diff --git a/awscli/examples/controltower/create-landing-zone.rst b/awscli/examples/controltower/create-landing-zone.rst new file mode 100644 index 000000000000..a49eb4202e6d --- /dev/null +++ b/awscli/examples/controltower/create-landing-zone.rst @@ -0,0 +1,16 @@ +**To Create Control Tower Landing Zone** + +The following ``create-landing-zone`` example creates AWS Control Tower Landing Zone :: + + aws controltower create-landing-zone \ + --landing-zone-version 3.3 \ + --manifest "file://LandingZoneManifest.json" + +Output:: + + { + "arn": "arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5", + "operationIdentifier": "55XXXXXX-e2XX-41XX-a7XX-446XXXXXXXXX" + } + +For more information, see `AWS Control Tower Getting Started `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/delete-landing-zone.rst b/awscli/examples/controltower/delete-landing-zone.rst new file mode 100644 index 000000000000..ebbbc3474e8e --- /dev/null +++ b/awscli/examples/controltower/delete-landing-zone.rst @@ -0,0 +1,13 @@ +**To Decommission Landing Zone** + +The following ``delete-landing-zone`` example decommissions the AWS Control Tower landing zone :: + + aws controltower delete-landing-zone \ + --landing-zone-identifier arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5 + +Output:: + + { + "operationIdentifier": "47XXXXXX-a6XX-82XX-c9XX-432XXXXXXXXX" + } +For more information, see `Decommission a Landing Zone `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/disable-baseline.rst b/awscli/examples/controltower/disable-baseline.rst new file mode 100644 index 000000000000..77c858203806 --- /dev/null +++ b/awscli/examples/controltower/disable-baseline.rst @@ -0,0 +1,14 @@ +**To Disable A Control Tower Baseline** + +The following ``disable-baseline`` example disables an AWS Control Tower baseline:: + + aws controltower disable-baseline \ + --enabled-baseline-identifier arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2 + +Output:: + + { + "operationIdentifier": "b33486d7-5396-4ad0-9eae-3a57969fe8cd" + } + +For more information, see `AWS Control Tower Baselines `__ in the *AWS Control Tower User Guide*. diff --git a/awscli/examples/controltower/disable-control.rst b/awscli/examples/controltower/disable-control.rst new file mode 100644 index 000000000000..f1c2dc0454a7 --- /dev/null +++ b/awscli/examples/controltower/disable-control.rst @@ -0,0 +1,15 @@ +**To Disable Control Tower Control** + +The following ``disable-control`` example disables an AWS Control Tower enabled control:: + + aws controltower disable-control \ + --control-identifier arn:aws:controlcatalog:::control/497wrm2xnk1wxlf4obrxxxxxx \ + --target-identifier arn:aws:organizations::123456789012:ou/o-s64ryxxxxx/ou-oqxx-i5wnxxxx + +Output:: + + { + "operationIdentifier": "b8f0dxxx-08xx-43xx-a2xx-568e9922xxxx" + } + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/enable-baseline.rst b/awscli/examples/controltower/enable-baseline.rst new file mode 100644 index 000000000000..7dbc4a431ae8 --- /dev/null +++ b/awscli/examples/controltower/enable-baseline.rst @@ -0,0 +1,32 @@ +**To Enable A Control Tower Baseline** + +The following ``enable-baseline`` example enables an AWS Control Tower baseline if baseline 'IdentityCenterBaseline' is **not** enabled:: + + aws controltower enable-baseline \ + --baseline-identifier arn:aws:controltower:us-east-1::baseline/17BSJV3IGJ2QSGA2 \ + --baseline-version 4.0 \ + --target-identifier arn:aws:organizations::371737006705:ou/o-s64ryihwdd/ou-oq9f-i5wnx6zf + +Output:: + + { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2", + "operationIdentifier": "51e190ac-8a37-4f6d-b63c-fb5104b5db38" + } + +The following ``enable-baseline`` example enables an AWS Control Tower baseline if baseline 'IdentityCenterBaseline' is enabled:: + + aws controltower enable-baseline \ + --baseline-identifier arn:aws:controltower:us-east-1::baseline/17BSJV3IGJ2QSGA2 \ + --baseline-version 4.0 \ + --target-identifier arn:aws:organizations::123456789012:ou/o-s64ryixxxx/ou-oqxx-i5wnxxxx \ + --parameters '[{"key":"IdentityCenterEnabledBaselineArn","value":"arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XAJNZNCBC1I386C7B"}]' + +Output:: + + { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2", + "operationIdentifier": "51e190ac-8a37-4f6d-b63c-fb5104b5db38" + } + +For more information, see `AWS Control Tower Baselines `__ in the *AWS Control Tower User Guide*. diff --git a/awscli/examples/controltower/enable-control.rst b/awscli/examples/controltower/enable-control.rst new file mode 100644 index 000000000000..e448eae462e9 --- /dev/null +++ b/awscli/examples/controltower/enable-control.rst @@ -0,0 +1,16 @@ +**To Enable Control Tower Control** + +The following ``enable-control`` example enables an AWS Control Tower control:: + + aws controltower enable-control \ + --control-identifier arn:aws:controlcatalog:::control/497wrm2xnk1wxlf4obrxxxxxx \ + --target-identifier arn:aws:organizations::123456789012:ou/o-s64ryxxxxx/ou-oqxx-i5wnxxxx + +Output:: + + { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/18J5KBJ3W3VTIRLV", + "operationIdentifier": "7691fc5a-de87-4540-8c95-b0aabd56382c" + } + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/get-baseline-operation.rst b/awscli/examples/controltower/get-baseline-operation.rst new file mode 100644 index 000000000000..c0f86fe2da29 --- /dev/null +++ b/awscli/examples/controltower/get-baseline-operation.rst @@ -0,0 +1,21 @@ +**To Get A Control Tower Baseline Operation** + +The following ``get-baseline-operation`` example get details of an AWS Control Tower baseline operation:: + + aws controltower get-baseline-operation \ + --operation-identifier "51e190ac-8a37-4f6d-b63c-fb5104b5db38" + +Output:: + + { + "baselineOperation": { + "endTime": "2025-04-17T23:48:46+00:00", + "operationIdentifier": "51e190ac-8a37-4f6d-b63c-fb5104b5db38", + "operationType": "ENABLE_BASELINE", + "startTime": "2025-04-17T23:46:37+00:00", + "status": "SUCCEEDED", + "statusMessage": "AWS Control Tower completed the baseline operation successfully." + } + } + +For more information, see `AWS Control Tower Baselines `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/get-baseline.rst b/awscli/examples/controltower/get-baseline.rst new file mode 100644 index 000000000000..210db256d355 --- /dev/null +++ b/awscli/examples/controltower/get-baseline.rst @@ -0,0 +1,16 @@ +**To Get A Control Tower Baseline** + +The following ``get-baseline`` example gets details of an AWS Control Tower baseline:: + + aws controltower get-baseline \ + --baseline-identifier arn:aws:controltower:us-east-1::baseline/LN25R72TTG6IGPTQ + +Output:: + + { + "arn": "arn:aws:controltower:us-east-1::baseline/LN25R72TTG6IGPTQ", + "description": "Sets up shared resources for AWS Identity Center, which prepares the AWSControlTowerBaseline to set up Identity Center access for accounts.", + "name": "IdentityCenterBaseline" + } + +For more information, see `AWS Control Tower Baselines `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/get-control-operation.rst b/awscli/examples/controltower/get-control-operation.rst new file mode 100644 index 000000000000..db251354dd28 --- /dev/null +++ b/awscli/examples/controltower/get-control-operation.rst @@ -0,0 +1,24 @@ +**To Get Control Tower Control Operations** + +The following ``get-control-operation`` example get details of an AWS Control Tower control operation:: + + aws controltower get-control-operation \ + --operation-identifier "7691fc5a-de87-4540-8c95-b0aabd56382c" + +Output:: + + { + "controlOperation": { + "controlIdentifier": "arn:aws:controlcatalog:::control/497wrm2xnk1wxlf4obrdo7mej", + "enabledControlIdentifier": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/18J5KBJ3W3VTIRLV", + "endTime": "2025-04-17T03:08:55+00:00", + "operationIdentifier": "7691fc5a-de87-4540-8c95-b0aabd56382c", + "operationType": "ENABLE_CONTROL", + "startTime": "2025-04-17T03:07:52+00:00", + "status": "SUCCEEDED", + "statusMessage": "Operation was successful.", + "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-s64ryixxxx/ou-oqxx-i5wnxxxx" + } + } + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/get-enabled-baseline.rst b/awscli/examples/controltower/get-enabled-baseline.rst new file mode 100644 index 000000000000..10134733400c --- /dev/null +++ b/awscli/examples/controltower/get-enabled-baseline.rst @@ -0,0 +1,29 @@ +**To Get A Control Tower Enabled Baseline** + +The following ``get-enabled-baseline`` example get details of an AWS Control Tower enabled baseline:: + + aws controltower get-enabled-baseline \ + --enabled-baseline-identifier arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2 + +Output:: + + { + "enabledBaselineDetails": { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2", + "baselineIdentifier": "arn:aws:controltower:us-east-1::baseline/17BSJV3IGJ2QSGA2", + "baselineVersion": "4.0", + "parameters": [ + { + "key": "IdentityCenterEnabledBaselineArn", + "value": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XAJNZNCBC1I386C7B" + } + ], + "statusSummary": { + "lastOperationIdentifier": "51e190ac-8a37-4f6d-b63c-fb5104b5db38", + "status": "SUCCEEDED" + }, + "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-3onqfufxxx/ou-g8xx-5kluxxxx" + } + } + +For more information, see `AWS Control Tower Baselines `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/get-enabled-control.rst b/awscli/examples/controltower/get-enabled-control.rst new file mode 100644 index 000000000000..a13b9189f971 --- /dev/null +++ b/awscli/examples/controltower/get-enabled-control.rst @@ -0,0 +1,39 @@ +**To Get Control Tower Enabled Control** + +The following ``get-enabled-control`` example get details of an AWS Control Tower enabled control:: + + aws controltower get-enabled-control \ + --enabled-control-identifier arn:aws:controltower:us-east-1:123456789012:enabledcontrol/26RGJRSLXCP1KW8D + +Output:: + + { + "enabledControlDetails": { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/26RGJRSLXCP1KW8D", + "controlIdentifier": "arn:aws:controltower:us-east-1::control/AWS-GR_CLOUDTRAIL_CHANGE_PROHIBITED", + "driftStatusSummary": { + "driftStatus": "NOT_CHECKING" + }, + "parameters": [], + "statusSummary": { + "status": "SUCCEEDED" + }, + "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-s64ryixxxx/ou-oqxx-i5wnxxxx", + "targetRegions": [ + { + "name": "ap-south-2" + }, + { + "name": "ap-south-1" + }, + { + "name": "eu-south-1" + }, + { + "name": "us-east-1" + } + ] + } + } + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/get-landing-zone-operation.rst b/awscli/examples/controltower/get-landing-zone-operation.rst new file mode 100644 index 000000000000..adbc9f04880f --- /dev/null +++ b/awscli/examples/controltower/get-landing-zone-operation.rst @@ -0,0 +1,19 @@ +**To Get Control Tower Landing Zone Operation** + +The following ``get-landing-zone-operation`` example get details of an AWS Control Tower landing zone operation:: + + aws controltower get-landing-zone-operation \ + --operation-identifier ee9d0d2d-6532-42d8-9b85-3fbb0700a606 + +Output:: + + { + "operationDetails": { + "operationIdentifier": "ee9d0d2d-6532-42d8-9b85-3fbb0700a606", + "operationType": "RESET", + "startTime": "2025-04-17T03:19:33+00:00", + "status": "IN_PROGRESS" + } + } + +For more information, see `AWS Control Tower Getting Started `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/get-landing-zone.rst b/awscli/examples/controltower/get-landing-zone.rst new file mode 100644 index 000000000000..291abb34e63e --- /dev/null +++ b/awscli/examples/controltower/get-landing-zone.rst @@ -0,0 +1,51 @@ +**To Describe A Control Tower Landing Zone** + +The following ``get-landing-zone`` example get details of AWS Control Tower Landing Zone:: + + aws controltower get-landing-zone \ + --landing-zone-identifier arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5 + +Output:: + + { + "landingZone": { + "arn": "arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5", + "driftStatus": { + "status": "IN_SYNC" + }, + "latestAvailableVersion": "3.3", + "manifest": { + "accessManagement": { + "enabled": true + }, + "securityRoles": { + "accountId": "098765432101" + }, + "governedRegions": [ + "us-east-1", + "us-west-2" + ], + "organizationStructure": { + "security": { + "name": "Security" + } + }, + "centralizedLogging": { + "accountId": "543210987654", + "configurations": { + "loggingBucket": { + "retentionDays": 365 + }, + "kmsKeyArn": "`__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/list-baselines.rst b/awscli/examples/controltower/list-baselines.rst new file mode 100644 index 000000000000..03b56db557ab --- /dev/null +++ b/awscli/examples/controltower/list-baselines.rst @@ -0,0 +1,49 @@ +**To List Control Tower Baselines** + +The following ``list-baselines`` example lists all available AWS Control Tower baselines:: + + aws controltower list-baselines + +Output:: + + { + "baselines": [ + { + "arn": "arn:aws:controltower:us-east-1::baseline/4T4HA1KMO10S6311", + "description": "Sets up resources to monitor security and compliance of accounts in your organization.", + "name": "AuditBaseline" + }, + { + "arn": "arn:aws:controltower:us-east-1::baseline/J8HX46AHS5MIKQPD", + "description": "Sets up a central repository for logs of API activities and resource configurations from accounts in your organization.", + "name": "LogArchiveBaseline" + }, + { + "arn": "arn:aws:controltower:us-east-1::baseline/LN25R72TTG6IGPTQ", + "description": "Sets up shared resources for AWS Identity Center, which prepares the AWSControlTowerBaseline to set up Identity Center access for accounts.", + "name": "IdentityCenterBaseline" + }, + { + "arn": "arn:aws:controltower:us-east-1::baseline/17BSJV3IGJ2QSGA2", + "description": "Sets up resources and mandatory controls for member accounts within the target OU, required for AWS Control Tower governance.", + "name": "AWSControlTowerBaseline" + }, + { + "arn": "arn:aws:controltower:us-east-1::baseline/3WPD0NA6TJ9AOMU2", + "description": "Sets up a central AWS Backup vault in your organization.", + "name": "BackupCentralVaultBaseline" + }, + { + "arn": "arn:aws:controltower:us-east-1::baseline/H6C5JFCJJ3CPU3J5", + "description": "Sets up AWS Backup Audit Manager.", + "name": "BackupAdminBaseline" + }, + { + "arn": "arn:aws:controltower:us-east-1::baseline/APO9ATVPBKFRRGLK", + "description": "Sets up a local AWS Backup vault and attaches multiple AWS Backup plans.", + "name": "BackupBaseline" + } + ] + } + +For more information, see `AWS Control Tower Baselines `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/list-control-operations.rst b/awscli/examples/controltower/list-control-operations.rst new file mode 100644 index 000000000000..3c88dc8136bc --- /dev/null +++ b/awscli/examples/controltower/list-control-operations.rst @@ -0,0 +1,34 @@ +**To List Control Tower Control Operations** + +The following ``list-control-operations`` example provides a list of details of AWS Control Tower controls in progress or queued:: + + aws controltower list-control-operations + +Output:: + + { + "controlOperations": [ + { + "startTime": "2024-02-19T19:22:08+00:00", + "operationType": "ENABLE_CONTROL", + "status": "IN_PROGRESS", + "statusMessage": "Operation is in progress.", + "operationIdentifier": "f9f43b45-db27-44df-89d8-f9129e3632XX", + "controlIdentifier": "arn:aws:controltower:us-east-1::control/SKIBWKYUQAAC", + "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-yy67i3pfv2/ou-slt4-8abknXXX", + "enabledControlIdentifier": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/RWZFSHV2BBRU6JSE" + }, + { + "startTime": "2024-02-19T19:21:09+00:00", + "operationType": "ENABLE_CONTROL", + "status": "IN_PROGRESS", + "statusMessage": "Operation is in progress." + "operationIdentifier": "171ee0b1-e926-486e-9775-005bd244ccXX", + "controlIdentifier": "arn:aws:controltower:us-east-1::control/PDKYAANJEWJE", + "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-yy67i3pfv2/ou-slt4-fl6miXXX", + "enabledControlIdentifier": "arn:aws:controltower:us-east-2:123456789012:enabledcontrol/XCNJARWZFSHV6JSE" + } + ] + } + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/list-enabled-baselines.rst b/awscli/examples/controltower/list-enabled-baselines.rst new file mode 100644 index 000000000000..3c0a238a1ba1 --- /dev/null +++ b/awscli/examples/controltower/list-enabled-baselines.rst @@ -0,0 +1,38 @@ +**To List Control Tower Enabled Baselines** + +The following ``list-enabled-baselines`` example lists all enabled AWS Control Tower baselines:: + + aws controltower list-enabled-baselines + +Output:: + + { + "enabledBaselines": [ + { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XAJNZNCBC1I386C7B", + "baselineIdentifier": "arn:aws:controltower:us-east-1::baseline/LN25R72TTG6IGPTQ", + "statusSummary": { + "status": "SUCCEEDED" + }, + "targetIdentifier": "arn:aws:organizations::123456789012:account/o-3onqfuxxxx/123456789012" + }, + { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XAH3ZJL9DWA386CA5", + "baselineIdentifier": "arn:aws:controltower:us-east-1::baseline/4T4HA1KMO10S6311", + "statusSummary": { + "status": "SUCCEEDED" + }, + "targetIdentifier": "arn:aws:organizations::123456789012:account/o-3onqfuxxxx/012345098765" + }, + { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XALFJ9548TL386CBT", + "baselineIdentifier": "arn:aws:controltower:us-east-1::baseline/J8HX46AHS5MIKQPD", + "statusSummary": { + "status": "SUCCEEDED" + }, + "targetIdentifier": "arn:aws:organizations::123456789012:account/o-3onqfuxxxx/098765432109" + } + ] + } + +For more information, see `AWS Control Tower Baselines `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/list-enabled-controls.rst b/awscli/examples/controltower/list-enabled-controls.rst new file mode 100644 index 000000000000..168a82bcf50a --- /dev/null +++ b/awscli/examples/controltower/list-enabled-controls.rst @@ -0,0 +1,37 @@ +**To List Control Tower Enabled Controls** + +The following ``list-enabled-controls`` example get details of AWS Control Tower enabled controls:: + + aws controltower list-enabled-controls \ + --target-identifier arn:aws:organizations::123456789012:ou/o-s64ryxxxxx/ou-oqxx-i5wnxxxx + +Output:: + + { + "enabledControls": [ + { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/26RGJRSLXCP1KW8D", + "controlIdentifier": "arn:aws:controltower:us-east-1::control/AWS-GR_CLOUDTRAIL_CHANGE_PROHIBITED", + "driftStatusSummary": { + "driftStatus": "NOT_CHECKING" + }, + "statusSummary": { + "status": "SUCCEEDED" + }, + "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-s64ryxxxxx/ou-oqxx-i5wnxxxx" + }, + { + "arn": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/18AY24CWKM6IVSLU", + "controlIdentifier": "arn:aws:controltower:us-east-1::control/AWS-GR_CLOUDTRAIL_CLOUDWATCH_LOGS_ENABLED", + "driftStatusSummary": { + "driftStatus": "NOT_CHECKING" + }, + "statusSummary": { + "status": "SUCCEEDED" + }, + "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-s64ryxxxxx/ou-oqxx-i5wnxxxx" + } + } + } + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/list-landing-zone-operations.rst b/awscli/examples/controltower/list-landing-zone-operations.rst new file mode 100644 index 000000000000..d943f6d8993f --- /dev/null +++ b/awscli/examples/controltower/list-landing-zone-operations.rst @@ -0,0 +1,34 @@ +**To List Control Tower Landing Zone Operations** + +The following ``list-landing-zone-operations`` example lists AWS Control Tower landing zone operations:: + + aws controltower list-landing-zone-operations + +Output:: + + { + "landingZoneOperations": [ + { + "operationIdentifier": "202ee056-5147-49fd-a7ad-8161e3bf043a", + "operationType": "RESET", + "status": "SUCCEEDED" + }, + { + "operationIdentifier": "dbd4a4b1-baf9-48cc-bd71-6b923d0f2339", + "operationType": "RESET", + "status": "SUCCEEDED" + }, + { + "operationIdentifier": "e6261ab8-3247-4052-af31-1afe7bb0593e", + "operationType": "UPDATE", + "status": "SUCCEEDED" + }, + { + "operationIdentifier": "507c6c87-89a8-435f-8697-b257a800f129", + "operationType": "UPDATE", + "status": "SUCCEEDED" + } + ] + } + +For more information, see `AWS Control Tower Getting Started `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/list-landing-zones.rst b/awscli/examples/controltower/list-landing-zones.rst new file mode 100644 index 000000000000..01b0e8c60295 --- /dev/null +++ b/awscli/examples/controltower/list-landing-zones.rst @@ -0,0 +1,17 @@ +**To List Control Tower Landing Zone Identifier** + +The following ``list-landing-zones`` example lists the Control Tower Landing Zone ``Identifier`` :: + + aws controltower list-landing-zones + +Output:: + + { + "landingZones": [ + { + "arn": "arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5" + } + ] + } + +For more information, see `AWS Control Tower Getting Started `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/list-tags-for-resource.rst b/awscli/examples/controltower/list-tags-for-resource.rst new file mode 100644 index 000000000000..74cf3ec6b432 --- /dev/null +++ b/awscli/examples/controltower/list-tags-for-resource.rst @@ -0,0 +1,16 @@ +**To List Tags for Control Tower Enabled Control** + +The following ``list-tags-for-resource`` example lists the tags for AWS Control Tower Enabled Controls:: + + aws controltower list-tags-for-resource \ + --resource-arn "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/2H2AWUG4SKG81855" + +Output:: + + { + "tags": { + "TestTagKey": "TestTagValue" + } + } + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/reset-enabled-baseline.rst b/awscli/examples/controltower/reset-enabled-baseline.rst new file mode 100644 index 000000000000..ae03d4415aee --- /dev/null +++ b/awscli/examples/controltower/reset-enabled-baseline.rst @@ -0,0 +1,14 @@ +**To Reset Control Tower Enabled Baseline** + +The following ``reset-enabled-baseline`` example resets an AWS Control Tower enabled baseline:: + + aws controltower reset-enabled-baseline \ + --enabled-baseline-identifier arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2 + +Output:: + + { + "operationIdentifier": "214cde95-5c39-46b9-b429-4fad550a7096" + } + +For more information, see `AWS Control Tower Baselines `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/reset-enabled-control.rst b/awscli/examples/controltower/reset-enabled-control.rst new file mode 100644 index 000000000000..69930da226b7 --- /dev/null +++ b/awscli/examples/controltower/reset-enabled-control.rst @@ -0,0 +1,14 @@ +**To Reset Control Tower Enabled Control** + +The following ``reset-enabled-control`` example resets an AWS Control Tower enabled control:: + + aws controltower reset-enabled-control \ + --enabled-control-identifier arn:aws:controltower:us-east-1:123456789012:enabledcontrol/2H2AWUG4SKG81855 + +Output:: + + { + "operationIdentifier": "8276XXXX-b4XX-4eXX-96XX-881d2a4XXXXX" + } + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/reset-landing-zone.rst b/awscli/examples/controltower/reset-landing-zone.rst new file mode 100644 index 000000000000..a856238710c5 --- /dev/null +++ b/awscli/examples/controltower/reset-landing-zone.rst @@ -0,0 +1,14 @@ +**To Reset Control Tower Landing Zone** + +The following ``reset-landing-zone`` example resets the AWS Control Tower Landing Zone:: + + aws controltower reset-landing-zone \ + --landing-zone-identifier arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5 + +Output:: + + { + "operationIdentifier": "73XXXXXX-b2XX-77XX-c6XX-374XXXXXXXXX" + } + +For more information, see `AWS Control Tower Getting Started `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/tag-resource.rst b/awscli/examples/controltower/tag-resource.rst new file mode 100644 index 000000000000..a2bfceafd468 --- /dev/null +++ b/awscli/examples/controltower/tag-resource.rst @@ -0,0 +1,10 @@ +**To Tag Control Tower Enabled Control** + +The following ``tag-resource`` example tags an AWS Control Tower enabled control:: + + aws controltower tag-resource \ + --resource-arn "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/2H2AWUG4SKG81855" \ + --tags "TestTagKey=TestTagValue" + + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/untag-resource.rst b/awscli/examples/controltower/untag-resource.rst new file mode 100644 index 000000000000..87447631095d --- /dev/null +++ b/awscli/examples/controltower/untag-resource.rst @@ -0,0 +1,10 @@ +**To Untag Control Tower Enabled Control** + +The following ``untag-resource`` example untags an AWS Control Tower enabled control:: + + aws controltower untag-resource \ + --resource-arn "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/2H2AWUG4SKG81855" \ + --tag-keys "TestTagKey" + + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/update-enabled-baseline.rst b/awscli/examples/controltower/update-enabled-baseline.rst new file mode 100644 index 000000000000..ce8334f2671f --- /dev/null +++ b/awscli/examples/controltower/update-enabled-baseline.rst @@ -0,0 +1,28 @@ +**To Update Control Tower Enabled Baseline** + +The following ``update-enabled-baseline`` example updates an AWS Control Tower enabled baseline if baseline 'IdentityCenterBaseline' is **not** enabled:: + + aws controltower update-enabled-baseline \ + --baseline-version 4.0 \ + --enabled-baseline-identifier arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2 + +Output:: + + { + "operationIdentifier": "214cde95-5c39-46b9-b429-4fad550a7096" + } + +The following ``update-enabled-baseline`` example updates an AWS Control Tower enabled baseline if baseline 'IdentityCenterBaseline' is enabled:: + + aws controltower update-enabled-baseline \ + --baseline-version 4.0 \ + --enabled-baseline-identifier arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2 \ + --parameters '[{"key":"IdentityCenterEnabledBaselineArn","value":"arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XAJNZNCBC1I386C7B"}]' + +Output:: + + { + "operationIdentifier": "b0f4a7c2-334d-48d9-971e-47fea9db3e8b" + } + +For more information, see `AWS Control Tower Baselines `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/update-enabled-control.rst b/awscli/examples/controltower/update-enabled-control.rst new file mode 100644 index 000000000000..43a0fd167c0e --- /dev/null +++ b/awscli/examples/controltower/update-enabled-control.rst @@ -0,0 +1,15 @@ +**To Update A Control Tower Enabled Control** + +The following ``update-enabled-control`` example updates an AWS Control Tower enabled control:: + + aws controltower update-enabled-control \ + --enabled-control-identifier arn:aws:controltower:us-east-1:493301538276:enabledcontrol/JSJN8UL0G2MWGRTZ \ + --parameters '[{"key":"AllowedRegions","value":["us-east-1","us-west-1","us-west-2","us-east-2"]}]' + +Output:: + + { + "operationIdentifier": "b8f0dxxx-08xx-43xx-a2xx-568e9922xxxx" + } + +For more information, see `AWS Control Tower Controls `__ in the *AWS Control Tower User Guide*. \ No newline at end of file diff --git a/awscli/examples/controltower/update-landing-zone.rst b/awscli/examples/controltower/update-landing-zone.rst new file mode 100644 index 000000000000..9983bece7b2e --- /dev/null +++ b/awscli/examples/controltower/update-landing-zone.rst @@ -0,0 +1,15 @@ +**To Update Control Tower Landing Zone** + +The following ``update-landing-zone`` example updates AWS Control Tower landing zone :: + + aws controltower update-landing-zone \ + --landing-zone-identifier arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5 \ + --landing-zone-version 3.3 \ + --manifest "file://UpdateLandingZoneManifest.json" + +Output:: + + { + "operationIdentifier": "53XXXXXX-b2XX-97XX-c6XX-474XXXXXXXXX" + } +For more information, see `AWS Control Tower Getting Started `__ in the *AWS Control Tower User Guide*. \ No newline at end of file