1 | {
|
2 | "version": "1.0",
|
3 | "examples": {
|
4 | "AddClientIDToOpenIDConnectProvider": [
|
5 | {
|
6 | "input": {
|
7 | "ClientID": "my-application-ID",
|
8 | "OpenIDConnectProviderArn": "arn:aws:iam::123456789012:oidc-provider/server.example.com"
|
9 | },
|
10 | "comments": {
|
11 | "input": {
|
12 | },
|
13 | "output": {
|
14 | }
|
15 | },
|
16 | "description": "The following add-client-id-to-open-id-connect-provider command adds the client ID my-application-ID to the OIDC provider named server.example.com:",
|
17 | "id": "028e91f4-e2a6-4d59-9e3b-4965a3fb19be",
|
18 | "title": "To add a client ID (audience) to an Open-ID Connect (OIDC) provider"
|
19 | }
|
20 | ],
|
21 | "AddRoleToInstanceProfile": [
|
22 | {
|
23 | "input": {
|
24 | "InstanceProfileName": "Webserver",
|
25 | "RoleName": "S3Access"
|
26 | },
|
27 | "comments": {
|
28 | "input": {
|
29 | },
|
30 | "output": {
|
31 | }
|
32 | },
|
33 | "description": "The following command adds the role named S3Access to the instance profile named Webserver:",
|
34 | "id": "c107fac3-edb6-4827-8a71-8863ec91c81f",
|
35 | "title": "To add a role to an instance profile"
|
36 | }
|
37 | ],
|
38 | "AddUserToGroup": [
|
39 | {
|
40 | "input": {
|
41 | "GroupName": "Admins",
|
42 | "UserName": "Bob"
|
43 | },
|
44 | "comments": {
|
45 | "input": {
|
46 | },
|
47 | "output": {
|
48 | }
|
49 | },
|
50 | "description": "The following command adds an IAM user named Bob to the IAM group named Admins:",
|
51 | "id": "619c7e6b-09f8-4036-857b-51a6ea5027ca",
|
52 | "title": "To add a user to an IAM group"
|
53 | }
|
54 | ],
|
55 | "AttachGroupPolicy": [
|
56 | {
|
57 | "input": {
|
58 | "GroupName": "Finance",
|
59 | "PolicyArn": "arn:aws:iam::aws:policy/ReadOnlyAccess"
|
60 | },
|
61 | "comments": {
|
62 | "input": {
|
63 | },
|
64 | "output": {
|
65 | }
|
66 | },
|
67 | "description": "The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM group named Finance.",
|
68 | "id": "87551489-86f0-45db-9889-759936778f2b",
|
69 | "title": "To attach a managed policy to an IAM group"
|
70 | }
|
71 | ],
|
72 | "AttachRolePolicy": [
|
73 | {
|
74 | "input": {
|
75 | "PolicyArn": "arn:aws:iam::aws:policy/ReadOnlyAccess",
|
76 | "RoleName": "ReadOnlyRole"
|
77 | },
|
78 | "comments": {
|
79 | "input": {
|
80 | },
|
81 | "output": {
|
82 | }
|
83 | },
|
84 | "description": "The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM role named ReadOnlyRole.",
|
85 | "id": "3e1b8c7c-99c8-4fc4-a20c-131fe3f22c7e",
|
86 | "title": "To attach a managed policy to an IAM role"
|
87 | }
|
88 | ],
|
89 | "AttachUserPolicy": [
|
90 | {
|
91 | "input": {
|
92 | "PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess",
|
93 | "UserName": "Alice"
|
94 | },
|
95 | "comments": {
|
96 | "input": {
|
97 | },
|
98 | "output": {
|
99 | }
|
100 | },
|
101 | "description": "The following command attaches the AWS managed policy named AdministratorAccess to the IAM user named Alice.",
|
102 | "id": "1372ebd8-9475-4b1a-a479-23b6fd4b8b3e",
|
103 | "title": "To attach a managed policy to an IAM user"
|
104 | }
|
105 | ],
|
106 | "ChangePassword": [
|
107 | {
|
108 | "input": {
|
109 | "NewPassword": "]35d/{pB9Fo9wJ",
|
110 | "OldPassword": "3s0K_;xh4~8XXI"
|
111 | },
|
112 | "comments": {
|
113 | "input": {
|
114 | },
|
115 | "output": {
|
116 | }
|
117 | },
|
118 | "description": "The following command changes the password for the current IAM user.",
|
119 | "id": "3a80c66f-bffb-46df-947c-1e8fa583b470",
|
120 | "title": "To change the password for your IAM user"
|
121 | }
|
122 | ],
|
123 | "CreateAccessKey": [
|
124 | {
|
125 | "input": {
|
126 | "UserName": "Bob"
|
127 | },
|
128 | "output": {
|
129 | "AccessKey": {
|
130 | "AccessKeyId": "AKIAIOSFODNN7EXAMPLE",
|
131 | "CreateDate": "2015-03-09T18:39:23.411Z",
|
132 | "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY",
|
133 | "Status": "Active",
|
134 | "UserName": "Bob"
|
135 | }
|
136 | },
|
137 | "comments": {
|
138 | "input": {
|
139 | },
|
140 | "output": {
|
141 | }
|
142 | },
|
143 | "description": "The following command creates an access key (access key ID and secret access key) for the IAM user named Bob.",
|
144 | "id": "1fbb3211-4cf2-41db-8c20-ba58d9f5802d",
|
145 | "title": "To create an access key for an IAM user"
|
146 | }
|
147 | ],
|
148 | "CreateAccountAlias": [
|
149 | {
|
150 | "input": {
|
151 | "AccountAlias": "examplecorp"
|
152 | },
|
153 | "comments": {
|
154 | "input": {
|
155 | },
|
156 | "output": {
|
157 | }
|
158 | },
|
159 | "description": "The following command associates the alias examplecorp to your AWS account.",
|
160 | "id": "5adaf6fb-94fc-4ca2-b825-2fbc2062add1",
|
161 | "title": "To create an account alias"
|
162 | }
|
163 | ],
|
164 | "CreateGroup": [
|
165 | {
|
166 | "input": {
|
167 | "GroupName": "Admins"
|
168 | },
|
169 | "output": {
|
170 | "Group": {
|
171 | "Arn": "arn:aws:iam::123456789012:group/Admins",
|
172 | "CreateDate": "2015-03-09T20:30:24.940Z",
|
173 | "GroupId": "AIDGPMS9RO4H3FEXAMPLE",
|
174 | "GroupName": "Admins",
|
175 | "Path": "/"
|
176 | }
|
177 | },
|
178 | "comments": {
|
179 | "input": {
|
180 | },
|
181 | "output": {
|
182 | }
|
183 | },
|
184 | "description": "The following command creates an IAM group named Admins.",
|
185 | "id": "d5da2a90-5e69-4ef7-8ae8-4c33dc21fd21",
|
186 | "title": "To create an IAM group"
|
187 | }
|
188 | ],
|
189 | "CreateInstanceProfile": [
|
190 | {
|
191 | "input": {
|
192 | "InstanceProfileName": "Webserver"
|
193 | },
|
194 | "output": {
|
195 | "InstanceProfile": {
|
196 | "Arn": "arn:aws:iam::123456789012:instance-profile/Webserver",
|
197 | "CreateDate": "2015-03-09T20:33:19.626Z",
|
198 | "InstanceProfileId": "AIPAJMBYC7DLSPEXAMPLE",
|
199 | "InstanceProfileName": "Webserver",
|
200 | "Path": "/",
|
201 | "Roles": [
|
202 |
|
203 | ]
|
204 | }
|
205 | },
|
206 | "comments": {
|
207 | "input": {
|
208 | },
|
209 | "output": {
|
210 | }
|
211 | },
|
212 | "description": "The following command creates an instance profile named Webserver that is ready to have a role attached and then be associated with an EC2 instance.",
|
213 | "id": "5d84e6ae-5921-4e39-8454-10232cd9ff9a",
|
214 | "title": "To create an instance profile"
|
215 | }
|
216 | ],
|
217 | "CreateLoginProfile": [
|
218 | {
|
219 | "input": {
|
220 | "Password": "h]6EszR}vJ*m",
|
221 | "PasswordResetRequired": true,
|
222 | "UserName": "Bob"
|
223 | },
|
224 | "output": {
|
225 | "LoginProfile": {
|
226 | "CreateDate": "2015-03-10T20:55:40.274Z",
|
227 | "PasswordResetRequired": true,
|
228 | "UserName": "Bob"
|
229 | }
|
230 | },
|
231 | "comments": {
|
232 | "input": {
|
233 | },
|
234 | "output": {
|
235 | }
|
236 | },
|
237 | "description": "The following command changes IAM user Bob's password and sets the flag that required Bob to change the password the next time he signs in.",
|
238 | "id": "c63795bc-3444-40b3-89df-83c474ef88be",
|
239 | "title": "To create an instance profile"
|
240 | }
|
241 | ],
|
242 | "CreateOpenIDConnectProvider": [
|
243 | {
|
244 | "input": {
|
245 | "ClientIDList": [
|
246 | "my-application-id"
|
247 | ],
|
248 | "ThumbprintList": [
|
249 | "3768084dfb3d2b68b7897bf5f565da8efEXAMPLE"
|
250 | ],
|
251 | "Url": "https://server.example.com"
|
252 | },
|
253 | "output": {
|
254 | "OpenIDConnectProviderArn": "arn:aws:iam::123456789012:oidc-provider/server.example.com"
|
255 | },
|
256 | "comments": {
|
257 | "input": {
|
258 | },
|
259 | "output": {
|
260 | }
|
261 | },
|
262 | "description": "The following example defines a new OIDC provider in IAM with a client ID of my-application-id and pointing at the server with a URL of https://server.example.com.",
|
263 | "id": "4e4a6bff-cc97-4406-922e-0ab4a82cdb63",
|
264 | "title": "To create an instance profile"
|
265 | }
|
266 | ],
|
267 | "CreateRole": [
|
268 | {
|
269 | "input": {
|
270 | "AssumeRolePolicyDocument": "<URL-encoded-JSON>",
|
271 | "Path": "/",
|
272 | "RoleName": "Test-Role"
|
273 | },
|
274 | "output": {
|
275 | "Role": {
|
276 | "Arn": "arn:aws:iam::123456789012:role/Test-Role",
|
277 | "AssumeRolePolicyDocument": "<URL-encoded-JSON>",
|
278 | "CreateDate": "2013-06-07T20:43:32.821Z",
|
279 | "Path": "/",
|
280 | "RoleId": "AKIAIOSFODNN7EXAMPLE",
|
281 | "RoleName": "Test-Role"
|
282 | }
|
283 | },
|
284 | "comments": {
|
285 | "input": {
|
286 | },
|
287 | "output": {
|
288 | }
|
289 | },
|
290 | "description": "The following command creates a role named Test-Role and attaches a trust policy to it that is provided as a URL-encoded JSON string.",
|
291 | "id": "eaaa4b5f-51f1-4f73-b0d3-30127040eff8",
|
292 | "title": "To create an IAM role"
|
293 | }
|
294 | ],
|
295 | "CreateUser": [
|
296 | {
|
297 | "input": {
|
298 | "UserName": "Bob"
|
299 | },
|
300 | "output": {
|
301 | "User": {
|
302 | "Arn": "arn:aws:iam::123456789012:user/Bob",
|
303 | "CreateDate": "2013-06-08T03:20:41.270Z",
|
304 | "Path": "/",
|
305 | "UserId": "AKIAIOSFODNN7EXAMPLE",
|
306 | "UserName": "Bob"
|
307 | }
|
308 | },
|
309 | "comments": {
|
310 | "input": {
|
311 | },
|
312 | "output": {
|
313 | }
|
314 | },
|
315 | "description": "The following create-user command creates an IAM user named Bob in the current account.",
|
316 | "id": "eb15f90b-e5f5-4af8-a594-e4e82b181a62",
|
317 | "title": "To create an IAM user"
|
318 | }
|
319 | ],
|
320 | "DeleteAccessKey": [
|
321 | {
|
322 | "input": {
|
323 | "AccessKeyId": "AKIDPMS9RO4H3FEXAMPLE",
|
324 | "UserName": "Bob"
|
325 | },
|
326 | "comments": {
|
327 | "input": {
|
328 | },
|
329 | "output": {
|
330 | }
|
331 | },
|
332 | "description": "The following command deletes one access key (access key ID and secret access key) assigned to the IAM user named Bob.",
|
333 | "id": "61a785a7-d30a-415a-ae18-ab9236e56871",
|
334 | "title": "To delete an access key for an IAM user"
|
335 | }
|
336 | ],
|
337 | "DeleteAccountAlias": [
|
338 | {
|
339 | "input": {
|
340 | "AccountAlias": "mycompany"
|
341 | },
|
342 | "comments": {
|
343 | "input": {
|
344 | },
|
345 | "output": {
|
346 | }
|
347 | },
|
348 | "description": "The following command removes the alias mycompany from the current AWS account:",
|
349 | "id": "7abeca65-04a8-4500-a890-47f1092bf766",
|
350 | "title": "To delete an account alias"
|
351 | }
|
352 | ],
|
353 | "DeleteAccountPasswordPolicy": [
|
354 | {
|
355 | "comments": {
|
356 | "input": {
|
357 | },
|
358 | "output": {
|
359 | }
|
360 | },
|
361 | "description": "The following command removes the password policy from the current AWS account:",
|
362 | "id": "9ddf755e-495c-49bc-ae3b-ea6cc9b8ebcf",
|
363 | "title": "To delete the current account password policy"
|
364 | }
|
365 | ],
|
366 | "DeleteGroupPolicy": [
|
367 | {
|
368 | "input": {
|
369 | "GroupName": "Admins",
|
370 | "PolicyName": "ExamplePolicy"
|
371 | },
|
372 | "comments": {
|
373 | "input": {
|
374 | },
|
375 | "output": {
|
376 | }
|
377 | },
|
378 | "description": "The following command deletes the policy named ExamplePolicy from the group named Admins:",
|
379 | "id": "e683f2bd-98a4-4fe0-bb66-33169c692d4a",
|
380 | "title": "To delete a policy from an IAM group"
|
381 | }
|
382 | ],
|
383 | "DeleteInstanceProfile": [
|
384 | {
|
385 | "input": {
|
386 | "InstanceProfileName": "ExampleInstanceProfile"
|
387 | },
|
388 | "comments": {
|
389 | "input": {
|
390 | },
|
391 | "output": {
|
392 | }
|
393 | },
|
394 | "description": "The following command deletes the instance profile named ExampleInstanceProfile",
|
395 | "id": "12d74fb8-3433-49db-8171-a1fc764e354d",
|
396 | "title": "To delete an instance profile"
|
397 | }
|
398 | ],
|
399 | "DeleteLoginProfile": [
|
400 | {
|
401 | "input": {
|
402 | "UserName": "Bob"
|
403 | },
|
404 | "comments": {
|
405 | "input": {
|
406 | },
|
407 | "output": {
|
408 | }
|
409 | },
|
410 | "description": "The following command deletes the password for the IAM user named Bob.",
|
411 | "id": "1fe57059-fc73-42e2-b992-517b7d573b5c",
|
412 | "title": "To delete a password for an IAM user"
|
413 | }
|
414 | ],
|
415 | "DeleteRole": [
|
416 | {
|
417 | "input": {
|
418 | "RoleName": "Test-Role"
|
419 | },
|
420 | "comments": {
|
421 | "input": {
|
422 | },
|
423 | "output": {
|
424 | }
|
425 | },
|
426 | "description": "The following command removes the role named Test-Role.",
|
427 | "id": "053cdf74-9bda-44b8-bdbb-140fd5a32603",
|
428 | "title": "To delete an IAM role"
|
429 | }
|
430 | ],
|
431 | "DeleteRolePolicy": [
|
432 | {
|
433 | "input": {
|
434 | "PolicyName": "ExamplePolicy",
|
435 | "RoleName": "Test-Role"
|
436 | },
|
437 | "comments": {
|
438 | "input": {
|
439 | },
|
440 | "output": {
|
441 | }
|
442 | },
|
443 | "description": "The following command removes the policy named ExamplePolicy from the role named Test-Role.",
|
444 | "id": "9c667336-fde3-462c-b8f3-950800821e27",
|
445 | "title": "To remove a policy from an IAM role"
|
446 | }
|
447 | ],
|
448 | "DeleteSigningCertificate": [
|
449 | {
|
450 | "input": {
|
451 | "CertificateId": "TA7SMP42TDN5Z26OBPJE7EXAMPLE",
|
452 | "UserName": "Anika"
|
453 | },
|
454 | "comments": {
|
455 | "input": {
|
456 | },
|
457 | "output": {
|
458 | }
|
459 | },
|
460 | "description": "The following command deletes the specified signing certificate for the IAM user named Anika.",
|
461 | "id": "e3357586-ba9c-4070-b35b-d1a899b71987",
|
462 | "title": "To delete a signing certificate for an IAM user"
|
463 | }
|
464 | ],
|
465 | "DeleteUser": [
|
466 | {
|
467 | "input": {
|
468 | "UserName": "Bob"
|
469 | },
|
470 | "comments": {
|
471 | "input": {
|
472 | },
|
473 | "output": {
|
474 | }
|
475 | },
|
476 | "description": "The following command removes the IAM user named Bob from the current account.",
|
477 | "id": "a13dc3f9-59fe-42d9-abbb-fb98b204fdf0",
|
478 | "title": "To delete an IAM user"
|
479 | }
|
480 | ],
|
481 | "DeleteUserPolicy": [
|
482 | {
|
483 | "input": {
|
484 | "PolicyName": "ExamplePolicy",
|
485 | "UserName": "Juan"
|
486 | },
|
487 | "comments": {
|
488 | "input": {
|
489 | },
|
490 | "output": {
|
491 | }
|
492 | },
|
493 | "description": "The following delete-user-policy command removes the specified policy from the IAM user named Juan:",
|
494 | "id": "34f07ddc-9bc1-4f52-bc59-cd0a3ccd06c8",
|
495 | "title": "To remove a policy from an IAM user"
|
496 | }
|
497 | ],
|
498 | "DeleteVirtualMFADevice": [
|
499 | {
|
500 | "input": {
|
501 | "SerialNumber": "arn:aws:iam::123456789012:mfa/ExampleName"
|
502 | },
|
503 | "comments": {
|
504 | "input": {
|
505 | },
|
506 | "output": {
|
507 | }
|
508 | },
|
509 | "description": "The following delete-virtual-mfa-device command removes the specified MFA device from the current AWS account.",
|
510 | "id": "2933b08b-dbe7-4b89-b8c1-fdf75feea1ee",
|
511 | "title": "To remove a virtual MFA device"
|
512 | }
|
513 | ],
|
514 | "GetAccountPasswordPolicy": [
|
515 | {
|
516 | "output": {
|
517 | "PasswordPolicy": {
|
518 | "AllowUsersToChangePassword": false,
|
519 | "ExpirePasswords": false,
|
520 | "HardExpiry": false,
|
521 | "MaxPasswordAge": 90,
|
522 | "MinimumPasswordLength": 8,
|
523 | "PasswordReusePrevention": 12,
|
524 | "RequireLowercaseCharacters": false,
|
525 | "RequireNumbers": true,
|
526 | "RequireSymbols": true,
|
527 | "RequireUppercaseCharacters": false
|
528 | }
|
529 | },
|
530 | "comments": {
|
531 | "input": {
|
532 | },
|
533 | "output": {
|
534 | }
|
535 | },
|
536 | "description": "The following command displays details about the password policy for the current AWS account.",
|
537 | "id": "5e4598c7-c425-431f-8af1-19073b3c4a5f",
|
538 | "title": "To see the current account password policy"
|
539 | }
|
540 | ],
|
541 | "GetAccountSummary": [
|
542 | {
|
543 | "output": {
|
544 | "SummaryMap": {
|
545 | "AccessKeysPerUserQuota": 2,
|
546 | "AccountAccessKeysPresent": 1,
|
547 | "AccountMFAEnabled": 0,
|
548 | "AccountSigningCertificatesPresent": 0,
|
549 | "AttachedPoliciesPerGroupQuota": 10,
|
550 | "AttachedPoliciesPerRoleQuota": 10,
|
551 | "AttachedPoliciesPerUserQuota": 10,
|
552 | "GroupPolicySizeQuota": 5120,
|
553 | "Groups": 15,
|
554 | "GroupsPerUserQuota": 10,
|
555 | "GroupsQuota": 100,
|
556 | "MFADevices": 6,
|
557 | "MFADevicesInUse": 3,
|
558 | "Policies": 8,
|
559 | "PoliciesQuota": 1000,
|
560 | "PolicySizeQuota": 5120,
|
561 | "PolicyVersionsInUse": 22,
|
562 | "PolicyVersionsInUseQuota": 10000,
|
563 | "ServerCertificates": 1,
|
564 | "ServerCertificatesQuota": 20,
|
565 | "SigningCertificatesPerUserQuota": 2,
|
566 | "UserPolicySizeQuota": 2048,
|
567 | "Users": 27,
|
568 | "UsersQuota": 5000,
|
569 | "VersionsPerPolicyQuota": 5
|
570 | }
|
571 | },
|
572 | "comments": {
|
573 | "input": {
|
574 | },
|
575 | "output": {
|
576 | }
|
577 | },
|
578 | "description": "The following command returns information about the IAM entity quotas and usage in the current AWS account.",
|
579 | "id": "9d8447af-f344-45de-8219-2cebc3cce7f2",
|
580 | "title": "To get information about IAM entity quotas and usage in the current account"
|
581 | }
|
582 | ],
|
583 | "GetInstanceProfile": [
|
584 | {
|
585 | "input": {
|
586 | "InstanceProfileName": "ExampleInstanceProfile"
|
587 | },
|
588 | "output": {
|
589 | "InstanceProfile": {
|
590 | "Arn": "arn:aws:iam::336924118301:instance-profile/ExampleInstanceProfile",
|
591 | "CreateDate": "2013-06-12T23:52:02Z",
|
592 | "InstanceProfileId": "AID2MAB8DPLSRHEXAMPLE",
|
593 | "InstanceProfileName": "ExampleInstanceProfile",
|
594 | "Path": "/",
|
595 | "Roles": [
|
596 | {
|
597 | "Arn": "arn:aws:iam::336924118301:role/Test-Role",
|
598 | "AssumeRolePolicyDocument": "<URL-encoded-JSON>",
|
599 | "CreateDate": "2013-01-09T06:33:26Z",
|
600 | "Path": "/",
|
601 | "RoleId": "AIDGPMS9RO4H3FEXAMPLE",
|
602 | "RoleName": "Test-Role"
|
603 | }
|
604 | ]
|
605 | }
|
606 | },
|
607 | "comments": {
|
608 | "input": {
|
609 | },
|
610 | "output": {
|
611 | }
|
612 | },
|
613 | "description": "The following command gets information about the instance profile named ExampleInstanceProfile.",
|
614 | "id": "463b9ba5-18cc-4608-9ccb-5a7c6b6e5fe7",
|
615 | "title": "To get information about an instance profile"
|
616 | }
|
617 | ],
|
618 | "GetLoginProfile": [
|
619 | {
|
620 | "input": {
|
621 | "UserName": "Anika"
|
622 | },
|
623 | "output": {
|
624 | "LoginProfile": {
|
625 | "CreateDate": "2012-09-21T23:03:39Z",
|
626 | "UserName": "Anika"
|
627 | }
|
628 | },
|
629 | "comments": {
|
630 | "input": {
|
631 | },
|
632 | "output": {
|
633 | }
|
634 | },
|
635 | "description": "The following command gets information about the password for the IAM user named Anika.",
|
636 | "id": "d6b580cc-909f-4925-9caa-d425cbc1ad47",
|
637 | "title": "To get password information for an IAM user"
|
638 | }
|
639 | ],
|
640 | "GetRole": [
|
641 | {
|
642 | "input": {
|
643 | "RoleName": "Test-Role"
|
644 | },
|
645 | "output": {
|
646 | "Role": {
|
647 | "Arn": "arn:aws:iam::123456789012:role/Test-Role",
|
648 | "AssumeRolePolicyDocument": "<URL-encoded-JSON>",
|
649 | "CreateDate": "2013-04-18T05:01:58Z",
|
650 | "Path": "/",
|
651 | "RoleId": "AIDIODR4TAW7CSEXAMPLE",
|
652 | "RoleName": "Test-Role"
|
653 | }
|
654 | },
|
655 | "comments": {
|
656 | "input": {
|
657 | },
|
658 | "output": {
|
659 | }
|
660 | },
|
661 | "description": "The following command gets information about the role named Test-Role.",
|
662 | "id": "5b7d03a6-340c-472d-aa77-56425950d8b0",
|
663 | "title": "To get information about an IAM role"
|
664 | }
|
665 | ],
|
666 | "GetUser": [
|
667 | {
|
668 | "input": {
|
669 | "UserName": "Bob"
|
670 | },
|
671 | "output": {
|
672 | "User": {
|
673 | "Arn": "arn:aws:iam::123456789012:user/Bob",
|
674 | "CreateDate": "2012-09-21T23:03:13Z",
|
675 | "Path": "/",
|
676 | "UserId": "AKIAIOSFODNN7EXAMPLE",
|
677 | "UserName": "Bob"
|
678 | }
|
679 | },
|
680 | "comments": {
|
681 | "input": {
|
682 | },
|
683 | "output": {
|
684 | }
|
685 | },
|
686 | "description": "The following command gets information about the IAM user named Bob.",
|
687 | "id": "ede000a1-9e4c-40db-bd0a-d4f95e41a6ab",
|
688 | "title": "To get information about an IAM user"
|
689 | }
|
690 | ],
|
691 | "ListAccessKeys": [
|
692 | {
|
693 | "input": {
|
694 | "UserName": "Alice"
|
695 | },
|
696 | "output": {
|
697 | "AccessKeyMetadata": [
|
698 | {
|
699 | "AccessKeyId": "AKIA111111111EXAMPLE",
|
700 | "CreateDate": "2016-12-01T22:19:58Z",
|
701 | "Status": "Active",
|
702 | "UserName": "Alice"
|
703 | },
|
704 | {
|
705 | "AccessKeyId": "AKIA222222222EXAMPLE",
|
706 | "CreateDate": "2016-12-01T22:20:01Z",
|
707 | "Status": "Active",
|
708 | "UserName": "Alice"
|
709 | }
|
710 | ]
|
711 | },
|
712 | "comments": {
|
713 | "input": {
|
714 | },
|
715 | "output": {
|
716 | }
|
717 | },
|
718 | "description": "The following command lists the access keys IDs for the IAM user named Alice.",
|
719 | "id": "15571463-ebea-411a-a021-1c76bd2a3625",
|
720 | "title": "To list the access key IDs for an IAM user"
|
721 | }
|
722 | ],
|
723 | "ListAccountAliases": [
|
724 | {
|
725 | "input": {
|
726 | },
|
727 | "output": {
|
728 | "AccountAliases": [
|
729 | "exmaple-corporation"
|
730 | ]
|
731 | },
|
732 | "comments": {
|
733 | "input": {
|
734 | },
|
735 | "output": {
|
736 | }
|
737 | },
|
738 | "description": "The following command lists the aliases for the current account.",
|
739 | "id": "e27b457a-16f9-4e05-a006-3df7b3472741",
|
740 | "title": "To list account aliases"
|
741 | }
|
742 | ],
|
743 | "ListGroupPolicies": [
|
744 | {
|
745 | "input": {
|
746 | "GroupName": "Admins"
|
747 | },
|
748 | "output": {
|
749 | "PolicyNames": [
|
750 | "AdminRoot",
|
751 | "KeyPolicy"
|
752 | ]
|
753 | },
|
754 | "comments": {
|
755 | "input": {
|
756 | },
|
757 | "output": {
|
758 | }
|
759 | },
|
760 | "description": "The following command lists the names of in-line policies that are embedded in the IAM group named Admins.",
|
761 | "id": "02de5095-2410-4d3a-ac1b-cc40234af68f",
|
762 | "title": "To list the in-line policies for an IAM group"
|
763 | }
|
764 | ],
|
765 | "ListGroups": [
|
766 | {
|
767 | "input": {
|
768 | },
|
769 | "output": {
|
770 | "Groups": [
|
771 | {
|
772 | "Arn": "arn:aws:iam::123456789012:group/Admins",
|
773 | "CreateDate": "2016-12-15T21:40:08.121Z",
|
774 | "GroupId": "AGPA1111111111EXAMPLE",
|
775 | "GroupName": "Admins",
|
776 | "Path": "/division_abc/subdivision_xyz/"
|
777 | },
|
778 | {
|
779 | "Arn": "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/engineering/Test",
|
780 | "CreateDate": "2016-11-30T14:10:01.156Z",
|
781 | "GroupId": "AGP22222222222EXAMPLE",
|
782 | "GroupName": "Test",
|
783 | "Path": "/division_abc/subdivision_xyz/product_1234/engineering/"
|
784 | },
|
785 | {
|
786 | "Arn": "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/Managers",
|
787 | "CreateDate": "2016-06-12T20:14:52.032Z",
|
788 | "GroupId": "AGPI3333333333EXAMPLE",
|
789 | "GroupName": "Managers",
|
790 | "Path": "/division_abc/subdivision_xyz/product_1234/"
|
791 | }
|
792 | ]
|
793 | },
|
794 | "comments": {
|
795 | "input": {
|
796 | },
|
797 | "output": {
|
798 | }
|
799 | },
|
800 | "description": "The following command lists the IAM groups in the current account:",
|
801 | "id": "b3ab1380-2a21-42fb-8e85-503f65512c66",
|
802 | "title": "To list the IAM groups for the current account"
|
803 | }
|
804 | ],
|
805 | "ListGroupsForUser": [
|
806 | {
|
807 | "input": {
|
808 | "UserName": "Bob"
|
809 | },
|
810 | "output": {
|
811 | "Groups": [
|
812 | {
|
813 | "Arn": "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/engineering/Test",
|
814 | "CreateDate": "2016-11-30T14:10:01.156Z",
|
815 | "GroupId": "AGP2111111111EXAMPLE",
|
816 | "GroupName": "Test",
|
817 | "Path": "/division_abc/subdivision_xyz/product_1234/engineering/"
|
818 | },
|
819 | {
|
820 | "Arn": "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/Managers",
|
821 | "CreateDate": "2016-06-12T20:14:52.032Z",
|
822 | "GroupId": "AGPI222222222SEXAMPLE",
|
823 | "GroupName": "Managers",
|
824 | "Path": "/division_abc/subdivision_xyz/product_1234/"
|
825 | }
|
826 | ]
|
827 | },
|
828 | "comments": {
|
829 | "input": {
|
830 | },
|
831 | "output": {
|
832 | }
|
833 | },
|
834 | "description": "The following command displays the groups that the IAM user named Bob belongs to.",
|
835 | "id": "278ec2ee-fc28-4136-83fb-433af0ae46a2",
|
836 | "title": "To list the groups that an IAM user belongs to"
|
837 | }
|
838 | ],
|
839 | "ListSigningCertificates": [
|
840 | {
|
841 | "input": {
|
842 | "UserName": "Bob"
|
843 | },
|
844 | "output": {
|
845 | "Certificates": [
|
846 | {
|
847 | "CertificateBody": "-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----",
|
848 | "CertificateId": "TA7SMP42TDN5Z26OBPJE7EXAMPLE",
|
849 | "Status": "Active",
|
850 | "UploadDate": "2013-06-06T21:40:08Z",
|
851 | "UserName": "Bob"
|
852 | }
|
853 | ]
|
854 | },
|
855 | "comments": {
|
856 | "input": {
|
857 | },
|
858 | "output": {
|
859 | }
|
860 | },
|
861 | "description": "The following command lists the signing certificates for the IAM user named Bob.",
|
862 | "id": "b4c10256-4fc9-457e-b3fd-4a110d4d73dc",
|
863 | "title": "To list the signing certificates for an IAM user"
|
864 | }
|
865 | ],
|
866 | "ListUsers": [
|
867 | {
|
868 | "input": {
|
869 | },
|
870 | "output": {
|
871 | "Users": [
|
872 | {
|
873 | "Arn": "arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/engineering/Juan",
|
874 | "CreateDate": "2012-09-05T19:38:48Z",
|
875 | "PasswordLastUsed": "2016-09-08T21:47:36Z",
|
876 | "Path": "/division_abc/subdivision_xyz/engineering/",
|
877 | "UserId": "AID2MAB8DPLSRHEXAMPLE",
|
878 | "UserName": "Juan"
|
879 | },
|
880 | {
|
881 | "Arn": "arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/engineering/Anika",
|
882 | "CreateDate": "2014-04-09T15:43:45Z",
|
883 | "PasswordLastUsed": "2016-09-24T16:18:07Z",
|
884 | "Path": "/division_abc/subdivision_xyz/engineering/",
|
885 | "UserId": "AIDIODR4TAW7CSEXAMPLE",
|
886 | "UserName": "Anika"
|
887 | }
|
888 | ]
|
889 | },
|
890 | "comments": {
|
891 | "input": {
|
892 | },
|
893 | "output": {
|
894 | }
|
895 | },
|
896 | "description": "The following command lists the IAM users in the current account.",
|
897 | "id": "9edfbd73-03d8-4d8a-9a79-76c85e8c8298",
|
898 | "title": "To list IAM users"
|
899 | }
|
900 | ],
|
901 | "ListVirtualMFADevices": [
|
902 | {
|
903 | "input": {
|
904 | },
|
905 | "output": {
|
906 | "VirtualMFADevices": [
|
907 | {
|
908 | "SerialNumber": "arn:aws:iam::123456789012:mfa/ExampleMFADevice"
|
909 | },
|
910 | {
|
911 | "SerialNumber": "arn:aws:iam::123456789012:mfa/Juan"
|
912 | }
|
913 | ]
|
914 | },
|
915 | "comments": {
|
916 | "input": {
|
917 | },
|
918 | "output": {
|
919 | }
|
920 | },
|
921 | "description": "The following command lists the virtual MFA devices that have been configured for the current account.",
|
922 | "id": "54f9ac18-5100-4070-bec4-fe5f612710d5",
|
923 | "title": "To list virtual MFA devices"
|
924 | }
|
925 | ],
|
926 | "PutGroupPolicy": [
|
927 | {
|
928 | "input": {
|
929 | "GroupName": "Admins",
|
930 | "PolicyDocument": "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}",
|
931 | "PolicyName": "AllPerms"
|
932 | },
|
933 | "comments": {
|
934 | "input": {
|
935 | },
|
936 | "output": {
|
937 | }
|
938 | },
|
939 | "description": "The following command adds a policy named AllPerms to the IAM group named Admins.",
|
940 | "id": "4bc17418-758f-4d0f-ab0c-4d00265fec2e",
|
941 | "title": "To add a policy to a group"
|
942 | }
|
943 | ],
|
944 | "PutRolePolicy": [
|
945 | {
|
946 | "input": {
|
947 | "PolicyDocument": "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}}",
|
948 | "PolicyName": "S3AccessPolicy",
|
949 | "RoleName": "S3Access"
|
950 | },
|
951 | "comments": {
|
952 | "input": {
|
953 | },
|
954 | "output": {
|
955 | }
|
956 | },
|
957 | "description": "The following command adds a permissions policy to the role named Test-Role.",
|
958 | "id": "de62fd00-46c7-4601-9e0d-71d5fbb11ecb",
|
959 | "title": "To attach a permissions policy to an IAM role"
|
960 | }
|
961 | ],
|
962 | "PutUserPolicy": [
|
963 | {
|
964 | "input": {
|
965 | "PolicyDocument": "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}",
|
966 | "PolicyName": "AllAccessPolicy",
|
967 | "UserName": "Bob"
|
968 | },
|
969 | "comments": {
|
970 | "input": {
|
971 | },
|
972 | "output": {
|
973 | }
|
974 | },
|
975 | "description": "The following command attaches a policy to the IAM user named Bob.",
|
976 | "id": "2551ffc6-3576-4d39-823f-30b60bffc2c7",
|
977 | "title": "To attach a policy to an IAM user"
|
978 | }
|
979 | ],
|
980 | "RemoveRoleFromInstanceProfile": [
|
981 | {
|
982 | "input": {
|
983 | "InstanceProfileName": "ExampleInstanceProfile",
|
984 | "RoleName": "Test-Role"
|
985 | },
|
986 | "comments": {
|
987 | "input": {
|
988 | },
|
989 | "output": {
|
990 | }
|
991 | },
|
992 | "description": "The following command removes the role named Test-Role from the instance profile named ExampleInstanceProfile.",
|
993 | "id": "6d9f46f1-9f4a-4873-b403-51a85c5c627c",
|
994 | "title": "To remove a role from an instance profile"
|
995 | }
|
996 | ],
|
997 | "RemoveUserFromGroup": [
|
998 | {
|
999 | "input": {
|
1000 | "GroupName": "Admins",
|
1001 | "UserName": "Bob"
|
1002 | },
|
1003 | "comments": {
|
1004 | "input": {
|
1005 | },
|
1006 | "output": {
|
1007 | }
|
1008 | },
|
1009 | "description": "The following command removes the user named Bob from the IAM group named Admins.",
|
1010 | "id": "fb54d5b4-0caf-41d8-af0e-10a84413f174",
|
1011 | "title": "To remove a user from an IAM group"
|
1012 | }
|
1013 | ],
|
1014 | "UpdateAccessKey": [
|
1015 | {
|
1016 | "input": {
|
1017 | "AccessKeyId": "AKIAIOSFODNN7EXAMPLE",
|
1018 | "Status": "Inactive",
|
1019 | "UserName": "Bob"
|
1020 | },
|
1021 | "comments": {
|
1022 | "input": {
|
1023 | },
|
1024 | "output": {
|
1025 | }
|
1026 | },
|
1027 | "description": "The following command deactivates the specified access key (access key ID and secret access key) for the IAM user named Bob.",
|
1028 | "id": "02b556fd-e673-49b7-ab6b-f2f9035967d0",
|
1029 | "title": "To activate or deactivate an access key for an IAM user"
|
1030 | }
|
1031 | ],
|
1032 | "UpdateAccountPasswordPolicy": [
|
1033 | {
|
1034 | "input": {
|
1035 | "MinimumPasswordLength": 8,
|
1036 | "RequireNumbers": true
|
1037 | },
|
1038 | "comments": {
|
1039 | "input": {
|
1040 | },
|
1041 | "output": {
|
1042 | }
|
1043 | },
|
1044 | "description": "The following command sets the password policy to require a minimum length of eight characters and to require one or more numbers in the password:",
|
1045 | "id": "c263a1af-37dc-4423-8dba-9790284ef5e0",
|
1046 | "title": "To set or change the current account password policy"
|
1047 | }
|
1048 | ],
|
1049 | "UpdateAssumeRolePolicy": [
|
1050 | {
|
1051 | "input": {
|
1052 | "PolicyDocument": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}",
|
1053 | "RoleName": "S3AccessForEC2Instances"
|
1054 | },
|
1055 | "comments": {
|
1056 | "input": {
|
1057 | },
|
1058 | "output": {
|
1059 | }
|
1060 | },
|
1061 | "description": "The following command updates the role trust policy for the role named Test-Role:",
|
1062 | "id": "c9150063-d953-4e99-9576-9685872006c6",
|
1063 | "title": "To update the trust policy for an IAM role"
|
1064 | }
|
1065 | ],
|
1066 | "UpdateGroup": [
|
1067 | {
|
1068 | "input": {
|
1069 | "GroupName": "Test",
|
1070 | "NewGroupName": "Test-1"
|
1071 | },
|
1072 | "comments": {
|
1073 | "input": {
|
1074 | },
|
1075 | "output": {
|
1076 | }
|
1077 | },
|
1078 | "description": "The following command changes the name of the IAM group Test to Test-1.",
|
1079 | "id": "f0cf1662-91ae-4278-a80e-7db54256ccba",
|
1080 | "title": "To rename an IAM group"
|
1081 | }
|
1082 | ],
|
1083 | "UpdateLoginProfile": [
|
1084 | {
|
1085 | "input": {
|
1086 | "Password": "SomeKindOfPassword123!@#",
|
1087 | "UserName": "Bob"
|
1088 | },
|
1089 | "comments": {
|
1090 | "input": {
|
1091 | },
|
1092 | "output": {
|
1093 | }
|
1094 | },
|
1095 | "description": "The following command creates or changes the password for the IAM user named Bob.",
|
1096 | "id": "036d9498-ecdb-4ed6-a8d8-366c383d1487",
|
1097 | "title": "To change the password for an IAM user"
|
1098 | }
|
1099 | ],
|
1100 | "UpdateSigningCertificate": [
|
1101 | {
|
1102 | "input": {
|
1103 | "CertificateId": "TA7SMP42TDN5Z26OBPJE7EXAMPLE",
|
1104 | "Status": "Inactive",
|
1105 | "UserName": "Bob"
|
1106 | },
|
1107 | "comments": {
|
1108 | "input": {
|
1109 | },
|
1110 | "output": {
|
1111 | }
|
1112 | },
|
1113 | "description": "The following command changes the status of a signing certificate for a user named Bob to Inactive.",
|
1114 | "id": "829aee7b-efc5-4b3b-84a5-7f899b38018d",
|
1115 | "title": "To change the active status of a signing certificate for an IAM user"
|
1116 | }
|
1117 | ],
|
1118 | "UpdateUser": [
|
1119 | {
|
1120 | "input": {
|
1121 | "NewUserName": "Robert",
|
1122 | "UserName": "Bob"
|
1123 | },
|
1124 | "comments": {
|
1125 | "input": {
|
1126 | },
|
1127 | "output": {
|
1128 | }
|
1129 | },
|
1130 | "description": "The following command changes the name of the IAM user Bob to Robert. It does not change the user's path.",
|
1131 | "id": "275d53ed-347a-44e6-b7d0-a96276154352",
|
1132 | "title": "To change an IAM user's name"
|
1133 | }
|
1134 | ],
|
1135 | "UploadServerCertificate": [
|
1136 | {
|
1137 | "input": {
|
1138 | "CertificateBody": "-----BEGIN CERTIFICATE-----<a very long certificate text string>-----END CERTIFICATE-----",
|
1139 | "Path": "/company/servercerts/",
|
1140 | "PrivateKey": "-----BEGIN DSA PRIVATE KEY-----<a very long private key string>-----END DSA PRIVATE KEY-----",
|
1141 | "ServerCertificateName": "ProdServerCert"
|
1142 | },
|
1143 | "output": {
|
1144 | "ServerCertificateMetadata": {
|
1145 | "Arn": "arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert",
|
1146 | "Expiration": "2012-05-08T01:02:03.004Z",
|
1147 | "Path": "/company/servercerts/",
|
1148 | "ServerCertificateId": "ASCA1111111111EXAMPLE",
|
1149 | "ServerCertificateName": "ProdServerCert",
|
1150 | "UploadDate": "2010-05-08T01:02:03.004Z"
|
1151 | }
|
1152 | },
|
1153 | "comments": {
|
1154 | "input": {
|
1155 | },
|
1156 | "output": {
|
1157 | }
|
1158 | },
|
1159 | "description": "The following upload-server-certificate command uploads a server certificate to your AWS account:",
|
1160 | "id": "06eab6d1-ebf2-4bd9-839d-f7508b9a38b6",
|
1161 | "title": "To upload a server certificate to your AWS account"
|
1162 | }
|
1163 | ],
|
1164 | "UploadSigningCertificate": [
|
1165 | {
|
1166 | "input": {
|
1167 | "CertificateBody": "-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----",
|
1168 | "UserName": "Bob"
|
1169 | },
|
1170 | "output": {
|
1171 | "Certificate": {
|
1172 | "CertificateBody": "-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----",
|
1173 | "CertificateId": "ID123456789012345EXAMPLE",
|
1174 | "Status": "Active",
|
1175 | "UploadDate": "2015-06-06T21:40:08.121Z",
|
1176 | "UserName": "Bob"
|
1177 | }
|
1178 | },
|
1179 | "comments": {
|
1180 | "input": {
|
1181 | },
|
1182 | "output": {
|
1183 | }
|
1184 | },
|
1185 | "description": "The following command uploads a signing certificate for the IAM user named Bob.",
|
1186 | "id": "e67489b6-7b73-4e30-9ed3-9a9e0231e458",
|
1187 | "title": "To upload a signing certificate for an IAM user"
|
1188 | }
|
1189 | ]
|
1190 | }
|
1191 | }
|