awscli 1.37.4__py3-none-any.whl → 1.37.6__py3-none-any.whl

awscli/__init__.py

@@ -18,7 +18,7 @@ A Universal Command Line Environment for Amazon Web Services.
 
 import os
 
-__version__ = '1.37.4'
+__version__ = '1.37.6'
 
 #
 # Get our data path to be added to botocore's search path

awscli/examples/cloudtrail/create-subscription.rst

@@ -1,32 +1,35 @@
 **To create and configure AWS resources for a trail**
 
-The following ``create-subscription`` command creates a new S3 bucket and SNS topic for ``Trail1``::
+The following ``create-subscription`` command creates a new S3 bucket and SNS topic for ``Trail1``. ::
 
-  aws cloudtrail create-subscription --name Trail1 --s3-new-bucket my-bucket --sns-new-topic my-topic
+    aws cloudtrail create-subscription \
+        --name Trail1 \
+        --s3-new-bucket amzn-s3-demo-bucket \
+        --sns-new-topic my-topic
 
 Output::
 
-  Setting up new S3 bucket my-bucket...
-  Setting up new SNS topic my-topic...
-  Creating/updating CloudTrail configuration...
-  CloudTrail configuration:
-  {
-  "trailList": [ 
-    {
-      "IncludeGlobalServiceEvents": true, 
-      "Name": "Trail1", 
-      "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
-      "LogFileValidationEnabled": false, 
-      "IsMultiRegionTrail": false, 
-      "S3BucketName": "my-bucket", 
-      "SnsTopicName": "my-topic", 
-      "HomeRegion": "us-east-1"
-    }
-  ], 
-  "ResponseMetadata": {
-  "HTTPStatusCode": 200, 
-  "RequestId": "f39e51f6-c615-11e5-85bd-d35ca21ee3e2"
-  }
-  }
-  Starting CloudTrail service...
-  Logs will be delivered to my-bucket
+    Setting up new S3 bucket amzn-s3-demo-bucket...
+    Setting up new SNS topic my-topic...
+    Creating/updating CloudTrail configuration...
+    CloudTrail configuration:
+        {
+            "trailList": [ 
+                {
+                    "IncludeGlobalServiceEvents": true, 
+                    "Name": "Trail1", 
+                    "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
+                    "LogFileValidationEnabled": false, 
+                    "IsMultiRegionTrail": false, 
+                    "S3BucketName": "amzn-s3-demo-bucket", 
+                    "SnsTopicName": "my-topic", 
+                    "HomeRegion": "us-east-1"
+                }
+            ], 
+            "ResponseMetadata": {
+            "HTTPStatusCode": 200, 
+            "RequestId": "f39e51f6-c615-11e5-85bd-d35ca21ee3e2"
+            }
+        }
+    Starting CloudTrail service...
+    Logs will be delivered to my-bucket

awscli/examples/cloudtrail/create-trail.rst

@@ -1,17 +1,19 @@
 **To create a trail**
 
-The following ``create-trail`` command creates a multi-region trail named ``Trail1`` and specifies an S3 bucket::
+The following ``create-trail`` example creates a multi-region trail named ``Trail1`` and specifies an S3 bucket. ::
 
-  aws cloudtrail create-trail --name Trail1 --s3-bucket-name my-bucket --is-multi-region-trail
+    aws cloudtrail create-trail \
+        --name Trail1 \
+        --s3-bucket-name amzn-s3-demo-bucket \
+        --is-multi-region-trail
 
 Output::
 
-  {
-    "IncludeGlobalServiceEvents": true, 
-    "Name": "Trail1", 
-    "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", 
-    "LogFileValidationEnabled": false, 
-    "IsMultiRegionTrail": true, 
-    "S3BucketName": "my-bucket"
-  }
- 
+    {
+        "IncludeGlobalServiceEvents": true, 
+        "Name": "Trail1", 
+        "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", 
+        "LogFileValidationEnabled": false, 
+        "IsMultiRegionTrail": true, 
+        "S3BucketName": "amzn-s3-demo-bucket"
+    }

awscli/examples/cloudtrail/describe-trails.rst

@@ -1,35 +1,36 @@
 **To describe a trail**
 
-The following ``describe-trails`` command returns the settings for ``Trail1`` and ``Trail2``::
+The following ``describe-trails`` example returns the settings for ``Trail1`` and ``Trail2``. ::
 
-  aws cloudtrail describe-trails --trail-name-list Trail1 Trail2
+    aws cloudtrail describe-trails \
+        --trail-name-list Trail1 Trail2
 
 Output::
 
-  {
-   "trailList": [
-       {
-           "IncludeGlobalServiceEvents": true, 
-           "Name": "Trail1", 
-           "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
-           "LogFileValidationEnabled": false, 
-           "IsMultiRegionTrail": false, 
-           "S3BucketName": "my-bucket", 
-           "CloudWatchLogsRoleArn": "arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role", 
-           "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail:*", 
-           "SnsTopicName": "my-topic", 
-           "HomeRegion": "us-east-1"
-       }, 
-       {
-           "IncludeGlobalServiceEvents": true, 
-           "Name": "Trail2", 
-           "S3KeyPrefix": "my-prefix", 
-           "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail2", 
-           "LogFileValidationEnabled": false, 
-           "IsMultiRegionTrail": false, 
-           "S3BucketName": "my-bucket", 
-           "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/4c5ae5ac-3c13-421e-8335-c7868ef6a769", 
-           "HomeRegion": "us-east-1"
-       }
-    ]
-  }
+    {
+        "trailList": [
+            {
+                "IncludeGlobalServiceEvents": true, 
+                "Name": "Trail1", 
+                "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
+                "LogFileValidationEnabled": false, 
+                "IsMultiRegionTrail": false, 
+                "S3BucketName": "amzn-s3-demo-bucket", 
+                "CloudWatchLogsRoleArn": "arn:aws:iam::123456789012:role/CloudTrail_CloudWatchLogs_Role", 
+                "CloudWatchLogsLogGroupArn": "arn:aws:logs:us-east-1:123456789012:log-group:CloudTrail:*", 
+                "SnsTopicName": "my-topic", 
+                "HomeRegion": "us-east-1"
+            }, 
+            {
+                "IncludeGlobalServiceEvents": true, 
+                "Name": "Trail2", 
+                "S3KeyPrefix": "my-prefix", 
+                "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail2", 
+                "LogFileValidationEnabled": false, 
+                "IsMultiRegionTrail": false, 
+                "S3BucketName": "amzn-s3-demo-bucket2", 
+                "KmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/4c5ae5ac-3c13-421e-8335-c7868ef6a769", 
+                "HomeRegion": "us-east-1"
+            }
+        ]
+    }

awscli/examples/cloudtrail/put-event-selectors.rst

@@ -2,11 +2,11 @@
 
 You can add advanced event selectors, and conditions for your advanced event selectors, up to a maximum of 500 values for all conditions and selectors on a trail. You can use advanced event selectors to log all available data event types. You can use either advanced event selectors or basic event selectors, but not both. If you apply advanced event selectors to a trail, any existing basic event selectors are overwritten. 
 
-The following example creates an advanced event selector for a trail named ``myTrail`` to log all management events, log S3 PutObject and DeleteObject API calls for all but one S3 bucket, log data API calls for a Lambda function named ``myFunction``, and log Publish API calls on an SNS topic named ``myTopic``. ::
+The following ``put-event-selectors`` example creates an advanced event selector for a trail named ``myTrail`` to log all management events, log S3 PutObject and DeleteObject API calls for all but one S3 bucket, log data API calls for a Lambda function named ``myFunction``, and log Publish API calls on an SNS topic named ``myTopic``. ::
 
     aws cloudtrail put-event-selectors \
         --trail-name myTrail \
-        --advanced-event-selectors '[{"Name": "Log all management events", "FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Management"] }] },{"Name": "Log PutObject and DeleteObject events for all but one bucket","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::S3::Object"] },{ "Field": "eventName", "Equals": ["PutObject","DeleteObject"] },{ "Field": "resources.ARN", "NotStartsWith": ["arn:aws:s3:::sample_bucket_name/"] }]},{"Name": "Log data events for a specific Lambda function","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::Lambda::Function"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:lambda:us-east-1:123456789012:function:myFunction"] }]},{"Name": "Log all Publish API calls on a specific SNS topic","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::SNS::Topic"] },{ "Field": "eventName", "Equals": ["Publish"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:sns:us-east-1:123456789012:myTopic.fifo"] }]}]'
+        --advanced-event-selectors '[{"Name": "Log all management events", "FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Management"] }] },{"Name": "Log PutObject and DeleteObject events for all but one bucket","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::S3::Object"] },{ "Field": "eventName", "Equals": ["PutObject","DeleteObject"] },{ "Field": "resources.ARN", "NotStartsWith": ["arn:aws:s3:::amzn-s3-demo-bucket/"] }]},{"Name": "Log data events for a specific Lambda function","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::Lambda::Function"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:lambda:us-east-1:123456789012:function:myFunction"] }]},{"Name": "Log all Publish API calls on a specific SNS topic","FieldSelectors": [{ "Field": "eventCategory", "Equals": ["Data"] },{ "Field": "resources.type", "Equals": ["AWS::SNS::Topic"] },{ "Field": "eventName", "Equals": ["Publish"] },{ "Field": "resources.ARN", "Equals": ["arn:aws:sns:us-east-1:123456789012:myTopic.fifo"] }]}]'
 
 Output::
 
@@ -49,7 +49,7 @@ Output::
                     {
                         "Field": "resources.ARN",
                         "NotStartsWith": [
-                            "arn:aws:s3:::sample_bucket_name/"
+                            "arn:aws:s3:::amzn-s3-demo-bucket/"
                         ]
                     }
                 ]
@@ -115,11 +115,11 @@ For more information, see `Log events by using advanced event selectors <https:/
 
 You can configure up to 5 event selectors for a trail and up to 250 data resources for a trail. Event selectors are also referred to as basic event selectors. You can use event selectors to log management events and data events for S3 objects, Lambda functions, and DynnamoDB tables. To log data events for other resource types, you must use advanced event selectors.
 
-The following example creates an event selector for a trail named ``TrailName`` to include all management events, data events for two Amazon S3 bucket/prefix combinations, and data events for a single AWS Lambda function named ``hello-world-python-function``. ::
+The following ``put-event-selectors`` example creates an event selector for a trail named ``TrailName`` to include all management events, data events for two Amazon S3 bucket/prefix combinations, and data events for a single AWS Lambda function named ``hello-world-python-function``. ::
 
     aws cloudtrail put-event-selectors \
         --trail-name TrailName \
-        --event-selectors '[{"ReadWriteType": "All","IncludeManagementEvents": true,"DataResources": [{"Type":"AWS::S3::Object", "Values": ["arn:aws:s3:::mybucket/prefix","arn:aws:s3:::amzn-s3-demo-bucket2/prefix2"]},{"Type": "AWS::Lambda::Function","Values": ["arn:aws:lambda:us-west-2:999999999999:function:hello-world-python-function"]}]}]'
+        --event-selectors '[{"ReadWriteType": "All","IncludeManagementEvents": true,"DataResources": [{"Type":"AWS::S3::Object", "Values": ["arn:aws:s3:::amzn-s3-demo-bucket/prefix","arn:aws:s3:::amzn-s3-demo-bucket2/prefix2"]},{"Type": "AWS::Lambda::Function","Values": ["arn:aws:lambda:us-west-2:999999999999:function:hello-world-python-function"]}]}]'
 
 Output::
 
@@ -130,7 +130,7 @@ Output::
                 "DataResources": [
                     {
                         "Values": [
-                            "arn:aws:s3:::mybucket/prefix",
+                            "arn:aws:s3:::amzn-s3-demo-bucket/prefix",
                             "arn:aws:s3:::amzn-s3-demo-bucket2/prefix2"
                         ],
                         "Type": "AWS::S3::Object"
@@ -152,7 +152,7 @@ For more information, see `Log events by using basic event selectors <https://do
 
 **Example 3: Configure event selectors for a trail to log management events, all S3 data events on S3 objects, and all Lambda data events on functions in your account**
 
-The following example creates an event selector for a trail named ``TrailName2`` that includes all management events, and all data events for all Amazon S3 buckets and AWS Lambda functions in the AWS account. ::
+The following ``put-event-selectors`` example creates an event selector for a trail named ``TrailName2`` that includes all management events, and all data events for all Amazon S3 buckets and AWS Lambda functions in the AWS account. ::
 
     aws cloudtrail put-event-selectors \
         --trail-name TrailName2 \
@@ -184,4 +184,4 @@ Output::
         "TrailARN": "arn:aws:cloudtrail:us-east-2:123456789012:trail/TrailName2"
     }
 
-For more information, see `Log events by using basic event selectors <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-basic>`__ in the *AWS CloudTrail User Guide*. 
+For more information, see `Log events by using basic event selectors <https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html#creating-data-event-selectors-basic>`__ in the *AWS CloudTrail User Guide*.

awscli/examples/cloudtrail/update-subscription.rst

@@ -1,30 +1,33 @@
 **To update the configuration settings for a trail**
 
-The following ``update-subscription`` command updates the trail to specify a new S3 bucket and SNS topic::
+The following ``update-subscription`` example updates the trail to specify a new S3 bucket and SNS topic. ::
 
-  aws cloudtrail update-subscription --name Trail1 --s3-new-bucket my-bucket-new --sns-new-topic my-topic-new
+    aws cloudtrail update-subscription \
+        --name Trail1 \
+        --s3-new-bucket amzn-s3-demo-bucket \
+        --sns-new-topic my-topic-new
 
 Output::
 
-  Setting up new S3 bucket my-bucket-new...
-  Setting up new SNS topic my-topic-new...
-  Creating/updating CloudTrail configuration...
-  CloudTrail configuration:
-  {
-  "trailList": [
+    Setting up new S3 bucket amzn-s3-demo-bucket...
+    Setting up new SNS topic my-topic-new...
+    Creating/updating CloudTrail configuration...
+    CloudTrail configuration:
     {
-      "IncludeGlobalServiceEvents": true, 
-      "Name": "Trail1", 
-      "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
-      "LogFileValidationEnabled": false, 
-      "IsMultiRegionTrail": false, 
-      "S3BucketName": "my-bucket-new", 
-      "SnsTopicName": "my-topic-new", 
-      "HomeRegion": "us-east-1"
+        "trailList": [
+            {
+                "IncludeGlobalServiceEvents": true, 
+                "Name": "Trail1", 
+                "TrailARN": "arn:aws:cloudtrail:us-east-1:123456789012:trail/Trail1", 
+                "LogFileValidationEnabled": false, 
+                "IsMultiRegionTrail": false, 
+                "S3BucketName": "amzn-s3-demo-bucket", 
+                "SnsTopicName": "my-topic-new", 
+                "HomeRegion": "us-east-1"
+            }
+        ], 
+        "ResponseMetadata": {
+            "HTTPStatusCode": 200, 
+            "RequestId": "31126f8a-c616-11e5-9cc6-2fd637936879"
+        }
     }
-  ], 
-  "ResponseMetadata": {
-  "HTTPStatusCode": 200, 
-  "RequestId": "31126f8a-c616-11e5-9cc6-2fd637936879"
-  }
-  }

awscli/examples/cloudtrail/update-trail.rst

@@ -1,16 +1,18 @@
 **To update a trail**
 
-The following ``update-trail`` command updates a trail to use an existing bucket for log delivery::
+The following ``update-trail`` example updates a trail to use an existing bucket for log delivery. ::
 
-  aws cloudtrail update-trail --name Trail1 --s3-bucket-name my-bucket
+    aws cloudtrail update-trail \
+        --name Trail1 \
+        --s3-bucket-name amzn-s3-demo-bucket
 
 Output::
 
-  {
-    "IncludeGlobalServiceEvents": true, 
-    "Name": "Trail1", 
-    "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", 
-    "LogFileValidationEnabled": false, 
-    "IsMultiRegionTrail": true, 
-    "S3BucketName": "my-bucket"
-  }
+    {
+        "IncludeGlobalServiceEvents": true, 
+        "Name": "Trail1", 
+        "TrailARN": "arn:aws:cloudtrail:us-west-2:123456789012:trail/Trail1", 
+        "LogFileValidationEnabled": false, 
+        "IsMultiRegionTrail": true, 
+        "S3BucketName": "amzn-s3-demo-bucket"
+    }

awscli/examples/codebuild/create-report-group.rst

@@ -13,7 +13,7 @@ Contents of create-report-group-source.json::
         "exportConfig": {
             "exportConfigType": "S3",
             "s3Destination": {
-                "bucket": "my-s3-bucket",
+                "bucket": "amzn-s3-demo-bucket",
                 "path": "",
                 "packaging": "ZIP",
                 "encryptionDisabled": true
@@ -31,7 +31,7 @@ Output::
             "exportConfig": {
                 "exportConfigType": "S3",
                 "s3Destination": {
-                    "bucket": "my-s3-bucket",
+                    "bucket": "amzn-s3-demo-bucket",
                     "path": "",
                     "packaging": "ZIP",
                     "encryptionDisabled": true

awscli/examples/datapipeline/get-pipeline-definition.rst

@@ -83,7 +83,7 @@ The following is example output::
         }
     ],
     "values": {
-        "myS3OutputLoc": "s3://my-s3-bucket/",
+        "myS3OutputLoc": "s3://amzn-s3-demo-bucket/",
         "myS3InputLoc": "s3://us-east-1.elasticmapreduce.samples/pig-apache-logs/data",
         "myShellCmd": "grep -rc \"GET\" ${INPUT1_STAGING_DIR}/* > ${OUTPUT1_STAGING_DIR}/output.txt"
     }

awscli/examples/ds-data/add-group-member.rst

@@ -0,0 +1,12 @@
+**To add a group member to a directory**
+
+The following ``add-group-member`` example adds the specified user to the specified group in the specified directory. ::
+
+    aws ds-data add-group-member \
+        --directory-id d-1234567890 \
+        --group-name 'sales' \
+        --member-name 'john.doe'
+
+This command produces no output.
+
+For more information, see `Adding or removing AWS Managed Microsoft AD members to groups and groups to groups <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_add_remove_user_group.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/create-group.rst

@@ -0,0 +1,17 @@
+**To create a group for a directory**
+
+The following ``create-group`` example creates a group in the specified directory. ::
+
+    aws ds-data create-group \
+        --directory-id d-1234567890 \
+        --sam-account-name 'sales'
+
+Output::
+
+    {
+        "DirectoryId": "d-9067f3da7a",
+        "SAMAccountName": "sales",
+        "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912"
+    }
+
+For more information, see `Creating an AWS Managed Microsoft AD group <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_create_group.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/create-user.rst

@@ -0,0 +1,17 @@
+**To create a user**
+
+The following ``create-user`` example creates a user in the specified directory. ::
+
+    aws ds-data create-user \
+        --directory-id d-1234567890 \
+        --sam-account-name 'john.doe'
+
+Output::
+
+    {
+        "DirectoryId": "d-1234567890",
+        "SAMAccountName": "john.doe",
+        "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912"
+    }
+
+For more information, see `Creating an AWS Managed Microsoft AD user <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_create_user.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/delete-group.rst

@@ -0,0 +1,11 @@
+**To delete a group**
+
+The following ``delete-group`` example deletes the specified group from the specified directory. ::
+
+    aws ds-data delete-group \
+        --directory-id d-1234567890 \
+        --sam-account-name 'sales'
+
+This command produces no output.
+
+For more information, see `Deleting an AWS Managed Microsoft AD group <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_delete_group.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/delete-user.rst

@@ -0,0 +1,11 @@
+**To delete a user**
+
+The following ``delete-user`` example deletes the specified user from the specified directory. ::
+
+    aws ds-data delete-user \
+        --directory-id d-1234567890 \
+        --sam-account-name 'john.doe'
+
+This command produces no output.
+
+For more information, see `Deleting an AWS Managed Microsoft AD user <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_delete_user.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/describe-group.rst

@@ -0,0 +1,21 @@
+**To list details of a group**
+
+The following ``describe-group`` example gets information for the specified group in the specified directory. ::
+
+    aws ds-data describe-group \
+        --directory-id d-1234567890 \
+        --sam-account-name 'sales'
+
+Output::
+
+    {
+        "DirectoryId": "d-1234567890",
+        "DistinguishedName": "CN=sales,OU=Users,OU=CORP,DC=corp,DC=example,DC=com",
+        "GroupScope": "Global",
+        "GroupType": "Security",
+        "Realm": "corp.example.com",
+        "SAMAccountName": "sales",
+        "SID": "S-1-2-34-5567891234-5678912345-67891234567-8912"
+    }
+
+For more information, see `Viewing and updating an AWS Managed Microsoft AD group's details <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_view_update_group.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/describe-user.rst

@@ -0,0 +1,21 @@
+**To list information for a user**
+
+The following ``describe-user`` example gets information for the specified user in the specified directory. ::
+
+    aws ds-data describe-user command-name \
+        --directory-id d-1234567890 \
+        --sam-account-name 'john.doe'
+
+Output::
+
+    {
+        "DirectoryId": "d-1234567890",
+        "DistinguishedName": "CN=john.doe,OU=Users,OU=CORP,DC=corp,DC=example,DC=com",
+        "Enabled": false,
+        "Realm": "corp.example.com",
+        "SAMAccountName": "john.doe",
+        "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567",
+        "UserPrincipalName": "john.doe@CORP.EXAMPLE.COM"
+    }
+
+For more information, see `Viewing and updating an AWS Managed Microsoft AD user <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_view_update_user.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/disable-directory-data-access.rst

@@ -0,0 +1,10 @@
+**To disable Directory Service Data API for a directory**
+
+The following ``disable-directory-data-access`` example disables the Directory Service Data API for the specified directory. ::
+
+    aws ds disable-directory-data-access \
+        --directory-id d-1234567890
+
+This command produces no output.
+
+For more information, see `Enabling or disabling user and group management or AWS Directory Service Data <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_users_groups_mgmt_enable_disable.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/disable-user.rst

@@ -0,0 +1,11 @@
+**To disable a user**
+
+The following ``disable-user`` example disables the specified user in the specified directory. ::
+
+    aws ds-data disable-user \
+        --directory-id d-1234567890 \
+        --sam-account-name 'john.doe'
+
+This command produces no output.
+
+For more information, see `Disabling an AWS Managed Microsoft AD user <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_disable_user.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/enable-directory-data-access.rst

@@ -0,0 +1,10 @@
+**To enable Directory Service Data API for a directory**
+
+The following ``enable-directory-data-access`` example enables the Directory Service Data API for the specified directory. ::
+
+    aws ds enable-directory-data-access \
+        --directory-id d-1234567890
+
+This command produces no output.
+
+For more information, see `Enabling or disabling user and group management or AWS Directory Service Data <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_users_groups_mgmt_enable_disable.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/list-group-members.rst

@@ -0,0 +1,29 @@
+**To list a directory's group members**
+
+The following ``list-group-members`` example lists the group members for the specified group in the specified directory. ::
+
+    aws ds-data list-group-members \
+        --directory-id d-1234567890 \
+        --sam-account-name 'sales'
+
+Output::
+
+    {
+        "Members": [
+            {
+                "MemberType": "USER",
+                "SAMAccountName": "Jane Doe",
+                "SID": "S-1-2-34-5678901234-5678901234-5678910123-4568"
+            },
+            {
+                "MemberType": "USER",
+                "SAMAccountName": "John Doe",
+                "SID": "S-1-2-34-5678901234-5678901234-5678910123-4569"
+            }
+        ],
+        "DirectoryId": "d-1234567890",
+        "MemberRealm": "corp.example.com",
+        "Realm": "corp.example.com"
+    }
+
+For more information, see `Viewing and updating an AWS Managed Microsoft AD group's details <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_view_update_group.html>`__ in the *AWS Directory Service Administration Guide*.

awscli/examples/ds-data/list-groups-for-member.rst

@@ -0,0 +1,25 @@
+**To list a directory's group membership**
+
+The following ``list-groups-for-member`` example lists group membership for the specified user in the specified directory. ::
+
+    aws ds-data list-groups-for-member \
+        --directory-id d-1234567890 \
+        --sam-account-name 'john.doe'
+
+Output::
+
+    {
+        "Groups": [
+            {
+                "GroupScope": "Global",
+                "GroupType": "Security",
+                "SAMAccountName": "Domain Users",
+                "SID": "S-1-2-34-5678901234-5678901234-5678910123-4567"
+            }
+        ],
+        "DirectoryId": "d-1234567890",
+        "MemberRealm": "corp.example.com",
+        "Realm": "corp.example.com"
+    }
+
+For more information, see `Viewing and updating an AWS Managed Microsoft AD user <https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_view_update_user.html>`__ in the *AWS Directory Service Administration Guide*.