AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.
[ aws . cloudcontrol ]
Updates the specified property values in the resource.
You specify your resource property updates as a list of patch operations contained in a JSON patch document that adheres to the ` RFC 6902 - JavaScript Object Notation (JSON) Patch https://datatracker.ietf.org/doc/html/rfc6902`__ standard.
For details on how Cloud Control API performs resource update operations, see Updating a resource in the Amazon Web Services Cloud Control API User Guide .
After you have initiated a resource update request, you can monitor the progress of your request by calling GetResourceRequestStatus using the RequestToken
of the ProgressEvent
returned by UpdateResource
.
For more information about the properties of a specific resource, refer to the related topic for the resource in the Resource and property types reference in the CloudFormation Users Guide .
See also: AWS API Documentation
update-resource
--type-name <value>
[--type-version-id <value>]
[--role-arn <value>]
[--client-token <value>]
--identifier <value>
--patch-document <value>
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
--type-name
(string)
The name of the resource type.
--type-version-id
(string)
For private resource types, the type version to use in this resource operation. If you do not specify a resource version, CloudFormation uses the default version.
--role-arn
(string)
The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role for Cloud Control API to use when performing this resource operation. The role specified must have the permissions required for this operation. The necessary permissions for each event handler are defined in the `` handlers `` section of the resource type definition schema .
If you do not specify a role, Cloud Control API uses a temporary session created using your Amazon Web Services user credentials.
For more information, see Specifying credentials in the Amazon Web Services Cloud Control API User Guide .
--client-token
(string)
A unique identifier to ensure the idempotency of the resource request. As a best practice, specify this token to ensure idempotency, so that Amazon Web Services Cloud Control API can accurately distinguish between request retries and new resource requests. You might retry a resource request to ensure that it was successfully received.
A client token is valid for 36 hours once used. After that, a resource request with the same client token is treated as a new request.
If you do not specify a client token, one is generated for inclusion in the request.
For more information, see Ensuring resource operation requests are unique in the Amazon Web Services Cloud Control API User Guide .
--identifier
(string)
The identifier for the resource.
You can specify the primary identifier, or any secondary identifier defined for the resource type in its resource schema. You can only specify one identifier. Primary identifiers can be specified as a string or JSON; secondary identifiers must be specified as JSON.
For compound primary identifiers (that is, one that consists of multiple resource properties strung together), to specify the primary identifier as a string, list the property values in the order they are specified in the primary identifier definition, separated by
|
.For more information, see Identifying resources in the Amazon Web Services Cloud Control API User Guide .
--patch-document
(string)
A JavaScript Object Notation (JSON) document listing the patch operations that represent the updates to apply to the current resource properties. For details, see Composing the patch document in the Amazon Web Services Cloud Control API User Guide .
--cli-input-json
(string)
Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
--debug
(boolean)
Turn on debug logging.
--endpoint-url
(string)
Override command's default URL with the given URL.
--no-verify-ssl
(boolean)
By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.
--no-paginate
(boolean)
Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results.
--output
(string)
The formatting style for command output.
--query
(string)
A JMESPath query to use in filtering the response data.
--profile
(string)
Use a specific profile from your credential file.
--region
(string)
The region to use. Overrides config/env settings.
--version
(string)
Display the version of this tool.
--color
(string)
Turn on/off color output.
--no-sign-request
(boolean)
Do not sign requests. Credentials will not be loaded if this argument is provided.
--ca-bundle
(string)
The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.
--cli-read-timeout
(int)
The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.
--cli-connect-timeout
(int)
The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.
To use the following examples, you must have the AWS CLI installed and configured. See the Getting started guide in the AWS CLI User Guide for more information.
Unless otherwise stated, all examples have unix-like quotation rules. These examples will need to be adapted to your terminal's quoting rules. See Using quotation marks with strings in the AWS CLI User Guide .
To update the properties of an existing resource
The following update-resource
example updates the retention policy of an AWS::Logs::LogGroup resource named ExampleLogGroup to 90 days.
aws cloudcontrol update-resource \
--type-name AWS::Logs::LogGroup \
--identifier ExampleLogGroup \
--patch-document "[{\"op\":\"replace\",\"path\":\"/RetentionInDays\",\"value\":90}]"
Output:
{
"ProgressEvent": {
"EventTime": "2021-08-09T18:17:15.219Z",
"TypeName": "AWS::Logs::LogGroup",
"OperationStatus": "IN_PROGRESS",
"Operation": "UPDATE",
"Identifier": "ExampleLogGroup",
"RequestToken": "5f40c577-3534-4b20-9599-0b0123456789"
}
}
For more information, see Updating a resource in the Cloud Control API User Guide.
ProgressEvent -> (structure)
Represents the current status of the resource update request.
Use the
RequestToken
of theProgressEvent
with GetResourceRequestStatus to return the current status of a resource operation request.TypeName -> (string)
The name of the resource type used in the operation.Identifier -> (string)
The primary identifier for the resource.
Note
In some cases, the resource identifier may be available before the resource operation has reached a status ofSUCCESS
.RequestToken -> (string)
The unique token representing this resource operation request.
Use the
RequestToken
with GetResourceRequestStatus to return the current status of a resource operation request.HooksRequestToken -> (string)
The unique token representing the Hooks operation for the request.Operation -> (string)
The resource operation type.OperationStatus -> (string)
The current status of the resource operation request.
PENDING
: The resource operation hasn't yet started.IN_PROGRESS
: The resource operation is currently in progress.SUCCESS
: The resource operation has successfully completed.FAILED
: The resource operation has failed. Refer to the error code and status message for more information.CANCEL_IN_PROGRESS
: The resource operation is in the process of being canceled.CANCEL_COMPLETE
: The resource operation has been canceled.EventTime -> (timestamp)
When the resource operation request was initiated.ResourceModel -> (string)
A JSON string containing the resource model, consisting of each resource property and its current value.StatusMessage -> (string)
Any message explaining the current status.ErrorCode -> (string)
For requests with a status of
FAILED
, the associated error code.For error code definitions, see Handler error codes in the CloudFormation Command Line Interface User Guide for Extension Development .
RetryAfter -> (timestamp)
When to next request the status of this resource operation request.