-file-uri https://amzn-s3-demo-bucket.AWS-Region.amazonaws.com/the-text-file-for-the-medical-custom-vocabulary.txt Output:: diff --git a/awscli/examples/transcribe/create-vocabulary-filter.rst b/awscli/examples/transcribe/create-vocabulary-filter.rst index 50ab423ce191..011a8a1677c5 100644 --- a/awscli/examples/transcribe/create-vocabulary-filter.rst +++ b/awscli/examples/transcribe/create-vocabulary-filter.rst @@ -4,7 +4,7 @@ The following ``create-vocabulary-filter`` example creates a vocabulary filter t aws transcribe create-vocabulary-filter \ --language-code language-code \ - --vocabulary-filter-file-uri s3://DOC-EXAMPLE-BUCKET/vocabulary-filter.txt \ + --vocabulary-filter-file-uri s3://amzn-s3-demo-bucket/vocabulary-filter.txt \ --vocabulary-filter-name cli-vocabulary-filter-example Output:: diff --git a/awscli/examples/transcribe/create-vocabulary.rst b/awscli/examples/transcribe/create-vocabulary.rst index de3d2f8efe29..cd0417f00185 100644 --- a/awscli/examples/transcribe/create-vocabulary.rst +++ b/awscli/examples/transcribe/create-vocabulary.rst @@ -5,7 +5,7 @@ The following ``create-vocabulary`` example creates a custom vocabulary. To crea aws transcribe create-vocabulary \ --language-code language-code \ --vocabulary-name cli-vocab-example \ - --vocabulary-file-uri s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/the-text-file-for-the-custom-vocabulary.txt + --vocabulary-file-uri s3://amzn-s3-demo-bucket/Amazon-S3-prefix/the-text-file-for-the-custom-vocabulary.txt Output:: diff --git a/awscli/examples/transcribe/describe-language-model.rst b/awscli/examples/transcribe/describe-language-model.rst index 17c5a2cfbf2a..2044355c40f3 100644 --- a/awscli/examples/transcribe/describe-language-model.rst +++ b/awscli/examples/transcribe/describe-language-model.rst @@ -17,8 +17,8 @@ Output:: "ModelStatus": "IN_PROGRESS", "UpgradeAvailability": false, "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix/", - "TuningDataS3Uri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix/", + "S3Uri": "s3://amzn-s3-demo-bucket/Amazon-S3-Prefix/", + "TuningDataS3Uri": "s3://amzn-s3-demo-bucket/Amazon-S3-Prefix/", "DataAccessRoleArn": "arn:aws:iam::AWS-account-number:role/IAM-role-with-permissions-to-create-a-custom-language-model" } } diff --git a/awscli/examples/transcribe/get-transcription-job.rst b/awscli/examples/transcribe/get-transcription-job.rst index f28aff10c2ac..19f3fa42accb 100644 --- a/awscli/examples/transcribe/get-transcription-job.rst +++ b/awscli/examples/transcribe/get-transcription-job.rst @@ -15,7 +15,7 @@ Output:: "MediaSampleRateHertz": 48000, "MediaFormat": "mp4", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.file-extension" }, "Transcript": { "TranscriptFileUri": "https://Amazon-S3-file-location-of-transcription-output" diff --git a/awscli/examples/transcribe/list-language-models.rst b/awscli/examples/transcribe/list-language-models.rst index 421a4b8c1e66..915f00008f4e 100644 --- a/awscli/examples/transcribe/list-language-models.rst +++ b/awscli/examples/transcribe/list-language-models.rst @@ -17,8 +17,8 @@ Output:: "ModelStatus": "IN_PROGRESS", "UpgradeAvailability": false, "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/clm-training-data/", - "TuningDataS3Uri": "s3://DOC-EXAMPLE-BUCKET/clm-tuning-data/", + "S3Uri": "s3://amzn-s3-demo-bucket/clm-training-data/", + "TuningDataS3Uri": "s3://amzn-s3-demo-bucket/clm-tuning-data/", "DataAccessRoleArn": "arn:aws:iam::AWS-account-number:role/IAM-role-used-to-create-the-custom-language-model" } }, @@ -31,7 +31,7 @@ Output:: "ModelStatus": "IN_PROGRESS", "UpgradeAvailability": false, "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/clm-training-data/", + "S3Uri": "s3://amzn-s3-demo-bucket/clm-training-data/", "DataAccessRoleArn": "arn:aws:iam::AWS-account-number:role/IAM-role-used-to-create-the-custom-language-model" } }, @@ -44,7 +44,7 @@ Output:: "ModelStatus": "COMPLETED", "UpgradeAvailability": false, "InputDataConfig": { - "S3Uri": "s3://DOC-EXAMPLE-BUCKET/clm-training-data/", + "S3Uri": "s3://amzn-s3-demo-bucket/clm-training-data/", "DataAccessRoleArn": "arn:aws:iam::AWS-account-number:role/IAM-role-used-to-create-the-custom-language-model" } } diff --git a/awscli/examples/transcribe/start-medical-transcription-job.rst b/awscli/examples/transcribe/start-medical-transcription-job.rst index d387bcea33d0..3c339af797d4 100644 --- a/awscli/examples/transcribe/start-medical-transcription-job.rst +++ b/awscli/examples/transcribe/start-medical-transcription-job.rst @@ -12,9 +12,9 @@ Contents of ``myfile.json``:: "LanguageCode": "language-code", "Specialty": "PRIMARYCARE", "Type": "DICTATION", - "OutputBucketName":"DOC-EXAMPLE-BUCKET", + "OutputBucketName":"amzn-s3-demo-bucket", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" } } @@ -26,7 +26,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "language-code", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "StartTime": "2020-09-20T00:35:22.256000+00:00", "CreationTime": "2020-09-20T00:35:22.218000+00:00", @@ -51,9 +51,9 @@ Contents of ``mysecondfile.json``:: "LanguageCode": "language-code", "Specialty": "PRIMARYCARE", "Type": "CONVERSATION", - "OutputBucketName":"DOC-EXAMPLE-BUCKET", + "OutputBucketName":"amzn-s3-demo-bucket", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" } } @@ -65,7 +65,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "language-code", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "StartTime": "2020-09-20T23:19:49.965000+00:00", "CreationTime": "2020-09-20T23:19:49.941000+00:00", @@ -90,9 +90,9 @@ Contents of ``mythirdfile.json``:: "LanguageCode": "language-code", "Specialty": "PRIMARYCARE", "Type": "CONVERSATION", - "OutputBucketName":"DOC-EXAMPLE-BUCKET", + "OutputBucketName":"amzn-s3-demo-bucket", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "Settings":{ "ChannelIdentification": true @@ -107,7 +107,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "language-code", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "StartTime": "2020-09-20T23:46:44.081000+00:00", "CreationTime": "2020-09-20T23:46:44.053000+00:00", @@ -135,9 +135,9 @@ Contents of ``myfourthfile.json``:: "LanguageCode": "language-code", "Specialty": "PRIMARYCARE", "Type": "CONVERSATION", - "OutputBucketName":"DOC-EXAMPLE-BUCKET", + "OutputBucketName":"amzn-s3-demo-bucket", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "Settings":{ "ShowSpeakerLabels": true, @@ -153,7 +153,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "language-code", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "StartTime": "2020-09-21T18:43:37.265000+00:00", "CreationTime": "2020-09-21T18:43:37.157000+00:00", @@ -182,9 +182,9 @@ Contents of ``myfifthfile.json``:: "LanguageCode": "language-code", "Specialty": "PRIMARYCARE", "Type": "CONVERSATION", - "OutputBucketName":"DOC-EXAMPLE-BUCKET", + "OutputBucketName":"amzn-s3-demo-bucket", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "Settings":{ "ShowAlternatives": true, @@ -200,7 +200,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "language-code", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "StartTime": "2020-09-21T19:09:18.199000+00:00", "CreationTime": "2020-09-21T19:09:18.171000+00:00", @@ -229,9 +229,9 @@ Contents of ``mysixthfile.json``:: "LanguageCode": "language-code", "Specialty": "PRIMARYCARE", "Type": "DICTATION", - "OutputBucketName":"DOC-EXAMPLE-BUCKET", + "OutputBucketName":"amzn-s3-demo-bucket", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "Settings":{ "ShowAlternatives": true, @@ -247,7 +247,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "language-code", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "StartTime": "2020-09-21T21:01:14.592000+00:00", "CreationTime": "2020-09-21T21:01:14.569000+00:00", @@ -276,9 +276,9 @@ Contents of ``mysixthfile.json``:: "LanguageCode": "language-code", "Specialty": "PRIMARYCARE", "Type": "DICTATION", - "OutputBucketName":"DOC-EXAMPLE-BUCKET", + "OutputBucketName":"amzn-s3-demo-bucket", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "Settings":{ "VocabularyName": "cli-medical-vocab-1" @@ -293,7 +293,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "language-code", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.extension" }, "StartTime": "2020-09-21T21:17:27.045000+00:00", "CreationTime": "2020-09-21T21:17:27.016000+00:00", diff --git a/awscli/examples/transcribe/start-transcription-job.rst b/awscli/examples/transcribe/start-transcription-job.rst index 605b9a1156ca..f141863d1d69 100644 --- a/awscli/examples/transcribe/start-transcription-job.rst +++ b/awscli/examples/transcribe/start-transcription-job.rst @@ -11,7 +11,7 @@ Contents of ``myfile.json``:: "TranscriptionJobName": "cli-simple-transcription-job", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" } } @@ -30,7 +30,7 @@ Contents of ``mysecondfile.json``:: "TranscriptionJobName": "cli-channelid-job", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "Settings":{ "ChannelIdentification":true @@ -45,7 +45,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "StartTime": "2020-09-17T16:07:56.817000+00:00", "CreationTime": "2020-09-17T16:07:56.784000+00:00", @@ -70,7 +70,7 @@ Contents of ``mythirdfile.json``:: "TranscriptionJobName": "cli-speakerid-job", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "Settings":{ "ShowSpeakerLabels": true, @@ -86,7 +86,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "StartTime": "2020-09-17T16:22:59.696000+00:00", "CreationTime": "2020-09-17T16:22:59.676000+00:00", @@ -112,7 +112,7 @@ Contents of ``myfourthfile.json``:: "TranscriptionJobName": "cli-filter-mask-job", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "Settings":{ "VocabularyFilterName": "your-vocabulary-filter", @@ -154,7 +154,7 @@ Contents of ``myfifthfile.json``:: "TranscriptionJobName": "cli-filter-remove-job", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "Settings":{ "VocabularyFilterName": "your-vocabulary-filter", @@ -170,7 +170,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "StartTime": "2020-09-18T16:36:18.568000+00:00", "CreationTime": "2020-09-18T16:36:18.547000+00:00", @@ -196,7 +196,7 @@ Contents of ``mysixthfile.json``:: "TranscriptionJobName": "cli-vocab-job", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "Settings":{ "VocabularyName": "your-vocabulary" @@ -211,7 +211,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "the-language-of-your-transcription-job", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "StartTime": "2020-09-18T16:36:18.568000+00:00", "CreationTime": "2020-09-18T16:36:18.547000+00:00", @@ -236,7 +236,7 @@ Contents of ``myseventhfile.json``:: "TranscriptionJobName": "cli-identify-language-transcription-job", "IdentifyLanguage": true, "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" } } @@ -247,7 +247,7 @@ Output:: "TranscriptionJobName": "cli-identify-language-transcription-job", "TranscriptionJobStatus": "IN_PROGRESS", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/Amazon-S3-prefix/your-media-file-name.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/Amazon-S3-prefix/your-media-file-name.file-extension" }, "StartTime": "2020-09-18T22:27:23.970000+00:00", "CreationTime": "2020-09-18T22:27:23.948000+00:00", @@ -354,7 +354,7 @@ Contents of ``mytenthfile.json``:: "TranscriptionJobName": "cli-clm-2-job-1", "LanguageCode": "language-code", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.file-extension" }, "ModelSettings": { "LanguageModelName":"cli-clm-2" @@ -369,7 +369,7 @@ Output:: "TranscriptionJobStatus": "IN_PROGRESS", "LanguageCode": "language-code", "Media": { - "MediaFileUri": "s3://DOC-EXAMPLE-BUCKET/your-audio-file.file-extension" + "MediaFileUri": "s3://amzn-s3-demo-bucket/your-audio-file.file-extension" }, "StartTime": "2020-09-28T17:56:01.835000+00:00", "CreationTime": "2020-09-28T17:56:01.801000+00:00", diff --git a/awscli/examples/transcribe/update-medical-vocabulary.rst b/awscli/examples/transcribe/update-medical-vocabulary.rst index 1082522032cb..990b3db75b5d 100644 --- a/awscli/examples/transcribe/update-medical-vocabulary.rst +++ b/awscli/examples/transcribe/update-medical-vocabulary.rst @@ -3,7 +3,7 @@ The following ``update-medical-vocabulary`` example replaces the terms used in a medical custom vocabulary with the new ones. Prerequisite: to replace the terms in a medical custom vocabulary, you need a file with new terms. :: aws transcribe update-medical-vocabulary \ - --vocabulary-file-uri s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix/medical-custom-vocabulary.txt \ + --vocabulary-file-uri s3://amzn-s3-demo-bucket/Amazon-S3-Prefix/medical-custom-vocabulary.txt \ --vocabulary-name medical-custom-vocabulary \ --language-code language diff --git a/awscli/examples/transcribe/update-vocabulary-filter.rst b/awscli/examples/transcribe/update-vocabulary-filter.rst index ae7492b99a6c..96d8d0b5311f 100644 --- a/awscli/examples/transcribe/update-vocabulary-filter.rst +++ b/awscli/examples/transcribe/update-vocabulary-filter.rst @@ -3,7 +3,7 @@ The following ``update-vocabulary-filter`` example replaces the words in a vocabulary filter with new ones. Prerequisite: To update a vocabulary filter with the new words, you must have those words saved as a text file. :: aws transcribe update-vocabulary-filter \ - --vocabulary-filter-file-uri s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix/your-text-file-to-update-your-vocabulary-filter.txt \ + --vocabulary-filter-file-uri s3://amzn-s3-demo-bucket/Amazon-S3-Prefix/your-text-file-to-update-your-vocabulary-filter.txt \ --vocabulary-filter-name vocabulary-filter-name Output:: diff --git a/awscli/examples/transcribe/update-vocabulary.rst b/awscli/examples/transcribe/update-vocabulary.rst index 69708bf8a50c..fef9560aadde 100644 --- a/awscli/examples/transcribe/update-vocabulary.rst +++ b/awscli/examples/transcribe/update-vocabulary.rst @@ -3,7 +3,7 @@ The following ``update-vocabulary`` example overwrites the terms used to create a custom vocabulary with the new ones that you provide. Prerequisite: to replace the terms in a custom vocabulary, you need a file with new terms. :: aws transcribe update-vocabulary \ - --vocabulary-file-uri s3://DOC-EXAMPLE-BUCKET/Amazon-S3-Prefix/custom-vocabulary.txt \ + --vocabulary-file-uri s3://amzn-s3-demo-bucket/Amazon-S3-Prefix/custom-vocabulary.txt \ --vocabulary-name custom-vocabulary \ --language-code language-code diff --git a/awscli/examples/trustedadvisor/get-organization-recommendation.rst b/awscli/examples/trustedadvisor/get-organization-recommendation.rst new file mode 100644 index 000000000000..63fbc29d77ce --- /dev/null +++ b/awscli/examples/trustedadvisor/get-organization-recommendation.rst @@ -0,0 +1,35 @@ +**To get an organization recommendation** + +The following ``get-organization-recommendation`` example gets an organization recommendation by its identifier. :: + + aws trustedadvisor get-organization-recommendation \ + --organization-recommendation-identifier arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5 + +Output:: + + { + "organizationRecommendation": { + "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", + "name": "Lambda Runtime Deprecation Warning", + "description": "One or more lambdas are using a deprecated runtime", + "awsServices": [ + "lambda" + ], + "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", + "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", + "lifecycleStage": "resolved", + "pillars": [ + "security" + ], + "resourcesAggregates": { + "errorCount": 0, + "okCount": 0, + "warningCount": 0 + }, + "source": "ta_check", + "status": "warning", + "type": "priority" + } + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/trustedadvisor/get-recommendation.rst b/awscli/examples/trustedadvisor/get-recommendation.rst new file mode 100644 index 000000000000..9afa3c6c7bb8 --- /dev/null +++ b/awscli/examples/trustedadvisor/get-recommendation.rst @@ -0,0 +1,41 @@ +**To get a recommendation** + +The following ``get-recommendation`` example gets a recommendation by its identifier. :: + + aws trustedadvisor get-recommendation \ + --recommendation-identifier arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578 + +Output:: + + { + "recommendation": { + "arn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", + "name": "MFA Recommendation", + "description": "Enable multi-factor authentication", + "awsServices": [ + "iam" + ], + "checkArn": "arn:aws:trustedadvisor:::check/7DAFEmoDos", + "id": "55fa4d2e-bbb7-491a-833b-5773e9589578", + "lastUpdatedAt": "2023-11-01T15:57:58.673Z", + "pillarSpecificAggregates": { + "costOptimizing": { + "estimatedMonthlySavings": 0.0, + "estimatedPercentMonthlySavings": 0.0 + } + }, + "pillars": [ + "security" + ], + "resourcesAggregates": { + "errorCount": 1, + "okCount": 0, + "warningCount": 0 + }, + "source": "ta_check", + "status": "error", + "type": "standard" + } + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/trustedadvisor/list-checks.rst b/awscli/examples/trustedadvisor/list-checks.rst new file mode 100644 index 000000000000..d7b94cd2f87d --- /dev/null +++ b/awscli/examples/trustedadvisor/list-checks.rst @@ -0,0 +1,95 @@ +**To list Trusted Advisor checks** + +The following ``list-checks`` example lists all Trusted Advisor checks. :: + + aws trustedadvisor list-checks + +Output:: + + { + "checkSummaries": [ + { + "arn": "arn:aws:trustedadvisor:::check/1iG5NDGVre", + "awsServices": [ + "EC2" + ], + "description": "Checks security groups for rules that allow unrestricted access to a resource. Unrestricted access increases opportunities for malicious activity (hacking, denial-of-service attacks, loss of data)", + "id": "1iG5NDGVre", + "metadata": { + "0": "Region", + "1": "Security Group Name", + "2": "Security Group ID", + "3": "Protocol", + "4": "Port", + "5": "Status", + "6": "IP Range" + }, + "name": "Security Groups - Unrestricted Access", + "pillars": [ + "security" + ], + "source": "ta_check" + }, + { + "arn": "arn:aws:trustedadvisor:::check/1qazXsw23e", + "awsServices": [ + "RDS" + ], + "description": "Checks your usage of RDS and provides recommendations on purchase of Reserved Instances to help reduce costs incurred from using RDS On-Demand. AWS generates these recommendations by analyzing your On-Demand usage for the past 30 days. We then simulate every combination of reservations in the generated category of usage in order to identify the best number of each type of Reserved Instance to purchase to maximize your savings. This check covers recommendations based on partial upfront payment option with 1-year or 3-year commitment. This check is not available to accounts linked in Consolidated Billing. Recommendations are only available for the Paying Account.", + "id": "1qazXsw23e", + "metadata": { + "0": "Region", + "1": "Family", + "2": "Instance Type", + "3": "License Model", + "4": "Database Edition", + "5": "Database Engine", + "6": "Deployment Option", + "7": "Recommended number of Reserved Instances to purchase", + "8": "Expected Average Reserved Instance Utilization", + "9": "Estimated Savings with Recommendation (monthly)" + "10": "Upfront Cost of Reserved Instances", + "11": "Estimated cost of Reserved Instances (monthly)", + "12": "Estimated On-Demand Cost Post Recommended Reserved Instance Purchase (monthly)", + "13": "Estimated Break Even (months)", + "14": "Lookback Period (days)", + "15": "Term (years)" + }, + "name": "Amazon Relational Database Service (RDS) Reserved Instance Optimization", + "pillars": [ + "cost_optimizing" + ], + "source": "ta_check" + }, + { + "arn": "arn:aws:trustedadvisor:::check/1qw23er45t", + "awsServices": [ + "Redshift" + ], + "description": "Checks your usage of Redshift and provides recommendations on purchase of Reserved Nodes to help reduce costs incurred from using Redshift On-Demand. AWS generates these recommendations by analyzing your On-Demand usage for the past 30 days. We then simulate every combination of reservations in the generated category of usage in order to identify the best number of each type of Reserved Nodes to purchase to maximize your savings. This check covers recommendations based on partial upfront payment option with 1-year or 3-year commitment. This check is not available to accounts linked in Consolidated Billing. Recommendations are only available for the Paying Account.", + "id": "1qw23er45t", + "metadata": { + "0": "Region", + "1": "Family", + "2": "Node Type", + "3": "Recommended number of Reserved Nodes to purchase", + "4": "Expected Average Reserved Node Utilization", + "5": "Estimated Savings with Recommendation (monthly)", + "6": "Upfront Cost of Reserved Nodes", + "7": "Estimated cost of Reserved Nodes (monthly)", + "8": "Estimated On-Demand Cost Post Recommended Reserved Nodes Purchase (monthly)", + "9": "Estimated Break Even (months)", + "10": "Lookback Period (days)", + "11": "Term (years)", + }, + "name": "Amazon Redshift Reserved Node Optimization", + "pillars": [ + "cost_optimizing" + ], + "source": "ta_check" + }, + ], + "nextToken": "REDACTED" + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/trustedadvisor/list-organization-recommendation-accounts.rst b/awscli/examples/trustedadvisor/list-organization-recommendation-accounts.rst new file mode 100644 index 000000000000..e1f75e247d0f --- /dev/null +++ b/awscli/examples/trustedadvisor/list-organization-recommendation-accounts.rst @@ -0,0 +1,22 @@ +**To list organization recommendation accounts** + +The following ``list-organization-recommendation-accounts`` example lists all account recommendation summaries for an organization recommendation by its identifier. :: + + aws trustedadvisor list-organization-recommendation-accounts \ + --organization-recommendation-identifier arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5 + +Output:: + + { + "accountRecommendationLifecycleSummaries": [{ + "accountId": "000000000000", + "accountRecommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", + "lifecycleStage": "resolved", + "updateReason": "Resolved issue", + "updateReasonCode": "valid_business_case", + "lastUpdatedAt": "2023-01-17T18:25:44.552Z" + }], + "nextToken": "REDACTED" + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/trustedadvisor/list-organization-recommendation-resources.rst b/awscli/examples/trustedadvisor/list-organization-recommendation-resources.rst new file mode 100644 index 000000000000..841aa54aae27 --- /dev/null +++ b/awscli/examples/trustedadvisor/list-organization-recommendation-resources.rst @@ -0,0 +1,73 @@ +**To list organization recommendation resources** + +The following ``list-organization-recommendation-resources`` example lists all resources for an organization recommendation by its identifier. :: + + aws trustedadvisor list-organization-recommendation-resources \ + --organization-recommendation-identifier arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0 + +Output:: + + { + "organizationRecommendationResourceSummaries": [ + { + "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/5a694939-2e54-45a2-ae72-730598fa89d0/bb38affc0ce0681d9a6cd13f30238ba03a8f63dfe7a379dc403c619119d86af", + "awsResourceId": "database-1-instance-1", + "id": "bb38affc0ce0681d9a6cd13f302383ba03a8f63dfe7a379dc403c619119d86af", + "lastUpdatedAt": "2023-11-01T15:09:51.891Z", + "metadata": { + "0": "14", + "1": "208.79999999999998", + "2": "database-1-instance-1", + "3": "db.r5.large", + "4": "false", + "5": "us-west-2", + "6": "arn:aws:rds:us-west-2:000000000000:db:database-1-instance-1", + "7": "1" + }, + "recommendationArn": "arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0", + "regionCode": "us-west-2", + "status": "warning" + }, + { + "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/5a694939-2e54-45a2-ae72-730598fa89d0/51fded4d7a3278818df9cfe344ff5762cec46c095a6763d1ba1ba53bd0e1b0e6", + "awsResourceId": "database-1", + "id": "51fded4d7a3278818df9cfe344ff5762cec46c095a6763d1ba1ba53bd0e1b0e6", + "lastUpdatedAt": "2023-11-01T15:09:51.891Z", + "metadata": { + "0": "14", + "1": "31.679999999999996", + "2": "database-1", + "3": "db.t3.small", + "4": "false", + "5": "us-west-2", + "6": "arn:aws:rds:us-west-2:000000000000:db:database-1", + "7": "20" + }, + "recommendationArn": "arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0", + "regionCode": "us-west-2", + "status": "warning" + }, + { + "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/5a694939-2e54-45a2-ae72-730598fa89d0/f4d01bd20f4cd5372062aafc8786c489e48f0ead7cdab121463bf9f89e40a36b", + "awsResourceId": "database-2-instance-1-us-west-2a", + "id": "f4d01bd20f4cd5372062aafc8786c489e48f0ead7cdab121463bf9f89e40a36b", + "lastUpdatedAt": "2023-11-01T15:09:51.891Z", + "metadata": { + "0": "14", + "1": "187.20000000000002", + "2": "database-2-instance-1-us-west-2a", + "3": "db.r6g.large", + "4": "true", + "5": "us-west-2", + "6": "arn:aws:rds:us-west-2:000000000000:db:database-2-instance-1-us-west-2a", + "7": "1" + }, + "recommendationArn": "arn:aws:trustedadvisor:::organization-recommendation/5a694939-2e54-45a2-ae72-730598fa89d0", + "regionCode": "us-west-2", + "status": "warning" + }, + ], + "nextToken": "REDACTED" + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/trustedadvisor/list-organization-recommendations.rst b/awscli/examples/trustedadvisor/list-organization-recommendations.rst new file mode 100644 index 000000000000..00b8f330bab3 --- /dev/null +++ b/awscli/examples/trustedadvisor/list-organization-recommendations.rst @@ -0,0 +1,131 @@ +**Example 1: To list organization recommendations** + +The following ``list-organization-recommendations`` example lists all organization recommendations and does not include a filter. :: + + aws trustedadvisor list-organization-recommendations + +Output:: + + { + "organizationRecommendationSummaries": [ + { + "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", + "name": "Lambda Runtime Deprecation Warning", + "awsServices": [ + "lambda" + ], + "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", + "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", + "lifecycleStage": "resolved", + "pillars": [ + "security" + ], + "resourcesAggregates": { + "errorCount": 0, + "okCount": 0, + "warningCount": 0 + }, + "source": "ta_check", + "status": "warning", + "type": "priority" + }, + { + "arn": "arn:aws:trustedadvisor:::organization-recommendation/4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", + "name": "Lambda Runtime Deprecation Warning", + "awsServices": [ + "lambda" + ], + "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", + "id": "4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", + "lifecycleStage": "resolved", + "pillars": [ + "security" + ], + "resourcesAggregates": { + "errorCount": 0, + "okCount": 0, + "warningCount": 0 + }, + "source": "ta_check", + "status": "warning", + "type": "priority" + }, + ], + "nextToken": "REDACTED" + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. + +**Example 2: To list organization recommendations with a filter** + +The following ``list-organization-recommendations`` example filters and returns a max of one organization recommendation that is a part of the "security" pillar. :: + + aws trustedadvisor list-organization-recommendations \ + --pillar security \ + --max-items 100 + +Output:: + + { + "organizationRecommendationSummaries": [{ + "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", + "name": "Lambda Runtime Deprecation Warning", + "awsServices": [ + "lambda" + ], + "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", + "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5", + "lifecycleStage": "resolved", + "pillars": [ + "security" + ], + "resourcesAggregates": { + "errorCount": 0, + "okCount": 0, + "warningCount": 0 + }, + "source": "ta_check", + "status": "warning", + "type": "priority" + }], + "nextToken": "REDACTED" + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. + +**Example 3: To list organization recommendations with a pagination token** + +The following ``list-organization-recommendations`` example uses the "nextToken" returned from a previous request to fetch the next page of organization recommendations. :: + + aws trustedadvisor list-organization-recommendations \ + --pillar security \ + --max-items 100 \ + --starting-token + +Output:: + + { + "organizationRecommendationSummaries": [{ + "arn": "arn:aws:trustedadvisor:::organization-recommendation/4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", + "name": "Lambda Runtime Deprecation Warning", + "awsServices": [ + "lambda" + ], + "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5", + "id": "4ecff4d4-1bc1-4c99-a5b8-0fff9ee500d6", + "lifecycleStage": "resolved", + "pillars": [ + "security" + ], + "resourcesAggregates": { + "errorCount": 0, + "okCount": 0, + "warningCount": 0 + }, + "source": "ta_check", + "status": "warning", + "type": "priority" + }] + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/trustedadvisor/list-recommendation-resources.rst b/awscli/examples/trustedadvisor/list-recommendation-resources.rst new file mode 100644 index 000000000000..31f7949c44e6 --- /dev/null +++ b/awscli/examples/trustedadvisor/list-recommendation-resources.rst @@ -0,0 +1,73 @@ +**To list recommendation resources** + +The following ``list-recommendation-resources`` example lists all resources for a recommendation by its identifier. :: + + aws trustedadvisor list-recommendation-resources \ + --recommendation-identifier arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578 + +Output:: + + { + "recommendationResourceSummaries": [ + { + "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/55fa4d2e-bbb7-491a-833b-5773e9589578/18959a1f1973cff8e706e9d9bde28bba36cd602a6b2cb86c8b61252835236010", + "id": "18959a1f1973cff8e706e9d9bde28bba36cd602a6b2cb86c8b61252835236010", + "awsResourceId": "webcms-dev-01", + "lastUpdatedAt": "2023-11-01T15:09:51.891Z", + "metadata": { + "0": "14", + "1": "123.12000000000002", + "2": "webcms-dev-01", + "3": "db.m6i.large", + "4": "false", + "5": "us-east-1", + "6": "arn:aws:rds:us-east-1:000000000000:db:webcms-dev-01", + "7": "20" + }, + "recommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", + "regionCode": "us-east-1", + "status": "warning" + }, + { + "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/55fa4d2e-bbb7-491a-833b-5773e9589578/e6367ff500ac90db8e4adeb4892e39ee9c36bbf812dcbce4b9e4fefcec9eb63e", + "id": "e6367ff500ac90db8e4adeb4892e39ee9c36bbf812dcbce4b9e4fefcec9eb63e", + "awsResourceId": "aws-dev-db-stack-instance-1", + "lastUpdatedAt": "2023-11-01T15:09:51.891Z", + "metadata": { + "0": "14", + "1": "29.52", + "2": "aws-dev-db-stack-instance-1", + "3": "db.t2.small", + "4": "false", + "5": "us-east-1", + "6": "arn:aws:rds:us-east-1:000000000000:db:aws-dev-db-stack-instance-1", + "7": "1" + }, + "recommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", + "regionCode": "us-east-1", + "status": "warning" + }, + { + "arn": "arn:aws:trustedadvisor::000000000000:recommendation-resource/55fa4d2e-bbb7-491a-833b-5773e9589578/31aa78ba050a5015d2d38cca7f5f1ce88f70857c4e1c3ad03f8f9fd95dad7459", + "id": "31aa78ba050a5015d2d38cca7f5f1ce88f70857c4e1c3ad03f8f9fd95dad7459", + "awsResourceId": "aws-awesome-apps-stack-db", + "lastUpdatedAt": "2023-11-01T15:09:51.891Z", + "metadata": { + "0": "14", + "1": "114.48000000000002", + "2": "aws-awesome-apps-stack-db", + "3": "db.m6g.large", + "4": "false", + "5": "us-east-1", + "6": "arn:aws:rds:us-east-1:000000000000:db:aws-awesome-apps-stack-db", + "7": "100" + }, + "recommendationArn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", + "regionCode": "us-east-1", + "status": "warning" + } + ], + "nextToken": "REDACTED" + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/trustedadvisor/list-recommendations.rst b/awscli/examples/trustedadvisor/list-recommendations.rst new file mode 100644 index 000000000000..0661ee6477af --- /dev/null +++ b/awscli/examples/trustedadvisor/list-recommendations.rst @@ -0,0 +1,155 @@ +**Example 1: To list recommendations** + +The following ``list-recommendations`` example lists all recommendations and does not include a filter. :: + + aws trustedadvisor list-recommendations + +Output:: + + { + "recommendationSummaries": [ + { + "arn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", + "name": "MFA Recommendation", + "awsServices": [ + "iam" + ], + "checkArn": "arn:aws:trustedadvisor:::check/7DAFEmoDos", + "id": "55fa4d2e-bbb7-491a-833b-5773e9589578", + "lastUpdatedAt": "2023-11-01T15:57:58.673Z", + "pillarSpecificAggregates": { + "costOptimizing": { + "estimatedMonthlySavings": 0.0, + "estimatedPercentMonthlySavings": 0.0 + } + }, + "pillars": [ + "security" + ], + "resourcesAggregates": { + "errorCount": 1, + "okCount": 0, + "warningCount": 0 + }, + "source": "ta_check", + "status": "error", + "type": "standard" + }, + { + "arn": "arn:aws:trustedadvisor::000000000000:recommendation/8b602b6f-452d-4cb2-8a9e-c7650955d9cd", + "name": "RDS clusters quota warning", + "awsServices": [ + "rds" + ], + "checkArn": "arn:aws:trustedadvisor:::check/gjqMBn6pjz", + "id": "8b602b6f-452d-4cb2-8a9e-c7650955d9cd", + "lastUpdatedAt": "2023-11-01T15:58:17.397Z", + "pillarSpecificAggregates": { + "costOptimizing": { + "estimatedMonthlySavings": 0.0, + "estimatedPercentMonthlySavings": 0.0 + } + }, + "pillars": [ + "service_limits" + ], + "resourcesAggregates": { + "errorCount": 0, + "okCount": 3, + "warningCount": 6 + }, + "source": "ta_check", + "status": "warning", + "type": "standard" + } + ], + "nextToken": "REDACTED" + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. + +**Example 2: To list recommendations with a filter** + +The following ``list-recommendations`` example lists recommendations and includes a filter. :: + + aws trustedadvisor list-recommendations \ + --aws-service iam \ + --max-items 100 + +Output:: + + { + "recommendationSummaries": [{ + "arn": "arn:aws:trustedadvisor::000000000000:recommendation/55fa4d2e-bbb7-491a-833b-5773e9589578", + "name": "MFA Recommendation", + "awsServices": [ + "iam" + ], + "checkArn": "arn:aws:trustedadvisor:::check/7DAFEmoDos", + "id": "55fa4d2e-bbb7-491a-833b-5773e9589578", + "lastUpdatedAt": "2023-11-01T15:57:58.673Z", + "pillarSpecificAggregates": { + "costOptimizing": { + "estimatedMonthlySavings": 0.0, + "estimatedPercentMonthlySavings": 0.0 + } + }, + "pillars": [ + "security" + ], + "resourcesAggregates": { + "errorCount": 1, + "okCount": 0, + "warningCount": 0 + }, + "source": "ta_check", + "status": "error", + "type": "standard" + }], + "nextToken": "REDACTED" + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. + +**Example 3: To list recommendations with a pagination token** + +The following ``list-recommendations`` example uses the "nextToken" returned from a previous request to fetch the next page of filtered Recommendations. :: + + aws trustedadvisor list-recommendations \ + --aws-service rds \ + --max-items 100 \ + --starting-token + +Output:: + + { + "recommendationSummaries": [{ + "arn": "arn:aws:trustedadvisor::000000000000:recommendation/8b602b6f-452d-4cb2-8a9e-c7650955d9cd", + "name": "RDS clusters quota warning", + "awsServices": [ + "rds" + ], + "checkArn": "arn:aws:trustedadvisor:::check/gjqMBn6pjz", + "id": "8b602b6f-452d-4cb2-8a9e-c7650955d9cd", + "lastUpdatedAt": "2023-11-01T15:58:17.397Z", + "pillarSpecificAggregates": { + "costOptimizing": { + "estimatedMonthlySavings": 0.0, + "estimatedPercentMonthlySavings": 0.0 + } + }, + "pillars": [ + "service_limits" + ], + "resourcesAggregates": { + "errorCount": 0, + "okCount": 3, + "warningCount": 6 + }, + "source": "ta_check", + "status": "warning", + "type": "standard" + }] + } + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/trustedadvisor/update-organization-recommendation-lifecycle.rst b/awscli/examples/trustedadvisor/update-organization-recommendation-lifecycle.rst new file mode 100644 index 000000000000..c314f664cfde --- /dev/null +++ b/awscli/examples/trustedadvisor/update-organization-recommendation-lifecycle.rst @@ -0,0 +1,12 @@ +**To update an organization recommendation lifecycle** + +The following ``update-organization-recommendation-lifecycle`` example updates the lifecycle of an organization recommendation by its identifier. :: + + aws trustedadvisor update-organization-recommendation-lifecycle \ + --organization-recommendation-identifier arn:aws:trustedadvisor:::organization-recommendation/96b5e5ca-7930-444c-90c6-06d386128100 \ + --lifecycle-stage dismissed \ + --update-reason-code not_applicable + +This command produces no output. + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/trustedadvisor/update-recommendation-lifecycle.rst b/awscli/examples/trustedadvisor/update-recommendation-lifecycle.rst new file mode 100644 index 000000000000..2fd25eda5ce2 --- /dev/null +++ b/awscli/examples/trustedadvisor/update-recommendation-lifecycle.rst @@ -0,0 +1,12 @@ +**To update a recommendation lifecycle** + +The following ``update-recommendation-lifecycle`` example updates the lifecycle of a recommendation by its identifier. :: + + aws trustedadvisor update-recommendation-lifecycle \ + --recommendation-identifier arn:aws:trustedadvisor::000000000000:recommendation/861c9c6e-f169-405a-8b59-537a8caccd7a \ + --lifecycle-stage resolved \ + --update-reason-code valid_business_case + +This command produces no output. + +For more information, see `Get started with the Trusted Advisor API `__ in the *AWS Trusted Advisor User Guide*. \ No newline at end of file diff --git a/awscli/examples/verifiedpermissions/create-policy-template.rst b/awscli/examples/verifiedpermissions/create-policy-template.rst index c4b2edda76c2..f5a6584e59d5 100644 --- a/awscli/examples/verifiedpermissions/create-policy-template.rst +++ b/awscli/examples/verifiedpermissions/create-policy-template.rst @@ -1,12 +1,12 @@ -**Example 1: To create a policy template** +**To create a policy template** The following ``create-policy-template`` example creates a policy template with a statement that contains a placeholder for the principal. :: aws verifiedpermissions create-policy-template \ - --definition file://template1.txt \ + --statement file://template1.txt \ --policy-store-id PSEXAMPLEabcdefg111111 -Contents of file ``template1.txt``:: +Contents of ``template1.txt``:: permit( principal in ?principal, diff --git a/awscli/examples/workmail/list-organizations.rst b/awscli/examples/workmail/list-organizations.rst index b328f022da43..e880b9ef6bf9 100644 --- a/awscli/examples/workmail/list-organizations.rst +++ b/awscli/examples/workmail/list-organizations.rst @@ -1,6 +1,6 @@ **To retrieve a list of organizations** -The following ``list-organizations`` command retrieves summaries of non-deleted organizations. :: +The following ``list-organizations`` command retrieves summaries of the customer's organizations. :: aws workmail list-organizations diff --git a/awscli/examples/workspaces/create-workspaces.rst b/awscli/examples/workspaces/create-workspaces.rst index 68427fcfbb7c..fb800ff23451 100644 --- a/awscli/examples/workspaces/create-workspaces.rst +++ b/awscli/examples/workspaces/create-workspaces.rst @@ -42,4 +42,27 @@ Output:: ] } -For more information, see `Launch a virtual desktop `__ in the *Amazon WorkSpaces Administration Guide*. +**Example 3: To create a user-decoupled WorkSpace** + +The following ``create-workspaces`` example creates a user-decoupled WorkSpace by setting the username to ``[UNDEFINED]``, and specifying a WorkSpace name, directory ID, and bundle ID. :: + + aws workspaces create-workspaces \ + --workspaces DirectoryId=d-926722edaf,UserName='"[UNDEFINED]"',WorkspaceName=MaryWorkspace1,BundleId=wsb-0zsvgp8fc,WorkspaceProperties={RunningMode=ALWAYS_ON} + +Output:: + + { + "FailedRequests": [], + "PendingRequests": [ + { + "WorkspaceId": "ws-abcd1234", + "DirectoryId": "d-926722edaf", + "UserName": "[UNDEFINED]", + "State": "PENDING", + "BundleId": "wsb-0zsvgp8fc", + "WorkspaceName": "MaryWorkspace1" + } + ] + } + +For more information, see `Launch a virtual desktop `__ in the *Amazon WorkSpaces Administration Guide*. \ No newline at end of file diff --git a/awscli/formatter.py b/awscli/formatter.py index ca529ed30d13..e13b6fd72c62 100644 --- a/awscli/formatter.py +++ b/awscli/formatter.py @@ -13,16 +13,13 @@ import logging from botocore.compat import json - -from botocore.utils import set_value_from_jmespath from botocore.paginate import PageIterator +from botocore.utils import set_value_from_jmespath -from awscli.table import MultiTable, Styler, ColorizedStyler -from awscli import text -from awscli import compat +from awscli import compat, text +from awscli.table import ColorizedStyler, MultiTable, Styler from awscli.utils import json_encoder - LOG = logging.getLogger(__name__) @@ -30,7 +27,7 @@ def is_response_paginated(response): return isinstance(response, PageIterator) -class Formatter(object): +class Formatter: def __init__(self, args): self._args = args @@ -47,7 +44,7 @@ def _get_default_stream(self): def _flush_stream(self, stream): try: stream.flush() - except IOError: + except OSError: pass @@ -69,7 +66,7 @@ def __call__(self, command_name, response, stream=None): response_data = self._args.query.search(response_data) try: self._format_response(command_name, response_data, stream) - except IOError as e: + except OSError: # If the reading end of our stdout stream has closed the file # we can just exit. pass @@ -80,15 +77,19 @@ def __call__(self, command_name, response, stream=None): class JSONFormatter(FullyBufferedFormatter): - def _format_response(self, command_name, response, stream): # For operations that have no response body (e.g. s3 put-object) # the response will be an empty string. We don't want to print # that out to the user but other "falsey" values like an empty # dictionary should be printed. if response != {}: - json.dump(response, stream, indent=4, default=json_encoder, - ensure_ascii=False) + json.dump( + response, + stream, + indent=4, + default=json_encoder, + ensure_ascii=False, + ) stream.write('\n') @@ -100,19 +101,23 @@ class TableFormatter(FullyBufferedFormatter): using the output definition from the model. """ + def __init__(self, args, table=None): super(TableFormatter, self).__init__(args) if args.color == 'auto': - self.table = MultiTable(initial_section=False, - column_separator='|') + self.table = MultiTable( + initial_section=False, column_separator='|' + ) elif args.color == 'off': styler = Styler() - self.table = MultiTable(initial_section=False, - column_separator='|', styler=styler) + self.table = MultiTable( + initial_section=False, column_separator='|', styler=styler + ) elif args.color == 'on': styler = ColorizedStyler() - self.table = MultiTable(initial_section=False, - column_separator='|', styler=styler) + self.table = MultiTable( + initial_section=False, column_separator='|', styler=styler + ) else: raise ValueError("Unknown color option: %s" % args.color) @@ -120,7 +125,7 @@ def _format_response(self, command_name, response, stream): if self._build_table(command_name, response): try: self.table.render(stream) - except IOError: + except OSError: # If they're piping stdout to another process which exits before # we're done writing all of our output, we'll get an error about a # closed pipe which we can safely ignore. @@ -161,8 +166,9 @@ def _build_sub_table_from_dict(self, current, indent_level): self.table.add_row_header(headers) self.table.add_row([current[k] for k in headers]) for remaining in more: - self._build_table(remaining, current[remaining], - indent_level=indent_level + 1) + self._build_table( + remaining, current[remaining], indent_level=indent_level + 1 + ) def _build_sub_table_from_list(self, current, indent_level, title): headers, more = self._group_scalar_keys_from_list(current) @@ -170,8 +176,7 @@ def _build_sub_table_from_list(self, current, indent_level, title): first = True for element in current: if not first and more: - self.table.new_section(title, - indent_level=indent_level) + self.table.new_section(title, indent_level=indent_level) self.table.add_row_header(headers) first = False # Use .get() to account for the fact that sometimes an element @@ -182,8 +187,11 @@ def _build_sub_table_from_list(self, current, indent_level, title): # be in every single element of the list, so we need to # check this condition before recursing. if remaining in element: - self._build_table(remaining, element[remaining], - indent_level=indent_level + 1) + self._build_table( + remaining, + element[remaining], + indent_level=indent_level + 1, + ) def _scalar_type(self, element): return not isinstance(element, (list, dict)) @@ -219,7 +227,6 @@ def _group_scalar_keys(self, current): class TextFormatter(Formatter): - def __call__(self, command_name, response, stream=None): if stream is None: stream = self._get_default_stream() @@ -235,9 +242,7 @@ def __call__(self, command_name, response, stream=None): for result_key in result_keys: data = result_key.search(page) set_value_from_jmespath( - current, - result_key.expression, - data + current, result_key.expression, data ) self._format_response(current, stream) if response.resume_token: @@ -245,7 +250,8 @@ def __call__(self, command_name, response, stream=None): # if they want. self._format_response( {'NextToken': {'NextToken': response.resume_token}}, - stream) + stream, + ) else: self._remove_request_id(response) self._format_response(response, stream) diff --git a/awscli/handlers.py b/awscli/handlers.py index 356ae45c7cc9..f6c2c13a7801 100644 --- a/awscli/handlers.py +++ b/awscli/handlers.py @@ -16,86 +16,113 @@ registered with the event system. """ + from awscli.argprocess import ParamShorthandParser -from awscli.paramfile import register_uri_param_handler from awscli.customizations import datapipeline from awscli.customizations.addexamples import add_examples from awscli.customizations.argrename import register_arg_renames from awscli.customizations.assumerole import register_assume_role_provider from awscli.customizations.awslambda import register_lambda_create_function from awscli.customizations.cliinputjson import register_cli_input_json -from awscli.customizations.cloudformation import initialize as cloudformation_init +from awscli.customizations.cloudformation import ( + initialize as cloudformation_init, +) from awscli.customizations.cloudfront import register as register_cloudfront from awscli.customizations.cloudsearch import initialize as cloudsearch_init from awscli.customizations.cloudsearchdomain import register_cloudsearchdomain from awscli.customizations.cloudtrail import initialize as cloudtrail_init from awscli.customizations.codeartifact import register_codeartifact_commands from awscli.customizations.codecommit import initialize as codecommit_init -from awscli.customizations.codedeploy.codedeploy import initialize as \ - codedeploy_init +from awscli.customizations.codedeploy.codedeploy import ( + initialize as codedeploy_init, +) from awscli.customizations.configservice.getstatus import register_get_status -from awscli.customizations.configservice.putconfigurationrecorder import \ - register_modify_put_configuration_recorder -from awscli.customizations.configservice.rename_cmd import \ - register_rename_config +from awscli.customizations.configservice.putconfigurationrecorder import ( + register_modify_put_configuration_recorder, +) +from awscli.customizations.configservice.rename_cmd import ( + register_rename_config, +) from awscli.customizations.configservice.subscribe import register_subscribe from awscli.customizations.configure.configure import register_configure_cmd -from awscli.customizations.history import register_history_mode -from awscli.customizations.history import register_history_commands +from awscli.customizations.dlm.dlm import dlm_initialize +from awscli.customizations.dynamodb import register_dynamodb_paginator_fix from awscli.customizations.ec2.addcount import register_count_events from awscli.customizations.ec2.bundleinstance import register_bundleinstance from awscli.customizations.ec2.decryptpassword import ec2_add_priv_launch_key +from awscli.customizations.ec2.paginate import register_ec2_page_size_injector from awscli.customizations.ec2.protocolarg import register_protocol_args from awscli.customizations.ec2.runinstances import register_runinstances from awscli.customizations.ec2.secgroupsimplify import register_secgroup -from awscli.customizations.ec2.paginate import register_ec2_page_size_injector from awscli.customizations.ecr import register_ecr_commands from awscli.customizations.ecr_public import register_ecr_public_commands -from awscli.customizations.emr.emr import emr_initialize -from awscli.customizations.emrcontainers import \ - initialize as emrcontainers_initialize -from awscli.customizations.eks import initialize as eks_initialize from awscli.customizations.ecs import initialize as ecs_initialize +from awscli.customizations.eks import initialize as eks_initialize +from awscli.customizations.emr.emr import emr_initialize +from awscli.customizations.emrcontainers import ( + initialize as emrcontainers_initialize, +) from awscli.customizations.gamelift import register_gamelift_commands -from awscli.customizations.generatecliskeleton import \ - register_generate_cli_skeleton +from awscli.customizations.generatecliskeleton import ( + register_generate_cli_skeleton, +) from awscli.customizations.globalargs import register_parse_global_args +from awscli.customizations.history import ( + register_history_commands, + register_history_mode, +) from awscli.customizations.iamvirtmfa import IAMVMFAWrapper -from awscli.customizations.iot import register_create_keys_and_cert_arguments -from awscli.customizations.iot import register_create_keys_from_csr_arguments +from awscli.customizations.iot import ( + register_create_keys_and_cert_arguments, + register_create_keys_from_csr_arguments, +) from awscli.customizations.iot_data import register_custom_endpoint_note +from awscli.customizations.kinesis import ( + register_kinesis_list_streams_pagination_backcompat, +) from awscli.customizations.kms import register_fix_kms_create_grant_docs -from awscli.customizations.dlm.dlm import dlm_initialize +from awscli.customizations.logs import register_logs_commands +from awscli.customizations.mturk import register_alias_mturk_command from awscli.customizations.opsworks import initialize as opsworks_init +from awscli.customizations.opsworkscm import register_alias_opsworks_cm +from awscli.customizations.overridesslcommonname import ( + register_override_ssl_common_name, +) from awscli.customizations.paginate import register_pagination from awscli.customizations.preview import register_preview_commands from awscli.customizations.putmetricdata import register_put_metric_data -from awscli.customizations.rds import register_rds_modify_split -from awscli.customizations.rds import register_add_generate_db_auth_token -from awscli.customizations.rekognition import register_rekognition_detect_labels +from awscli.customizations.quicksight import ( + register_quicksight_asset_bundle_customizations, +) +from awscli.customizations.rds import ( + register_add_generate_db_auth_token, + register_rds_modify_split, +) +from awscli.customizations.rekognition import ( + register_rekognition_detect_labels, +) from awscli.customizations.removals import register_removals from awscli.customizations.route53 import register_create_hosted_zone_doc_fix from awscli.customizations.s3.s3 import s3_plugin_initialize from awscli.customizations.s3errormsg import register_s3_error_msg +from awscli.customizations.s3events import register_event_stream_arg, register_document_expires_string +from awscli.customizations.sagemaker import ( + register_alias_sagemaker_runtime_command, +) from awscli.customizations.scalarparse import register_scalar_parser +from awscli.customizations.servicecatalog import ( + register_servicecatalog_commands, +) from awscli.customizations.sessendemail import register_ses_send_email +from awscli.customizations.sessionmanager import register_ssm_session +from awscli.customizations.sms_voice import register_sms_voice_hide from awscli.customizations.streamingoutputarg import add_streaming_output_arg -from awscli.customizations.translate import register_translate_import_terminology from awscli.customizations.toplevelbool import register_bool_params +from awscli.customizations.translate import ( + register_translate_import_terminology, +) from awscli.customizations.waiters import register_add_waiters -from awscli.customizations.opsworkscm import register_alias_opsworks_cm -from awscli.customizations.mturk import register_alias_mturk_command -from awscli.customizations.sagemaker import register_alias_sagemaker_runtime_command -from awscli.customizations.servicecatalog import register_servicecatalog_commands -from awscli.customizations.s3events import register_event_stream_arg -from awscli.customizations.sessionmanager import register_ssm_session -from awscli.customizations.sms_voice import register_sms_voice_hide -from awscli.customizations.dynamodb import register_dynamodb_paginator_fix -from awscli.customizations.overridesslcommonname import register_override_ssl_common_name -from awscli.customizations.kinesis import \ - register_kinesis_list_streams_pagination_backcompat -from awscli.customizations.quicksight import \ - register_quicksight_asset_bundle_customizations +from awscli.paramfile import register_uri_param_handler def awscli_initialize(event_handlers): @@ -105,23 +132,25 @@ def awscli_initialize(event_handlers): # The s3 error message needs to registered before the # generic error handler. register_s3_error_msg(event_handlers) -# # The following will get fired for every option we are -# # documenting. It will attempt to add an example_fn on to -# # the parameter object if the parameter supports shorthand -# # syntax. The documentation event handlers will then use -# # the examplefn to generate the sample shorthand syntax -# # in the docs. Registering here should ensure that this -# # handler gets called first but it still feels a bit brittle. -# event_handlers.register('doc-option-example.*.*.*', -# param_shorthand.add_example_fn) - event_handlers.register('doc-examples.*.*', - add_examples) + # # The following will get fired for every option we are + # # documenting. It will attempt to add an example_fn on to + # # the parameter object if the parameter supports shorthand + # # syntax. The documentation event handlers will then use + # # the examplefn to generate the sample shorthand syntax + # # in the docs. Registering here should ensure that this + # # handler gets called first but it still feels a bit brittle. + # event_handlers.register('doc-option-example.*.*.*', + # param_shorthand.add_example_fn) + event_handlers.register('doc-examples.*.*', add_examples) register_cli_input_json(event_handlers) - event_handlers.register('building-argument-table.*', - add_streaming_output_arg) + event_handlers.register( + 'building-argument-table.*', add_streaming_output_arg + ) register_count_events(event_handlers) - event_handlers.register('building-argument-table.ec2.get-password-data', - ec2_add_priv_launch_key) + event_handlers.register( + 'building-argument-table.ec2.get-password-data', + ec2_add_priv_launch_key, + ) register_parse_global_args(event_handlers) register_pagination(event_handlers) register_secgroup(event_handlers) @@ -168,10 +197,12 @@ def awscli_initialize(event_handlers): register_custom_endpoint_note(event_handlers) event_handlers.register( 'building-argument-table.iot.create-keys-and-certificate', - register_create_keys_and_cert_arguments) + register_create_keys_and_cert_arguments, + ) event_handlers.register( 'building-argument-table.iot.create-certificate-from-csr', - register_create_keys_from_csr_arguments) + register_create_keys_from_csr_arguments, + ) register_cloudfront(event_handlers) register_gamelift_commands(event_handlers) register_ec2_page_size_injector(event_handlers) @@ -184,6 +215,7 @@ def awscli_initialize(event_handlers): register_history_mode(event_handlers) register_history_commands(event_handlers) register_event_stream_arg(event_handlers) + register_document_expires_string(event_handlers) dlm_initialize(event_handlers) register_ssm_session(event_handlers) register_sms_voice_hide(event_handlers) @@ -191,3 +223,4 @@ def awscli_initialize(event_handlers): register_override_ssl_common_name(event_handlers) register_kinesis_list_streams_pagination_backcompat(event_handlers) register_quicksight_asset_bundle_customizations(event_handlers) + register_logs_commands(event_handlers) diff --git a/awscli/help.py b/awscli/help.py index f2ef22b99b7d..14b91c7ed3d7 100644 --- a/awscli/help.py +++ b/awscli/help.py @@ -12,35 +12,37 @@ # language governing permissions and limitations under the License. import logging import os -import sys import platform import shlex -from subprocess import Popen, PIPE +import sys +from subprocess import PIPE, Popen from docutils.core import publish_string from docutils.writers import manpage -from awscli.clidocs import ProviderDocumentEventHandler -from awscli.clidocs import ServiceDocumentEventHandler -from awscli.clidocs import OperationDocumentEventHandler -from awscli.clidocs import TopicListerDocumentEventHandler -from awscli.clidocs import TopicDocumentEventHandler +from awscli.argparser import ArgTableArgParser +from awscli.argprocess import ParamShorthandParser from awscli.bcdoc import docevents from awscli.bcdoc.restdoc import ReSTDocument from awscli.bcdoc.textwriter import TextWriter -from awscli.argprocess import ParamShorthandParser -from awscli.argparser import ArgTableArgParser +from awscli.clidocs import ( + OperationDocumentEventHandler, + ProviderDocumentEventHandler, + ServiceDocumentEventHandler, + TopicDocumentEventHandler, + TopicListerDocumentEventHandler, +) from awscli.topictags import TopicTagDB from awscli.utils import ignore_ctrl_c - LOG = logging.getLogger('awscli.help') class ExecutableNotFoundError(Exception): def __init__(self, executable_name): - super(ExecutableNotFoundError, self).__init__( - 'Could not find executable named "%s"' % executable_name) + super().__init__( + f'Could not find executable named "{executable_name}"' + ) def get_renderer(): @@ -54,7 +56,7 @@ def get_renderer(): return PosixHelpRenderer() -class PagingHelpRenderer(object): +class PagingHelpRenderer: """ Interface for a help renderer. @@ -62,10 +64,21 @@ class PagingHelpRenderer(object): a particular platform. """ + def __init__(self, output_stream=sys.stdout): self.output_stream = output_stream PAGER = None + _DEFAULT_DOCUTILS_SETTINGS_OVERRIDES = { + # The default for line length limit in docutils is 10,000. However, + # currently in the documentation, it inlines all possible enums in + # the JSON syntax which exceeds this limit for some EC2 commands + # and prevents the manpages from being generated. + # This is a temporary fix to allow the manpages for these commands + # to be rendered. Long term, we should avoid enumerating over all + # enums inline for the JSON syntax snippets. + 'line_length_limit': 50_000 + } def get_pager_cmdline(self): pager = self.PAGER @@ -105,7 +118,11 @@ class PosixHelpRenderer(PagingHelpRenderer): PAGER = 'less -R' def _convert_doc_content(self, contents): - man_contents = publish_string(contents, writer=manpage.Writer()) + man_contents = publish_string( + contents, + writer=manpage.Writer(), + settings_overrides=self._DEFAULT_DOCUTILS_SETTINGS_OVERRIDES, + ) if self._exists_on_path('groff'): cmdline = ['groff', '-m', 'man', '-T', 'ascii'] elif self._exists_on_path('mandoc'): @@ -120,8 +137,9 @@ def _convert_doc_content(self, contents): def _send_output_to_pager(self, output): cmdline = self.get_pager_cmdline() if not self._exists_on_path(cmdline[0]): - LOG.debug("Pager '%s' not found in PATH, printing raw help." % - cmdline[0]) + LOG.debug( + "Pager '%s' not found in PATH, printing raw help.", cmdline[0] + ) self.output_stream.write(output.decode('utf-8') + "\n") self.output_stream.flush() return @@ -144,8 +162,12 @@ def _send_output_to_pager(self, output): def _exists_on_path(self, name): # Since we're only dealing with POSIX systems, we can # ignore things like PATHEXT. - return any([os.path.exists(os.path.join(p, name)) - for p in os.environ.get('PATH', '').split(os.pathsep)]) + return any( + [ + os.path.exists(os.path.join(p, name)) + for p in os.environ.get('PATH', '').split(os.pathsep) + ] + ) class WindowsHelpRenderer(PagingHelpRenderer): @@ -154,8 +176,11 @@ class WindowsHelpRenderer(PagingHelpRenderer): PAGER = 'more' def _convert_doc_content(self, contents): - text_output = publish_string(contents, - writer=TextWriter()) + text_output = publish_string( + contents, + writer=TextWriter(), + settings_overrides=self._DEFAULT_DOCUTILS_SETTINGS_OVERRIDES, + ) return text_output def _popen(self, *args, **kwargs): @@ -165,7 +190,7 @@ def _popen(self, *args, **kwargs): return Popen(*args, **kwargs) -class HelpCommand(object): +class HelpCommand: """ HelpCommand Interface --------------------- @@ -263,8 +288,9 @@ def __call__(self, args, parsed_globals): subcommand_parser = ArgTableArgParser({}, self.subcommand_table) parsed, remaining = subcommand_parser.parse_known_args(args) if getattr(parsed, 'subcommand', None) is not None: - return self.subcommand_table[parsed.subcommand](remaining, - parsed_globals) + return self.subcommand_table[parsed.subcommand]( + remaining, parsed_globals + ) # Create an event handler for a Provider Document instance = self.EventHandlerClass(self) @@ -282,12 +308,13 @@ class ProviderHelpCommand(HelpCommand): This is what is called when ``aws help`` is run. """ + EventHandlerClass = ProviderDocumentEventHandler - def __init__(self, session, command_table, arg_table, - description, synopsis, usage): - HelpCommand.__init__(self, session, None, - command_table, arg_table) + def __init__( + self, session, command_table, arg_table, description, synopsis, usage + ): + HelpCommand.__init__(self, session, None, command_table, arg_table) self.description = description self.synopsis = synopsis self.help_usage = usage @@ -336,10 +363,12 @@ class ServiceHelpCommand(HelpCommand): EventHandlerClass = ServiceDocumentEventHandler - def __init__(self, session, obj, command_table, arg_table, name, - event_class): - super(ServiceHelpCommand, self).__init__(session, obj, command_table, - arg_table) + def __init__( + self, session, obj, command_table, arg_table, name, event_class + ): + super().__init__( + session, obj, command_table, arg_table + ) self._name = name self._event_class = event_class @@ -359,10 +388,10 @@ class OperationHelpCommand(HelpCommand): e.g. ``aws ec2 describe-instances help``. """ + EventHandlerClass = OperationDocumentEventHandler - def __init__(self, session, operation_model, arg_table, name, - event_class): + def __init__(self, session, operation_model, arg_table, name, event_class): HelpCommand.__init__(self, session, operation_model, None, arg_table) self.param_shorthand = ParamShorthandParser() self._name = name @@ -381,7 +410,7 @@ class TopicListerCommand(HelpCommand): EventHandlerClass = TopicListerDocumentEventHandler def __init__(self, session): - super(TopicListerCommand, self).__init__(session, None, {}, {}) + super().__init__(session, None, {}, {}) @property def event_class(self): @@ -396,7 +425,7 @@ class TopicHelpCommand(HelpCommand): EventHandlerClass = TopicDocumentEventHandler def __init__(self, session, topic_name): - super(TopicHelpCommand, self).__init__(session, None, {}, {}) + super().__init__(session, None, {}, {}) self._topic_name = topic_name @property diff --git a/awscli/paramfile.py b/awscli/paramfile.py index 4e71b4311983..14cd7fc49330 100644 --- a/awscli/paramfile.py +++ b/awscli/paramfile.py @@ -10,18 +10,16 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. +import copy import logging import os -import copy from botocore.awsrequest import AWSRequest -from botocore.httpsession import URLLib3Session from botocore.exceptions import ProfileNotFound -from awscli.compat import six +from botocore.httpsession import URLLib3Session +from awscli import argprocess from awscli.compat import compat_open -from awscli.argprocess import ParamError - logger = logging.getLogger(__name__) @@ -29,123 +27,108 @@ # special param file processing. This is typically because it # refers to an actual URI of some sort and we don't want to actually # download the content (i.e TemplateURL in cloudformation). -PARAMFILE_DISABLED = set([ - 'api-gateway.put-integration.uri', - 'api-gateway.create-integration.integration-uri', - 'api-gateway.update-integration.integration-uri', - 'api-gateway.create-api.target', - 'api-gateway.update-api.target', - 'appstream.create-stack.redirect-url', - 'appstream.create-stack.feedback-url', - 'appstream.update-stack.redirect-url', - 'appstream.update-stack.feedback-url', - 'cloudformation.create-stack.template-url', - 'cloudformation.update-stack.template-url', - 'cloudformation.create-stack-set.template-url', - 'cloudformation.update-stack-set.template-url', - 'cloudformation.create-change-set.template-url', - 'cloudformation.validate-template.template-url', - 'cloudformation.estimate-template-cost.template-url', - 'cloudformation.get-template-summary.template-url', - - 'cloudformation.create-stack.stack-policy-url', - 'cloudformation.update-stack.stack-policy-url', - 'cloudformation.set-stack-policy.stack-policy-url', - # aws cloudformation package --template-file - 'custom.package.template-file', - # aws cloudformation deploy --template-file - 'custom.deploy.template-file', - - 'cloudformation.update-stack.stack-policy-during-update-url', - 'cloudformation.register-type.schema-handler-package', - # We will want to change the event name to ``s3`` as opposed to - # custom in the near future along with ``s3`` to ``s3api``. - 'custom.cp.website-redirect', - 'custom.mv.website-redirect', - 'custom.sync.website-redirect', - - 'guardduty.create-ip-set.location', - 'guardduty.update-ip-set.location', - 'guardduty.create-threat-intel-set.location', - 'guardduty.update-threat-intel-set.location', - 'comprehend.detect-dominant-language.text', - 'comprehend.batch-detect-dominant-language.text-list', - 'comprehend.detect-entities.text', - 'comprehend.batch-detect-entities.text-list', - 'comprehend.detect-key-phrases.text', - 'comprehend.batch-detect-key-phrases.text-list', - 'comprehend.detect-sentiment.text', - 'comprehend.batch-detect-sentiment.text-list', - - 'emr.create-studio.idp-auth-url', - - 'iam.create-open-id-connect-provider.url', - - 'machine-learning.predict.predict-endpoint', - - 'mediatailor.put-playback-configuration.ad-decision-server-url', - 'mediatailor.put-playback-configuration.slate-ad-url', - 'mediatailor.put-playback-configuration.video-content-source-url', - - 'rds.copy-db-cluster-snapshot.pre-signed-url', - 'rds.create-db-cluster.pre-signed-url', - 'rds.copy-db-snapshot.pre-signed-url', - 'rds.create-db-instance-read-replica.pre-signed-url', - - 'sagemaker.create-notebook-instance.default-code-repository', - 'sagemaker.create-notebook-instance.additional-code-repositories', - 'sagemaker.update-notebook-instance.default-code-repository', - 'sagemaker.update-notebook-instance.additional-code-repositories', - - 'serverlessapplicationrepository.create-application.home-page-url', - 'serverlessapplicationrepository.create-application.license-url', - 'serverlessapplicationrepository.create-application.readme-url', - 'serverlessapplicationrepository.create-application.source-code-url', - 'serverlessapplicationrepository.create-application.template-url', - 'serverlessapplicationrepository.create-application-version.source-code-url', - 'serverlessapplicationrepository.create-application-version.template-url', - 'serverlessapplicationrepository.update-application.home-page-url', - 'serverlessapplicationrepository.update-application.readme-url', - - 'service-catalog.create-product.support-url', - 'service-catalog.update-product.support-url', - - 'ses.create-custom-verification-email-template.failure-redirection-url', - 'ses.create-custom-verification-email-template.success-redirection-url', - 'ses.put-account-details.website-url', - 'ses.update-custom-verification-email-template.failure-redirection-url', - 'ses.update-custom-verification-email-template.success-redirection-url', - - 'sqs.add-permission.queue-url', - 'sqs.change-message-visibility.queue-url', - 'sqs.change-message-visibility-batch.queue-url', - 'sqs.delete-message.queue-url', - 'sqs.delete-message-batch.queue-url', - 'sqs.delete-queue.queue-url', - 'sqs.get-queue-attributes.queue-url', - 'sqs.list-dead-letter-source-queues.queue-url', - 'sqs.receive-message.queue-url', - 'sqs.remove-permission.queue-url', - 'sqs.send-message.queue-url', - 'sqs.send-message-batch.queue-url', - 'sqs.set-queue-attributes.queue-url', - 'sqs.purge-queue.queue-url', - 'sqs.list-queue-tags.queue-url', - 'sqs.tag-queue.queue-url', - 'sqs.untag-queue.queue-url', - - 's3.copy-object.website-redirect-location', - 's3.create-multipart-upload.website-redirect-location', - 's3.put-object.website-redirect-location', - - # Double check that this has been renamed! - 'sns.subscribe.notification-endpoint', - - 'iot.create-job.document-source', - 'translate.translate-text.text', - - 'workdocs.create-notification-subscription.notification-endpoint' -]) +PARAMFILE_DISABLED = set( + [ + 'api-gateway.put-integration.uri', + 'api-gateway.create-integration.integration-uri', + 'api-gateway.update-integration.integration-uri', + 'api-gateway.create-api.target', + 'api-gateway.update-api.target', + 'appstream.create-stack.redirect-url', + 'appstream.create-stack.feedback-url', + 'appstream.update-stack.redirect-url', + 'appstream.update-stack.feedback-url', + 'cloudformation.create-stack.template-url', + 'cloudformation.update-stack.template-url', + 'cloudformation.create-stack-set.template-url', + 'cloudformation.update-stack-set.template-url', + 'cloudformation.create-change-set.template-url', + 'cloudformation.validate-template.template-url', + 'cloudformation.estimate-template-cost.template-url', + 'cloudformation.get-template-summary.template-url', + 'cloudformation.create-stack.stack-policy-url', + 'cloudformation.update-stack.stack-policy-url', + 'cloudformation.set-stack-policy.stack-policy-url', + # aws cloudformation package --template-file + 'custom.package.template-file', + # aws cloudformation deploy --template-file + 'custom.deploy.template-file', + 'cloudformation.update-stack.stack-policy-during-update-url', + 'cloudformation.register-type.schema-handler-package', + # We will want to change the event name to ``s3`` as opposed to + # custom in the near future along with ``s3`` to ``s3api``. + 'custom.cp.website-redirect', + 'custom.mv.website-redirect', + 'custom.sync.website-redirect', + 'guardduty.create-ip-set.location', + 'guardduty.update-ip-set.location', + 'guardduty.create-threat-intel-set.location', + 'guardduty.update-threat-intel-set.location', + 'comprehend.detect-dominant-language.text', + 'comprehend.batch-detect-dominant-language.text-list', + 'comprehend.detect-entities.text', + 'comprehend.batch-detect-entities.text-list', + 'comprehend.detect-key-phrases.text', + 'comprehend.batch-detect-key-phrases.text-list', + 'comprehend.detect-sentiment.text', + 'comprehend.batch-detect-sentiment.text-list', + 'emr.create-studio.idp-auth-url', + 'iam.create-open-id-connect-provider.url', + 'machine-learning.predict.predict-endpoint', + 'mediatailor.put-playback-configuration.ad-decision-server-url', + 'mediatailor.put-playback-configuration.slate-ad-url', + 'mediatailor.put-playback-configuration.video-content-source-url', + 'rds.copy-db-cluster-snapshot.pre-signed-url', + 'rds.create-db-cluster.pre-signed-url', + 'rds.copy-db-snapshot.pre-signed-url', + 'rds.create-db-instance-read-replica.pre-signed-url', + 'sagemaker.create-notebook-instance.default-code-repository', + 'sagemaker.create-notebook-instance.additional-code-repositories', + 'sagemaker.update-notebook-instance.default-code-repository', + 'sagemaker.update-notebook-instance.additional-code-repositories', + 'serverlessapplicationrepository.create-application.home-page-url', + 'serverlessapplicationrepository.create-application.license-url', + 'serverlessapplicationrepository.create-application.readme-url', + 'serverlessapplicationrepository.create-application.source-code-url', + 'serverlessapplicationrepository.create-application.template-url', + 'serverlessapplicationrepository.create-application-version.source-code-url', + 'serverlessapplicationrepository.create-application-version.template-url', + 'serverlessapplicationrepository.update-application.home-page-url', + 'serverlessapplicationrepository.update-application.readme-url', + 'service-catalog.create-product.support-url', + 'service-catalog.update-product.support-url', + 'ses.create-custom-verification-email-template.failure-redirection-url', + 'ses.create-custom-verification-email-template.success-redirection-url', + 'ses.put-account-details.website-url', + 'ses.update-custom-verification-email-template.failure-redirection-url', + 'ses.update-custom-verification-email-template.success-redirection-url', + 'sqs.add-permission.queue-url', + 'sqs.change-message-visibility.queue-url', + 'sqs.change-message-visibility-batch.queue-url', + 'sqs.delete-message.queue-url', + 'sqs.delete-message-batch.queue-url', + 'sqs.delete-queue.queue-url', + 'sqs.get-queue-attributes.queue-url', + 'sqs.list-dead-letter-source-queues.queue-url', + 'sqs.receive-message.queue-url', + 'sqs.remove-permission.queue-url', + 'sqs.send-message.queue-url', + 'sqs.send-message-batch.queue-url', + 'sqs.set-queue-attributes.queue-url', + 'sqs.purge-queue.queue-url', + 'sqs.list-queue-tags.queue-url', + 'sqs.tag-queue.queue-url', + 'sqs.untag-queue.queue-url', + 's3.copy-object.website-redirect-location', + 's3.create-multipart-upload.website-redirect-location', + 's3.put-object.website-redirect-location', + # Double check that this has been renamed! + 'sns.subscribe.notification-endpoint', + 'iot.create-job.document-source', + 'translate.translate-text.text', + 'workdocs.create-notification-subscription.notification-endpoint', + ] +) class ResourceLoadingError(Exception): @@ -155,8 +138,10 @@ class ResourceLoadingError(Exception): def register_uri_param_handler(session, **kwargs): prefix_map = copy.deepcopy(LOCAL_PREFIX_MAP) try: - fetch_url = session.get_scoped_config().get( - 'cli_follow_urlparam', 'true') == 'true' + fetch_url = ( + session.get_scoped_config().get('cli_follow_urlparam', 'true') + == 'true' + ) except ProfileNotFound: # If a --profile is provided that does not exist, loading # a value from get_scoped_config will crash the CLI. @@ -174,7 +159,7 @@ def register_uri_param_handler(session, **kwargs): session.register('load-cli-arg', handler) -class URIArgumentHandler(object): +class URIArgumentHandler: def __init__(self, prefixes=None): if prefixes is None: prefixes = copy.deepcopy(LOCAL_PREFIX_MAP) @@ -185,8 +170,9 @@ def __call__(self, event_name, param, value, **kwargs): """Handler that supports param values from URIs.""" cli_argument = param qualified_param_name = '.'.join(event_name.split('.')[1:]) - if qualified_param_name in PARAMFILE_DISABLED or \ - getattr(cli_argument, 'no_paramfile', None): + if qualified_param_name in PARAMFILE_DISABLED or getattr( + cli_argument, 'no_paramfile', None + ): return else: return self._check_for_uri_param(cli_argument, value) @@ -197,7 +183,7 @@ def _check_for_uri_param(self, param, value): try: return get_paramfile(value, self._prefixes) except ResourceLoadingError as e: - raise ParamError(param.cli_name, six.text_type(e)) + raise argprocess.ParamError(param.cli_name, str(e)) def get_paramfile(path, cases): @@ -224,7 +210,7 @@ def get_paramfile(path, cases): """ data = None - if isinstance(path, six.string_types): + if isinstance(path, str): for prefix, function_spec in cases.items(): if path.startswith(prefix): function, kwargs = function_spec @@ -233,7 +219,7 @@ def get_paramfile(path, cases): def get_file(prefix, path, mode): - file_path = os.path.expandvars(os.path.expanduser(path[len(prefix):])) + file_path = os.path.expandvars(os.path.expanduser(path[len(prefix) :])) try: with compat_open(file_path, mode) as f: return f.read() @@ -241,10 +227,12 @@ def get_file(prefix, path, mode): raise ResourceLoadingError( 'Unable to load paramfile (%s), text contents could ' 'not be decoded. If this is a binary file, please use the ' - 'fileb:// prefix instead of the file:// prefix.' % file_path) - except (OSError, IOError) as e: - raise ResourceLoadingError('Unable to load paramfile %s: %s' % ( - path, e)) + 'fileb:// prefix instead of the file:// prefix.' % file_path + ) + except OSError as e: + raise ResourceLoadingError( + f'Unable to load paramfile {path}: {e}' + ) def get_uri(prefix, uri): @@ -255,8 +243,8 @@ def get_uri(prefix, uri): return r.text else: raise ResourceLoadingError( - "received non 200 status code of %s" % ( - r.status_code)) + f"received non 200 status code of {r.status_code}" + ) except Exception as e: raise ResourceLoadingError('Unable to retrieve %s: %s' % (uri, e)) diff --git a/awscli/schema.py b/awscli/schema.py index 17ec6ba416cd..3aa8f7c5528d 100644 --- a/awscli/schema.py +++ b/awscli/schema.py @@ -17,7 +17,7 @@ class ParameterRequiredError(ValueError): pass -class SchemaTransformer(object): +class SchemaTransformer: """ Transforms a custom argument parameter schema into an internal model representation so that it can be treated like a normal @@ -63,6 +63,7 @@ class SchemaTransformer(object): $ aws foo bar --baz arg1=Value1,arg2=5 arg1=Value2 """ + JSON_SCHEMA_TO_AWS_TYPES = { 'object': 'structure', 'array': 'list', @@ -116,7 +117,8 @@ def _transform_structure(self, schema, shapes): for key, value in schema['properties'].items(): current_type_name = self._json_schema_to_aws_type(value) current_shape_name = self._shape_namer.new_shape_name( - current_type_name) + current_type_name + ) members[key] = {'shape': current_shape_name} if value.get('required', False): required_members.append(key) @@ -161,7 +163,7 @@ def _json_schema_to_aws_type(self, schema): return self.JSON_SCHEMA_TO_AWS_TYPES.get(type_name, type_name) -class ShapeNameGenerator(object): +class ShapeNameGenerator: def __init__(self): self._name_cache = defaultdict(int) diff --git a/awscli/shorthand.py b/awscli/shorthand.py index b8e782c5bb33..18ec091f717a 100644 --- a/awscli/shorthand.py +++ b/awscli/shorthand.py @@ -38,16 +38,17 @@ ``BackCompatVisitor`` class. """ + import re import string +from awscli.paramfile import LOCAL_PREFIX_MAP, get_paramfile from awscli.utils import is_document_type - _EOF = object() -class _NamedRegex(object): +class _NamedRegex: def __init__(self, name, regex_str): self.name = name self.regex = re.compile(regex_str, re.UNICODE) @@ -57,25 +58,24 @@ def match(self, value): class ShorthandParseError(Exception): - def _error_location(self): consumed, remaining, num_spaces = self.value, '', self.index - if '\n' in self.value[:self.index]: + if '\n' in self.value[: self.index]: # If there's newlines in the consumed expression, we want # to make sure we're only counting the spaces # from the last newline: # foo=bar,\n # bar==baz # ^ - last_newline = self.value[:self.index].rindex('\n') + last_newline = self.value[: self.index].rindex('\n') num_spaces = self.index - last_newline - 1 - if '\n' in self.value[self.index:]: + if '\n' in self.value[self.index :]: # If there's newline in the remaining, divide value # into consumed and remaining # foo==bar,\n # ^ # bar=baz - next_newline = self.index + self.value[self.index:].index('\n') + next_newline = self.index + self.value[self.index :].index('\n') consumed = self.value[:next_newline] remaining = self.value[next_newline:] return '%s\n%s%s' % (consumed, (' ' * num_spaces) + '^', remaining) @@ -88,14 +88,13 @@ def __init__(self, value, expected, actual, index): self.actual = actual self.index = index msg = self._construct_msg() - super(ShorthandParseSyntaxError, self).__init__(msg) + super().__init__(msg) def _construct_msg(self): - msg = ( - "Expected: '%s', received: '%s' for input:\n" - "%s" - ) % (self.expected, self.actual, self._error_location()) - return msg + return ( + f"Expected: '{self.expected}', received: '{self.actual}' " + f"for input:\n" "{self._error_location()}" + ) class DuplicateKeyInObjectError(ShorthandParseError): @@ -104,22 +103,21 @@ def __init__(self, key, value, index): self.value = value self.index = index msg = self._construct_msg() - super(DuplicateKeyInObjectError, self).__init__(msg) + super().__init__(msg) def _construct_msg(self): - msg = ( - "Second instance of key \"%s\" encountered for input:\n%s\n" - "This is often because there is a preceding \",\" instead of a " - "space." - ) % (self.key, self._error_location()) - return msg + return ( + f"Second instance of key \"{self.key}\" encountered for input:\n" + f"{self._error_location()}\nThis is often because there is a " + "preceding \",\" instead of a space." + ) class DocumentTypesNotSupportedError(Exception): pass -class ShorthandParser(object): +class ShorthandParser: """Parses shorthand syntax in the CLI. Note that this parser does not rely on any JSON models to control @@ -127,28 +125,22 @@ class ShorthandParser(object): """ - _SINGLE_QUOTED = _NamedRegex('singled quoted', r'\'(?:\\\\|\\\'|[^\'])*\'') - _DOUBLE_QUOTED = _NamedRegex('double quoted', r'"(?:\\\\|\\"|[^"])*"') - _START_WORD = u'\!\#-&\(-\+\--\<\>-Z\\\\-z\u007c-\uffff' - _FIRST_FOLLOW_CHARS = u'\s\!\#-&\(-\+\--\\\\\^-\|~-\uffff' - _SECOND_FOLLOW_CHARS = u'\s\!\#-&\(-\+\--\<\>-\uffff' + _SINGLE_QUOTED = _NamedRegex('singled quoted', r'\'(?:\\\'|[^\'])*\'') + _DOUBLE_QUOTED = _NamedRegex('double quoted', r'"(?:\\"|[^"])*"') + _START_WORD = r'\!\#-&\(-\+\--\<\>-Z\\\\-z\u007c-\uffff' + _FIRST_FOLLOW_CHARS = r'\s\!\#-&\(-\+\--\\\\\^-\|~-\uffff' + _SECOND_FOLLOW_CHARS = r'\s\!\#-&\(-\+\--\<\>-\uffff' _ESCAPED_COMMA = '(\\\\,)' _FIRST_VALUE = _NamedRegex( 'first', - u'({escaped_comma}|[{start_word}])' - u'({escaped_comma}|[{follow_chars}])*'.format( - escaped_comma=_ESCAPED_COMMA, - start_word=_START_WORD, - follow_chars=_FIRST_FOLLOW_CHARS, - )) + f'({_ESCAPED_COMMA}|[{_START_WORD}])' + f'({_ESCAPED_COMMA}|[{_FIRST_FOLLOW_CHARS}])*', + ) _SECOND_VALUE = _NamedRegex( 'second', - u'({escaped_comma}|[{start_word}])' - u'({escaped_comma}|[{follow_chars}])*'.format( - escaped_comma=_ESCAPED_COMMA, - start_word=_START_WORD, - follow_chars=_SECOND_FOLLOW_CHARS, - )) + f'({_ESCAPED_COMMA}|[{_START_WORD}])' + f'({_ESCAPED_COMMA}|[{_SECOND_FOLLOW_CHARS}])*', + ) def __init__(self): self._tokens = [] @@ -169,6 +161,7 @@ def parse(self, value): """ self._input_value = value self._index = 0 + self._should_resolve_paramfiles = False return self._parameter() def _parameter(self): @@ -191,8 +184,15 @@ def _parameter(self): return params def _keyval(self): - # keyval = key "=" [values] + # keyval = key "=" [values] / key "@=" [file-optional-values] + # file-optional-values = file://value / fileb://value / value key = self._key() + self._should_resolve_paramfiles = False + try: + self._expect('@', consume_whitespace=True) + self._should_resolve_paramfiles = True + except ShorthandParseSyntaxError: + pass self._expect('=', consume_whitespace=True) values = self._values() return key, values @@ -205,7 +205,7 @@ def _key(self): if self._current() not in valid_chars: break self._index += 1 - return self._input_value[start:self._index] + return self._input_value[start : self._index] def _values(self): # values = csv-list / explicit-list / hash-literal @@ -267,10 +267,11 @@ def _csv_value(self): return csv_list def _value(self): - result = self._FIRST_VALUE.match(self._input_value[self._index:]) + result = self._FIRST_VALUE.match(self._input_value[self._index :]) if result is not None: consumed = self._consume_matched_regex(result) - return consumed.replace('\\,', ',').rstrip() + processed = consumed.replace('\\,', ',').rstrip() + return self._resolve_paramfiles(processed) if self._should_resolve_paramfiles else processed return '' def _explicit_list(self): @@ -301,6 +302,12 @@ def _hash_literal(self): keyvals = {} while self._current() != '}': key = self._key() + self._should_resolve_paramfiles = False + try: + self._expect('@', consume_whitespace=True) + self._should_resolve_paramfiles = True + except ShorthandParseSyntaxError: + pass self._expect('=', consume_whitespace=True) v = self._explicit_values() self._consume_whitespace() @@ -323,7 +330,8 @@ def _single_quoted_value(self): # single-quoted-value = %x27 *(val-escaped-single) %x27 # val-escaped-single = %x20-26 / %x28-7F / escaped-escape / # (escape single-quote) - return self._consume_quoted(self._SINGLE_QUOTED, escaped_char="'") + processed = self._consume_quoted(self._SINGLE_QUOTED, escaped_char="'") + return self._resolve_paramfiles(processed) if self._should_resolve_paramfiles else processed def _consume_quoted(self, regex, escaped_char=None): value = self._must_consume_regex(regex)[1:-1] @@ -333,7 +341,8 @@ def _consume_quoted(self, regex, escaped_char=None): return value def _double_quoted_value(self): - return self._consume_quoted(self._DOUBLE_QUOTED, escaped_char='"') + processed = self._consume_quoted(self._DOUBLE_QUOTED, escaped_char='"') + return self._resolve_paramfiles(processed) if self._should_resolve_paramfiles else processed def _second_value(self): if self._current() == "'": @@ -342,33 +351,42 @@ def _second_value(self): return self._double_quoted_value() else: consumed = self._must_consume_regex(self._SECOND_VALUE) - return consumed.replace('\\,', ',').rstrip() + processed = consumed.replace('\\,', ',').rstrip() + return self._resolve_paramfiles(processed) if self._should_resolve_paramfiles else processed + + def _resolve_paramfiles(self, val): + if (paramfile := get_paramfile(val, LOCAL_PREFIX_MAP)) is not None: + return paramfile + return val def _expect(self, char, consume_whitespace=False): if consume_whitespace: self._consume_whitespace() if self._index >= len(self._input_value): - raise ShorthandParseSyntaxError(self._input_value, char, - 'EOF', self._index) + raise ShorthandParseSyntaxError( + self._input_value, char, 'EOF', self._index + ) actual = self._input_value[self._index] if actual != char: - raise ShorthandParseSyntaxError(self._input_value, char, - actual, self._index) + raise ShorthandParseSyntaxError( + self._input_value, char, actual, self._index + ) self._index += 1 if consume_whitespace: self._consume_whitespace() def _must_consume_regex(self, regex): - result = regex.match(self._input_value[self._index:]) + result = regex.match(self._input_value[self._index :]) if result is not None: return self._consume_matched_regex(result) - raise ShorthandParseSyntaxError(self._input_value, '<%s>' % regex.name, - '', self._index) + raise ShorthandParseSyntaxError( + self._input_value, f'<{regex.name}>', '', self._index + ) def _consume_matched_regex(self, result): start, end = result.span() - v = self._input_value[self._index+start:self._index+end] - self._index += (end - start) + v = self._input_value[self._index + start : self._index + end] + self._index += end - start return v def _current(self): @@ -390,21 +408,23 @@ def _consume_whitespace(self): self._index += 1 -class ModelVisitor(object): +class ModelVisitor: def visit(self, params, model): self._visit({}, model, '', params) def _visit(self, parent, shape, name, value): - method = getattr(self, '_visit_%s' % shape.type_name, - self._visit_scalar) + method = getattr( + self, f'_visit_{shape.type_name}', self._visit_scalar + ) method(parent, shape, name, value) def _visit_structure(self, parent, shape, name, value): if not isinstance(value, dict): return for member_name, member_shape in shape.members.items(): - self._visit(value, member_shape, member_name, - value.get(member_name)) + self._visit( + value, member_shape, member_name, value.get(member_name) + ) def _visit_list(self, parent, shape, name, value): if not isinstance(value, list): @@ -430,8 +450,9 @@ def _visit_structure(self, parent, shape, name, value): return for member_name, member_shape in shape.members.items(): try: - self._visit(value, member_shape, member_name, - value.get(member_name)) + self._visit( + value, member_shape, member_name, value.get(member_name) + ) except DocumentTypesNotSupportedError: # Catch and propagate the document type error to a better # error message as when the original error is thrown there is @@ -440,7 +461,7 @@ def _visit_structure(self, parent, shape, name, value): raise ShorthandParseError( 'Shorthand syntax does not support document types. Use ' 'JSON input for top-level argument to specify nested ' - 'parameter: %s' % member_name + f'parameter: {member_name}' ) def _visit_list(self, parent, shape, name, value): @@ -450,8 +471,9 @@ def _visit_list(self, parent, shape, name, value): if value is not None: parent[name] = [value] else: - return super(BackCompatVisitor, self)._visit_list( - parent, shape, name, value) + return super()._visit_list( + parent, shape, name, value + ) def _visit_scalar(self, parent, shape, name, value): if value is None: diff --git a/awscli/table.py b/awscli/table.py index df96392fc9fe..3920144fdee3 100644 --- a/awscli/table.py +++ b/awscli/table.py @@ -1,24 +1,23 @@ # Copyright 2012-2013 Amazon.com, Inc. or its affiliates. All Rights Reserved. - +# # Licensed under the Apache License, Version 2.0 (the "License"). You # may not use this file except in compliance with the License. A copy of # the License is located at - +# # http://aws.amazon.com/apache2.0/ - +# # or in the "license" file accompanying this file. This file is # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -import sys + import struct +import sys import unicodedata import colorama from awscli.utils import is_a_tty -from awscli.compat import six - # `autoreset` allows us to not have to sent reset sequences for every # string. `strip` lets us preserve color when redirecting. @@ -35,29 +34,33 @@ def get_text_length(text): # * A(Ambiguous) # * F(Fullwidth) # * W(Wide) - text = six.text_type(text) - return sum(2 if unicodedata.east_asian_width(char) in 'WFA' else 1 - for char in text) + text = str(text) + return sum( + 2 if unicodedata.east_asian_width(char) in 'WFA' else 1 + for char in text + ) def determine_terminal_width(default_width=80): # If we can't detect the terminal width, the default_width is returned. try: - from termios import TIOCGWINSZ from fcntl import ioctl + from termios import TIOCGWINSZ except ImportError: return default_width try: - height, width = struct.unpack('hhhh', ioctl(sys.stdout, - TIOCGWINSZ, '\000' * 8))[0:2] + height, width = struct.unpack( + 'hhhh', ioctl(sys.stdout, TIOCGWINSZ, '\000' * 8) + )[0:2] except Exception: return default_width else: return width -def center_text(text, length=80, left_edge='|', right_edge='|', - text_length=None): +def center_text( + text, length=80, left_edge='|', right_edge='|', text_length=None +): """Center text with specified edge chars. You can pass in the length of the text as an arg, otherwise it is computed @@ -78,15 +81,24 @@ def center_text(text, length=80, left_edge='|', right_edge='|', return final -def align_left(text, length, left_edge='|', right_edge='|', text_length=None, - left_padding=2): +def align_left( + text, + length, + left_edge='|', + right_edge='|', + text_length=None, + left_padding=2, +): """Left align text.""" # postcondition: get_text_length(returned_text) == length if text_length is None: text_length = get_text_length(text) computed_length = ( - text_length + left_padding + \ - get_text_length(left_edge) + get_text_length(right_edge)) + text_length + + left_padding + + get_text_length(left_edge) + + get_text_length(right_edge) + ) if length - computed_length >= 0: padding = left_padding else: @@ -126,9 +138,10 @@ def convert_to_vertical_table(sections): sections[i] = new_section -class IndentedStream(object): - def __init__(self, stream, indent_level, left_indent_char='|', - right_indent_char='|'): +class IndentedStream: + def __init__( + self, stream, indent_level, left_indent_char='|', right_indent_char='|' + ): self._stream = stream self._indent_level = indent_level self._left_indent_char = left_indent_char @@ -147,7 +160,7 @@ def __getattr__(self, attr): return getattr(self._stream, attr) -class Styler(object): +class Styler: def style_title(self, text): return text @@ -168,25 +181,38 @@ def __init__(self): def style_title(self, text): # Originally bold + underline return text - #return colorama.Style.BOLD + text + colorama.Style.RESET_ALL def style_header_column(self, text): # Originally underline return text def style_row_element(self, text): - return (colorama.Style.BRIGHT + colorama.Fore.BLUE + - text + colorama.Style.RESET_ALL) + return ( + colorama.Style.BRIGHT + + colorama.Fore.BLUE + + text + + colorama.Style.RESET_ALL + ) def style_indentation_char(self, text): - return (colorama.Style.DIM + colorama.Fore.YELLOW + - text + colorama.Style.RESET_ALL) - - -class MultiTable(object): - def __init__(self, terminal_width=None, initial_section=True, - column_separator='|', terminal=None, - styler=None, auto_reformat=True): + return ( + colorama.Style.DIM + + colorama.Fore.YELLOW + + text + + colorama.Style.RESET_ALL + ) + + +class MultiTable: + def __init__( + self, + terminal_width=None, + initial_section=True, + column_separator='|', + terminal=None, + styler=None, + auto_reformat=True, + ): self._auto_reformat = auto_reformat if initial_section: self._current_section = Section() @@ -239,16 +265,22 @@ def _determine_conversion_needed(self, max_width): return self._auto_reformat def _calculate_max_width(self): - max_width = max(s.total_width(padding=4, with_border=True, - outer_padding=s.indent_level) - for s in self._sections) + max_width = max( + s.total_width( + padding=4, with_border=True, outer_padding=s.indent_level + ) + for s in self._sections + ) return max_width def _render_section(self, section, max_width, stream): - stream = IndentedStream(stream, section.indent_level, - self._styler.style_indentation_char('|'), - self._styler.style_indentation_char('|')) - max_width -= (section.indent_level * 2) + stream = IndentedStream( + stream, + section.indent_level, + self._styler.style_indentation_char('|'), + self._styler.style_indentation_char('|'), + ) + max_width -= section.indent_level * 2 self._render_title(section, max_width, stream) self._render_column_titles(section, max_width, stream) self._render_rows(section, max_width, stream) @@ -259,8 +291,12 @@ def _render_title(self, section, max_width, stream): # bottom_border: ---------------------------- if section.title: title = self._styler.style_title(section.title) - stream.write(center_text(title, max_width, '|', '|', - get_text_length(section.title)) + '\n') + stream.write( + center_text( + title, max_width, '|', '|', get_text_length(section.title) + ) + + '\n' + ) if not section.headers and not section.rows: stream.write('+%s+' % ('-' * (max_width - 2)) + '\n') @@ -269,8 +305,9 @@ def _render_column_titles(self, section, max_width, stream): return # In order to render the column titles we need to know # the width of each of the columns. - widths = section.calculate_column_widths(padding=4, - max_width=max_width) + widths = section.calculate_column_widths( + padding=4, max_width=max_width + ) # TODO: Built a list instead of +=, it's more efficient. current = '' length_so_far = 0 @@ -284,9 +321,13 @@ def _render_column_titles(self, section, max_width, stream): first = False else: left_edge = '' - current += center_text(text=stylized_header, length=width, - left_edge=left_edge, right_edge='|', - text_length=get_text_length(header)) + current += center_text( + text=stylized_header, + length=width, + left_edge=left_edge, + right_edge='|', + text_length=get_text_length(header), + ) length_so_far += width self._write_line_break(stream, widths) stream.write(current + '\n') @@ -308,8 +349,9 @@ def _write_line_break(self, stream, widths): def _render_rows(self, section, max_width, stream): if not section.rows: return - widths = section.calculate_column_widths(padding=4, - max_width=max_width) + widths = section.calculate_column_widths( + padding=4, max_width=max_width + ) if not widths: return self._write_line_break(stream, widths) @@ -326,16 +368,19 @@ def _render_rows(self, section, max_width, stream): else: left_edge = '' stylized = self._styler.style_row_element(element) - current += align_left(text=stylized, length=width, - left_edge=left_edge, - right_edge=self._column_separator, - text_length=get_text_length(element)) + current += align_left( + text=stylized, + length=width, + left_edge=left_edge, + right_edge=self._column_separator, + text_length=get_text_length(element), + ) length_so_far += width stream.write(current + '\n') self._write_line_break(stream, widths) -class Section(object): +class Section: def __init__(self): self.title = '' self.headers = [] @@ -345,8 +390,10 @@ def __init__(self): self._max_widths = [] def __repr__(self): - return ("Section(title=%s, headers=%s, indent_level=%s, num_rows=%s)" % - (self.title, self.headers, self.indent_level, len(self.rows))) + return ( + f"Section(title={self.title}, headers={self.headers}, " + f"indent_level={self.indent_level}, num_rows={len(self.rows)})" + ) def calculate_column_widths(self, padding=0, max_width=None): # postcondition: sum(widths) == max_width @@ -386,8 +433,13 @@ def total_width(self, padding=0, with_border=False, outer_padding=0): if with_border: total += border_padding total += outer_padding + outer_padding - return max(get_text_length(self.title) + border_padding + outer_padding + - outer_padding, total) + return max( + get_text_length(self.title) + + border_padding + + outer_padding + + outer_padding, + total, + ) def add_title(self, title): self.title = title @@ -405,18 +457,22 @@ def add_row(self, row): if self._num_cols is None: self._num_cols = len(row) if len(row) != self._num_cols: - raise ValueError("Row should have %s elements, instead " - "it has %s" % (self._num_cols, len(row))) + raise ValueError( + f"Row should have {self._num_cols} elements, instead " + f"it has {len(row)}" + ) row = self._format_row(row) self.rows.append(row) self._update_max_widths(row) def _format_row(self, row): - return [six.text_type(r) for r in row] + return [str(r) for r in row] def _update_max_widths(self, row): if not self._max_widths: self._max_widths = [get_text_length(el) for el in row] else: for i, el in enumerate(row): - self._max_widths[i] = max(get_text_length(el), self._max_widths[i]) + self._max_widths[i] = max( + get_text_length(el), self._max_widths[i] + ) diff --git a/awscli/testutils.py b/awscli/testutils.py index 365442a2fa1a..f1fe2d27bbcf 100644 --- a/awscli/testutils.py +++ b/awscli/testutils.py @@ -19,48 +19,30 @@ advantage of all the testing utilities we provide. """ -import os -import sys + +import binascii +import contextlib import copy -import shutil -import time import json import logging -import tempfile +import os import platform -import contextlib -import string -import binascii +import shutil +import sys +import tempfile +import time +import unittest +import uuid from pprint import pformat -from subprocess import Popen, PIPE +from subprocess import PIPE, Popen from unittest import mock -from awscli.compat import StringIO - - -from awscli.compat import six -from botocore.session import Session -from botocore.exceptions import ClientError -from botocore.exceptions import WaiterError import botocore.loaders from botocore.awsrequest import AWSResponse +from botocore.exceptions import ClientError, WaiterError import awscli.clidriver -from awscli.plugin import load_plugins -from awscli.clidriver import CLIDriver -from awscli import EnvironmentVariables - - -import unittest - - -# In python 3, order matters when calling assertEqual to -# compare lists and dictionaries with lists. Therefore, -# assertItemsEqual needs to be used but it is renamed to -# assertCountEqual in python 3. -if six.PY2: - unittest.TestCase.assertCountEqual = unittest.TestCase.assertItemsEqual - +from awscli.compat import BytesIO, StringIO _LOADER = botocore.loaders.Loader() INTEG_LOG = logging.getLogger('awscli.tests.integration') @@ -77,9 +59,12 @@ def test_some_non_windows_stuff(self): self.assertEqual(...) """ + def decorator(func): return unittest.skipIf( - platform.system() not in ['Darwin', 'Linux'], reason)(func) + platform.system() not in ['Darwin', 'Linux'], reason + )(func) + return decorator @@ -97,6 +82,7 @@ def create_clidriver(): def get_aws_cmd(): global AWS_CMD import awscli + if AWS_CMD is None: # Try /bin/aws repo_root = os.path.dirname(os.path.abspath(awscli.__file__)) @@ -104,10 +90,12 @@ def get_aws_cmd(): if not os.path.isfile(aws_cmd): aws_cmd = _search_path_for_cmd('aws') if aws_cmd is None: - raise ValueError('Could not find "aws" executable. Either ' - 'make sure it is on your PATH, or you can ' - 'explicitly set this value using ' - '"set_aws_cmd()"') + raise ValueError( + 'Could not find "aws" executable. Either ' + 'make sure it is on your PATH, or you can ' + 'explicitly set this value using ' + '"set_aws_cmd()"' + ) AWS_CMD = aws_cmd return AWS_CMD @@ -176,6 +164,42 @@ def create_bucket(session, name=None, region=None): return bucket_name +def create_dir_bucket(session, name=None, location=None): + """ + Creates a S3 directory bucket + :returns: the name of the bucket created + """ + if not location: + location = ('us-west-2', 'usw2-az1') + region, az = location + client = session.create_client('s3', region_name=region) + if name: + bucket_name = name + else: + bucket_name = f"{random_bucket_name()}--{az}--x-s3" + params = { + 'Bucket': bucket_name, + 'CreateBucketConfiguration': { + 'Location': {'Type': 'AvailabilityZone', 'Name': az}, + 'Bucket': { + 'Type': 'Directory', + 'DataRedundancy': 'SingleAvailabilityZone', + }, + }, + } + try: + client.create_bucket(**params) + except ClientError as e: + if e.response['Error'].get('Code') == 'BucketAlreadyOwnedByYou': + # This can happen in the retried request, when the first one + # succeeded on S3 but somehow the response never comes back. + # We still got a bucket ready for test anyway. + pass + else: + raise + return bucket_name + + def random_chars(num_chars): """Returns random hex characters. @@ -185,7 +209,7 @@ def random_chars(num_chars): return binascii.hexlify(os.urandom(int(num_chars / 2))).decode('ascii') -def random_bucket_name(prefix='awscli-s3integ-', num_random=15): +def random_bucket_name(prefix='awscli-s3integ', num_random=15): """Generate a random S3 bucket name. :param prefix: A prefix to use in the bucket name. Useful @@ -196,7 +220,7 @@ def random_bucket_name(prefix='awscli-s3integ-', num_random=15): :returns: The name of a randomly generated bucket name as a string. """ - return prefix + random_chars(num_random) + return f"{prefix}-{random_chars(num_random)}-{int(time.time())}" class BaseCLIDriverTest(unittest.TestCase): @@ -205,6 +229,7 @@ class BaseCLIDriverTest(unittest.TestCase): This will load all the default plugins as well so it will simulate the behavior the user will see. """ + def setUp(self): self.environ = { 'AWS_DATA_PATH': os.environ['AWS_DATA_PATH'], @@ -224,35 +249,41 @@ def tearDown(self): class BaseAWSHelpOutputTest(BaseCLIDriverTest): def setUp(self): - super(BaseAWSHelpOutputTest, self).setUp() + super().setUp() self.renderer_patch = mock.patch('awscli.help.get_renderer') self.renderer_mock = self.renderer_patch.start() self.renderer = CapturedRenderer() self.renderer_mock.return_value = self.renderer def tearDown(self): - super(BaseAWSHelpOutputTest, self).tearDown() + super().tearDown() self.renderer_patch.stop() def assert_contains(self, contains): if contains not in self.renderer.rendered_contents: - self.fail("The expected contents:\n%s\nwere not in the " - "actual rendered contents:\n%s" % ( - contains, self.renderer.rendered_contents)) + self.fail( + "The expected contents:\n%s\nwere not in the " + "actual rendered contents:\n%s" + % (contains, self.renderer.rendered_contents) + ) def assert_contains_with_count(self, contains, count): r_count = self.renderer.rendered_contents.count(contains) if r_count != count: - self.fail("The expected contents:\n%s\n, with the " - "count:\n%d\nwere not in the actual rendered " - " contents:\n%s\nwith count:\n%d" % ( - contains, count, self.renderer.rendered_contents, r_count)) + self.fail( + "The expected contents:\n%s\n, with the " + "count:\n%d\nwere not in the actual rendered " + " contents:\n%s\nwith count:\n%d" + % (contains, count, self.renderer.rendered_contents, r_count) + ) def assert_not_contains(self, contents): if contents in self.renderer.rendered_contents: - self.fail("The contents:\n%s\nwere not suppose to be in the " - "actual rendered contents:\n%s" % ( - contents, self.renderer.rendered_contents)) + self.fail( + "The contents:\n%s\nwere not suppose to be in the " + "actual rendered contents:\n%s" + % (contents, self.renderer.rendered_contents) + ) def assert_text_order(self, *args, **kwargs): # First we need to find where the SYNOPSIS section starts. @@ -265,15 +296,19 @@ def assert_text_order(self, *args, **kwargs): previous = arg_indices[0] for i, index in enumerate(arg_indices[1:], 1): if index == -1: - self.fail('The string %r was not found in the contents: %s' - % (args[index], contents)) + self.fail( + 'The string %r was not found in the contents: %s' + % (args[index], contents) + ) if index < previous: - self.fail('The string %r came before %r, but was suppose to come ' - 'after it.\n%s' % (args[i], args[i - 1], contents)) + self.fail( + 'The string %r came before %r, but was suppose to come ' + 'after it.\n%s' % (args[i], args[i - 1], contents) + ) previous = index -class CapturedRenderer(object): +class CapturedRenderer: def __init__(self): self.rendered_contents = '' @@ -281,7 +316,7 @@ def render(self, contents): self.rendered_contents = contents.decode('utf-8') -class CapturedOutput(object): +class CapturedOutput: def __init__(self, stdout, stderr): self.stdout = stdout self.stderr = stderr @@ -289,8 +324,8 @@ def __init__(self, stdout, stderr): @contextlib.contextmanager def capture_output(): - stderr = six.StringIO() - stdout = six.StringIO() + stderr = StringIO() + stdout = StringIO() with mock.patch('sys.stderr', stderr): with mock.patch('sys.stdout', stdout): yield CapturedOutput(stdout, stderr) @@ -298,12 +333,9 @@ def capture_output(): @contextlib.contextmanager def capture_input(input_bytes=b''): - input_data = six.BytesIO(input_bytes) - if six.PY3: - mock_object = mock.Mock() - mock_object.buffer = input_data - else: - mock_object = input_data + input_data = BytesIO(input_bytes) + mock_object = mock.Mock() + mock_object.buffer = input_data with mock.patch('sys.stdin', mock_object): yield input_data @@ -334,7 +366,9 @@ def setUp(self): self.environ_patch.start() self.http_response = AWSResponse(None, 200, {}, None) self.parsed_response = {} - self.make_request_patch = mock.patch('botocore.endpoint.Endpoint.make_request') + self.make_request_patch = mock.patch( + 'botocore.endpoint.Endpoint.make_request' + ) self.make_request_is_patched = False self.operations_called = [] self.parsed_responses = None @@ -364,14 +398,25 @@ def patch_make_request(self): self.make_request_is_patched = False make_request_patch = self.make_request_patch.start() if self.parsed_responses is not None: - make_request_patch.side_effect = lambda *args, **kwargs: \ - (self.http_response, self.parsed_responses.pop(0)) + make_request_patch.side_effect = lambda *args, **kwargs: ( + self.http_response, + self.parsed_responses.pop(0), + ) else: - make_request_patch.return_value = (self.http_response, self.parsed_response) + make_request_patch.return_value = ( + self.http_response, + self.parsed_response, + ) self.make_request_is_patched = True - def assert_params_for_cmd(self, cmd, params=None, expected_rc=0, - stderr_contains=None, ignore_params=None): + def assert_params_for_cmd( + self, + cmd, + params=None, + expected_rc=0, + stderr_contains=None, + ignore_params=None, + ): stdout, stderr, rc = self.run_cmd(cmd, expected_rc) if stderr_contains is not None: self.assertIn(stderr_contains, stderr) @@ -385,11 +430,12 @@ def assert_params_for_cmd(self, cmd, params=None, expected_rc=0, except KeyError: pass if params != last_kwargs: - self.fail("Actual params did not match expected params.\n" - "Expected:\n\n" - "%s\n" - "Actual:\n\n%s\n" % ( - pformat(params), pformat(last_kwargs))) + self.fail( + "Actual params did not match expected params.\n" + "Expected:\n\n" + "%s\n" + "Actual:\n\n%s\n" % (pformat(params), pformat(last_kwargs)) + ) return stdout, stderr, rc def before_parameter_build(self, params, model, **kwargs): @@ -402,7 +448,8 @@ def run_cmd(self, cmd, expected_rc=0): event_emitter = self.driver.session.get_component('event_emitter') event_emitter.register('before-call', self.before_call) event_emitter.register_first( - 'before-parameter-build.*.*', self.before_parameter_build) + 'before-parameter-build.*.*', self.before_parameter_build + ) if not isinstance(cmd, list): cmdlist = cmd.split() else: @@ -420,23 +467,25 @@ def run_cmd(self, cmd, expected_rc=0): stderr = captured.stderr.getvalue() stdout = captured.stdout.getvalue() self.assertEqual( - rc, expected_rc, + rc, + expected_rc, "Unexpected rc (expected: %s, actual: %s) for command: %s\n" - "stdout:\n%sstderr:\n%s" % ( - expected_rc, rc, cmd, stdout, stderr)) + "stdout:\n%sstderr:\n%s" % (expected_rc, rc, cmd, stdout, stderr), + ) return stdout, stderr, rc class BaseAWSPreviewCommandParamsTest(BaseAWSCommandParamsTest): def setUp(self): self.preview_patch = mock.patch( - 'awscli.customizations.preview.mark_as_preview') + 'awscli.customizations.preview.mark_as_preview' + ) self.preview_patch.start() - super(BaseAWSPreviewCommandParamsTest, self).setUp() + super().setUp() def tearDown(self): self.preview_patch.stop() - super(BaseAWSPreviewCommandParamsTest, self).tearDown() + super().tearDown() class BaseCLIWireResponseTest(unittest.TestCase): @@ -446,7 +495,7 @@ def setUp(self): 'AWS_DEFAULT_REGION': 'us-east-1', 'AWS_ACCESS_KEY_ID': 'access_key', 'AWS_SECRET_ACCESS_KEY': 'secret_key', - 'AWS_CONFIG_FILE': '' + 'AWS_CONFIG_FILE': '', } self.environ_patch = mock.patch('os.environ', self.environ) self.environ_patch.start() @@ -466,9 +515,9 @@ def patch_send(self, status_code=200, headers={}, content=b''): self.send_patch.stop() self.send_is_patched = False send_patch = self.send_patch.start() - send_patch.return_value = mock.Mock(status_code=status_code, - headers=headers, - content=content) + send_patch.return_value = mock.Mock( + status_code=status_code, headers=headers, content=content + ) self.send_is_patched = True def run_cmd(self, cmd, expected_rc=0): @@ -484,15 +533,15 @@ def run_cmd(self, cmd, expected_rc=0): stderr = captured.stderr.getvalue() stdout = captured.stdout.getvalue() self.assertEqual( - rc, expected_rc, + rc, + expected_rc, "Unexpected rc (expected: %s, actual: %s) for command: %s\n" - "stdout:\n%sstderr:\n%s" % ( - expected_rc, rc, cmd, stdout, stderr)) + "stdout:\n%sstderr:\n%s" % (expected_rc, rc, cmd, stdout, stderr), + ) return stdout, stderr, rc - -class FileCreator(object): +class FileCreator: def __init__(self): self.rootdir = tempfile.mkdtemp() @@ -555,7 +604,7 @@ class ProcessTerminatedError(Exception): pass -class Result(object): +class Result: def __init__(self, rc, stdout, stderr, memory_usage=None): self.rc = rc self.stdout = stdout @@ -582,8 +631,14 @@ def _escape_quotes(command): return command -def aws(command, collect_memory=False, env_vars=None, - wait_for_finish=True, input_data=None, input_file=None): +def aws( + command, + collect_memory=False, + env_vars=None, + wait_for_finish=True, + input_data=None, + input_file=None, +): """Run an aws command. This help function abstracts the differences of running the "aws" @@ -623,8 +678,6 @@ def aws(command, collect_memory=False, env_vars=None, aws_command = 'python %s' % get_aws_cmd() full_command = '%s %s' % (aws_command, command) stdout_encoding = get_stdout_encoding() - if isinstance(full_command, six.text_type) and not six.PY3: - full_command = full_command.encode(stdout_encoding) INTEG_LOG.debug("Running command: %s", full_command) env = os.environ.copy() if 'AWS_DEFAULT_REGION' not in env: @@ -633,8 +686,14 @@ def aws(command, collect_memory=False, env_vars=None, env = env_vars if input_file is None: input_file = PIPE - process = Popen(full_command, stdout=PIPE, stderr=PIPE, stdin=input_file, - shell=True, env=env) + process = Popen( + full_command, + stdout=PIPE, + stderr=PIPE, + stdin=input_file, + shell=True, + env=env, + ) if not wait_for_finish: return process memory = None @@ -645,10 +704,12 @@ def aws(command, collect_memory=False, env_vars=None, stdout, stderr = process.communicate(**kwargs) else: stdout, stderr, memory = _wait_and_collect_mem(process) - return Result(process.returncode, - stdout.decode(stdout_encoding), - stderr.decode(stdout_encoding), - memory) + return Result( + process.returncode, + stdout.decode(stdout_encoding), + stderr.decode(stdout_encoding), + memory, + ) def get_stdout_encoding(): @@ -666,8 +727,8 @@ def _wait_and_collect_mem(process): get_memory = _get_memory_with_ps else: raise ValueError( - "Can't collect memory for process on platform %s." % - platform.system()) + f"Can't collect memory for process on platform {platform.system()}." + ) memory = [] while process.poll() is None: try: @@ -704,6 +765,7 @@ class BaseS3CLICommand(unittest.TestCase): and more streamlined. """ + _PUT_HEAD_SHARED_EXTRAS = [ 'SSECustomerAlgorithm', 'SSECustomerKey', @@ -742,21 +804,21 @@ def create_client_for_bucket(self, bucket_name): def assert_key_contents_equal(self, bucket, key, expected_contents): self.wait_until_key_exists(bucket, key) - if isinstance(expected_contents, six.BytesIO): + if isinstance(expected_contents, BytesIO): expected_contents = expected_contents.getvalue().decode('utf-8') actual_contents = self.get_key_contents(bucket, key) # The contents can be huge so we try to give helpful error messages # without necessarily printing the actual contents. self.assertEqual(len(actual_contents), len(expected_contents)) if actual_contents != expected_contents: - self.fail("Contents for %s/%s do not match (but they " - "have the same length)" % (bucket, key)) + self.fail( + f"Contents for {bucket}/{key} do not match (but they " + "have the same length)" + ) def delete_public_access_block(self, bucket_name): client = self.create_client_for_bucket(bucket_name) - client.delete_public_access_block( - Bucket=bucket_name - ) + client.delete_public_access_block(Bucket=bucket_name) def create_bucket(self, name=None, region=None): if not region: @@ -770,12 +832,22 @@ def create_bucket(self, name=None, region=None): self.delete_public_access_block(bucket_name) return bucket_name + def create_dir_bucket(self, name=None, location=None): + if location: + region, _ = location + else: + region = self.region + bucket_name = create_dir_bucket(self.session, name, location) + self.regions[bucket_name] = region + self.addCleanup(self.delete_bucket, bucket_name) + + # Wait for the bucket to exist before letting it be used. + self.wait_bucket_exists(bucket_name) + return bucket_name + def put_object(self, bucket_name, key_name, contents='', extra_args=None): client = self.create_client_for_bucket(bucket_name) - call_args = { - 'Bucket': bucket_name, - 'Key': key_name, 'Body': contents - } + call_args = {'Bucket': bucket_name, 'Key': key_name, 'Body': contents} if extra_args is not None: call_args.update(extra_args) response = client.put_object(**call_args) @@ -783,7 +855,8 @@ def put_object(self, bucket_name, key_name, contents='', extra_args=None): extra_head_params = {} if extra_args: extra_head_params = dict( - (k, v) for (k, v) in extra_args.items() + (k, v) + for (k, v) in extra_args.items() if k in self._PUT_HEAD_SHARED_EXTRAS ) self.wait_until_key_exists( @@ -818,7 +891,7 @@ def delete_bucket(self, bucket_name, attempts=5, delay=5): def remove_all_objects(self, bucket_name): client = self.create_client_for_bucket(bucket_name) - paginator = client.get_paginator('list_objects') + paginator = client.get_paginator('list_objects_v2') pages = paginator.paginate(Bucket=bucket_name) key_names = [] for page in pages: @@ -840,7 +913,8 @@ def wait_bucket_exists(self, bucket_name, min_successes=3): client = self.create_client_for_bucket(bucket_name) waiter = client.get_waiter('bucket_exists') consistency_waiter = ConsistencyWaiter( - min_successes=min_successes, delay_initial_poll=True) + min_successes=min_successes, delay_initial_poll=True + ) consistency_waiter.wait( lambda: waiter.wait(Bucket=bucket_name) is None ) @@ -858,7 +932,8 @@ def bucket_not_exists(self, bucket_name): def key_exists(self, bucket_name, key_name, min_successes=3): try: self.wait_until_key_exists( - bucket_name, key_name, min_successes=min_successes) + bucket_name, key_name, min_successes=min_successes + ) return True except (ClientError, WaiterError): return False @@ -866,7 +941,8 @@ def key_exists(self, bucket_name, key_name, min_successes=3): def key_not_exists(self, bucket_name, key_name, min_successes=3): try: self.wait_until_key_not_exists( - bucket_name, key_name, min_successes=min_successes) + bucket_name, key_name, min_successes=min_successes + ) return True except (ClientError, WaiterError): return False @@ -884,18 +960,28 @@ def head_object(self, bucket_name, key_name): response = client.head_object(Bucket=bucket_name, Key=key_name) return response - def wait_until_key_exists(self, bucket_name, key_name, extra_params=None, - min_successes=3): - self._wait_for_key(bucket_name, key_name, extra_params, - min_successes, exists=True) + def wait_until_key_exists( + self, bucket_name, key_name, extra_params=None, min_successes=3 + ): + self._wait_for_key( + bucket_name, key_name, extra_params, min_successes, exists=True + ) - def wait_until_key_not_exists(self, bucket_name, key_name, extra_params=None, - min_successes=3): - self._wait_for_key(bucket_name, key_name, extra_params, - min_successes, exists=False) + def wait_until_key_not_exists( + self, bucket_name, key_name, extra_params=None, min_successes=3 + ): + self._wait_for_key( + bucket_name, key_name, extra_params, min_successes, exists=False + ) - def _wait_for_key(self, bucket_name, key_name, extra_params=None, - min_successes=3, exists=True): + def _wait_for_key( + self, + bucket_name, + key_name, + extra_params=None, + min_successes=3, + exists=True, + ): client = self.create_client_for_bucket(bucket_name) if exists: waiter = client.get_waiter('object_exists') @@ -909,8 +995,10 @@ def _wait_for_key(self, bucket_name, key_name, extra_params=None, def assert_no_errors(self, p): self.assertEqual( - p.rc, 0, - "Non zero rc (%s) received: %s" % (p.rc, p.stdout + p.stderr)) + p.rc, + 0, + "Non zero rc (%s) received: %s" % (p.rc, p.stdout + p.stderr), + ) self.assertNotIn("Error:", p.stderr) self.assertNotIn("failed:", p.stderr) self.assertNotIn("client error", p.stderr) @@ -922,7 +1010,7 @@ def fileno(self): return 0 -class TestEventHandler(object): +class TestEventHandler: def __init__(self, handler=None): self._handler = handler self._called = False @@ -942,7 +1030,7 @@ class ConsistencyWaiterException(Exception): pass -class ConsistencyWaiter(object): +class ConsistencyWaiter: """ A waiter class for some check to reach a consistent state. @@ -958,8 +1046,14 @@ class ConsistencyWaiter(object): :param delay: The number of seconds to delay the next API call after a failed check call. Default of 5 seconds. """ - def __init__(self, min_successes=1, max_attempts=20, delay=5, - delay_initial_poll=False): + + def __init__( + self, + min_successes=1, + max_attempts=20, + delay=5, + delay_initial_poll=False, + ): self.min_successes = min_successes self.max_attempts = max_attempts self.delay = delay @@ -997,3 +1091,13 @@ def wait(self, check, *args, **kwargs): def _fail_message(self, attempts, successes): format_args = (attempts, successes) return 'Failed after %s attempts, only had %s successes' % format_args + + +@contextlib.contextmanager +def cd(path): + try: + original_dir = os.getcwd() + os.chdir(path) + yield + finally: + os.chdir(original_dir) diff --git a/awscli/text.py b/awscli/text.py index 9bc505042fee..6b915b0f8f2b 100644 --- a/awscli/text.py +++ b/awscli/text.py @@ -10,7 +10,6 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -from awscli.compat import six def format_text(data, stream): @@ -25,7 +24,7 @@ def _format_text(item, stream, identifier=None, scalar_keys=None): else: # If it's not a list or a dict, we just write the scalar # value out directly. - stream.write(six.text_type(item)) + stream.write(str(item)) stream.write('\n') @@ -35,15 +34,18 @@ def _format_list(item, identifier, stream): if any(isinstance(el, dict) for el in item): all_keys = _all_scalar_keys(item) for element in item: - _format_text(element, stream=stream, identifier=identifier, - scalar_keys=all_keys) + _format_text( + element, + stream=stream, + identifier=identifier, + scalar_keys=all_keys, + ) elif any(isinstance(el, list) for el in item): scalar_elements, non_scalars = _partition_list(item) if scalar_elements: _format_scalar_list(scalar_elements, identifier, stream) for non_scalar in non_scalars: - _format_text(non_scalar, stream=stream, - identifier=identifier) + _format_text(non_scalar, stream=stream, identifier=identifier) else: _format_scalar_list(item, identifier, stream) @@ -62,11 +64,10 @@ def _partition_list(item): def _format_scalar_list(elements, identifier, stream): if identifier is not None: for item in elements: - stream.write('%s\t%s\n' % (identifier.upper(), - item)) + stream.write(f'{identifier.upper()}\t{item}\n') else: # For a bare list, just print the contents. - stream.write('\t'.join([six.text_type(item) for item in elements])) + stream.write('\t'.join([str(item) for item in elements])) stream.write('\n') @@ -78,8 +79,7 @@ def _format_dict(scalar_keys, item, identifier, stream): stream.write('\t'.join(scalars)) stream.write('\n') for new_identifier, non_scalar in non_scalars: - _format_text(item=non_scalar, stream=stream, - identifier=new_identifier) + _format_text(item=non_scalar, stream=stream, identifier=new_identifier) def _all_scalar_keys(list_of_dicts): @@ -107,10 +107,10 @@ def _partition_dict(item_dict, scalar_keys): if isinstance(value, (dict, list)): non_scalar.append((key, value)) else: - scalar.append(six.text_type(value)) + scalar.append(str(value)) else: for key in scalar_keys: - scalar.append(six.text_type(item_dict.get(key, ''))) + scalar.append(str(item_dict.get(key, ''))) remaining_keys = sorted(set(item_dict.keys()) - set(scalar_keys)) for remaining_key in remaining_keys: non_scalar.append((remaining_key, item_dict[remaining_key])) diff --git a/awscli/topics/s3-config.rst b/awscli/topics/s3-config.rst index 0b5da90b2d96..b33f23681a86 100644 --- a/awscli/topics/s3-config.rst +++ b/awscli/topics/s3-config.rst @@ -171,7 +171,9 @@ file is divided into chunks. This configuration option specifies what the chunk size (also referred to as the part size) should be. This value can specified using the same semantics as ``multipart_threshold``, that is either as the number of bytes as an integer, or using a size -suffix. +suffix. If the specified chunk size does not fit within the established +limits for S3 multipart uploads, the chunk size will be automatically +adjusted to a valid value. max_bandwidth diff --git a/awscli/topics/s3-faq.rst b/awscli/topics/s3-faq.rst index 2e8babe13a41..975b8d122a66 100644 --- a/awscli/topics/s3-faq.rst +++ b/awscli/topics/s3-faq.rst @@ -13,32 +13,55 @@ Below are common questions regarding the use of Amazon S3 in the AWS CLI. Q: Does the AWS CLI validate checksums? --------------------------------------- -The AWS CLI will perform checksum validation for uploading files in -specific scenarios. +The AWS CLI will attempt to perform checksum validation for uploading and +downloading files, as described below. Upload ~~~~~~ -The AWS CLI will calculate and auto-populate the ``Content-MD5`` header for -both standard and multipart uploads. If the checksum that S3 calculates does -not match the ``Content-MD5`` provided, S3 will not store the object and -instead will return an error message back the AWS CLI. The AWS CLI will retry -this error up to 5 times before giving up. On the case that any files fail to -transfer successfully to S3, the AWS CLI will exit with a non zero RC. -See ``aws help return-codes`` for more information. - -If the upload request is signed with Signature Version 4, then the AWS CLI uses the -``x-amz-content-sha256`` header as a checksum instead of ``Content-MD5``. -The AWS CLI will use Signature Version 4 for S3 in several cases: - -* You're using an AWS region that only supports Signature Version 4. This - includes ``eu-central-1`` and ``ap-northeast-2``. -* You explicitly opt in and set ``signature_version = s3v4`` in your - ``~/.aws/config`` file. - -Note that the AWS CLI will add a ``Content-MD5`` header for both -the high level ``aws s3`` commands that perform uploads -(``aws s3 cp``, ``aws s3 sync``) as well as the low level ``s3api`` -commands including ``aws s3api put-object`` and ``aws s3api upload-part``. - -If you want to verify the integrity of an object during upload, see `How can I check the integrity of an object uploaded to Amazon S3? `_ in the *AWS Knowledge Center*. +The AWS CLI v1 will calculate and auto-populate a ``x-amz-checksum-`` HTTP header by +default for each upload, where ```` is the algorithm used to calculate the checksum. +By default, the Cyclic Redundancy Check 32 (CRC32) algorithm +is used to calculate checksums, but an alternative algorithm can be specified by using the +``--checksum-algorithm`` argument on high-level ``aws s3`` commands. The checksum algorithms +supported by the AWS CLI v1 are: + +- CRC64NVME (Recommended) +- CRC32 +- CRC32C +- SHA1 +- SHA256 + +Amazon S3 will use the algorithm specified in the header to calculate the checksum of the object. If it +does not match the checksum provided, the object will not be stored and an error message +will be returned. Otherwise, the checksum is stored in object metadata that you can use +later to verify data integrity of download operations (see Download section). + +.. note:: + Note that the AWS CLI will perform the above checksum calculations for commands that perform uploads. This + includes high-level commands like ``aws s3 cp``, ``aws s3 sync``, and ``aws s3 mv``, and low-level commands + like ``aws s3api put-object`` and ``aws s3api upload-part``." + + For high-level command invocations that result in uploading multiple files (e.g. ``aws s3 sync``), + the same checksum algorithm will be used for all file uploads included in the command execution. + +For more information about verifying data integrity in Amazon S3, see +`Checking object integrity in Amazon S3? +`_ in the Amazon S3 User Guide. + +Download +~~~~~~ + +The AWS CLI will attempt to verify the checksum of downloads when possible. If a non-MD5 checksum is returned +with a downloaded object, the CLI will use the same algorithm to recalculate the checksum and verify +it matches the one stored in Amazon S3. If checksum validation fails, an error is raised and the request will NOT be +retried. + +.. note:: + Note that the AWS CLI will perform the above checksum calculations for commands that perform uploads. This + includes high-level commands like ``aws s3 cp``, ``aws s3 sync``, and ``aws s3 mv``, and low-level commands + like ``aws s3api get-object``" + +For more information about verifying data integrity in Amazon S3, see +`Checking object integrity in Amazon S3? +`_ in the Amazon S3 User Guide. diff --git a/awscli/topictags.py b/awscli/topictags.py index d635a9d20e3a..ec681035b7db 100644 --- a/awscli/topictags.py +++ b/awscli/topictags.py @@ -19,12 +19,13 @@ # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS # IN THE SOFTWARE. # -import os import json +import os + import docutils.core -class TopicTagDB(object): +class TopicTagDB: """This class acts like a database for the tags of all available topics. A tag is an element in a topic reStructured text file that contains @@ -67,19 +68,25 @@ class TopicTagDB(object): that all tag values for a specific tag of a specific topic are unique. """ - VALID_TAGS = ['category', 'description', 'title', 'related topic', - 'related command'] + VALID_TAGS = [ + 'category', + 'description', + 'title', + 'related topic', + 'related command', + ] # The default directory to look for topics. TOPIC_DIR = os.path.join( - os.path.dirname( - os.path.abspath(__file__)), 'topics') + os.path.dirname(os.path.abspath(__file__)), 'topics' + ) # The default JSON index to load. JSON_INDEX = os.path.join(TOPIC_DIR, 'topic-tags.json') - def __init__(self, tag_dictionary=None, index_file=JSON_INDEX, - topic_dir=TOPIC_DIR): + def __init__( + self, tag_dictionary=None, index_file=JSON_INDEX, topic_dir=TOPIC_DIR + ): """ :param index_file: The path to a specific JSON index to load. If nothing is specified it will default to the default JSON @@ -121,7 +128,7 @@ def valid_tags(self): def load_json_index(self): """Loads a JSON file into the tag dictionary.""" - with open(self.index_file, 'r') as f: + with open(self.index_file) as f: self._tag_dictionary = json.load(f) def save_to_json_index(self): @@ -156,7 +163,7 @@ def scan(self, topic_files): :param topic_files: A list of paths to topics to scan into memory. """ for topic_file in topic_files: - with open(topic_file, 'r') as f: + with open(topic_file) as f: # Parse out the name of the topic topic_name = self._find_topic_name(topic_file) # Add the topic to the dictionary if it does not exist @@ -164,7 +171,8 @@ def scan(self, topic_files): topic_content = f.read() # Record the tags and the values self._add_tag_and_values_from_content( - topic_name, topic_content) + topic_name, topic_content + ) def _find_topic_name(self, topic_src_file): # Get the name of each of these files @@ -259,9 +267,9 @@ def query(self, tag, values=None): # no value constraints are provided or if the tag value # falls in the allowed tag values. if values is None or tag_value in values: - self._add_key_values(query_dict, - key=tag_value, - values=[topic_name]) + self._add_key_values( + query_dict, key=tag_value, values=[topic_name] + ) return query_dict def get_tag_value(self, topic_name, tag, default_value=None): diff --git a/awscli/utils.py b/awscli/utils.py index 7ed20575a24f..995b40473de0 100644 --- a/awscli/utils.py +++ b/awscli/utils.py @@ -10,17 +10,19 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. +import contextlib import csv -import signal import datetime -import contextlib import os -import sys +import signal import subprocess +import sys -from awscli.compat import six -from awscli.compat import get_binary_stdout -from awscli.compat import get_popen_kwargs_for_pager_cmd +from awscli.compat import ( + StringIO, + get_binary_stdout, + get_popen_kwargs_for_pager_cmd, +) def split_on_commas(value): @@ -29,7 +31,7 @@ def split_on_commas(value): return value.split(',') elif not any(char in value for char in ['"', "'", '[', ']']): # Simple escaping, let the csv module handle it. - return list(csv.reader(six.StringIO(value), escapechar='\\'))[0] + return list(csv.reader(StringIO(value), escapechar='\\'))[0] else: # If there's quotes for the values, we have to handle this # ourselves. @@ -38,7 +40,7 @@ def split_on_commas(value): def _split_with_quotes(value): try: - parts = list(csv.reader(six.StringIO(value), escapechar='\\'))[0] + parts = list(csv.reader(StringIO(value), escapechar='\\'))[0] except csv.Error: raise ValueError("Bad csv value: %s" % value) iter_parts = iter(parts) @@ -50,16 +52,19 @@ def _split_with_quotes(value): # Find an opening list bracket list_start = part.find('=[') - if list_start >= 0 and value.find(']') != -1 and \ - (quote_char is None or part.find(quote_char) > list_start): + if ( + list_start >= 0 + and value.find(']') != -1 + and (quote_char is None or part.find(quote_char) > list_start) + ): # This is a list, eat all the items until the end if ']' in part: # Short circuit for only one item new_chunk = part else: new_chunk = _eat_items(value, iter_parts, part, ']') - list_items = _split_with_quotes(new_chunk[list_start + 2:-1]) - new_chunk = new_chunk[:list_start + 1] + ','.join(list_items) + list_items = _split_with_quotes(new_chunk[list_start + 2 : -1]) + new_chunk = new_chunk[: list_start + 1] + ','.join(list_items) new_parts.append(new_chunk) continue elif quote_char is None: @@ -88,7 +93,7 @@ def _eat_items(value, iter_parts, part, end_char, replace_char=''): chunks = [current.replace(replace_char, '')] while True: try: - current = six.advance_iterator(iter_parts) + current = next(iter_parts) except StopIteration: raise ValueError(value) chunks.append(current.replace(replace_char, '')) @@ -155,8 +160,11 @@ def is_document_type_container(shape): def is_streaming_blob_type(shape): """Check if the shape is a streaming blob type.""" - return (shape and shape.type_name == 'blob' and - shape.serialization.get('streaming', False)) + return ( + shape + and shape.type_name == 'blob' + and shape.serialization.get('streaming', False) + ) def is_tagged_union_type(shape): @@ -194,18 +202,17 @@ def ignore_ctrl_c(): def emit_top_level_args_parsed_event(session, args): - session.emit( - 'top-level-args-parsed', parsed_args=args, session=session) + session.emit('top-level-args-parsed', parsed_args=args, session=session) def is_a_tty(): try: return os.isatty(sys.stdout.fileno()) - except Exception as e: + except Exception: return False -class OutputStreamFactory(object): +class OutputStreamFactory: def __init__(self, popen=None): self._popen = popen if popen is None: @@ -217,7 +224,7 @@ def get_pager_stream(self, preferred_pager=None): try: process = self._popen(**popen_kwargs) yield process.stdin - except IOError: + except OSError: # Ignore IOError since this can commonly be raised when a pager # is closed abruptly and causes a broken pipe. pass @@ -236,11 +243,11 @@ def _get_process_pager_kwargs(self, pager_cmd): def write_exception(ex, outfile): outfile.write("\n") - outfile.write(six.text_type(ex)) + outfile.write(str(ex)) outfile.write("\n") -class ShapeWalker(object): +class ShapeWalker: def walk(self, shape, visitor): """Walk through and visit shapes for introspection @@ -285,14 +292,16 @@ def _do_shape_visit(self, shape, visitor): visitor.visit_shape(shape) -class BaseShapeVisitor(object): +class BaseShapeVisitor: """Visit shape encountered by ShapeWalker""" + def visit_shape(self, shape): pass class ShapeRecordingVisitor(BaseShapeVisitor): """Record shapes visited by ShapeWalker""" + def __init__(self): self.visited = [] diff --git a/doc/source/conf.py b/doc/source/conf.py index 08237621e742..ba42a22e1870 100644 --- a/doc/source/conf.py +++ b/doc/source/conf.py @@ -50,9 +50,9 @@ # built documents. # # The short X.Y version. -version = '1.29.' +version = '1.37.' # The full version, including alpha/beta/rc tags. -release = '1.29.52' +release = '1.37.17' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff --git a/doc/source/guzzle_sphinx_theme/__init__.py b/doc/source/guzzle_sphinx_theme/__init__.py index 840cdb1e38c0..cf85f37755be 100644 --- a/doc/source/guzzle_sphinx_theme/__init__.py +++ b/doc/source/guzzle_sphinx_theme/__init__.py @@ -13,7 +13,7 @@ def setup(app): - """Setup conntects events to the sitemap builder""" + """Setup connects events to the sitemap builder""" app.connect('html-page-context', add_html_link) app.connect('build-finished', create_sitemap) app.sitemap_links = [] diff --git a/pyproject.toml b/pyproject.toml index 699b31d7abdf..ef0c6ae80aa7 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,4 +1,72 @@ [tool.pytest.ini_options] markers = [ "slow: marks tests as slow", + "validates_models: marks tests as one which validates service models", ] + +[tool.isort] +profile = "black" +line_length = 79 +honor_noqa = true +src_paths = ["awscli", "tests"] + +[tool.ruff] +exclude = [ + ".bzr", + ".direnv", + ".eggs", + ".git", + ".git-rewrite", + ".hg", + ".ipynb_checkpoints", + ".mypy_cache", + ".nox", + ".pants.d", + ".pyenv", + ".pytest_cache", + ".pytype", + ".ruff_cache", + ".svn", + ".tox", + ".venv", + ".vscode", + "__pypackages__", + "_build", + "buck-out", + "build", + "dist", + "node_modules", + "site-packages", + "venv", +] + +# Format same as Black. +line-length = 79 +indent-width = 4 + +target-version = "py38" + +[tool.ruff.lint] +# Enable Pyflakes (`F`) and a subset of the pycodestyle (`E`) codes by default. +# Unlike Flake8, Ruff doesn't enable pycodestyle warnings (`W`) or +# McCabe complexity (`C901`) by default. +select = ["E4", "E7", "E9", "F", "UP"] +ignore = [] + +# Allow fix for all enabled rules (when `--fix`) is provided. +fixable = ["ALL"] +unfixable = [] + +# Allow unused variables when underscore-prefixed. +dummy-variable-rgx = "^(_+|(_+[a-zA-Z0-9_]*[a-zA-Z0-9]+?))$" + +[tool.ruff.format] +# Like Black, use double quotes for strings, spaces for indents +# and trailing commas. +quote-style = "preserve" +indent-style = "space" +skip-magic-trailing-comma = false +line-ending = "auto" + +docstring-code-format = false +docstring-code-line-length = "dynamic" diff --git a/requirements-dev-lock.txt b/requirements-dev-lock.txt index 3647ae3bb7f1..a08692febdd9 100644 --- a/requirements-dev-lock.txt +++ b/requirements-dev-lock.txt @@ -1,125 +1,115 @@ # -# This file is autogenerated by pip-compile with python 3.7 -# To update, run: +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: # # pip-compile --allow-unsafe --generate-hashes --output-file=requirements-dev-lock.txt requirements-dev.txt # atomicwrites==1.4.1 \ --hash=sha256:81b2c9071a49367a7f770170e5eec8cb66567cfbbc8c73d20ce5ca4a8d71cf11 # via -r requirements-dev.txt -colorama==0.4.4 \ - --hash=sha256:5941b2b48a20143d2267e95b1c2a7603ce057ee39fd88e7329b0c292aa16869b \ - --hash=sha256:9f47eda37229f68eee03b24b9748937c7dc3868f906e8ba69fbcbdd3bc5dc3e2 +colorama==0.4.6 \ + --hash=sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44 \ + --hash=sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6 # via -r requirements-dev.txt -coverage==5.5 \ - --hash=sha256:004d1880bed2d97151facef49f08e255a20ceb6f9432df75f4eef018fdd5a78c \ - --hash=sha256:01d84219b5cdbfc8122223b39a954820929497a1cb1422824bb86b07b74594b6 \ - --hash=sha256:040af6c32813fa3eae5305d53f18875bedd079960822ef8ec067a66dd8afcd45 \ - --hash=sha256:06191eb60f8d8a5bc046f3799f8a07a2d7aefb9504b0209aff0b47298333302a \ - --hash=sha256:13034c4409db851670bc9acd836243aeee299949bd5673e11844befcb0149f03 \ - --hash=sha256:13c4ee887eca0f4c5a247b75398d4114c37882658300e153113dafb1d76de529 \ - --hash=sha256:184a47bbe0aa6400ed2d41d8e9ed868b8205046518c52464fde713ea06e3a74a \ - --hash=sha256:18ba8bbede96a2c3dde7b868de9dcbd55670690af0988713f0603f037848418a \ - --hash=sha256:1aa846f56c3d49205c952d8318e76ccc2ae23303351d9270ab220004c580cfe2 \ - --hash=sha256:217658ec7187497e3f3ebd901afdca1af062b42cfe3e0dafea4cced3983739f6 \ - --hash=sha256:24d4a7de75446be83244eabbff746d66b9240ae020ced65d060815fac3423759 \ - --hash=sha256:2910f4d36a6a9b4214bb7038d537f015346f413a975d57ca6b43bf23d6563b53 \ - --hash=sha256:2949cad1c5208b8298d5686d5a85b66aae46d73eec2c3e08c817dd3513e5848a \ - --hash=sha256:2a3859cb82dcbda1cfd3e6f71c27081d18aa251d20a17d87d26d4cd216fb0af4 \ - --hash=sha256:2cafbbb3af0733db200c9b5f798d18953b1a304d3f86a938367de1567f4b5bff \ - --hash=sha256:2e0d881ad471768bf6e6c2bf905d183543f10098e3b3640fc029509530091502 \ - --hash=sha256:30c77c1dc9f253283e34c27935fded5015f7d1abe83bc7821680ac444eaf7793 \ - --hash=sha256:3487286bc29a5aa4b93a072e9592f22254291ce96a9fbc5251f566b6b7343cdb \ - --hash=sha256:372da284cfd642d8e08ef606917846fa2ee350f64994bebfbd3afb0040436905 \ - --hash=sha256:41179b8a845742d1eb60449bdb2992196e211341818565abded11cfa90efb821 \ - --hash=sha256:44d654437b8ddd9eee7d1eaee28b7219bec228520ff809af170488fd2fed3e2b \ - --hash=sha256:4a7697d8cb0f27399b0e393c0b90f0f1e40c82023ea4d45d22bce7032a5d7b81 \ - --hash=sha256:51cb9476a3987c8967ebab3f0fe144819781fca264f57f89760037a2ea191cb0 \ - --hash=sha256:52596d3d0e8bdf3af43db3e9ba8dcdaac724ba7b5ca3f6358529d56f7a166f8b \ - --hash=sha256:53194af30d5bad77fcba80e23a1441c71abfb3e01192034f8246e0d8f99528f3 \ - --hash=sha256:5fec2d43a2cc6965edc0bb9e83e1e4b557f76f843a77a2496cbe719583ce8184 \ - --hash=sha256:6c90e11318f0d3c436a42409f2749ee1a115cd8b067d7f14c148f1ce5574d701 \ - --hash=sha256:74d881fc777ebb11c63736622b60cb9e4aee5cace591ce274fb69e582a12a61a \ - --hash=sha256:7501140f755b725495941b43347ba8a2777407fc7f250d4f5a7d2a1050ba8e82 \ - --hash=sha256:796c9c3c79747146ebd278dbe1e5c5c05dd6b10cc3bcb8389dfdf844f3ead638 \ - --hash=sha256:869a64f53488f40fa5b5b9dcb9e9b2962a66a87dab37790f3fcfb5144b996ef5 \ - --hash=sha256:8963a499849a1fc54b35b1c9f162f4108017b2e6db2c46c1bed93a72262ed083 \ - --hash=sha256:8d0a0725ad7c1a0bcd8d1b437e191107d457e2ec1084b9f190630a4fb1af78e6 \ - --hash=sha256:900fbf7759501bc7807fd6638c947d7a831fc9fdf742dc10f02956ff7220fa90 \ - --hash=sha256:92b017ce34b68a7d67bd6d117e6d443a9bf63a2ecf8567bb3d8c6c7bc5014465 \ - --hash=sha256:970284a88b99673ccb2e4e334cfb38a10aab7cd44f7457564d11898a74b62d0a \ - --hash=sha256:972c85d205b51e30e59525694670de6a8a89691186012535f9d7dbaa230e42c3 \ - --hash=sha256:9a1ef3b66e38ef8618ce5fdc7bea3d9f45f3624e2a66295eea5e57966c85909e \ - --hash=sha256:af0e781009aaf59e25c5a678122391cb0f345ac0ec272c7961dc5455e1c40066 \ - --hash=sha256:b6d534e4b2ab35c9f93f46229363e17f63c53ad01330df9f2d6bd1187e5eaacf \ - --hash=sha256:b7895207b4c843c76a25ab8c1e866261bcfe27bfaa20c192de5190121770672b \ - --hash=sha256:c0891a6a97b09c1f3e073a890514d5012eb256845c451bd48f7968ef939bf4ae \ - --hash=sha256:c2723d347ab06e7ddad1a58b2a821218239249a9e4365eaff6649d31180c1669 \ - --hash=sha256:d1f8bf7b90ba55699b3a5e44930e93ff0189aa27186e96071fac7dd0d06a1873 \ - --hash=sha256:d1f9ce122f83b2305592c11d64f181b87153fc2c2bbd3bb4a3dde8303cfb1a6b \ - --hash=sha256:d314ed732c25d29775e84a960c3c60808b682c08d86602ec2c3008e1202e3bb6 \ - --hash=sha256:d636598c8305e1f90b439dbf4f66437de4a5e3c31fdf47ad29542478c8508bbb \ - --hash=sha256:deee1077aae10d8fa88cb02c845cfba9b62c55e1183f52f6ae6a2df6a2187160 \ - --hash=sha256:ebe78fe9a0e874362175b02371bdfbee64d8edc42a044253ddf4ee7d3c15212c \ - --hash=sha256:f030f8873312a16414c0d8e1a1ddff2d3235655a2174e3648b4fa66b3f2f1079 \ - --hash=sha256:f0b278ce10936db1a37e6954e15a3730bea96a0997c26d7fee88e6c396c2086d \ - --hash=sha256:f11642dddbb0253cc8853254301b51390ba0081750a8ac03f20ea8103f0c56b6 +coverage[toml]==7.2.7 \ + --hash=sha256:06a9a2be0b5b576c3f18f1a241f0473575c4a26021b52b2a85263a00f034d51f \ + --hash=sha256:06fb182e69f33f6cd1d39a6c597294cff3143554b64b9825d1dc69d18cc2fff2 \ + --hash=sha256:0a5f9e1dbd7fbe30196578ca36f3fba75376fb99888c395c5880b355e2875f8a \ + --hash=sha256:0e1f928eaf5469c11e886fe0885ad2bf1ec606434e79842a879277895a50942a \ + --hash=sha256:171717c7cb6b453aebac9a2ef603699da237f341b38eebfee9be75d27dc38e01 \ + --hash=sha256:1e9d683426464e4a252bf70c3498756055016f99ddaec3774bf368e76bbe02b6 \ + --hash=sha256:201e7389591af40950a6480bd9edfa8ed04346ff80002cec1a66cac4549c1ad7 \ + --hash=sha256:245167dd26180ab4c91d5e1496a30be4cd721a5cf2abf52974f965f10f11419f \ + --hash=sha256:2aee274c46590717f38ae5e4650988d1af340fe06167546cc32fe2f58ed05b02 \ + --hash=sha256:2e07b54284e381531c87f785f613b833569c14ecacdcb85d56b25c4622c16c3c \ + --hash=sha256:31563e97dae5598556600466ad9beea39fb04e0229e61c12eaa206e0aa202063 \ + --hash=sha256:33d6d3ea29d5b3a1a632b3c4e4f4ecae24ef170b0b9ee493883f2df10039959a \ + --hash=sha256:3d376df58cc111dc8e21e3b6e24606b5bb5dee6024f46a5abca99124b2229ef5 \ + --hash=sha256:419bfd2caae268623dd469eff96d510a920c90928b60f2073d79f8fe2bbc5959 \ + --hash=sha256:48c19d2159d433ccc99e729ceae7d5293fbffa0bdb94952d3579983d1c8c9d97 \ + --hash=sha256:49969a9f7ffa086d973d91cec8d2e31080436ef0fb4a359cae927e742abfaaa6 \ + --hash=sha256:52edc1a60c0d34afa421c9c37078817b2e67a392cab17d97283b64c5833f427f \ + --hash=sha256:537891ae8ce59ef63d0123f7ac9e2ae0fc8b72c7ccbe5296fec45fd68967b6c9 \ + --hash=sha256:54b896376ab563bd38453cecb813c295cf347cf5906e8b41d340b0321a5433e5 \ + --hash=sha256:58c2ccc2f00ecb51253cbe5d8d7122a34590fac9646a960d1430d5b15321d95f \ + --hash=sha256:5b7540161790b2f28143191f5f8ec02fb132660ff175b7747b95dcb77ac26562 \ + --hash=sha256:5baa06420f837184130752b7c5ea0808762083bf3487b5038d68b012e5937dbe \ + --hash=sha256:5e330fc79bd7207e46c7d7fd2bb4af2963f5f635703925543a70b99574b0fea9 \ + --hash=sha256:61b9a528fb348373c433e8966535074b802c7a5d7f23c4f421e6c6e2f1697a6f \ + --hash=sha256:63426706118b7f5cf6bb6c895dc215d8a418d5952544042c8a2d9fe87fcf09cb \ + --hash=sha256:6d040ef7c9859bb11dfeb056ff5b3872436e3b5e401817d87a31e1750b9ae2fb \ + --hash=sha256:6f48351d66575f535669306aa7d6d6f71bc43372473b54a832222803eb956fd1 \ + --hash=sha256:7ee7d9d4822c8acc74a5e26c50604dff824710bc8de424904c0982e25c39c6cb \ + --hash=sha256:81c13a1fc7468c40f13420732805a4c38a105d89848b7c10af65a90beff25250 \ + --hash=sha256:8d13c64ee2d33eccf7437961b6ea7ad8673e2be040b4f7fd4fd4d4d28d9ccb1e \ + --hash=sha256:8de8bb0e5ad103888d65abef8bca41ab93721647590a3f740100cd65c3b00511 \ + --hash=sha256:8fa03bce9bfbeeef9f3b160a8bed39a221d82308b4152b27d82d8daa7041fee5 \ + --hash=sha256:924d94291ca674905fe9481f12294eb11f2d3d3fd1adb20314ba89e94f44ed59 \ + --hash=sha256:975d70ab7e3c80a3fe86001d8751f6778905ec723f5b110aed1e450da9d4b7f2 \ + --hash=sha256:976b9c42fb2a43ebf304fa7d4a310e5f16cc99992f33eced91ef6f908bd8f33d \ + --hash=sha256:9e31cb64d7de6b6f09702bb27c02d1904b3aebfca610c12772452c4e6c21a0d3 \ + --hash=sha256:a342242fe22407f3c17f4b499276a02b01e80f861f1682ad1d95b04018e0c0d4 \ + --hash=sha256:a3d33a6b3eae87ceaefa91ffdc130b5e8536182cd6dfdbfc1aa56b46ff8c86de \ + --hash=sha256:a895fcc7b15c3fc72beb43cdcbdf0ddb7d2ebc959edac9cef390b0d14f39f8a9 \ + --hash=sha256:afb17f84d56068a7c29f5fa37bfd38d5aba69e3304af08ee94da8ed5b0865833 \ + --hash=sha256:b1c546aca0ca4d028901d825015dc8e4d56aac4b541877690eb76490f1dc8ed0 \ + --hash=sha256:b29019c76039dc3c0fd815c41392a044ce555d9bcdd38b0fb60fb4cd8e475ba9 \ + --hash=sha256:b46517c02ccd08092f4fa99f24c3b83d8f92f739b4657b0f146246a0ca6a831d \ + --hash=sha256:b7aa5f8a41217360e600da646004f878250a0d6738bcdc11a0a39928d7dc2050 \ + --hash=sha256:b7b4c971f05e6ae490fef852c218b0e79d4e52f79ef0c8475566584a8fb3e01d \ + --hash=sha256:ba90a9563ba44a72fda2e85302c3abc71c5589cea608ca16c22b9804262aaeb6 \ + --hash=sha256:cb017fd1b2603ef59e374ba2063f593abe0fc45f2ad9abdde5b4d83bd922a353 \ + --hash=sha256:d22656368f0e6189e24722214ed8d66b8022db19d182927b9a248a2a8a2f67eb \ + --hash=sha256:d2c2db7fd82e9b72937969bceac4d6ca89660db0a0967614ce2481e81a0b771e \ + --hash=sha256:d39b5b4f2a66ccae8b7263ac3c8170994b65266797fb96cbbfd3fb5b23921db8 \ + --hash=sha256:d62a5c7dad11015c66fbb9d881bc4caa5b12f16292f857842d9d1871595f4495 \ + --hash=sha256:e7d9405291c6928619403db1d10bd07888888ec1abcbd9748fdaa971d7d661b2 \ + --hash=sha256:e84606b74eb7de6ff581a7915e2dab7a28a0517fbe1c9239eb227e1354064dcd \ + --hash=sha256:eb393e5ebc85245347950143969b241d08b52b88a3dc39479822e073a1a8eb27 \ + --hash=sha256:ebba1cd308ef115925421d3e6a586e655ca5a77b5bf41e02eb0e4562a111f2d1 \ + --hash=sha256:ee57190f24fba796e36bb6d3aa8a8783c643d8fa9760c89f7a98ab5455fbf818 \ + --hash=sha256:f2f67fe12b22cd130d34d0ef79206061bfb5eda52feb6ce0dba0644e20a03cf4 \ + --hash=sha256:f6951407391b639504e3b3be51b7ba5f3528adbf1a8ac3302b687ecababf929e \ + --hash=sha256:f75f7168ab25dd93110c8a8117a22450c19976afbc44234cbf71481094c1b850 \ + --hash=sha256:fdec9e8cbf13a5bf63290fc6013d216a4c7232efb51548594ca3631a7f13c3a3 # via # -r requirements-dev.txt # pytest-cov -exceptiongroup==1.1.3 \ - --hash=sha256:097acd85d473d75af5bb98e41b61ff7fe35efe6675e4f9370ec6ec5126d160e9 \ - --hash=sha256:343280667a4585d195ca1cf9cef84a4e178c4b6cf2274caef9859782b567d5e3 +exceptiongroup==1.2.2 \ + --hash=sha256:3111b9d131c238bec2f8f516e123e14ba243563fb135d3fe885990585aa7795b \ + --hash=sha256:47c2edf7c6738fafb49fd34290706d1a1a2f4d1c6df275526b62cbb4aa5393cc # via pytest -importlib-metadata==4.12.0 \ - --hash=sha256:637245b8bab2b6502fcbc752cc4b7a6f6243bb02b31c5c26156ad103d3d45670 \ - --hash=sha256:7401a975809ea1fdc658c3aa4f78cc2195a0e019c5cbc4c06122884e9ae80c23 +iniconfig==2.0.0 \ + --hash=sha256:2d91e135bf72d31a410b17c16da610a82cb55f6b0477d1a902134b24a455b8b3 \ + --hash=sha256:b6a85871a79d2e3b22d2d1b94ac2824226a63c6b741c88f7ae975f18b6778374 + # via pytest +packaging==24.1 \ + --hash=sha256:026ed72c8ed3fcce5bf8950572258698927fd1dbda10a5e981cdf0ac37f4f002 \ + --hash=sha256:5b8f2217dbdbd2f7f384c41c628544e6d52f2d0f53c6d0c3ea61aa5d1d7ff124 # via - # pluggy + # -r requirements-dev.txt # pytest -iniconfig==1.1.1 \ - --hash=sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3 \ - --hash=sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32 - # via pytest -packaging==21.3 \ - --hash=sha256:dd47c42927d89ab911e606518907cc2d3a1f38bbd026385970643f9c5b8ecfeb \ - --hash=sha256:ef103e05f519cdc783ae24ea4e2e0f508a9c99b2d4969652eed6a2e1ea5bd522 - # via pytest -pluggy==1.0.0 \ - --hash=sha256:4224373bacce55f955a878bf9cfa763c1e360858e330072059e10bad68531159 \ - --hash=sha256:74134bbf457f031a36d68416e1509f34bd5ccc019f0bcc952c7b909d06b37bd3 +pluggy==1.5.0 \ + --hash=sha256:2cffa88e94fdc978c4c574f15f9e59b7f4201d439195c3715ca9e2486f1d0cf1 \ + --hash=sha256:44e1ad92c8ca002de6377e165f3e0f1be63266ab4d554740532335b9d75ea669 # via pytest -pyparsing==3.0.9 \ - --hash=sha256:2b020ecf7d21b687f219b71ecad3631f644a47f01403fa1d1036b0c6416d70fb \ - --hash=sha256:5026bae9a10eeaefb61dab2f09052b9f4307d44aee4eda64b309723d8d206bbc - # via packaging -pytest==7.4.0 \ - --hash=sha256:78bf16451a2eb8c7a2ea98e32dc119fd2aa758f1d5d66dbf0a59d69a3969df32 \ - --hash=sha256:b4bf8c45bd59934ed84001ad51e11b4ee40d40a1229d2c79f9c592b0a3f6bd8a +pytest==8.1.1 \ + --hash=sha256:2a8386cfc11fa9d2c50ee7b2a57e7d898ef90470a7a34c4b949ff59662bb78b7 \ + --hash=sha256:ac978141a75948948817d360297b7aae0fcb9d6ff6bc9ec6d514b85d5a65c044 # via # -r requirements-dev.txt # pytest-cov -pytest-cov==2.12.1 \ - --hash=sha256:261bb9e47e65bd099c89c3edf92972865210c36813f80ede5277dceb77a4a62a \ - --hash=sha256:261ceeb8c227b726249b376b8526b600f38667ee314f910353fa318caa01f4d7 +pytest-cov==5.0.0 \ + --hash=sha256:4f0764a1219df53214206bf1feea4633c3b558a2925c8b59f144f682861ce652 \ + --hash=sha256:5837b58e9f6ebd335b0f8060eecce69b662415b16dc503883a02f45dfeb14857 # via -r requirements-dev.txt -toml==0.10.2 \ - --hash=sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b \ - --hash=sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f - # via pytest-cov tomli==2.0.1 \ --hash=sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc \ --hash=sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f - # via pytest -typing-extensions==4.3.0 \ - --hash=sha256:25642c956049920a5aa49edcdd6ab1e06d7e5d467fc00e0506c44ac86fbfca02 \ - --hash=sha256:e6d2677a32f47fc7eb2795db1dd15c1f34eff616bcaf2cfb5e997f854fa1c4a6 - # via importlib-metadata -wheel==0.38.1 \ - --hash=sha256:7a95f9a8dc0924ef318bd55b616112c70903192f524d120acc614f59547a9e1f \ - --hash=sha256:ea041edf63f4ccba53ad6e035427997b3bb10ee88a4cd014ae82aeb9eea77bb9 + # via + # coverage + # pytest +wheel==0.43.0 \ + --hash=sha256:465ef92c69fa5c5da2d1cf8ac40559a8c940886afcef87dcf14b9470862f1d85 \ + --hash=sha256:55c570405f142630c6b9f72fe09d9b67cf1477fcf543ae5b8dcb1f5b7377da81 # via -r requirements-dev.txt -zipp==3.8.0 \ - --hash=sha256:56bf8aadb83c24db6c4b577e13de374ccfb67da2078beba1d037c17980bf43ad \ - --hash=sha256:c4f6e5bbf48e74f7a38e7cc5b0480ff42b0ae5178957d564d18932525d5cf099 - # via importlib-metadata diff --git a/requirements-dev.txt b/requirements-dev.txt index 11745dddb34e..f020f5ae77fb 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -1,8 +1,12 @@ -wheel==0.38.1 -coverage==5.5 +wheel==0.43.0 +coverage==7.2.7 +setuptools==71.1.0;python_version>="3.12" # Pytest specific deps -pytest==7.4.0 -pytest-cov==2.12.1 +pytest==8.1.1 +pytest-cov==5.0.0 atomicwrites>=1.0 # Windows requirement colorama>0.3.0 # Windows requirement + +# Dependency test specific deps +packaging==24.1 diff --git a/scripts/ci/install-dev-deps b/scripts/ci/install-dev-deps index df9fd15ffbba..1ab746981ed3 100755 --- a/scripts/ci/install-dev-deps +++ b/scripts/ci/install-dev-deps @@ -1,5 +1,6 @@ #!/usr/bin/env python import os +import sys from contextlib import contextmanager from subprocess import check_call @@ -25,4 +26,14 @@ def run(command): if __name__ == "__main__": with cd(REPO_ROOT): + if sys.version_info[:2] >= (3, 12): + # Python 3.12+ no longer includes setuptools by default. + + # Setuptools 71+ now prefers already installed versions + # of packaging _and_ broke the API for packaging<22.0. + # We'll pin to match what's in requirements-dev.txt. + run( + "pip install setuptools==71.1.0 packaging==24.1" + ) + run("pip install -r requirements-dev-lock.txt") diff --git a/scripts/ci/run-dep-tests b/scripts/ci/run-dep-tests new file mode 100755 index 000000000000..0cc0068e9eb0 --- /dev/null +++ b/scripts/ci/run-dep-tests @@ -0,0 +1,35 @@ +#!/usr/bin/env python +# Don't run tests from the root repo dir. +# We want to ensure we're importing from the installed +# binary package not from the CWD. + +import os +import sys +from contextlib import contextmanager +from subprocess import check_call + +_dname = os.path.dirname + +REPO_ROOT = _dname(_dname(_dname(os.path.abspath(__file__)))) + + +@contextmanager +def cd(path): + """Change directory while inside context manager.""" + cwd = os.getcwd() + try: + os.chdir(path) + yield + finally: + os.chdir(cwd) + + +def run(command): + env = os.environ.copy() + env['TESTS_REMOVE_REPO_ROOT_FROM_PATH'] = 'true' + return check_call(command, shell=True, env=env) + + +if __name__ == "__main__": + with cd(os.path.join(REPO_ROOT, "tests")): + run(f"{sys.executable} {REPO_ROOT}/scripts/ci/run-tests dependencies") diff --git a/scripts/install b/scripts/install index e776759e0217..9d4de2b13bcb 100755 --- a/scripts/install +++ b/scripts/install @@ -27,6 +27,7 @@ UNSUPPORTED_PYTHON = ( (3,4), (3,5), (3,6), + (3,7), ) INSTALL_ARGS = ( '--no-binary :all: --no-build-isolation --no-cache-dir --no-index ' @@ -207,7 +208,7 @@ def main(): if py_version in UNSUPPORTED_PYTHON: unsupported_python_msg = ( "Unsupported Python version detected: Python {}.{}\n" - "To continue using this installer you must use Python 3.7 " + "To continue using this installer you must use Python 3.8 " "or later.\n" "For more information see the following blog post: " "https://aws.amazon.com/blogs/developer/announcing-end-" @@ -223,7 +224,7 @@ def main(): "Deprecated Python version detected: Python {}.{}\n" "Starting {}, the AWS CLI will no longer support " "this version of Python. To continue receiving service updates, " - "bug fixes, and security updates please upgrade to Python 3.7 or " + "bug fixes, and security updates please upgrade to Python 3.8 or " "later. More information can be found here: {}" ).format( py_version[0], py_version[1], params['date'], params['blog_link'] diff --git a/scripts/make-bundle b/scripts/make-bundle index 180a5eb1bd67..6ca3dbbcf595 100755 --- a/scripts/make-bundle +++ b/scripts/make-bundle @@ -26,6 +26,12 @@ EXTRA_RUNTIME_DEPS = [ ('virtualenv', '16.7.8'), ('jmespath', '0.10.0'), ] +PINNED_RUNTIME_DEPS = [ + # The CLI has a relaxed pin for colorama, but versions >0.4.5 + # require extra build time dependencies. We are pinning it to + # a version that does not need those. + ('colorama', '0.4.5'), +] BUILDTIME_DEPS = [ ('setuptools-scm', '3.3.3'), ('wheel', '0.33.6'), @@ -78,12 +84,17 @@ def download_package_tarballs(dirname, packages): )) -def download_cli_deps(scratch_dir): +def download_cli_deps(scratch_dir, packages): + # pip download will always download a more recent version of a package + # even if one exists locally. The list of packages supplied in `packages` + # forces the use of a specific runtime dependency. awscli_dir = os.path.dirname( os.path.dirname(os.path.abspath(__file__))) + pinned_packages = " ".join( + f"{name}=={version}" for (name, version) in packages + ) with cd(scratch_dir): - run('pip download %s %s' % ( - PIP_DOWNLOAD_ARGS, awscli_dir)) + run(f"pip download {PIP_DOWNLOAD_ARGS} {pinned_packages} {awscli_dir}") def _remove_cli_zip(scratch_dir): @@ -169,7 +180,7 @@ def main(): setup_dir, packages=BUILDTIME_DEPS, ) - download_cli_deps(package_dir) + download_cli_deps(package_dir, packages=PINNED_RUNTIME_DEPS) add_cli_sdist(package_dir) create_bootstrap_script(scratch_dir) zip_filename = zip_dir(scratch_dir) diff --git a/setup.cfg b/setup.cfg index a97b2dd13929..caea3a360bb4 100644 --- a/setup.cfg +++ b/setup.cfg @@ -3,11 +3,11 @@ universal = 0 [metadata] requires_dist = - botocore==1.31.52 + botocore==1.36.17 docutils>=0.10,<0.17 - s3transfer>=0.6.0,<0.7.0 + s3transfer>=0.11.0,<0.12.0 PyYAML>=3.10,<6.1 - colorama>=0.2.5,<0.4.5 + colorama>=0.2.5,<0.4.7 rsa>=3.1.2,<4.8 [check-manifest] diff --git a/setup.py b/setup.py index 467dc829f631..6a39f81e2e9d 100644 --- a/setup.py +++ b/setup.py @@ -24,11 +24,11 @@ def find_version(*file_paths): install_requires = [ - 'botocore==1.31.52', + 'botocore==1.36.17', 'docutils>=0.10,<0.17', - 's3transfer>=0.6.0,<0.7.0', + 's3transfer>=0.11.0,<0.12.0', 'PyYAML>=3.10,<6.1', - 'colorama>=0.2.5,<0.4.5', + 'colorama>=0.2.5,<0.4.7', 'rsa>=3.1.2,<4.10', ] @@ -48,7 +48,7 @@ def find_version(*file_paths): install_requires=install_requires, extras_require={}, license="Apache License 2.0", - python_requires=">= 3.7", + python_requires=">= 3.8", classifiers=[ 'Development Status :: 5 - Production/Stable', 'Intended Audience :: Developers', @@ -57,11 +57,12 @@ def find_version(*file_paths): 'License :: OSI Approved :: Apache Software License', 'Programming Language :: Python', 'Programming Language :: Python :: 3', - 'Programming Language :: Python :: 3.7', + 'Programming Language :: Python :: 3 :: Only', 'Programming Language :: Python :: 3.8', 'Programming Language :: Python :: 3.9', 'Programming Language :: Python :: 3.10', 'Programming Language :: Python :: 3.11', + 'Programming Language :: Python :: 3.12', ], project_urls={ 'Source': 'https://github.com/aws/aws-cli', diff --git a/tests/dependencies/__init__.py b/tests/dependencies/__init__.py new file mode 100644 index 000000000000..85c792b31b96 --- /dev/null +++ b/tests/dependencies/__init__.py @@ -0,0 +1,12 @@ +# Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You +# may not use this file except in compliance with the License. A copy of +# the License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is +# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF +# ANY KIND, either express or implied. See the License for the specific +# language governing permissions and limitations under the License. diff --git a/tests/dependencies/test_closure.py b/tests/dependencies/test_closure.py new file mode 100644 index 000000000000..529b7da553e6 --- /dev/null +++ b/tests/dependencies/test_closure.py @@ -0,0 +1,146 @@ +# Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You +# may not use this file except in compliance with the License. A copy of +# the License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is +# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF +# ANY KIND, either express or implied. See the License for the specific +# language governing permissions and limitations under the License. +import functools +import importlib.metadata +import json +from typing import Dict, Iterator, List, Tuple + +import pytest +from packaging.requirements import Requirement + +_NESTED_STR_DICT = Dict[str, "_NESTED_STR_DICT"] + + +@pytest.fixture() +def awscli_package(): + return Package(name="awscli") + + +class Package: + def __init__(self, name: str) -> None: + self.name = name + + @functools.cached_property + def runtime_dependencies(self) -> "DependencyClosure": + return self._get_runtime_closure() + + def _get_runtime_closure(self) -> "DependencyClosure": + closure = DependencyClosure() + for requirement in self._get_runtime_requirements(): + if self._requirement_applies_to_environment(requirement): + closure[requirement] = Package(name=requirement.name) + return closure + + def _get_runtime_requirements(self) -> List[Requirement]: + req_strings = importlib.metadata.distribution(self.name).requires + if req_strings is None: + return [] + return [Requirement(req_string) for req_string in req_strings] + + def _requirement_applies_to_environment( + self, requirement: Requirement + ) -> bool: + # Do not include any requirements defined as extras as currently + # our dependency closure does not use any extras + if requirement.extras: + return False + # Only include requirements where the markers apply to the current + # environment. + if requirement.marker and not requirement.marker.evaluate(): + return False + return True + + +class DependencyClosure: + def __init__(self) -> None: + self._req_to_package: Dict[Requirement, Package] = {} + + def __setitem__(self, key: Requirement, value: Package) -> None: + self._req_to_package[key] = value + + def __getitem__(self, key: Requirement) -> Package: + return self._req_to_package[key] + + def __delitem__(self, key: Requirement) -> None: + del self._req_to_package[key] + + def __iter__(self) -> Iterator[Requirement]: + return iter(self._req_to_package) + + def __len__(self) -> int: + return len(self._req_to_package) + + def walk(self) -> Iterator[Tuple[Requirement, Package]]: + for req, package in self._req_to_package.items(): + yield req, package + yield from package.runtime_dependencies.walk() + + def to_dict(self) -> _NESTED_STR_DICT: + reqs = {} + for req, package in self._req_to_package.items(): + reqs[str(req)] = package.runtime_dependencies.to_dict() + return reqs + + +class TestDependencyClosure: + def _is_bounded_version_requirement( + self, requirement: Requirement + ) -> bool: + for specifier in requirement.specifier: + if specifier.operator in ["==", "<=", "<"]: + return True + return False + + def _pformat_closure(self, closure: DependencyClosure) -> str: + return json.dumps(closure.to_dict(), sort_keys=True, indent=2) + + def test_expected_runtime_dependencies(self, awscli_package): + expected_dependencies = { + "botocore", + "colorama", + "docutils", + "jmespath", + "pyasn1", + "python-dateutil", + "PyYAML", + "rsa", + "s3transfer", + "six", + "urllib3", + } + actual_dependencies = set() + for _, package in awscli_package.runtime_dependencies.walk(): + actual_dependencies.add(package.name) + assert actual_dependencies == expected_dependencies, ( + f"Unexpected dependency found in runtime closure: " + f"{self._pformat_closure(awscli_package.runtime_dependencies)}" + ) + + def test_expected_unbounded_runtime_dependencies(self, awscli_package): + expected_unbounded_dependencies = { + "pyasn1", # Transitive dependency from rsa + "six", # Transitive dependency from python-dateutil + } + all_dependencies = set() + bounded_dependencies = set() + for req, package in awscli_package.runtime_dependencies.walk(): + all_dependencies.add(package.name) + if self._is_bounded_version_requirement(req): + bounded_dependencies.add(package.name) + actual_unbounded_dependencies = all_dependencies - bounded_dependencies + assert ( + actual_unbounded_dependencies == expected_unbounded_dependencies + ), ( + f"Unexpected unbounded dependency found in runtime closure: " + f"{self._pformat_closure(awscli_package.runtime_dependencies)}" + ) diff --git a/tests/functional/cloudtrail/test_validation.py b/tests/functional/cloudtrail/test_validation.py index 906d6eb0a664..275cdbca384d 100644 --- a/tests/functional/cloudtrail/test_validation.py +++ b/tests/functional/cloudtrail/test_validation.py @@ -12,7 +12,6 @@ # language governing permissions and limitations under the License. import gzip -from awscli.compat import six from botocore.exceptions import ClientError from tests.unit.customizations.cloudtrail.test_validation import \ create_scenario, TEST_TRAIL_ARN, START_DATE, END_DATE, VALID_TEST_KEY, \ @@ -20,6 +19,7 @@ from awscli.testutils import mock, BaseAWSCommandParamsTest from awscli.customizations.cloudtrail.validation import DigestTraverser, \ DATE_FORMAT, format_display_date, S3ClientProvider +from awscli.compat import BytesIO from botocore.handlers import parse_get_bucket_location RETRIEVER_FUNCTION = 'awscli.customizations.cloudtrail.validation.create_digest_traverser' @@ -28,7 +28,7 @@ def _gz_compress(data): - out = six.BytesIO() + out = BytesIO() f = gzip.GzipFile(fileobj=out, mode="wb") f.write(data.encode()) f.close() @@ -96,7 +96,7 @@ def tearDown(self): def test_verbose_output_shows_happy_case(self): self.parsed_responses = [ {'LocationConstraint': 'us-east-1'}, - {'Body': six.BytesIO(_gz_compress(self._logs[0]['_raw_value']))} + {'Body': BytesIO(_gz_compress(self._logs[0]['_raw_value']))} ] key_provider, digest_provider, validator = create_scenario( ['gap', 'link'], [[], [self._logs[0]]]) @@ -226,7 +226,7 @@ def test_fails_and_warns_when_log_hash_is_invalid(self): ['gap'], [[self._logs[0]]]) self.parsed_responses = [ {'LocationConstraint': ''}, - {'Body': six.BytesIO(_gz_compress('does not match'))} + {'Body': BytesIO(_gz_compress('does not match'))} ] _setup_mock_traverser(self._mock_traverser, key_provider, digest_provider, validator) @@ -242,9 +242,9 @@ def test_validates_valid_log_files(self): [[self._logs[2]], [], [self._logs[0], self._logs[1]]]) self.parsed_responses = [ {'LocationConstraint': ''}, - {'Body': six.BytesIO(_gz_compress(self._logs[0]['_raw_value']))}, - {'Body': six.BytesIO(_gz_compress(self._logs[1]['_raw_value']))}, - {'Body': six.BytesIO(_gz_compress(self._logs[2]['_raw_value']))}, + {'Body': BytesIO(_gz_compress(self._logs[0]['_raw_value']))}, + {'Body': BytesIO(_gz_compress(self._logs[1]['_raw_value']))}, + {'Body': BytesIO(_gz_compress(self._logs[2]['_raw_value']))}, ] _setup_mock_traverser(self._mock_traverser, key_provider, digest_provider, validator) @@ -301,7 +301,7 @@ def test_fails_when_digest_metadata_is_missing(self): self.parsed_responses = [ {'LocationConstraint': ''}, {'Contents': [{'Key': key}]}, - {'Body': six.BytesIO(_gz_compress(self._logs[0]['_raw_value'])), + {'Body': BytesIO(_gz_compress(self._logs[0]['_raw_value'])), 'Metadata': {}}, ] s3_client_provider = S3ClientProvider(self.driver.session, 'us-east-1') @@ -323,7 +323,7 @@ def test_fails_when_digest_metadata_is_missing(self): def test_follows_trails_when_bucket_changes(self): self.parsed_responses = [ {'LocationConstraint': 'us-east-1'}, - {'Body': six.BytesIO(_gz_compress(self._logs[0]['_raw_value']))}, + {'Body': BytesIO(_gz_compress(self._logs[0]['_raw_value']))}, {'LocationConstraint': 'us-west-2'}, {'LocationConstraint': 'eu-west-1'} ] diff --git a/tests/functional/codeartifact/test_codeartifact_login.py b/tests/functional/codeartifact/test_codeartifact_login.py index d62a2da4e973..9d0dc1ae5231 100644 --- a/tests/functional/codeartifact/test_codeartifact_login.py +++ b/tests/functional/codeartifact/test_codeartifact_login.py @@ -3,6 +3,7 @@ import platform import subprocess import time +import re from botocore.utils import parse_timestamp @@ -25,6 +26,7 @@ def setUp(self): self.domain = 'domain' self.domain_owner = 'domain-owner' self.repository = 'repository' + self.endpoint_type = 'ipv4' self.auth_token = 'auth-token' self.namespace = 'namespace' self.nuget_index_url_fmt = '{endpoint}v3/index.json' @@ -65,7 +67,9 @@ def tearDown(self): self.file_creator.remove_all() def _setup_cmd(self, tool, - include_domain_owner=False, dry_run=False, + include_domain_owner=False, + dry_run=False, + include_endpoint_type=False, include_duration_seconds=False, include_namespace=False): package_format = CodeArtifactLogin.TOOL_MAP[tool]['package_format'] @@ -87,6 +91,9 @@ def _setup_cmd(self, tool, if include_domain_owner: cmdline.extend(['--domain-owner', self.domain_owner]) + if include_endpoint_type: + cmdline.extend(['--endpoint-type', self.endpoint_type]) + if dry_run: cmdline.append('--dry-run') @@ -263,7 +270,8 @@ def _assert_expiration_printed_to_stdout(self, stdout): def _assert_operations_called( self, package_format, result, - include_domain_owner=False, include_duration_seconds=False + include_domain_owner=False, include_duration_seconds=False, + include_endpoint_type=False ): get_auth_token_kwargs = { @@ -279,6 +287,9 @@ def _assert_operations_called( get_auth_token_kwargs['domainOwner'] = self.domain_owner get_repo_endpoint_kwargs['domainOwner'] = self.domain_owner + if include_endpoint_type: + get_repo_endpoint_kwargs['endpointType'] = self.endpoint_type + if include_duration_seconds: get_auth_token_kwargs['durationSeconds'] = self.duration @@ -528,6 +539,34 @@ def test_swift_login_with_namespace_dry_run(self): self._assert_dry_run_execution( self._get_swift_commands(scope=self.namespace),result.stdout) + @mock.patch('awscli.customizations.codeartifact.login.is_macos', False) + def test_swift_login_with_namespace_with_endpoint_type(self): + cmdline = self._setup_cmd( + tool='swift', include_namespace=True, include_endpoint_type=True + ) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called(package_format='swift', result=result, include_endpoint_type=True) + self._assert_expiration_printed_to_stdout(result.stdout) + self._assert_subprocess_execution( + self._get_swift_commands(scope=self.namespace) + ) + self._assert_netrc_has_expected_content() + + @mock.patch('awscli.customizations.codeartifact.login.is_macos', True) + def test_swift_login_with_domain_owner_with_endpoint_type(self): + cmdline = self._setup_cmd( + tool='swift', include_domain_owner=True, include_endpoint_type=True + ) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called(package_format='swift', result=result, include_endpoint_type=True, + include_domain_owner=True) + self._assert_expiration_printed_to_stdout(result.stdout) + self._assert_subprocess_execution( + self._get_swift_commands(token=self.auth_token) + ) + def test_nuget_login_without_domain_owner_without_duration_seconds(self): cmdline = self._setup_cmd(tool='nuget') result = self.cli_runner.run(cmdline) @@ -585,6 +624,27 @@ def test_nuget_login_with_domain_owner_duration_sections(self): self._get_nuget_commands() ) + def test_nuget_login_with_domain_owner_duration_endpoint_type(self): + cmdline = self._setup_cmd( + tool='nuget', + include_domain_owner=True, + include_duration_seconds=True, + include_endpoint_type=True + ) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called( + package_format='nuget', + include_domain_owner=True, + include_duration_seconds=True, + include_endpoint_type=True, + result=result + ) + self._assert_expiration_printed_to_stdout(result.stdout) + self._assert_subprocess_execution( + self._get_nuget_commands() + ) + def test_nuget_login_without_domain_owner_dry_run(self): cmdline = self._setup_cmd(tool='nuget', dry_run=True) result = self.cli_runner.run(cmdline) @@ -645,6 +705,26 @@ def test_nuget_login_with_domain_owner_duration_seconds_dry_run(self): result.stdout ) + def test_nuget_login_with_domain_owner_duration_seconds_with_endpoint_type_dryrun(self): + cmdline = self._setup_cmd( + tool='nuget', include_domain_owner=True, + include_duration_seconds=True, + dry_run=True, include_endpoint_type=True + ) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called( + package_format='nuget', + include_domain_owner=True, + include_duration_seconds=True, + include_endpoint_type=True, + result=result + ) + self._assert_dry_run_execution( + self._get_nuget_commands(), + result.stdout + ) + @mock.patch('awscli.customizations.codeartifact.login.is_windows', True) def test_dotnet_login_without_domain_owner_without_duration_seconds(self): cmdline = self._setup_cmd(tool='dotnet') @@ -656,6 +736,17 @@ def test_dotnet_login_without_domain_owner_without_duration_seconds(self): self._get_dotnet_commands() ) + @mock.patch('awscli.customizations.codeartifact.login.is_windows', True) + def test_dotnet_login_without_domain_owner_without_duration_seconds_with_endpoint_type(self): + cmdline = self._setup_cmd(tool='dotnet', include_endpoint_type=True) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called(package_format='nuget', result=result, include_endpoint_type=True) + self._assert_expiration_printed_to_stdout(result.stdout) + self._assert_subprocess_execution( + self._get_dotnet_commands() + ) + @mock.patch('awscli.customizations.codeartifact.login.is_windows', True) def test_dotnet_login_with_domain_owner_without_duration_seconds(self): cmdline = self._setup_cmd(tool='dotnet', include_domain_owner=True) @@ -798,6 +889,21 @@ def test_dotnet_login_sources_listed_with_extra_non_list_text(self): ]] self._assert_subprocess_check_output_execution(commands) + @mock.patch('awscli.customizations.codeartifact.login.is_windows', True) + def test_dotnet_login_sources_listed_with_extra_non_list_text_with_endpoint_type(self): + + self.subprocess_check_output_patch.return_value = \ + self._NUGET_SOURCES_LIST_RESPONSE_WITH_EXTRA_NON_LIST_TEXT + + cmdline = self._setup_cmd(tool='dotnet', include_endpoint_type=True) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called(package_format='nuget', result=result, include_endpoint_type=True) + commands = [[ + 'dotnet', 'nuget', 'list', 'source', '--format', 'detailed' + ]] + self._assert_subprocess_check_output_execution(commands) + def test_npm_login_without_domain_owner(self): cmdline = self._setup_cmd(tool='npm') result = self.cli_runner.run(cmdline) @@ -848,6 +954,18 @@ def test_npm_login_with_domain_owner(self): self._assert_expiration_printed_to_stdout(result.stdout) self._assert_subprocess_execution(self._get_npm_commands()) + def test_npm_login_with_domain_owner_endpoint_type(self): + cmdline = self._setup_cmd(tool='npm', include_domain_owner=True, include_endpoint_type=True) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called( + package_format='npm', result=result, + include_domain_owner=True, include_duration_seconds=False, + include_endpoint_type=True + ) + self._assert_expiration_printed_to_stdout(result.stdout) + self._assert_subprocess_execution(self._get_npm_commands()) + def test_npm_login_with_domain_owner_duration(self): cmdline = self._setup_cmd(tool='npm', include_domain_owner=True, include_duration_seconds=True) @@ -895,6 +1013,18 @@ def test_npm_login_with_namespace_dry_run(self): result.stdout ) + def test_npm_login_with_namespace_endpoint_type_dry_run(self): + cmdline = self._setup_cmd( + tool='npm', include_namespace=True, dry_run=True, include_endpoint_type=True + ) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called(package_format='npm', result=result, include_endpoint_type=True) + self._assert_dry_run_execution( + self._get_npm_commands(scope='@{}'.format(self.namespace)), + result.stdout + ) + def test_pip_login_without_domain_owner(self): cmdline = self._setup_cmd(tool='pip') result = self.cli_runner.run(cmdline) @@ -932,6 +1062,18 @@ def test_pip_login_with_domain_owner_duration(self): self._assert_expiration_printed_to_stdout(result.stdout) self._assert_subprocess_execution(self._get_pip_commands()) + def test_pip_login_with_domain_owner_duration_endpoint_type(self): + cmdline = self._setup_cmd(tool='pip', include_domain_owner=True, + include_duration_seconds=True, include_endpoint_type=True) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called( + package_format='pypi', result=result, include_domain_owner=True, + include_duration_seconds=True, include_endpoint_type=True + ) + self._assert_expiration_printed_to_stdout(result.stdout) + self._assert_subprocess_execution(self._get_pip_commands()) + def test_pip_login_with_domain_owner_dry_run(self): cmdline = self._setup_cmd( tool='pip', include_domain_owner=True, dry_run=True @@ -962,6 +1104,24 @@ def test_pip_login_with_namespace_dry_run(self): 'Argument --namespace is not supported for pip', result.stderr ) + def test_pip_login_command_failed_auth_token_redacted(self): + def side_effect(command, capture_output, check): + raise subprocess.CalledProcessError( + returncode=1, + cmd=command + ) + + self.subprocess_mock.side_effect = side_effect + cmdline = self._setup_cmd(tool='pip') + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 255) + self.assertIn( + "Command '['pip', 'config', 'set', 'global.index-url'," + " 'https://aws:******@domain-domain-owner.codeartifact.aws.a2z.com/pypi/repository/simple/']'" + " returned non-zero exit status 1.", + result.stderr + ) + def test_twine_login_without_domain_owner(self): cmdline = self._setup_cmd(tool='twine') result = self.cli_runner.run(cmdline) @@ -993,6 +1153,20 @@ def test_twine_login_without_domain_owner_dry_run(self): password=self.auth_token ) + def test_twine_login_without_domain_owner_dry_run_endpoint_type(self): + cmdline = self._setup_cmd(tool='twine', dry_run=True, include_endpoint_type=True) + result = self.cli_runner.run(cmdline) + self.assertEqual(result.rc, 0) + self._assert_operations_called(package_format='pypi', result=result, include_endpoint_type=True) + self.assertFalse(os.path.exists(self.test_pypi_rc_path)) + self._assert_pypi_rc_has_expected_content( + pypi_rc_str=self._get_twine_commands(), + server='codeartifact', + repo_url=self.endpoint, + username='aws', + password=self.auth_token + ) + def test_twine_login_with_domain_owner(self): cmdline = self._setup_cmd(tool='twine', include_domain_owner=True) result = self.cli_runner.run(cmdline) diff --git a/tests/functional/docs/test_help_output.py b/tests/functional/docs/test_help_output.py index 3acffd72c51e..26cc751201f7 100644 --- a/tests/functional/docs/test_help_output.py +++ b/tests/functional/docs/test_help_output.py @@ -24,8 +24,9 @@ from awscli.testutils import BaseAWSHelpOutputTest from awscli.testutils import FileCreator from awscli.testutils import mock +from awscli.testutils import aws +from awscli.compat import StringIO -from awscli.compat import six from awscli.alias import AliasLoader @@ -203,7 +204,7 @@ def assert_command_does_not_exist(self, service, command): # command verify that we get a SystemExit exception # and that we get something in stderr that says that # we made an invalid choice (because the operation is removed). - stderr = six.StringIO() + stderr = StringIO() with mock.patch('sys.stderr', stderr): with self.assertRaises(SystemExit): self.driver.main([service, command, 'help']) @@ -482,3 +483,11 @@ def test_service_help_command_has_note(self): self.driver.main(['s3api', 'get-object', 'help']) self.assert_not_contains('outfile ') self.assert_contains('') + + +# Use this test class for "help" cases that require the default renderer +# (i.e. renderer from get_render()) instead of a mocked version. +class TestHelpOutputDefaultRenderer: + def test_line_lengths_do_not_break_create_launch_template_version_cmd(self): + result = aws('ec2 create-launch-template-version help') + assert 'exceeds the line-length-limit' not in result.stderr diff --git a/tests/functional/ec2/test_bundle_instance.py b/tests/functional/ec2/test_bundle_instance.py index ad99990977a1..432640cacc25 100644 --- a/tests/functional/ec2/test_bundle_instance.py +++ b/tests/functional/ec2/test_bundle_instance.py @@ -14,11 +14,9 @@ import base64 import datetime -from six.moves import cStringIO - import awscli.customizations.ec2.bundleinstance -from awscli.compat import six from awscli.testutils import mock, BaseAWSCommandParamsTest +from awscli.compat import StringIO class TestBundleInstance(BaseAWSCommandParamsTest): @@ -69,7 +67,7 @@ def test_no_policy_provided(self): def test_policy_provided(self): policy = '{"notarealpolicy":true}' - base64policy = base64.encodebytes(six.b(policy)).strip().decode('utf-8') + base64policy = base64.encodebytes(policy.encode('latin-1')).strip().decode('utf-8') policy_signature = 'a5SmoLOxoM0MHpOdC25nE7KIafg=' args = ' --instance-id i-12345678 --owner-akid AKIAIOSFODNN7EXAMPLE' args += ' --owner-sak wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY' @@ -88,7 +86,7 @@ def test_policy_provided(self): self.assert_params_for_cmd(args_list, result) def test_both(self): - captured = cStringIO() + captured = StringIO() json = """{"S3":{"Bucket":"foobar","Prefix":"fiebaz"}}""" args = ' --instance-id i-12345678 --owner-aki blah --owner-sak blah --storage %s' % json args_list = (self.prefix + args).split() diff --git a/tests/functional/ec2/test_create_tags.py b/tests/functional/ec2/test_create_tags.py index ba254f770a21..3ac64916b6e8 100644 --- a/tests/functional/ec2/test_create_tags.py +++ b/tests/functional/ec2/test_create_tags.py @@ -13,7 +13,6 @@ # language governing permissions and limitations under the License. import sys -from awscli.compat import six from awscli.testutils import unittest from awscli.testutils import BaseAWSCommandParamsTest @@ -29,17 +28,3 @@ def test_create_tag_normal(self): 'Resources': ['i-12345678'], 'Tags': [{'Key': 'Name', 'Value': 'bar'}]} self.assert_params_for_cmd(cmdline, result) - - @unittest.skipIf( - six.PY3, 'Unicode cmd line test only is relevant to python2.') - def test_create_tag_unicode(self): - cmdline = self.prefix - cmdline += u' --resources i-12345678 --tags Key=Name,Value=\u6211' - encoding = getattr(sys.stdin, 'encoding', 'utf-8') - if encoding is None: - encoding = 'utf-8' - cmdline = cmdline.encode(encoding) - result = { - 'Resources': ['i-12345678'], - 'Tags': [{'Key': 'Name', 'Value': u'\u6211'}]} - self.assert_params_for_cmd(cmdline, result) diff --git a/tests/functional/eks/test_kubeconfig.py b/tests/functional/eks/test_kubeconfig.py index 43b2221d175a..2eeb30b36e1c 100644 --- a/tests/functional/eks/test_kubeconfig.py +++ b/tests/functional/eks/test_kubeconfig.py @@ -119,8 +119,9 @@ def test_load_simple(self): ]) loaded_config = self._loader.load_kubeconfig(simple_path) self.assertEqual(loaded_config.content, content) - self._validator.validate_config.called_with(Kubeconfig(simple_path, - content)) + self._validator.validate_config.assert_called_with( + Kubeconfig(simple_path, content) + ) def test_load_noexist(self): no_exist_path = os.path.join(self._temp_directory, @@ -128,17 +129,18 @@ def test_load_noexist(self): loaded_config = self._loader.load_kubeconfig(no_exist_path) self.assertEqual(loaded_config.content, _get_new_kubeconfig_content()) - self._validator.validate_config.called_with( - Kubeconfig(no_exist_path, _get_new_kubeconfig_content())) + self._validator.validate_config.assert_called_with( + Kubeconfig(no_exist_path, _get_new_kubeconfig_content()) + ) def test_load_empty(self): empty_path = self._clone_config("valid_empty_existing") loaded_config = self._loader.load_kubeconfig(empty_path) self.assertEqual(loaded_config.content, _get_new_kubeconfig_content()) - self._validator.validate_config.called_with( - Kubeconfig(empty_path, - _get_new_kubeconfig_content())) + self._validator.validate_config.assert_called_with( + Kubeconfig(empty_path, _get_new_kubeconfig_content()) + ) def test_load_directory(self): current_directory = self._temp_directory diff --git a/tests/functional/elasticbeanstalk/test_create_application.py b/tests/functional/elasticbeanstalk/test_create_application.py index b5e9a779164d..df9b7cd05a8b 100644 --- a/tests/functional/elasticbeanstalk/test_create_application.py +++ b/tests/functional/elasticbeanstalk/test_create_application.py @@ -13,7 +13,6 @@ # language governing permissions and limitations under the License. from awscli.testutils import BaseAWSCommandParamsTest, unittest import sys -from awscli.compat import six class TestUpdateConfigurationTemplate(BaseAWSCommandParamsTest): @@ -25,21 +24,3 @@ def test_ascii(self): cmdline += ' --application-name FooBar' result = {'ApplicationName': 'FooBar',} self.assert_params_for_cmd(cmdline, result) - - @unittest.skipIf( - six.PY3, 'Unicode cmd line test only is relevant to python2.') - def test_py2_bytestring_unicode(self): - # In Python2, sys.argv is a list of bytestrings that are encoded - # in whatever encoding the terminal uses. We have an extra step - # where we need to decode the bytestring into unicode. In - # python3, sys.argv is a list of unicode objects so this test - # doesn't make sense for python3. - cmdline = self.prefix - app_name = u'\u2713' - cmdline += u' --application-name %s' % app_name - encoding = getattr(sys.stdin, 'encoding') - if encoding is None: - encoding = 'utf-8' - cmdline = cmdline.encode(encoding) - result = {'ApplicationName': u'\u2713',} - self.assert_params_for_cmd(cmdline, result) diff --git a/tests/functional/gamelift/test_get_game_session_log.py b/tests/functional/gamelift/test_get_game_session_log.py index b03c17faa000..0f6982c07d3a 100644 --- a/tests/functional/gamelift/test_get_game_session_log.py +++ b/tests/functional/gamelift/test_get_game_session_log.py @@ -13,7 +13,7 @@ import os from awscli.testutils import BaseAWSCommandParamsTest, FileCreator, mock -from awscli.compat import six +from awscli.compat import BytesIO class TestGetGameSessionLog(BaseAWSCommandParamsTest): @@ -28,7 +28,7 @@ def setUp(self): 'awscli.customizations.gamelift.getlog.urlopen') self.contents = b'My Contents' self.urlopen_mock = self.urlopen_patch.start() - self.urlopen_mock.return_value = six.BytesIO(self.contents) + self.urlopen_mock.return_value = BytesIO(self.contents) def tearDown(self): super(TestGetGameSessionLog, self).tearDown() diff --git a/tests/functional/logs/test_startlivetail.py b/tests/functional/logs/test_startlivetail.py new file mode 100644 index 000000000000..a9b55bcb4938 --- /dev/null +++ b/tests/functional/logs/test_startlivetail.py @@ -0,0 +1,100 @@ +# Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You +# may not use this file except in compliance with the License. A copy of +# the License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is +# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF +# ANY KIND, either express or implied. See the License for the specific +# language governing permissions and limitations under the License. +from awscli.testutils import mock, BaseAWSCommandParamsTest + + +class TestStartLiveTailCommand(BaseAWSCommandParamsTest): + def setUp(self): + super(TestStartLiveTailCommand, self).setUp() + self.log_group_identifiers = [ + "arn:aws:logs:us-east-1:123456789012:log-group:mygroup" + ] + self.log_stream_names = ["mystream"] + self.log_stream_name_prefixes = ["mystream"] + self.log_event_filter_pattern = "filterPattern" + + self.raw_stream = mock.Mock() + self.raw_stream.stream = mock.MagicMock(return_value=[]) + self.event_stream = mock.Mock() + self.updates = iter( + [ + {"sessionStart": "The session is started"}, + { + "sessionUpdate": { + "sessionMetadata": {"sampled": False}, + "sessionResults": [ + {"message": "LogEvent1"}, + {"message": "LogEvent2"}, + ], + } + }, + ] + ) + self.parsed_responses = [{"responseStream": self.event_stream}] + + def tearDown(self): + super(TestStartLiveTailCommand, self).tearDown() + + def test_start_live_tail(self): + self.event_stream.__iter__ = mock.MagicMock(return_value=self.updates) + + stdout, _, _ = self.assert_params_for_cmd( + "logs start-live-tail --log-group-identifiers {}".format( + " ".join(self.log_group_identifiers) + ), + params={"logGroupIdentifiers": self.log_group_identifiers}, + ) + self.assertEqual(stdout, "LogEvent1\nLogEvent2\n") + + def test_start_live_tail_with_log_stream_names(self): + self.event_stream.__iter__ = mock.MagicMock(return_value=self.updates) + + stdout, _, _ = self.assert_params_for_cmd( + "logs start-live-tail --log-group-identifiers {} --log-stream-names {}".format( + " ".join(self.log_group_identifiers), " ".join(self.log_stream_names) + ), + params={ + "logGroupIdentifiers": self.log_group_identifiers, + "logStreamNames": self.log_stream_names, + }, + ) + self.assertEqual(stdout, "LogEvent1\nLogEvent2\n") + + def test_start_live_tail_with_log_stream_name_prefixes(self): + self.event_stream.__iter__ = mock.MagicMock(return_value=self.updates) + + stdout, _, _ = self.assert_params_for_cmd( + "logs start-live-tail --log-group-identifiers {} --log-stream-name-prefixes {}".format( + " ".join(self.log_group_identifiers), + " ".join(self.log_stream_name_prefixes), + ), + params={ + "logGroupIdentifiers": self.log_group_identifiers, + "logStreamNamePrefixes": self.log_stream_name_prefixes, + }, + ) + self.assertEqual(stdout, "LogEvent1\nLogEvent2\n") + + def test_start_live_tail_with_filter_pattern(self): + self.event_stream.__iter__ = mock.MagicMock(return_value=self.updates) + + stdout, _, _ = self.assert_params_for_cmd( + "logs start-live-tail --log-group-identifiers {} --log-event-filter-pattern {}".format( + " ".join(self.log_group_identifiers), self.log_event_filter_pattern + ), + params={ + "logGroupIdentifiers": self.log_group_identifiers, + "logEventFilterPattern": self.log_event_filter_pattern, + }, + ) + self.assertEqual(stdout, "LogEvent1\nLogEvent2\n") diff --git a/tests/functional/rds/test_generate_db_auth_token.py b/tests/functional/rds/test_generate_db_auth_token.py index 5d50f291405f..79634ed083c7 100644 --- a/tests/functional/rds/test_generate_db_auth_token.py +++ b/tests/functional/rds/test_generate_db_auth_token.py @@ -15,7 +15,6 @@ from dateutil.tz import tzutc from botocore.compat import urlparse, parse_qs -from awscli.compat import six from awscli.testutils import mock, BaseAWSCommandParamsTest @@ -24,7 +23,7 @@ class TestGenerateDBAuthToken(BaseAWSCommandParamsTest): prefix = 'rds generate-db-auth-token' def _urlparse(self, url): - if isinstance(url, six.binary_type): + if isinstance(url, bytes): # Not really necessary, but it helps to reduce noise on Python 2.x url = url.decode('utf8') return urlparse(url) diff --git a/tests/functional/s3/__init__.py b/tests/functional/s3/__init__.py index 42b943126726..c43e7d68e472 100644 --- a/tests/functional/s3/__init__.py +++ b/tests/functional/s3/__init__.py @@ -11,7 +11,7 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. from awscli.testutils import mock, BaseAWSCommandParamsTest, FileCreator -from awscli.compat import six +from awscli.compat import BytesIO class BaseS3TransferCommandTest(BaseAWSCommandParamsTest): def setUp(self): @@ -57,7 +57,7 @@ def list_objects_response(self, keys): def get_object_response(self): return { 'ETag': '"foo-1"', - 'Body': six.BytesIO(b'foo') + 'Body': BytesIO(b'foo') } def copy_object_response(self): @@ -105,6 +105,7 @@ def put_object_request(self, bucket, key, **override_kwargs): params = { 'Bucket': bucket, 'Key': key, + 'ChecksumAlgorithm': 'CRC32', 'Body': mock.ANY, } params.update(override_kwargs) diff --git a/tests/functional/s3/test_cp_command.py b/tests/functional/s3/test_cp_command.py index 4300a32a4a2e..79eea2ccab7e 100644 --- a/tests/functional/s3/test_cp_command.py +++ b/tests/functional/s3/test_cp_command.py @@ -16,12 +16,12 @@ from awscli.testutils import BaseAWSCommandParamsTest from awscli.testutils import capture_input from awscli.testutils import mock -from awscli.compat import six +from awscli.compat import BytesIO from tests.functional.s3 import BaseS3TransferCommandTest from tests import requires_crt -class BufferedBytesIO(six.BytesIO): +class BufferedBytesIO(BytesIO): @property def buffer(self): return self @@ -82,7 +82,7 @@ def test_upload_grants(self): {'Key': u'key.txt', 'Bucket': u'bucket', 'GrantRead': u'id=foo', 'GrantFullControl': u'id=bar', 'GrantReadACP': u'id=biz', 'GrantWriteACP': u'id=baz', 'ContentType': u'text/plain', - 'Body': mock.ANY} + 'Body': mock.ANY, 'ChecksumAlgorithm': 'CRC32'} ) def test_upload_expires(self): @@ -178,7 +178,7 @@ def test_upload_deep_archive(self): def test_operations_used_in_download_file(self): self.parsed_responses = [ {"ContentLength": "100", "LastModified": "00:00:00Z"}, - {'ETag': '"foo-1"', 'Body': six.BytesIO(b'foo')}, + {'ETag': '"foo-1"', 'Body': BytesIO(b'foo')}, ] cmdline = '%s s3://bucket/key.txt %s' % (self.prefix, self.files.rootdir) @@ -306,7 +306,7 @@ def test_cp_fails_with_utime_errors_but_continues(self): cmdline = '%s s3://bucket/key.txt %s' % (self.prefix, full_path) self.parsed_responses = [ {"ContentLength": "100", "LastModified": "00:00:00Z"}, - {'ETag': '"foo-1"', 'Body': six.BytesIO(b'foo')} + {'ETag': '"foo-1"', 'Body': BytesIO(b'foo')} ] with mock.patch('os.utime') as mock_utime: mock_utime.side_effect = OSError(1, '') @@ -324,7 +324,7 @@ def test_recursive_glacier_download_with_force_glacier(self): ], 'CommonPrefixes': [] }, - {'ETag': '"foo-1"', 'Body': six.BytesIO(b'foo')}, + {'ETag': '"foo-1"', 'Body': BytesIO(b'foo')}, ] cmdline = '%s s3://bucket/foo %s --recursive --force-glacier-transfer'\ % (self.prefix, self.files.rootdir) @@ -449,6 +449,7 @@ def test_cp_with_sse_flag(self): self.assertDictEqual( self.operations_called[0][1], {'Key': 'key.txt', 'Bucket': 'bucket', + 'ChecksumAlgorithm': 'CRC32', 'ContentType': 'text/plain', 'Body': mock.ANY, 'ServerSideEncryption': 'AES256'} ) @@ -464,6 +465,7 @@ def test_cp_with_sse_c_flag(self): self.assertDictEqual( self.operations_called[0][1], {'Key': 'key.txt', 'Bucket': 'bucket', + 'ChecksumAlgorithm': 'CRC32', 'ContentType': 'text/plain', 'Body': mock.ANY, 'SSECustomerAlgorithm': 'AES256', 'SSECustomerKey': 'foo'} ) @@ -488,6 +490,7 @@ def test_cp_with_sse_c_fileb(self): expected_args = { 'Key': 'key.txt', 'Bucket': 'bucket', + 'ChecksumAlgorithm': 'CRC32', 'ContentType': 'text/plain', 'Body': mock.ANY, 'SSECustomerAlgorithm': 'AES256', @@ -512,7 +515,7 @@ def test_cp_with_sse_c_copy_source_fileb(self): "ContentLength": 4, "ETag": '"d3b07384d113edec49eaa6238ad5ff00"', "LastModified": "Tue, 12 Jul 2016 21:26:07 GMT", - "Body": six.BytesIO(b'foo\n') + "Body": BytesIO(b'foo\n') }, {} ] @@ -563,6 +566,7 @@ def test_cp_upload_with_sse_kms_and_key_id(self): self.assertDictEqual( self.operations_called[0][1], {'Key': 'key.txt', 'Bucket': 'bucket', + 'ChecksumAlgorithm': 'CRC32', 'ContentType': 'text/plain', 'Body': mock.ANY, 'SSEKMSKeyId': 'foo', 'ServerSideEncryption': 'aws:kms'} ) @@ -588,6 +592,7 @@ def test_cp_upload_large_file_with_sse_kms_and_key_id(self): self.assertDictEqual( self.operations_called[0][1], {'Key': 'key.txt', 'Bucket': 'bucket', + 'ChecksumAlgorithm': 'CRC32', 'ContentType': 'text/plain', 'SSEKMSKeyId': 'foo', 'ServerSideEncryption': 'aws:kms'} ) @@ -693,6 +698,95 @@ def test_cp_with_error_and_warning_permissions(self): self.assertIn('upload failed', stderr) self.assertIn('warning: File has an invalid timestamp.', stderr) + def test_upload_with_checksum_algorithm_crc32(self): + full_path = self.files.create_file('foo.txt', 'contents') + cmdline = f'{self.prefix} {full_path} s3://bucket/key.txt --checksum-algorithm CRC32' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[0][0].name, 'PutObject') + self.assertEqual(self.operations_called[0][1]['ChecksumAlgorithm'], 'CRC32') + + @requires_crt + def test_upload_with_checksum_algorithm_crc32c(self): + full_path = self.files.create_file('foo.txt', 'contents') + cmdline = f'{self.prefix} {full_path} s3://bucket/key.txt --checksum-algorithm CRC32C' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[0][0].name, 'PutObject') + self.assertEqual(self.operations_called[0][1]['ChecksumAlgorithm'], 'CRC32C') + + @requires_crt + def test_upload_with_checksum_algorithm_crc64nvme(self): + full_path = self.files.create_file('foo.txt', 'contents') + cmdline = f'{self.prefix} {full_path} s3://bucket/key.txt --checksum-algorithm CRC64NVME' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[0][0].name, 'PutObject') + self.assertEqual(self.operations_called[0][1]['ChecksumAlgorithm'], 'CRC64NVME') + + def test_multipart_upload_with_checksum_algorithm_crc32(self): + full_path = self.files.create_file('foo.txt', 'a' * 10 * (1024 ** 2)) + self.parsed_responses = [ + {'UploadId': 'foo'}, + {'ETag': 'foo-e1', 'ChecksumCRC32': 'foo-1'}, + {'ETag': 'foo-e2', 'ChecksumCRC32': 'foo-2'}, + {} + ] + cmdline = ('%s %s s3://bucket/key2.txt' + ' --checksum-algorithm CRC32' % (self.prefix, full_path)) + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(len(self.operations_called), 4, self.operations_called) + self.assertEqual(self.operations_called[0][0].name, 'CreateMultipartUpload') + self.assertEqual(self.operations_called[0][1]['ChecksumAlgorithm'], 'CRC32') + self.assertEqual(self.operations_called[1][0].name, 'UploadPart') + self.assertEqual(self.operations_called[1][1]['ChecksumAlgorithm'], 'CRC32') + self.assertEqual(self.operations_called[3][0].name, 'CompleteMultipartUpload') + self.assertIn({'ETag': 'foo-e1', 'ChecksumCRC32': 'foo-1', 'PartNumber': mock.ANY}, + self.operations_called[3][1]['MultipartUpload']['Parts']) + self.assertIn({'ETag': 'foo-e2', 'ChecksumCRC32': 'foo-2', 'PartNumber': mock.ANY}, + self.operations_called[3][1]['MultipartUpload']['Parts']) + + def test_copy_with_checksum_algorithm_crc32(self): + self.parsed_responses = [ + self.head_object_response(), + # Mocked CopyObject response with a CRC32 checksum specified + { + 'ETag': 'foo-1', + 'ChecksumCRC32': 'Tq0H4g==' + } + ] + cmdline = f'{self.prefix} s3://bucket1/key.txt s3://bucket2/key.txt --checksum-algorithm CRC32' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[1][0].name, 'CopyObject') + self.assertEqual(self.operations_called[1][1]['ChecksumAlgorithm'], 'CRC32') + + def test_download_with_checksum_mode_crc32(self): + self.parsed_responses = [ + self.head_object_response(), + # Mocked GetObject response with a checksum algorithm specified + { + 'ETag': 'foo-1', + 'ChecksumCRC32': 'Tq0H4g==', + 'Body': BytesIO(b'foo') + } + ] + cmdline = f'{self.prefix} s3://bucket/foo {self.files.rootdir} --checksum-mode ENABLED' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[1][0].name, 'GetObject') + self.assertEqual(self.operations_called[1][1]['ChecksumMode'], 'ENABLED') + + def test_download_with_checksum_mode_crc32c(self): + self.parsed_responses = [ + self.head_object_response(), + # Mocked GetObject response with a checksum algorithm specified + { + 'ETag': 'foo-1', + 'ChecksumCRC32C': 'checksum', + 'Body': BytesIO(b'foo') + } + ] + cmdline = f'{self.prefix} s3://bucket/foo {self.files.rootdir} --checksum-mode ENABLED' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[1][0].name, 'GetObject') + self.assertEqual(self.operations_called[1][1]['ChecksumMode'], 'ENABLED') + class TestStreamingCPCommand(BaseAWSCommandParamsTest): def test_streaming_upload(self): @@ -710,6 +804,7 @@ def test_streaming_upload(self): expected_args = { 'Bucket': 'bucket', 'Key': 'streaming.txt', + 'ChecksumAlgorithm': 'CRC32', 'Body': mock.ANY } @@ -731,6 +826,7 @@ def test_streaming_upload_with_expected_size(self): expected_args = { 'Bucket': 'bucket', 'Key': 'streaming.txt', + 'ChecksumAlgorithm': 'CRC32', 'Body': mock.ANY } @@ -790,7 +886,7 @@ def test_streaming_download(self): "ContentLength": 4, "ETag": '"d3b07384d113edec49eaa6238ad5ff00"', "LastModified": "Tue, 12 Jul 2016 21:26:07 GMT", - "Body": six.BytesIO(b'foo\n') + "Body": BytesIO(b'foo\n') } ] @@ -836,6 +932,7 @@ def test_single_upload(self): ('PutObject', { 'Bucket': 'mybucket', 'Key': 'mykey', + 'ChecksumAlgorithm': 'CRC32', 'RequestPayer': 'requester', 'Body': mock.ANY, }) @@ -860,11 +957,13 @@ def test_multipart_upload(self): ('CreateMultipartUpload', { 'Bucket': 'mybucket', 'Key': 'mykey', + 'ChecksumAlgorithm': 'CRC32', 'RequestPayer': 'requester', }), ('UploadPart', { 'Bucket': 'mybucket', 'Key': 'mykey', + 'ChecksumAlgorithm': 'CRC32', 'RequestPayer': 'requester', 'UploadId': 'myid', 'PartNumber': mock.ANY, @@ -873,6 +972,7 @@ def test_multipart_upload(self): ('UploadPart', { 'Bucket': 'mybucket', 'Key': 'mykey', + 'ChecksumAlgorithm': 'CRC32', 'RequestPayer': 'requester', 'UploadId': 'myid', 'PartNumber': mock.ANY, @@ -905,6 +1005,7 @@ def test_recursive_upload(self): ('PutObject', { 'Bucket': 'mybucket', 'Key': 'myfile', + 'ChecksumAlgorithm': 'CRC32', 'RequestPayer': 'requester', 'Body': mock.ANY, }) diff --git a/tests/functional/s3/test_ls_command.py b/tests/functional/s3/test_ls_command.py index 55d09ebf0e28..4df626f8b600 100644 --- a/tests/functional/s3/test_ls_command.py +++ b/tests/functional/s3/test_ls_command.py @@ -40,6 +40,12 @@ def test_errors_out_with_extra_arguments(self): self.assertIn('Unknown options', stderr) self.assertIn('--extra-argument-foo', stderr) + def test_list_buckets_use_page_size(self): + stdout, _, _ = self.run_cmd('s3 ls --page-size 8', expected_rc=0) + call_args = self.operations_called[0][1] + # The page size gets translated to ``MaxBuckets`` in the s3 model + self.assertEqual(call_args['MaxBuckets'], 8) + def test_operations_use_page_size(self): time_utc = "2014-01-09T20:45:49.000Z" self.parsed_responses = [{"CommonPrefixes": [], "Contents": [ @@ -209,3 +215,23 @@ def test_accesspoint_arn(self): self.run_cmd('s3 ls s3://%s' % arn, expected_rc=0) call_args = self.operations_called[0][1] self.assertEqual(call_args['Bucket'], arn) + + def test_list_buckets_uses_bucket_name_prefix(self): + stdout, _, _ = self.run_cmd('s3 ls --bucket-name-prefix myprefix', expected_rc=0) + call_args = self.operations_called[0][1] + self.assertEqual(call_args['Prefix'], 'myprefix') + + def test_list_buckets_uses_bucket_region(self): + stdout, _, _ = self.run_cmd('s3 ls --bucket-region us-west-1', expected_rc=0) + call_args = self.operations_called[0][1] + self.assertEqual(call_args['BucketRegion'], 'us-west-1') + + def test_list_objects_ignores_bucket_name_prefix(self): + stdout, _, _ = self.run_cmd('s3 ls s3://mybucket --bucket-name-prefix myprefix', expected_rc=0) + call_args = self.operations_called[0][1] + self.assertEqual(call_args['Prefix'], '') + + def test_list_objects_ignores_bucket_region(self): + stdout, _, _ = self.run_cmd('s3 ls s3://mybucket --bucket-region us-west-1', expected_rc=0) + call_args = self.operations_called[0][1] + self.assertNotIn('BucketRegion', call_args) diff --git a/tests/functional/s3/test_mb_command.py b/tests/functional/s3/test_mb_command.py index 59305a7bec66..6076455db527 100644 --- a/tests/functional/s3/test_mb_command.py +++ b/tests/functional/s3/test_mb_command.py @@ -45,3 +45,8 @@ def test_location_constraint_not_added_on_us_east_1(self): def test_nonzero_exit_if_invalid_path_provided(self): command = self.prefix + 'bucket' self.run_cmd(command, expected_rc=255) + + def test_incompatible_with_express_directory_bucket(self): + command = self.prefix + 's3://bucket--usw2-az1--x-s3/' + stderr = self.run_cmd(command, expected_rc=255)[1] + self.assertIn('Cannot use mb command with a directory bucket.', stderr) \ No newline at end of file diff --git a/tests/functional/s3/test_mv_command.py b/tests/functional/s3/test_mv_command.py index 78d7cec1272e..bb673c6f123f 100644 --- a/tests/functional/s3/test_mv_command.py +++ b/tests/functional/s3/test_mv_command.py @@ -11,8 +11,10 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -from awscli.compat import six +from awscli.customizations.s3.utils import S3PathResolver +from awscli.compat import BytesIO from tests.functional.s3 import BaseS3TransferCommandTest +from tests import requires_crt class TestMvCommand(BaseS3TransferCommandTest): @@ -81,7 +83,7 @@ def test_download_move_with_request_payer(self): # Response for HeadObject {"ContentLength": 100, "LastModified": "00:00:00Z"}, # Response for GetObject - {'ETag': '"foo-1"', 'Body': six.BytesIO(b'foo')}, + {'ETag': '"foo-1"', 'Body': BytesIO(b'foo')}, # Response for DeleteObject {} ] @@ -129,3 +131,310 @@ def test_copy_move_with_request_payer(self): 'sourcebucket', 'sourcekey', RequestPayer='requester') ] ) + + def test_upload_with_checksum_algorithm_crc32(self): + full_path = self.files.create_file('foo.txt', 'contents') + cmdline = f'{self.prefix} {full_path} s3://bucket/key.txt --checksum-algorithm CRC32' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[0][0].name, 'PutObject') + self.assertEqual(self.operations_called[0][1]['ChecksumAlgorithm'], 'CRC32') + + def test_download_with_checksum_mode_crc32(self): + self.parsed_responses = [ + self.head_object_response(), + # Mocked GetObject response with a checksum algorithm specified + { + 'ETag': 'foo-1', + 'ChecksumCRC32': 'checksum', + 'Body': BytesIO(b'foo') + }, + self.delete_object_response() + ] + cmdline = f'{self.prefix} s3://bucket/foo {self.files.rootdir} --checksum-mode ENABLED' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[1][0].name, 'GetObject') + self.assertEqual(self.operations_called[1][1]['ChecksumMode'], 'ENABLED') + + +class TestMvCommandWithValidateSameS3Paths(BaseS3TransferCommandTest): + + prefix = 's3 mv ' + + def assert_validates_cannot_mv_onto_itself(self, cmd): + stderr = self.run_cmd(cmd, expected_rc=255)[1] + self.assertIn('Cannot mv a file onto itself', stderr) + + def assert_runs_mv_without_validation(self, cmd): + self.parsed_responses = [ + self.head_object_response(), + self.copy_object_response(), + self.delete_object_response(), + ] + self.run_cmd(cmd, expected_rc=0) + self.assertEqual(len(self.operations_called), 3, + self.operations_called) + self.assertEqual(self.operations_called[0][0].name, 'HeadObject') + self.assertEqual(self.operations_called[1][0].name, 'CopyObject') + self.assertEqual(self.operations_called[2][0].name, 'DeleteObject') + + def assert_raises_warning(self, cmd): + self.parsed_responses = [ + self.head_object_response(), + self.copy_object_response(), + self.delete_object_response(), + ] + stderr = self.run_cmd(cmd, expected_rc=0)[1] + self.assertIn('warning: Provided s3 paths may resolve', stderr) + + def test_cant_mv_object_onto_itself_access_point_arn(self): + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/" + "myaccesspoint/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + {"Bucket": "bucket"} + ] + self.assert_validates_cannot_mv_onto_itself(cmdline) + + def test_cant_mv_object_onto_itself_access_point_arn_as_source(self): + cmdline = (f"{self.prefix}s3://arn:aws:s3:us-west-2:123456789012:" + "accesspoint/myaccesspoint/key " + "s3://bucket/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + {"Bucket": "bucket"} + ] + self.assert_validates_cannot_mv_onto_itself(cmdline) + + def test_cant_mv_object_onto_itself_access_point_arn_with_env_var(self): + self.environ['AWS_CLI_S3_MV_VALIDATE_SAME_S3_PATHS'] = 'true' + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/" + "myaccesspoint/key") + self.parsed_responses = [ + {"Bucket": "bucket"} + ] + self.assert_validates_cannot_mv_onto_itself(cmdline) + + def test_cant_mv_object_onto_itself_access_point_arn_base_key(self): + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/" + "myaccesspoint/ " + "--validate-same-s3-paths") + self.parsed_responses = [ + {"Bucket": "bucket"} + ] + self.assert_validates_cannot_mv_onto_itself(cmdline) + + def test_cant_mv_object_onto_itself_access_point_arn_base_prefix(self): + cmdline = (f"{self.prefix}s3://bucket/prefix/key " + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/" + "myaccesspoint/prefix/ " + "--validate-same-s3-paths") + self.parsed_responses = [ + {"Bucket": "bucket"} + ] + self.assert_validates_cannot_mv_onto_itself(cmdline) + + def test_cant_mv_object_onto_itself_access_point_alias(self): + cmdline = (f"{self.prefix} s3://bucket/key " + "s3://myaccesspoint-foobar-s3alias/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + {"Account": "123456789012"}, + {"Bucket": "bucket"} + ] + self.assert_validates_cannot_mv_onto_itself(cmdline) + + def test_cant_mv_object_onto_itself_outpost_access_point_arn(self): + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3-outposts:us-east-1:123456789012:outpost/" + "op-foobar/accesspoint/myaccesspoint/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + {"Bucket": "bucket"} + ] + self.assert_validates_cannot_mv_onto_itself(cmdline) + + def test_outpost_access_point_alias_raises_error(self): + cmdline = (f"{self.prefix} s3://bucket/key " + "s3://myaccesspoint-foobar--op-s3/key " + "--validate-same-s3-paths") + stderr = self.run_cmd(cmdline, expected_rc=255)[1] + self.assertIn("Can't resolve underlying bucket name", stderr) + + def test_cant_mv_object_onto_itself_mrap_arn(self): + cmdline = (f"{self.prefix} s3://bucket/key " + "s3://arn:aws:s3::123456789012:accesspoint/foobar.mrap/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + { + "AccessPoints": [{ + "Alias": "foobar.mrap", + "Regions": [ + {"Bucket": "differentbucket"}, + {"Bucket": "bucket"} + ] + }] + } + ] + self.assert_validates_cannot_mv_onto_itself(cmdline) + + def test_get_mrap_buckets_raises_if_alias_not_found(self): + cmdline = (f"{self.prefix} s3://bucket/key " + "s3://arn:aws:s3::123456789012:accesspoint/foobar.mrap/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + { + "AccessPoints": [{ + "Alias": "baz.mrap", + "Regions": [ + {"Bucket": "differentbucket"}, + {"Bucket": "bucket"} + ] + }] + } + ] + stderr = self.run_cmd(cmdline, expected_rc=255)[1] + self.assertEqual( + "\nCouldn't find multi-region access point with alias foobar.mrap " + "in account 123456789012\n", + stderr + ) + + def test_mv_works_if_access_point_arn_resolves_to_different_bucket(self): + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/" + "myaccesspoint/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + {"Bucket": "differentbucket"}, + self.head_object_response(), + self.copy_object_response(), + self.delete_object_response(), + ] + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(len(self.operations_called), 4, + self.operations_called) + self.assertEqual(self.operations_called[0][0].name, 'GetAccessPoint') + self.assertEqual(self.operations_called[1][0].name, 'HeadObject') + self.assertEqual(self.operations_called[2][0].name, 'CopyObject') + self.assertEqual(self.operations_called[3][0].name, 'DeleteObject') + + def test_mv_works_if_access_point_alias_resolves_to_different_bucket(self): + cmdline = (f"{self.prefix} s3://bucket/key " + "s3://myaccesspoint-foobar-s3alias/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + {"Account": "123456789012"}, + {"Bucket": "differentbucket"}, + self.head_object_response(), + self.copy_object_response(), + self.delete_object_response(), + ] + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(len(self.operations_called), 5, + self.operations_called) + self.assertEqual(self.operations_called[0][0].name, 'GetCallerIdentity') + self.assertEqual(self.operations_called[1][0].name, 'GetAccessPoint') + self.assertEqual(self.operations_called[2][0].name, 'HeadObject') + self.assertEqual(self.operations_called[3][0].name, 'CopyObject') + self.assertEqual(self.operations_called[4][0].name, 'DeleteObject') + + def test_mv_works_if_outpost_access_point_arn_resolves_to_different_bucket(self): + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3-outposts:us-east-1:123456789012:outpost/" + "op-foobar/accesspoint/myaccesspoint/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + {"Bucket": "differentbucket"}, + self.head_object_response(), + self.copy_object_response(), + self.delete_object_response(), + ] + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(len(self.operations_called), 4, + self.operations_called) + self.assertEqual(self.operations_called[0][0].name, 'GetAccessPoint') + self.assertEqual(self.operations_called[1][0].name, 'HeadObject') + self.assertEqual(self.operations_called[2][0].name, 'CopyObject') + self.assertEqual(self.operations_called[3][0].name, 'DeleteObject') + + @requires_crt + def test_mv_works_if_mrap_arn_resolves_to_different_bucket(self): + cmdline = (f"{self.prefix} s3://bucket/key " + "s3://arn:aws:s3::123456789012:accesspoint/foobar.mrap/key " + "--validate-same-s3-paths") + self.parsed_responses = [ + { + "AccessPoints": [{ + "Alias": "foobar.mrap", + "Regions": [ + {"Bucket": "differentbucket"}, + ] + }] + }, + self.head_object_response(), + self.copy_object_response(), + self.delete_object_response(), + ] + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(len(self.operations_called), 4, + self.operations_called) + self.assertEqual(self.operations_called[0][0].name, 'ListMultiRegionAccessPoints') + self.assertEqual(self.operations_called[1][0].name, 'HeadObject') + self.assertEqual(self.operations_called[2][0].name, 'CopyObject') + self.assertEqual(self.operations_called[3][0].name, 'DeleteObject') + + def test_skips_validation_if_keys_are_different_accesspoint_arn(self): + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/" + "myaccesspoint/key2 " + "--validate-same-s3-paths") + self.assert_runs_mv_without_validation(cmdline) + + def test_skips_validation_if_prefixes_are_different_accesspoint_arn(self): + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/" + "myaccesspoint/prefix/ " + "--validate-same-s3-paths") + self.assert_runs_mv_without_validation(cmdline) + + def test_skips_validation_if_keys_are_different_accesspoint_alias(self): + cmdline = (f"{self.prefix} s3://bucket/key " + "s3://myaccesspoint-foobar-s3alias/key2 " + "--validate-same-s3-paths") + self.assert_runs_mv_without_validation(cmdline) + + def test_skips_validation_if_keys_are_different_outpost_arn(self): + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3-outposts:us-east-1:123456789012:outpost/" + "op-foobar/accesspoint/myaccesspoint/key2 " + "--validate-same-s3-paths") + self.assert_runs_mv_without_validation(cmdline) + + def test_skips_validation_if_keys_are_different_outpost_alias(self): + cmdline = (f"{self.prefix} s3://bucket/key " + "s3://myaccesspoint-foobar--op-s3/key2 " + "--validate-same-s3-paths") + self.assert_runs_mv_without_validation(cmdline) + + @requires_crt + def test_skips_validation_if_keys_are_different_mrap_arn(self): + cmdline = (f"{self.prefix} s3://bucket/key " + "s3://arn:aws:s3::123456789012:accesspoint/foobar.mrap/key2 " + "--validate-same-s3-paths") + self.assert_runs_mv_without_validation(cmdline) + + def test_raises_warning_if_validation_not_set(self): + cmdline = (f"{self.prefix}s3://bucket/key " + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/" + "myaccesspoint/key") + self.assert_raises_warning(cmdline) + + def test_raises_warning_if_validation_not_set_source(self): + cmdline = (f"{self.prefix}" + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/" + "myaccesspoint/key " + "s3://bucket/key") + self.assert_raises_warning(cmdline) diff --git a/tests/functional/s3/test_sync_command.py b/tests/functional/s3/test_sync_command.py index 310543461800..c096862ce01c 100644 --- a/tests/functional/s3/test_sync_command.py +++ b/tests/functional/s3/test_sync_command.py @@ -12,8 +12,8 @@ # language governing permissions and limitations under the License. import os -from awscli.compat import six -from awscli.testutils import mock +from awscli.testutils import mock, cd +from awscli.compat import BytesIO from tests.functional.s3 import BaseS3TransferCommandTest @@ -65,7 +65,7 @@ def test_sync_to_non_existant_directory(self): {"Key": key, "Size": 3, "LastModified": "2014-01-09T20:45:49.000Z"}]}, {'ETag': '"c8afdb36c52cf4727836669019e69222-"', - 'Body': six.BytesIO(b'foo')} + 'Body': BytesIO(b'foo')} ] self.run_cmd(cmdline, expected_rc=0) # Make sure the file now exists. @@ -83,7 +83,7 @@ def test_glacier_sync_with_force_glacier(self): ], 'CommonPrefixes': [] }, - {'ETag': '"foo-1"', 'Body': six.BytesIO(b'foo')}, + {'ETag': '"foo-1"', 'Body': BytesIO(b'foo')}, ] cmdline = '%s s3://bucket/foo %s --force-glacier-transfer' % ( self.prefix, self.files.rootdir) @@ -287,3 +287,144 @@ def test_with_accesspoint_arn(self): self.get_object_request(accesspoint_arn, 'mykey') ] ) + + def test_upload_with_checksum_algorithm_sha1(self): + self.files.create_file('foo.txt', 'contents') + cmdline = f'{self.prefix} {self.files.rootdir} s3://bucket/ --checksum-algorithm SHA1' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[1][0].name, 'PutObject') + self.assertEqual(self.operations_called[1][1]['ChecksumAlgorithm'], 'SHA1') + + def test_copy_with_checksum_algorithm_update_sha1(self): + cmdline = f'{self.prefix} s3://src-bucket/ s3://dest-bucket/ --checksum-algorithm SHA1' + self.parsed_responses = [ + # Response for ListObjects on source bucket + { + 'Contents': [ + { + 'Key': 'mykey', + 'LastModified': '00:00:00Z', + 'Size': 100, + 'ChecksumAlgorithm': 'SHA1' + } + ], + 'CommonPrefixes': [] + }, + # Response for ListObjects on destination bucket + self.list_objects_response([]), + # Response for CopyObject + { + 'ChecksumSHA1': 'sha1-checksum' + } + ] + self.run_cmd(cmdline, expected_rc=0) + self.assert_operations_called( + [ + self.list_objects_request('src-bucket'), + self.list_objects_request('dest-bucket'), + ( + 'CopyObject', { + 'CopySource': { + 'Bucket': 'src-bucket', + 'Key': 'mykey' + }, + 'Bucket': 'dest-bucket', + 'Key': 'mykey', + 'ChecksumAlgorithm': 'SHA1' + } + ) + ] + ) + + def test_upload_with_checksum_algorithm_sha256(self): + self.files.create_file('foo.txt', 'contents') + cmdline = f'{self.prefix} {self.files.rootdir} s3://bucket/ --checksum-algorithm SHA256' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[1][0].name, 'PutObject') + self.assertEqual(self.operations_called[1][1]['ChecksumAlgorithm'], 'SHA256') + + def test_download_with_checksum_mode_sha1(self): + self.parsed_responses = [ + self.list_objects_response(['bucket']), + # Mocked GetObject response with a checksum algorithm specified + { + 'ETag': 'foo-1', + 'ChecksumSHA1': 'checksum', + 'Body': BytesIO(b'foo') + } + ] + cmdline = f'{self.prefix} s3://bucket/foo {self.files.rootdir} --checksum-mode ENABLED' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[0][0].name, 'ListObjectsV2') + self.assertEqual(self.operations_called[1][0].name, 'GetObject') + self.assertIn(('ChecksumMode', 'ENABLED'), self.operations_called[1][1].items()) + + def test_download_with_checksum_mode_sha256(self): + self.parsed_responses = [ + self.list_objects_response(['bucket']), + # Mocked GetObject response with a checksum algorithm specified + { + 'ETag': 'foo-1', + 'ChecksumSHA256': 'checksum', + 'Body': BytesIO(b'foo') + } + ] + cmdline = f'{self.prefix} s3://bucket/foo {self.files.rootdir} --checksum-mode ENABLED' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[0][0].name, 'ListObjectsV2') + self.assertEqual(self.operations_called[1][0].name, 'GetObject') + self.assertIn(('ChecksumMode', 'ENABLED'), self.operations_called[1][1].items()) + + def test_download_with_checksum_mode_crc64nvme(self): + self.parsed_responses = [ + self.list_objects_response(['bucket']), + # Mocked GetObject response with a checksum algorithm specified + { + 'ETag': 'foo-1', + 'ChecksumCRC64NVME': 'checksum', + 'Body': BytesIO(b'foo') + } + ] + cmdline = f'{self.prefix} s3://bucket/foo {self.files.rootdir} --checksum-mode ENABLED' + self.run_cmd(cmdline, expected_rc=0) + self.assertEqual(self.operations_called[0][0].name, 'ListObjectsV2') + self.assertEqual(self.operations_called[1][0].name, 'GetObject') + self.assertIn(('ChecksumMode', 'ENABLED'), self.operations_called[1][1].items()) + + +class TestSyncCommandWithS3Express(BaseS3TransferCommandTest): + + prefix = 's3 sync ' + + def test_incompatible_with_sync_upload(self): + cmdline = '%s %s s3://testdirectorybucket--usw2-az1--x-s3/' % (self.prefix, self.files.rootdir) + stderr = self.run_cmd(cmdline, expected_rc=255)[1] + self.assertIn('Cannot use sync command with a directory bucket.', stderr) + + def test_incompatible_with_sync_download(self): + cmdline = '%s s3://testdirectorybucket--usw2-az1--x-s3/ %s' % (self.prefix, self.files.rootdir) + stderr = self.run_cmd(cmdline, expected_rc=255)[1] + self.assertIn('Cannot use sync command with a directory bucket.', stderr) + + def test_incompatible_with_sync_copy(self): + cmdline = '%s s3://bucket/ s3://testdirectorybucket--usw2-az1--x-s3/' % self.prefix + stderr = self.run_cmd(cmdline, expected_rc=255)[1] + self.assertIn('Cannot use sync command with a directory bucket.', stderr) + + def test_incompatible_with_sync_with_delete(self): + cmdline = '%s s3://bucket/ s3://testdirectorybucket--usw2-az1--x-s3/ --delete' % self.prefix + stderr = self.run_cmd(cmdline, expected_rc=255)[1] + self.assertIn('Cannot use sync command with a directory bucket.', stderr) + + def test_compatible_with_sync_with_local_directory_like_directory_bucket(self): + self.parsed_responses = [ + {'Contents': []} + ] + + cmdline = '%s s3://bucket/ testdirectorybucket--usw2-az1--x-s3/' % self.prefix + with cd(self.files.rootdir): + _, stderr, _ = self.run_cmd(cmdline) + + # Just asserting that command validated and made an API call + self.assertEqual(len(self.operations_called), 1) + self.assertEqual(self.operations_called[0][0].name, 'ListObjectsV2') diff --git a/tests/functional/s3api/test_get_object.py b/tests/functional/s3api/test_get_object.py index c23f72cd2218..5b0e2d53983f 100644 --- a/tests/functional/s3api/test_get_object.py +++ b/tests/functional/s3api/test_get_object.py @@ -12,11 +12,10 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. from awscli.testutils import BaseAWSCommandParamsTest +from awscli.compat import StringIO import os import re -from awscli.compat import six - import awscli.clidriver @@ -26,7 +25,7 @@ class TestGetObject(BaseAWSCommandParamsTest): def setUp(self): super(TestGetObject, self).setUp() - self.parsed_response = {'Body': six.StringIO()} + self.parsed_response = {'Body': StringIO()} def remove_file_if_exists(self, filename): if os.path.isfile(filename): @@ -39,6 +38,7 @@ def test_simple(self): cmdline += ' outfile' self.addCleanup(self.remove_file_if_exists, 'outfile') self.assert_params_for_cmd(cmdline, {'Bucket': 'mybucket', + 'ChecksumMode': 'ENABLED', 'Key': 'mykey'}) def test_range(self): @@ -49,6 +49,7 @@ def test_range(self): cmdline += ' outfile' self.addCleanup(self.remove_file_if_exists, 'outfile') self.assert_params_for_cmd(cmdline, {'Bucket': 'mybucket', + 'ChecksumMode': 'ENABLED', 'Key': 'mykey', 'Range': 'bytes=0-499'}) @@ -62,7 +63,9 @@ def test_response_headers(self): self.addCleanup(self.remove_file_if_exists, 'outfile') self.assert_params_for_cmd( cmdline, { - 'Bucket': 'mybucket', 'Key': 'mykey', + 'Bucket': 'mybucket', + 'ChecksumMode': 'ENABLED', + 'Key': 'mykey', 'ResponseCacheControl': 'No-cache', 'ResponseContentEncoding': 'x-gzip' } @@ -84,7 +87,7 @@ def test_streaming_output_arg_with_error_response(self): cmdline += ' outfile' self.addCleanup(self.remove_file_if_exists, 'outfile') self.assert_params_for_cmd( - cmdline, {'Bucket': 'mybucket', 'Key': 'mykey'}) + cmdline, {'Bucket': 'mybucket', 'ChecksumMode': 'ENABLED', 'Key': 'mykey'}) if __name__ == "__main__": diff --git a/tests/functional/s3api/test_put_bucket_tagging.py b/tests/functional/s3api/test_put_bucket_tagging.py index 7bde081c93af..92ce5b874290 100644 --- a/tests/functional/s3api/test_put_bucket_tagging.py +++ b/tests/functional/s3api/test_put_bucket_tagging.py @@ -15,7 +15,6 @@ import copy from awscli.testutils import BaseAWSCommandParamsTest -from awscli.compat import six # file is gone in python3, so instead IOBase must be used. diff --git a/tests/functional/s3api/test_put_object.py b/tests/functional/s3api/test_put_object.py index c60a0627a20a..2bc37f9cc1e6 100644 --- a/tests/functional/s3api/test_put_object.py +++ b/tests/functional/s3api/test_put_object.py @@ -16,7 +16,6 @@ import copy from awscli.testutils import BaseAWSCommandParamsTest, FileCreator -from awscli.compat import six import awscli.clidriver diff --git a/tests/functional/ses/test_send_email.py b/tests/functional/ses/test_send_email.py index 9c449291fa4d..90d18960d0a5 100644 --- a/tests/functional/ses/test_send_email.py +++ b/tests/functional/ses/test_send_email.py @@ -13,9 +13,6 @@ # language governing permissions and limitations under the License. from awscli.testutils import BaseAWSCommandParamsTest -from awscli.compat import six -from six.moves import cStringIO - class TestSendEmail(BaseAWSCommandParamsTest): diff --git a/tests/functional/ssm/test_start_session.py b/tests/functional/ssm/test_start_session.py index 8c391024eb24..2ea8b3c4e0f4 100644 --- a/tests/functional/ssm/test_start_session.py +++ b/tests/functional/ssm/test_start_session.py @@ -15,38 +15,331 @@ from awscli.testutils import BaseAWSCommandParamsTest from awscli.testutils import BaseAWSHelpOutputTest -from awscli.testutils import mock +from awscli.testutils import create_clidriver, mock, temporary_file +from botocore.exceptions import ProfileNotFound -class TestSessionManager(BaseAWSCommandParamsTest): +class TestSessionManager(BaseAWSCommandParamsTest): @mock.patch('awscli.customizations.sessionmanager.check_call') - def test_start_session_success(self, mock_check_call): + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_start_session_success(self, mock_check_output, mock_check_call): cmdline = 'ssm start-session --target instance-id' mock_check_call.return_value = 0 - self.parsed_responses = [{ + mock_check_output.return_value = "1.2.0.0\n" + expected_response = { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + self.parsed_responses = [expected_response] + start_session_params = {"Target": "instance-id"} + + self.run_cmd(cmdline, expected_rc=0) + + mock_check_call.assert_called_once_with( + [ + "session-manager-plugin", + json.dumps(expected_response), + mock.ANY, + "StartSession", + "", + json.dumps(start_session_params), + mock.ANY, + ], + env=self.environ, + ) + + @mock.patch("awscli.customizations.sessionmanager.check_call") + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_start_session_with_new_version_plugin_success( + self, mock_check_output, mock_check_call + ): + cmdline = "ssm start-session --target instance-id" + mock_check_call.return_value = 0 + mock_check_output.return_value = "1.2.500.0\n" + expected_response = { "SessionId": "session-id", "TokenValue": "token-value", - "StreamUrl": "stream-url" - }] + "StreamUrl": "stream-url", + } + self.parsed_responses = [expected_response] + + ssm_env_name = "AWS_SSM_START_SESSION_RESPONSE" + start_session_params = {"Target": "instance-id"} + expected_env = self.environ.copy() + expected_env.update({ssm_env_name: json.dumps(expected_response)}) + self.run_cmd(cmdline, expected_rc=0) self.assertEqual(self.operations_called[0][0].name, 'StartSession') self.assertEqual(self.operations_called[0][1], {'Target': 'instance-id'}) - actual_response = json.loads(mock_check_call.call_args[0][0][1]) - self.assertEqual( - {"SessionId": "session-id", - "TokenValue": "token-value", - "StreamUrl": "stream-url"}, - actual_response) + + mock_check_call.assert_called_once_with( + [ + "session-manager-plugin", + ssm_env_name, + mock.ANY, + "StartSession", + "", + json.dumps(start_session_params), + mock.ANY, + ], + env=expected_env, + ) + + @mock.patch("awscli.customizations.sessionmanager.check_call") + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_profile_parameter_passed_to_sessionmanager_plugin( + self, mock_check_output, mock_check_call + ): + cmdline = ( + "ssm start-session --target instance-id " + "--profile user_profile" + ) + mock_check_call.return_value = 0 + mock_check_output.return_value = "1.2.500.0\n" + expected_response = { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + self.parsed_responses = [expected_response] + ssm_env_name = "AWS_SSM_START_SESSION_RESPONSE" + start_session_params = { + "Target": "instance-id", + } + + # We test this by creating 4 credentials + # env vars, default profile (default), + # env aws profile (local_profile) + # and StartSession command profile (user_profile) + # We want to make sure only profile name in command + # be set to session manager plugin as parameter + self.environ['AWS_ACCESS_KEY_ID'] = 'env_var_akid' + self.environ['AWS_SECRET_ACCESS_KEY'] = 'env_var_sak' + + with temporary_file('w') as f: + f.write( + '[default]\n' + 'aws_access_key_id = shared_default_akid\n' + 'aws_secret_access_key = shared_default_sak\n' + '[local_profile]\n' + 'aws_access_key_id = shared_local_akid\n' + 'aws_secret_access_key = shared_local_sak\n' + '[user_profile]\n' + 'aws_access_key_id = shared_user_akid\n' + 'aws_secret_access_key = shared_user_sak\n' + ) + f.flush() + + self.environ['AWS_SHARED_CREDENTIALS_FILE'] = f.name + self.environ["AWS_PROFILE"] = "local_profile" + + expected_env = self.environ.copy() + expected_env.update({ssm_env_name: json.dumps(expected_response)}) + + self.driver = create_clidriver() + self.run_cmd(cmdline, expected_rc=0) + + self.assertEqual(self.operations_called[0][0].name, + 'StartSession') + self.assertEqual(self.operations_called[0][1], + {'Target': 'instance-id'}) + mock_check_call.assert_called_once_with( + [ + "session-manager-plugin", + ssm_env_name, + mock.ANY, + "StartSession", + "user_profile", + json.dumps(start_session_params), + mock.ANY, + ], + env=expected_env, + ) + + @mock.patch("awscli.customizations.sessionmanager.check_call") + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_profile_environment_not_passed_to_sessionmanager_plugin( + self, mock_check_output, mock_check_call + ): + cmdline = "ssm start-session --target instance-id" + mock_check_call.return_value = 0 + mock_check_output.return_value = "1.2.500.0\n" + expected_response = { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + self.parsed_responses = [expected_response] + ssm_env_name = "AWS_SSM_START_SESSION_RESPONSE" + start_session_params = { + "Target": "instance-id", + } + + with temporary_file('w') as f: + f.write( + '[default]\n' + 'aws_access_key_id = shared_default_akid\n' + 'aws_secret_access_key = shared_default_sak\n' + '[local_profile]\n' + 'aws_access_key_id = shared_local_akid\n' + 'aws_secret_access_key = shared_local_sak\n' + ) + f.flush() + + self.environ.pop("AWS_ACCESS_KEY_ID", None) + self.environ.pop("AWS_SECRET_ACCESS_KEY", None) + self.environ['AWS_SHARED_CREDENTIALS_FILE'] = f.name + self.environ["AWS_PROFILE"] = "local_profile" + + expected_env = self.environ.copy() + expected_env.update({ssm_env_name: json.dumps(expected_response)}) + + self.driver = create_clidriver() + self.run_cmd(cmdline, expected_rc=0) + + self.assertEqual(self.operations_called[0][0].name, + 'StartSession') + self.assertEqual(self.operations_called[0][1], + {'Target': 'instance-id'}) + mock_check_call.assert_called_once_with( + [ + "session-manager-plugin", + ssm_env_name, + mock.ANY, + "StartSession", + "", + json.dumps(start_session_params), + mock.ANY, + ], + env=expected_env, + ) + + @mock.patch("awscli.customizations.sessionmanager.check_call") + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_default_profile_used_and_not_passed_to_sessionmanager_plugin( + self, mock_check_output, mock_check_call + ): + cmdline = "ssm start-session --target instance-id" + mock_check_call.return_value = 0 + mock_check_output.return_value = "1.2.500.0\n" + expected_response = { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + self.parsed_responses = [expected_response] + ssm_env_name = "AWS_SSM_START_SESSION_RESPONSE" + start_session_params = { + "Target": "instance-id", + } + + with temporary_file('w') as f: + f.write( + '[default]\n' + 'aws_access_key_id = shared_default_akid\n' + 'aws_secret_access_key = shared_default_sak\n' + ) + f.flush() + + self.environ.pop("AWS_ACCESS_KEY_ID", None) + self.environ.pop("AWS_SECRET_ACCESS_KEY", None) + self.environ.pop("AWS_SHARED_CREDENTIALS_FILE", None) + self.environ.pop("AWS_PROFILE", None) + + expected_env = self.environ.copy() + expected_env.update({ssm_env_name: json.dumps(expected_response)}) + + self.driver = create_clidriver() + self.run_cmd(cmdline, expected_rc=0) + + self.assertEqual(self.operations_called[0][0].name, + 'StartSession') + self.assertEqual(self.operations_called[0][1], + {'Target': 'instance-id'}) + mock_check_call.assert_called_once_with( + [ + "session-manager-plugin", + ssm_env_name, + mock.ANY, + "StartSession", + "", + json.dumps(start_session_params), + mock.ANY, + ], + env=expected_env, + ) + + def test_start_session_with_user_profile_not_exist(self): + cmdline = ( + "ssm start-session --target instance-id " + "--profile user_profile" + ) + with temporary_file('w') as f: + f.write( + '[default]\n' + 'aws_access_key_id = shared_default_akid\n' + 'aws_secret_access_key = shared_default_sak\n' + ) + f.flush() + + self.environ.pop("AWS_ACCESS_KEY_ID", None) + self.environ.pop("AWS_SECRET_ACCESS_KEY", None) + self.environ.pop("AWS_PROFILE", None) + self.environ['AWS_SHARED_CREDENTIALS_FILE'] = f.name + + try: + self.driver = create_clidriver() + self.run_cmd(cmdline, expected_rc=255) + except ProfileNotFound as e: + self.assertIn( + 'The config profile (user_profile) could not be found', + str(e) + ) @mock.patch('awscli.customizations.sessionmanager.check_call') - def test_start_session_fails(self, mock_check_call): + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_start_session_fails(self, mock_check_output, mock_check_call): + cmdline = "ssm start-session --target instance-id" + mock_check_output.return_value = "1.2.500.0\n" + mock_check_call.side_effect = OSError(errno.ENOENT, "some error") + self.parsed_responses = [ + { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + ] + self.run_cmd(cmdline, expected_rc=255) + self.assertEqual( + self.operations_called[0][0].name, "StartSession" + ) + self.assertEqual( + self.operations_called[0][1], {"Target": "instance-id"} + ) + self.assertEqual( + self.operations_called[1][0].name, "TerminateSession" + ) + self.assertEqual( + self.operations_called[1][1], {"SessionId": "session-id"} + ) + + @mock.patch("awscli.customizations.sessionmanager.check_call") + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_start_session_when_get_plugin_version_fails( + self, mock_check_output, mock_check_call + ): cmdline = 'ssm start-session --target instance-id' - mock_check_call.side_effect = OSError(errno.ENOENT, 'some error') - self.parsed_responses = [{ - "SessionId": "session-id" - }] + mock_check_output.side_effect = OSError(errno.ENOENT, 'some error') + self.parsed_responses = [ + { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + ] self.run_cmd(cmdline, expected_rc=255) self.assertEqual(self.operations_called[0][0].name, 'StartSession') diff --git a/tests/functional/test_no_event_streams.py b/tests/functional/test_no_event_streams.py index b05e4a03ff37..6220967f6d14 100644 --- a/tests/functional/test_no_event_streams.py +++ b/tests/functional/test_no_event_streams.py @@ -10,6 +10,7 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. +import pytest from botocore.model import OperationModel from awscli.clidriver import create_clidriver @@ -21,6 +22,7 @@ ] +@pytest.mark.validates_models def test_no_event_stream_unless_allowed(): driver = create_clidriver() help_command = driver.create_help_command() diff --git a/tests/functional/test_paramfile.py b/tests/functional/test_paramfile.py index eb4909490eb7..0ed1a54821e5 100644 --- a/tests/functional/test_paramfile.py +++ b/tests/functional/test_paramfile.py @@ -8,7 +8,7 @@ # # or in the "license" file accompanying this file. This file is # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF -# mock.ANY KIND, either express or implied. See the License for the specific +# ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. import logging @@ -40,7 +40,7 @@ def assert_param_expansion_is_correct(self, provided_param, expected_param): # is what happened to the arguments before they were passed to botocore # which we get from the params={} key. For binary types we will fail in # python 3 with an rc of 255 and get an rc of 0 in python 2 where it - # can't tell the difference, so we pass mock.ANY here to ignore the rc. + # can't tell the difference, so we pass ANY here to ignore the rc. self.assert_params_for_cmd(cmd, params={'FunctionName': expected_param}, expected_rc=mock.ANY) diff --git a/tests/functional/test_preview.py b/tests/functional/test_preview.py index eca12322587b..6630cce426b2 100644 --- a/tests/functional/test_preview.py +++ b/tests/functional/test_preview.py @@ -10,9 +10,8 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -from awscli.compat import six - from awscli.customizations import preview +from awscli.compat import StringIO from awscli.testutils import mock, BaseAWSCommandParamsTest @@ -20,7 +19,7 @@ class TestPreviewMode(BaseAWSCommandParamsTest): def setUp(self): super(TestPreviewMode, self).setUp() - self.stderr = six.StringIO() + self.stderr = StringIO() self.stderr_patch = mock.patch('sys.stderr', self.stderr) self.stderr_patch.start() self.full_config = {'profiles': {}} diff --git a/tests/functional/test_shadowing.py b/tests/functional/test_shadowing.py index 73988f2bbf39..9c4614c93da1 100644 --- a/tests/functional/test_shadowing.py +++ b/tests/functional/test_shadowing.py @@ -24,7 +24,7 @@ def _generate_command_tests(): if hasattr(sub_help, 'command_table'): yield command_name, sub_help.command_table, top_level_params - +@pytest.mark.validates_models @pytest.mark.parametrize( "command_name, command_table, builtins", _generate_command_tests() diff --git a/tests/functional/test_streaming_output.py b/tests/functional/test_streaming_output.py index 1a6ce849484a..75e6db05142c 100644 --- a/tests/functional/test_streaming_output.py +++ b/tests/functional/test_streaming_output.py @@ -11,7 +11,7 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -from awscli.compat import six +from awscli.compat import BytesIO from awscli.testutils import BaseAWSCommandParamsTest from awscli.testutils import FileCreator @@ -33,7 +33,7 @@ def test_get_media_streaming_output(self): ) self.parsed_response = { 'ContentType': 'video/webm', - 'Payload': six.BytesIO(b'testbody') + 'Payload': BytesIO(b'testbody') } outpath = self.files.full_path('outfile') params = { diff --git a/tests/integration/customizations/s3/test_plugin.py b/tests/integration/customizations/s3/test_plugin.py index 0f05c232053f..9ac845651c21 100644 --- a/tests/integration/customizations/s3/test_plugin.py +++ b/tests/integration/customizations/s3/test_plugin.py @@ -30,7 +30,7 @@ import pytest -from awscli.compat import six, urlopen +from awscli.compat import BytesIO, urlopen import botocore.session from awscli.testutils import unittest, get_stdout_encoding @@ -45,7 +45,10 @@ # Using the same log name as testutils.py LOG = logging.getLogger('awscli.tests.integration') _SHARED_BUCKET = random_bucket_name() +_NON_EXISTENT_BUCKET = random_bucket_name() _DEFAULT_REGION = 'us-west-2' +_DEFAULT_AZ = 'usw2-az1' +_SHARED_DIR_BUCKET = f'{random_bucket_name()}--{_DEFAULT_AZ}--x-s3' def setup_module(): @@ -58,23 +61,49 @@ def setup_module(): }, 'ObjectOwnership': 'ObjectWriter' } + dir_bucket_params = { + 'Bucket': _SHARED_DIR_BUCKET, + 'CreateBucketConfiguration': { + 'Location': { + 'Type': 'AvailabilityZone', + 'Name': _DEFAULT_AZ + }, + 'Bucket': { + 'Type': 'Directory', + 'DataRedundancy': 'SingleAvailabilityZone' + } + } + } try: s3.create_bucket(**params) + s3.create_bucket(**dir_bucket_params) except Exception as e: # A create_bucket can fail for a number of reasons. # We're going to defer to the waiter below to make the # final call as to whether or not the bucket exists. LOG.debug("create_bucket() raised an exception: %s", e, exc_info=True) waiter.wait(Bucket=_SHARED_BUCKET) + waiter.wait(Bucket=_SHARED_DIR_BUCKET) s3.delete_public_access_block( Bucket=_SHARED_BUCKET ) + # Validate that "_NON_EXISTENT_BUCKET" doesn't exist. + waiter = s3.get_waiter('bucket_not_exists') + try: + waiter.wait(Bucket=_NON_EXISTENT_BUCKET) + except Exception as e: + LOG.debug( + f"The following bucket was unexpectedly discovered: {_NON_EXISTENT_BUCKET}", + e, + exc_info=True, + ) + def clear_out_bucket(bucket, delete_bucket=False): s3 = botocore.session.get_session().create_client( 's3', region_name=_DEFAULT_REGION) - page = s3.get_paginator('list_objects') + page = s3.get_paginator('list_objects_v2') # Use pages paired with batch delete_objects(). for page in page.paginate(Bucket=bucket): keys = [{'Key': obj['Key']} for obj in page.get('Contents', [])] @@ -96,6 +125,7 @@ def clear_out_bucket(bucket, delete_bucket=False): def teardown_module(): clear_out_bucket(_SHARED_BUCKET, delete_bucket=True) + clear_out_bucket(_SHARED_DIR_BUCKET, delete_bucket=True) @contextlib.contextmanager @@ -141,25 +171,23 @@ class BaseS3IntegrationTest(BaseS3CLICommand): def setUp(self): clear_out_bucket(_SHARED_BUCKET) + clear_out_bucket(_SHARED_DIR_BUCKET) super(BaseS3IntegrationTest, self).setUp() class TestMoveCommand(BaseS3IntegrationTest): - - def test_mv_local_to_s3(self): - bucket_name = _SHARED_BUCKET + def assert_mv_local_to_s3(self, bucket_name): full_path = self.files.create_file('foo.txt', 'this is foo.txt') p = aws('s3 mv %s s3://%s/foo.txt' % (full_path, - bucket_name)) + bucket_name)) self.assert_no_errors(p) # When we move an object, the local file is gone: self.assertTrue(not os.path.exists(full_path)) # And now resides in s3. self.assert_key_contents_equal(bucket_name, 'foo.txt', - 'this is foo.txt') + 'this is foo.txt') - def test_mv_s3_to_local(self): - bucket_name = _SHARED_BUCKET + def assert_mv_s3_to_local(self, bucket_name): self.put_object(bucket_name, 'foo.txt', 'this is foo.txt') full_path = self.files.full_path('foo.txt') self.assertTrue(self.key_exists(bucket_name, key_name='foo.txt')) @@ -171,9 +199,8 @@ def test_mv_s3_to_local(self): # The s3 file should not be there anymore. self.assertTrue(self.key_not_exists(bucket_name, key_name='foo.txt')) - def test_mv_s3_to_s3(self): - from_bucket = _SHARED_BUCKET - to_bucket = self.create_bucket() + def assert_mv_s3_to_s3(self, from_bucket, create_bucket_call): + to_bucket = create_bucket_call() self.put_object(from_bucket, 'foo.txt', 'this is foo.txt') p = aws('s3 mv s3://%s/foo.txt s3://%s/foo.txt' % (from_bucket, @@ -184,11 +211,35 @@ def test_mv_s3_to_s3(self): # And verify that the object no longer exists in the from_bucket. self.assertTrue(self.key_not_exists(from_bucket, key_name='foo.txt')) + def test_mv_local_to_s3(self): + self.assert_mv_local_to_s3(_SHARED_BUCKET) + + def test_mv_local_to_s3_express(self): + self.assert_mv_local_to_s3(_SHARED_DIR_BUCKET) + + def test_mv_s3_to_local(self): + self.assert_mv_s3_to_local(_SHARED_BUCKET) + + def test_mv_s3_express_to_local(self): + self.assert_mv_s3_to_local(_SHARED_DIR_BUCKET) + + def test_mv_s3_to_s3(self): + self.assert_mv_s3_to_s3(_SHARED_BUCKET, self.create_bucket) + + def test_mv_s3_to_s3_express(self): + self.assert_mv_s3_to_s3(_SHARED_BUCKET, self.create_dir_bucket) + + def test_mv_s3_express_to_s3_express(self): + self.assert_mv_s3_to_s3(_SHARED_DIR_BUCKET, self.create_dir_bucket) + + def test_mv_s3_express_to_s3(self): + self.assert_mv_s3_to_s3(_SHARED_DIR_BUCKET, self.create_bucket) + @pytest.mark.slow def test_mv_s3_to_s3_multipart(self): from_bucket = _SHARED_BUCKET to_bucket = self.create_bucket() - file_contents = six.BytesIO(b'abcd' * (1024 * 1024 * 10)) + file_contents = BytesIO(b'abcd' * (1024 * 1024 * 10)) self.put_object(from_bucket, 'foo.txt', file_contents) p = aws('s3 mv s3://%s/foo.txt s3://%s/foo.txt' % (from_bucket, @@ -202,7 +253,7 @@ def test_mv_s3_to_s3_multipart_recursive(self): from_bucket = _SHARED_BUCKET to_bucket = self.create_bucket() - large_file_contents = six.BytesIO(b'abcd' * (1024 * 1024 * 10)) + large_file_contents = BytesIO(b'abcd' * (1024 * 1024 * 10)) small_file_contents = 'small file contents' self.put_object(from_bucket, 'largefile', large_file_contents) self.put_object(from_bucket, 'smallfile', small_file_contents) @@ -250,7 +301,7 @@ def test_mv_s3_to_s3_with_sig4(self): def test_mv_with_large_file(self): bucket_name = _SHARED_BUCKET # 40MB will force a multipart upload. - file_contents = six.BytesIO(b'abcd' * (1024 * 1024 * 10)) + file_contents = BytesIO(b'abcd' * (1024 * 1024 * 10)) foo_txt = self.files.create_file( 'foo.txt', file_contents.getvalue().decode('utf-8')) p = aws('s3 mv %s s3://%s/foo.txt' % (foo_txt, bucket_name)) @@ -269,7 +320,7 @@ def test_mv_with_large_file(self): def test_mv_to_nonexistent_bucket(self): full_path = self.files.create_file('foo.txt', 'this is foo.txt') - p = aws('s3 mv %s s3://bad-noexist-13143242/foo.txt' % (full_path,)) + p = aws(f's3 mv {full_path} s3://{_NON_EXISTENT_BUCKET}/foo.txt') self.assertEqual(p.rc, 1) def test_cant_move_file_onto_itself_small_file(self): @@ -287,7 +338,7 @@ def test_cant_move_large_file_onto_itself(self): # but a mv command doesn't make sense because a mv is just a # cp + an rm of the src file. We should be consistent and # not allow large files to be mv'd onto themselves. - file_contents = six.BytesIO(b'a' * (1024 * 1024 * 10)) + file_contents = BytesIO(b'a' * (1024 * 1024 * 10)) bucket_name = _SHARED_BUCKET self.put_object(bucket_name, key_name='key.txt', contents=file_contents) @@ -298,6 +349,14 @@ def test_cant_move_large_file_onto_itself(self): class TestRm(BaseS3IntegrationTest): + def assert_rm_with_page_size(self, bucket_name): + self.put_object(bucket_name, 'foo.txt', contents='hello world') + self.put_object(bucket_name, 'bar.txt', contents='hello world2') + p = aws('s3 rm s3://%s/ --recursive --page-size 1' % bucket_name) + self.assert_no_errors(p) + + self.assertTrue(self.key_not_exists(bucket_name, key_name='foo.txt')) + self.assertTrue(self.key_not_exists(bucket_name, key_name='bar.txt')) @skip_if_windows('Newline in filename test not valid on windows.') # Windows won't let you do this. You'll get: # [Errno 22] invalid mode ('w') or filename: @@ -320,23 +379,18 @@ def test_rm_with_newlines(self): self.assertTrue(self.key_not_exists(bucket_name, key_name='foo\r.txt')) def test_rm_with_page_size(self): - bucket_name = _SHARED_BUCKET - self.put_object(bucket_name, 'foo.txt', contents='hello world') - self.put_object(bucket_name, 'bar.txt', contents='hello world2') - p = aws('s3 rm s3://%s/ --recursive --page-size 1' % bucket_name) - self.assert_no_errors(p) + self.assert_rm_with_page_size(_SHARED_BUCKET) - self.assertTrue(self.key_not_exists(bucket_name, key_name='foo.txt')) - self.assertTrue(self.key_not_exists(bucket_name, key_name='bar.txt')) + def test_s3_express_rm_with_page_size(self): + self.assert_rm_with_page_size(_SHARED_DIR_BUCKET) class TestCp(BaseS3IntegrationTest): - def test_cp_to_and_from_s3(self): + def assert_cp_to_and_from_s3(self, bucket_name): # This tests the ability to put a single file in s3 # move it to a different bucket. # and download the file locally - bucket_name = _SHARED_BUCKET # copy file into bucket. foo_txt = self.files.create_file('foo.txt', 'this is foo.txt') @@ -361,6 +415,12 @@ def test_cp_to_and_from_s3(self): with open(full_path, 'r') as f: self.assertEqual(f.read(), 'this is foo.txt') + def test_cp_to_and_from_s3(self): + self.assert_cp_to_and_from_s3(_SHARED_BUCKET) + + def test_cp_to_and_from_s3_express(self): + self.assert_cp_to_and_from_s3(_SHARED_DIR_BUCKET) + def test_cp_without_trailing_slash(self): # There's a unit test for this, but we still want to verify this # with an integration test. @@ -382,7 +442,7 @@ def test_cp_without_trailing_slash(self): def test_cp_s3_s3_multipart(self): from_bucket = _SHARED_BUCKET to_bucket = self.create_bucket() - file_contents = six.BytesIO(b'abcd' * (1024 * 1024 * 10)) + file_contents = BytesIO(b'abcd' * (1024 * 1024 * 10)) self.put_object(from_bucket, 'foo.txt', file_contents) p = aws('s3 cp s3://%s/foo.txt s3://%s/foo.txt' % @@ -407,7 +467,7 @@ def test_guess_mime_type(self): def test_download_large_file(self): # This will force a multipart download. bucket_name = _SHARED_BUCKET - foo_contents = six.BytesIO(b'abcd' * (1024 * 1024 * 10)) + foo_contents = BytesIO(b'abcd' * (1024 * 1024 * 10)) self.put_object(bucket_name, key_name='foo.txt', contents=foo_contents) local_foo_txt = self.files.full_path('foo.txt') @@ -420,7 +480,7 @@ def test_download_large_file(self): @skip_if_windows('SIGINT not supported on Windows.') def test_download_ctrl_c_does_not_hang(self): bucket_name = _SHARED_BUCKET - foo_contents = six.BytesIO(b'abcd' * (1024 * 1024 * 40)) + foo_contents = BytesIO(b'abcd' * (1024 * 1024 * 40)) self.put_object(bucket_name, key_name='foo.txt', contents=foo_contents) local_foo_txt = self.files.full_path('foo.txt') @@ -471,7 +531,7 @@ def test_cleans_up_aborted_uploads(self): def test_cp_to_nonexistent_bucket(self): foo_txt = self.files.create_file('foo.txt', 'this is foo.txt') - p = aws('s3 cp %s s3://noexist-bucket-foo-bar123/foo.txt' % (foo_txt,)) + p = aws(f's3 cp {foo_txt} s3://{_NON_EXISTENT_BUCKET}/foo.txt') self.assertEqual(p.rc, 1) def test_cp_empty_file(self): @@ -483,7 +543,7 @@ def test_cp_empty_file(self): self.assertTrue(self.key_exists(bucket_name, 'foo.txt')) def test_download_non_existent_key(self): - p = aws('s3 cp s3://jasoidfjasdjfasdofijasdf/foo.txt foo.txt') + p = aws(f's3 cp s3://{_NON_EXISTENT_BUCKET}/foo.txt foo.txt') self.assertEqual(p.rc, 1) expected_err_msg = ( 'An error occurred (404) when calling the ' @@ -993,7 +1053,7 @@ def test_no_write_access_large_file(self): # which effectively disables the expect 100 continue logic. # This will result in a test error because we won't follow # the temporary redirect for the newly created bucket. - contents = six.BytesIO(b'a' * 10 * 1024 * 1024) + contents = BytesIO(b'a' * 10 * 1024 * 1024) self.put_object(bucket_name, 'foo.txt', contents=contents) os.chmod(self.files.rootdir, 0o444) @@ -1133,6 +1193,28 @@ class TestLs(BaseS3IntegrationTest): This tests using the ``ls`` command. """ + def assert_ls_with_prefix(self, bucket_name): + self.put_object(bucket_name, 'foo.txt', 'contents') + self.put_object(bucket_name, 'foo', 'contents') + self.put_object(bucket_name, 'bar.txt', 'contents') + self.put_object(bucket_name, 'subdir/foo.txt', 'contents') + p = aws('s3 ls s3://%s' % bucket_name) + self.assertIn('PRE subdir/', p.stdout) + self.assertIn('8 foo.txt', p.stdout) + self.assertIn('8 foo', p.stdout) + self.assertIn('8 bar.txt', p.stdout) + + def assert_ls_recursive(self, bucket_name): + self.put_object(bucket_name, 'foo.txt', 'contents') + self.put_object(bucket_name, 'foo', 'contents') + self.put_object(bucket_name, 'bar.txt', 'contents') + self.put_object(bucket_name, 'subdir/foo.txt', 'contents') + p = aws('s3 ls s3://%s --recursive' % bucket_name) + self.assertIn('8 foo.txt', p.stdout) + self.assertIn('8 foo', p.stdout) + self.assertIn('8 bar.txt', p.stdout) + self.assertIn('8 subdir/foo.txt', p.stdout) + def test_ls_bucket(self): p = aws('s3 ls') self.assert_no_errors(p) @@ -1153,7 +1235,7 @@ def test_ls_bucket_with_s3_prefix(self): self.assert_no_errors(p) def test_ls_non_existent_bucket(self): - p = aws('s3 ls s3://foobara99842u4wbts829381') + p = aws(f's3 ls s3://{_NON_EXISTENT_BUCKET}') self.assertEqual(p.rc, 255) self.assertIn( ('An error occurred (NoSuchBucket) when calling the ' @@ -1163,28 +1245,16 @@ def test_ls_non_existent_bucket(self): self.assertEqual(p.stdout, '') def test_ls_with_prefix(self): - bucket_name = _SHARED_BUCKET - self.put_object(bucket_name, 'foo.txt', 'contents') - self.put_object(bucket_name, 'foo', 'contents') - self.put_object(bucket_name, 'bar.txt', 'contents') - self.put_object(bucket_name, 'subdir/foo.txt', 'contents') - p = aws('s3 ls s3://%s' % bucket_name) - self.assertIn('PRE subdir/', p.stdout) - self.assertIn('8 foo.txt', p.stdout) - self.assertIn('8 foo', p.stdout) - self.assertIn('8 bar.txt', p.stdout) + self.assert_ls_with_prefix(_SHARED_BUCKET) + + def test_s3_express_ls_with_prefix(self): + self.assert_ls_with_prefix(_SHARED_DIR_BUCKET) def test_ls_recursive(self): - bucket_name = _SHARED_BUCKET - self.put_object(bucket_name, 'foo.txt', 'contents') - self.put_object(bucket_name, 'foo', 'contents') - self.put_object(bucket_name, 'bar.txt', 'contents') - self.put_object(bucket_name, 'subdir/foo.txt', 'contents') - p = aws('s3 ls s3://%s --recursive' % bucket_name) - self.assertIn('8 foo.txt', p.stdout) - self.assertIn('8 foo', p.stdout) - self.assertIn('8 bar.txt', p.stdout) - self.assertIn('8 subdir/foo.txt', p.stdout) + self.assert_ls_recursive(_SHARED_BUCKET) + + def test_s3_express_ls_recursive(self): + self.assert_ls_recursive(_SHARED_DIR_BUCKET) def test_ls_without_prefix(self): # The ls command does not require an s3:// prefix, @@ -1302,7 +1372,7 @@ def test_error_output(self): foo_txt = self.files.create_file('foo.txt', 'foo contents') # Copy file into bucket. - p = aws('s3 cp %s s3://non-existant-bucket/' % foo_txt) + p = aws(f's3 cp {foo_txt} s3://{_NON_EXISTENT_BUCKET}/') # Check that there were errors and that the error was print to stderr. self.assertEqual(p.rc, 1) self.assertIn('upload failed', p.stderr) @@ -1311,7 +1381,7 @@ def test_error_ouput_quiet(self): foo_txt = self.files.create_file('foo.txt', 'foo contents') # Copy file into bucket. - p = aws('s3 cp %s s3://non-existant-bucket/ --quiet' % foo_txt) + p = aws(f's3 cp {foo_txt} s3://{_NON_EXISTENT_BUCKET}/ --quiet') # Check that there were errors and that the error was not # print to stderr. self.assertEqual(p.rc, 1) @@ -1321,8 +1391,7 @@ def test_error_ouput_only_show_errors(self): foo_txt = self.files.create_file('foo.txt', 'foo contents') # Copy file into bucket. - p = aws('s3 cp %s s3://non-existant-bucket/ --only-show-errors' - % foo_txt) + p = aws(f's3 cp {foo_txt} s3://{_NON_EXISTENT_BUCKET}/ --only-show-errors') # Check that there were errors and that the error was print to stderr. self.assertEqual(p.rc, 1) self.assertIn('upload failed', p.stderr) diff --git a/tests/integration/customizations/test_codecommit.py b/tests/integration/customizations/test_codecommit.py index 16592960e7f1..781c8b650946 100644 --- a/tests/integration/customizations/test_codecommit.py +++ b/tests/integration/customizations/test_codecommit.py @@ -16,7 +16,7 @@ from datetime import datetime -from six import StringIO +from awscli.compat import StringIO from botocore.session import Session from botocore.credentials import Credentials from awscli.customizations.codecommit import CodeCommitGetCommand diff --git a/tests/integration/test_cli.py b/tests/integration/test_cli.py index 976bab3aa495..7707d280ba1b 100644 --- a/tests/integration/test_cli.py +++ b/tests/integration/test_cli.py @@ -65,7 +65,7 @@ def test_help_output(self): def test_service_help_output(self): p = aws('ec2 help') self.assertEqual(p.rc, 0) - self.assertIn('Amazon EC2', p.stdout) + self.assertRegex(p.stdout, r'Amazon\s+EC2') def test_operation_help_output(self): p = aws('ec2 describe-instances help') diff --git a/tests/integration/test_smoke.py b/tests/integration/test_smoke.py index 65832575387b..2fc1cbe2fd34 100644 --- a/tests/integration/test_smoke.py +++ b/tests/integration/test_smoke.py @@ -47,7 +47,7 @@ 'kinesis list-streams', 'kms generate-random --number-of-bytes 128', 'logs describe-log-groups', - 'opsworks describe-stacks', + # 'opsworks describe-stacks', 'rds describe-db-instances', 'redshift describe-clusters', 'route53 list-hosted-zones', @@ -94,7 +94,7 @@ 'iam delete-user --user-name %s', 'kinesis delete-stream --stream-name %s', 'logs delete-log-group --log-group-name %s', - 'opsworks delete-app --app-id %s', + # 'opsworks delete-app --app-id %s', 'rds delete-db-instance --db-instance-identifier %s', 'redshift delete-cluster --cluster-identifier %s', 'route53 delete-hosted-zone --id %s', diff --git a/tests/unit/bcdoc/test_document.py b/tests/unit/bcdoc/test_document.py index d25adc488664..12c376de4683 100644 --- a/tests/unit/bcdoc/test_document.py +++ b/tests/unit/bcdoc/test_document.py @@ -26,6 +26,10 @@ class TestReSTDocument(unittest.TestCase): + def _write_array(self, doc, arr): + for elt in arr: + doc.write(elt) + def test_write(self): doc = ReSTDocument() doc.write('foo') @@ -36,6 +40,29 @@ def test_writeln(self): doc.writeln('foo') self.assertEqual(doc.getvalue(), b'foo\n') + def test_find_last_write(self): + doc = ReSTDocument() + self._write_array(doc, ['a', 'b', 'c', 'd', 'e']) + expected_index = 0 + self.assertEqual(doc.find_last_write('a'), expected_index) + + def test_find_last_write_duplicates(self): + doc = ReSTDocument() + self._write_array(doc, ['a', 'b', 'c', 'a', 'e']) + expected_index = 3 + self.assertEqual(doc.find_last_write('a'), expected_index) + + def test_find_last_write_not_found(self): + doc = ReSTDocument() + self._write_array(doc, ['a', 'b', 'c', 'd', 'e']) + self.assertIsNone(doc.find_last_write('f')) + + def test_insert_write(self): + doc = ReSTDocument() + self._write_array(doc, ['foo', 'bar']) + doc.insert_write(1, 'baz') + self.assertEqual(doc.getvalue(), b'foobazbar') + def test_include_doc_string(self): doc = ReSTDocument() doc.include_doc_string('

this is a test

') diff --git a/tests/unit/customizations/cloudformation/__init__.py b/tests/unit/customizations/cloudformation/__init__.py index 26daca4df412..5746f5416ecf 100644 --- a/tests/unit/customizations/cloudformation/__init__.py +++ b/tests/unit/customizations/cloudformation/__init__.py @@ -11,7 +11,5 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -import six, unittest - -if six.PY3: - unittest.TestCase.assertItemsEqual = unittest.TestCase.assertCountEqual +import unittest +unittest.TestCase.assertItemsEqual = unittest.TestCase.assertCountEqual diff --git a/tests/unit/customizations/cloudformation/test_artifact_exporter.py b/tests/unit/customizations/cloudformation/test_artifact_exporter.py index 93df4297d660..1b071101cc7e 100644 --- a/tests/unit/customizations/cloudformation/test_artifact_exporter.py +++ b/tests/unit/customizations/cloudformation/test_artifact_exporter.py @@ -1016,6 +1016,161 @@ def test_template_export(self, yaml_parse_mock): resource_type2_instance.export.assert_called_once_with( "Resource2", mock.ANY, template_dir) + @mock.patch("awscli.customizations.cloudformation.artifact_exporter.yaml_parse") + def test_template_export_foreach_valid(self, yaml_parse_mock): + parent_dir = os.path.sep + template_dir = os.path.join(parent_dir, 'foo', 'bar') + template_path = os.path.join(template_dir, 'path') + template_str = self.example_yaml_template() + + resource_type1_class = mock.Mock() + resource_type1_class.RESOURCE_TYPE = "resource_type1" + resource_type1_instance = mock.Mock() + resource_type1_class.return_value = resource_type1_instance + resource_type2_class = mock.Mock() + resource_type2_class.RESOURCE_TYPE = "resource_type2" + resource_type2_instance = mock.Mock() + resource_type2_class.return_value = resource_type2_instance + + resources_to_export = [ + resource_type1_class, + resource_type2_class + ] + + properties = {"foo": "bar"} + template_dict = { + "Resources": { + "Resource1": { + "Type": "resource_type1", + "Properties": properties + }, + "Resource2": { + "Type": "resource_type2", + "Properties": properties + }, + "Resource3": { + "Type": "some-other-type", + "Properties": properties + }, + "Fn::ForEach::OuterLoopName": [ + "Identifier1", + ["4", "5"], + { + "Fn::ForEach::InnerLoopName": [ + "Identifier2", + ["6", "7"], + { + "Resource${Identifier1}${Identifier2}": { + "Type": "resource_type2", + "Properties": properties + } + } + ], + "Resource${Identifier1}": { + "Type": "resource_type1", + "Properties": properties + } + } + ] + } + } + + open_mock = mock.mock_open() + yaml_parse_mock.return_value = template_dict + + # Patch the file open method to return template string + with mock.patch( + "awscli.customizations.cloudformation.artifact_exporter.open", + open_mock(read_data=template_str)) as open_mock: + + template_exporter = Template( + template_path, parent_dir, self.s3_uploader_mock, + resources_to_export) + exported_template = template_exporter.export() + self.assertEqual(exported_template, template_dict) + + open_mock.assert_called_once_with( + make_abs_path(parent_dir, template_path), "r") + + self.assertEqual(1, yaml_parse_mock.call_count) + + resource_type1_class.assert_called_with(self.s3_uploader_mock) + self.assertEqual( + resource_type1_instance.export.call_args_list, + [ + mock.call("Resource1", properties, template_dir), + mock.call("Resource${Identifier1}", properties, template_dir) + ] + ) + resource_type2_class.assert_called_with(self.s3_uploader_mock) + self.assertEqual( + resource_type2_instance.export.call_args_list, + [ + mock.call("Resource2", properties, template_dir), + mock.call("Resource${Identifier1}${Identifier2}", properties, template_dir) + ] + ) + + @mock.patch("awscli.customizations.cloudformation.artifact_exporter.yaml_parse") + def test_template_export_foreach_invalid(self, yaml_parse_mock): + parent_dir = os.path.sep + template_dir = os.path.join(parent_dir, 'foo', 'bar') + template_path = os.path.join(template_dir, 'path') + template_str = self.example_yaml_template() + + resource_type1_class = mock.Mock() + resource_type1_class.RESOURCE_TYPE = "resource_type1" + resource_type1_instance = mock.Mock() + resource_type1_class.return_value = resource_type1_instance + resource_type2_class = mock.Mock() + resource_type2_class.RESOURCE_TYPE = "resource_type2" + resource_type2_instance = mock.Mock() + resource_type2_class.return_value = resource_type2_instance + + resources_to_export = [ + resource_type1_class, + resource_type2_class + ] + + properties = {"foo": "bar"} + template_dict = { + "Resources": { + "Resource1": { + "Type": "resource_type1", + "Properties": properties + }, + "Resource2": { + "Type": "resource_type2", + "Properties": properties + }, + "Resource3": { + "Type": "some-other-type", + "Properties": properties + }, + "Fn::ForEach::OuterLoopName": [ + "Identifier1", + { + "Resource${Identifier1}": { + } + } + ] + } + } + + open_mock = mock.mock_open() + yaml_parse_mock.return_value = template_dict + + # Patch the file open method to return template string + with mock.patch( + "awscli.customizations.cloudformation.artifact_exporter.open", + open_mock(read_data=template_str)) as open_mock: + template_exporter = Template( + template_path, parent_dir, self.s3_uploader_mock, + resources_to_export) + with self.assertRaises(exceptions.InvalidForEachIntrinsicFunctionError): + template_exporter.export() + + @mock.patch("awscli.customizations.cloudformation.artifact_exporter.yaml_parse") def test_template_global_export(self, yaml_parse_mock): parent_dir = os.path.sep diff --git a/tests/unit/customizations/cloudformation/test_deploy.py b/tests/unit/customizations/cloudformation/test_deploy.py index 6e67a20117ba..8aac8ae3be4f 100644 --- a/tests/unit/customizations/cloudformation/test_deploy.py +++ b/tests/unit/customizations/cloudformation/test_deploy.py @@ -11,7 +11,6 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. import tempfile -import six import collections from awscli.testutils import mock, unittest diff --git a/tests/unit/customizations/cloudtrail/test_subscribe.py b/tests/unit/customizations/cloudtrail/test_subscribe.py index 9dd0a347aa77..4c372f4a16e6 100644 --- a/tests/unit/customizations/cloudtrail/test_subscribe.py +++ b/tests/unit/customizations/cloudtrail/test_subscribe.py @@ -8,7 +8,7 @@ # # or in the "license" file accompanying this file. This file is # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF -# mock.ANY KIND, either express or implied. See the License for the specific +# ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. import json @@ -16,8 +16,8 @@ from botocore.session import Session from tests.unit.test_clidriver import FakeSession -from awscli.compat import six from awscli.customizations.cloudtrail.subscribe import CloudTrailError, CloudTrailSubscribe +from awscli.compat import BytesIO from awscli.testutils import BaseAWSCommandParamsTest from awscli.testutils import mock, unittest, temporary_file @@ -70,7 +70,7 @@ def setUp(self): self.subscribe.s3 = mock.Mock() self.subscribe.s3.meta.region_name = 'us-east-1' - policy_template = six.BytesIO(six.b(u'{"Statement": []}')) + policy_template = BytesIO(u'{"Statement": []}'.encode('latin-1')) self.subscribe.s3.get_object = mock.Mock( return_value={'Body': policy_template}) self.subscribe.s3.head_bucket.return_value = {} diff --git a/tests/unit/customizations/cloudtrail/test_validation.py b/tests/unit/customizations/cloudtrail/test_validation.py index 66262492cf93..5b0fec1f6382 100644 --- a/tests/unit/customizations/cloudtrail/test_validation.py +++ b/tests/unit/customizations/cloudtrail/test_validation.py @@ -21,7 +21,6 @@ import rsa from argparse import Namespace -from awscli.compat import six from awscli.testutils import BaseAWSCommandParamsTest from awscli.customizations.cloudtrail.validation import DigestError, \ extract_digest_key_date, normalize_date, format_date, DigestProvider, \ @@ -29,6 +28,7 @@ Sha256RSADigestValidator, DATE_FORMAT, CloudTrailValidateLogs, \ parse_date, assert_cloudtrail_arn_is_valid, DigestSignatureError, \ InvalidDigestFormat, S3ClientProvider +from awscli.compat import BytesIO from botocore.exceptions import ClientError from awscli.testutils import mock, unittest from awscli.schema import ParameterRequiredError @@ -532,14 +532,14 @@ def test_calls_list_objects_correctly_org_trails(self): ) def test_ensures_digest_has_proper_metadata(self): - out = six.BytesIO() + out = BytesIO() f = gzip.GzipFile(fileobj=out, mode="wb") f.write('{"foo":"bar"}'.encode()) f.close() gzipped_data = out.getvalue() s3_client = mock.Mock() s3_client.get_object.return_value = { - 'Body': six.BytesIO(gzipped_data), + 'Body': BytesIO(gzipped_data), 'Metadata': {}} provider = self._get_mock_provider(s3_client) with self.assertRaises(DigestSignatureError): @@ -548,7 +548,7 @@ def test_ensures_digest_has_proper_metadata(self): def test_ensures_digest_can_be_gzip_inflated(self): s3_client = mock.Mock() s3_client.get_object.return_value = { - 'Body': six.BytesIO('foo'.encode()), + 'Body': BytesIO('foo'.encode()), 'Metadata': {}} provider = self._get_mock_provider(s3_client) with self.assertRaises(InvalidDigestFormat): @@ -556,14 +556,14 @@ def test_ensures_digest_can_be_gzip_inflated(self): def test_ensures_digests_can_be_json_parsed(self): json_str = '{{{' - out = six.BytesIO() + out = BytesIO() f = gzip.GzipFile(fileobj=out, mode="wb") f.write(json_str.encode()) f.close() gzipped_data = out.getvalue() s3_client = mock.Mock() s3_client.get_object.return_value = { - 'Body': six.BytesIO(gzipped_data), + 'Body': BytesIO(gzipped_data), 'Metadata': {'signature': 'abc', 'signature-algorithm': 'SHA256'}} provider = self._get_mock_provider(s3_client) with self.assertRaises(InvalidDigestFormat): @@ -571,14 +571,14 @@ def test_ensures_digests_can_be_json_parsed(self): def test_fetches_digests(self): json_str = '{"foo":"bar"}' - out = six.BytesIO() + out = BytesIO() f = gzip.GzipFile(fileobj=out, mode="wb") f.write(json_str.encode()) f.close() gzipped_data = out.getvalue() s3_client = mock.Mock() s3_client.get_object.return_value = { - 'Body': six.BytesIO(gzipped_data), + 'Body': BytesIO(gzipped_data), 'Metadata': {'signature': 'abc', 'signature-algorithm': 'SHA256'}} provider = self._get_mock_provider(s3_client) result = provider.fetch_digest('bucket', 'key') diff --git a/tests/unit/customizations/codeartifact/test_adapter_login.py b/tests/unit/customizations/codeartifact/test_adapter_login.py index 592a98a0d8b3..890da3935011 100644 --- a/tests/unit/customizations/codeartifact/test_adapter_login.py +++ b/tests/unit/customizations/codeartifact/test_adapter_login.py @@ -68,6 +68,21 @@ def test_run_commands_command_failed(self): ): self.test_subject._run_commands('tool', ['cmd']) + def test_run_commands_command_failed_redact_auth_token(self): + error_to_be_caught = subprocess.CalledProcessError( + returncode=1, + cmd=['cmd', 'with', 'auth-token', 'present'], + output=None, + stderr=b'Command error message.' + ) + self.subprocess_utils.run.side_effect = error_to_be_caught + with self.assertRaisesRegex( + CommandFailedError, + (rf"(?=.*cmd)(?=.*with)(?!.*auth-token)(?=.*present)" + rf"(?=.*Stderr from command:\nCommand error message.)") + ): + self.test_subject._run_commands('tool', ['cmd']) + def test_run_commands_nonexistent_command(self): self.subprocess_utils.run.side_effect = OSError( errno.ENOENT, 'not found error' diff --git a/tests/unit/customizations/codedeploy/test_push.py b/tests/unit/customizations/codedeploy/test_push.py index 37048da80737..c1c5bd833950 100644 --- a/tests/unit/customizations/codedeploy/test_push.py +++ b/tests/unit/customizations/codedeploy/test_push.py @@ -8,18 +8,17 @@ # # or in the "license" file accompanying this file. This file is # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF -# mock.ANY KIND, either express or implied. See the License for the specific +# ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. import awscli from argparse import Namespace -from six import StringIO from botocore.exceptions import ClientError from awscli.customizations.codedeploy.push import Push from awscli.testutils import mock, unittest -from awscli.compat import ZIP_COMPRESSION_MODE +from awscli.compat import StringIO, ZIP_COMPRESSION_MODE class TestPush(unittest.TestCase): diff --git a/tests/unit/customizations/configservice/test_getstatus.py b/tests/unit/customizations/configservice/test_getstatus.py index aab2c0a1f9da..a10f2ee2d4f7 100644 --- a/tests/unit/customizations/configservice/test_getstatus.py +++ b/tests/unit/customizations/configservice/test_getstatus.py @@ -10,8 +10,7 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -from awscli.compat import six - +from awscli.compat import StringIO from awscli.testutils import mock, unittest from awscli.customizations.configservice.getstatus import GetStatusCommand @@ -78,7 +77,7 @@ def test_configuration_recorder_success(self): 'Delivery Channels:\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) @@ -98,7 +97,7 @@ def test_configuration_recorder_fail(self): 'Delivery Channels:\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) @@ -113,7 +112,7 @@ def test_configuration_recorder_off(self): 'Delivery Channels:\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) @@ -144,7 +143,7 @@ def test_multiple_configuration_recorders(self): 'recorder: OFF\n\n' 'Delivery Channels:\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) @@ -170,7 +169,7 @@ def test_delivery_channel_success_single_delivery_info(self): 'last stream delivery status: SUCCESS\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) @@ -198,7 +197,7 @@ def test_delivery_channel_success_multiple_delivery_info(self): 'last snapshot delivery status: SUCCESS\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) @@ -227,7 +226,7 @@ def test_delivery_channel_fail_single_delivery_info(self): 'message: This is the error\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) @@ -259,7 +258,7 @@ def test_delivery_channel_mixed_multiple_delivery_info(self): 'last snapshot delivery status: SUCCESS\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) @@ -298,7 +297,7 @@ def test_multiple_delivery_channels(self): 'last snapshot delivery status: SUCCESS\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) @@ -361,6 +360,6 @@ def test_full_get_status(self): 'last snapshot delivery status: SUCCESS\n\n' ) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: self.cmd._run_main(self.parsed_args, self.parsed_globals) self.assertEqual(expected_output, mock_stdout.getvalue()) diff --git a/tests/unit/customizations/configure/test_configure.py b/tests/unit/customizations/configure/test_configure.py index 5756a15e6156..33e6021edd45 100644 --- a/tests/unit/customizations/configure/test_configure.py +++ b/tests/unit/customizations/configure/test_configure.py @@ -15,7 +15,7 @@ from awscli.customizations.configure import configure, ConfigValue, NOT_SET from awscli.customizations.configure import profile_to_section from awscli.testutils import mock, unittest -from awscli.compat import six +from awscli.compat import StringIO from . import FakeSession @@ -135,7 +135,7 @@ class TestInteractivePrompter(unittest.TestCase): def setUp(self): self.input_patch = mock.patch('awscli.compat.raw_input') self.mock_raw_input = self.input_patch.start() - self.stdout = six.StringIO() + self.stdout = StringIO() self.stdout_patch = mock.patch('sys.stdout', self.stdout) self.stdout_patch.start() diff --git a/tests/unit/customizations/configure/test_get.py b/tests/unit/customizations/configure/test_get.py index cf34fbb4a968..71c239e6ba73 100644 --- a/tests/unit/customizations/configure/test_get.py +++ b/tests/unit/customizations/configure/test_get.py @@ -11,9 +11,9 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. from awscli.testutils import unittest +from awscli.compat import StringIO from awscli.customizations.configure.get import ConfigureGetCommand -from awscli.compat import six from . import FakeSession @@ -21,8 +21,8 @@ class TestConfigureGetCommand(unittest.TestCase): def create_command(self, session): - stdout = six.StringIO() - stderr = six.StringIO() + stdout = StringIO() + stderr = StringIO() command = ConfigureGetCommand(session, stdout, stderr) return stdout, stderr, command diff --git a/tests/unit/customizations/configure/test_list.py b/tests/unit/customizations/configure/test_list.py index e00cf9e8e309..d702b2dba6e2 100644 --- a/tests/unit/customizations/configure/test_list.py +++ b/tests/unit/customizations/configure/test_list.py @@ -13,8 +13,8 @@ from argparse import Namespace from awscli.testutils import mock, unittest -from awscli.compat import six from awscli.customizations.configure.list import ConfigureListCommand +from awscli.compat import StringIO from . import FakeSession @@ -27,7 +27,7 @@ def test_configure_list_command_nothing_set(self): all_variables={'config_file': '/config/location'}) session.full_config = { 'profiles': {'default': {'region': 'AWS_DEFAULT_REGION'}}} - stream = six.StringIO() + stream = StringIO() self.configure_list = ConfigureListCommand(session, stream) self.configure_list(args=[], parsed_globals=None) rendered = stream.getvalue() @@ -46,7 +46,7 @@ def test_configure_from_env(self): session.session_var_map = {'profile': (None, "PROFILE_ENV_VAR")} session.full_config = { 'profiles': {'default': {'region': 'AWS_DEFAULT_REGION'}}} - stream = six.StringIO() + stream = StringIO() self.configure_list = ConfigureListCommand(session, stream) self.configure_list(args=[], parsed_globals=None) rendered = stream.getvalue() @@ -63,7 +63,7 @@ def test_configure_from_config_file(self): session.session_var_map = {'region': ('region', "AWS_DEFAULT_REGION")} session.full_config = { 'profiles': {'default': {'region': 'AWS_DEFAULT_REGION'}}} - stream = six.StringIO() + stream = StringIO() self.configure_list = ConfigureListCommand(session, stream) self.configure_list(args=[], parsed_globals=None) rendered = stream.getvalue() @@ -94,7 +94,7 @@ def test_configure_from_multiple_sources(self): 'profile': ('profile', 'AWS_DEFAULT_PROFILE')} session.full_config = { 'profiles': {'default': {'region': 'AWS_DEFAULT_REGION'}}} - stream = six.StringIO() + stream = StringIO() self.configure_list = ConfigureListCommand(session, stream) self.configure_list(args=[], parsed_globals=None) rendered = stream.getvalue() @@ -123,7 +123,7 @@ def test_configure_from_args(self): session.session_var_map = {'profile': (None, ['AWS_PROFILE'])} session.full_config = { 'profiles': {'foo': {'region': 'AWS_REGION'}}} - stream = six.StringIO() + stream = StringIO() self.configure_list = ConfigureListCommand(session, stream) self.configure_list(args=[], parsed_globals=parsed_globals) rendered = stream.getvalue() diff --git a/tests/unit/customizations/datapipeline/test_listrunsformatter.py b/tests/unit/customizations/datapipeline/test_listrunsformatter.py index c0a09e053689..aa8211490a18 100644 --- a/tests/unit/customizations/datapipeline/test_listrunsformatter.py +++ b/tests/unit/customizations/datapipeline/test_listrunsformatter.py @@ -14,15 +14,15 @@ import difflib from awscli.testutils import mock, unittest -from awscli.compat import six from awscli.customizations.datapipeline.listrunsformatter \ import ListRunsFormatter +from awscli.compat import StringIO class TestListRunsFormatter(unittest.TestCase): def setUp(self): self.formatter = ListRunsFormatter(mock.Mock(query=None)) - self.stream = six.StringIO() + self.stream = StringIO() def assert_data_renders_to(self, data, table): self.formatter('list-runs', data, stream=self.stream) diff --git a/tests/unit/customizations/emr/test_add_instance_fleet.py b/tests/unit/customizations/emr/test_add_instance_fleet.py new file mode 100644 index 000000000000..d4a658ebc21c --- /dev/null +++ b/tests/unit/customizations/emr/test_add_instance_fleet.py @@ -0,0 +1,33 @@ +# Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You +# may not use this file except in compliance with the License. A copy of +# the License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is +# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF +# ANY KIND, either express or implied. See the License for the specific +# language governing permissions and limitations under the License. + +from tests.unit.customizations.emr import EMRBaseAWSCommandParamsTest as \ + BaseAWSCommandParamsTest +from tests.unit.customizations.emr import test_constants_instance_fleets as \ + CONSTANTS_FLEET + +class TestAddInstanceFleet(BaseAWSCommandParamsTest): + prefix = f"emr add-instance-fleet --cluster-id {CONSTANTS_FLEET.DEFAULT_CLUSTER_NAME} --instance-fleet " + + def test_add_instance_fleet_with_allocation_strategy_spot_and_od(self): + result = \ + { + "ClusterId": CONSTANTS_FLEET.DEFAULT_CLUSTER_NAME, + "InstanceFleet": CONSTANTS_FLEET.RES_TASK_INSTANCE_FLEET_WITH_RESIZE_ALLOCATION_STRATEGY_SPOT_AND_OD + } + self.assert_params_for_cmd( + self.prefix + CONSTANTS_FLEET.TASK_INSTANCE_FLEET_WITH_RESIZE_ALLOCATION_STRATEGY_SPOT_AND_OD, + result) + +if __name__ == "__main__": + unittest.main() diff --git a/tests/unit/customizations/emr/test_constants_instance_fleets.py b/tests/unit/customizations/emr/test_constants_instance_fleets.py index ace18efe87d4..bb18a76d7798 100644 --- a/tests/unit/customizations/emr/test_constants_instance_fleets.py +++ b/tests/unit/customizations/emr/test_constants_instance_fleets.py @@ -11,6 +11,9 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. +DEFAULT_INSTANCE_FLEET_NAME = "if-XYZ123" +DEFAULT_CLUSTER_NAME = "j-ABC123456" + INSTANCE_FLEETS_WITH_ON_DEMAND_MASTER_ONLY = ( 'InstanceFleetType=MASTER,TargetOnDemandCapacity=1,InstanceTypeConfigs=[{InstanceType=d2.xlarge}],' 'LaunchSpecifications={OnDemandSpecification={AllocationStrategy=lowest-price,' @@ -69,6 +72,68 @@ 'WeightedCapacity=4}],LaunchSpecifications={SpotSpecification={TimeoutDurationMinutes=20,' 'TimeoutAction=TERMINATE_CLUSTER,AllocationStrategy=diversified}}') +INSTANCE_FLEETS_WITH_PRIORITIZED_ALLOCATION_STRATEGY_SPOT_AND_OD = ( + 'InstanceFleetType=MASTER,TargetSpotCapacity=1,InstanceTypeConfigs=[{InstanceType=d2.xlarge,' + 'BidPrice=0.1,Priority=0.0}],LaunchSpecifications={SpotSpecification={TimeoutDurationMinutes=30,' + 'TimeoutAction=TERMINATE_CLUSTER,AllocationStrategy=capacity-optimized-prioritized},' + 'OnDemandSpecification={AllocationStrategy=prioritized}} ' + 'InstanceFleetType=CORE,TargetSpotCapacity=100,InstanceTypeConfigs=[{InstanceType=d2.xlarge,' + 'BidPrice=0.5,WeightedCapacity=1,Priority=0.0},{InstanceType=m3.2xlarge,BidPrice=0.2,' + 'WeightedCapacity=2,Priority=1.0},{InstanceType=m3.4xlarge,BidPrice=0.4,WeightedCapacity=4,' + 'Priority=99.0}],LaunchSpecifications={SpotSpecification={TimeoutDurationMinutes=32,' + 'TimeoutAction=TERMINATE_CLUSTER,AllocationStrategy=capacity-optimized-prioritized},' + 'OnDemandSpecification={AllocationStrategy=prioritized}} ' + 'InstanceFleetType=TASK,TargetSpotCapacity=100,InstanceTypeConfigs=[{InstanceType=d2.xlarge,' + 'BidPrice=0.5,WeightedCapacity=1,Priority=10.0},{InstanceType=m3.2xlarge,BidPrice=0.2,' + 'WeightedCapacity=2,Priority=0.0},{InstanceType=m3.4xlarge,BidPrice=0.4,WeightedCapacity=4,' + 'Priority=100.0}],LaunchSpecifications={SpotSpecification={TimeoutDurationMinutes=77,' + 'TimeoutAction=TERMINATE_CLUSTER,AllocationStrategy=' + 'capacity-optimized-prioritized},OnDemandSpecification={AllocationStrategy=prioritized}}') + +TASK_INSTANCE_FLEET_WITH_RESIZE_ALLOCATION_STRATEGY_SPOT_AND_OD = ( + 'InstanceFleetType=TASK,TargetSpotCapacity=100,Context=testContext,InstanceTypeConfigs=[{InstanceType=d2.xlarge,' + 'BidPrice=0.5,WeightedCapacity=1},{InstanceType=m3.2xlarge,BidPrice=0.2,WeightedCapacity=2},' + '{InstanceType=m3.4xlarge,BidPrice=0.4,WeightedCapacity=4}],LaunchSpecifications={' + 'SpotSpecification={TimeoutDurationMinutes=77,TimeoutAction=TERMINATE_CLUSTER,' + 'AllocationStrategy=capacity-optimized-prioritized},OnDemandSpecification={' + 'AllocationStrategy=lowest-price}},ResizeSpecifications={SpotResizeSpecification={' + 'AllocationStrategy=capacity-optimized},OnDemandResizeSpecification={' + 'AllocationStrategy=lowest-price,CapacityReservationOptions={' + 'UsageStrategy=use-capacity-reservations-first,CapacityReservationPreference=open}}}') + +INSTANCE_FLEETS_WITH_RESIZE_ALLOCATION_STRATEGY_SPOT_AND_OD = ( + 'InstanceFleetType=MASTER,TargetSpotCapacity=1,InstanceTypeConfigs=[{InstanceType=d2.xlarge,' + 'BidPrice=0.1}],LaunchSpecifications={SpotSpecification={TimeoutDurationMinutes=30,' + 'TimeoutAction=TERMINATE_CLUSTER,AllocationStrategy=capacity-optimized-prioritized},' + 'OnDemandSpecification={AllocationStrategy=lowest-price}} ' + 'InstanceFleetType=CORE,TargetSpotCapacity=100,InstanceTypeConfigs=[{InstanceType=d2.xlarge,' + 'BidPrice=0.5,WeightedCapacity=1},{InstanceType=m3.2xlarge,BidPrice=0.2,WeightedCapacity=2},' + '{InstanceType=m3.4xlarge,BidPrice=0.4,WeightedCapacity=4}],LaunchSpecifications={' + 'SpotSpecification={TimeoutDurationMinutes=32,TimeoutAction=TERMINATE_CLUSTER,' + 'AllocationStrategy=capacity-optimized-prioritized},OnDemandSpecification={' + 'AllocationStrategy=lowest-price}},ResizeSpecifications={SpotResizeSpecification=' + '{AllocationStrategy=capacity-optimized},OnDemandResizeSpecification={' + 'AllocationStrategy=lowest-price,CapacityReservationOptions={' + 'UsageStrategy=use-capacity-reservations-first,CapacityReservationPreference=open}}} ' + f'{TASK_INSTANCE_FLEET_WITH_RESIZE_ALLOCATION_STRATEGY_SPOT_AND_OD}') + +MODIFY_INSTANCE_FLEET_WITH_INSTANCE_TYPE_CONFIGS = ( + f'InstanceFleetId={DEFAULT_INSTANCE_FLEET_NAME},' + f'InstanceTypeConfigs=[{{InstanceType=d2.xlarge}}],Context=testContext') + +MODIFY_INSTANCE_FLEET_WITH_SPOT_AND_OD_RESIZE_SPECIFICATIONS = ( + f'InstanceFleetId={DEFAULT_INSTANCE_FLEET_NAME},ResizeSpecifications={{SpotResizeSpecification=' + f'{{AllocationStrategy=capacity-optimized}},OnDemandResizeSpecification={{' + f'AllocationStrategy=lowest-price,CapacityReservationOptions={{' + f'UsageStrategy=use-capacity-reservations-first,CapacityReservationPreference=open}}}}}}') + +MODIFY_INSTANCE_FLEET_WITH_INSTANCE_TYPE_CONFIGS_AND_SPOT_AND_OD_RESIZE_SPECIFICATIONS = ( + f'InstanceFleetId={DEFAULT_INSTANCE_FLEET_NAME},ResizeSpecifications={{SpotResizeSpecification=' + f'{{AllocationStrategy=capacity-optimized}},OnDemandResizeSpecification={{' + f'AllocationStrategy=lowest-price,CapacityReservationOptions={{' + f'UsageStrategy=use-capacity-reservations-first,CapacityReservationPreference=open}}}}}}' + f',InstanceTypeConfigs=[{{InstanceType=d2.xlarge}}]') + RES_INSTANCE_FLEETS_WITH_ON_DEMAND_MASTER_ONLY = \ [{"InstanceTypeConfigs": [{"InstanceType": "d2.xlarge"}], "LaunchSpecifications": { @@ -242,3 +307,309 @@ "InstanceFleetType": "TASK", "Name": "TASK" }] + +RES_INSTANCE_FLEETS_WITH_PRIORITIZED_ALLOCATION_STRATEGY_SPOT_AND_OD = \ + [ + { + "InstanceTypeConfigs": [ + { + "InstanceType": "d2.xlarge", + "BidPrice": "0.1", + "Priority": 0 + } + ], + "LaunchSpecifications": { + "SpotSpecification": { + "TimeoutDurationMinutes": 30, + "TimeoutAction": "TERMINATE_CLUSTER", + "AllocationStrategy": "capacity-optimized-prioritized" + }, + "OnDemandSpecification": { + "AllocationStrategy": "prioritized" + } + }, + "TargetSpotCapacity": 1, + "InstanceFleetType": "MASTER", + "Name": "MASTER" + }, + { + "InstanceTypeConfigs": [ + { + "InstanceType": "d2.xlarge", + "BidPrice": "0.5", + "WeightedCapacity": 1, + "Priority": 0 + }, + { + "InstanceType": "m3.2xlarge", + "BidPrice": "0.2", + "WeightedCapacity": 2, + "Priority": 1 + }, + { + "InstanceType": "m3.4xlarge", + "BidPrice": "0.4", + "WeightedCapacity": 4, + "Priority": 99 + } + ], + "LaunchSpecifications": { + "SpotSpecification": { + "TimeoutDurationMinutes": 32, + "TimeoutAction": "TERMINATE_CLUSTER", + "AllocationStrategy": "capacity-optimized-prioritized" + }, + "OnDemandSpecification": { + "AllocationStrategy": "prioritized" + } + }, + "TargetSpotCapacity": 100, + "InstanceFleetType": "CORE", + "Name": "CORE" + }, + { + "InstanceTypeConfigs": [ + { + "InstanceType": "d2.xlarge", + "BidPrice": "0.5", + "WeightedCapacity": 1, + "Priority": 10 + }, + { + "InstanceType": "m3.2xlarge", + "BidPrice": "0.2", + "WeightedCapacity": 2, + "Priority": 0 + }, + { + "InstanceType": "m3.4xlarge", + "BidPrice": "0.4", + "WeightedCapacity": 4, + "Priority": 100 + } + ], + "LaunchSpecifications": { + "SpotSpecification": { + "TimeoutDurationMinutes": 77, + "TimeoutAction": "TERMINATE_CLUSTER", + "AllocationStrategy": "capacity-optimized-prioritized" + }, + "OnDemandSpecification": { + "AllocationStrategy": "prioritized" + } + }, + "TargetSpotCapacity": 100, + "InstanceFleetType": "TASK", + "Name": "TASK" + }] + +RES_INSTANCE_FLEETS_WITH_RESIZE_ALLOCATION_STRATEGY_SPOT_AND_OD = \ + [ + { + "InstanceTypeConfigs": [ + { + "InstanceType": "d2.xlarge", + "BidPrice": "0.1" + } + ], + "LaunchSpecifications": { + "SpotSpecification": { + "TimeoutDurationMinutes": 30, + "TimeoutAction": "TERMINATE_CLUSTER", + "AllocationStrategy": "capacity-optimized-prioritized" + }, + "OnDemandSpecification": { + "AllocationStrategy": "lowest-price" + } + }, + "TargetSpotCapacity": 1, + "InstanceFleetType": "MASTER", + "Name": "MASTER" + }, + { + "InstanceTypeConfigs": [ + { + "InstanceType": "d2.xlarge", + "BidPrice": "0.5", + "WeightedCapacity": 1 + }, + { + "InstanceType": "m3.2xlarge", + "BidPrice": "0.2", + "WeightedCapacity": 2 + }, + { + "InstanceType": "m3.4xlarge", + "BidPrice": "0.4", + "WeightedCapacity": 4 + } + ], + "LaunchSpecifications": { + "SpotSpecification": { + "TimeoutDurationMinutes": 32, + "TimeoutAction": "TERMINATE_CLUSTER", + "AllocationStrategy": "capacity-optimized-prioritized" + }, + "OnDemandSpecification": { + "AllocationStrategy": "lowest-price" + } + }, + "ResizeSpecifications": { + "OnDemandResizeSpecification": { + "AllocationStrategy": "lowest-price", + "CapacityReservationOptions": { + "CapacityReservationPreference": "open", + "UsageStrategy": "use-capacity-reservations-first" + } + }, + "SpotResizeSpecification": { + "AllocationStrategy": "capacity-optimized" + } + }, + "TargetSpotCapacity": 100, + "InstanceFleetType": "CORE", + "Name": "CORE" + }, + { + "InstanceTypeConfigs": [ + { + "InstanceType": "d2.xlarge", + "BidPrice": "0.5", + "WeightedCapacity": 1 + }, + { + "InstanceType": "m3.2xlarge", + "BidPrice": "0.2", + "WeightedCapacity": 2 + }, + { + "InstanceType": "m3.4xlarge", + "BidPrice": "0.4", + "WeightedCapacity": 4 + } + ], + "LaunchSpecifications": { + "SpotSpecification": { + "TimeoutDurationMinutes": 77, + "TimeoutAction": "TERMINATE_CLUSTER", + "AllocationStrategy": "capacity-optimized-prioritized" + }, + "OnDemandSpecification": { + "AllocationStrategy": "lowest-price" + } + }, + "ResizeSpecifications": { + "OnDemandResizeSpecification": { + "AllocationStrategy": "lowest-price", + "CapacityReservationOptions": { + "CapacityReservationPreference": "open", + "UsageStrategy": "use-capacity-reservations-first" + } + }, + "SpotResizeSpecification": { + "AllocationStrategy": "capacity-optimized" + } + }, + "TargetSpotCapacity": 100, + "InstanceFleetType": "TASK", + "Context": "testContext", + "Name": "TASK" + } + ] + +RES_TASK_INSTANCE_FLEET_WITH_RESIZE_ALLOCATION_STRATEGY_SPOT_AND_OD = \ + { + "InstanceTypeConfigs": [ + { + "InstanceType": "d2.xlarge", + "BidPrice": "0.5", + "WeightedCapacity": 1 + }, + { + "InstanceType": "m3.2xlarge", + "BidPrice": "0.2", + "WeightedCapacity": 2 + }, + { + "InstanceType": "m3.4xlarge", + "BidPrice": "0.4", + "WeightedCapacity": 4 + } + ], + "LaunchSpecifications": { + "SpotSpecification": { + "TimeoutDurationMinutes": 77, + "TimeoutAction": "TERMINATE_CLUSTER", + "AllocationStrategy": "capacity-optimized-prioritized" + }, + "OnDemandSpecification": { + "AllocationStrategy": "lowest-price" + } + }, + "ResizeSpecifications": { + "OnDemandResizeSpecification": { + "AllocationStrategy": "lowest-price", + "CapacityReservationOptions": { + "CapacityReservationPreference": "open", + "UsageStrategy": "use-capacity-reservations-first" + } + }, + "SpotResizeSpecification": { + "AllocationStrategy": "capacity-optimized" + } + }, + "TargetSpotCapacity": 100, + "InstanceFleetType": "TASK", + "Context": "testContext" + } + +RES_MODIFY_INSTANCE_FLEET_WITH_INSTANCE_TYPE_CONFIGS = \ + { + "ClusterId": DEFAULT_CLUSTER_NAME, + "InstanceFleet": { + "InstanceFleetId": DEFAULT_INSTANCE_FLEET_NAME, + "InstanceTypeConfigs": [ + {"InstanceType": "d2.xlarge"} + ], + "Context": "testContext" + } + } + +RES_MODIFY_INSTANCE_FLEET_WITH_SPOT_AND_OD_RESIZE_SPECIFICATIONS = \ + { + "ClusterId": DEFAULT_CLUSTER_NAME, + "InstanceFleet": { + "InstanceFleetId": DEFAULT_INSTANCE_FLEET_NAME, + "ResizeSpecifications": { + "OnDemandResizeSpecification": { + "AllocationStrategy": "lowest-price", + "CapacityReservationOptions": { + "CapacityReservationPreference": "open", + "UsageStrategy": "use-capacity-reservations-first" + } + }, + "SpotResizeSpecification": {"AllocationStrategy": "capacity-optimized"} + } + } + } + +RES_MODIFY_INSTANCE_FLEET_WITH_INSTANCE_TYPE_CONFIGS_AND_SPOT_AND_OD_RESIZE_SPECIFICATIONS = \ + { + "ClusterId": DEFAULT_CLUSTER_NAME, + "InstanceFleet": { + "InstanceFleetId": DEFAULT_INSTANCE_FLEET_NAME, + "ResizeSpecifications": { + "OnDemandResizeSpecification": { + "AllocationStrategy": "lowest-price", + "CapacityReservationOptions": { + "CapacityReservationPreference": "open", + "UsageStrategy": "use-capacity-reservations-first" + } + }, + "SpotResizeSpecification": {"AllocationStrategy": "capacity-optimized"} + }, + "InstanceTypeConfigs": [ + {"InstanceType": "d2.xlarge"} + ] + } + } \ No newline at end of file diff --git a/tests/unit/customizations/emr/test_create_cluster_ami_version.py b/tests/unit/customizations/emr/test_create_cluster_ami_version.py index 17ca760bcda2..36c536f96dad 100644 --- a/tests/unit/customizations/emr/test_create_cluster_ami_version.py +++ b/tests/unit/customizations/emr/test_create_cluster_ami_version.py @@ -476,6 +476,31 @@ def test_termination_protected_and_no_termination_protected(self): result = self.run_cmd(cmd, 255) self.assertEqual(expected_error_msg, result[1]) + def test_unhealthy_node_replacement(self): + cmd = DEFAULT_CMD + '--unhealthy-node-replacement' + result = copy.deepcopy(DEFAULT_RESULT) + instances = copy.deepcopy(DEFAULT_INSTANCES) + instances['UnhealthyNodeReplacement'] = True + result['Instances'] = instances + self.assert_params_for_cmd(cmd, result) + + def test_no_unhealthy_node_replacement(self): + cmd = DEFAULT_CMD + '--no-unhealthy-node-replacement' + result = copy.deepcopy(DEFAULT_RESULT) + instances = copy.deepcopy(DEFAULT_INSTANCES) + instances['UnhealthyNodeReplacement'] = False + result['Instances'] = instances + self.assert_params_for_cmd(cmd, result) + + def test_unhealthy_node_replacement_and_no_unhealthy_node_replacement(self): + cmd = DEFAULT_CMD + \ + '--unhealthy-node-replacement --no-unhealthy-node-replacement' + expected_error_msg = ( + '\naws: error: cannot use both --unhealthy-node-replacement' + ' and --no-unhealthy-node-replacement options together.\n') + result = self.run_cmd(cmd, 255) + self.assertEqual(expected_error_msg, result[1]) + def test_visible_to_all_users(self): cmd = DEFAULT_CMD + '--visible-to-all-users' self.assert_params_for_cmd(cmd, DEFAULT_RESULT) diff --git a/tests/unit/customizations/emr/test_create_cluster_release_label.py b/tests/unit/customizations/emr/test_create_cluster_release_label.py index 5eaed6a4cf93..841f68ccf0d2 100644 --- a/tests/unit/customizations/emr/test_create_cluster_release_label.py +++ b/tests/unit/customizations/emr/test_create_cluster_release_label.py @@ -455,6 +455,31 @@ def test_termination_protected_and_no_termination_protected(self): result = self.run_cmd(cmd, 255) self.assertEqual(expected_error_msg, result[1]) + def test_unhealthy_node_replacement(self): + cmd = DEFAULT_CMD + '--unhealthy-node-replacement' + result = copy.deepcopy(DEFAULT_RESULT) + instances = copy.deepcopy(DEFAULT_INSTANCES) + instances['UnhealthyNodeReplacement'] = True + result['Instances'] = instances + self.assert_params_for_cmd(cmd, result) + + def test_no_unhealthy_node_replacement(self): + cmd = DEFAULT_CMD + '--no-unhealthy-node-replacement' + result = copy.deepcopy(DEFAULT_RESULT) + instances = copy.deepcopy(DEFAULT_INSTANCES) + instances['UnhealthyNodeReplacement'] = False + result['Instances'] = instances + self.assert_params_for_cmd(cmd, result) + + def test_unhealthy_node_replacement_and_no_unhealthy_node_replacement(self): + cmd = DEFAULT_CMD + \ + '--unhealthy-node-replacement --no-unhealthy-node-replacement' + expected_error_msg = ( + '\naws: error: cannot use both --unhealthy-node-replacement' + ' and --no-unhealthy-node-replacement options together.\n') + result = self.run_cmd(cmd, 255) + self.assertEqual(expected_error_msg, result[1]) + def test_visible_to_all_users(self): cmd = DEFAULT_CMD + '--visible-to-all-users' self.assert_params_for_cmd(cmd, DEFAULT_RESULT) @@ -1101,7 +1126,7 @@ def test_instance_group_with_autoscaling_policy_missing_autoscaling_role(self): ' configuring an AutoScaling policy for an instance group.\n') result = self.run_cmd(cmd, 255) self.assertEqual(expected_error_msg, result[1]) - + def test_scale_down_behavior(self): cmd = (self.prefix + '--release-label emr-4.0.0 --scale-down-behavior TERMINATE_AT_INSTANCE_HOUR ' '--instance-groups ' + DEFAULT_INSTANCE_GROUPS_ARG) @@ -1384,6 +1409,38 @@ def test_create_cluster_with_ebs_root_volume_size(self): } self.assert_params_for_cmd(cmd, result) + def test_create_cluster_with_ebs_root_volume_iops(self): + cmd = (self.prefix + '--release-label emr-6.15.0 --security-configuration MySecurityConfig '+ + ' --ebs-root-volume-iops 3000' + + ' --instance-groups ' + DEFAULT_INSTANCE_GROUPS_ARG) + result = \ + { + 'Name': DEFAULT_CLUSTER_NAME, + 'Instances': DEFAULT_INSTANCES, + 'ReleaseLabel': 'emr-6.15.0', + 'VisibleToAllUsers': True, + 'Tags': [], + 'EbsRootVolumeIops': 3000, + 'SecurityConfiguration': 'MySecurityConfig' + } + self.assert_params_for_cmd(cmd, result) + + def test_create_cluster_with_ebs_root_volume_throughput(self): + cmd = (self.prefix + '--release-label emr-6.15.0 --security-configuration MySecurityConfig '+ + ' --ebs-root-volume-throughput 125' + + ' --instance-groups ' + DEFAULT_INSTANCE_GROUPS_ARG) + result = \ + { + 'Name': DEFAULT_CLUSTER_NAME, + 'Instances': DEFAULT_INSTANCES, + 'ReleaseLabel': 'emr-6.15.0', + 'VisibleToAllUsers': True, + 'Tags': [], + 'EbsRootVolumeThroughput': 125, + 'SecurityConfiguration': 'MySecurityConfig' + } + self.assert_params_for_cmd(cmd, result) + def test_create_cluster_with_repo_upgrade_on_boot(self): cmd = (self.prefix + '--release-label emr-4.7.2 --security-configuration MySecurityConfig '+ ' --repo-upgrade-on-boot NONE' + @@ -1433,7 +1490,33 @@ def test_create_cluster_with_managed_scaling_policy(self): 'MaximumCapacityUnits': 4, 'UnitType': 'Instances', 'MaximumCoreCapacityUnits': 1 - } + } + }, + 'SecurityConfiguration': 'MySecurityConfig' + } + self.assert_params_for_cmd(cmd, result) + + def test_create_cluster_with_managed_scaling_policy_customer_knobs(self): + cmd = (self.prefix + '--release-label emr-5.28.0 --security-configuration MySecurityConfig ' + + '--managed-scaling-policy ComputeLimits={MinimumCapacityUnits=2,MaximumCapacityUnits=4,' + + 'UnitType=Instances,MaximumCoreCapacityUnits=1},ScalingStrategy=ADVANCED,' + + 'UtilizationPerformanceIndex=1 --instance-groups ' + DEFAULT_INSTANCE_GROUPS_ARG) + result = \ + { + 'Name': DEFAULT_CLUSTER_NAME, + 'Instances': DEFAULT_INSTANCES, + 'ReleaseLabel': 'emr-5.28.0', + 'VisibleToAllUsers': True, + 'Tags': [], + 'ManagedScalingPolicy': { + 'ComputeLimits': { + 'MinimumCapacityUnits': 2, + 'MaximumCapacityUnits': 4, + 'UnitType': 'Instances', + 'MaximumCoreCapacityUnits': 1 + }, + 'ScalingStrategy': 'ADVANCED', + 'UtilizationPerformanceIndex': 1, }, 'SecurityConfiguration': 'MySecurityConfig' } @@ -1495,10 +1578,30 @@ def test_create_cluster_with_placement_groups(self): } self.assert_params_for_cmd(cmd, result) + def test_instance_fleets_with_resize_allocation_strategy_spot_od(self): + cmd = (self.prefix + '--release-label emr-4.2.0 --instance-fleets ' + + CONSTANTS_FLEET.INSTANCE_FLEETS_WITH_RESIZE_ALLOCATION_STRATEGY_SPOT_AND_OD + + ' --ec2-attributes AvailabilityZones=[us-east-1a,us-east-1b]') + instance_fleets = CONSTANTS_FLEET.RES_INSTANCE_FLEETS_WITH_RESIZE_ALLOCATION_STRATEGY_SPOT_AND_OD + result = \ + { + 'Name': DEFAULT_CLUSTER_NAME, + 'Instances': {'KeepJobFlowAliveWhenNoSteps': True, + 'TerminationProtected': False, + 'InstanceFleets': + instance_fleets, + 'Placement': {'AvailabilityZones': ['us-east-1a','us-east-1b']} + }, + 'ReleaseLabel': 'emr-4.2.0', + 'VisibleToAllUsers': True, + 'Tags': [] + } + self.assert_params_for_cmd(cmd, result) + def test_create_cluster_with_os_release_label(self): test_os_release_label = '2.0.20220406.1' - cmd = (self.prefix + '--release-label emr-6.6.0' - + ' --os-release-label ' + test_os_release_label + cmd = (self.prefix + '--release-label emr-6.6.0' + + ' --os-release-label ' + test_os_release_label + ' --instance-groups ' + DEFAULT_INSTANCE_GROUPS_ARG) result = \ { @@ -1530,5 +1633,24 @@ def test_instance_fleets_with_spot_allocation_strategy(self): } self.assert_params_for_cmd(cmd, result) + def test_instance_fleets_with_prioritized_allocation_strategy_spot_ondemand(self): + cmd = (self.prefix + '--release-label emr-4.2.0 --instance-fleets ' + + CONSTANTS_FLEET.INSTANCE_FLEETS_WITH_PRIORITIZED_ALLOCATION_STRATEGY_SPOT_AND_OD + + ' --ec2-attributes AvailabilityZones=[us-east-1a,us-east-1b]') + result = \ + { + 'Name': DEFAULT_CLUSTER_NAME, + 'Instances': {'KeepJobFlowAliveWhenNoSteps': True, + 'TerminationProtected': False, + 'InstanceFleets': + CONSTANTS_FLEET.RES_INSTANCE_FLEETS_WITH_PRIORITIZED_ALLOCATION_STRATEGY_SPOT_AND_OD, + 'Placement': {'AvailabilityZones': ['us-east-1a','us-east-1b']} + }, + 'ReleaseLabel': 'emr-4.2.0', + 'VisibleToAllUsers': True, + 'Tags': [] + } + self.assert_params_for_cmd(cmd, result) + if __name__ == "__main__": unittest.main() diff --git a/tests/unit/customizations/emr/test_create_default_role.py b/tests/unit/customizations/emr/test_create_default_role.py index 960ee97da66e..c8ba5bd7c54a 100644 --- a/tests/unit/customizations/emr/test_create_default_role.py +++ b/tests/unit/customizations/emr/test_create_default_role.py @@ -110,7 +110,7 @@ class TestCreateDefaultRole(BaseAWSCommandParamsTest): { "Sid": "", "Effect": "Allow", - "Principal": {"Service": "ec2.amazonaws.com.cn"}, + "Principal": {"Service": "ec2.amazonaws.com"}, "Action": "sts:AssumeRole" } ] diff --git a/tests/unit/customizations/emr/test_describe_cluster.py b/tests/unit/customizations/emr/test_describe_cluster.py index 7194e0cd5a45..0d0dbc1ca30c 100644 --- a/tests/unit/customizations/emr/test_describe_cluster.py +++ b/tests/unit/customizations/emr/test_describe_cluster.py @@ -176,10 +176,25 @@ "BidPriceAsPercentageOfOnDemandPrice": 0.0 } ], + "LaunchSpecifications" : { + "SpotSpecification": {"TimeoutDurationMinutes": 77, "TimeoutAction": "TERMINATE_CLUSTER", + "AllocationStrategy": "capacity-optimized-prioritized"}, + "OnDemandSpecification": {"AllocationStrategy": "lowest-price"} + }, + "ResizeSpecifications": { + "OnDemandResizeSpecification": {"AllocationStrategy": "lowest-price", + "CapacityReservationOptions": { + "CapacityReservationPreference": "open", + "UsageStrategy": "use-capacity-reservations-first" + } + }, + "SpotResizeSpecification": {"AllocationStrategy": "capacity-optimized"} + }, "Name": "Master instance group", "InstanceFleetType": "MASTER", "InstanceType": "m1.large", "Id": "if-ABCD", + "Context": "testContext" } ] } @@ -327,10 +342,25 @@ "BidPriceAsPercentageOfOnDemandPrice": 0.0 } ], + "LaunchSpecifications" : { + "SpotSpecification": {"TimeoutDurationMinutes": 77, "TimeoutAction": "TERMINATE_CLUSTER", + "AllocationStrategy": "capacity-optimized-prioritized"}, + "OnDemandSpecification": {"AllocationStrategy": "lowest-price"} + }, + "ResizeSpecifications": { + "OnDemandResizeSpecification": {"AllocationStrategy": "lowest-price", + "CapacityReservationOptions": { + "CapacityReservationPreference": "open", + "UsageStrategy": "use-capacity-reservations-first" + } + }, + "SpotResizeSpecification": {"AllocationStrategy": "capacity-optimized"} + }, "Name": "Master instance group", "InstanceFleetType": "MASTER", "InstanceType": "m1.large", "Id": "if-ABCD", + "Context": "testContext" } ], "RequestedAmiVersion": "2.4.2", diff --git a/tests/unit/customizations/emr/test_get_service_principal.py b/tests/unit/customizations/emr/test_get_service_principal.py index f7cccd83e795..c657f2bc2085 100644 --- a/tests/unit/customizations/emr/test_get_service_principal.py +++ b/tests/unit/customizations/emr/test_get_service_principal.py @@ -19,14 +19,15 @@ class TestEmrConfig(unittest.TestCase): ec2_service = "ec2" + ec2_service_principal = "ec2.amazonaws.com" emr_service = "elasticmapreduce" endpoint1 = "https://ap-southeast-1.elasticmapreduce.abc/" endpoint2 = "https://elasticmapreduce.abcd.def.ghi" - endpoint3 = "https://grabage.nothing.com" + endpoint3 = "https://garbage.nothing.com" expected_result1 = "elasticmapreduce.abc" expected_result2 = "elasticmapreduce.def.ghi" - def test_get_service_principal(self): + def test_get_emr_service_principal(self): msg = "Generated Service Principal does not match the expected" + \ "Service Principal" @@ -37,9 +38,14 @@ def test_get_service_principal(self): self.assertEqual(result2, self.expected_result2, msg) self.assertRaises(ResolveServicePrincipalError, - get_service_principal, self.ec2_service, + get_service_principal, self.emr_service, self.endpoint3) + def test_get_ec2_service_principal(self): + self.assertEqual(get_service_principal(self.ec2_service, self.endpoint1), self.ec2_service_principal) + self.assertEqual(get_service_principal(self.ec2_service, self.endpoint2), self.ec2_service_principal) + self.assertEqual(get_service_principal(self.ec2_service, self.endpoint3), self.ec2_service_principal) + if __name__ == "__main__": unittest.main() diff --git a/tests/unit/customizations/emr/test_modify_cluster_attributes.py b/tests/unit/customizations/emr/test_modify_cluster_attributes.py index 27b0c1d8a151..5fa430cee35a 100644 --- a/tests/unit/customizations/emr/test_modify_cluster_attributes.py +++ b/tests/unit/customizations/emr/test_modify_cluster_attributes.py @@ -42,6 +42,29 @@ def test_no_termination_protected(self): result = {'JobFlowIds': ['j-ABC123456'], 'TerminationProtected': False} self.assert_params_for_cmd(cmdline, result) + def test_no_auto_terminate(self): + args = ' --cluster-id j-ABC123456 --no-auto-terminate' + cmdline = self.prefix + args + result = {'JobFlowIds': ['j-ABC123456'], 'KeepJobFlowAliveWhenNoSteps': True} + self.assert_params_for_cmd(cmdline, result) + + def test_auto_terminate(self): + args = ' --cluster-id j-ABC123456 --auto-terminate' + cmdline = self.prefix + args + result = {'JobFlowIds': ['j-ABC123456'], 'KeepJobFlowAliveWhenNoSteps': False} + + def test_unhealthy_node_replacement(self): + args = ' --cluster-id j-ABC123456 --unhealthy-node-replacement' + cmdline = self.prefix + args + result = {'JobFlowIds': ['j-ABC123456'], 'UnhealthyNodeReplacement': True} + self.assert_params_for_cmd(cmdline, result) + + def test_no_unhealthy_node_replacement(self): + args = ' --cluster-id j-ABC123456 --no-unhealthy-node-replacement' + cmdline = self.prefix + args + result = {'JobFlowIds': ['j-ABC123456'], 'UnhealthyNodeReplacement': False} + self.assert_params_for_cmd(cmdline, result) + def test_visible_to_all_and_no_visible_to_all(self): args = ' --cluster-id j-ABC123456 --no-visible-to-all-users'\ ' --visible-to-all-users' @@ -62,33 +85,51 @@ def test_temination_protected_and_no_termination_protected(self): result = self.run_cmd(cmdline, 255) self.assertEqual(expected_error_msg, result[1]) - def test_termination_protected_and_visible_to_all(self): + def test_auto_terminate_and_no_auto_terminate(self): + args = ' --cluster-id j-ABC123456 --auto-terminate'\ + ' --no-auto-terminate' + cmdline = self.prefix + args + expected_error_msg = ( + '\naws: error: You cannot specify both --auto-terminate ' + 'and --no-auto-terminate options together.\n') + result = self.run_cmd(cmdline, 255) + self.assertEqual(expected_error_msg, result[1]) + + def test_can_set_multiple_attributes(self): args = ' --cluster-id j-ABC123456 --termination-protected'\ - ' --visible-to-all-users' + ' --visible-to-all-users --unhealthy-node-replacement' cmdline = self.prefix + args result_set_termination_protection = { 'JobFlowIds': ['j-ABC123456'], 'TerminationProtected': True} result_set_visible_to_all_users = { 'JobFlowIds': ['j-ABC123456'], 'VisibleToAllUsers': True} + result_set_unhealty_node_replacement = { + 'JobFlowIds': ['j-ABC123456'], 'UnhealthyNodeReplacement': True} self.run_cmd(cmdline) self.assertDictEqual( self.operations_called[0][1], result_set_visible_to_all_users) self.assertDictEqual( self.operations_called[1][1], result_set_termination_protection) + self.assertDictEqual( + self.operations_called[2][1], result_set_unhealty_node_replacement) - def test_termination_protected_and_no_visible_to_all(self): + def test_can_set_multiple_attributes_with_no(self): args = ' --cluster-id j-ABC123456 --termination-protected'\ - ' --no-visible-to-all-users' + ' --no-visible-to-all-users --unhealthy-node-replacement' cmdline = self.prefix + args result_set_termination_protection = { 'JobFlowIds': ['j-ABC123456'], 'TerminationProtected': True} result_set_visible_to_all_users = { 'JobFlowIds': ['j-ABC123456'], 'VisibleToAllUsers': False} + result_set_unhealty_node_replacement = { + 'JobFlowIds': ['j-ABC123456'], 'UnhealthyNodeReplacement': True} self.run_cmd(cmdline) self.assertDictEqual( self.operations_called[0][1], result_set_visible_to_all_users) self.assertDictEqual( self.operations_called[1][1], result_set_termination_protection) + self.assertDictEqual( + self.operations_called[2][1], result_set_unhealty_node_replacement) def test_at_least_one_option(self): args = ' --cluster-id j-ABC123456' @@ -96,7 +137,9 @@ def test_at_least_one_option(self): expected_error_msg = ( '\naws: error: Must specify one of the following boolean options: ' '--visible-to-all-users|--no-visible-to-all-users, ' - '--termination-protected|--no-termination-protected.\n') + '--termination-protected|--no-termination-protected, ' + '--auto-terminate|--no-auto-terminate, ' + '--unhealthy-node-replacement|--no-unhealthy-node-replacement.\n') result = self.run_cmd(cmdline, 255) self.assertEqual(expected_error_msg, result[1]) diff --git a/tests/unit/customizations/emr/test_modify_instance_fleet.py b/tests/unit/customizations/emr/test_modify_instance_fleet.py new file mode 100644 index 000000000000..418406acd5a0 --- /dev/null +++ b/tests/unit/customizations/emr/test_modify_instance_fleet.py @@ -0,0 +1,40 @@ +# Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You +# may not use this file except in compliance with the License. A copy of +# the License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is +# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF +# ANY KIND, either express or implied. See the License for the specific +# language governing permissions and limitations under the License. + +from tests.unit.customizations.emr import EMRBaseAWSCommandParamsTest as \ + BaseAWSCommandParamsTest +from tests.unit.customizations.emr import test_constants_instance_fleets as \ + CONSTANTS_FLEET + + +class TestModifyInstanceFleet(BaseAWSCommandParamsTest): + prefix = f"emr modify-instance-fleet --cluster-id {CONSTANTS_FLEET.DEFAULT_CLUSTER_NAME} --instance-fleet " + + def test_modify_instance_fleet_with_instance_type_configs(self): + self.assert_params_for_cmd( + self.prefix + CONSTANTS_FLEET.MODIFY_INSTANCE_FLEET_WITH_INSTANCE_TYPE_CONFIGS, + CONSTANTS_FLEET.RES_MODIFY_INSTANCE_FLEET_WITH_INSTANCE_TYPE_CONFIGS) + + def test_modify_instance_fleet_with_allocation_strategy_spot_and_od(self): + self.assert_params_for_cmd( + self.prefix + CONSTANTS_FLEET.MODIFY_INSTANCE_FLEET_WITH_SPOT_AND_OD_RESIZE_SPECIFICATIONS, + CONSTANTS_FLEET.RES_MODIFY_INSTANCE_FLEET_WITH_SPOT_AND_OD_RESIZE_SPECIFICATIONS) + + def test_modify_instance_fleet_with_allocation_strategy_spot_and_od_and_instance_type_configs(self): + self.assert_params_for_cmd( + self.prefix + CONSTANTS_FLEET.MODIFY_INSTANCE_FLEET_WITH_INSTANCE_TYPE_CONFIGS_AND_SPOT_AND_OD_RESIZE_SPECIFICATIONS, + CONSTANTS_FLEET.RES_MODIFY_INSTANCE_FLEET_WITH_INSTANCE_TYPE_CONFIGS_AND_SPOT_AND_OD_RESIZE_SPECIFICATIONS) + + +if __name__ == "__main__": + unittest.main() diff --git a/tests/unit/customizations/gamelift/test_getlog.py b/tests/unit/customizations/gamelift/test_getlog.py index e46b79f492e5..fd2f0c8f0dfc 100644 --- a/tests/unit/customizations/gamelift/test_getlog.py +++ b/tests/unit/customizations/gamelift/test_getlog.py @@ -15,9 +15,9 @@ from botocore.session import get_session -from awscli.compat import six from awscli.testutils import unittest, mock, FileCreator from awscli.customizations.gamelift.getlog import GetGameSessionLogCommand +from awscli.compat import BytesIO class TestGetGameSessionLogCommand(unittest.TestCase): @@ -37,7 +37,7 @@ def setUp(self): self.urlopen_patch = mock.patch( 'awscli.customizations.gamelift.getlog.urlopen') self.urlopen_mock = self.urlopen_patch.start() - self.urlopen_mock.return_value = six.BytesIO(self.contents) + self.urlopen_mock.return_value = BytesIO(self.contents) def tearDown(self): self.create_client_patch.stop() diff --git a/tests/unit/customizations/gamelift/test_uploadbuild.py b/tests/unit/customizations/gamelift/test_uploadbuild.py index 48c6f2cdc7c6..98c9ccf400f8 100644 --- a/tests/unit/customizations/gamelift/test_uploadbuild.py +++ b/tests/unit/customizations/gamelift/test_uploadbuild.py @@ -18,11 +18,11 @@ from botocore.session import get_session from botocore.exceptions import ClientError -from awscli.compat import six from awscli.testutils import unittest, mock, FileCreator from awscli.customizations.gamelift.uploadbuild import UploadBuildCommand from awscli.customizations.gamelift.uploadbuild import zip_directory from awscli.customizations.gamelift.uploadbuild import validate_directory +from awscli.compat import StringIO class TestGetGameSessionLogCommand(unittest.TestCase): @@ -142,7 +142,7 @@ def test_upload_build_when_operating_system_is_provided(self): OperatingSystem=operating_system) def test_error_message_when_directory_is_empty(self): - with mock.patch('sys.stderr', six.StringIO()) as mock_stderr: + with mock.patch('sys.stderr', StringIO()) as mock_stderr: self.cmd(self.args, self.global_args) self.assertEqual( mock_stderr.getvalue(), @@ -158,7 +158,7 @@ def test_error_message_when_directory_is_not_provided(self): '--build-root', '' ] - with mock.patch('sys.stderr', six.StringIO()) as mock_stderr: + with mock.patch('sys.stderr', StringIO()) as mock_stderr: self.cmd(self.args, self.global_args) self.assertEqual( mock_stderr.getvalue(), @@ -175,7 +175,7 @@ def test_error_message_when_directory_does_not_exist(self): '--build-root', dir_not_exist ] - with mock.patch('sys.stderr', six.StringIO()) as mock_stderr: + with mock.patch('sys.stderr', StringIO()) as mock_stderr: self.cmd(self.args, self.global_args) self.assertEqual( mock_stderr.getvalue(), diff --git a/tests/unit/customizations/logs/test_startlivetail.py b/tests/unit/customizations/logs/test_startlivetail.py new file mode 100644 index 000000000000..100140737859 --- /dev/null +++ b/tests/unit/customizations/logs/test_startlivetail.py @@ -0,0 +1,141 @@ +# Copyright 2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You +# may not use this file except in compliance with the License. A copy of +# the License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is +# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF +# ANY KIND, either express or implied. See the License for the specific +# language governing permissions and limitations under the License. +from awscli.compat import StringIO +from awscli.customizations.logs.startlivetail import ( + LiveTailLogEventsCollector, + LiveTailSessionMetadata, + PrintOnlyPrinter, + PrintOnlyUI, +) +from awscli.testutils import mock, unittest + + +class LiveTailSessionMetadataTest(unittest.TestCase): + def setUp(self): + self.session_metadata = LiveTailSessionMetadata() + + def test_metadata_update(self): + metadata_update = {"sampled": True} + self.session_metadata.update_metadata(metadata_update) + + self.assertEqual(metadata_update["sampled"], self.session_metadata.is_sampled) + + +class PrintOnlyPrinterTest(unittest.TestCase): + def setUp(self): + self.output = StringIO() + self.log_events = [] + self.printer = PrintOnlyPrinter(self.output, self.log_events) + + def test_print_log_events(self): + self.log_events.extend(["First LogEvent", "Second LogEvent", "Third LogEvent"]) + expected_msg = "\n".join(self.log_events) + "\n" + + self.printer._print_log_events() + + self.output.seek(0) + self.assertEqual(expected_msg, self.output.read()) + self.assertEqual(0, len(self.log_events)) + + def test_session_interrupt_while_printing(self): + self.log_events.extend(["First LogEvent", "Second LogEvent", "Third LogEvent"]) + expected_msg = "\n".join(self.log_events) + "\n" + + self.printer.interrupt_session = True + self.printer.run() + + self.output.seek(0) + self.assertEqual(expected_msg, self.output.read()) + self.assertEqual(0, len(self.log_events)) + + def test_exception_while_printing(self): + self.log_events.extend(["First LogEvent", "Second LogEvent", "Third LogEvent"]) + self.printer._print_log_events = mock.MagicMock( + side_effect=BrokenPipeError("BrokenPipe") + ) + + # No exception should be raised + self.printer.run() + + +class PrintOnlyUITest(unittest.TestCase): + def setUp(self): + self.output = StringIO() + self.log_events = [] + self.ui = PrintOnlyUI(self.output, self.log_events) + + def test_exit(self): + self.ui.exit() + + self.assertEqual(True, self.ui._printer.interrupt_session) + + +class LiveTailLogEventsCollectorTest(unittest.TestCase): + def setUp(self): + self.output = StringIO() + self.log_events = [] + self.response_stream = mock.Mock() + self.ui = PrintOnlyUI(self.output, self.log_events) + self.session_metadata = LiveTailSessionMetadata() + self.log_events_collector = LiveTailLogEventsCollector( + self.output, + self.ui, + self.response_stream, + self.log_events, + self.session_metadata, + ) + + def test_log_event_collection(self): + updates = [ + {"sessionStart": "The session is started"}, + { + "sessionUpdate": { + "sessionMetadata": {"sampled": False}, + "sessionResults": [ + {"message": "LogEvent1"}, + {"message": "LogEvent2"}, + ], + } + }, + ] + self.response_stream.__iter__ = mock.MagicMock(return_value=iter(updates)) + + self.log_events_collector._collect_log_events() + + self.assertEqual(2, len(self.log_events)) + self.assertEqual(["LogEvent1", "LogEvent2"], self.log_events) + self.assertIsNone(self.log_events_collector._exception) + + def test_log_event_collection_with_unexpected_update(self): + updates = [{"unexpectedUpdate": "The session is started"}] + self.response_stream.extend(updates) + self.ui.exit = mock.MagicMock() + + self.log_events_collector._collect_log_events() + + self.assertIsNotNone(self.log_events_collector._exception) + + def test_stop_with_exception(self): + exception_message = "SessionStreamingException" + self.log_events_collector._exception = Exception(exception_message) + + self.log_events_collector.stop() + + self.output.seek(0) + self.assertEqual(exception_message + "\n", self.output.read()) + + def test_stop_without_exception(self): + self.response_stream.close = mock.MagicMock() + + self.log_events_collector.stop() + self.response_stream.close.assert_not_called() diff --git a/tests/unit/customizations/s3/__init__.py b/tests/unit/customizations/s3/__init__.py index 9aa736cba1ee..36703b6421c7 100644 --- a/tests/unit/customizations/s3/__init__.py +++ b/tests/unit/customizations/s3/__init__.py @@ -12,8 +12,6 @@ # language governing permissions and limitations under the License. import os -from awscli.compat import six - class FakeTransferFuture(object): def __init__(self, result=None, exception=None, meta=None): @@ -56,8 +54,8 @@ def make_loc_files(file_creator, size=None): filename2 = file_creator.create_file( os.path.join('some_directory', 'another_directory', 'text2.txt'), body) - filename1 = six.text_type(filename1) - filename2 = six.text_type(filename2) + filename1 = str(filename1) + filename2 = str(filename2) return [filename1, filename2, os.path.dirname(filename2), os.path.dirname(filename1)] diff --git a/tests/unit/customizations/s3/test_copy_params.py b/tests/unit/customizations/s3/test_copy_params.py index 1f735f96d949..9d637e455e64 100644 --- a/tests/unit/customizations/s3/test_copy_params.py +++ b/tests/unit/customizations/s3/test_copy_params.py @@ -50,7 +50,7 @@ def test_simple(self): cmdline = self.prefix cmdline += self.file_path cmdline += ' s3://mybucket/mykey' - result = {'Bucket': u'mybucket', 'Key': u'mykey'} + result = {'Bucket': u'mybucket', 'Key': u'mykey', 'ChecksumAlgorithm': 'CRC32'} self.assert_params(cmdline, result) def test_sse(self): @@ -59,7 +59,7 @@ def test_sse(self): cmdline += ' s3://mybucket/mykey' cmdline += ' --sse' result = {'Bucket': u'mybucket', 'Key': u'mykey', - 'ServerSideEncryption': 'AES256'} + 'ServerSideEncryption': 'AES256', 'ChecksumAlgorithm': 'CRC32'} self.assert_params(cmdline, result) def test_storage_class(self): @@ -68,7 +68,7 @@ def test_storage_class(self): cmdline += ' s3://mybucket/mykey' cmdline += ' --storage-class REDUCED_REDUNDANCY' result = {'Bucket': u'mybucket', 'Key': u'mykey', - 'StorageClass': u'REDUCED_REDUNDANCY'} + 'StorageClass': u'REDUCED_REDUNDANCY', 'ChecksumAlgorithm': 'CRC32'} self.assert_params(cmdline, result) def test_standard_ia_storage_class(self): @@ -77,7 +77,7 @@ def test_standard_ia_storage_class(self): cmdline += ' s3://mybucket/mykey' cmdline += ' --storage-class STANDARD_IA' result = {'Bucket': u'mybucket', 'Key': u'mykey', - 'StorageClass': u'STANDARD_IA'} + 'StorageClass': u'STANDARD_IA', 'ChecksumAlgorithm': 'CRC32'} self.assert_params(cmdline, result) def test_glacier_ir_storage_class(self): @@ -86,7 +86,7 @@ def test_glacier_ir_storage_class(self): cmdline += ' s3://mybucket/mykey' cmdline += ' --storage-class GLACIER_IR' result = {'Bucket': u'mybucket', 'Key': u'mykey', - 'StorageClass': u'GLACIER_IR'} + 'ChecksumAlgorithm': 'CRC32', 'StorageClass': u'GLACIER_IR'} self.assert_params(cmdline, result) def test_website_redirect(self): @@ -96,6 +96,7 @@ def test_website_redirect(self): cmdline += ' --website-redirect /foobar' result = {'Bucket': u'mybucket', 'Key': u'mykey', + 'ChecksumAlgorithm': 'CRC32', 'WebsiteRedirectLocation': u'/foobar'} self.assert_params(cmdline, result) @@ -104,7 +105,7 @@ def test_acl(self): cmdline += self.file_path cmdline += ' s3://mybucket/mykey' cmdline += ' --acl public-read' - result = {'Bucket': 'mybucket', 'Key': 'mykey', 'ACL': 'public-read'} + result = {'Bucket': 'mybucket', 'Key': 'mykey', 'ChecksumAlgorithm': 'CRC32', 'ACL': 'public-read'} self.assert_params(cmdline, result) def test_content_params(self): @@ -116,6 +117,7 @@ def test_content_params(self): cmdline += ' --cache-control max-age=3600,must-revalidate' cmdline += ' --content-disposition attachment;filename="fname.ext"' result = {'Bucket': 'mybucket', 'Key': 'mykey', + 'ChecksumAlgorithm': 'CRC32', 'ContentEncoding': 'x-gzip', 'ContentLanguage': 'piglatin', 'ContentDisposition': 'attachment;filename="fname.ext"', @@ -131,7 +133,8 @@ def test_grants(self): result = {'Bucket': u'mybucket', 'GrantFullControl': u'alice', 'GrantRead': u'bob', - 'Key': u'mykey'} + 'Key': u'mykey', + 'ChecksumAlgorithm': 'CRC32'} self.assert_params(cmdline, result) def test_grants_bad(self): @@ -148,7 +151,7 @@ def test_content_type(self): cmdline += ' s3://mybucket/mykey' cmdline += ' --content-type text/xml' result = {'Bucket': u'mybucket', 'ContentType': u'text/xml', - 'Key': u'mykey'} + 'Key': u'mykey', 'ChecksumAlgorithm': 'CRC32'} self.assert_params(cmdline, result) diff --git a/tests/unit/customizations/s3/test_filegenerator.py b/tests/unit/customizations/s3/test_filegenerator.py index c69c1f5dc12d..039e52cde662 100644 --- a/tests/unit/customizations/s3/test_filegenerator.py +++ b/tests/unit/customizations/s3/test_filegenerator.py @@ -20,7 +20,6 @@ import socket from botocore.exceptions import ClientError -from awscli.compat import six from awscli.customizations.s3.filegenerator import FileGenerator, \ FileDecodingError, FileStat, is_special_file, is_readable @@ -311,7 +310,7 @@ def tearDown(self): self.files.remove_all() def test_no_follow_symlink(self): - abs_root = six.text_type(os.path.abspath(self.root) + os.sep) + abs_root = str(os.path.abspath(self.root) + os.sep) input_local_dir = {'src': {'path': abs_root, 'type': 'local'}, 'dest': {'path': self.bucket, @@ -325,14 +324,14 @@ def test_no_follow_symlink(self): self.assertEqual(len(result_list), len(self.filenames)) # Just check to make sure the right local files are generated. for i in range(len(result_list)): - filename = six.text_type(os.path.abspath(self.filenames[i])) + filename = str(os.path.abspath(self.filenames[i])) self.assertEqual(result_list[i], filename) def test_warn_bad_symlink(self): """ This tests to make sure it fails when following bad symlinks. """ - abs_root = six.text_type(os.path.abspath(self.root) + os.sep) + abs_root = str(os.path.abspath(self.root) + os.sep) input_local_dir = {'src': {'path': abs_root, 'type': 'local'}, 'dest': {'path': self.bucket, @@ -349,14 +348,14 @@ def test_warn_bad_symlink(self): self.assertEqual(len(result_list), len(all_filenames)) # Just check to make sure the right local files are generated. for i in range(len(result_list)): - filename = six.text_type(os.path.abspath(all_filenames[i])) + filename = str(os.path.abspath(all_filenames[i])) self.assertEqual(result_list[i], filename) self.assertFalse(file_gen.result_queue.empty()) def test_follow_symlink(self): # First remove the bad symlink. os.remove(os.path.join(self.root, 'symlink_2')) - abs_root = six.text_type(os.path.abspath(self.root) + os.sep) + abs_root = str(os.path.abspath(self.root) + os.sep) input_local_dir = {'src': {'path': abs_root, 'type': 'local'}, 'dest': {'path': self.bucket, @@ -371,7 +370,7 @@ def test_follow_symlink(self): self.assertEqual(len(result_list), len(all_filenames)) # Just check to make sure the right local files are generated. for i in range(len(result_list)): - filename = six.text_type(os.path.abspath(all_filenames[i])) + filename = str(os.path.abspath(all_filenames[i])) self.assertEqual(result_list[i], filename) @@ -379,7 +378,7 @@ class TestListFilesLocally(unittest.TestCase): maxDiff = None def setUp(self): - self.directory = six.text_type(tempfile.mkdtemp()) + self.directory = str(tempfile.mkdtemp()) def tearDown(self): shutil.rmtree(self.directory) diff --git a/tests/unit/customizations/s3/test_subcommands.py b/tests/unit/customizations/s3/test_subcommands.py index 1179a4a939b6..09dd0a3db667 100644 --- a/tests/unit/customizations/s3/test_subcommands.py +++ b/tests/unit/customizations/s3/test_subcommands.py @@ -88,11 +88,27 @@ def setUp(self): self.session.create_client.return_value.get_paginator.return_value\ .paginate.return_value = [{'Contents': [], 'CommonPrefixes': []}] + def _get_fake_kwargs(self, override=None): + fake_kwargs = { + 'paths': 's3://', + 'dir_op': False, + 'human_readable': False, + 'summarize': False, + 'page_size': None, + 'request_payer': None, + 'bucket_name_prefix': None, + 'bucket_region': None, + } + fake_kwargs.update(override or {}) + + return fake_kwargs + def test_ls_command_for_bucket(self): ls_command = ListCommand(self.session) - parsed_args = FakeArgs(paths='s3://mybucket/', dir_op=False, - page_size='5', human_readable=False, - summarize=False, request_payer=None) + parsed_args = FakeArgs(**self._get_fake_kwargs({ + 'paths': 's3://mybucket/', + 'page_size': '5', + })) parsed_globals = mock.Mock() ls_command._run_main(parsed_args, parsed_globals) call = self.session.create_client.return_value.list_objects_v2 @@ -113,15 +129,21 @@ def test_ls_command_with_no_args(self): ls_command = ListCommand(self.session) parsed_global = FakeArgs(region=None, endpoint_url=None, verify_ssl=None) - parsed_args = FakeArgs(dir_op=False, paths='s3://', - human_readable=False, summarize=False, - request_payer=None) + parsed_args = FakeArgs(**self._get_fake_kwargs()) ls_command._run_main(parsed_args, parsed_global) - # We should only be a single call. call = self.session.create_client.return_value.list_buckets - self.assertTrue(call.called) - self.assertEqual(call.call_count, 1) - self.assertEqual(call.call_args[1], {}) + paginate = self.session.create_client.return_value.get_paginator\ + .return_value.paginate + + # We should make no operation calls. + self.assertEqual(call.call_count, 0) + # And only a single pagination call to ListBuckets. + self.session.create_client.return_value.get_paginator.\ + assert_called_with('list_buckets') + ref_call_args = {'PaginationConfig': {'PageSize': None}} + + paginate.assert_called_with(**ref_call_args) + # Verify get_client get_client = self.session.create_client args = get_client.call_args @@ -129,14 +151,61 @@ def test_ls_command_with_no_args(self): 's3', region_name=None, endpoint_url=None, verify=None, config=None)) + def test_ls_with_bucket_name_prefix(self): + ls_command = ListCommand(self.session) + parsed_args = FakeArgs(**self._get_fake_kwargs({ + 'bucket_name_prefix': 'myprefix', + })) + parsed_globals = FakeArgs( + region=None, + endpoint_url=None, + verify_ssl=None, + ) + ls_command._run_main(parsed_args, parsed_globals) + call = self.session.create_client.return_value.list_objects + paginate = self.session.create_client.return_value.get_paginator\ + .return_value.paginate + # We should make no operation calls. + self.assertEqual(call.call_count, 0) + self.session.create_client.return_value.get_paginator.\ + assert_called_with('list_buckets') + ref_call_args = { + 'PaginationConfig': {'PageSize': None}, + 'Prefix': 'myprefix', + } + + paginate.assert_called_with(**ref_call_args) + + def test_ls_with_bucket_region(self): + ls_command = ListCommand(self.session) + parsed_args = FakeArgs(**self._get_fake_kwargs({ + 'bucket_region': 'us-west-1', + })) + parsed_globals = FakeArgs( + region=None, + endpoint_url=None, + verify_ssl=None, + ) + ls_command._run_main(parsed_args, parsed_globals) + call = self.session.create_client.return_value.list_objects + paginate = self.session.create_client.return_value.get_paginator\ + .return_value.paginate + # We should make no operation calls. + self.assertEqual(call.call_count, 0) + self.session.create_client.return_value.get_paginator.\ + assert_called_with('list_buckets') + ref_call_args = { + 'PaginationConfig': {'PageSize': None}, + 'BucketRegion': 'us-west-1', + } + + paginate.assert_called_with(**ref_call_args) + def test_ls_with_verify_argument(self): - options = {'default': 's3://', 'nargs': '?'} ls_command = ListCommand(self.session) parsed_global = FakeArgs(region='us-west-2', endpoint_url=None, verify_ssl=False) - parsed_args = FakeArgs(paths='s3://', dir_op=False, - human_readable=False, summarize=False, - request_payer=None) + parsed_args = FakeArgs(**self._get_fake_kwargs({})) ls_command._run_main(parsed_args, parsed_global) # Verify get_client get_client = self.session.create_client @@ -147,9 +216,11 @@ def test_ls_with_verify_argument(self): def test_ls_with_requester_pays(self): ls_command = ListCommand(self.session) - parsed_args = FakeArgs(paths='s3://mybucket/', dir_op=False, - human_readable=False, summarize=False, - request_payer='requester', page_size='5') + parsed_args = FakeArgs(**self._get_fake_kwargs({ + 'paths': 's3://mybucket/', + 'page_size': '5', + 'request_payer': 'requester', + })) parsed_globals = mock.Mock() ls_command._run_main(parsed_args, parsed_globals) call = self.session.create_client.return_value.list_objects @@ -553,6 +624,11 @@ def setUp(self): self.file_creator = FileCreator() self.loc_files = make_loc_files(self.file_creator) self.bucket = 's3testbucket' + self.session = mock.Mock() + self.parsed_global = FakeArgs( + region='us-west-2', + endpoint_url=None, + verify_ssl=False) def tearDown(self): self.environ_patch.stop() @@ -577,7 +653,8 @@ def test_check_path_type_pass(self): 'locallocal': [local_file, local_file]} for cmd in cmds.keys(): - cmd_param = CommandParameters(cmd, {}, '') + cmd_param = CommandParameters(cmd, {}, '', + self.session, self.parsed_global) cmd_param.add_region(mock.Mock()) correct_paths = cmds[cmd] for path_args in correct_paths: @@ -605,7 +682,8 @@ def test_check_path_type_fail(self): 'locallocal': [local_file, local_file]} for cmd in cmds.keys(): - cmd_param = CommandParameters(cmd, {}, '') + cmd_param = CommandParameters(cmd, {}, '', + self.session, self.parsed_global) cmd_param.add_region(mock.Mock()) wrong_paths = cmds[cmd] for path_args in wrong_paths: @@ -634,6 +712,46 @@ def test_validate_no_streaming_paths(self): cmd_params.add_paths(paths) self.assertFalse(cmd_params.parameters['is_stream']) + def test_validate_checksum_algorithm_download_error(self): + paths = ['s3://bucket/key', self.file_creator.rootdir] + parameters = {'checksum_algorithm': 'CRC32'} + cmd_params = CommandParameters('cp', parameters, '') + with self.assertRaises(ValueError) as cm: + cmd_params.add_paths(paths) + self.assertIn('Expected checksum-algorithm parameter to be used with one of following path formats', cm.msg) + + def test_validate_checksum_algorithm_sync_download_error(self): + paths = ['s3://bucket/key', self.file_creator.rootdir] + parameters = {'checksum_algorithm': 'CRC32C'} + cmd_params = CommandParameters('sync', parameters, '') + with self.assertRaises(ValueError) as cm: + cmd_params.add_paths(paths) + self.assertIn('Expected checksum-algorithm parameter to be used with one of following path formats', cm.msg) + + def test_validate_checksum_mode_upload_error(self): + paths = [self.file_creator.rootdir, 's3://bucket/key'] + parameters = {'checksum_mode': 'ENABLED'} + cmd_params = CommandParameters('cp', parameters, '') + with self.assertRaises(ValueError) as cm: + cmd_params.add_paths(paths) + self.assertIn('Expected checksum-mode parameter to be used with one of following path formats', cm.msg) + + def test_validate_checksum_mode_sync_upload_error(self): + paths = [self.file_creator.rootdir, 's3://bucket/key'] + parameters = {'checksum_mode': 'ENABLED'} + cmd_params = CommandParameters('sync', parameters, '') + with self.assertRaises(ValueError) as cm: + cmd_params.add_paths(paths) + self.assertIn('Expected checksum-mode parameter to be used with one of following path formats', cm.msg) + + def test_validate_checksum_mode_move_error(self): + paths = ['s3://bucket/key', 's3://bucket2/key'] + parameters = {'checksum_mode': 'ENABLED'} + cmd_params = CommandParameters('mv', parameters, '') + with self.assertRaises(ValueError) as cm: + cmd_params.add_paths(paths) + self.assertIn('Expected checksum-mode parameter to be used with one of following path formats', cm.msg) + def test_validate_streaming_paths_error(self): parameters = {'src': '-', 'dest': 's3://bucket'} cmd_params = CommandParameters('sync', parameters, '') @@ -696,7 +814,9 @@ def test_validate_sse_c_args_wrong_path_type(self): def test_adds_is_move(self): params = {} - CommandParameters('mv', params, '') + CommandParameters('mv', params, '', + session=self.session, + parsed_globals=self.parsed_global) self.assertTrue(params.get('is_move')) # is_move should only be true for mv diff --git a/tests/unit/customizations/s3/test_transferconfig.py b/tests/unit/customizations/s3/test_transferconfig.py index cad4bdc8bb36..6470beb85964 100644 --- a/tests/unit/customizations/s3/test_transferconfig.py +++ b/tests/unit/customizations/s3/test_transferconfig.py @@ -10,10 +10,11 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. +import sys + from awscli.testutils import unittest from awscli.customizations.s3 import transferconfig -from awscli.compat import six class TestTransferConfig(unittest.TestCase): @@ -65,7 +66,7 @@ def test_long_value(self): # MAXSIZE is the max size of an int on python 2 and the maximum size # of Py_ssize_t on python 3, but notably not the maximum size of an # int since they are effectively unbounded. - long_value = six.MAXSIZE + 1 + long_value = sys.maxsize + 1 runtime_config = self.build_config_with( multipart_threshold=long_value) self.assertEqual(runtime_config['multipart_threshold'], long_value) diff --git a/tests/unit/customizations/s3/test_utils.py b/tests/unit/customizations/s3/test_utils.py index 3190028c9521..910145383e9b 100644 --- a/tests/unit/customizations/s3/test_utils.py +++ b/tests/unit/customizations/s3/test_utils.py @@ -39,13 +39,43 @@ ProvideUploadContentTypeSubscriber, ProvideCopyContentTypeSubscriber, ProvideLastModifiedTimeSubscriber, DirectoryCreatorSubscriber, DeleteSourceObjectSubscriber, DeleteSourceFileSubscriber, - DeleteCopySourceObjectSubscriber, NonSeekableStream, CreateDirectoryError) + DeleteCopySourceObjectSubscriber, NonSeekableStream, CreateDirectoryError, + S3PathResolver) from awscli.customizations.s3.results import WarningResult from tests.unit.customizations.s3 import FakeTransferFuture from tests.unit.customizations.s3 import FakeTransferFutureMeta from tests.unit.customizations.s3 import FakeTransferFutureCallArgs +@pytest.fixture +def s3control_client(): + client = mock.MagicMock() + client.get_access_point.return_value = { + "Bucket": "mybucket" + } + client.list_multi_region_access_points.return_value = { + "AccessPoints": [{ + "Alias": "myalias.mrap", + "Regions": [{"Bucket": "mybucket"}] + }] + } + return client + + +@pytest.fixture +def sts_client(): + client = mock.MagicMock() + client.get_caller_identity.return_value = { + "Account": "123456789012" + } + return client + + +@pytest.fixture +def s3_path_resolver(s3control_client, sts_client): + return S3PathResolver(s3control_client, sts_client) + + @pytest.mark.parametrize( 'bytes_int, expected', ( @@ -635,6 +665,56 @@ def test_upload_part_copy(self): 'SSECustomerKey': 'my-sse-c-key'}) +class TestRequestParamsMapperChecksumAlgorithm: + @pytest.fixture + def cli_params(self): + return {'checksum_algorithm': 'CRC32'} + + @pytest.fixture + def cli_params_no_algorithm(self): + return {} + + def test_put_object(self, cli_params): + request_params = {} + RequestParamsMapper.map_put_object_params(request_params, cli_params) + assert request_params == {'ChecksumAlgorithm': 'CRC32'} + + def test_put_object_no_checksum(self, cli_params_no_algorithm): + request_params = {} + RequestParamsMapper.map_put_object_params(request_params, cli_params_no_algorithm) + assert 'ChecksumAlgorithm' not in request_params + + def test_copy_object(self, cli_params): + request_params = {} + RequestParamsMapper.map_copy_object_params(request_params, cli_params) + assert request_params == {'ChecksumAlgorithm': 'CRC32'} + + def test_copy_object_no_checksum(self, cli_params_no_algorithm): + request_params = {} + RequestParamsMapper.map_put_object_params(request_params, cli_params_no_algorithm) + assert 'ChecksumAlgorithm' not in request_params + + +class TestRequestParamsMapperChecksumMode: + @pytest.fixture + def cli_params(self): + return {'checksum_mode': 'ENABLED'} + + @pytest.fixture + def cli_params_no_checksum(self): + return {} + + def test_get_object(self, cli_params): + request_params = {} + RequestParamsMapper.map_get_object_params(request_params, cli_params) + assert request_params == {'ChecksumMode': 'ENABLED'} + + def test_get_object_no_checksums(self, cli_params_no_checksum): + request_params = {} + RequestParamsMapper.map_get_object_params(request_params, cli_params_no_checksum) + assert 'ChecksumMode' not in request_params + + class TestRequestParamsMapperRequestPayer(unittest.TestCase): def setUp(self): self.cli_params = {'request_payer': 'requester'} @@ -976,3 +1056,141 @@ def test_can_make_stream_unseekable(self): def test_can_specify_amount_for_nonseekable_stream(self): nonseekable_fileobj = NonSeekableStream(StringIO('foobar')) self.assertEqual(nonseekable_fileobj.read(3), 'foo') + + +class TestS3PathResolver: + _BASE_ACCESSPOINT_ARN = ( + "s3://arn:aws:s3:us-west-2:123456789012:accesspoint/myaccesspoint") + _BASE_OUTPOST_ACCESSPOINT_ARN = ( + "s3://arn:aws:s3-outposts:us-east-1:123456789012:outpost" + "/op-foo/accesspoint/myaccesspoint") + _BASE_ACCESSPOINT_ALIAS = "s3://myaccesspoint-foobar12345-s3alias" + _BASE_OUTPOST_ACCESSPOINT_ALIAS = "s3://myaccesspoint-foobar12345--op-s3" + _BASE_MRAP_ARN = "s3://arn:aws:s3::123456789012:accesspoint/myalias.mrap" + + @pytest.mark.parametrize( + "path,resolved", + [(_BASE_ACCESSPOINT_ARN,"s3://mybucket/"), + (f"{_BASE_ACCESSPOINT_ARN}/","s3://mybucket/"), + (f"{_BASE_ACCESSPOINT_ARN}/mykey","s3://mybucket/mykey"), + (f"{_BASE_ACCESSPOINT_ARN}/myprefix/","s3://mybucket/myprefix/"), + (f"{_BASE_ACCESSPOINT_ARN}/myprefix/mykey", + "s3://mybucket/myprefix/mykey")] + ) + def test_resolves_accesspoint_arn( + self, path, resolved, s3_path_resolver, s3control_client + ): + resolved_paths = s3_path_resolver.resolve_underlying_s3_paths(path) + assert resolved_paths == [resolved] + s3control_client.get_access_point.assert_called_with( + AccountId="123456789012", + Name="myaccesspoint" + ) + + @pytest.mark.parametrize( + "path,resolved", + [(_BASE_OUTPOST_ACCESSPOINT_ARN,"s3://mybucket/"), + (f"{_BASE_OUTPOST_ACCESSPOINT_ARN}/","s3://mybucket/"), + (f"{_BASE_OUTPOST_ACCESSPOINT_ARN}/mykey","s3://mybucket/mykey"), + (f"{_BASE_OUTPOST_ACCESSPOINT_ARN}/myprefix/", + "s3://mybucket/myprefix/"), + (f"{_BASE_OUTPOST_ACCESSPOINT_ARN}/myprefix/mykey", + "s3://mybucket/myprefix/mykey")] + ) + def test_resolves_outpost_accesspoint_arn( + self, path, resolved, s3_path_resolver, s3control_client + ): + resolved_paths = s3_path_resolver.resolve_underlying_s3_paths(path) + assert resolved_paths == [resolved] + s3control_client.get_access_point.assert_called_with( + AccountId="123456789012", + Name=("arn:aws:s3-outposts:us-east-1:123456789012:outpost" + "/op-foo/accesspoint/myaccesspoint") + ) + + @pytest.mark.parametrize( + "path,resolved", + [(_BASE_ACCESSPOINT_ALIAS,"s3://mybucket/"), + (f"{_BASE_ACCESSPOINT_ALIAS}/","s3://mybucket/"), + (f"{_BASE_ACCESSPOINT_ALIAS}/mykey","s3://mybucket/mykey"), + (f"{_BASE_ACCESSPOINT_ALIAS}/myprefix/","s3://mybucket/myprefix/"), + (f"{_BASE_ACCESSPOINT_ALIAS}/myprefix/mykey", + "s3://mybucket/myprefix/mykey")] + ) + def test_resolves_accesspoint_alias( + self, path, resolved, s3_path_resolver, s3control_client, sts_client + ): + resolved_paths = s3_path_resolver.resolve_underlying_s3_paths(path) + assert resolved_paths == [resolved] + sts_client.get_caller_identity.assert_called_once() + s3control_client.get_access_point.assert_called_with( + AccountId="123456789012", + Name="myaccesspoint-foobar12345-s3alias" + ) + + @pytest.mark.parametrize( + "path", + [(_BASE_OUTPOST_ACCESSPOINT_ALIAS), + (f"{_BASE_OUTPOST_ACCESSPOINT_ALIAS}/"), + (f"{_BASE_OUTPOST_ACCESSPOINT_ALIAS}/mykey"), + (f"{_BASE_OUTPOST_ACCESSPOINT_ALIAS}/myprefix/"), + (f"{_BASE_OUTPOST_ACCESSPOINT_ALIAS}/myprefix/mykey")] + ) + def test_outpost_accesspoint_alias_raises_exception( + self, path, s3_path_resolver + ): + with pytest.raises(ValueError) as e: + s3_path_resolver.resolve_underlying_s3_paths(path) + assert "Can't resolve underlying bucket name" in str(e.value) + + @pytest.mark.parametrize( + "path,resolved", + [(_BASE_MRAP_ARN,"s3://mybucket/"), + (f"{_BASE_MRAP_ARN}/","s3://mybucket/"), + (f"{_BASE_MRAP_ARN}/mykey","s3://mybucket/mykey"), + (f"{_BASE_MRAP_ARN}/myprefix/","s3://mybucket/myprefix/"), + (f"{_BASE_MRAP_ARN}/myprefix/mykey","s3://mybucket/myprefix/mykey")] + ) + def test_resolves_mrap_arn( + self, path, resolved, s3_path_resolver, s3control_client + ): + resolved_paths = s3_path_resolver.resolve_underlying_s3_paths(path) + assert resolved_paths == [resolved] + s3control_client.list_multi_region_access_points.assert_called_with( + AccountId="123456789012" + ) + + @pytest.mark.parametrize( + "path,resolved,name", + [(f"{_BASE_ACCESSPOINT_ARN}-s3alias/mykey","s3://mybucket/mykey", + "myaccesspoint-s3alias"), + (f"{_BASE_OUTPOST_ACCESSPOINT_ARN}--op-s3/mykey", + "s3://mybucket/mykey", + f"{_BASE_OUTPOST_ACCESSPOINT_ARN[5:]}--op-s3")] + ) + def test_alias_suffixes_dont_match_accesspoint_arns( + self, path, resolved, name, s3_path_resolver, s3control_client + ): + resolved_paths = s3_path_resolver.resolve_underlying_s3_paths(path) + assert resolved_paths == [resolved] + s3control_client.get_access_point.assert_called_with( + AccountId="123456789012", + Name=name + ) + + @pytest.mark.parametrize( + "path,expected_has_underlying_s3_path", + [(_BASE_ACCESSPOINT_ARN,True), + (f"{_BASE_ACCESSPOINT_ARN}/mykey",True), + (f"{_BASE_ACCESSPOINT_ARN}/myprefix/mykey",True), + (_BASE_ACCESSPOINT_ALIAS,True), + (_BASE_OUTPOST_ACCESSPOINT_ARN,True), + (_BASE_OUTPOST_ACCESSPOINT_ALIAS,True), + (_BASE_MRAP_ARN,True), + ("s3://mybucket/",False), + ("s3://mybucket/mykey",False), + ("s3://mybucket/myprefix/mykey",False)] + ) + def test_has_underlying_s3_path(self, path, expected_has_underlying_s3_path): + has_underlying_s3_path = S3PathResolver.has_underlying_s3_path(path) + assert has_underlying_s3_path == expected_has_underlying_s3_path diff --git a/tests/unit/customizations/test_codecommit.py b/tests/unit/customizations/test_codecommit.py index 1c783f62a2cc..6d527186a786 100644 --- a/tests/unit/customizations/test_codecommit.py +++ b/tests/unit/customizations/test_codecommit.py @@ -14,12 +14,12 @@ import awscli from argparse import Namespace -from six import StringIO from botocore.session import Session from botocore.credentials import Credentials from awscli.customizations.codecommit import CodeCommitGetCommand from awscli.customizations.codecommit import CodeCommitCommand from awscli.testutils import mock, unittest, StringIOWithFileNo +from awscli.compat import StringIO from botocore.auth import SigV4Auth from botocore.awsrequest import AWSRequest diff --git a/tests/unit/customizations/test_generatecliskeleton.py b/tests/unit/customizations/test_generatecliskeleton.py index e2133fa94e98..dca8084117d8 100644 --- a/tests/unit/customizations/test_generatecliskeleton.py +++ b/tests/unit/customizations/test_generatecliskeleton.py @@ -10,13 +10,12 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -from awscli.compat import six - from botocore.model import DenormalizedStructureBuilder from awscli.testutils import mock, unittest from awscli.customizations.generatecliskeleton import \ GenerateCliSkeletonArgument +from awscli.compat import StringIO class TestGenerateCliSkeleton(unittest.TestCase): @@ -80,7 +79,7 @@ def test_override_required_args_when_output_present_but_not_value(self): def test_generate_json_skeleton(self): parsed_args = mock.Mock() parsed_args.generate_cli_skeleton = 'input' - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: rc = self.argument.generate_json_skeleton( service_operation=self.service_operation, call_parameters=None, parsed_args=parsed_args, parsed_globals=None @@ -93,7 +92,7 @@ def test_generate_json_skeleton(self): def test_no_generate_json_skeleton(self): parsed_args = mock.Mock() parsed_args.generate_cli_skeleton = None - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: rc = self.argument.generate_json_skeleton( service_operation=self.service_operation, call_parameters=None, parsed_args=parsed_args, parsed_globals=None @@ -110,7 +109,7 @@ def test_generate_json_skeleton_no_input_shape(self): # Set the input shape to ``None``. self.argument = GenerateCliSkeletonArgument( self.session, mock.Mock(input_shape=None)) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: rc = self.argument.generate_json_skeleton( service_operation=self.service_operation, call_parameters=None, parsed_args=parsed_args, parsed_globals=None @@ -137,7 +136,7 @@ def test_generate_json_skeleton_with_timestamp(self): operation_model = mock.Mock(input_shape=shape) argument = GenerateCliSkeletonArgument( self.session, operation_model) - with mock.patch('sys.stdout', six.StringIO()) as mock_stdout: + with mock.patch('sys.stdout', StringIO()) as mock_stdout: rc = argument.generate_json_skeleton( call_parameters=None, parsed_args=parsed_args, parsed_globals=None diff --git a/tests/unit/customizations/test_globalargs.py b/tests/unit/customizations/test_globalargs.py index d35ffcbb0070..96586b705118 100644 --- a/tests/unit/customizations/test_globalargs.py +++ b/tests/unit/customizations/test_globalargs.py @@ -15,7 +15,6 @@ import os from awscli.testutils import mock, unittest -from awscli.compat import six from awscli.customizations import globalargs @@ -57,7 +56,7 @@ def test_parse_query(self): parsed_args = FakeParsedArgs(query='foo.bar') globalargs.resolve_types(parsed_args) # Assert that it looks like a jmespath parsed expression. - self.assertFalse(isinstance(parsed_args.query, six.string_types)) + self.assertFalse(isinstance(parsed_args.query, str)) self.assertTrue(hasattr(parsed_args.query, 'search')) def test_parse_query_error_message(self): diff --git a/tests/unit/customizations/test_paginate.py b/tests/unit/customizations/test_paginate.py index e4e4e018975e..cb362a0fc631 100644 --- a/tests/unit/customizations/test_paginate.py +++ b/tests/unit/customizations/test_paginate.py @@ -10,6 +10,9 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. +import pytest + +from awscli.customizations.paginate import PageArgument from awscli.testutils import mock, unittest from botocore.exceptions import DataNotFoundError, PaginationError @@ -18,6 +21,9 @@ from awscli.customizations import paginate +@pytest.fixture +def max_items_page_arg(): + return PageArgument('max-items', 'documentation', int, 'MaxItems') class TestPaginateBase(unittest.TestCase): @@ -321,3 +327,20 @@ def test_can_handle_missing_page_size(self): del self.parsed_args.page_size self.assertIsNone(paginate.ensure_paging_params_not_set( self.parsed_args, {})) + + +class TestNonPositiveMaxItems: + def test_positive_integer_does_not_raise_warning(self, max_items_page_arg, capsys): + max_items_page_arg.add_to_params({}, 1) + captured = capsys.readouterr() + assert captured.err == "" + + def test_zero_raises_warning(self, max_items_page_arg, capsys): + max_items_page_arg.add_to_params({}, 0) + captured = capsys.readouterr() + assert "Non-positive values for --max-items" in captured.err + + def test_negative_integer_raises_warning(self, max_items_page_arg, capsys): + max_items_page_arg.add_to_params({}, -1) + captured = capsys.readouterr() + assert "Non-positive values for --max-items" in captured.err diff --git a/tests/unit/customizations/test_sessionmanager.py b/tests/unit/customizations/test_sessionmanager.py index 85623dee8417..b9e5e77d838f 100644 --- a/tests/unit/customizations/test_sessionmanager.py +++ b/tests/unit/customizations/test_sessionmanager.py @@ -10,9 +10,11 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. +import botocore.session import errno import json -import botocore.session +import pytest +import subprocess from awscli.customizations import sessionmanager from awscli.testutils import mock, unittest @@ -32,14 +34,21 @@ def setUp(self): self.session.profile = self.profile self.caller = sessionmanager.StartSessionCaller(self.session) + self.parsed_globals = mock.Mock() + self.parsed_globals.profile = 'user_profile' + def test_start_session_when_non_custom_start_session_fails(self): self.client.start_session.side_effect = Exception('some exception') params = {} with self.assertRaisesRegex(Exception, 'some exception'): self.caller.invoke('ssm', 'StartSession', params, mock.Mock()) + @mock.patch("awscli.customizations.sessionmanager.check_output") @mock.patch('awscli.customizations.sessionmanager.check_call') - def test_start_session_success_scenario(self, mock_check_call): + def test_start_session_success_scenario( + self, mock_check_call, mock_check_output + ): + mock_check_output.return_value = "1.2.0.0\n" mock_check_call.return_value = 0 start_session_params = { @@ -55,9 +64,15 @@ def test_start_session_success_scenario(self, mock_check_call): self.client.start_session.return_value = start_session_response rc = self.caller.invoke('ssm', 'StartSession', - start_session_params, mock.Mock()) + start_session_params, self.parsed_globals) self.assertEqual(rc, 0) self.client.start_session.assert_called_with(**start_session_params) + + mock_check_output_list = mock_check_output.call_args[0] + self.assertEqual( + mock_check_output_list[0], ["session-manager-plugin", "--version"] + ) + mock_check_call_list = mock_check_call.call_args[0][0] mock_check_call_list[1] = json.loads(mock_check_call_list[1]) self.assertEqual( @@ -66,13 +81,17 @@ def test_start_session_success_scenario(self, mock_check_call): start_session_response, self.region, 'StartSession', - self.profile, + self.parsed_globals.profile, json.dumps(start_session_params), self.endpoint_url] ) + @mock.patch("awscli.customizations.sessionmanager.check_output") @mock.patch('awscli.customizations.sessionmanager.check_call') - def test_start_session_when_check_call_fails(self, mock_check_call): + def test_start_session_when_check_call_fails( + self, mock_check_call, mock_check_output + ): + mock_check_output.return_value = "1.2.0.0\n" mock_check_call.side_effect = OSError(errno.ENOENT, 'some error') start_session_params = { @@ -93,7 +112,7 @@ def test_start_session_when_check_call_fails(self, mock_check_call): with self.assertRaises(ValueError): self.caller.invoke('ssm', 'StartSession', - start_session_params, mock.Mock()) + start_session_params, self.parsed_globals) self.client.start_session.assert_called_with( **start_session_params) @@ -108,14 +127,19 @@ def test_start_session_when_check_call_fails(self, mock_check_call): start_session_response, self.region, 'StartSession', - self.profile, + self.parsed_globals.profile, json.dumps(start_session_params), self.endpoint_url] ) @mock.patch('awscli.customizations.sessionmanager.check_call') - def test_start_session_when_no_profile_is_passed(self, mock_check_call): - self.session.profile = None + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_start_session_when_no_profile_is_passed( + self, mock_check_output, mock_check_call + ): + mock_check_output.return_value = "1.2.500.0\n" + self.session.profile = "session_profile" + self.parsed_globals.profile = None mock_check_call.return_value = 0 start_session_params = { @@ -127,12 +151,279 @@ def test_start_session_when_no_profile_is_passed(self, mock_check_call): "TokenValue": "token-value", "StreamUrl": "stream-url" } + ssm_env_name = "AWS_SSM_START_SESSION_RESPONSE" self.client.start_session.return_value = start_session_response rc = self.caller.invoke('ssm', 'StartSession', - start_session_params, mock.Mock()) + start_session_params, self.parsed_globals) + self.assertEqual(rc, 0) + self.client.start_session.assert_called_with(**start_session_params) + mock_check_call_list = mock_check_call.call_args[0][0] + self.assertEqual( + mock_check_call_list, + [ + "session-manager-plugin", + ssm_env_name, + self.region, + "StartSession", + "", + json.dumps(start_session_params), + self.endpoint_url, + ], + ) + + @mock.patch("awscli.customizations.sessionmanager.check_call") + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_start_session_with_env_variable_success_scenario( + self, mock_check_output, mock_check_call + ): + mock_check_output.return_value = "1.2.500.0\n" + mock_check_call.return_value = 0 + + start_session_params = { + "Target": "i-123456789" + } + + start_session_response = { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + ssm_env_name = "AWS_SSM_START_SESSION_RESPONSE" + + self.client.start_session.return_value = start_session_response + rc = self.caller.invoke( + "ssm", "StartSession", start_session_params, self.parsed_globals + ) self.assertEqual(rc, 0) self.client.start_session.assert_called_with(**start_session_params) + + mock_check_output_list = mock_check_output.call_args[0] + self.assertEqual( + mock_check_output_list[0], ["session-manager-plugin", "--version"] + ) + mock_check_call_list = mock_check_call.call_args[0][0] - self.assertEqual(mock_check_call_list[4], '') + self.assertEqual( + mock_check_call_list, + [ + "session-manager-plugin", + ssm_env_name, + self.region, + "StartSession", + self.parsed_globals.profile, + json.dumps(start_session_params), + self.endpoint_url, + ], + ) + env_variable = mock_check_call.call_args[1] + self.assertEqual( + env_variable["env"][ssm_env_name], + json.dumps(start_session_response) + ) + + @mock.patch("awscli.customizations.sessionmanager.check_call") + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_start_session_when_check_output_fails( + self, mock_check_output, mock_check_call + ): + mock_check_output.side_effect = subprocess.CalledProcessError( + returncode=1, cmd="session-manager-plugin", output="some error" + ) + + start_session_params = { + "Target": "i-123456789" + } + start_session_response = { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + + self.client.start_session.return_value = start_session_response + with self.assertRaises(subprocess.CalledProcessError): + self.caller.invoke( + "ssm", + "StartSession", + start_session_params, + self.parsed_globals + ) + + self.client.start_session.assert_called_with(**start_session_params) + self.client.terminate_session.assert_not_called() + mock_check_output.assert_called_with( + ["session-manager-plugin", "--version"], text=True + ) + mock_check_call.assert_not_called() + + @mock.patch("awscli.customizations.sessionmanager.check_call") + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_start_session_when_response_not_json( + self, mock_check_output, mock_check_call + ): + mock_check_output.return_value = "1.2.500.0\n" + start_session_params = { + "Target": "i-123456789" + } + start_session_response = { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + "para2": {"Not a json format"}, + } + expected_env_value = { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + + ssm_env_name = "AWS_SSM_START_SESSION_RESPONSE" + + self.client.start_session.return_value = start_session_response + rc = self.caller.invoke( + "ssm", "StartSession", start_session_params, self.parsed_globals + ) + self.assertEqual(rc, 0) + self.client.start_session.assert_called_with(**start_session_params) + + mock_check_output_list = mock_check_output.call_args[0] + self.assertEqual( + mock_check_output_list[0], ["session-manager-plugin", "--version"] + ) + + mock_check_call_list = mock_check_call.call_args[0][0] + self.assertEqual( + mock_check_call_list, + [ + "session-manager-plugin", + ssm_env_name, + self.region, + "StartSession", + self.parsed_globals.profile, + json.dumps(start_session_params), + self.endpoint_url, + ], + ) + env_variable = mock_check_call.call_args[1] + self.assertEqual( + env_variable["env"][ssm_env_name], json.dumps(expected_env_value) + ) + + @mock.patch("awscli.customizations.sessionmanager.check_call") + @mock.patch("awscli.customizations.sessionmanager.check_output") + def test_start_session_when_invalid_plugin_version( + self, mock_check_output, mock_check_call + ): + mock_check_output.return_value = "InvalidVersion" + + start_session_params = { + "Target": "i-123456789" + } + start_session_response = { + "SessionId": "session-id", + "TokenValue": "token-value", + "StreamUrl": "stream-url", + } + + self.client.start_session.return_value = start_session_response + self.caller.invoke( + "ssm", "StartSession", start_session_params, self.parsed_globals + ) + self.client.start_session.assert_called_with(**start_session_params) + self.client.terminate_session.assert_not_called() + mock_check_output.assert_called_with( + ["session-manager-plugin", "--version"], text=True + ) + + mock_check_call_list = mock_check_call.call_args[0][0] + self.assertEqual( + mock_check_call_list, + [ + "session-manager-plugin", + json.dumps(start_session_response), + self.region, + "StartSession", + self.parsed_globals.profile, + json.dumps(start_session_params), + self.endpoint_url, + ], + ) + + +class TestVersionRequirement: + version_requirement = \ + sessionmanager.VersionRequirement(min_version="1.2.497.0") + + @pytest.mark.parametrize( + "version, expected_result", + [ + ("2.0.0.0", True), + ("2.1", True), + ("2", True), + ("1.3.1.1", True), + ("\r\n1. 3.1.1", True), + ("1.3.1.0", True), + ("1.3", True), + ("1.2.498.1", True), + ("1.2.498", True), + ("1.2.497.1", True), + ("1.2.497.0", False), + ("1.2.497", False), + ("1.2.1.1", False), + ("1.2.1", False), + ("1.2", False), + ("1.1.1.0", False), + ("1.1.1", False), + ("1.0.497.0", False), + ("1.0. 497.0\r\n", False), + ("1", False), + ("0.3.497.0", False), + ], + ) + def test_meets_requirement(self, version, expected_result): + assert expected_result == \ + self.version_requirement.meets_requirement(version) + + @pytest.mark.parametrize( + "version, expected_result", + [ + ("\r\n1.3.1.1", "1.3.1.1"), + ("\r1.3 .1.1", "1.3.1.1"), + ("1 .3.1.1", "1.3.1.1"), + (" 1.3.1.1", "1.3.1.1"), + ("1.3.1.1 ", "1.3.1.1"), + (" 1.3.1.1 ", "1.3.1.1"), + ("\n1.3.1.1 ", "1.3.1.1"), + ("1.3.1.1\n", "1.3.1.1"), + ("1.3\r\n.1.1", "1.3.1.1"), + (" 1\r. 3", "1.3"), + (" 1. 3. ", "1.3."), + ("1.1.1\r\n", "1.1.1"), + ("1\r", "1"), + ], + ) + def test_sanitize_plugin_version(self, version, expected_result): + assert expected_result == \ + self.version_requirement._sanitize_plugin_version(version) + + @pytest.mark.parametrize( + "version, expected_result", + [ + ("999.99999.99.9", True), + ("2", True), + ("1.1.1.1", True), + ("1.1.1", True), + ("1.1", True), + ("1.1.1.1.1", False), + ("1.1.1.1.0", False), + ("1.1.1.a", False), + ("1.a.1.1", False), + ("1-1.1.1", False), + ("1.1.", False), + ("invalid_version", False), + ], + ) + def test_is_valid_version(self, version, expected_result): + assert expected_result == \ + self.version_requirement._is_valid_version(version) diff --git a/tests/unit/customizations/test_utils.py b/tests/unit/customizations/test_utils.py index d34eb78576a7..8b003361e090 100644 --- a/tests/unit/customizations/test_utils.py +++ b/tests/unit/customizations/test_utils.py @@ -43,7 +43,7 @@ def test_rename_command_table(self): class TestCommandTableAlias(BaseAWSHelpOutputTest): def test_alias_command_table(self): - old_name = 'alexaforbusiness' + old_name = 'cloudhsmv2' new_name = 'nopossiblewaythisisalreadythere' def handler(command_table, **kwargs): @@ -58,7 +58,7 @@ def handler(command_table, **kwargs): self.assert_not_contains(old_name) def test_make_hidden_alias(self): - old_name = 'alexaforbusiness' + old_name = 'cloudhsmv2' new_name = 'nopossiblewaythisisalreadythere' def handler(command_table, **kwargs): @@ -79,8 +79,8 @@ def _assert_command_exists(self, command_name, handler): self.assert_contains(command_name) # We can also see subcommands help as well. - self.driver.main([command_name, 'get-room', 'help']) - self.assert_contains('get-room') + self.driver.main([command_name, 'describe-clusters', 'help']) + self.assert_contains('describe-clusters') class TestHiddenAlias(unittest.TestCase): diff --git a/tests/unit/output/test_json_output.py b/tests/unit/output/test_json_output.py index a11758f64c0c..826380ec3453 100644 --- a/tests/unit/output/test_json_output.py +++ b/tests/unit/output/test_json_output.py @@ -13,12 +13,11 @@ # language governing permissions and limitations under the License. from botocore.compat import json import platform -from awscli.compat import six from awscli.formatter import JSONFormatter from awscli.testutils import BaseAWSCommandParamsTest, unittest from awscli.testutils import mock, skip_if_windows -from awscli.compat import get_stdout_text_writer +from awscli.compat import StringIO, get_stdout_text_writer class TestGetPasswordData(BaseAWSCommandParamsTest): @@ -105,7 +104,7 @@ def test_unknown_output_type_from_env_var(self): def test_json_prints_unicode_chars(self): self.parsed_response['Users'][1]['UserId'] = u'\u2713' output = self.run_cmd('iam list-users', expected_rc=0)[0] - with mock.patch('sys.stdout', six.StringIO()) as f: + with mock.patch('sys.stdout', StringIO()) as f: out = get_stdout_text_writer() out.write(u'\u2713') expected = f.getvalue() @@ -120,7 +119,7 @@ def test_fully_buffered_handles_io_error(self): args = mock.Mock(query=None) operation = mock.Mock(can_paginate=False) response = '{"Foo": "Bar"}' - fake_closed_stream = mock.Mock(spec=six.StringIO) + fake_closed_stream = mock.Mock(spec=StringIO) fake_closed_stream.flush.side_effect = IOError formatter = JSONFormatter(args) formatter('command_name', response, stream=fake_closed_stream) diff --git a/tests/unit/output/test_table_formatter.py b/tests/unit/output/test_table_formatter.py index 4f77bce4ef8c..37c1d193c45e 100644 --- a/tests/unit/output/test_table_formatter.py +++ b/tests/unit/output/test_table_formatter.py @@ -11,10 +11,10 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. import unittest -from awscli.compat import six from awscli.formatter import TableFormatter from awscli.table import MultiTable, Styler +from awscli.compat import StringIO SIMPLE_LIST = { "QueueUrls": [ @@ -378,7 +378,7 @@ def setUp(self): auto_reformat=False) self.formatter = TableFormatter(Object(color='off')) self.formatter.table = self.table - self.stream = six.StringIO() + self.stream = StringIO() def assert_data_renders_to(self, data, table): self.formatter('OperationName', data, stream=self.stream) diff --git a/tests/unit/output/test_text_output.py b/tests/unit/output/test_text_output.py index 9b6e490db442..a4a552504d68 100644 --- a/tests/unit/output/test_text_output.py +++ b/tests/unit/output/test_text_output.py @@ -13,15 +13,13 @@ # language governing permissions and limitations under the License. from awscli.testutils import BaseAWSCommandParamsTest from awscli.testutils import mock, unittest +from awscli.compat import StringIO import json import os import sys import re import locale -from awscli.compat import six -from six.moves import cStringIO - from awscli.formatter import Formatter @@ -153,22 +151,3 @@ def assert_in(self, key, fields, count=None): key, actual_count, count ) ) - - -class CustomFormatter(Formatter): - def __call__(self, operation, response, stream=None): - self.stream = self._get_default_stream() - - -class TestDefaultStream(BaseAWSCommandParamsTest): - @unittest.skipIf(six.PY3, "Text writer only vaild on py3.") - def test_default_stream_with_table_output(self): - formatter = CustomFormatter(None) - stream = cStringIO() - with mock.patch('sys.stdout', stream): - formatter(None, None) - formatter.stream.write(u'\u00e9') - # Ensure the unicode data is written as UTF-8 by default. - self.assertEqual( - formatter.stream.getvalue(), - u'\u00e9'.encode(locale.getpreferredencoding())) diff --git a/tests/unit/test_clidriver.py b/tests/unit/test_clidriver.py index 4adc6640f719..b720b0347986 100644 --- a/tests/unit/test_clidriver.py +++ b/tests/unit/test_clidriver.py @@ -17,8 +17,8 @@ import logging import io import sys +import importlib -from awscli.compat import six from botocore.awsrequest import AWSResponse from botocore.exceptions import NoCredentialsError from botocore.compat import OrderedDict @@ -35,6 +35,7 @@ from awscli.customizations.commands import BasicCommand from awscli import formatter from awscli.argparser import HELP_BLURB +from awscli.compat import StringIO from botocore.hooks import HierarchicalEmitter @@ -314,14 +315,8 @@ def test_ctrl_c_is_handled(self): self.assertEqual(rc, 130) def test_error_unicode(self): - # We need a different type for Py3 and Py2 because on Py3 six.StringIO - # doesn't let us set the encoding and returns a string. - if six.PY3: - stderr_b = io.BytesIO() - stderr = io.TextIOWrapper(stderr_b, encoding="UTF-8") - else: - stderr = stderr_b = six.StringIO() - stderr.encoding = "UTF-8" + stderr_b = io.BytesIO() + stderr = io.TextIOWrapper(stderr_b, encoding="UTF-8") driver = CLIDriver(session=self.session) fake_client = mock.Mock() fake_client.list_objects.side_effect = Exception(u"☃") @@ -341,8 +336,8 @@ def setUp(self): self.session = FakeSession() self.emitter = mock.Mock() self.emitter.emit.return_value = [] - self.stdout = six.StringIO() - self.stderr = six.StringIO() + self.stdout = StringIO() + self.stderr = StringIO() self.stdout_patch = mock.patch('sys.stdout', self.stdout) #self.stdout_patch.start() self.stderr_patch = mock.patch('sys.stderr', self.stderr) @@ -419,7 +414,7 @@ def test_unknown_command_suggests_help(self): class TestSearchPath(unittest.TestCase): def tearDown(self): - six.moves.reload_module(awscli) + importlib.reload(awscli) @mock.patch('os.pathsep', ';') @mock.patch('os.environ', {'AWS_DATA_PATH': 'c:\\foo;c:\\bar'}) @@ -427,7 +422,7 @@ def test_windows_style_search_path(self): driver = CLIDriver() # Because the os.environ patching happens at import time, # we have to force a reimport of the module to test our changes. - six.moves.reload_module(awscli) + importlib.reload(awscli) # Our two overrides should be the last two elements in the search path. search_paths = driver.session.get_component( 'data_loader').search_paths @@ -440,7 +435,7 @@ class TestAWSCommand(BaseAWSCommandParamsTest): # but with the http part mocked out. def setUp(self): super(TestAWSCommand, self).setUp() - self.stderr = six.StringIO() + self.stderr = StringIO() self.stderr_patch = mock.patch('sys.stderr', self.stderr) self.stderr_patch.start() @@ -807,7 +802,7 @@ class TestHTTPParamFileDoesNotExist(BaseAWSCommandParamsTest): def setUp(self): super(TestHTTPParamFileDoesNotExist, self).setUp() - self.stderr = six.StringIO() + self.stderr = StringIO() self.stderr_patch = mock.patch('sys.stderr', self.stderr) self.stderr_patch.start() diff --git a/tests/unit/test_compat.py b/tests/unit/test_compat.py index 1eca5bd8220a..ec557614d922 100644 --- a/tests/unit/test_compat.py +++ b/tests/unit/test_compat.py @@ -15,38 +15,37 @@ import pytest -from botocore.compat import six - from awscli.compat import ensure_text_type from awscli.compat import compat_shell_quote +from awscli.compat import compat_open from awscli.compat import get_popen_kwargs_for_pager_cmd from awscli.compat import ignore_user_entered_signals -from awscli.testutils import mock, unittest, skip_if_windows +from awscli.testutils import mock, unittest, skip_if_windows, FileCreator class TestEnsureText(unittest.TestCase): def test_string(self): value = 'foo' response = ensure_text_type(value) - self.assertIsInstance(response, six.text_type) + self.assertIsInstance(response, str) self.assertEqual(response, 'foo') def test_binary(self): value = b'bar' response = ensure_text_type(value) - self.assertIsInstance(response, six.text_type) + self.assertIsInstance(response, str) self.assertEqual(response, 'bar') def test_unicode(self): value = u'baz' response = ensure_text_type(value) - self.assertIsInstance(response, six.text_type) + self.assertIsInstance(response, str) self.assertEqual(response, 'baz') def test_non_ascii(self): value = b'\xe2\x9c\x93' response = ensure_text_type(value) - self.assertIsInstance(response, six.text_type) + self.assertIsInstance(response, str) self.assertEqual(response, u'\u2713') def test_non_string_or_bytes_raises_error(self): @@ -152,3 +151,28 @@ def test_ignore_signal_sigtstp(self): with ignore_user_entered_signals(): self.assertEqual(signal.getsignal(signal.SIGTSTP), signal.SIG_IGN) os.kill(os.getpid(), signal.SIGTSTP) + + +class TestCompatOpenWithAccessPermissions(unittest.TestCase): + def setUp(self): + self.files = FileCreator() + + def tearDown(self): + self.files.remove_all() + + @skip_if_windows('Permissions tests only supported on mac/linux') + def test_can_create_file_with_acess_permissions(self): + file_path = os.path.join(self.files.rootdir, "foo_600.txt") + with compat_open(file_path, access_permissions=0o600, mode='w') as f: + f.write('bar') + self.assertEqual(os.stat(file_path).st_mode & 0o777, 0o600) + + def test_not_override_existing_file_access_permissions(self): + file_path = os.path.join(self.files.rootdir, "foo.txt") + with open(file_path, mode='w') as f: + f.write('bar') + expected_st_mode = os.stat(file_path).st_mode + + with compat_open(file_path, access_permissions=0o600, mode='w') as f: + f.write('bar') + self.assertEqual(os.stat(file_path).st_mode, expected_st_mode) diff --git a/tests/unit/test_help.py b/tests/unit/test_help.py index 8727309cfccb..360b8692ebf4 100644 --- a/tests/unit/test_help.py +++ b/tests/unit/test_help.py @@ -17,11 +17,11 @@ import sys import os -from awscli.compat import six from awscli.help import PosixHelpRenderer, ExecutableNotFoundError from awscli.help import WindowsHelpRenderer, ProviderHelpCommand, HelpCommand from awscli.help import TopicListerCommand, TopicHelpCommand from awscli.argparser import HELP_BLURB +from awscli.compat import StringIO class HelpSpyMixin(object): @@ -106,7 +106,7 @@ def test_no_groff_or_mandoc_exists(self): @skip_if_windows('Requires POSIX system.') def test_renderer_falls_back_to_mandoc(self): - stdout = six.StringIO() + stdout = StringIO() renderer = FakePosixHelpRenderer(output_stream=stdout) renderer.exists_on_path['groff'] = False @@ -119,7 +119,7 @@ def test_renderer_falls_back_to_mandoc(self): def test_no_pager_exists(self): fake_pager = 'foobar' os.environ['MANPAGER'] = fake_pager - stdout = six.StringIO() + stdout = StringIO() renderer = FakePosixHelpRenderer(output_stream=stdout) renderer.exists_on_path[fake_pager] = False diff --git a/tests/unit/test_paramfile.py b/tests/unit/test_paramfile.py index df06b6e2d4ba..1b5d6688fd46 100644 --- a/tests/unit/test_paramfile.py +++ b/tests/unit/test_paramfile.py @@ -10,13 +10,16 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. -from awscli.compat import six from awscli.testutils import mock, unittest, FileCreator from awscli.testutils import skip_if_windows -from awscli.paramfile import get_paramfile, ResourceLoadingError -from awscli.paramfile import LOCAL_PREFIX_MAP, REMOTE_PREFIX_MAP -from awscli.paramfile import register_uri_param_handler +from awscli.paramfile import ( + get_paramfile, + ResourceLoadingError, + LOCAL_PREFIX_MAP, + REMOTE_PREFIX_MAP, + register_uri_param_handler, +) from botocore.session import Session from botocore.exceptions import ProfileNotFound @@ -37,7 +40,7 @@ def test_text_file(self): prefixed_filename = 'file://' + filename data = self.get_paramfile(prefixed_filename) self.assertEqual(data, contents) - self.assertIsInstance(data, six.string_types) + self.assertIsInstance(data, str) def test_binary_file(self): contents = 'This is a test' @@ -45,7 +48,7 @@ def test_binary_file(self): prefixed_filename = 'fileb://' + filename data = self.get_paramfile(prefixed_filename) self.assertEqual(data, b'This is a test') - self.assertIsInstance(data, six.binary_type) + self.assertIsInstance(data, bytes) @skip_if_windows('Binary content error only occurs ' 'on non-Windows platforms.') diff --git a/tests/unit/test_shorthand.py b/tests/unit/test_shorthand.py index 2cc422ff741b..8d748d423a0b 100644 --- a/tests/unit/test_shorthand.py +++ b/tests/unit/test_shorthand.py @@ -10,14 +10,17 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. +from unittest.mock import patch + import pytest +import signal +import awscli.paramfile from awscli import shorthand -from awscli.testutils import unittest +from awscli.testutils import skip_if_windows, unittest from botocore import model - PARSING_TEST_CASES = ( # Key val pairs with scalar value. ('foo=bar', {'foo': 'bar'}), @@ -127,6 +130,24 @@ 'Name=[{foo=[a,b]}, {bar=[c,d]}]', {'Name': [{'foo': ['a', 'b']}, {'bar': ['c', 'd']}]} ), + # key-value pairs using @= syntax + ('foo@=bar', {'foo': 'bar'}), + ('foo@=bar,baz@=qux', {'foo': 'bar', 'baz': 'qux'}), + ('foo@=,bar@=', {'foo': '', 'bar': ''}), + (u'foo@=\u2713,\u2713', {'foo': [u'\u2713', u'\u2713']}), + ('foo@=a,b,bar=c,d', {'foo': ['a', 'b'], 'bar': ['c', 'd']}), + ('foo=a,b@=with space', {'foo': 'a', 'b': 'with space'}), + ('foo=a,b@=with trailing space ', {'foo': 'a', 'b': 'with trailing space'}), + ('aws:service:region:124:foo/bar@=baz', {'aws:service:region:124:foo/bar': 'baz'}), + ('foo=[a,b],bar@=[c,d]', {'foo': ['a', 'b'], 'bar': ['c', 'd']}), + ('foo @= [ a , b , c ]', {'foo': ['a', 'b', 'c']}), + ('A=b,\nC@=d,\nE@=f\n', {'A': 'b', 'C': 'd', 'E': 'f'}), + ('Bar@=baz,Name={foo@=bar}', {'Bar': 'baz', 'Name': {'foo': 'bar'}}), + ('Name=[{foo@=bar}, {baz=qux}]', {'Name': [{'foo': 'bar'}, {'baz': 'qux'}]}), + ( + 'Name=[{foo@=[a,b]}, {bar=[c,d]}]', + {'Name': [{'foo': ['a', 'b']}, {'bar': ['c', 'd']}]} + ), ) @@ -135,6 +156,7 @@ 'foo', # Missing closing quotes 'foo="bar', + '"foo=bar', "foo='bar", "foo=[bar", "foo={bar", @@ -152,6 +174,27 @@ def test_error_parsing(expr): shorthand.ShorthandParser().parse(expr) +@pytest.mark.parametrize( + "expr", ( + # starting with " but unclosed, then repeated \ + f'foo="' + '\\' * 100, + # starting with ' but unclosed, then repeated \ + f'foo=\'' + '\\' * 100, + ) +) +@skip_if_windows("Windows does not support signal.SIGALRM.") +def test_error_with_backtracking(expr): + signal.signal(signal.SIGALRM, handle_timeout) + # Ensure we don't spend more than 5 seconds backtracking + signal.alarm(5) + with pytest.raises(shorthand.ShorthandParseError): + shorthand.ShorthandParser().parse(expr) + signal.alarm(0) + + +def handle_timeout(signum, frame): + raise TimeoutError('Shorthand parsing timed out') + @pytest.mark.parametrize( 'data, expected', PARSING_TEST_CASES @@ -160,6 +203,38 @@ def test_parse(data, expected): actual = shorthand.ShorthandParser().parse(data) assert actual == expected +class TestShorthandParserParamFile: + @patch('awscli.paramfile.compat_open') + @pytest.mark.parametrize( + 'file_contents, data, expected', + ( + ('file-contents123', 'Foo@=file://foo,Bar={Baz@=file://foo}', {'Foo': 'file-contents123', 'Bar': {'Baz': 'file-contents123'}}), + (b'file-contents123', 'Foo@=fileb://foo,Bar={Baz@=fileb://foo}', {'Foo': b'file-contents123', 'Bar': {'Baz': b'file-contents123'}}), + ('file-contents123', 'Bar@={Baz=file://foo}', {'Bar': {'Baz': 'file://foo'}}), + ('file-contents123', 'Foo@=foo,Bar={Baz@=foo}', {'Foo': 'foo', 'Bar': {'Baz': 'foo'}}) + ) + ) + def test_paramfile(self, mock_compat_open, file_contents, data, expected): + mock_compat_open.return_value.__enter__.return_value.read.return_value = file_contents + result = shorthand.ShorthandParser().parse(data) + assert result == expected + + @patch('awscli.paramfile.compat_open') + def test_paramfile_list(self, mock_compat_open): + f1_contents = 'file-contents123' + f2_contents = 'contents2' + mock_compat_open.return_value.__enter__.return_value.read.side_effect = [f1_contents, f2_contents] + result = shorthand.ShorthandParser().parse( + f'Foo@=[a, file://foo1, file://foo2]' + ) + assert result == {'Foo': ['a', f1_contents, f2_contents]} + + def test_paramfile_does_not_exist_error(self, capsys): + with pytest.raises(awscli.paramfile.ResourceLoadingError): + shorthand.ShorthandParser().parse('Foo@=file://fakefile.txt') + captured = capsys.readouterr() + assert "No such file or directory: 'fakefile.txt" in captured.err + class TestModelVisitor(unittest.TestCase): def test_promote_to_list_of_ints(self): diff --git a/tests/unit/test_text.py b/tests/unit/test_text.py index 3ee6eb8011da..c08e2e23033d 100644 --- a/tests/unit/test_text.py +++ b/tests/unit/test_text.py @@ -21,8 +21,8 @@ # import sys -from awscli.compat import six from awscli.testutils import mock, unittest +from awscli.compat import StringIO from awscli import text @@ -30,7 +30,7 @@ class TestSection(unittest.TestCase): def format_text(self, data, stream=None): if stream is None: - stream = six.StringIO() + stream = StringIO() text.format_text(data, stream=stream) return stream.getvalue() diff --git a/tox.ini b/tox.ini index 6413d4c357bc..9014a42fe64d 100644 --- a/tox.ini +++ b/tox.ini @@ -1,5 +1,5 @@ [tox] -envlist = py37,py38,py39,py310,py311 +envlist = py38,py39,py310,py311,py312 skipsdist = True