Merge pull request #8484 from elysahall/awsdocs-01-16-24

CLI examples for cognito-idp, ec2, sts, trustedadvisor
aws · Jan 26, 2024 · 8d9fd0d · 8d9fd0d
2 parents b00c1fe + 86227ef
commit 8d9fd0d
Show file tree

Hide file tree

Showing 23 changed files with 933 additions and 10 deletions.
diff --git a/awscli/examples/cognito-idp/set-user-mfa-preference.rst b/awscli/examples/cognito-idp/set-user-mfa-preference.rst
@@ -1,8 +1,12 @@
-**To set user MFA settings**
-
-This example modifies the MFA delivery options. It changes the MFA delivery medium to SMS.
-
-Command::
-
-  aws cognito-idp set-user-mfa-preference --access-token ACCESS_TOKEN --mfa-options DeliveryMedium="SMS",AttributeName="phone_number"
-
+**To set user MFA settings**
+
+The following ``set-user-mfa-preference`` example modifies the MFA delivery options. It changes the MFA delivery medium to SMS. ::
+
+    aws cognito-idp set-user-mfa-preference \
+        --access-token "eyJra12345EXAMPLE" \
+        --software-token-mfa-settings Enabled=true,PreferredMfa=true \
+        --sms-mfa-settings Enabled=false,PreferredMfa=false
+
+This command produces no output.
+
+For more information, see `Adding MFA to a user pool <https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html>`__ in the *Amazon Cognito Developer Guide*.
diff --git a/awscli/examples/ec2/create-coip-cidr.rst b/awscli/examples/ec2/create-coip-cidr.rst
@@ -0,0 +1,19 @@
+**To create a range of customer-owned IP (CoIP) addresses**
+
+The following ``create-coip-cidr`` example creates the specified range of CoIP addresses in the  specified CoIP pool. ::
+
+    aws ec2 create-coip-cidr \
+        --cidr 15.0.0.0/24 \
+        --coip-pool-id ipv4pool-coip-1234567890abcdefg
+
+Output::
+
+    {
+        "CoipCidr": {
+            "Cidr": "15.0.0.0/24",
+            "CoipPoolId": "ipv4pool-coip-1234567890abcdefg",
+            "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890"
+        }
+    }
+
+For more information, see `Customer-owned IP addresses <https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing>`__ in the *AWS Outposts User Guide*.
diff --git a/awscli/examples/ec2/create-coip-pool.rst b/awscli/examples/ec2/create-coip-pool.rst
@@ -0,0 +1,18 @@
+**To create a pool of customer-owned IP (CoIP) addresses**
+
+The following ``create-coip-pool`` example creates a CoIP pool for CoIP addresses in the specified local gateway route table. ::
+
+    aws ec2 create-coip-pool \
+        --local-gateway-route-table-id lgw-rtb-abcdefg1234567890
+
+Output::
+
+    {
+        "CoipPool": {
+            "PoolId": "ipv4pool-coip-1234567890abcdefg",
+            "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890",
+            "PoolArn": "arn:aws:ec2:us-west-2:123456789012:coip-pool/ipv4pool-coip-1234567890abcdefg"
+        }
+    }
+
+For more information, see `Customer-owned IP addresses <https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing>`__ in the *AWS Outposts User Guide*.
diff --git a/...es/ec2/create-local-gateway-route-table-virtual-interface-group-association.rst b/...es/ec2/create-local-gateway-route-table-virtual-interface-group-association.rst
@@ -0,0 +1,24 @@
+**To associate a local gateway route table with a virtual interfaces (VIFs) group**
+
+The following ``create-local-gateway-route-table-virtual-interface-group-association`` example creates an association between the specified local gateway route table and VIF group. ::
+
+    aws ec2 create-local-gateway-route-table-virtual-interface-group-association \
+        --local-gateway-route-table-id lgw-rtb-exampleidabcd1234 \
+        --local-gateway-virtual-interface-group-id lgw-vif-grp-exampleid0123abcd
+
+Output::
+
+    {
+        "LocalGatewayRouteTableVirtualInterfaceGroupAssociation": {
+            "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId": "lgw-vif-grp-assoc-exampleid12345678",
+            "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-exampleid0123abcd",
+            "LocalGatewayId": "lgw-exampleid11223344",
+            "LocalGatewayRouteTableId": "lgw-rtb-exampleidabcd1234",
+            "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-exampleidabcd1234",
+            "OwnerId": "111122223333",
+            "State": "pending",
+            "Tags": []
+        }
+    }
+
+For more information, see `VIF group associations <https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#vif-group-associations>`__ in the *AWS Outposts User Guide*.
diff --git a/awscli/examples/ec2/create-local-gateway-route-table.rst b/awscli/examples/ec2/create-local-gateway-route-table.rst
@@ -0,0 +1,24 @@
+**To create a local gateway route table**
+
+The following ``create-local-gateway-route-table`` example creates a local gateway route table with the direct VPC routing mode. ::
+
+    aws ec2 create-local-gateway-route-table \
+        --local-gateway-id lgw-1a2b3c4d5e6f7g8h9 \
+        --mode direct-vpc-routing
+
+Output::
+
+    {
+        "LocalGatewayRouteTable": {
+            "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890",
+            "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-abcdefg1234567890",
+            "LocalGatewayId": "lgw-1a2b3c4d5e6f7g8h9",
+            "OutpostArn": "arn:aws:outposts:us-west-2:111122223333:outpost/op-021345abcdef67890",
+            "OwnerId": "111122223333",
+            "State": "pending",
+            "Tags": [],
+            "Mode": "direct-vpc-routing"
+        }
+    }
+
+For more information, see `Local gateway route tables <https://docs.aws.amazon.com/outposts/latest/userguide/routing.html>`__ in the *AWS Outposts User Guide*.
diff --git a/awscli/examples/ec2/delete-coip-cidr.rst b/awscli/examples/ec2/delete-coip-cidr.rst
@@ -0,0 +1,19 @@
+**To delete a range of customer-owned IP (CoIP) addresses**
+
+The following ``delete-coip-cidr`` example deletes the specified range of CoIP addresses in the  specified CoIP pool. ::
+
+    aws ec2 delete-coip-cidr \
+        --cidr 14.0.0.0/24 \
+        --coip-pool-id ipv4pool-coip-1234567890abcdefg
+
+Output::
+
+    {
+        "CoipCidr": {
+            "Cidr": "14.0.0.0/24",
+            "CoipPoolId": "ipv4pool-coip-1234567890abcdefg",
+            "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890"
+        }
+    }
+
+For more information, see `Customer-owned IP addresses <https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing>`__ in the *AWS Outposts User Guide*.
diff --git a/awscli/examples/ec2/delete-coip-pool.rst b/awscli/examples/ec2/delete-coip-pool.rst
@@ -0,0 +1,18 @@
+**To delete a pool of customer-owned IP (CoIP) addresses**
+
+The following ``delete-coip-pool`` example deletes a CoIP pool of CoIP addresses. ::
+
+    aws ec2 delete-coip-pool \
+        --coip-pool-id ipv4pool-coip-1234567890abcdefg
+
+Output::
+
+    {
+        "CoipPool": {
+            "PoolId": "ipv4pool-coip-1234567890abcdefg",
+            "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890",
+            "PoolArn": "arn:aws:ec2:us-west-2:123456789012:coip-pool/ipv4pool-coip-1234567890abcdefg"
+        }
+    }
+
+For more information, see `Customer-owned IP addresses <https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#ip-addressing>`__ in the *AWS Outposts User Guide*.
diff --git a/...es/ec2/delete-local-gateway-route-table-virtual-interface-group-association.rst b/...es/ec2/delete-local-gateway-route-table-virtual-interface-group-association.rst
@@ -0,0 +1,23 @@
+**To disassociate a local gateway route table from a virtual interfaces (VIFs) group**
+
+The following ``delete-local-gateway-route-table-virtual-interface-group-association`` example deletes the association between the specified local gateway route table and VIF group. ::
+
+    aws ec2 delete-local-gateway-route-table-virtual-interface-group-association \
+        --local-gateway-route-table-virtual-interface-group-association-id lgw-vif-grp-assoc-exampleid12345678
+
+Output::
+
+    {
+        "LocalGatewayRouteTableVirtualInterfaceGroupAssociation": {
+            "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId": "lgw-vif-grp-assoc-exampleid12345678",
+            "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-exampleid0123abcd",
+            "LocalGatewayId": "lgw-exampleid11223344",
+            "LocalGatewayRouteTableId": "lgw-rtb-exampleidabcd1234",
+            "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-exampleidabcd1234",
+            "OwnerId": "111122223333",
+            "State": "disassociating",
+            "Tags": []
+        }
+    }
+
+For more information, see `VIF group associations <https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#vif-group-associations>`__ in the *AWS Outposts User Guide*.
diff --git a/awscli/examples/ec2/delete-local-gateway-route-table-vpc-association.rst b/awscli/examples/ec2/delete-local-gateway-route-table-vpc-association.rst
@@ -0,0 +1,22 @@
+**To disassociate a local gateway route table from a VPC**
+
+The following ``delete-local-gateway-route-table-vpc-association`` example deletes the association between the specified local gateway route table and VPC. ::
+
+    aws ec2 delete-local-gateway-route-table-vpc-association \
+        --local-gateway-route-table-vpc-association-id vpc-example0123456789
+
+Output::
+
+    {
+        "LocalGatewayRouteTableVpcAssociation": {
+            "LocalGatewayRouteTableVpcAssociationId": "lgw-vpc-assoc-abcd1234wxyz56789",
+            "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890",
+            "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:555555555555:local-gateway-route-table/lgw-rtb-abcdefg1234567890",
+            "LocalGatewayId": "lgw-exampleid01234567",
+            "VpcId": "vpc-example0123456789",
+            "OwnerId": "555555555555",
+            "State": "disassociating"
+        }
+    }
+
+For more information, see `VPC associations <https://docs.aws.amazon.com/outposts/latest/userguide/routing.html#vpc-associations>`__ in the *AWS Outposts User Guide*.
diff --git a/awscli/examples/ec2/delete-local-gateway-route-table.rst b/awscli/examples/ec2/delete-local-gateway-route-table.rst
@@ -0,0 +1,23 @@
+**To delete a local gateway route table**
+
+The following ``delete-local-gateway-route-table`` example creates a local gateway route table with the direct VPC routing mode. ::
+
+    aws ec2 delete-local-gateway-route-table \
+        --local-gateway-route-table-id lgw-rtb-abcdefg1234567890
+
+Output::
+
+    {
+        "LocalGatewayRouteTable": {
+            "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890",
+            "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-abcdefg1234567890",
+            "LocalGatewayId": "lgw-1a2b3c4d5e6f7g8h9",
+            "OutpostArn": "arn:aws:outposts:us-west-2:111122223333:outpost/op-021345abcdef67890",
+            "OwnerId": "111122223333",
+            "State": "deleting",
+            "Tags": [],
+            "Mode": "direct-vpc-routing"
+        }
+    }
+
+For more information, see `Local gateway route tables <https://docs.aws.amazon.com/outposts/latest/userguide/routing.html>`__ in the *AWS Outposts User Guide*.
diff --git a/awscli/examples/ec2/describe-instance-types.rst b/awscli/examples/ec2/describe-instance-types.rst
@@ -3,7 +3,7 @@
 The following ``describe-instance-types`` example displays details for the specified instance type. ::
 
     aws ec2 describe-instance-types \
-        --instance-types t2.micro 
+        --instance-types t2.micro
 
 Output::
 
@@ -70,11 +70,15 @@ Output::
         ]
     }
 
+For more information, see `Instance Types <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html>`__ in *Amazon Elastic Compute Cloud
+User Guide for Linux Instances*.
+
 **Example 2: To filter the available instance types**
 
 You can specify a filter to scope the results to instance types that have a specific characteristic. The following ``describe-instance-types`` example lists the instance types that support hibernation. ::
 
-    aws ec2 describe-instance-types --filters Name=hibernation-supported,Values=true --query InstanceTypes[].InstanceType
+    aws ec2 describe-instance-types \
+        --filters Name=hibernation-supported,Values=true --query 'InstanceTypes[*].InstanceType'
 
 Output::
 
@@ -95,3 +99,6 @@ Output::
         "r5.4xlarge",
         "c5.4xlarge"
     ]
+
+For more information, see `Instance Types <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html>`__ in *Amazon Elastic Compute Cloud
+User Guide for Linux Instances*.
diff --git a/awscli/examples/sts/decode-authorization-message.rst b/awscli/examples/sts/decode-authorization-message.rst
@@ -0,0 +1,14 @@
+**To decode an encoded authorization message returned in response to a request**
+
+The following ``decode-authorization-message`` example decodes additional information about the authorization status of a request from an encoded message returned in response to an Amazon Web Services request. ::
+
+    aws sts decode-authorization-message \
+        --encoded-message EXAMPLEWodyRNrtlQARDip-eTA6i6DrlUhHhPQrLWB_lAbl5pAKxl9mPDLexYcGBreyIKQC1BGBIpBKr3dFDkwqeO7e2NMk5j_hmzAiChJN-8oy3EwiCjkUW5fdRNjcRvscGlUo_MhqHqHpR-Ojau7BMjOTWwOtHPhV_Zaz87yENdipr745EjQwRd5LaoL3vN8_5ZfA9UiBMKDgVh1gjqZJFUiQoubv78V1RbHNYnK44ElGKmUWYa020I1y6TNS9LXoNmc62GzkfGvoPGhD13br5tXEOo1rAm3vsPewRDFNkYL-4_1MWWezhRNEpqvXBDXLI9xEux7YYkRtjd45NJLFzZynBUubV8NHOevVuighd1Mvz3OiA-1_oPSe4TBtjfN9s7kjU1z70WpVbUgrLVp1xXTK1rf9Ea7t8shPd-3VzKhjS5tLrweFxNOKwV2GtT76B_fRp8HTYz-pOu3FZjwYStfvTb3GHs3-6rLribGO9jZOktkfE6vqxlFzLyeDr4P2ihC1wty9tArCvvGzIAUNmARQJ2VVWPxioqgoqCzMaDMZEO7wkku7QeakEVZdf00qlNLMmcaVZb1UPNqD-JWP5pwe_mAyqh0NLw-r1S56YC_90onj9A80sNrHlI-tIiNd7tgNTYzDuPQYD2FMDBnp82V9eVmYGtPp5NIeSpuf3fOHanFuBZgENxZQZ2dlH3xJGMTtYayzZrRXjiq_SfX9zeBbpCvrD-0AJK477RM84vmtCrsUpJgx-FaoPIb8LmmKVBLpIB0iFhU9sEHPqKHVPi6jdxXqKaZaFGvYVmVOiuQdNQKuyk0p067POFrZECLjjOtNPBOZCcuEKEXAMPLE
+
+Output::
+
+    {
+        "DecodedMessage": "{\"allowed\":false,\"explicitDeny\":true,\"matchedStatements\":{\"items\":[{\"statementId\":\"VisualEditor0\",\"effect\":\"DENY\",\"principals\":{\"items\":[{\"value\":\"AROA123456789EXAMPLE\"}]},\"principalGroups\":{\"items\":[]},\"actions\":{\"items\":[{\"value\":\"ec2:RunInstances\"}]},\"resources\":{\"items\":[{\"value\":\"*\"}]},\"conditions\":{\"items\":[]}}]},\"failures\":{\"items\":[]},\"context\":{\"principal\":{\"id\":\"AROA123456789EXAMPLE:Ana\",\"arn\":\"arn:aws:sts::111122223333:assumed-role/Developer/Ana\"},\"action\":\"RunInstances\",\"resource\":\"arn:aws:ec2:us-east-1:111122223333:instance/*\",\"conditions\":{\"items\":[{\"key\":\"ec2:MetadataHttpPutResponseHopLimit\",\"values\":{\"items\":[{\"value\":\"2\"}]}},{\"key\":\"ec2:InstanceMarketType\",\"values\":{\"items\":[{\"value\":\"on-demand\"}]}},{\"key\":\"aws:Resource\",\"values\":{\"items\":[{\"value\":\"instance/*\"}]}},{\"key\":\"aws:Account\",\"values\":{\"items\":[{\"value\":\"111122223333\"}]}},{\"key\":\"ec2:AvailabilityZone\",\"values\":{\"items\":[{\"value\":\"us-east-1f\"}]}},{\"key\":\"ec2:ebsOptimized\",\"values\":{\"items\":[{\"value\":\"false\"}]}},{\"key\":\"ec2:IsLaunchTemplateResource\",\"values\":{\"items\":[{\"value\":\"false\"}]}},{\"key\":\"ec2:InstanceType\",\"values\":{\"items\":[{\"value\":\"t2.micro\"}]}},{\"key\":\"ec2:RootDeviceType\",\"values\":{\"items\":[{\"value\":\"ebs\"}]}},{\"key\":\"aws:Region\",\"values\":{\"items\":[{\"value\":\"us-east-1\"}]}},{\"key\":\"ec2:MetadataHttpEndpoint\",\"values\":{\"items\":[{\"value\":\"enabled\"}]}},{\"key\":\"aws:Service\",\"values\":{\"items\":[{\"value\":\"ec2\"}]}},{\"key\":\"ec2:InstanceID\",\"values\":{\"items\":[{\"value\":\"*\"}]}},{\"key\":\"ec2:MetadataHttpTokens\",\"values\":{\"items\":[{\"value\":\"required\"}]}},{\"key\":\"aws:Type\",\"values\":{\"items\":[{\"value\":\"instance\"}]}},{\"key\":\"ec2:Tenancy\",\"values\":{\"items\":[{\"value\":\"default\"}]}},{\"key\":\"ec2:Region\",\"values\":{\"items\":[{\"value\":\"us-east-1\"}]}},{\"key\":\"aws:ARN\",\"values\":{\"items\":[{\"value\":\"arn:aws:ec2:us-east-1:111122223333:instance/*\"}]}}]}}}"
+    }
+
+For more information, see `Policy evaluation logic <https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html>`__ in the *AWS IAM User Guide*.
diff --git a/awscli/examples/sts/get-federation-token.rst b/awscli/examples/sts/get-federation-token.rst
@@ -0,0 +1,59 @@
+**To return a set of temporary security credentials using IAM user access key credentials**
+
+The following ``get-federation-token`` example returns a set of temporary security credentials (consisting of an access key ID, a secret access key, and a security token) for a user. You must call the ``GetFederationToken`` operation using the long-term security credentials of an IAM user. ::
+
+    aws sts get-federation-token \
+        --name Bob \
+        --policy file://myfile.json \
+        --policy-arns arn=arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess \
+        --duration-seconds 900
+
+Contents of ``myfile.json``::
+
+    {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Effect": "Allow",
+                "Action": "ec2:Describe*",
+                "Resource": "*"
+            },
+            {
+                "Effect": "Allow",
+                "Action": "elasticloadbalancing:Describe*",
+                "Resource": "*"
+            },
+            {
+                "Effect": "Allow",
+                "Action": [
+                    "cloudwatch:ListMetrics",
+                    "cloudwatch:GetMetricStatistics",
+                    "cloudwatch:Describe*"
+                ],
+                "Resource": "*"
+            },
+            {
+                "Effect": "Allow",
+                "Action": "autoscaling:Describe*",
+                "Resource": "*"
+            }
+        ]
+    }
+
+Output::
+
+    {
+        "Credentials": {
+            "AccessKeyId": "ASIAIOSFODNN7EXAMPLE",
+            "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
+            "SessionToken": "EXAMPLEpZ2luX2VjEGoaCXVzLXdlc3QtMiJIMEYCIQC/W9pL5ArQyDD5JwFL3/h5+WGopQ24GEXweNctwhi9sgIhAMkg+MZE35iWM8s4r5Lr25f9rSTVPFH98G42QQunWMTfKq0DCOP//////////wEQAxoMNDUyOTI1MTcwNTA3Igxuy3AOpuuoLsk3MJwqgQPg8QOd9HuoClUxq26wnc/nm+eZLjHDyGf2KUAHK2DuaS/nrGSEXAMPLE",
+            "Expiration": "2023-12-20T02:06:07+00:00"
+        },
+        "FederatedUser": {
+            "FederatedUserId": "111122223333:Bob",
+            "Arn": "arn:aws:sts::111122223333:federated-user/Bob"
+        },
+        "PackedPolicySize": 36
+    }
+
+For more information, see `Requesting Temporary Security Credentials <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken>`__ in the *AWS IAM User Guide*.
diff --git a/awscli/examples/trustedadvisor/get-organization-recommendation.rst b/awscli/examples/trustedadvisor/get-organization-recommendation.rst
@@ -0,0 +1,35 @@
+**To get an organization recommendation**
+
+The following ``get-organization-recommendation`` example gets an organization recommendation by its identifier. ::
+
+    aws trustedadvisor get-organization-recommendation \
+        --organization-recommendation-identifier arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5
+
+Output::
+
+    {
+        "organizationRecommendation": {
+            "arn": "arn:aws:trustedadvisor:::organization-recommendation/9534ec9b-bf3a-44e8-8213-2ed68b39d9d5",
+            "name": "Lambda Runtime Deprecation Warning",
+            "description": "One or more lambdas are using a deprecated runtime",
+            "awsServices": [
+                "lambda"
+            ],
+            "checkArn": "arn:aws:trustedadvisor:::check/L4dfs2Q4C5",
+            "id": "9534ec9b-bf3a-44e8-8213-2ed68b39d9d5",
+            "lifecycleStage": "resolved",
+            "pillars": [
+                "security"
+            ],
+            "resourcesAggregates": {
+                "errorCount": 0,
+                "okCount": 0,
+                "warningCount": 0
+            },
+            "source": "ta_check",
+            "status": "warning",
+            "type": "priority"
+        }
+    }
+
+For more information, see `Get started with the Trusted Advisor API <https://docs.aws.amazon.com/awssupport/latest/user/get-started-with-aws-trusted-advisor-api.html>`__ in the *AWS Trusted Advisor User Guide*.