Merge pull request #9014 from elysahall/awsdocs-10-29-24

CLI examples apigateway, ecr-public, iam, securityhub

awscli/examples/apigateway/flush-stage-cache.rst

@@ -1,5 +1,11 @@
 **To flush the cache for an API's stage**
 
-Command::
+The following ``flush-stage-cache`` example flushes the cache of a stage. ::
 
-  aws apigateway flush-stage-cache --rest-api-id 1234123412 --stage-name dev
+    aws apigateway flush-stage-cache \
+        --rest-api-id 1234123412 \
+        --stage-name dev
+
+This command produces no output.
+
+For more information, see `Flush the API stage cache in API Gateway <https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html#flush-api-caching>`_ in the *Amazon API Gateway Developer Guide*.

awscli/examples/ecr-public/describe-registries.rst

@@ -0,0 +1,26 @@
+**To describe all registries in a public registry**
+
+The following ``describe-registries`` example describes all registries in your account. ::
+
+    aws ecr-public describe-registries
+
+Output::
+
+   {
+    "registries": [
+        {
+            "registryId": "123456789012",
+            "registryArn": "arn:aws:ecr-public::123456789012:registry/123456789012",
+            "registryUri": "public.ecr.aws/publicregistrycustomalias",
+            "verified": false,
+            "aliases": [
+                {
+                    "name": "publicregistrycustomalias",
+                    "status": "ACTIVE",
+                    "primaryRegistryAlias": true,
+                    "defaultRegistryAlias": true
+                }
+            ]
+        }
+        ]
+    }

awscli/examples/ecr-public/describe-repository.rst

@@ -0,0 +1,43 @@
+**Example 1: To describe a repository in a public registry**
+
+The following ``describe-repositories`` example describes a repository named ``project-a/nginx-web-app`` in a public registry. ::
+
+    aws ecr-public describe-repositories \
+        --repository-name project-a/nginx-web-app
+
+Output::
+
+    {
+        "repositories": [
+            {
+                "repositoryArn": "arn:aws:ecr-public::123456789012:repository/project-a/nginx-web-app",
+                "registryId": "123456789012",
+                "repositoryName": "project-a/nginx-web-app",
+                "repositoryUri": "public.ecr.aws/public-registry-custom-alias/project-a/nginx-web-app",
+                "createdAt": "2024-07-07T00:07:56.526000-05:00"
+            }
+        ]
+    }
+
+**Example 2: To describe all repositories in a public registry in a table**
+
+The following ``describe-repositories`` example describes all repositories in a public registry and then outputs the repository names into a table format. ::
+
+    aws ecr-public describe-repositories \
+        --region us-east-1 \
+        --output table \
+        --query "repositories[*].repositoryName"
+
+Output::
+
+    -----------------------------
+    |   DescribeRepositories    |
+    +---------------------------+
+    |  project-a/nginx-web-app  |
+    |  nginx                    |
+    |  myfirstrepo1             |
+    |  helm-test-chart          |
+    |  test-ecr-public          |
+    |  nginx-web-app            |
+    |  sample-repo              |
+    +---------------------------+

awscli/examples/ecr-public/get-login-password.rst

@@ -0,0 +1,27 @@
+**Example 1: To authenticate docker to an Amazon ECR public registry**
+
+The following ``get-login-password`` example retrieves and displays an authentication token using the GetAuthorizationToken API that you can use to authenticate to an Amazon ECR public registry. ::
+
+    aws ecr-public get-login-password \
+        --region us-east-1 
+    | docker login \
+        --username AWS \
+        --password-stdin public.ecr.aws
+
+This command produces no output in the terminal but instead pipes the output to Docker.
+
+For more information, see `Authenticate to the public registry <https://docs.aws.amazon.com/AmazonECR/latest/public/public-registries.html#public-registry-auth>`__ in the *Amazon ECR Public*.
+
+**Example 2: To authenticate docker to your own custom AmazonECR public registry**
+
+The following ``get-login-password`` example retrieves and displays an authentication token using the GetAuthorizationToken API that you can use to authenticate to your own custom Amazon ECR public registry. ::
+
+     aws ecr-public get-login-password \
+        --region us-east-1 \
+    | docker login \
+        --username AWS \
+        --password-stdin public.ecr.aws/<your-public-registry-custom-alias>
+
+This command produces no output in the terminal but insteads pipes the output to Docker.
+
+For more information, see `Authenticate to your own Amazon ECR Public <https://docs.aws.amazon.com/AmazonECR/latest/public/public-registries.html#public-registry-auth>`__ in the *Amazon ECR Public*.

awscli/examples/iam/create-policy.rst

@@ -1,12 +1,12 @@
 **Example 1: To create a customer managed policy**
 
-The following command creates a customer managed policy named ``my-policy``. ::
+The following command creates a customer managed policy named ``my-policy``. The file ``policy.json`` is a JSON document in the current folder that grants read only access to the ``shared`` folder in an Amazon S3 bucket named ``amzn-s3-demo-bucket``. ::
 
     aws iam create-policy \
         --policy-name my-policy \
-        --policy-document file://policy
+        --policy-document file://policy.json
 
-The file ``policy`` is a JSON document in the current folder that grants read only access to the ``shared`` folder in an Amazon S3 bucket named ``my-bucket``. ::
+Contents of policy.json::
 
     {
         "Version": "2012-10-17",
@@ -18,7 +18,7 @@ The file ``policy`` is a JSON document in the current folder that grants read on
                     "s3:List*"
                 ],
                 "Resource": [
-                    "arn:aws:s3:::my-bucket/shared/*"
+                    "arn:aws:s3:::amzn-s3-demo-bucket/shared/*"
                 ]
             }
         ]
@@ -44,16 +44,18 @@ For more information on using files as input for string parameters, see `Specify
 
 **Example 2: To create a customer managed policy with a description**
 
-The following command creates a customer managed policy named ``my-policy`` with an immutable description::
+The following command creates a customer managed policy named ``my-policy`` with an immutable description. 
+
+The file ``policy.json`` is a JSON document in the current folder that grants access to all Put, List, and Get actions for an Amazon S3 bucket named ``amzn-s3-demo-bucket``. ::
 
     aws iam create-policy \
         --policy-name my-policy \
         --policy-document file://policy.json \
-        --description "This policy grants access to all Put, Get, and List actions for my-bucket"
+        --description "This policy grants access to all Put, Get, and List actions for amzn-s3-demo-bucket"
 
-The file ``policy.json`` is a JSON document in the current folder that grants access to all Put, List, and Get actions for an Amazon S3 bucket named ``my-bucket``. ::
+Contents of policy.json::
 
-   {
+    {
        "Version": "2012-10-17",
        "Statement": [
            {
@@ -64,7 +66,7 @@ The file ``policy.json`` is a JSON document in the current folder that grants ac
                     "s3:GetBucket*"
                 ],
                 "Resource": [
-                    "arn:aws:s3:::my-bucket"
+                    "arn:aws:s3:::amzn-s3-demo-bucket"
                 ]
             }
         ]
@@ -89,36 +91,38 @@ Output::
 
 For more information on Idenity-based Policies, see `Identity-based policies and resource-based policies <https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html>`__ in the *AWS IAM User Guide*.
 
-**Example 3: To Create a customer managed policy with tags**
+**Example 3: To create a customer managed policy with tags**
 
-The following command creates a customer managed policy named ``my-policy`` with tags. This example uses the ``--tags`` parameter flag with the following JSON-formatted tags: ``'{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}'``. Alternatively, the ``--tags`` flag can be used with tags in the shorthand format: ``'Key=Department,Value=Accounting Key=Location,Value=Seattle'``. ::
+The following command creates a customer managed policy named ``my-policy`` with tags. This example uses the ``--tags`` parameter with the following JSON-formatted tags: ``'{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}'``. Alternatively, the ``--tags`` parameter can be used with tags in the shorthand format: ``'Key=Department,Value=Accounting Key=Location,Value=Seattle'``. 
+
+The file ``policy.json`` is a JSON document in the current folder that grants access to all Put, List, and Get actions for an Amazon S3 bucket named ``amzn-s3-demo-bucket``. ::
 
     aws iam create-policy \
         --policy-name my-policy \
         --policy-document file://policy.json \
         --tags '{"Key": "Department", "Value": "Accounting"}' '{"Key": "Location", "Value": "Seattle"}'
 
-The file ``policy.json`` is a JSON document in the current folder that grants access to all Put, List, and Get actions for an Amazon S3 bucket named ``my-bucket``. ::
+Contents of policy.json::
 
-   {
-       "Version": "2012-10-17",
-       "Statement": [
-           {
-               "Effect": "Allow",
-               "Action": [
+    {
+        "Version": "2012-10-17",
+        "Statement": [
+            {
+                "Effect": "Allow",
+                "Action": [
                     "s3:ListBucket*",
                     "s3:PutBucket*",
                     "s3:GetBucket*"
                 ],
                 "Resource": [
-                    "arn:aws:s3:::my-bucket"
+                    "arn:aws:s3:::amzn-s3-demo-bucket"
                 ]
             }
         ]
     }
 
 Output::
-    
+
     {
         "Policy": {
             "PolicyName": "my-policy",
@@ -139,7 +143,6 @@ Output::
                     "Key": "Location",
                     "Value": "Seattle"
                 {
-
             ]
         }
     }

awscli/examples/iam/get-account-authorization-details.rst

@@ -1,4 +1,4 @@
-**To list an AWS accounts IAM users, groups, roles, and policies**
+**To list an AWS account's IAM users, groups, roles, and policies**
 
 The following ``get-account-authorization-details`` command returns information about all IAM users, groups, roles, and policies in the AWS account. ::
 
@@ -236,8 +236,8 @@ Output::
                                         "s3:List*"
                                     ],
                                     "Resource": [
-                                        "arn:aws:s3:::example-bucket",
-                                        "arn:aws:s3:::example-bucket/*"
+                                        "arn:aws:s3:::amzn-s3-demo-bucket",
+                                        "arn:aws:s3:::amzn-s3-demo-bucket/*"
                                     ]
                                 }
                             ]

awscli/examples/securityhub/list-configuration-policy-associations.rst

@@ -3,7 +3,7 @@
 The following ``list-configuration-policy-associations`` example lists a summary of configuration associations for the organization. The response include associations with configuration policies and self-managed behavior. ::
 
     aws securityhub list-configuration-policy-associations \
-        --association-type "APPLIED" \
+        --filters '{"AssociationType": "APPLIED"}' \
         --max-items 4
 
 Output::
@@ -47,4 +47,4 @@ Output::
         }
     }
 
-For more information, see `Viewing Security Hub configuration policies <https://docs.aws.amazon.com/securityhub/latest/userguide/view-policy.html>`__ in the *AWS Security Hub User Guide*.
+For more information, see `Viewing configuration policy status and details <https://docs.aws.amazon.com/securityhub/latest/userguide/view-policy.html>`__ in the *AWS Security Hub User Guide*.