-
Notifications
You must be signed in to change notification settings - Fork 4.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #8827 from elysahall/awsdocs-07-23-24
CLI examples accessanalyzer, cognito-idp, ec2, ecr-public, ecr, ivs-r…
- Loading branch information
Showing
49 changed files
with
1,469 additions
and
155 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| **To check whether a resource policy can grant public access to the specified resource type** | ||
|
|
||
| The following ``check-no-public-access`` example checks whether a resource policy can grant public access to the specified resource type. :: | ||
|
|
||
| aws accessanalyzer check-no-public-access \ | ||
| --policy-document file://check-no-public-access-myfile.json \ | ||
| --resource-type AWS::S3::Bucket | ||
|
|
||
| Contents of ``myfile.json``:: | ||
|
|
||
| { | ||
| "Version": "2012-10-17", | ||
| "Statement": [ | ||
| { | ||
| "Sid": "CheckNoPublicAccess", | ||
| "Effect": "Allow", | ||
| "Principal": { "AWS": "arn:aws:iam::111122223333:user/JohnDoe" }, | ||
| "Action": [ | ||
| "s3:GetObject" | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "result": "PASS", | ||
| "message": "The resource policy does not grant public access for the given resource type." | ||
| } | ||
|
|
||
| For more information, see `Previewing access with IAM Access Analyzer APIs <https://docs.aws.amazon.com/IAM/latest/UserGuide/access-analyzer-preview-access-apis.html>`__ in the *AWS IAM User Guide*. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,25 @@ | ||
| **To update a user pool** | ||
|
|
||
| This example adds tags to a user pool. | ||
|
|
||
| Command:: | ||
|
|
||
| aws cognito-idp update-user-pool --user-pool-id us-west-2_aaaaaaaaa --user-pool-tags Team=Blue,Area=West | ||
| **To update a user pool** | ||
|
|
||
| The following ``update-user-pool`` example modifies a user pool with example syntax for each of the available configuration options. To update a user pool, you must specify all previously-configured options or they will reset to a default value. :: | ||
|
|
||
| aws cognito-idp update-user-pool --user-pool-id us-west-2_EXAMPLE \ | ||
| --policies PasswordPolicy=\{MinimumLength=6,RequireUppercase=true,RequireLowercase=true,RequireNumbers=true,RequireSymbols=true,TemporaryPasswordValidityDays=7\} \ | ||
| --deletion-protection ACTIVE \ | ||
| --lambda-config PreSignUp="arn:aws:lambda:us-west-2:123456789012:function:cognito-test-presignup-function",PreTokenGeneration="arn:aws:lambda:us-west-2:123456789012:function:cognito-test-pretoken-function" \ | ||
| --auto-verified-attributes "phone_number" "email" \ | ||
| --verification-message-template \{\"SmsMessage\":\""Your code is {####}"\",\"EmailMessage\":\""Your code is {####}"\",\"EmailSubject\":\""Your verification code"\",\"EmailMessageByLink\":\""Click {##here##} to verify your email address."\",\"EmailSubjectByLink\":\""Your verification link"\",\"DefaultEmailOption\":\"CONFIRM_WITH_LINK\"\} \ | ||
| --sms-authentication-message "Your code is {####}" \ | ||
| --user-attribute-update-settings AttributesRequireVerificationBeforeUpdate="email","phone_number" \ | ||
| --mfa-configuration "OPTIONAL" \ | ||
| --device-configuration ChallengeRequiredOnNewDevice=true,DeviceOnlyRememberedOnUserPrompt=true \ | ||
| --email-configuration SourceArn="arn:aws:ses:us-west-2:123456789012:identity/[email protected]",ReplyToEmailAddress="[email protected]",EmailSendingAccount=DEVELOPER,From="[email protected]",ConfigurationSet="test-configuration-set" \ | ||
| --sms-configuration SnsCallerArn="arn:aws:iam::123456789012:role/service-role/SNS-SMS-Role",ExternalId="12345",SnsRegion="us-west-2" \ | ||
| --admin-create-user-config AllowAdminCreateUserOnly=false,InviteMessageTemplate=\{SMSMessage=\""Welcome {username}. Your confirmation code is {####}"\",EmailMessage=\""Welcome {username}. Your confirmation code is {####}"\",EmailSubject=\""Welcome to MyMobileGame"\"\} \ | ||
| --user-pool-tags "Function"="MyMobileGame","Developers"="Berlin" \ | ||
| --admin-create-user-config AllowAdminCreateUserOnly=false,InviteMessageTemplate=\{SMSMessage=\""Welcome {username}. Your confirmation code is {####}"\",EmailMessage=\""Welcome {username}. Your confirmation code is {####}"\",EmailSubject=\""Welcome to MyMobileGame"\"\} \ | ||
| --user-pool-add-ons AdvancedSecurityMode="AUDIT" \ | ||
| --account-recovery-setting RecoveryMechanisms=\[\{Priority=1,Name="verified_email"\},\{Priority=2,Name="verified_phone_number"\}\] | ||
|
|
||
| This command produces no output. | ||
|
|
||
| For more information, see `Updating user pool configuration <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-updating.html>`__ in the *Amazon Cognito Developer Guide*. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.