awscli 1.38.12__py3-none-any.whl → 1.38.13__py3-none-any.whl

awscli/examples/cognito-idp/update-user-pool-client.rst

@@ -1,24 +1,121 @@
-**To update a user pool client**
-
-This example updates the name of a user pool client. It also adds a writeable attribute "nickname".
-
-Command::
-
-  aws cognito-idp update-user-pool-client --user-pool-id us-west-2_aaaaaaaaa --client-id 3n4b5urk1ft4fl3mg5e62d9ado --client-name "NewClientName" --write-attributes "nickname"
-
-Output::
-
-  {
-    "UserPoolClient": {
-        "UserPoolId": "us-west-2_aaaaaaaaa",
-        "ClientName": "NewClientName",
-        "ClientId": "3n4b5urk1ft4fl3mg5e62d9ado",
-        "LastModifiedDate": 1548802761.334,
-        "CreationDate": 1548178931.258,
-        "RefreshTokenValidity": 30,
-        "WriteAttributes": [
-            "nickname"
-        ],
-        "AllowedOAuthFlowsUserPoolClient": false
-    }
-  }
+**To update an app client**
+
+The following ``update-user-pool-client`` example updates the configuration of the requested app client. ::
+
+    aws cognito-idp update-user-pool-client \
+        --user-pool-id us-west-2_EXAMPLE \
+        --client-id 1example23456789 \
+        --client-name my-test-app \
+        --refresh-token-validity 30 \
+        --access-token-validity 60 \
+        --id-token-validity 60 \
+        --token-validity-units AccessToken=minutes,IdToken=minutes,RefreshToken=days \
+        --read-attributes "address" "birthdate" "email" "email_verified" "family_name" "gender" "locale" "middle_name" "name" "nickname" "phone_number" "phone_number_verified" "picture" "preferred_username" "profile" "updated_at" "website" "zoneinfo" \
+        --write-attributes "address" "birthdate" "email" "family_name" "gender" "locale" "middle_name" "name" "nickname" "phone_number" "picture" "preferred_username" "profile" "updated_at" "website" "zoneinfo" \
+        --explicit-auth-flows "ALLOW_ADMIN_USER_PASSWORD_AUTH" "ALLOW_CUSTOM_AUTH" "ALLOW_REFRESH_TOKEN_AUTH" "ALLOW_USER_PASSWORD_AUTH" "ALLOW_USER_SRP_AUTH" \
+        --supported-identity-providers "MySAML" "COGNITO" "Google" \
+        --callback-urls "https://www.example.com" "https://app2.example.com" \
+        --logout-urls "https://auth.example.com/login?client_id=1example23456789&response_type=code&redirect_uri=https%3A%2F%2Fwww.example.com" "https://example.com/logout" \
+        --default-redirect-uri "https://www.example.com" \
+        --allowed-o-auth-flows "code" "implicit" \
+        --allowed-o-auth-scopes "openid" "profile" "aws.cognito.signin.user.admin" \
+        --allowed-o-auth-flows-user-pool-client \
+        --prevent-user-existence-errors ENABLED \
+        --enable-token-revocation \
+        --no-enable-propagate-additional-user-context-data \
+        --auth-session-validity 3
+
+Output::
+
+    {
+        "UserPoolClient": {
+            "UserPoolId": "us-west-2_EXAMPLE",
+            "ClientName": "my-test-app",
+            "ClientId": "1example23456789",
+            "LastModifiedDate": "2025-01-31T14:40:12.498000-08:00",
+            "CreationDate": "2023-09-13T16:26:34.408000-07:00",
+            "RefreshTokenValidity": 30,
+            "AccessTokenValidity": 60,
+            "IdTokenValidity": 60,
+            "TokenValidityUnits": {
+                "AccessToken": "minutes",
+                "IdToken": "minutes",
+                "RefreshToken": "days"
+            },
+            "ReadAttributes": [
+                "website",
+                "zoneinfo",
+                "address",
+                "birthdate",
+                "email_verified",
+                "gender",
+                "profile",
+                "phone_number_verified",
+                "preferred_username",
+                "locale",
+                "middle_name",
+                "picture",
+                "updated_at",
+                "name",
+                "nickname",
+                "phone_number",
+                "family_name",
+                "email"
+            ],
+            "WriteAttributes": [
+                "website",
+                "zoneinfo",
+                "address",
+                "birthdate",
+                "gender",
+                "profile",
+                "preferred_username",
+                "locale",
+                "middle_name",
+                "picture",
+                "updated_at",
+                "name",
+                "nickname",
+                "phone_number",
+                "family_name",
+                "email"
+            ],
+            "ExplicitAuthFlows": [
+                "ALLOW_CUSTOM_AUTH",
+                "ALLOW_USER_PASSWORD_AUTH",
+                "ALLOW_ADMIN_USER_PASSWORD_AUTH",
+                "ALLOW_USER_SRP_AUTH",
+                "ALLOW_REFRESH_TOKEN_AUTH"
+            ],
+            "SupportedIdentityProviders": [
+                "Google",
+                "COGNITO",
+                "MySAML"
+            ],
+            "CallbackURLs": [
+                "https://www.example.com",
+                "https://app2.example.com"
+            ],
+            "LogoutURLs": [
+                "https://example.com/logout",
+                "https://auth.example.com/login?client_id=1example23456789&response_type=code&redirect_uri=https%3A%2F%2Fwww.example.com"
+            ],
+            "DefaultRedirectURI": "https://www.example.com",
+            "AllowedOAuthFlows": [
+                "implicit",
+                "code"
+            ],
+            "AllowedOAuthScopes": [
+                "aws.cognito.signin.user.admin",
+                "openid",
+                "profile"
+            ],
+            "AllowedOAuthFlowsUserPoolClient": true,
+            "PreventUserExistenceErrors": "ENABLED",
+            "EnableTokenRevocation": true,
+            "EnablePropagateAdditionalUserContextData": false,
+            "AuthSessionValidity": 3
+        }
+    }
+
+For more information, see `Application-specific settings with app clients <https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/update-user-pool-domain.rst

@@ -0,0 +1,18 @@
+**To update a custom domain**
+
+The following ``update-user-pool-domain`` example configures the branding version and certificate for the custom domain the requested user pool. ::
+
+    aws cognito-idp update-user-pool-domain \
+        --user-pool-id ca-central-1_EXAMPLE \
+        --domain auth.example.com \
+        --managed-login-version 2 \
+        --custom-domain-config CertificateArn=arn:aws:acm:us-east-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111
+
+Output::
+
+    {
+        "CloudFrontDomain": "example.cloudfront.net",
+        "ManagedLoginVersion": 2
+    }
+
+For more information, see `Managed login <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-managed-login.html>`__ and `Configuring a domain <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/verify-software-token.rst

@@ -0,0 +1,15 @@
+**To confirm registration of a TOTP authenticator**
+
+The following ``verify-software-token`` example completes TOTP registration for the current user. ::
+
+    aws cognito-idp verify-software-token \
+        --access-token eyJra456defEXAMPLE \
+        --user-code 123456
+
+Output::
+
+    {
+        "Status": "SUCCESS"
+    }
+
+For more information, see `Adding MFA to a user pool <https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/verify-user-attribute.rst

@@ -0,0 +1,10 @@
+**To verify an attribute change**
+
+The following ``verify-user-attribute`` example verifies a change to the current user's email attribute. ::
+
+    aws cognito-idp verify-user-attribute \
+        --access-token eyJra456defEXAMPLE \
+        --attribute-name email \
+        --code 123456
+
+For more information, see `Configuring email or phone verification <https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/ec2/associate-security-group-vpc.rst

@@ -0,0 +1,15 @@
+**To associate a security group with another VPC**
+
+The following ``associate-security-group-vpc`` example associates the specified security group with the specified VPC. ::
+
+    aws ec2 associate-security-group-vpc \
+        --group-id sg-04dbb43907d3f8a78 \
+        --vpc-id vpc-0bf4c2739bc05a694
+
+Output::
+
+    {
+        "State": "associating"
+    }
+
+For more information, see `Associate security groups with multiple VPCs <https://docs.aws.amazon.com/vpc/latest/userguide/security-group-assoc.html>`__ in the *Amazon VPC User Guide*.

awscli/examples/ec2/create-vpc-endpoint.rst

@@ -1,118 +1,196 @@
-**Example 1: To create a gateway endpoint**
-
-The following ``create-vpc-endpoint`` example creates a gateway VPC endpoint between VPC ``vpc-1a2b3c4d`` and Amazon S3 in the ``us-east-1`` region, and associates route table ``rtb-11aa22bb`` with the endpoint. ::
-
-    aws ec2 create-vpc-endpoint \
-        --vpc-id vpc-1a2b3c4d \
-        --service-name com.amazonaws.us-east-1.s3 \
-        --route-table-ids rtb-11aa22bb
-
-Output::
-
-    {
-        "VpcEndpoint": {
-            "PolicyDocument": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"\*\",\"Action\":\"\*\",\"Resource\":\"\*\"}]}",
-            "VpcId": "vpc-1a2b3c4d",
-            "State": "available",
-            "ServiceName": "com.amazonaws.us-east-1.s3",
-            "RouteTableIds": [
-                "rtb-11aa22bb"
-            ],
-            "VpcEndpointId": "vpc-1a2b3c4d",
-            "CreationTimestamp": "2015-05-15T09:40:50Z"
-        }
-    }
-
-For more information, see `Create a gateway endpoint <https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html#create-gateway-endpoint-s3>`__ in the *AWS PrivateLink User Guide*.
-
-**Example 2: To create an interface endpoint**
-
-The following ``create-vpc-endpoint`` example creates an interface VPC endpoint between VPC ``vpc-1a2b3c4d`` and Amazon S3 in the ``us-east-1`` region. The command creates the endpoint in subnet ``subnet-1a2b3c4d``, associates it with security group ``sg-1a2b3c4d``, and adds a tag with a key of "Service" and a Value of "S3". ::
-
-    aws ec2 create-vpc-endpoint \
-        --vpc-id vpc-1a2b3c4d \
-        --vpc-endpoint-type Interface \
-        --service-name com.amazonaws.us-east-1.s3 \
-        --subnet-ids subnet-7b16de0c \
-        --security-group-id sg-1a2b3c4d \
-        --tag-specifications ResourceType=vpc-endpoint,Tags=[{Key=service,Value=S3}]
-
-Output::
-
-    {
-        "VpcEndpoint": {
-            "VpcEndpointId": "vpce-1a2b3c4d5e6f1a2b3",
-            "VpcEndpointType": "Interface",
-            "VpcId": "vpc-1a2b3c4d",
-            "ServiceName": "com.amazonaws.us-east-1.s3",
-            "State": "pending",
-            "RouteTableIds": [],
-            "SubnetIds": [
-                "subnet-1a2b3c4d"
-            ],
-            "Groups": [
-                {
-                    "GroupId": "sg-1a2b3c4d",
-                    "GroupName": "default"
-                }
-            ],
-            "PrivateDnsEnabled": false,
-            "RequesterManaged": false,
-            "NetworkInterfaceIds": [
-                "eni-0b16f0581c8ac6877"
-            ],
-            "DnsEntries": [
-                {
-                    "DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg.s3.us-east-1.vpce.amazonaws.com",
-                    "HostedZoneId": "Z7HUB22UULQXV"
-                },
-                {
-                    "DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg-us-east-1c.s3.us-east-1.vpce.amazonaws.com",
-                    "HostedZoneId": "Z7HUB22UULQXV"
-                }
-            ],
-            "CreationTimestamp": "2021-03-05T14:46:16.030000+00:00",
-            "Tags": [
-                {
-                    "Key": "service",
-                    "Value": "S3"
-                }
-            ],
-            "OwnerId": "123456789012"
-        }
-    }
-
-For more information, see `Create an interface VPC endpoint <https://docs.aws.amazon.com/vpc/latest/privatelink/create-interface-endpoint.html>`__ in the *AWS PrivateLink User Guide*.
-
-**Example 3: To create a Gateway Load Balancer endpoint**
-
-The following ``create-vpc-endpoint`` example creates a Gateway Load Balancer endpoint between VPC ``vpc-111122223333aabbc`` and and a service that is configured using a Gateway Load Balancer. ::
-
-    aws ec2 create-vpc-endpoint \
-        --service-name com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123 \
-        --vpc-endpoint-type GatewayLoadBalancer \
-        --vpc-id vpc-111122223333aabbc \
-        --subnet-ids subnet-0011aabbcc2233445
-
-Output::
-
-    {
-        "VpcEndpoint": {
-            "VpcEndpointId": "vpce-aabbaabbaabbaabba",
-            "VpcEndpointType": "GatewayLoadBalancer",
-            "VpcId": "vpc-111122223333aabbc",
-            "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123",
-            "State": "pending",
-            "SubnetIds": [
-                "subnet-0011aabbcc2233445"
-            ],
-            "RequesterManaged": false,
-            "NetworkInterfaceIds": [
-                "eni-01010120203030405"
-            ],
-            "CreationTimestamp": "2020-11-11T08:06:03.522Z",
-            "OwnerId": "123456789012"
-        }
-    }
-
-For more information, see `Gateway Load Balancer endpoints <https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-load-balancer-endpoints.html>`__ in the *AWS PrivateLink User Guide*.
+**Example 1: To create a gateway endpoint**
+
+The following ``create-vpc-endpoint`` example creates a gateway VPC endpoint between VPC ``vpc-1a2b3c4d`` and Amazon S3 in the ``us-east-1`` region, and associates route table ``rtb-11aa22bb`` with the endpoint. ::
+
+    aws ec2 create-vpc-endpoint \
+        --vpc-id vpc-1a2b3c4d \
+        --service-name com.amazonaws.us-east-1.s3 \
+        --route-table-ids rtb-11aa22bb
+
+Output::
+
+    {
+        "VpcEndpoint": {
+            "PolicyDocument": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"\*\",\"Action\":\"\*\",\"Resource\":\"\*\"}]}",
+            "VpcId": "vpc-1a2b3c4d",
+            "State": "available",
+            "ServiceName": "com.amazonaws.us-east-1.s3",
+            "RouteTableIds": [
+                "rtb-11aa22bb"
+            ],
+            "VpcEndpointId": "vpc-1a2b3c4d",
+            "CreationTimestamp": "2015-05-15T09:40:50Z"
+        }
+    }
+
+For more information, see `Create a gateway endpoint <https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html#create-gateway-endpoint-s3>`__ in the *AWS PrivateLink User Guide*.
+
+**Example 2: To create an interface endpoint**
+
+The following ``create-vpc-endpoint`` example creates an interface VPC endpoint between VPC ``vpc-1a2b3c4d`` and Amazon S3 in the ``us-east-1`` region. The command creates the endpoint in subnet ``subnet-1a2b3c4d``, associates it with security group ``sg-1a2b3c4d``, and adds a tag with a key of "Service" and a Value of "S3". ::
+
+    aws ec2 create-vpc-endpoint \
+        --vpc-id vpc-1a2b3c4d \
+        --vpc-endpoint-type Interface \
+        --service-name com.amazonaws.us-east-1.s3 \
+        --subnet-ids subnet-7b16de0c \
+        --security-group-id sg-1a2b3c4d \
+        --tag-specifications ResourceType=vpc-endpoint,Tags=[{Key=service,Value=S3}]
+
+Output::
+
+    {
+        "VpcEndpoint": {
+            "VpcEndpointId": "vpce-1a2b3c4d5e6f1a2b3",
+            "VpcEndpointType": "Interface",
+            "VpcId": "vpc-1a2b3c4d",
+            "ServiceName": "com.amazonaws.us-east-1.s3",
+            "State": "pending",
+            "RouteTableIds": [],
+            "SubnetIds": [
+                "subnet-1a2b3c4d"
+            ],
+            "Groups": [
+                {
+                    "GroupId": "sg-1a2b3c4d",
+                    "GroupName": "default"
+                }
+            ],
+            "PrivateDnsEnabled": false,
+            "RequesterManaged": false,
+            "NetworkInterfaceIds": [
+                "eni-0b16f0581c8ac6877"
+            ],
+            "DnsEntries": [
+                {
+                    "DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg.s3.us-east-1.vpce.amazonaws.com",
+                    "HostedZoneId": "Z7HUB22UULQXV"
+                },
+                {
+                    "DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg-us-east-1c.s3.us-east-1.vpce.amazonaws.com",
+                    "HostedZoneId": "Z7HUB22UULQXV"
+                }
+            ],
+            "CreationTimestamp": "2021-03-05T14:46:16.030000+00:00",
+            "Tags": [
+                {
+                    "Key": "service",
+                    "Value": "S3"
+                }
+            ],
+            "OwnerId": "123456789012"
+        }
+    }
+
+For more information, see `Create an interface VPC endpoint <https://docs.aws.amazon.com/vpc/latest/privatelink/create-interface-endpoint.html>`__ in the *AWS PrivateLink User Guide*.
+
+**Example 3: To create a Gateway Load Balancer endpoint**
+
+The following ``create-vpc-endpoint`` example creates a Gateway Load Balancer endpoint between VPC ``vpc-111122223333aabbc`` and and a service that is configured using a Gateway Load Balancer. ::
+
+    aws ec2 create-vpc-endpoint \
+        --service-name com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123 \
+        --vpc-endpoint-type GatewayLoadBalancer \
+        --vpc-id vpc-111122223333aabbc \
+        --subnet-ids subnet-0011aabbcc2233445
+
+Output::
+
+    {
+        "VpcEndpoint": {
+            "VpcEndpointId": "vpce-aabbaabbaabbaabba",
+            "VpcEndpointType": "GatewayLoadBalancer",
+            "VpcId": "vpc-111122223333aabbc",
+            "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123",
+            "State": "pending",
+            "SubnetIds": [
+                "subnet-0011aabbcc2233445"
+            ],
+            "RequesterManaged": false,
+            "NetworkInterfaceIds": [
+                "eni-01010120203030405"
+            ],
+            "CreationTimestamp": "2020-11-11T08:06:03.522Z",
+            "OwnerId": "123456789012"
+        }
+    }
+
+For more information, see `Gateway Load Balancer endpoints <https://docs.aws.amazon.com/vpc/latest/privatelink/gateway-load-balancer-endpoints.html>`__ in the *AWS PrivateLink User Guide*.
+
+**Example 4: To create a resource endpoint**
+
+The following ``create-vpc-endpoint`` example creates a resource endpoint. ::
+
+    aws ec2 create-vpc-endpoint \
+        --vpc-endpoint-type Resource \
+        --vpc-id vpc-111122223333aabbc \
+        --subnet-ids subnet-0011aabbcc2233445 \
+        --resource-configuration-arn arn:aws:vpc-lattice-us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432
+
+Output::
+
+    {
+        "VpcEndpoint": {
+            "VpcEndpointId": "vpce-00939a7ed9EXAMPLE",
+            "VpcEndpointType": "Resource",
+            "VpcId": "vpc-111122223333aabbc",
+            "State": "Pending",
+            "SubnetIds": [
+                "subnet-0011aabbcc2233445"
+            ],
+            "Groups": [
+                {
+                    "GroupId": "sg-03e2f15fbfc09b000",
+                    "GroupName": "default"
+                }
+            ],
+            "IpAddressType": "IPV4",
+            "PrivateDnsEnabled": false,
+            "CreationTimestamp": "2025-02-06T23:38:49.525000+00:00",
+            "Tags": [],
+            "OwnerId": "123456789012",
+            "ResourceConfigurationArn": "arn:aws:vpc-lattice:us-east-1:123456789012:resourceconfiguration/rcfg-0123abcde98765432"
+        }
+    }
+
+For more information, see `Resource endpoints <https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-resources.html>`__ in the *AWS PrivateLink User Guide*.
+
+**Example 5: To create a service network endpoint**
+
+The following ``create-vpc-endpoint`` example creates a service network endpoint. ::
+
+    aws ec2 create-vpc-endpoint \
+        --vpc-endpoint-type ServiceNetwork \
+        --vpc-id vpc-111122223333aabbc \
+        --subnet-ids subnet-0011aabbcc2233445 \
+        --service-network-arn arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0 \
+        --security-group-ids sg-0123456789012abcd
+
+Output::
+
+    {
+        "VpcEndpoint": {
+            "VpcEndpointId": "vpce-0f00567fa8EXAMPLE",
+            "VpcEndpointType": "ServiceNetwork",
+            "VpcId": "vpc-111122223333aabbc",
+            "State": "Pending",
+            "SubnetIds": [
+                "subnet-0011aabbcc2233445"
+            ],
+            "Groups": [
+                {
+                    "GroupId": "sg-0123456789012abcd",
+                    "GroupName": "my-security-group"
+                }
+            ],
+            "IpAddressType": "IPV4",
+            "PrivateDnsEnabled": false,
+            "CreationTimestamp": "2025-02-06T23:44:20.449000+00:00",
+            "Tags": [],
+            "OwnerId": "123456789012",
+            "ServiceNetworkArn": "arn:aws:vpc-lattice:us-east-1:123456789012:servicenetwork/sn-0101abcd5432abcd0"
+        }
+    }
+
+For more information, see `Service network endpoints <https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-access-service-networks.html>`__ in the *AWS PrivateLink User Guide*.
+

awscli/examples/ec2/describe-security-group-vpc-associations.rst

@@ -0,0 +1,21 @@
+**To describe VPC associations**
+
+The following ``describe-security-group-vpc-associations`` example describes the VPC associations for the specified security group. ::
+
+    aws ec2 describe-security-group-vpc-associations \
+        --filters Name=group-id,Values=sg-04dbb43907d3f8a78
+
+Output::
+
+    {
+        "SecurityGroupVpcAssociations": [
+            {
+                "GroupId": "sg-04dbb43907d3f8a78",
+                "VpcId": "vpc-0bf4c2739bc05a694",
+                "VpcOwnerId": "123456789012",
+                "State": "associated"
+            }
+        ]
+    }
+
+For more information, see `Associate security groups with multiple VPCs <https://docs.aws.amazon.com/vpc/latest/userguide/security-group-assoc.html>`__ in the *Amazon VPC User Guide*.

awscli/examples/ec2/describe-vpc-endpoint-associations.rst

@@ -0,0 +1,24 @@
+**To describe VPC endpoint associations**
+
+The following ``describe-vpc-endpoint-associations`` example describes your VPC endpoint associations. ::
+
+    aws ec2 describe-vpc-endpoint-associations
+
+Output::
+
+    {
+        "VpcEndpointAssociations": [
+            {
+                "Id": "vpce-rsc-asc-0a810ca6ac8866bf9",
+                "VpcEndpointId": "vpce-019b90d6f16d4f958",
+                "AssociatedResourceAccessibility": "Accessible",
+                "DnsEntry": {
+                    "DnsName": "vpce-019b90d6f16d4f958.rcfg-07129f3acded87625.4232ccc.vpc-lattice-rsc.us-east-2.on.aws",
+                    "HostedZoneId": "Z03265862FOUNWMZOKUF4"
+                },
+                "AssociatedResourceArn": "arn:aws:vpc-lattice:us-east-1:123456789012:resourceconfiguration/rcfg-07129f3acded87625"
+            }
+        ]
+    }
+
+For more information, see `Manage VPC endpoint associations <https://docs.aws.amazon.com/vpc/latest/privatelink/resource-configuration-associations.html#resource-config-manage-ep-association>`__ in the *AWS PrivateLink User Guide*.

awscli/examples/ec2/disable-image-deregistration-protection.rst

@@ -0,0 +1,14 @@
+**To disable deregistration protection**
+
+The following ``disable-image-deregistration-protection`` example disables deregistration protection for the specified image. ::
+
+    aws ec2 disable-image-deregistration-protection \
+        --image-id ami-0b1a928a144a74ec9
+
+Output::
+
+    {
+        "Return": "disabled"
+    }
+
+For more information, see `Protect an AMI from deregistration <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-deregistration-protection.html>`__ in the *Amazon EC2 User Guide*.

awscli/examples/ec2/disassociate-security-group-vpc.rst

@@ -0,0 +1,15 @@
+**To disassociate a security group from a VPC**
+
+The following ``disassociate-security-group-vpc`` example disassociates the specified security group from the specified VPC. ::
+
+    aws ec2 disassociate-security-group-vpc \
+        --group-id sg-04dbb43907d3f8a78 \
+        --vpc-id vpc-0bf4c2739bc05a694
+
+Output::
+
+    {
+        "State": "disassociating"
+    }
+
+For more information, see `Associate security groups with multiple VPCs <https://docs.aws.amazon.com/vpc/latest/userguide/security-group-assoc.html>`__ in the *Amazon VPC User Guide*.

awscli/examples/ec2/enable-image-deregistration-protection.rst

@@ -0,0 +1,14 @@
+**To enable deregistration protection**
+
+The following ``enable-image-deregistration-protection`` example enables deregistration protection for the specified image. ::
+
+    aws ec2 enable-image-deregistration-protection \
+        --image-id ami-0b1a928a144a74ec9
+
+Output::
+
+    {
+        "Return": "enabled-without-cooldown"
+    }
+
+For more information, see `Protect an EC2 AMI from deregistration <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-deregistration-protection.html>`__ in the *Amazon EC2 User Guide*.

awscli/examples/vpc-lattice/create-resource-configuration.rst

@@ -0,0 +1,32 @@
+**To create a resource configuration**
+
+The following ``create-resource-configuration`` example creates a resource configuration that specifies a single IPv4 address. ::
+
+    aws vpc-lattice create-resource-configuration \
+        --name my-resource-config \
+        --type SINGLE \
+        --resource-gateway-identifier rgw-0bba03f3d56060135 \
+        --resource-configuration-definition 'ipResource={ipAddress=10.0.14.85}'
+
+Output::
+
+    {
+        "allowAssociationToShareableServiceNetwork": true,
+        "arn": "arn:aws:vpc-lattice:us-east-1:123456789012:resourceconfiguration/rcfg-07129f3acded87625",
+        "id": "rcfg-07129f3acded87625",
+        "name": "my-resource-config",
+        "portRanges": [
+            "1-65535"
+        ],
+        "protocol": "TCP",
+        "resourceConfigurationDefinition": {
+            "ipResource": {
+                "ipAddress": "10.0.14.85"
+            }
+        },
+        "resourceGatewayId": "rgw-0bba03f3d56060135",
+        "status": "ACTIVE",
+        "type": "SINGLE"
+    }
+
+For more information, see `Resource configurations for VPC resources <https://docs.aws.amazon.com/vpc-lattice/latest/ug/resource-configuration.html>`__ in the *Amazon VPC Lattice User Guide*.