UNPKG

36.6 kBJSONView Raw
1{
2 "version": "1.0",
3 "examples": {
4 "AddClientIDToOpenIDConnectProvider": [
5 {
6 "input": {
7 "ClientID": "my-application-ID",
8 "OpenIDConnectProviderArn": "arn:aws:iam::123456789012:oidc-provider/server.example.com"
9 },
10 "comments": {
11 "input": {
12 },
13 "output": {
14 }
15 },
16 "description": "The following add-client-id-to-open-id-connect-provider command adds the client ID my-application-ID to the OIDC provider named server.example.com:",
17 "id": "028e91f4-e2a6-4d59-9e3b-4965a3fb19be",
18 "title": "To add a client ID (audience) to an Open-ID Connect (OIDC) provider"
19 }
20 ],
21 "AddRoleToInstanceProfile": [
22 {
23 "input": {
24 "InstanceProfileName": "Webserver",
25 "RoleName": "S3Access"
26 },
27 "comments": {
28 "input": {
29 },
30 "output": {
31 }
32 },
33 "description": "The following command adds the role named S3Access to the instance profile named Webserver:",
34 "id": "c107fac3-edb6-4827-8a71-8863ec91c81f",
35 "title": "To add a role to an instance profile"
36 }
37 ],
38 "AddUserToGroup": [
39 {
40 "input": {
41 "GroupName": "Admins",
42 "UserName": "Bob"
43 },
44 "comments": {
45 "input": {
46 },
47 "output": {
48 }
49 },
50 "description": "The following command adds an IAM user named Bob to the IAM group named Admins:",
51 "id": "619c7e6b-09f8-4036-857b-51a6ea5027ca",
52 "title": "To add a user to an IAM group"
53 }
54 ],
55 "AttachGroupPolicy": [
56 {
57 "input": {
58 "GroupName": "Finance",
59 "PolicyArn": "arn:aws:iam::aws:policy/ReadOnlyAccess"
60 },
61 "comments": {
62 "input": {
63 },
64 "output": {
65 }
66 },
67 "description": "The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM group named Finance.",
68 "id": "87551489-86f0-45db-9889-759936778f2b",
69 "title": "To attach a managed policy to an IAM group"
70 }
71 ],
72 "AttachRolePolicy": [
73 {
74 "input": {
75 "PolicyArn": "arn:aws:iam::aws:policy/ReadOnlyAccess",
76 "RoleName": "ReadOnlyRole"
77 },
78 "comments": {
79 "input": {
80 },
81 "output": {
82 }
83 },
84 "description": "The following command attaches the AWS managed policy named ReadOnlyAccess to the IAM role named ReadOnlyRole.",
85 "id": "3e1b8c7c-99c8-4fc4-a20c-131fe3f22c7e",
86 "title": "To attach a managed policy to an IAM role"
87 }
88 ],
89 "AttachUserPolicy": [
90 {
91 "input": {
92 "PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess",
93 "UserName": "Alice"
94 },
95 "comments": {
96 "input": {
97 },
98 "output": {
99 }
100 },
101 "description": "The following command attaches the AWS managed policy named AdministratorAccess to the IAM user named Alice.",
102 "id": "1372ebd8-9475-4b1a-a479-23b6fd4b8b3e",
103 "title": "To attach a managed policy to an IAM user"
104 }
105 ],
106 "ChangePassword": [
107 {
108 "input": {
109 "NewPassword": "]35d/{pB9Fo9wJ",
110 "OldPassword": "3s0K_;xh4~8XXI"
111 },
112 "comments": {
113 "input": {
114 },
115 "output": {
116 }
117 },
118 "description": "The following command changes the password for the current IAM user.",
119 "id": "3a80c66f-bffb-46df-947c-1e8fa583b470",
120 "title": "To change the password for your IAM user"
121 }
122 ],
123 "CreateAccessKey": [
124 {
125 "input": {
126 "UserName": "Bob"
127 },
128 "output": {
129 "AccessKey": {
130 "AccessKeyId": "AKIAIOSFODNN7EXAMPLE",
131 "CreateDate": "2015-03-09T18:39:23.411Z",
132 "SecretAccessKey": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYzEXAMPLEKEY",
133 "Status": "Active",
134 "UserName": "Bob"
135 }
136 },
137 "comments": {
138 "input": {
139 },
140 "output": {
141 }
142 },
143 "description": "The following command creates an access key (access key ID and secret access key) for the IAM user named Bob.",
144 "id": "1fbb3211-4cf2-41db-8c20-ba58d9f5802d",
145 "title": "To create an access key for an IAM user"
146 }
147 ],
148 "CreateAccountAlias": [
149 {
150 "input": {
151 "AccountAlias": "examplecorp"
152 },
153 "comments": {
154 "input": {
155 },
156 "output": {
157 }
158 },
159 "description": "The following command associates the alias examplecorp to your AWS account.",
160 "id": "5adaf6fb-94fc-4ca2-b825-2fbc2062add1",
161 "title": "To create an account alias"
162 }
163 ],
164 "CreateGroup": [
165 {
166 "input": {
167 "GroupName": "Admins"
168 },
169 "output": {
170 "Group": {
171 "Arn": "arn:aws:iam::123456789012:group/Admins",
172 "CreateDate": "2015-03-09T20:30:24.940Z",
173 "GroupId": "AIDGPMS9RO4H3FEXAMPLE",
174 "GroupName": "Admins",
175 "Path": "/"
176 }
177 },
178 "comments": {
179 "input": {
180 },
181 "output": {
182 }
183 },
184 "description": "The following command creates an IAM group named Admins.",
185 "id": "d5da2a90-5e69-4ef7-8ae8-4c33dc21fd21",
186 "title": "To create an IAM group"
187 }
188 ],
189 "CreateInstanceProfile": [
190 {
191 "input": {
192 "InstanceProfileName": "Webserver"
193 },
194 "output": {
195 "InstanceProfile": {
196 "Arn": "arn:aws:iam::123456789012:instance-profile/Webserver",
197 "CreateDate": "2015-03-09T20:33:19.626Z",
198 "InstanceProfileId": "AIPAJMBYC7DLSPEXAMPLE",
199 "InstanceProfileName": "Webserver",
200 "Path": "/",
201 "Roles": [
202
203 ]
204 }
205 },
206 "comments": {
207 "input": {
208 },
209 "output": {
210 }
211 },
212 "description": "The following command creates an instance profile named Webserver that is ready to have a role attached and then be associated with an EC2 instance.",
213 "id": "5d84e6ae-5921-4e39-8454-10232cd9ff9a",
214 "title": "To create an instance profile"
215 }
216 ],
217 "CreateLoginProfile": [
218 {
219 "input": {
220 "Password": "h]6EszR}vJ*m",
221 "PasswordResetRequired": true,
222 "UserName": "Bob"
223 },
224 "output": {
225 "LoginProfile": {
226 "CreateDate": "2015-03-10T20:55:40.274Z",
227 "PasswordResetRequired": true,
228 "UserName": "Bob"
229 }
230 },
231 "comments": {
232 "input": {
233 },
234 "output": {
235 }
236 },
237 "description": "The following command changes IAM user Bob's password and sets the flag that required Bob to change the password the next time he signs in.",
238 "id": "c63795bc-3444-40b3-89df-83c474ef88be",
239 "title": "To create an instance profile"
240 }
241 ],
242 "CreateOpenIDConnectProvider": [
243 {
244 "input": {
245 "ClientIDList": [
246 "my-application-id"
247 ],
248 "ThumbprintList": [
249 "3768084dfb3d2b68b7897bf5f565da8efEXAMPLE"
250 ],
251 "Url": "https://server.example.com"
252 },
253 "output": {
254 "OpenIDConnectProviderArn": "arn:aws:iam::123456789012:oidc-provider/server.example.com"
255 },
256 "comments": {
257 "input": {
258 },
259 "output": {
260 }
261 },
262 "description": "The following example defines a new OIDC provider in IAM with a client ID of my-application-id and pointing at the server with a URL of https://server.example.com.",
263 "id": "4e4a6bff-cc97-4406-922e-0ab4a82cdb63",
264 "title": "To create an instance profile"
265 }
266 ],
267 "CreateRole": [
268 {
269 "input": {
270 "AssumeRolePolicyDocument": "<URL-encoded-JSON>",
271 "Path": "/",
272 "RoleName": "Test-Role"
273 },
274 "output": {
275 "Role": {
276 "Arn": "arn:aws:iam::123456789012:role/Test-Role",
277 "AssumeRolePolicyDocument": "<URL-encoded-JSON>",
278 "CreateDate": "2013-06-07T20:43:32.821Z",
279 "Path": "/",
280 "RoleId": "AKIAIOSFODNN7EXAMPLE",
281 "RoleName": "Test-Role"
282 }
283 },
284 "comments": {
285 "input": {
286 },
287 "output": {
288 }
289 },
290 "description": "The following command creates a role named Test-Role and attaches a trust policy to it that is provided as a URL-encoded JSON string.",
291 "id": "eaaa4b5f-51f1-4f73-b0d3-30127040eff8",
292 "title": "To create an IAM role"
293 }
294 ],
295 "CreateUser": [
296 {
297 "input": {
298 "UserName": "Bob"
299 },
300 "output": {
301 "User": {
302 "Arn": "arn:aws:iam::123456789012:user/Bob",
303 "CreateDate": "2013-06-08T03:20:41.270Z",
304 "Path": "/",
305 "UserId": "AKIAIOSFODNN7EXAMPLE",
306 "UserName": "Bob"
307 }
308 },
309 "comments": {
310 "input": {
311 },
312 "output": {
313 }
314 },
315 "description": "The following create-user command creates an IAM user named Bob in the current account.",
316 "id": "eb15f90b-e5f5-4af8-a594-e4e82b181a62",
317 "title": "To create an IAM user"
318 }
319 ],
320 "DeleteAccessKey": [
321 {
322 "input": {
323 "AccessKeyId": "AKIDPMS9RO4H3FEXAMPLE",
324 "UserName": "Bob"
325 },
326 "comments": {
327 "input": {
328 },
329 "output": {
330 }
331 },
332 "description": "The following command deletes one access key (access key ID and secret access key) assigned to the IAM user named Bob.",
333 "id": "61a785a7-d30a-415a-ae18-ab9236e56871",
334 "title": "To delete an access key for an IAM user"
335 }
336 ],
337 "DeleteAccountAlias": [
338 {
339 "input": {
340 "AccountAlias": "mycompany"
341 },
342 "comments": {
343 "input": {
344 },
345 "output": {
346 }
347 },
348 "description": "The following command removes the alias mycompany from the current AWS account:",
349 "id": "7abeca65-04a8-4500-a890-47f1092bf766",
350 "title": "To delete an account alias"
351 }
352 ],
353 "DeleteAccountPasswordPolicy": [
354 {
355 "comments": {
356 "input": {
357 },
358 "output": {
359 }
360 },
361 "description": "The following command removes the password policy from the current AWS account:",
362 "id": "9ddf755e-495c-49bc-ae3b-ea6cc9b8ebcf",
363 "title": "To delete the current account password policy"
364 }
365 ],
366 "DeleteGroupPolicy": [
367 {
368 "input": {
369 "GroupName": "Admins",
370 "PolicyName": "ExamplePolicy"
371 },
372 "comments": {
373 "input": {
374 },
375 "output": {
376 }
377 },
378 "description": "The following command deletes the policy named ExamplePolicy from the group named Admins:",
379 "id": "e683f2bd-98a4-4fe0-bb66-33169c692d4a",
380 "title": "To delete a policy from an IAM group"
381 }
382 ],
383 "DeleteInstanceProfile": [
384 {
385 "input": {
386 "InstanceProfileName": "ExampleInstanceProfile"
387 },
388 "comments": {
389 "input": {
390 },
391 "output": {
392 }
393 },
394 "description": "The following command deletes the instance profile named ExampleInstanceProfile",
395 "id": "12d74fb8-3433-49db-8171-a1fc764e354d",
396 "title": "To delete an instance profile"
397 }
398 ],
399 "DeleteLoginProfile": [
400 {
401 "input": {
402 "UserName": "Bob"
403 },
404 "comments": {
405 "input": {
406 },
407 "output": {
408 }
409 },
410 "description": "The following command deletes the password for the IAM user named Bob.",
411 "id": "1fe57059-fc73-42e2-b992-517b7d573b5c",
412 "title": "To delete a password for an IAM user"
413 }
414 ],
415 "DeleteRole": [
416 {
417 "input": {
418 "RoleName": "Test-Role"
419 },
420 "comments": {
421 "input": {
422 },
423 "output": {
424 }
425 },
426 "description": "The following command removes the role named Test-Role.",
427 "id": "053cdf74-9bda-44b8-bdbb-140fd5a32603",
428 "title": "To delete an IAM role"
429 }
430 ],
431 "DeleteRolePolicy": [
432 {
433 "input": {
434 "PolicyName": "ExamplePolicy",
435 "RoleName": "Test-Role"
436 },
437 "comments": {
438 "input": {
439 },
440 "output": {
441 }
442 },
443 "description": "The following command removes the policy named ExamplePolicy from the role named Test-Role.",
444 "id": "9c667336-fde3-462c-b8f3-950800821e27",
445 "title": "To remove a policy from an IAM role"
446 }
447 ],
448 "DeleteSigningCertificate": [
449 {
450 "input": {
451 "CertificateId": "TA7SMP42TDN5Z26OBPJE7EXAMPLE",
452 "UserName": "Anika"
453 },
454 "comments": {
455 "input": {
456 },
457 "output": {
458 }
459 },
460 "description": "The following command deletes the specified signing certificate for the IAM user named Anika.",
461 "id": "e3357586-ba9c-4070-b35b-d1a899b71987",
462 "title": "To delete a signing certificate for an IAM user"
463 }
464 ],
465 "DeleteUser": [
466 {
467 "input": {
468 "UserName": "Bob"
469 },
470 "comments": {
471 "input": {
472 },
473 "output": {
474 }
475 },
476 "description": "The following command removes the IAM user named Bob from the current account.",
477 "id": "a13dc3f9-59fe-42d9-abbb-fb98b204fdf0",
478 "title": "To delete an IAM user"
479 }
480 ],
481 "DeleteUserPolicy": [
482 {
483 "input": {
484 "PolicyName": "ExamplePolicy",
485 "UserName": "Juan"
486 },
487 "comments": {
488 "input": {
489 },
490 "output": {
491 }
492 },
493 "description": "The following delete-user-policy command removes the specified policy from the IAM user named Juan:",
494 "id": "34f07ddc-9bc1-4f52-bc59-cd0a3ccd06c8",
495 "title": "To remove a policy from an IAM user"
496 }
497 ],
498 "DeleteVirtualMFADevice": [
499 {
500 "input": {
501 "SerialNumber": "arn:aws:iam::123456789012:mfa/ExampleName"
502 },
503 "comments": {
504 "input": {
505 },
506 "output": {
507 }
508 },
509 "description": "The following delete-virtual-mfa-device command removes the specified MFA device from the current AWS account.",
510 "id": "2933b08b-dbe7-4b89-b8c1-fdf75feea1ee",
511 "title": "To remove a virtual MFA device"
512 }
513 ],
514 "GetAccountPasswordPolicy": [
515 {
516 "output": {
517 "PasswordPolicy": {
518 "AllowUsersToChangePassword": false,
519 "ExpirePasswords": false,
520 "HardExpiry": false,
521 "MaxPasswordAge": 90,
522 "MinimumPasswordLength": 8,
523 "PasswordReusePrevention": 12,
524 "RequireLowercaseCharacters": false,
525 "RequireNumbers": true,
526 "RequireSymbols": true,
527 "RequireUppercaseCharacters": false
528 }
529 },
530 "comments": {
531 "input": {
532 },
533 "output": {
534 }
535 },
536 "description": "The following command displays details about the password policy for the current AWS account.",
537 "id": "5e4598c7-c425-431f-8af1-19073b3c4a5f",
538 "title": "To see the current account password policy"
539 }
540 ],
541 "GetAccountSummary": [
542 {
543 "output": {
544 "SummaryMap": {
545 "AccessKeysPerUserQuota": 2,
546 "AccountAccessKeysPresent": 1,
547 "AccountMFAEnabled": 0,
548 "AccountSigningCertificatesPresent": 0,
549 "AttachedPoliciesPerGroupQuota": 10,
550 "AttachedPoliciesPerRoleQuota": 10,
551 "AttachedPoliciesPerUserQuota": 10,
552 "GroupPolicySizeQuota": 5120,
553 "Groups": 15,
554 "GroupsPerUserQuota": 10,
555 "GroupsQuota": 100,
556 "MFADevices": 6,
557 "MFADevicesInUse": 3,
558 "Policies": 8,
559 "PoliciesQuota": 1000,
560 "PolicySizeQuota": 5120,
561 "PolicyVersionsInUse": 22,
562 "PolicyVersionsInUseQuota": 10000,
563 "ServerCertificates": 1,
564 "ServerCertificatesQuota": 20,
565 "SigningCertificatesPerUserQuota": 2,
566 "UserPolicySizeQuota": 2048,
567 "Users": 27,
568 "UsersQuota": 5000,
569 "VersionsPerPolicyQuota": 5
570 }
571 },
572 "comments": {
573 "input": {
574 },
575 "output": {
576 }
577 },
578 "description": "The following command returns information about the IAM entity quotas and usage in the current AWS account.",
579 "id": "9d8447af-f344-45de-8219-2cebc3cce7f2",
580 "title": "To get information about IAM entity quotas and usage in the current account"
581 }
582 ],
583 "GetInstanceProfile": [
584 {
585 "input": {
586 "InstanceProfileName": "ExampleInstanceProfile"
587 },
588 "output": {
589 "InstanceProfile": {
590 "Arn": "arn:aws:iam::336924118301:instance-profile/ExampleInstanceProfile",
591 "CreateDate": "2013-06-12T23:52:02Z",
592 "InstanceProfileId": "AID2MAB8DPLSRHEXAMPLE",
593 "InstanceProfileName": "ExampleInstanceProfile",
594 "Path": "/",
595 "Roles": [
596 {
597 "Arn": "arn:aws:iam::336924118301:role/Test-Role",
598 "AssumeRolePolicyDocument": "<URL-encoded-JSON>",
599 "CreateDate": "2013-01-09T06:33:26Z",
600 "Path": "/",
601 "RoleId": "AIDGPMS9RO4H3FEXAMPLE",
602 "RoleName": "Test-Role"
603 }
604 ]
605 }
606 },
607 "comments": {
608 "input": {
609 },
610 "output": {
611 }
612 },
613 "description": "The following command gets information about the instance profile named ExampleInstanceProfile.",
614 "id": "463b9ba5-18cc-4608-9ccb-5a7c6b6e5fe7",
615 "title": "To get information about an instance profile"
616 }
617 ],
618 "GetLoginProfile": [
619 {
620 "input": {
621 "UserName": "Anika"
622 },
623 "output": {
624 "LoginProfile": {
625 "CreateDate": "2012-09-21T23:03:39Z",
626 "UserName": "Anika"
627 }
628 },
629 "comments": {
630 "input": {
631 },
632 "output": {
633 }
634 },
635 "description": "The following command gets information about the password for the IAM user named Anika.",
636 "id": "d6b580cc-909f-4925-9caa-d425cbc1ad47",
637 "title": "To get password information for an IAM user"
638 }
639 ],
640 "GetRole": [
641 {
642 "input": {
643 "RoleName": "Test-Role"
644 },
645 "output": {
646 "Role": {
647 "Arn": "arn:aws:iam::123456789012:role/Test-Role",
648 "AssumeRolePolicyDocument": "<URL-encoded-JSON>",
649 "CreateDate": "2013-04-18T05:01:58Z",
650 "Path": "/",
651 "RoleId": "AIDIODR4TAW7CSEXAMPLE",
652 "RoleName": "Test-Role"
653 }
654 },
655 "comments": {
656 "input": {
657 },
658 "output": {
659 }
660 },
661 "description": "The following command gets information about the role named Test-Role.",
662 "id": "5b7d03a6-340c-472d-aa77-56425950d8b0",
663 "title": "To get information about an IAM role"
664 }
665 ],
666 "GetUser": [
667 {
668 "input": {
669 "UserName": "Bob"
670 },
671 "output": {
672 "User": {
673 "Arn": "arn:aws:iam::123456789012:user/Bob",
674 "CreateDate": "2012-09-21T23:03:13Z",
675 "Path": "/",
676 "UserId": "AKIAIOSFODNN7EXAMPLE",
677 "UserName": "Bob"
678 }
679 },
680 "comments": {
681 "input": {
682 },
683 "output": {
684 }
685 },
686 "description": "The following command gets information about the IAM user named Bob.",
687 "id": "ede000a1-9e4c-40db-bd0a-d4f95e41a6ab",
688 "title": "To get information about an IAM user"
689 }
690 ],
691 "ListAccessKeys": [
692 {
693 "input": {
694 "UserName": "Alice"
695 },
696 "output": {
697 "AccessKeyMetadata": [
698 {
699 "AccessKeyId": "AKIA111111111EXAMPLE",
700 "CreateDate": "2016-12-01T22:19:58Z",
701 "Status": "Active",
702 "UserName": "Alice"
703 },
704 {
705 "AccessKeyId": "AKIA222222222EXAMPLE",
706 "CreateDate": "2016-12-01T22:20:01Z",
707 "Status": "Active",
708 "UserName": "Alice"
709 }
710 ]
711 },
712 "comments": {
713 "input": {
714 },
715 "output": {
716 }
717 },
718 "description": "The following command lists the access keys IDs for the IAM user named Alice.",
719 "id": "15571463-ebea-411a-a021-1c76bd2a3625",
720 "title": "To list the access key IDs for an IAM user"
721 }
722 ],
723 "ListAccountAliases": [
724 {
725 "input": {
726 },
727 "output": {
728 "AccountAliases": [
729 "exmaple-corporation"
730 ]
731 },
732 "comments": {
733 "input": {
734 },
735 "output": {
736 }
737 },
738 "description": "The following command lists the aliases for the current account.",
739 "id": "e27b457a-16f9-4e05-a006-3df7b3472741",
740 "title": "To list account aliases"
741 }
742 ],
743 "ListGroupPolicies": [
744 {
745 "input": {
746 "GroupName": "Admins"
747 },
748 "output": {
749 "PolicyNames": [
750 "AdminRoot",
751 "KeyPolicy"
752 ]
753 },
754 "comments": {
755 "input": {
756 },
757 "output": {
758 }
759 },
760 "description": "The following command lists the names of in-line policies that are embedded in the IAM group named Admins.",
761 "id": "02de5095-2410-4d3a-ac1b-cc40234af68f",
762 "title": "To list the in-line policies for an IAM group"
763 }
764 ],
765 "ListGroups": [
766 {
767 "input": {
768 },
769 "output": {
770 "Groups": [
771 {
772 "Arn": "arn:aws:iam::123456789012:group/Admins",
773 "CreateDate": "2016-12-15T21:40:08.121Z",
774 "GroupId": "AGPA1111111111EXAMPLE",
775 "GroupName": "Admins",
776 "Path": "/division_abc/subdivision_xyz/"
777 },
778 {
779 "Arn": "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/engineering/Test",
780 "CreateDate": "2016-11-30T14:10:01.156Z",
781 "GroupId": "AGP22222222222EXAMPLE",
782 "GroupName": "Test",
783 "Path": "/division_abc/subdivision_xyz/product_1234/engineering/"
784 },
785 {
786 "Arn": "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/Managers",
787 "CreateDate": "2016-06-12T20:14:52.032Z",
788 "GroupId": "AGPI3333333333EXAMPLE",
789 "GroupName": "Managers",
790 "Path": "/division_abc/subdivision_xyz/product_1234/"
791 }
792 ]
793 },
794 "comments": {
795 "input": {
796 },
797 "output": {
798 }
799 },
800 "description": "The following command lists the IAM groups in the current account:",
801 "id": "b3ab1380-2a21-42fb-8e85-503f65512c66",
802 "title": "To list the IAM groups for the current account"
803 }
804 ],
805 "ListGroupsForUser": [
806 {
807 "input": {
808 "UserName": "Bob"
809 },
810 "output": {
811 "Groups": [
812 {
813 "Arn": "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/engineering/Test",
814 "CreateDate": "2016-11-30T14:10:01.156Z",
815 "GroupId": "AGP2111111111EXAMPLE",
816 "GroupName": "Test",
817 "Path": "/division_abc/subdivision_xyz/product_1234/engineering/"
818 },
819 {
820 "Arn": "arn:aws:iam::123456789012:group/division_abc/subdivision_xyz/product_1234/Managers",
821 "CreateDate": "2016-06-12T20:14:52.032Z",
822 "GroupId": "AGPI222222222SEXAMPLE",
823 "GroupName": "Managers",
824 "Path": "/division_abc/subdivision_xyz/product_1234/"
825 }
826 ]
827 },
828 "comments": {
829 "input": {
830 },
831 "output": {
832 }
833 },
834 "description": "The following command displays the groups that the IAM user named Bob belongs to.",
835 "id": "278ec2ee-fc28-4136-83fb-433af0ae46a2",
836 "title": "To list the groups that an IAM user belongs to"
837 }
838 ],
839 "ListSigningCertificates": [
840 {
841 "input": {
842 "UserName": "Bob"
843 },
844 "output": {
845 "Certificates": [
846 {
847 "CertificateBody": "-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----",
848 "CertificateId": "TA7SMP42TDN5Z26OBPJE7EXAMPLE",
849 "Status": "Active",
850 "UploadDate": "2013-06-06T21:40:08Z",
851 "UserName": "Bob"
852 }
853 ]
854 },
855 "comments": {
856 "input": {
857 },
858 "output": {
859 }
860 },
861 "description": "The following command lists the signing certificates for the IAM user named Bob.",
862 "id": "b4c10256-4fc9-457e-b3fd-4a110d4d73dc",
863 "title": "To list the signing certificates for an IAM user"
864 }
865 ],
866 "ListUsers": [
867 {
868 "input": {
869 },
870 "output": {
871 "Users": [
872 {
873 "Arn": "arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/engineering/Juan",
874 "CreateDate": "2012-09-05T19:38:48Z",
875 "PasswordLastUsed": "2016-09-08T21:47:36Z",
876 "Path": "/division_abc/subdivision_xyz/engineering/",
877 "UserId": "AID2MAB8DPLSRHEXAMPLE",
878 "UserName": "Juan"
879 },
880 {
881 "Arn": "arn:aws:iam::123456789012:user/division_abc/subdivision_xyz/engineering/Anika",
882 "CreateDate": "2014-04-09T15:43:45Z",
883 "PasswordLastUsed": "2016-09-24T16:18:07Z",
884 "Path": "/division_abc/subdivision_xyz/engineering/",
885 "UserId": "AIDIODR4TAW7CSEXAMPLE",
886 "UserName": "Anika"
887 }
888 ]
889 },
890 "comments": {
891 "input": {
892 },
893 "output": {
894 }
895 },
896 "description": "The following command lists the IAM users in the current account.",
897 "id": "9edfbd73-03d8-4d8a-9a79-76c85e8c8298",
898 "title": "To list IAM users"
899 }
900 ],
901 "ListVirtualMFADevices": [
902 {
903 "input": {
904 },
905 "output": {
906 "VirtualMFADevices": [
907 {
908 "SerialNumber": "arn:aws:iam::123456789012:mfa/ExampleMFADevice"
909 },
910 {
911 "SerialNumber": "arn:aws:iam::123456789012:mfa/Juan"
912 }
913 ]
914 },
915 "comments": {
916 "input": {
917 },
918 "output": {
919 }
920 },
921 "description": "The following command lists the virtual MFA devices that have been configured for the current account.",
922 "id": "54f9ac18-5100-4070-bec4-fe5f612710d5",
923 "title": "To list virtual MFA devices"
924 }
925 ],
926 "PutGroupPolicy": [
927 {
928 "input": {
929 "GroupName": "Admins",
930 "PolicyDocument": "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}",
931 "PolicyName": "AllPerms"
932 },
933 "comments": {
934 "input": {
935 },
936 "output": {
937 }
938 },
939 "description": "The following command adds a policy named AllPerms to the IAM group named Admins.",
940 "id": "4bc17418-758f-4d0f-ab0c-4d00265fec2e",
941 "title": "To add a policy to a group"
942 }
943 ],
944 "PutRolePolicy": [
945 {
946 "input": {
947 "PolicyDocument": "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"s3:*\",\"Resource\":\"*\"}}",
948 "PolicyName": "S3AccessPolicy",
949 "RoleName": "S3Access"
950 },
951 "comments": {
952 "input": {
953 },
954 "output": {
955 }
956 },
957 "description": "The following command adds a permissions policy to the role named Test-Role.",
958 "id": "de62fd00-46c7-4601-9e0d-71d5fbb11ecb",
959 "title": "To attach a permissions policy to an IAM role"
960 }
961 ],
962 "PutUserPolicy": [
963 {
964 "input": {
965 "PolicyDocument": "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}",
966 "PolicyName": "AllAccessPolicy",
967 "UserName": "Bob"
968 },
969 "comments": {
970 "input": {
971 },
972 "output": {
973 }
974 },
975 "description": "The following command attaches a policy to the IAM user named Bob.",
976 "id": "2551ffc6-3576-4d39-823f-30b60bffc2c7",
977 "title": "To attach a policy to an IAM user"
978 }
979 ],
980 "RemoveRoleFromInstanceProfile": [
981 {
982 "input": {
983 "InstanceProfileName": "ExampleInstanceProfile",
984 "RoleName": "Test-Role"
985 },
986 "comments": {
987 "input": {
988 },
989 "output": {
990 }
991 },
992 "description": "The following command removes the role named Test-Role from the instance profile named ExampleInstanceProfile.",
993 "id": "6d9f46f1-9f4a-4873-b403-51a85c5c627c",
994 "title": "To remove a role from an instance profile"
995 }
996 ],
997 "RemoveUserFromGroup": [
998 {
999 "input": {
1000 "GroupName": "Admins",
1001 "UserName": "Bob"
1002 },
1003 "comments": {
1004 "input": {
1005 },
1006 "output": {
1007 }
1008 },
1009 "description": "The following command removes the user named Bob from the IAM group named Admins.",
1010 "id": "fb54d5b4-0caf-41d8-af0e-10a84413f174",
1011 "title": "To remove a user from an IAM group"
1012 }
1013 ],
1014 "UpdateAccessKey": [
1015 {
1016 "input": {
1017 "AccessKeyId": "AKIAIOSFODNN7EXAMPLE",
1018 "Status": "Inactive",
1019 "UserName": "Bob"
1020 },
1021 "comments": {
1022 "input": {
1023 },
1024 "output": {
1025 }
1026 },
1027 "description": "The following command deactivates the specified access key (access key ID and secret access key) for the IAM user named Bob.",
1028 "id": "02b556fd-e673-49b7-ab6b-f2f9035967d0",
1029 "title": "To activate or deactivate an access key for an IAM user"
1030 }
1031 ],
1032 "UpdateAccountPasswordPolicy": [
1033 {
1034 "input": {
1035 "MinimumPasswordLength": 8,
1036 "RequireNumbers": true
1037 },
1038 "comments": {
1039 "input": {
1040 },
1041 "output": {
1042 }
1043 },
1044 "description": "The following command sets the password policy to require a minimum length of eight characters and to require one or more numbers in the password:",
1045 "id": "c263a1af-37dc-4423-8dba-9790284ef5e0",
1046 "title": "To set or change the current account password policy"
1047 }
1048 ],
1049 "UpdateAssumeRolePolicy": [
1050 {
1051 "input": {
1052 "PolicyDocument": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"Service\":[\"ec2.amazonaws.com\"]},\"Action\":[\"sts:AssumeRole\"]}]}",
1053 "RoleName": "S3AccessForEC2Instances"
1054 },
1055 "comments": {
1056 "input": {
1057 },
1058 "output": {
1059 }
1060 },
1061 "description": "The following command updates the role trust policy for the role named Test-Role:",
1062 "id": "c9150063-d953-4e99-9576-9685872006c6",
1063 "title": "To update the trust policy for an IAM role"
1064 }
1065 ],
1066 "UpdateGroup": [
1067 {
1068 "input": {
1069 "GroupName": "Test",
1070 "NewGroupName": "Test-1"
1071 },
1072 "comments": {
1073 "input": {
1074 },
1075 "output": {
1076 }
1077 },
1078 "description": "The following command changes the name of the IAM group Test to Test-1.",
1079 "id": "f0cf1662-91ae-4278-a80e-7db54256ccba",
1080 "title": "To rename an IAM group"
1081 }
1082 ],
1083 "UpdateLoginProfile": [
1084 {
1085 "input": {
1086 "Password": "SomeKindOfPassword123!@#",
1087 "UserName": "Bob"
1088 },
1089 "comments": {
1090 "input": {
1091 },
1092 "output": {
1093 }
1094 },
1095 "description": "The following command creates or changes the password for the IAM user named Bob.",
1096 "id": "036d9498-ecdb-4ed6-a8d8-366c383d1487",
1097 "title": "To change the password for an IAM user"
1098 }
1099 ],
1100 "UpdateSigningCertificate": [
1101 {
1102 "input": {
1103 "CertificateId": "TA7SMP42TDN5Z26OBPJE7EXAMPLE",
1104 "Status": "Inactive",
1105 "UserName": "Bob"
1106 },
1107 "comments": {
1108 "input": {
1109 },
1110 "output": {
1111 }
1112 },
1113 "description": "The following command changes the status of a signing certificate for a user named Bob to Inactive.",
1114 "id": "829aee7b-efc5-4b3b-84a5-7f899b38018d",
1115 "title": "To change the active status of a signing certificate for an IAM user"
1116 }
1117 ],
1118 "UpdateUser": [
1119 {
1120 "input": {
1121 "NewUserName": "Robert",
1122 "UserName": "Bob"
1123 },
1124 "comments": {
1125 "input": {
1126 },
1127 "output": {
1128 }
1129 },
1130 "description": "The following command changes the name of the IAM user Bob to Robert. It does not change the user's path.",
1131 "id": "275d53ed-347a-44e6-b7d0-a96276154352",
1132 "title": "To change an IAM user's name"
1133 }
1134 ],
1135 "UploadServerCertificate": [
1136 {
1137 "input": {
1138 "CertificateBody": "-----BEGIN CERTIFICATE-----<a very long certificate text string>-----END CERTIFICATE-----",
1139 "Path": "/company/servercerts/",
1140 "PrivateKey": "-----BEGIN DSA PRIVATE KEY-----<a very long private key string>-----END DSA PRIVATE KEY-----",
1141 "ServerCertificateName": "ProdServerCert"
1142 },
1143 "output": {
1144 "ServerCertificateMetadata": {
1145 "Arn": "arn:aws:iam::123456789012:server-certificate/company/servercerts/ProdServerCert",
1146 "Expiration": "2012-05-08T01:02:03.004Z",
1147 "Path": "/company/servercerts/",
1148 "ServerCertificateId": "ASCA1111111111EXAMPLE",
1149 "ServerCertificateName": "ProdServerCert",
1150 "UploadDate": "2010-05-08T01:02:03.004Z"
1151 }
1152 },
1153 "comments": {
1154 "input": {
1155 },
1156 "output": {
1157 }
1158 },
1159 "description": "The following upload-server-certificate command uploads a server certificate to your AWS account:",
1160 "id": "06eab6d1-ebf2-4bd9-839d-f7508b9a38b6",
1161 "title": "To upload a server certificate to your AWS account"
1162 }
1163 ],
1164 "UploadSigningCertificate": [
1165 {
1166 "input": {
1167 "CertificateBody": "-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----",
1168 "UserName": "Bob"
1169 },
1170 "output": {
1171 "Certificate": {
1172 "CertificateBody": "-----BEGIN CERTIFICATE-----<certificate-body>-----END CERTIFICATE-----",
1173 "CertificateId": "ID123456789012345EXAMPLE",
1174 "Status": "Active",
1175 "UploadDate": "2015-06-06T21:40:08.121Z",
1176 "UserName": "Bob"
1177 }
1178 },
1179 "comments": {
1180 "input": {
1181 },
1182 "output": {
1183 }
1184 },
1185 "description": "The following command uploads a signing certificate for the IAM user named Bob.",
1186 "id": "e67489b6-7b73-4e30-9ed3-9a9e0231e458",
1187 "title": "To upload a signing certificate for an IAM user"
1188 }
1189 ]
1190 }
1191}