Merge pull request #9086 from elysahall/awsdocs-11-19-24

CLI examples cloudtrail, ec2, ecs, macie2
aws · Jan 23, 2025 · c721749 · c721749
2 parents 0af2bb5 + c80a7d8
commit c721749
Show file tree

Hide file tree

Showing 12 changed files with 501 additions and 148 deletions.
diff --git a/awscli/examples/cloudtrail/create-subscription.rst b/awscli/examples/cloudtrail/create-subscription.rst
@@ -1,32 +1,35 @@
 **To create and configure AWS resources for a trail**
 
-The following ``create-subscription`` command creates a new S3 bucket and SNS topic for ``Trail1``::
+The following ``create-subscription`` command creates a new S3 bucket and SNS topic for ``Trail1``. ::
 
-  aws cloudtrail create-subscription --name Trail1 --s3-new-bucket my-bucket --sns-new-topic my-topic
+    aws cloudtrail create-subscription \
+        --name Trail1 \
+        --s3-new-bucket amzn-s3-demo-bucket \
+        --sns-new-topic my-topic
 
 Output::
 
-  Setting up new S3 bucket my-bucket...
-  Setting up new SNS topic my-topic...
-  Creating/updating CloudTrail configuration...
-  CloudTrail configuration:
-  {
-  "trailList": [ 
-    {
-      "IncludeGlobalServiceEvents": true, 
-      "Name": "Trail1", 
-      "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
-      "LogFileValidationEnabled": false, 
-      "IsMultiRegionTrail": false, 
-      "S3BucketName": "my-bucket", 
-      "SnsTopicName": "my-topic", 
-      "HomeRegion": "us-east-1"
-    }
-  ], 
-  "ResponseMetadata": {
-  "HTTPStatusCode": 200, 
-  "RequestId": "f39e51f6-c615-11e5-85bd-d35ca21ee3e2"
-  }
-  }
-  Starting CloudTrail service...
-  Logs will be delivered to my-bucket
+    Setting up new S3 bucket amzn-s3-demo-bucket...
+    Setting up new SNS topic my-topic...
+    Creating/updating CloudTrail configuration...
+    CloudTrail configuration:
+        {
+            "trailList": [ 
+                {
+                    "IncludeGlobalServiceEvents": true, 
+                    "Name": "Trail1", 
+                    "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
+                    "LogFileValidationEnabled": false, 
+                    "IsMultiRegionTrail": false, 
+                    "S3BucketName": "amzn-s3-demo-bucket", 
+                    "SnsTopicName": "my-topic", 
+                    "HomeRegion": "us-east-1"
+                }
+            ], 
+            "ResponseMetadata": {
+            "HTTPStatusCode": 200, 
+            "RequestId": "f39e51f6-c615-11e5-85bd-d35ca21ee3e2"
+            }
+        }
+    Starting CloudTrail service...
+    Logs will be delivered to my-bucket
diff --git a/awscli/examples/cloudtrail/create-trail.rst b/awscli/examples/cloudtrail/create-trail.rst
@@ -1,17 +1,19 @@
 **To create a trail**
 
-The following ``create-trail`` command creates a multi-region trail named ``Trail1`` and specifies an S3 bucket::
+The following ``create-trail`` example creates a multi-region trail named ``Trail1`` and specifies an S3 bucket. ::
 
-  aws cloudtrail create-trail --name Trail1 --s3-bucket-name my-bucket --is-multi-region-trail
+    aws cloudtrail create-trail \
+        --name Trail1 \
+        --s3-bucket-name amzn-s3-demo-bucket \
+        --is-multi-region-trail
 
 Output::
 
-  {
-    "IncludeGlobalServiceEvents": true, 
-    "Name": "Trail1", 
-    "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", 
-    "LogFileValidationEnabled": false, 
-    "IsMultiRegionTrail": true, 
-    "S3BucketName": "my-bucket"
-  }
- 
+    {
+        "IncludeGlobalServiceEvents": true, 
+        "Name": "Trail1", 
+        "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", 
+        "LogFileValidationEnabled": false, 
+        "IsMultiRegionTrail": true, 
+        "S3BucketName": "amzn-s3-demo-bucket"
+    }
diff --git a/awscli/examples/cloudtrail/describe-trails.rst b/awscli/examples/cloudtrail/describe-trails.rst
@@ -1,35 +1,36 @@
 **To describe a trail**
 
-The following ``describe-trails`` command returns the settings for ``Trail1`` and ``Trail2``::
+The following ``describe-trails`` example returns the settings for ``Trail1`` and ``Trail2``. ::
 
-  aws cloudtrail describe-trails --trail-name-list Trail1 Trail2
+    aws cloudtrail describe-trails \
+        --trail-name-list Trail1 Trail2
 
 Output::
 
-  {
-   "trailList": [
-       {
-           "IncludeGlobalServiceEvents": true, 
-           "Name": "Trail1", 
-           "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
-           "LogFileValidationEnabled": false, 
-           "IsMultiRegionTrail": false, 
-           "S3BucketName": "my-bucket", 
-           "CloudWatchLogsRoleArn": "arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role", 
-           "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail:*", 
-           "SnsTopicName": "my-topic", 
-           "HomeRegion": "us-east-1"
-       }, 
-       {
-           "IncludeGlobalServiceEvents": true, 
-           "Name": "Trail2", 
-           "S3KeyPrefix": "my-prefix", 
-           "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail2", 
-           "LogFileValidationEnabled": false, 
-           "IsMultiRegionTrail": false, 
-           "S3BucketName": "my-bucket", 
-           "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/4c5ae5ac-3c13-421e-8335-c7868ef6a769", 
-           "HomeRegion": "us-east-1"
-       }
-    ]
-  }
+    {
+        "trailList": [
+            {
+                "IncludeGlobalServiceEvents": true, 
+                "Name": "Trail1", 
+                "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
+                "LogFileValidationEnabled": false, 
+                "IsMultiRegionTrail": false, 
+                "S3BucketName": "amzn-s3-demo-bucket", 
+                "CloudWatchLogsRoleArn": "arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role", 
+                "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail:*", 
+                "SnsTopicName": "my-topic", 
+                "HomeRegion": "us-east-1"
+            }, 
+            {
+                "IncludeGlobalServiceEvents": true, 
+                "Name": "Trail2", 
+                "S3KeyPrefix": "my-prefix", 
+                "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail2", 
+                "LogFileValidationEnabled": false, 
+                "IsMultiRegionTrail": false, 
+                "S3BucketName": "amzn-s3-demo-bucket2", 
+                "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/4c5ae5ac-3c13-421e-8335-c7868ef6a769", 
+                "HomeRegion": "us-east-1"
+            }
+        ]
+    }
diff --git a/awscli/examples/cloudtrail/put-event-selectors.rst b/awscli/examples/cloudtrail/put-event-selectors.rst
@@ -2,11 +2,11 @@
 
 You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use advanced event selectors to log all available data event types. You can use either advanced event selectors or basic event selectors, but not both. If you apply advanced event selectors to a trail, any existing basic event selectors are overwritten. 
 
-The following example creates an advanced event selector for a trail named ``myTrail`` to log all management events, log S3 PutObject and DeleteObject API calls for all but one S3 bucket, log data API calls for a Lambda function named ``myFunction``, and log Publish API calls on an SNS topic named ``myTopic``. ::
+The following ``put-event-selectors`` example creates an advanced event selector for a trail named ``myTrail`` to log all management events, log S3 PutObject and DeleteObject API calls for all but one S3 bucket, log data API calls for a Lambda function named ``myFunction``, and log Publish API calls on an SNS topic named ``myTopic``. ::
 
     aws cloudtrail put-event-selectors \
         --trail-name myTrail \
-        --advanced-event-selectors '[{"Name": "Log all management events", "FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Management"] }] },{"Name": "Log PutObject and DeleteObject events for all but one bucket","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::S3::Object"] },{ "Field": "eventName", "Equals": ["PutObject","DeleteObject"] },{ "Field": "resources.ARN", "NotStartsWith": ["arn:aws:s3:::sample_bucket_name/"] }]},{"Name": "Log data events for a specific Lambda function","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::Lambda::Function"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:lambda:us-east-1:123456789012:function:myFunction"] }]},{"Name": "Log all Publish API calls on a specific SNS topic","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::SNS::Topic"] },{ "Field": "eventName", "Equals": ["Publish"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:sns:us-east-1:123456789012:myTopic.fifo"] }]}]'
+        --advanced-event-selectors '[{"Name": "Log all management events", "FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Management"] }] },{"Name": "Log PutObject and DeleteObject events for all but one bucket","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::S3::Object"] },{ "Field": "eventName", "Equals": ["PutObject","DeleteObject"] },{ "Field": "resources.ARN", "NotStartsWith": ["arn:aws:s3:::amzn-s3-demo-bucket/"] }]},{"Name": "Log data events for a specific Lambda function","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::Lambda::Function"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:lambda:us-east-1:123456789012:function:myFunction"] }]},{"Name": "Log all Publish API calls on a specific SNS topic","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::SNS::Topic"] },{ "Field": "eventName", "Equals": ["Publish"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:sns:us-east-1:123456789012:myTopic.fifo"] }]}]'
 
 Output::
 
@@ -49,7 +49,7 @@ Output::
                     {
                         "Field": "resources.ARN",
                         "NotStartsWith": [
-                            "arn:aws:s3:::sample_bucket_name/"
+                            "arn:aws:s3:::amzn-s3-demo-bucket/"
                         ]
                     }
                 ]
@@ -115,11 +115,11 @@ For more information, see `Log events by using advanced event selectors <https:/
 
 You can configure up to 5 event selectors for a trail and up to 250 data resources for a trail. Event selectors are also referred to as basic event selectors. You can use event selectors to log management events and data events for S3 objects, Lambda functions, and DynnamoDB tables. To log data events for other resource types, you must use advanced event selectors.
 
-The following example creates an event selector for a trail named ``TrailName`` to include all management events, data events for two Amazon S3 bucket/prefix combinations, and data events for a single AWS Lambda function named ``hello-world-python-function``. ::
+The following ``put-event-selectors`` example creates an event selector for a trail named ``TrailName`` to include all management events, data events for two Amazon S3 bucket/prefix combinations, and data events for a single AWS Lambda function named ``hello-world-python-function``. ::
 
     aws cloudtrail put-event-selectors \
         --trail-name TrailName \
-        --event-selectors '[{"ReadWriteType": "All","IncludeManagementEvents": true,"DataResources": [{"Type":"AWS::S3::Object", "Values": ["arn:aws:s3:::mybucket/prefix","arn:aws:s3:::amzn-s3-demo-bucket2/prefix2"]},{"Type": "AWS::Lambda::Function","Values": ["arn:aws:lambda:us-west-2:999999999999:function:hello-world-python-function"]}]}]'
+        --event-selectors '[{"ReadWriteType": "All","IncludeManagementEvents": true,"DataResources": [{"Type":"AWS::S3::Object", "Values": ["arn:aws:s3:::amzn-s3-demo-bucket/prefix","arn:aws:s3:::amzn-s3-demo-bucket2/prefix2"]},{"Type": "AWS::Lambda::Function","Values": ["arn:aws:lambda:us-west-2:999999999999:function:hello-world-python-function"]}]}]'
 
 Output::
 
@@ -130,7 +130,7 @@ Output::
                 "DataResources": [
                     {
                         "Values": [
-                            "arn:aws:s3:::mybucket/prefix",
+                            "arn:aws:s3:::amzn-s3-demo-bucket/prefix",
                             "arn:aws:s3:::amzn-s3-demo-bucket2/prefix2"
                         ],
                         "Type": "AWS::S3::Object"
@@ -152,7 +152,7 @@ For more information, see `Log events by using basic event selectors <https://do
 
 **Example 3: Configure event selectors for a trail to log management events, all S3 data events on S3 objects, and all Lambda data events on functions in your account**
 
-The following example creates an event selector for a trail named ``TrailName2`` that includes all management events, and all data events for all Amazon S3 buckets and AWS Lambda functions in the AWS account. ::
+The following ``put-event-selectors`` example creates an event selector for a trail named ``TrailName2`` that includes all management events, and all data events for all Amazon S3 buckets and AWS Lambda functions in the AWS account. ::
 
     aws cloudtrail put-event-selectors \
         --trail-name TrailName2 \
@@ -184,4 +184,4 @@ Output::
         "TrailARN": "arn:aws:cloudtrail:us-east-2:123456789012:trail/TrailName2"
     }
 
-For more information, see `Log events by using basic event selectors <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-basic>`__ in the *AWS CloudTrail User Guide*. 
+For more information, see `Log events by using basic event selectors <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-basic>`__ in the *AWS CloudTrail User Guide*.
diff --git a/awscli/examples/cloudtrail/update-subscription.rst b/awscli/examples/cloudtrail/update-subscription.rst
@@ -1,30 +1,33 @@
 **To update the configuration settings for a trail**
 
-The following ``update-subscription`` command updates the trail to specify a new S3 bucket and SNS topic::
+The following ``update-subscription`` example updates the trail to specify a new S3 bucket and SNS topic. ::
 
-  aws cloudtrail update-subscription --name Trail1 --s3-new-bucket my-bucket-new --sns-new-topic my-topic-new
+    aws cloudtrail update-subscription \
+        --name Trail1 \
+        --s3-new-bucket amzn-s3-demo-bucket \
+        --sns-new-topic my-topic-new
 
 Output::
 
-  Setting up new S3 bucket my-bucket-new...
-  Setting up new SNS topic my-topic-new...
-  Creating/updating CloudTrail configuration...
-  CloudTrail configuration:
-  {
-  "trailList": [
+    Setting up new S3 bucket amzn-s3-demo-bucket...
+    Setting up new SNS topic my-topic-new...
+    Creating/updating CloudTrail configuration...
+    CloudTrail configuration:
     {
-      "IncludeGlobalServiceEvents": true, 
-      "Name": "Trail1", 
-      "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
-      "LogFileValidationEnabled": false, 
-      "IsMultiRegionTrail": false, 
-      "S3BucketName": "my-bucket-new", 
-      "SnsTopicName": "my-topic-new", 
-      "HomeRegion": "us-east-1"
+        "trailList": [
+            {
+                "IncludeGlobalServiceEvents": true, 
+                "Name": "Trail1", 
+                "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
+                "LogFileValidationEnabled": false, 
+                "IsMultiRegionTrail": false, 
+                "S3BucketName": "amzn-s3-demo-bucket", 
+                "SnsTopicName": "my-topic-new", 
+                "HomeRegion": "us-east-1"
+            }
+        ], 
+        "ResponseMetadata": {
+            "HTTPStatusCode": 200, 
+            "RequestId": "31126f8a-c616-11e5-9cc6-2fd637936879"
+        }
     }
-  ], 
-  "ResponseMetadata": {
-  "HTTPStatusCode": 200, 
-  "RequestId": "31126f8a-c616-11e5-9cc6-2fd637936879"
-  }
-  }
diff --git a/awscli/examples/cloudtrail/update-trail.rst b/awscli/examples/cloudtrail/update-trail.rst
@@ -1,16 +1,18 @@
 **To update a trail**
 
-The following ``update-trail`` command updates a trail to use an existing bucket for log delivery::
+The following ``update-trail`` example updates a trail to use an existing bucket for log delivery. ::
 
-  aws cloudtrail update-trail --name Trail1 --s3-bucket-name my-bucket
+    aws cloudtrail update-trail \
+        --name Trail1 \
+        --s3-bucket-name amzn-s3-demo-bucket
 
 Output::
 
-  {
-    "IncludeGlobalServiceEvents": true, 
-    "Name": "Trail1", 
-    "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", 
-    "LogFileValidationEnabled": false, 
-    "IsMultiRegionTrail": true, 
-    "S3BucketName": "my-bucket"
-  }
+    {
+        "IncludeGlobalServiceEvents": true, 
+        "Name": "Trail1", 
+        "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", 
+        "LogFileValidationEnabled": false, 
+        "IsMultiRegionTrail": true, 
+        "S3BucketName": "amzn-s3-demo-bucket"
+    }