awscli 1.38.8__py3-none-any.whl → 1.38.10__py3-none-any.whl

awscli/examples/cognito-idp/list-user-import-jobs.rst

@@ -1,57 +1,61 @@
-**To list user import jobs**
-
-This example lists user import jobs. 
-
-For more information about importing users, see `Importing Users into User Pools From a CSV File`_.
-
-Command::
-
-  aws cognito-idp list-user-import-jobs --user-pool-id us-west-2_aaaaaaaaa  --max-results 20
-
-Output::
-
-  {
-    "UserImportJobs": [
-        {
-            "JobName": "Test2",
-            "JobId": "import-d0OnwGA3mV",
-            "UserPoolId": "us-west-2_aaaaaaaaa",
-            "PreSignedUrl": "PRE_SIGNED_URL",
-            "CreationDate": 1548272793.069,
-            "Status": "Created",
-            "CloudWatchLogsRoleArn": "arn:aws:iam::111111111111:role/CognitoCloudWatchLogsRole",
-            "ImportedUsers": 0,
-            "SkippedUsers": 0,
-            "FailedUsers": 0
-        },
-        {
-            "JobName": "Test1",
-            "JobId": "import-qQ0DCt2fRh",
-            "UserPoolId": "us-west-2_aaaaaaaaa",
-            "PreSignedUrl": "PRE_SIGNED_URL",
-            "CreationDate": 1548271795.471,
-            "Status": "Created",
-            "CloudWatchLogsRoleArn": "arn:aws:iam::111111111111:role/CognitoCloudWatchLogsRole",
-            "ImportedUsers": 0,
-            "SkippedUsers": 0,
-            "FailedUsers": 0
-        },
-        {
-            "JobName": "import-Test1",
-            "JobId": "import-TZqNQvDRnW",
-            "UserPoolId": "us-west-2_aaaaaaaaa",
-            "PreSignedUrl": "PRE_SIGNED_URL",
-            "CreationDate": 1548271708.512,
-            "StartDate": 1548277247.962,
-            "CompletionDate": 1548277248.912,
-            "Status": "Failed",
-            "CloudWatchLogsRoleArn": "arn:aws:iam::111111111111:role/CognitoCloudWatchLogsRole",
-            "ImportedUsers": 0,
-            "SkippedUsers": 0,
-            "FailedUsers": 1,
-            "CompletionMessage": "Too many users have failed or been skipped during the import."
-        }
-    ]
-  }
-  
-.. _`Importing Users into User Pools From a CSV File`: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool.html
+**To list user import jobs and statuses**
+
+The following ``list-user-import-jobs`` example lists first three user import jobs and their details in the requested user pool. ::
+
+    aws cognito-idp list-user-import-jobs \
+        --user-pool-id us-west-2_EXAMPLE \
+        --max-results 3
+
+Output::
+
+    {
+        "PaginationToken": "us-west-2_EXAMPLE#import-example3#1667948397084",
+        "UserImportJobs": [
+            {
+                "CloudWatchLogsRoleArn": "arn:aws:iam::123456789012:role/service-role/Cognito-UserImport-Role",
+                "CompletionDate": 1735329786.142,
+                "CompletionMessage": "The user import job has expired.",
+                "CreationDate": 1735241621.022,
+                "FailedUsers": 0,
+                "ImportedUsers": 0,
+                "JobId": "import-example1",
+                "JobName": "Test-import-job-1",
+                "PreSignedUrl": "https://aws-cognito-idp-user-import-pdx.s3.us-west-2.amazonaws.com/123456789012/us-west-2_EXAMPLE/import-mAgUtd8PMm?X-Amz-Security-Token=[token]&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20241226T193341Z&X-Amz-SignedHeaders=host%3Bx-amz-server-side-encryption&X-Amz-Expires=899&X-Amz-Credential=[credential]&X-Amz-Signature=[signature]",
+                "SkippedUsers": 0,
+                "Status": "Expired",
+                "UserPoolId": "us-west-2_EXAMPLE"
+            },
+            {
+                "CloudWatchLogsRoleArn": "arn:aws:iam::123456789012:role/service-role/Cognito-UserImport-Role",
+                "CompletionDate": 1681509058.408,
+                "CompletionMessage": "Too many users have failed or been skipped during the import.",
+                "CreationDate": 1681509001.477,
+                "FailedUsers": 1,
+                "ImportedUsers": 0,
+                "JobId": "import-example2",
+                "JobName": "Test-import-job-2",
+                "PreSignedUrl": "https://aws-cognito-idp-user-import-pdx.s3.us-west-2.amazonaws.com/123456789012/us-west-2_EXAMPLE/import-mAgUtd8PMm?X-Amz-Security-Token=[token]&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20241226T193341Z&X-Amz-SignedHeaders=host%3Bx-amz-server-side-encryption&X-Amz-Expires=899&X-Amz-Credential=[credential]&X-Amz-Signature=[signature]",
+                "SkippedUsers": 0,
+                "StartDate": 1681509057.965,
+                "Status": "Failed",
+                "UserPoolId": "us-west-2_EXAMPLE"
+            },
+            {
+                "CloudWatchLogsRoleArn": "arn:aws:iam::123456789012:role/service-role/Cognito-UserImport-Role",
+                "CompletionDate": 1.667864578676E9,
+                "CompletionMessage": "Import Job Completed Successfully.",
+                "CreationDate": 1.667864480281E9,
+                "FailedUsers": 0,
+                "ImportedUsers": 6,
+                "JobId": "import-example3",
+                "JobName": "Test-import-job-3",
+                "PreSignedUrl": "https://aws-cognito-idp-user-import-pdx.s3.us-west-2.amazonaws.com/123456789012/us-west-2_EXAMPLE/import-mAgUtd8PMm?X-Amz-Security-Token=[token]&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20241226T193341Z&X-Amz-SignedHeaders=host%3Bx-amz-server-side-encryption&X-Amz-Expires=899&X-Amz-Credential=[credential]&X-Amz-Signature=[signature]",
+                "SkippedUsers": 0,
+                "StartDate": 1.667864578167E9,
+                "Status": "Succeeded",
+                "UserPoolId": "us-west-2_EXAMPLE"
+            }
+        ]
+    }
+
+For more information, see `Importing users from a CSV file <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/list-user-pool-clients.rst

@@ -0,0 +1,32 @@
+**To list app clients**
+
+The following ``list-user-pool-clients`` example lists the first three app clients in the requested user pool. ::
+
+    aws cognito-idp list-user-pool-clients \
+        --user-pool-id us-west-2_EXAMPLE \
+        --max-results 3
+
+Output::
+
+    {
+        "NextToken": "[Pagination token]",
+        "UserPoolClients": [
+            {
+                "ClientId": "1example23456789",
+                "ClientName": "app-client-1",
+                "UserPoolId": "us-west-2_EXAMPLE"
+            },
+            {
+                "ClientId": "2example34567890",
+                "ClientName": "app-client-2",
+                "UserPoolId": "us-west-2_EXAMPLE"
+            },
+            {
+                "ClientId": "3example45678901",
+                "ClientName": "app-client-3",
+                "UserPoolId": "us-west-2_EXAMPLE"
+            }
+        ]
+    }
+
+For more information, see `App clients <https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/list-user-pools.rst

@@ -1,22 +1,48 @@
-**To list user pools**
-
-This example lists up to 20 user pools.   
-
-Command::
-
-  aws cognito-idp list-user-pools --max-results 20
-
-Output::
-
-  {
-    "UserPools": [
-        {
-           "CreationDate": 1547763720.822,
-           "LastModifiedDate": 1547763720.822,
-           "LambdaConfig": {},
-           "Id": "us-west-2_aaaaaaaaa",
-           "Name": "MyUserPool"
-        }
-    ]
-  }
-
+**To list user pools**
+
+The following ``list-user-pools`` example lists 3 of the available user pools in the AWS account of the current CLI credentials. ::
+
+    aws cognito-idp list-user-pools \
+        --max-results 3
+
+Output::
+
+    {
+        "NextToken": "[Pagination token]",
+        "UserPools": [
+            {
+                "CreationDate": 1681502497.741,
+                "Id": "us-west-2_EXAMPLE1",
+                "LambdaConfig": {
+                    "CustomMessage": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction",
+                    "PreSignUp": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction",
+                    "PreTokenGeneration": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction",
+                    "PreTokenGenerationConfig": {
+                        "LambdaArn": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction",
+                        "LambdaVersion": "V1_0"
+                    }
+                },
+                "LastModifiedDate": 1681502497.741,
+                "Name": "user pool 1"
+            },
+            {
+                "CreationDate": 1686064178.717,
+                "Id": "us-west-2_EXAMPLE2",
+                "LambdaConfig": {
+                },
+                "LastModifiedDate": 1686064178.873,
+                "Name": "user pool 2"
+            },
+            {
+                "CreationDate": 1627681712.237,
+                "Id": "us-west-2_EXAMPLE3",
+                "LambdaConfig": {
+                    "UserMigration": "arn:aws:lambda:us-east-1:123456789012:function:MyFunction"
+                },
+                "LastModifiedDate": 1678486942.479,
+                "Name": "user pool 3"
+            }
+        ]
+    }
+
+For more information, see `Amazon Cognito user pools <https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/list-users.rst

@@ -1,35 +1,98 @@
-**To list users**
-
-This example lists up to 20 users.   
-
-Command::
-
-  aws cognito-idp list-users --user-pool-id us-west-2_aaaaaaaaa --limit 20
-
-Output::
-
-  {
-    "Users": [
-        {
-            "Username": "22704aa3-fc10-479a-97eb-2af5806bd327",
-            "Enabled": true,
-            "UserStatus": "FORCE_CHANGE_PASSWORD",
-            "UserCreateDate": 1548089817.683,
-            "UserLastModifiedDate": 1548089817.683,
-            "Attributes": [
-                {
-                    "Name": "sub",
-                    "Value": "22704aa3-fc10-479a-97eb-2af5806bd327"
-                },
-                {
-                    "Name": "email_verified",
-                    "Value": "true"
-                },
-                {
-                    "Name": "email",
-                    "Value": "mary@example.com"
-                }
-            ]
-        }
-    ]
-  }
+**Example 1: To list users with a server-side filter**
+
+The following ``list-users`` example lists 3 users in the requested user pool whose email addresses begin with ``testuser``. ::
+
+    aws cognito-idp list-users \
+        --user-pool-id us-west-2_EXAMPLE \
+        --filter email^=\"testuser\" \
+        --max-items 3 
+
+Output::
+
+    {
+        "PaginationToken": "efgh5678EXAMPLE",
+        "Users": [
+            {
+                "Attributes": [
+                    {
+                        "Name": "sub",
+                        "Value": "eaad0219-2117-439f-8d46-4db20e59268f"
+                    },
+                    {
+                        "Name": "email",
+                        "Value": "testuser@example.com"
+                    }
+                ],
+                "Enabled": true,
+                "UserCreateDate": 1682955829.578,
+                "UserLastModifiedDate": 1689030181.63,
+                "UserStatus": "CONFIRMED",
+                "Username": "testuser"
+            },
+            {
+                "Attributes": [
+                    {
+                        "Name": "sub",
+                        "Value": "3b994cfd-0b07-4581-be46-3c82f9a70c90"
+                    },
+                    {
+                        "Name": "email",
+                        "Value": "testuser2@example.com"
+                    }
+                ],
+                "Enabled": true,
+                "UserCreateDate": 1684427979.201,
+                "UserLastModifiedDate": 1684427979.201,
+                "UserStatus": "UNCONFIRMED",
+                "Username": "testuser2"
+            },
+            {
+                "Attributes": [
+                    {
+                        "Name": "sub",
+                        "Value": "5929e0d1-4c34-42d1-9b79-a5ecacfe66f7"
+                    },
+                    {
+                        "Name": "email",
+                        "Value": "testuser3@example.com"
+                    }
+                ],
+                "Enabled": true,
+                "UserCreateDate": 1684427823.641,
+                "UserLastModifiedDate": 1684427823.641,
+                "UserStatus": "UNCONFIRMED",
+                "Username": "testuser3@example.com"
+            }
+        ]
+    }
+
+For more information, see `Managing and searching for users <https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-manage-user-accounts.html>`__ in the *Amazon Cognito Developer Guide*.
+
+**Example 2: To list users with a client-side filter**
+
+The following ``list-users`` example lists the attributes of three users who have an attribute, in this case their email address, that contains the email domain "@example.com". If other attributes contained this string, they would also be displayed. The second user has no attributes that match the query and is excluded from the displayed output, but not from the server response. ::
+
+    aws cognito-idp list-users \
+        --user-pool-id us-west-2_EXAMPLE \
+        --max-items 3 
+        --query Users\[\*\].Attributes\[\?Value\.contains\(\@\,\'@example.com\'\)\]
+
+Output::
+
+    [
+        [
+            {
+                "Name": "email",
+                "Value": "admin@example.com"
+            }
+        ],
+        [],
+        [
+            {
+                "Name": "email",
+                "Value": "operator@example.com"
+            }
+        ]
+    ]
+
+For more information, see `Managing and searching for users <https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-manage-user-accounts.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/list-web-authn-credentials.rst

@@ -0,0 +1,22 @@
+**To list passkey credentials**
+
+The following ``list-web-authn-credentials`` example lists passkey, or WebAuthn, credentials for the current user. They have one registered device. ::
+
+    aws cognito-idp list-web-authn-credentials \
+        --access-token eyJra456defEXAMPLE
+
+Output::
+
+    {
+        "Credentials": [
+            {
+                "AuthenticatorAttachment": "cross-platform",
+                "CreatedAt": 1736293876.115,
+                "CredentialId": "8LApgk4-lNUFHbhm2w6Und7-uxcc8coJGsPxiogvHoItc64xWQc3r4CEXAMPLE",
+                "FriendlyCredentialName": "Roaming passkey",
+                "RelyingPartyId": "auth.example.com"
+            }
+        ]
+    }
+
+For more information, see `Passkey sign-in <https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow-methods.html#amazon-cognito-user-pools-authentication-flow-methods-passkey>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/respond-to-auth-challenge.rst

@@ -1,27 +1,78 @@
-**To respond to an authorization challenge**
-
-This example responds to an authorization challenge initiated with `initiate-auth`_. It is a response to the NEW_PASSWORD_REQUIRED challenge. 
-It sets a password for user jane@example.com.
-
-Command::
-
-  aws cognito-idp respond-to-auth-challenge --client-id 3n4b5urk1ft4fl3mg5e62d9ado --challenge-name NEW_PASSWORD_REQUIRED --challenge-responses USERNAME=jane@example.com,NEW_PASSWORD="password" --session "SESSION_TOKEN"
-
-Output::
-
-  {
-    "ChallengeParameters": {},
-    "AuthenticationResult": {
-        "AccessToken": "ACCESS_TOKEN",
-        "ExpiresIn": 3600,
-        "TokenType": "Bearer",
-        "RefreshToken": "REFRESH_TOKEN",
-        "IdToken": "ID_TOKEN",
-        "NewDeviceMetadata": {
-            "DeviceKey": "us-west-2_fec070d2-fa88-424a-8ec8-b26d7198eb23",
-            "DeviceGroupKey": "-wt2ha1Zd"
-        }
-    }
-  }
-  
-.. _`initiate-auth`: https://docs.aws.amazon.com/cli/latest/reference/cognito-idp/initiate-auth.html
+**Example 1: To respond to a NEW_PASSWORD_REQUIRED challenge**
+
+The following ``respond-to-auth-challenge`` example responds to a NEW_PASSWORD_REQUIRED challenge that `initiate-auth`_ returned. It sets a password for the user ``jane@example.com``. ::
+
+    aws cognito-idp respond-to-auth-challenge \
+        --client-id 1example23456789 \
+        --challenge-name NEW_PASSWORD_REQUIRED \
+        --challenge-responses USERNAME=jane@example.com,NEW_PASSWORD=[Password] \
+        --session AYABeEv5HklEXAMPLE
+
+Output::
+
+    {
+        "ChallengeParameters": {},
+        "AuthenticationResult": {
+            "AccessToken": "ACCESS_TOKEN",
+            "ExpiresIn": 3600,
+            "TokenType": "Bearer",
+            "RefreshToken": "REFRESH_TOKEN",
+            "IdToken": "ID_TOKEN",
+            "NewDeviceMetadata": {
+                "DeviceKey": "us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
+                "DeviceGroupKey": "-wt2ha1Zd"
+            }
+        }
+    }
+
+For more information, see `Authentication <https://docs.aws.amazon.com/cognito/latest/developerguide/authentication.html>`__ in the *Amazon Cognito Developer Guide*.
+
+**Example 2: To respond to a SELECT_MFA_TYPE challenge**
+
+The following ``respond-to-auth-challenge`` example chooses TOTP MFA as the MFA option for the current user. The user was prompted to select an MFA type and will next be prompted to enter their MFA code. ::
+
+    aws cognito-idp respond-to-auth-challenge \
+        --client-id 1example23456789 
+        --session AYABeEv5HklEXAMPLE 
+        --challenge-name SELECT_MFA_TYPE 
+        --challenge-responses USERNAME=testuser,ANSWER=SOFTWARE_TOKEN_MFA
+
+Output::
+
+    {
+        "ChallengeName": "SOFTWARE_TOKEN_MFA",
+        "Session": "AYABeEv5HklEXAMPLE",
+        "ChallengeParameters": {
+            "FRIENDLY_DEVICE_NAME": "transparent"
+        }
+    }
+
+For more information, see `Adding MFA <https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html>`__ in the *Amazon Cognito Developer Guide*.
+
+**Example 3: To respond to a SOFTWARE_TOKEN_MFA challenge**
+
+The following ``respond-to-auth-challenge`` example provides a TOTP MFA code and completes sign-in. ::
+
+    aws cognito-idp respond-to-auth-challenge \
+        --client-id 1example23456789 \
+        --session AYABeEv5HklEXAMPLE \
+        --challenge-name SOFTWARE_TOKEN_MFA \
+        --challenge-responses USERNAME=testuser,SOFTWARE_TOKEN_MFA_CODE=123456
+
+Output::
+
+    {
+        "AuthenticationResult": {
+            "AccessToken": "eyJra456defEXAMPLE",
+            "ExpiresIn": 3600,
+            "TokenType": "Bearer",
+            "RefreshToken": "eyJra123abcEXAMPLE",
+            "IdToken": "eyJra789ghiEXAMPLE",
+            "NewDeviceMetadata": {
+                "DeviceKey": "us-west-2_a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
+                "DeviceGroupKey": "-v7w9UcY6"
+            }
+        }
+    }
+
+For more information, see `Adding MFA <https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/revoke-token.rst

@@ -0,0 +1,11 @@
+**To revoke a refresh token**
+
+The following ``revoke-token`` revokes the requested refresh token and associated access tokens. ::
+
+    aws cognito-idp revoke-token \
+        --token eyJjd123abcEXAMPLE \
+        --client-id 1example23456789
+
+This command produces no output.
+
+For more information, see `Revoking tokens <https://docs.aws.amazon.com/cognito/latest/developerguide/token-revocation.html>`__ in the *Amazon Cognito Developer Guide*.

awscli/examples/cognito-idp/set-log-delivery-configuration.rst

@@ -0,0 +1,33 @@
+**To set up log export from a user pool**
+
+The following ``set-log-delivery-configuration`` example configures the requested user pool with user-notification error logging to a log group and user-authentication info logging to an S3 bucket. ::
+
+    aws cognito-idp set-log-delivery-configuration \
+        --user-pool-id us-west-2_EXAMPLE \
+        --log-configurations LogLevel=ERROR,EventSource=userNotification,CloudWatchLogsConfiguration={LogGroupArn=arn:aws:logs:us-west-2:123456789012:log-group:cognito-exported} LogLevel=INFO,EventSource=userAuthEvents,S3Configuration={BucketArn=arn:aws:s3:::amzn-s3-demo-bucket1}
+
+Output::
+
+    {
+       "LogDeliveryConfiguration": {
+            "LogConfigurations": [
+                {
+                    "CloudWatchLogsConfiguration": {
+                        "LogGroupArn": "arn:aws:logs:us-west-2:123456789012:log-group:cognito-exported"
+                    },
+                    "EventSource": "userNotification",
+                    "LogLevel": "ERROR"
+                },
+                {
+                    "EventSource": "userAuthEvents",
+                    "LogLevel": "INFO",
+                    "S3Configuration": {
+                        "BucketArn": "arn:aws:s3:::amzn-s3-demo-bucket1"
+                    }
+                }
+            ],
+            "UserPoolId": "us-west-2_EXAMPLE"
+       }
+    }
+
+For more information, see `Exporting user pool logs <https://docs.aws.amazon.com/cognito/latest/developerguide/exporting-quotas-and-usage.html>`__ in the *Amazon Cognito Developer Guide*.