-
Notifications
You must be signed in to change notification settings - Fork 4.5k
Add CLI examples for ControTower APIs #9452
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
AndrewAsseily
merged 48 commits into
aws:develop
from
eodeyemi14:eodeyemi/controltower-cli-docs
May 12, 2026
Merged
Changes from all commits
Commits
Show all changes
48 commits
Select commit
Hold shift + click to select a range
9b86dab
Add CLI examples for ControTower APIs
eodeyemi14 190c64d
fix control tower examples
eodeyemi14 4ce7924
fix enable-baseline
eodeyemi14 4b80c02
Update target identifier in enable-baseline example
eodeyemi14 382cb5d
Fix formatting in create-landing-zone.rst
eodeyemi14 d04081f
Fix formatting issue in delete-landing-zone.rst
eodeyemi14 d18844f
Fix formatting of disable-control.rst
eodeyemi14 13ac031
Fix formatting in enable-control.rst
eodeyemi14 e1fac72
Fix newline at end of get-baseline-operation.rst
eodeyemi14 4f270cd
Fix missing newline at end of get-baseline.rst
eodeyemi14 8b35da8
Fix missing newline at end of get-control-operation.rst
eodeyemi14 3a4a4d3
Fix newline at end of get-enabled-baseline.rst
eodeyemi14 93ef017
Fix formatting in get-enabled-control.rst
eodeyemi14 dbe942a
Fix formatting in get-landing-zone-operation.rst
eodeyemi14 83306b9
Fix newline at end of get-landing-zone.rst
eodeyemi14 f667e46
Fix formatting in list-baselines.rst
eodeyemi14 ed80ba2
Fix formatting of the information link in documentation
eodeyemi14 0fd6541
Fix formatting
eodeyemi14 a2ae5a8
Fix formatting in list-enabled-controls.rst
eodeyemi14 c9e16a3
Fix formatting of landing zone operations documentation
eodeyemi14 374fda7
Fix formatting in list-landing-zones.rst
eodeyemi14 8d86d57
Fix formatting of list-tags-for-resource.rst
eodeyemi14 0d2ecc7
Fix missing newline at end of reset-enabled-baseline.rst
eodeyemi14 b8aa7f6
Fix missing newline at end of reset-enabled-control.rst
eodeyemi14 39dff0f
Fix newline at end of reset-landing-zone.rst
eodeyemi14 85d542b
Fix formatting in tag-resource.rst
eodeyemi14 3275908
Fix formatting of resource untagging documentation
eodeyemi14 e135faf
Fix formatting issue in update-enabled-baseline.rst
eodeyemi14 75c65f0
Fix missing newline at end of update-enabled-control.rst
eodeyemi14 a2feda7
Fix formatting in update-landing-zone.rst
eodeyemi14 11cbcf5
Fix formatting in delete-landing-zone.rst
eodeyemi14 0b24cd1
Fix formatting in update-landing-zone.rst
eodeyemi14 fcd51bc
Update get-landing-zone.rst with user guide link
eodeyemi14 fa99a97
Update example ARN in update-enabled-control.rst
eodeyemi14 ca7f05c
Apply suggestion from @elysahall
eodeyemi14 9cd9ed1
Fix formatting by removing extra newline
eodeyemi14 c974748
Fix typo in list-enabled-controls documentation
eodeyemi14 466c8af
Fix statusMessage formatting in list-control-operations.rst
eodeyemi14 c7e8fa5
Update centralized logging account ID and KMS key ARN
eodeyemi14 9264ef8
Fix grammar in get-landing-zone-operation example
eodeyemi14 9c56274
Update get-landing-zone-operation.rst
eodeyemi14 b9217e1
Fix grammatical error in get-enabled-control example
eodeyemi14 8d191de
Update get-enabled-baseline.rst
eodeyemi14 143743f
Update get-control-operation.rst
eodeyemi14 32810f1
Fix grammatical error in get-baseline-operation example
eodeyemi14 c4a30fd
Clean up enable-baseline.rst content
eodeyemi14 98696e8
Simplify update-enabled-baseline example
eodeyemi14 0d8f142
Fix grammatical error in documentation example
eodeyemi14 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| **To create a Control Tower landing zone** | ||
|
|
||
| The following ``create-landing-zone`` example creates AWS Control Tower landing zone. :: | ||
|
|
||
| aws controltower create-landing-zone \ | ||
| --landing-zone-version 3.3 \ | ||
| --manifest "file://LandingZoneManifest.json" | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "arn": "arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5", | ||
| "operationIdentifier": "55XXXXXX-e2XX-41XX-a7XX-446XXXXXXXXX" | ||
| } | ||
|
|
||
| For more information, see `Getting started with AWS Control Tower <https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-with-control-tower.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| **To decommission a landing zone** | ||
|
|
||
| The following ``delete-landing-zone`` example decommissions the AWS Control Tower landing zone. :: | ||
|
|
||
| aws controltower delete-landing-zone \ | ||
| --landing-zone-identifier arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5 | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "operationIdentifier": "47XXXXXX-a6XX-82XX-c9XX-432XXXXXXXXX" | ||
| } | ||
|
|
||
| For more information, see `Decommission an AWS Control Tower landing zone <https://docs.aws.amazon.com/controltower/latest/userguide/decommission-landing-zone.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,14 @@ | ||
| **To disable a Control Tower baseline** | ||
|
|
||
| The following ``disable-baseline`` example disables an AWS Control Tower baseline. :: | ||
|
|
||
| aws controltower disable-baseline \ | ||
| --enabled-baseline-identifier arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2 | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "operationIdentifier": "b33486d7-5396-4ad0-9eae-3a57969fe8cd" | ||
| } | ||
|
|
||
| For more information, see `Types of baselines <https://docs.aws.amazon.com/controltower/latest/userguide/types-of-baselines.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| **To disable a Control Tower control** | ||
|
|
||
| The following ``disable-control`` example disables an AWS Control Tower enabled control. :: | ||
|
|
||
| aws controltower disable-control \ | ||
| --control-identifier arn:aws:controlcatalog:::control/497wrm2xnk1wxlf4obrxxxxxx \ | ||
| --target-identifier arn:aws:organizations::123456789012:ou/o-s64ryxxxxx/ou-oqxx-i5wnxxxx | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "operationIdentifier": "b8f0dxxx-08xx-43xx-a2xx-568e9922xxxx" | ||
| } | ||
|
|
||
| For more information, see `About controls in AWS Control Tower <https://docs.aws.amazon.com/controltower/latest/controlreference/controls.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| **Example 1: To enable a Control Tower baseline that is disabled** | ||
|
|
||
| The following ``enable-baseline`` example enables an AWS Control Tower baseline if baseline ``IdentityCenterBaseline`` is disabled. :: | ||
|
|
||
| aws controltower enable-baseline \ | ||
| --baseline-identifier arn:aws:controltower:us-east-1::baseline/17BSJV3IGJ2QSGA2 \ | ||
| --baseline-version 4.0 \ | ||
| --target-identifier arn:aws:organizations::123456789012:ou/o-s64ryixxxx/ou-oq9f-i5wnxxxx | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "arn": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2", | ||
| "operationIdentifier": "51e190ac-8a37-4f6d-b63c-fb5104b5db38" | ||
| } | ||
|
|
||
| For more information, see `Types of baselines <https://docs.aws.amazon.com/controltower/latest/userguide/types-of-baselines.html>`__ in the *AWS Control Tower User Guide*. | ||
|
|
||
| **Example 2: To enable a Control Tower baseline that is enabled** | ||
|
|
||
| The following ``enable-baseline`` example enables an AWS Control Tower baseline if baseline ``IdentityCenterBaseline`` is enabled. :: | ||
|
|
||
| aws controltower enable-baseline \ | ||
| --baseline-identifier arn:aws:controltower:us-east-1::baseline/17BSJV3IGJ2QSGA2 \ | ||
| --baseline-version 4.0 \ | ||
| --target-identifier arn:aws:organizations::123456789012:ou/o-s64ryixxxx/ou-oqxx-i5wnxxxx \ | ||
| --parameters '[{"key":"IdentityCenterEnabledBaselineArn","value":"arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XAJNZNCBC1I386C7B"}]' | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "arn": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2", | ||
| "operationIdentifier": "51e190ac-8a37-4f6d-b63c-fb5104b5db38" | ||
| } | ||
|
|
||
| For more information, see `Types of baselines <https://docs.aws.amazon.com/controltower/latest/userguide/types-of-baselines.html>`__ in the *AWS Control Tower User Guide*. | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| **To enable a Control Tower control** | ||
|
|
||
| The following ``enable-control`` example enables an AWS Control Tower control. :: | ||
|
|
||
| aws controltower enable-control \ | ||
| --control-identifier arn:aws:controlcatalog:::control/497wrm2xnk1wxlf4obrxxxxxx \ | ||
| --target-identifier arn:aws:organizations::123456789012:ou/o-s64ryxxxxx/ou-oqxx-i5wnxxxx | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "arn": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/18J5KBJ3W3VTIRLV", | ||
| "operationIdentifier": "7691fc5a-de87-4540-8c95-b0aabd56382c" | ||
| } | ||
|
|
||
| For more information, see `About controls in AWS Control Tower <https://docs.aws.amazon.com/controltower/latest/controlreference/controls.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,21 @@ | ||
| **To get a Control Tower baseline operation** | ||
|
|
||
| The following ``get-baseline-operation`` example gets details of an AWS Control Tower baseline operation. :: | ||
|
|
||
| aws controltower get-baseline-operation \ | ||
| --operation-identifier "51e190ac-8a37-4f6d-b63c-fb5104b5db38" | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "baselineOperation": { | ||
| "endTime": "2025-04-17T23:48:46+00:00", | ||
| "operationIdentifier": "51e190ac-8a37-4f6d-b63c-fb5104b5db38", | ||
| "operationType": "ENABLE_BASELINE", | ||
| "startTime": "2025-04-17T23:46:37+00:00", | ||
| "status": "SUCCEEDED", | ||
| "statusMessage": "AWS Control Tower completed the baseline operation successfully." | ||
| } | ||
| } | ||
|
|
||
| For more information, see `Types of baselines <https://docs.aws.amazon.com/controltower/latest/userguide/types-of-baselines.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,16 @@ | ||
| **To get a Control Tower baseline** | ||
|
|
||
| The following ``get-baseline`` example gets details of an AWS Control Tower baseline. :: | ||
|
|
||
| aws controltower get-baseline \ | ||
| --baseline-identifier arn:aws:controltower:us-east-1::baseline/LN25R72TTG6IGPTQ | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "arn": "arn:aws:controltower:us-east-1::baseline/LN25R72TTG6IGPTQ", | ||
| "description": "Sets up shared resources for AWS Identity Center, which prepares the AWSControlTowerBaseline to set up Identity Center access for accounts.", | ||
| "name": "IdentityCenterBaseline" | ||
| } | ||
|
|
||
| For more information, see `Types of baselines <https://docs.aws.amazon.com/controltower/latest/userguide/types-of-baselines.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| **To get Control Tower control operations** | ||
|
|
||
| The following ``get-control-operation`` example gets details of an AWS Control Tower control operation. :: | ||
|
|
||
| aws controltower get-control-operation \ | ||
| --operation-identifier "7691fc5a-de87-4540-8c95-b0aabd56382c" | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "controlOperation": { | ||
| "controlIdentifier": "arn:aws:controlcatalog:::control/497wrm2xnk1wxlf4obrdo7mej", | ||
| "enabledControlIdentifier": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/18J5KBJ3W3VTIRLV", | ||
| "endTime": "2025-04-17T03:08:55+00:00", | ||
| "operationIdentifier": "7691fc5a-de87-4540-8c95-b0aabd56382c", | ||
| "operationType": "ENABLE_CONTROL", | ||
| "startTime": "2025-04-17T03:07:52+00:00", | ||
| "status": "SUCCEEDED", | ||
| "statusMessage": "Operation was successful.", | ||
| "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-s64ryixxxx/ou-oqxx-i5wnxxxx" | ||
| } | ||
| } | ||
|
|
||
| For more information, see `About controls in AWS Control Tower <https://docs.aws.amazon.com/controltower/latest/controlreference/controls.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| **To get a Control Tower enabled baseline** | ||
|
|
||
| The following ``get-enabled-baseline`` example gets details of an AWS Control Tower enabled baseline. :: | ||
|
|
||
| aws controltower get-enabled-baseline \ | ||
| --enabled-baseline-identifier arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2 | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "enabledBaselineDetails": { | ||
| "arn": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XOM12BEL4YD578CQ2", | ||
| "baselineIdentifier": "arn:aws:controltower:us-east-1::baseline/17BSJV3IGJ2QSGA2", | ||
| "baselineVersion": "4.0", | ||
| "parameters": [ | ||
| { | ||
| "key": "IdentityCenterEnabledBaselineArn", | ||
| "value": "arn:aws:controltower:us-east-1:123456789012:enabledbaseline/XAJNZNCBC1I386C7B" | ||
| } | ||
| ], | ||
| "statusSummary": { | ||
| "lastOperationIdentifier": "51e190ac-8a37-4f6d-b63c-fb5104b5db38", | ||
| "status": "SUCCEEDED" | ||
| }, | ||
| "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-3onqfufxxx/ou-g8xx-5kluxxxx" | ||
| } | ||
| } | ||
|
|
||
| For more information, see `Types of baselines <https://docs.aws.amazon.com/controltower/latest/userguide/types-of-baselines.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| **To get a Control Tower enabled control** | ||
|
|
||
| The following ``get-enabled-control`` example gets details of an AWS Control Tower enabled control. :: | ||
|
|
||
| aws controltower get-enabled-control \ | ||
| --enabled-control-identifier arn:aws:controltower:us-east-1:123456789012:enabledcontrol/26RGJRSLXCP1KW8D | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "enabledControlDetails": { | ||
| "arn": "arn:aws:controltower:us-east-1:123456789012:enabledcontrol/26RGJRSLXCP1KW8D", | ||
| "controlIdentifier": "arn:aws:controltower:us-east-1::control/AWS-GR_CLOUDTRAIL_CHANGE_PROHIBITED", | ||
| "driftStatusSummary": { | ||
| "driftStatus": "NOT_CHECKING" | ||
| }, | ||
| "parameters": [], | ||
| "statusSummary": { | ||
| "status": "SUCCEEDED" | ||
| }, | ||
| "targetIdentifier": "arn:aws:organizations::123456789012:ou/o-s64ryixxxx/ou-oqxx-i5wnxxxx", | ||
| "targetRegions": [ | ||
| { | ||
| "name": "ap-south-2" | ||
| }, | ||
| { | ||
| "name": "ap-south-1" | ||
| }, | ||
| { | ||
| "name": "eu-south-1" | ||
| }, | ||
| { | ||
| "name": "us-east-1" | ||
| } | ||
| ] | ||
| } | ||
| } | ||
|
|
||
| For more information, see `About controls in AWS Control Tower <https://docs.aws.amazon.com/controltower/latest/controlreference/controls.html>`__ in the *AWS Control Tower User Guide*. |
19 changes: 19 additions & 0 deletions
19
awscli/examples/controltower/get-landing-zone-operation.rst
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,19 @@ | ||
| **To get a Control Tower landing zone operation** | ||
|
|
||
| The following ``get-landing-zone-operation`` example gets details of an AWS Control Tower landing zone operation. :: | ||
|
|
||
| aws controltower get-landing-zone-operation \ | ||
| --operation-identifier ee9d0d2d-6532-42d8-9b85-3fbb0700a606 | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "operationDetails": { | ||
| "operationIdentifier": "ee9d0d2d-6532-42d8-9b85-3fbb0700xxxx", | ||
| "operationType": "RESET", | ||
| "startTime": "2025-04-17T03:19:33+00:00", | ||
| "status": "IN_PROGRESS" | ||
| } | ||
| } | ||
|
|
||
| For more information, see `Getting started with AWS Control Tower <https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-with-control-tower.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| **To describe a Control Tower landing zone** | ||
|
|
||
| The following ``get-landing-zone`` example gets details of an AWS Control Tower landing zone. :: | ||
|
|
||
| aws controltower get-landing-zone \ | ||
| --landing-zone-identifier arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5 | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "landingZone": { | ||
| "arn": "arn:aws:controltower:us-east-1:123456789012:landingzone/13CJG46WZKXXX4X5", | ||
| "driftStatus": { | ||
| "status": "IN_SYNC" | ||
| }, | ||
| "latestAvailableVersion": "3.3", | ||
| "manifest": { | ||
| "accessManagement": { | ||
| "enabled": true | ||
| }, | ||
| "securityRoles": { | ||
| "accountId": "098765432101" | ||
| }, | ||
| "governedRegions": [ | ||
| "us-east-1", | ||
| "us-west-2" | ||
| ], | ||
| "organizationStructure": { | ||
| "security": { | ||
| "name": "Security" | ||
| } | ||
| }, | ||
| "centralizedLogging": { | ||
| "accountId": "111122223333", | ||
| "configurations": { | ||
| "loggingBucket": { | ||
| "retentionDays": 365 | ||
| }, | ||
| "kmsKeyArn": "arn:aws:kms:us-east-1:123456789012:key/example-key-id", | ||
| "accessLoggingBucket": { | ||
| "retentionDays": 3650 | ||
| } | ||
| }, | ||
| "enabled": true | ||
| } | ||
| }, | ||
| "status": "ACTIVE", | ||
| "version": "3.3" | ||
| } | ||
| } | ||
|
|
||
| For more information, see `Getting started with AWS Control Tower <https://docs.aws.amazon.com/controltower/latest/userguide/getting-started-with-control-tower.html>`__ in the *AWS Control Tower User Guide*. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
| **To list Control Tower baselines** | ||
|
|
||
| The following ``list-baselines`` example lists all available AWS Control Tower baselines. :: | ||
|
|
||
| aws controltower list-baselines | ||
|
|
||
| Output:: | ||
|
|
||
| { | ||
| "baselines": [ | ||
| { | ||
| "arn": "arn:aws:controltower:us-east-1::baseline/4T4HA1KMO10S6311", | ||
| "description": "Sets up resources to monitor security and compliance of accounts in your organization.", | ||
| "name": "AuditBaseline" | ||
| }, | ||
| { | ||
| "arn": "arn:aws:controltower:us-east-1::baseline/J8HX46AHS5MIKQPD", | ||
| "description": "Sets up a central repository for logs of API activities and resource configurations from accounts in your organization.", | ||
| "name": "LogArchiveBaseline" | ||
| }, | ||
| { | ||
| "arn": "arn:aws:controltower:us-east-1::baseline/LN25R72TTG6IGPTQ", | ||
| "description": "Sets up shared resources for AWS Identity Center, which prepares the AWSControlTowerBaseline to set up Identity Center access for accounts.", | ||
| "name": "IdentityCenterBaseline" | ||
| }, | ||
| { | ||
| "arn": "arn:aws:controltower:us-east-1::baseline/17BSJV3IGJ2QSGA2", | ||
| "description": "Sets up resources and mandatory controls for member accounts within the target OU, required for AWS Control Tower governance.", | ||
| "name": "AWSControlTowerBaseline" | ||
| }, | ||
| { | ||
| "arn": "arn:aws:controltower:us-east-1::baseline/3WPD0NA6TJ9AOMU2", | ||
| "description": "Sets up a central AWS Backup vault in your organization.", | ||
| "name": "BackupCentralVaultBaseline" | ||
| }, | ||
| { | ||
| "arn": "arn:aws:controltower:us-east-1::baseline/H6C5JFCJJ3CPU3J5", | ||
| "description": "Sets up AWS Backup Audit Manager.", | ||
| "name": "BackupAdminBaseline" | ||
| }, | ||
| { | ||
| "arn": "arn:aws:controltower:us-east-1::baseline/APO9ATVPBKFRRGLK", | ||
| "description": "Sets up a local AWS Backup vault and attaches multiple AWS Backup plans.", | ||
| "name": "BackupBaseline" | ||
| } | ||
| ] | ||
| } | ||
|
|
||
| For more information, see `Types of baselines <https://docs.aws.amazon.com/controltower/latest/userguide/types-of-baselines.html>`__ in the *AWS Control Tower User Guide*. |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.