aws servicecatalog
AWS Service Catalog AWS Service Catalog enables organizations to create and manage catalogs of IT services that are approved for AWS. To get the most out of this documentation, you should be familiar with the terminology discussed in AWS Service Catalog Concepts
Subcommands
Name | Description |
---|---|
accept-portfolio-share | Accepts an offer to share the specified portfolio |
associate-budget-with-resource | Associates the specified budget with the specified resource |
associate-principal-with-portfolio | Associates the specified principal ARN with the specified portfolio |
associate-product-with-portfolio | Associates the specified product with the specified portfolio. A delegated admin is authorized to invoke this command |
associate-service-action-with-provisioning-artifact | Associates a self-service action with a provisioning artifact |
associate-tag-option-with-resource | Associate the specified TagOption with the specified portfolio or product |
batch-associate-service-action-with-provisioning-artifact | Associates multiple self-service actions with provisioning artifacts |
batch-disassociate-service-action-from-provisioning-artifact | Disassociates a batch of self-service actions from the specified provisioning artifact |
copy-product | Copies the specified source product to the specified target product or a new product. You can copy a product to the same account or another account. You can copy a product to the same region or another region. This operation is performed asynchronously. To track the progress of the operation, use DescribeCopyProductStatus |
create-constraint | Creates a constraint. A delegated admin is authorized to invoke this command |
create-portfolio | Creates a portfolio. A delegated admin is authorized to invoke this command |
create-portfolio-share | Shares the specified portfolio with the specified account or organization node. Shares to an organization node can only be created by the management account of an organization or by a delegated administrator. You can share portfolios to an organization, an organizational unit, or a specific account. Note that if a delegated admin is de-registered, they can no longer create portfolio shares. AWSOrganizationsAccess must be enabled in order to create a portfolio share to an organization node. You can't share a shared resource, including portfolios that contain a shared product. If the portfolio share with the specified account or organization node already exists, this action will have no effect and will not return an error. To update an existing share, you must use the UpdatePortfolioShare API instead |
create-product | Creates a product. A delegated admin is authorized to invoke this command. The user or role that performs this operation must have the cloudformation:GetTemplate IAM policy permission. This policy permission is required when using the ImportFromPhysicalId template source in the information data section |
create-provisioned-product-plan | Creates a plan. A plan includes the list of resources to be created (when provisioning a new product) or modified (when updating a provisioned product) when the plan is executed. You can create one plan per provisioned product. To create a plan for an existing provisioned product, the product status must be AVAILABLE or TAINTED. To view the resource changes in the change set, use DescribeProvisionedProductPlan. To create or modify the provisioned product, use ExecuteProvisionedProductPlan |
create-provisioning-artifact | Creates a provisioning artifact (also known as a version) for the specified product. You cannot create a provisioning artifact for a product that was shared with you. The user or role that performs this operation must have the cloudformation:GetTemplate IAM policy permission. This policy permission is required when using the ImportFromPhysicalId template source in the information data section |
create-service-action | Creates a self-service action |
create-tag-option | Creates a TagOption |
delete-constraint | Deletes the specified constraint. A delegated admin is authorized to invoke this command |
delete-portfolio | Deletes the specified portfolio. You cannot delete a portfolio if it was shared with you or if it has associated products, users, constraints, or shared accounts. A delegated admin is authorized to invoke this command |
delete-portfolio-share | Stops sharing the specified portfolio with the specified account or organization node. Shares to an organization node can only be deleted by the management account of an organization or by a delegated administrator. Note that if a delegated admin is de-registered, portfolio shares created from that account are removed |
delete-product | Deletes the specified product. You cannot delete a product if it was shared with you or is associated with a portfolio. A delegated admin is authorized to invoke this command |
delete-provisioned-product-plan | Deletes the specified plan |
delete-provisioning-artifact | Deletes the specified provisioning artifact (also known as a version) for the specified product. You cannot delete a provisioning artifact associated with a product that was shared with you. You cannot delete the last provisioning artifact for a product, because a product must have at least one provisioning artifact |
delete-service-action | Deletes a self-service action |
delete-tag-option | Deletes the specified TagOption. You cannot delete a TagOption if it is associated with a product or portfolio |
describe-constraint | Gets information about the specified constraint |
describe-copy-product-status | Gets the status of the specified copy product operation |
describe-portfolio | Gets information about the specified portfolio. A delegated admin is authorized to invoke this command |
describe-portfolio-share-status | Gets the status of the specified portfolio share operation. This API can only be called by the management account in the organization or by a delegated admin |
describe-portfolio-shares | Returns a summary of each of the portfolio shares that were created for the specified portfolio. You can use this API to determine which accounts or organizational nodes this portfolio have been shared, whether the recipient entity has imported the share, and whether TagOptions are included with the share. The PortfolioId and Type parameters are both required |
describe-product | Gets information about the specified product |
describe-product-as-admin | Gets information about the specified product. This operation is run with administrator access |
describe-product-view | Gets information about the specified product |
describe-provisioned-product | Gets information about the specified provisioned product |
describe-provisioned-product-plan | Gets information about the resource changes for the specified plan |
describe-provisioning-artifact | Gets information about the specified provisioning artifact (also known as a version) for the specified product |
describe-provisioning-parameters | Gets information about the configuration required to provision the specified product using the specified provisioning artifact. If the output contains a TagOption key with an empty list of values, there is a TagOption conflict for that key. The end user cannot take action to fix the conflict, and launch is not blocked. In subsequent calls to ProvisionProduct, do not include conflicted TagOption keys as tags, or this causes the error "Parameter validation failed: Missing required parameter in Tags[N]:Value". Tag the provisioned product with the value sc-tagoption-conflict-portfolioId-productId |
describe-record | Gets information about the specified request operation. Use this operation after calling a request operation (for example, ProvisionProduct, TerminateProvisionedProduct, or UpdateProvisionedProduct). If a provisioned product was transferred to a new owner using UpdateProvisionedProductProperties, the new owner will be able to describe all past records for that product. The previous owner will no longer be able to describe the records, but will be able to use ListRecordHistory to see the product's history from when he was the owner |
describe-service-action | Describes a self-service action |
describe-service-action-execution-parameters | Finds the default parameters for a specific self-service action on a specific provisioned product and returns a map of the results to the user |
describe-tag-option | Gets information about the specified TagOption |
disable-aws-organizations-access | Disable portfolio sharing through AWS Organizations feature. This feature will not delete your current shares but it will prevent you from creating new shares throughout your organization. Current shares will not be in sync with your organization structure if it changes after calling this API. This API can only be called by the management account in the organization. This API can't be invoked if there are active delegated administrators in the organization. Note that a delegated administrator is not authorized to invoke DisableAWSOrganizationsAccess |
disassociate-budget-from-resource | Disassociates the specified budget from the specified resource |
disassociate-principal-from-portfolio | Disassociates a previously associated principal ARN from a specified portfolio |
disassociate-product-from-portfolio | Disassociates the specified product from the specified portfolio. A delegated admin is authorized to invoke this command |
disassociate-service-action-from-provisioning-artifact | Disassociates the specified self-service action association from the specified provisioning artifact |
disassociate-tag-option-from-resource | Disassociates the specified TagOption from the specified resource |
enable-aws-organizations-access | Enable portfolio sharing feature through AWS Organizations. This API will allow Service Catalog to receive updates on your organization in order to sync your shares with the current structure. This API can only be called by the management account in the organization. By calling this API Service Catalog will make a call to organizations:EnableAWSServiceAccess on your behalf so that your shares can be in sync with any changes in your AWS Organizations structure. Note that a delegated administrator is not authorized to invoke EnableAWSOrganizationsAccess |
execute-provisioned-product-plan | Provisions or modifies a product based on the resource changes for the specified plan |
execute-provisioned-product-service-action | Executes a self-service action against a provisioned product |
get-aws-organizations-access-status | Get the Access Status for AWS Organization portfolio share feature. This API can only be called by the management account in the organization or by a delegated admin |
get-provisioned-product-outputs | This API takes either a ProvisonedProductId or a ProvisionedProductName, along with a list of one or more output keys, and responds with the key/value pairs of those outputs |
import-as-provisioned-product | Requests the import of a resource as a Service Catalog provisioned product that is associated to a Service Catalog product and provisioning artifact. Once imported, all supported Service Catalog governance actions are supported on the provisioned product. Resource import only supports CloudFormation stack ARNs. CloudFormation StackSets and non-root nested stacks are not supported. The CloudFormation stack must have one of the following statuses to be imported: CREATE_COMPLETE, UPDATE_COMPLETE, UPDATE_ROLLBACK_COMPLETE, IMPORT_COMPLETE, IMPORT_ROLLBACK_COMPLETE. Import of the resource requires that the CloudFormation stack template matches the associated Service Catalog product provisioning artifact. The user or role that performs this operation must have the cloudformation:GetTemplate and cloudformation:DescribeStacks IAM policy permissions |
list-accepted-portfolio-shares | Lists all portfolios for which sharing was accepted by this account |
list-budgets-for-resource | Lists all the budgets associated to the specified resource |
list-constraints-for-portfolio | Lists the constraints for the specified portfolio and product |
list-launch-paths | Lists the paths to the specified product. A path is how the user has access to a specified product, and is necessary when provisioning a product. A path also determines the constraints put on the product |
list-organization-portfolio-access | Lists the organization nodes that have access to the specified portfolio. This API can only be called by the management account in the organization or by a delegated admin. If a delegated admin is de-registered, they can no longer perform this operation |
list-portfolio-access | Lists the account IDs that have access to the specified portfolio. A delegated admin can list the accounts that have access to the shared portfolio. Note that if a delegated admin is de-registered, they can no longer perform this operation |
list-portfolios | Lists all portfolios in the catalog |
list-portfolios-for-product | Lists all portfolios that the specified product is associated with |
list-principals-for-portfolio | Lists all principal ARNs associated with the specified portfolio |
list-provisioned-product-plans | Lists the plans for the specified provisioned product or all plans to which the user has access |
list-provisioning-artifacts | Lists all provisioning artifacts (also known as versions) for the specified product |
list-provisioning-artifacts-for-service-action | Lists all provisioning artifacts (also known as versions) for the specified self-service action |
list-record-history | Lists the specified requests or all performed requests |
list-resources-for-tag-option | Lists the resources associated with the specified TagOption |
list-service-actions | Lists all self-service actions |
list-service-actions-for-provisioning-artifact | Returns a paginated list of self-service actions associated with the specified Product ID and Provisioning Artifact ID |
list-stack-instances-for-provisioned-product | Returns summary information about stack instances that are associated with the specified CFN_STACKSET type provisioned product. You can filter for stack instances that are associated with a specific AWS account name or region |
list-tag-options | Lists the specified TagOptions or all TagOptions |
provision-product | Provisions the specified product. A provisioned product is a resourced instance of a product. For example, provisioning a product based on a CloudFormation template launches a CloudFormation stack and its underlying resources. You can check the status of this request using DescribeRecord. If the request contains a tag key with an empty list of values, there is a tag conflict for that key. Do not include conflicted keys as tags, or this causes the error "Parameter validation failed: Missing required parameter in Tags[N]:Value" |
reject-portfolio-share | Rejects an offer to share the specified portfolio |
scan-provisioned-products | Lists the provisioned products that are available (not terminated). To use additional filtering, see SearchProvisionedProducts |
search-products | Gets information about the products to which the caller has access |
search-products-as-admin | Gets information about the products for the specified portfolio or all products |
search-provisioned-products | Gets information about the provisioned products that meet the specified criteria |
terminate-provisioned-product | Terminates the specified provisioned product. This operation does not delete any records associated with the provisioned product. You can check the status of this request using DescribeRecord |
update-constraint | Updates the specified constraint |
update-portfolio | Updates the specified portfolio. You cannot update a product that was shared with you |
update-portfolio-share | Updates the specified portfolio share. You can use this API to enable or disable TagOptions sharing for an existing portfolio share. The portfolio share cannot be updated if the CreatePortfolioShare operation is IN_PROGRESS, as the share is not available to recipient entities. In this case, you must wait for the portfolio share to be COMPLETED. You must provide the accountId or organization node in the input, but not both. If the portfolio is shared to both an external account and an organization node, and both shares need to be updated, you must invoke UpdatePortfolioShare separately for each share type. This API cannot be used for removing the portfolio share. You must use DeletePortfolioShare API for that action |
update-product | Updates the specified product |
update-provisioned-product | Requests updates to the configuration of the specified provisioned product. If there are tags associated with the object, they cannot be updated or added. Depending on the specific updates requested, this operation can update with no interruption, with some interruption, or replace the provisioned product entirely. You can check the status of this request using DescribeRecord |
update-provisioned-product-properties | Requests updates to the properties of the specified provisioned product |
update-provisioning-artifact | Updates the specified provisioning artifact (also known as a version) for the specified product. You cannot update a provisioning artifact for a product that was shared with you |
update-service-action | Updates a self-service action |
update-tag-option | Updates the specified TagOption |
generate | Generate a Service Catalog product or provisioning artifact using a CloudFormation template specified as a local file path |