aws resource-groups

AWS Resource Groups AWS Resource Groups lets you organize AWS resources such as Amazon EC2 instances, Amazon Relational Database Service databases, and Amazon S3 buckets into groups using criteria that you define as tags. A resource group is a collection of resources that match the resource types specified in a query, and share one or more tags or portions of tags. You can create a group of resources based on their roles in your cloud infrastructure, lifecycle stages, regions, application layers, or virtually any criteria. Resource Groups enable you to automate management tasks, such as those in AWS Systems Manager Automation documents, on tag-related resources in AWS Systems Manager. Groups of tagged resources also let you quickly view a custom console in AWS Systems Manager that shows AWS Config compliance and other monitoring data about member resources. To create a resource group, build a resource query, and specify tags that identify the criteria that members of the group have in common. Tags are key-value pairs. For more information about Resource Groups, see the AWS Resource Groups User Guide. AWS Resource Groups uses a REST-compliant API that you can use to perform the following types of operations. Create, Read, Update, and Delete (CRUD) operations on resource groups and resource query entities Applying, editing, and removing tags from resource groups Resolving resource group member ARNs so they can be returned as search results Getting data about resources that are members of a group Searching AWS resources based on a resource query

Subcommands

NameDescription
create-groupCreates a resource group with the specified name and description. You can optionally include a resource query, or a service configuration. For more information about constructing a resource query, see Create a tag-based group in Resource Groups. For more information about service configurations, see Service configurations for resource groups. Minimum permissions To run this command, you must have the following permissions: resource-groups:CreateGroup
delete-groupDeletes the specified resource group. Deleting a resource group does not delete any resources that are members of the group; it only deletes the group structure. Minimum permissions To run this command, you must have the following permissions: resource-groups:DeleteGroup
get-groupReturns information about a specified resource group. Minimum permissions To run this command, you must have the following permissions: resource-groups:GetGroup
get-group-configurationReturns the service configuration associated with the specified resource group. For details about the service configuration syntax, see Service configurations for resource groups. Minimum permissions To run this command, you must have the following permissions: resource-groups:GetGroupConfiguration
get-group-queryRetrieves the resource query associated with the specified resource group. For more information about resource queries, see Create a tag-based group in Resource Groups. Minimum permissions To run this command, you must have the following permissions: resource-groups:GetGroupQuery
get-tagsReturns a list of tags that are associated with a resource group, specified by an ARN. Minimum permissions To run this command, you must have the following permissions: resource-groups:GetTags
group-resourcesAdds the specified resources to the specified group. Minimum permissions To run this command, you must have the following permissions: resource-groups:GroupResources
list-group-resourcesReturns a list of ARNs of the resources that are members of a specified resource group. Minimum permissions To run this command, you must have the following permissions: resource-groups:ListGroupResources
list-groupsReturns a list of existing resource groups in your account. Minimum permissions To run this command, you must have the following permissions: resource-groups:ListGroups
put-group-configurationAttaches a service configuration to the specified group. This occurs asynchronously, and can take time to complete. You can use GetGroupConfiguration to check the status of the update. Minimum permissions To run this command, you must have the following permissions: resource-groups:PutGroupConfiguration
search-resourcesReturns a list of AWS resource identifiers that matches the specified query. The query uses the same format as a resource query in a CreateGroup or UpdateGroupQuery operation. Minimum permissions To run this command, you must have the following permissions: resource-groups:SearchResources
tagAdds tags to a resource group with the specified ARN. Existing tags on a resource group are not changed if they are not specified in the request parameters. Do not store personally identifiable information (PII) or other confidential or sensitive information in tags. We use tags to provide you with billing and administration services. Tags are not intended to be used for private or sensitive data. Minimum permissions To run this command, you must have the following permissions: resource-groups:Tag
ungroup-resourcesRemoves the specified resources from the specified group. Minimum permissions To run this command, you must have the following permissions: resource-groups:UngroupResources
untagDeletes tags from a specified resource group. Minimum permissions To run this command, you must have the following permissions: resource-groups:Untag
update-groupUpdates the description for an existing group. You cannot update the name of a resource group. Minimum permissions To run this command, you must have the following permissions: resource-groups:UpdateGroup
update-group-queryUpdates the resource query of a group. For more information about resource queries, see Create a tag-based group in Resource Groups. Minimum permissions To run this command, you must have the following permissions: resource-groups:UpdateGroupQuery