diff --git a/.github/workflows/pr-check.yaml b/.github/workflows/pr-check.yaml index 8759b3f..65012c7 100644 --- a/.github/workflows/pr-check.yaml +++ b/.github/workflows/pr-check.yaml @@ -22,15 +22,15 @@ jobs: runs-on: ubuntu-latest if: ${{ needs.get-pulumi-projects.outputs.matrix != '[]' && needs.get-pulumi-projects.outputs.matrix != '' }} strategy: - matrix: + matrix: project: ${{fromJson(needs.get-pulumi-projects.outputs.matrix)}} steps: - uses: actions/checkout@v3 with: submodules: true - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v4 with: - node-version: 14.x + node-version: 16.17.x - uses: actions/setup-go@v2 with: go-version: 1.17.x @@ -39,8 +39,8 @@ jobs: python-version: 3.9 - uses: actions/setup-java@v3 with: - distribution: 'temurin' - java-version: '17' + distribution: "temurin" + java-version: "17" - name: Set up Homebrew id: set-up-homebrew uses: Homebrew/actions/setup-homebrew@master @@ -59,7 +59,7 @@ jobs: upsert: true command: preview stack-name: dev - work-dir: ./${{ matrix.project }} + work-dir: ./${{ matrix.project }} comment-on-pr: false env: PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} @@ -75,7 +75,7 @@ jobs: - name: Setup Hugo uses: peaceiris/actions-hugo@v2 with: - hugo-version: '0.111.3' + hugo-version: "0.111.3" - name: Set up Homebrew id: set-up-homebrew uses: Homebrew/actions/setup-homebrew@master @@ -94,7 +94,7 @@ jobs: - name: Setup Hugo uses: peaceiris/actions-hugo@v2 with: - hugo-version: '0.111.3' + hugo-version: "0.111.3" - name: Set up Homebrew id: set-up-homebrew uses: Homebrew/actions/setup-homebrew@master @@ -120,4 +120,3 @@ jobs: comment-on-pr: true env: PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} - diff --git a/scripts/ci_helper.py b/scripts/ci_helper.py index 0a7af9a..b3a0eff 100644 --- a/scripts/ci_helper.py +++ b/scripts/ci_helper.py @@ -10,10 +10,10 @@ class CIHelper(): """ Helper class for all CI/CD operations. """ - DEFAULT_PROJECT_DIR = "code" + DEFAULT_PROJECT_DIR = "web/code" def __init__(self): - """ Initialize enumera tors. Determine which directories to test. + """ Initialize enumerators. Determine which directories to test. """ self.project_dir = os.getenv("PROJECT_DIR", self.DEFAULT_PROJECT_DIR) self.blacklisted = self._get_ignore_dirs() @@ -71,11 +71,11 @@ def code(): @web.command("has-changed") def changed_web(): - click.echo(CIHelper().dir_changed("web/")) + click.echo(CIHelper().dir_changed("web/content")) @code.command("has-changed") def changed_code(): - click.echo(CIHelper().dir_changed("code/")) + click.echo(CIHelper().dir_changed("web/code")) @code.command("ls") def list_pulumi(): diff --git a/code/can_req/go/README.md b/web/code/can_req/go/README.md similarity index 100% rename from code/can_req/go/README.md rename to web/code/can_req/go/README.md diff --git a/code/can_req/go/request.go b/web/code/can_req/go/request.go similarity index 100% rename from code/can_req/go/request.go rename to web/code/can_req/go/request.go diff --git a/code/can_req/go/signing.go b/web/code/can_req/go/signing.go similarity index 100% rename from code/can_req/go/signing.go rename to web/code/can_req/go/signing.go diff --git a/code/can_req/go/signing_driver.go b/web/code/can_req/go/signing_driver.go similarity index 100% rename from code/can_req/go/signing_driver.go rename to web/code/can_req/go/signing_driver.go diff --git a/code/can_req/js/README.md b/web/code/can_req/js/README.md similarity index 100% rename from code/can_req/js/README.md rename to web/code/can_req/js/README.md diff --git a/code/can_req/js/package.json b/web/code/can_req/js/package.json similarity index 100% rename from code/can_req/js/package.json rename to web/code/can_req/js/package.json diff --git a/code/can_req/js/request.js b/web/code/can_req/js/request.js similarity index 100% rename from code/can_req/js/request.js rename to web/code/can_req/js/request.js diff --git a/code/can_req/js/signing.js b/web/code/can_req/js/signing.js similarity index 100% rename from code/can_req/js/signing.js rename to web/code/can_req/js/signing.js diff --git a/code/can_req/py/README.md b/web/code/can_req/py/README.md similarity index 100% rename from code/can_req/py/README.md rename to web/code/can_req/py/README.md diff --git a/code/can_req/py/__pycache__/signing.cpython-310.pyc b/web/code/can_req/py/__pycache__/signing.cpython-310.pyc similarity index 100% rename from code/can_req/py/__pycache__/signing.cpython-310.pyc rename to web/code/can_req/py/__pycache__/signing.cpython-310.pyc diff --git a/code/can_req/py/request.py b/web/code/can_req/py/request.py similarity index 100% rename from code/can_req/py/request.py rename to web/code/can_req/py/request.py diff --git a/code/can_req/py/requirements.txt b/web/code/can_req/py/requirements.txt similarity index 100% rename from code/can_req/py/requirements.txt rename to web/code/can_req/py/requirements.txt diff --git a/code/can_req/py/signing.py b/web/code/can_req/py/signing.py similarity index 100% rename from code/can_req/py/signing.py rename to web/code/can_req/py/signing.py diff --git a/code/can_req/ts/README.md b/web/code/can_req/ts/README.md similarity index 100% rename from code/can_req/ts/README.md rename to web/code/can_req/ts/README.md diff --git a/code/can_req/ts/request.ts b/web/code/can_req/ts/request.ts similarity index 100% rename from code/can_req/ts/request.ts rename to web/code/can_req/ts/request.ts diff --git a/code/can_req/ts/signing.ts b/web/code/can_req/ts/signing.ts similarity index 100% rename from code/can_req/ts/signing.ts rename to web/code/can_req/ts/signing.ts diff --git a/code/can_req/ts/tsconfig.json b/web/code/can_req/ts/tsconfig.json similarity index 100% rename from code/can_req/ts/tsconfig.json rename to web/code/can_req/ts/tsconfig.json diff --git a/code/containers/docker/images/parent/Dockerfile b/web/code/containers/docker/images/parent/Dockerfile similarity index 100% rename from code/containers/docker/images/parent/Dockerfile rename to web/code/containers/docker/images/parent/Dockerfile diff --git a/code/containers/docker/images/parent/Makefile b/web/code/containers/docker/images/parent/Makefile similarity index 100% rename from code/containers/docker/images/parent/Makefile rename to web/code/containers/docker/images/parent/Makefile diff --git a/code/containers/docker/images/parent/message.txt b/web/code/containers/docker/images/parent/message.txt similarity index 100% rename from code/containers/docker/images/parent/message.txt rename to web/code/containers/docker/images/parent/message.txt diff --git a/code/containers/docker/images/scratch/Dockerfile b/web/code/containers/docker/images/scratch/Dockerfile similarity index 100% rename from code/containers/docker/images/scratch/Dockerfile rename to web/code/containers/docker/images/scratch/Dockerfile diff --git a/code/containers/docker/images/scratch/Makefile b/web/code/containers/docker/images/scratch/Makefile similarity index 100% rename from code/containers/docker/images/scratch/Makefile rename to web/code/containers/docker/images/scratch/Makefile diff --git a/code/containers/docker/images/scratch/README.md b/web/code/containers/docker/images/scratch/README.md similarity index 100% rename from code/containers/docker/images/scratch/README.md rename to web/code/containers/docker/images/scratch/README.md diff --git a/code/containers/docker/images/scratch/go.mod b/web/code/containers/docker/images/scratch/go.mod similarity index 100% rename from code/containers/docker/images/scratch/go.mod rename to web/code/containers/docker/images/scratch/go.mod diff --git a/code/containers/docker/images/scratch/hello b/web/code/containers/docker/images/scratch/hello similarity index 100% rename from code/containers/docker/images/scratch/hello rename to web/code/containers/docker/images/scratch/hello diff --git a/code/containers/docker/images/scratch/main.go b/web/code/containers/docker/images/scratch/main.go similarity index 100% rename from code/containers/docker/images/scratch/main.go rename to web/code/containers/docker/images/scratch/main.go diff --git a/code/containers/docker/overview/Dockerfile b/web/code/containers/docker/overview/Dockerfile similarity index 100% rename from code/containers/docker/overview/Dockerfile rename to web/code/containers/docker/overview/Dockerfile diff --git a/code/containers/docker/overview/Makefile b/web/code/containers/docker/overview/Makefile similarity index 100% rename from code/containers/docker/overview/Makefile rename to web/code/containers/docker/overview/Makefile diff --git a/code/containers/docker/overview/README.md b/web/code/containers/docker/overview/README.md similarity index 100% rename from code/containers/docker/overview/README.md rename to web/code/containers/docker/overview/README.md diff --git a/code/homepage/go/Makefile b/web/code/homepage/go/Makefile similarity index 100% rename from code/homepage/go/Makefile rename to web/code/homepage/go/Makefile diff --git a/code/homepage/go/Pulumi.dev.yaml b/web/code/homepage/go/Pulumi.dev.yaml similarity index 100% rename from code/homepage/go/Pulumi.dev.yaml rename to web/code/homepage/go/Pulumi.dev.yaml diff --git a/code/homepage/go/Pulumi.yaml b/web/code/homepage/go/Pulumi.yaml similarity index 100% rename from code/homepage/go/Pulumi.yaml rename to web/code/homepage/go/Pulumi.yaml diff --git a/code/homepage/go/go.mod b/web/code/homepage/go/go.mod similarity index 100% rename from code/homepage/go/go.mod rename to web/code/homepage/go/go.mod diff --git a/code/homepage/go/go.sum b/web/code/homepage/go/go.sum similarity index 100% rename from code/homepage/go/go.sum rename to web/code/homepage/go/go.sum diff --git a/code/homepage/go/handler/handler b/web/code/homepage/go/handler/handler similarity index 100% rename from code/homepage/go/handler/handler rename to web/code/homepage/go/handler/handler diff --git a/code/homepage/go/handler/handler.go b/web/code/homepage/go/handler/handler.go similarity index 100% rename from code/homepage/go/handler/handler.go rename to web/code/homepage/go/handler/handler.go diff --git a/code/homepage/go/lambda_util.go b/web/code/homepage/go/lambda_util.go similarity index 100% rename from code/homepage/go/lambda_util.go rename to web/code/homepage/go/lambda_util.go diff --git a/code/homepage/go/main.go b/web/code/homepage/go/main.go similarity index 100% rename from code/homepage/go/main.go rename to web/code/homepage/go/main.go diff --git a/code/homepage/js/.gitignore b/web/code/homepage/js/.gitignore similarity index 100% rename from code/homepage/js/.gitignore rename to web/code/homepage/js/.gitignore diff --git a/code/homepage/js/Pulumi.dev.yaml b/web/code/homepage/js/Pulumi.dev.yaml similarity index 100% rename from code/homepage/js/Pulumi.dev.yaml rename to web/code/homepage/js/Pulumi.dev.yaml diff --git a/code/homepage/js/Pulumi.yaml b/web/code/homepage/js/Pulumi.yaml similarity index 100% rename from code/homepage/js/Pulumi.yaml rename to web/code/homepage/js/Pulumi.yaml diff --git a/code/homepage/js/index.js b/web/code/homepage/js/index.js similarity index 100% rename from code/homepage/js/index.js rename to web/code/homepage/js/index.js diff --git a/code/homepage/js/package-lock.json b/web/code/homepage/js/package-lock.json similarity index 100% rename from code/homepage/js/package-lock.json rename to web/code/homepage/js/package-lock.json diff --git a/code/homepage/js/package.json b/web/code/homepage/js/package.json similarity index 100% rename from code/homepage/js/package.json rename to web/code/homepage/js/package.json diff --git a/code/homepage/py/.gitignore b/web/code/homepage/py/.gitignore similarity index 100% rename from code/homepage/py/.gitignore rename to web/code/homepage/py/.gitignore diff --git a/code/homepage/py/Pulumi.dev.yaml b/web/code/homepage/py/Pulumi.dev.yaml similarity index 100% rename from code/homepage/py/Pulumi.dev.yaml rename to web/code/homepage/py/Pulumi.dev.yaml diff --git a/code/homepage/py/Pulumi.yaml b/web/code/homepage/py/Pulumi.yaml similarity index 100% rename from code/homepage/py/Pulumi.yaml rename to web/code/homepage/py/Pulumi.yaml diff --git a/code/homepage/py/__main__.py b/web/code/homepage/py/__main__.py similarity index 100% rename from code/homepage/py/__main__.py rename to web/code/homepage/py/__main__.py diff --git a/code/homepage/py/lambda.py b/web/code/homepage/py/lambda.py similarity index 100% rename from code/homepage/py/lambda.py rename to web/code/homepage/py/lambda.py diff --git a/web/code/homepage/py/lambda.zip b/web/code/homepage/py/lambda.zip new file mode 100644 index 0000000..fb20ea5 Binary files /dev/null and b/web/code/homepage/py/lambda.zip differ diff --git a/code/homepage/py/lambda_util.py b/web/code/homepage/py/lambda_util.py similarity index 100% rename from code/homepage/py/lambda_util.py rename to web/code/homepage/py/lambda_util.py diff --git a/code/homepage/py/requirements.txt b/web/code/homepage/py/requirements.txt similarity index 100% rename from code/homepage/py/requirements.txt rename to web/code/homepage/py/requirements.txt diff --git a/code/homepage/ts/.gitignore b/web/code/homepage/ts/.gitignore similarity index 100% rename from code/homepage/ts/.gitignore rename to web/code/homepage/ts/.gitignore diff --git a/code/homepage/ts/Pulumi.dev.yaml b/web/code/homepage/ts/Pulumi.dev.yaml similarity index 100% rename from code/homepage/ts/Pulumi.dev.yaml rename to web/code/homepage/ts/Pulumi.dev.yaml diff --git a/code/homepage/ts/Pulumi.yaml b/web/code/homepage/ts/Pulumi.yaml similarity index 100% rename from code/homepage/ts/Pulumi.yaml rename to web/code/homepage/ts/Pulumi.yaml diff --git a/code/homepage/ts/index.ts b/web/code/homepage/ts/index.ts similarity index 100% rename from code/homepage/ts/index.ts rename to web/code/homepage/ts/index.ts diff --git a/code/homepage/ts/package-lock.json b/web/code/homepage/ts/package-lock.json similarity index 100% rename from code/homepage/ts/package-lock.json rename to web/code/homepage/ts/package-lock.json diff --git a/code/homepage/ts/package.json b/web/code/homepage/ts/package.json similarity index 100% rename from code/homepage/ts/package.json rename to web/code/homepage/ts/package.json diff --git a/code/homepage/ts/tsconfig.json b/web/code/homepage/ts/tsconfig.json similarity index 100% rename from code/homepage/ts/tsconfig.json rename to web/code/homepage/ts/tsconfig.json diff --git a/code/iam/identities/users/access_credentials/go/Pulumi.dev.yaml b/web/code/iam/identities/users/access_credentials/go/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/access_credentials/go/Pulumi.dev.yaml rename to web/code/iam/identities/users/access_credentials/go/Pulumi.dev.yaml diff --git a/code/iam/identities/users/access_credentials/go/Pulumi.yaml b/web/code/iam/identities/users/access_credentials/go/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/access_credentials/go/Pulumi.yaml rename to web/code/iam/identities/users/access_credentials/go/Pulumi.yaml diff --git a/code/iam/identities/users/access_credentials/go/go.mod b/web/code/iam/identities/users/access_credentials/go/go.mod similarity index 100% rename from code/iam/identities/users/access_credentials/go/go.mod rename to web/code/iam/identities/users/access_credentials/go/go.mod diff --git a/code/iam/identities/users/access_credentials/go/go.sum b/web/code/iam/identities/users/access_credentials/go/go.sum similarity index 100% rename from code/iam/identities/users/access_credentials/go/go.sum rename to web/code/iam/identities/users/access_credentials/go/go.sum diff --git a/code/iam/identities/users/access_credentials/go/main.go b/web/code/iam/identities/users/access_credentials/go/main.go similarity index 100% rename from code/iam/identities/users/access_credentials/go/main.go rename to web/code/iam/identities/users/access_credentials/go/main.go diff --git a/code/iam/identities/users/access_credentials/js/.gitignore b/web/code/iam/identities/users/access_credentials/js/.gitignore similarity index 100% rename from code/iam/identities/users/access_credentials/js/.gitignore rename to web/code/iam/identities/users/access_credentials/js/.gitignore diff --git a/code/iam/identities/users/access_credentials/js/Pulumi.dev.yaml b/web/code/iam/identities/users/access_credentials/js/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/access_credentials/js/Pulumi.dev.yaml rename to web/code/iam/identities/users/access_credentials/js/Pulumi.dev.yaml diff --git a/code/iam/identities/users/access_credentials/js/Pulumi.yaml b/web/code/iam/identities/users/access_credentials/js/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/access_credentials/js/Pulumi.yaml rename to web/code/iam/identities/users/access_credentials/js/Pulumi.yaml diff --git a/code/iam/identities/users/access_credentials/js/index.js b/web/code/iam/identities/users/access_credentials/js/index.js similarity index 100% rename from code/iam/identities/users/access_credentials/js/index.js rename to web/code/iam/identities/users/access_credentials/js/index.js diff --git a/code/iam/identities/users/access_credentials/js/package-lock.json b/web/code/iam/identities/users/access_credentials/js/package-lock.json similarity index 100% rename from code/iam/identities/users/access_credentials/js/package-lock.json rename to web/code/iam/identities/users/access_credentials/js/package-lock.json diff --git a/code/iam/identities/users/access_credentials/js/package.json b/web/code/iam/identities/users/access_credentials/js/package.json similarity index 100% rename from code/iam/identities/users/access_credentials/js/package.json rename to web/code/iam/identities/users/access_credentials/js/package.json diff --git a/code/iam/identities/users/access_credentials/py/.gitignore b/web/code/iam/identities/users/access_credentials/py/.gitignore similarity index 100% rename from code/iam/identities/users/access_credentials/py/.gitignore rename to web/code/iam/identities/users/access_credentials/py/.gitignore diff --git a/code/iam/identities/users/access_credentials/py/Pulumi.dev.yaml b/web/code/iam/identities/users/access_credentials/py/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/access_credentials/py/Pulumi.dev.yaml rename to web/code/iam/identities/users/access_credentials/py/Pulumi.dev.yaml diff --git a/code/iam/identities/users/access_credentials/py/Pulumi.yaml b/web/code/iam/identities/users/access_credentials/py/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/access_credentials/py/Pulumi.yaml rename to web/code/iam/identities/users/access_credentials/py/Pulumi.yaml diff --git a/code/iam/identities/users/access_credentials/py/__main__.py b/web/code/iam/identities/users/access_credentials/py/__main__.py similarity index 100% rename from code/iam/identities/users/access_credentials/py/__main__.py rename to web/code/iam/identities/users/access_credentials/py/__main__.py diff --git a/code/iam/identities/users/access_credentials/py/requirements.txt b/web/code/iam/identities/users/access_credentials/py/requirements.txt similarity index 100% rename from code/iam/identities/users/access_credentials/py/requirements.txt rename to web/code/iam/identities/users/access_credentials/py/requirements.txt diff --git a/code/iam/identities/users/access_credentials/ts/.gitignore b/web/code/iam/identities/users/access_credentials/ts/.gitignore similarity index 100% rename from code/iam/identities/users/access_credentials/ts/.gitignore rename to web/code/iam/identities/users/access_credentials/ts/.gitignore diff --git a/code/iam/identities/users/access_credentials/ts/Pulumi.dev.yaml b/web/code/iam/identities/users/access_credentials/ts/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/access_credentials/ts/Pulumi.dev.yaml rename to web/code/iam/identities/users/access_credentials/ts/Pulumi.dev.yaml diff --git a/code/iam/identities/users/access_credentials/ts/Pulumi.yaml b/web/code/iam/identities/users/access_credentials/ts/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/access_credentials/ts/Pulumi.yaml rename to web/code/iam/identities/users/access_credentials/ts/Pulumi.yaml diff --git a/code/iam/identities/users/access_credentials/ts/index.ts b/web/code/iam/identities/users/access_credentials/ts/index.ts similarity index 100% rename from code/iam/identities/users/access_credentials/ts/index.ts rename to web/code/iam/identities/users/access_credentials/ts/index.ts diff --git a/code/iam/identities/users/access_credentials/ts/package-lock.json b/web/code/iam/identities/users/access_credentials/ts/package-lock.json similarity index 100% rename from code/iam/identities/users/access_credentials/ts/package-lock.json rename to web/code/iam/identities/users/access_credentials/ts/package-lock.json diff --git a/code/iam/identities/users/access_credentials/ts/package.json b/web/code/iam/identities/users/access_credentials/ts/package.json similarity index 100% rename from code/iam/identities/users/access_credentials/ts/package.json rename to web/code/iam/identities/users/access_credentials/ts/package.json diff --git a/code/iam/identities/users/access_credentials/ts/tsconfig.json b/web/code/iam/identities/users/access_credentials/ts/tsconfig.json similarity index 100% rename from code/iam/identities/users/access_credentials/ts/tsconfig.json rename to web/code/iam/identities/users/access_credentials/ts/tsconfig.json diff --git a/code/iam/identities/users/create_user/go/Pulumi.dev.yaml b/web/code/iam/identities/users/create_user/go/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/create_user/go/Pulumi.dev.yaml rename to web/code/iam/identities/users/create_user/go/Pulumi.dev.yaml diff --git a/code/iam/identities/users/create_user/go/Pulumi.yaml b/web/code/iam/identities/users/create_user/go/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/create_user/go/Pulumi.yaml rename to web/code/iam/identities/users/create_user/go/Pulumi.yaml diff --git a/code/iam/identities/users/create_user/go/go.mod b/web/code/iam/identities/users/create_user/go/go.mod similarity index 100% rename from code/iam/identities/users/create_user/go/go.mod rename to web/code/iam/identities/users/create_user/go/go.mod diff --git a/code/iam/identities/users/create_user/go/go.sum b/web/code/iam/identities/users/create_user/go/go.sum similarity index 100% rename from code/iam/identities/users/create_user/go/go.sum rename to web/code/iam/identities/users/create_user/go/go.sum diff --git a/code/iam/identities/users/create_user/go/main.go b/web/code/iam/identities/users/create_user/go/main.go similarity index 100% rename from code/iam/identities/users/create_user/go/main.go rename to web/code/iam/identities/users/create_user/go/main.go diff --git a/code/iam/identities/users/create_user/js/.gitignore b/web/code/iam/identities/users/create_user/js/.gitignore similarity index 100% rename from code/iam/identities/users/create_user/js/.gitignore rename to web/code/iam/identities/users/create_user/js/.gitignore diff --git a/code/iam/identities/users/create_user/js/Pulumi.dev.yaml b/web/code/iam/identities/users/create_user/js/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/create_user/js/Pulumi.dev.yaml rename to web/code/iam/identities/users/create_user/js/Pulumi.dev.yaml diff --git a/code/iam/identities/users/create_user/js/Pulumi.yaml b/web/code/iam/identities/users/create_user/js/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/create_user/js/Pulumi.yaml rename to web/code/iam/identities/users/create_user/js/Pulumi.yaml diff --git a/code/iam/identities/users/create_user/js/index.js b/web/code/iam/identities/users/create_user/js/index.js similarity index 100% rename from code/iam/identities/users/create_user/js/index.js rename to web/code/iam/identities/users/create_user/js/index.js diff --git a/code/iam/identities/users/create_user/js/package-lock.json b/web/code/iam/identities/users/create_user/js/package-lock.json similarity index 100% rename from code/iam/identities/users/create_user/js/package-lock.json rename to web/code/iam/identities/users/create_user/js/package-lock.json diff --git a/code/iam/identities/users/create_user/js/package.json b/web/code/iam/identities/users/create_user/js/package.json similarity index 100% rename from code/iam/identities/users/create_user/js/package.json rename to web/code/iam/identities/users/create_user/js/package.json diff --git a/code/iam/identities/users/create_user/py/.gitignore b/web/code/iam/identities/users/create_user/py/.gitignore similarity index 100% rename from code/iam/identities/users/create_user/py/.gitignore rename to web/code/iam/identities/users/create_user/py/.gitignore diff --git a/code/iam/identities/users/create_user/py/Pulumi.dev.yaml b/web/code/iam/identities/users/create_user/py/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/create_user/py/Pulumi.dev.yaml rename to web/code/iam/identities/users/create_user/py/Pulumi.dev.yaml diff --git a/code/iam/identities/users/create_user/py/Pulumi.yaml b/web/code/iam/identities/users/create_user/py/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/create_user/py/Pulumi.yaml rename to web/code/iam/identities/users/create_user/py/Pulumi.yaml diff --git a/code/iam/identities/users/create_user/py/__main__.py b/web/code/iam/identities/users/create_user/py/__main__.py similarity index 100% rename from code/iam/identities/users/create_user/py/__main__.py rename to web/code/iam/identities/users/create_user/py/__main__.py diff --git a/code/iam/identities/users/create_user/py/requirements.txt b/web/code/iam/identities/users/create_user/py/requirements.txt similarity index 100% rename from code/iam/identities/users/create_user/py/requirements.txt rename to web/code/iam/identities/users/create_user/py/requirements.txt diff --git a/code/iam/identities/users/create_user/ts/.gitignore b/web/code/iam/identities/users/create_user/ts/.gitignore similarity index 100% rename from code/iam/identities/users/create_user/ts/.gitignore rename to web/code/iam/identities/users/create_user/ts/.gitignore diff --git a/code/iam/identities/users/create_user/ts/Pulumi.dev.yaml b/web/code/iam/identities/users/create_user/ts/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/create_user/ts/Pulumi.dev.yaml rename to web/code/iam/identities/users/create_user/ts/Pulumi.dev.yaml diff --git a/code/iam/identities/users/create_user/ts/Pulumi.yaml b/web/code/iam/identities/users/create_user/ts/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/create_user/ts/Pulumi.yaml rename to web/code/iam/identities/users/create_user/ts/Pulumi.yaml diff --git a/code/iam/identities/users/create_user/ts/index.ts b/web/code/iam/identities/users/create_user/ts/index.ts similarity index 100% rename from code/iam/identities/users/create_user/ts/index.ts rename to web/code/iam/identities/users/create_user/ts/index.ts diff --git a/code/iam/identities/users/create_user/ts/package-lock.json b/web/code/iam/identities/users/create_user/ts/package-lock.json similarity index 100% rename from code/iam/identities/users/create_user/ts/package-lock.json rename to web/code/iam/identities/users/create_user/ts/package-lock.json diff --git a/code/iam/identities/users/create_user/ts/package.json b/web/code/iam/identities/users/create_user/ts/package.json similarity index 100% rename from code/iam/identities/users/create_user/ts/package.json rename to web/code/iam/identities/users/create_user/ts/package.json diff --git a/code/iam/identities/users/create_user/ts/tsconfig.json b/web/code/iam/identities/users/create_user/ts/tsconfig.json similarity index 100% rename from code/iam/identities/users/create_user/ts/tsconfig.json rename to web/code/iam/identities/users/create_user/ts/tsconfig.json diff --git a/code/iam/identities/users/paths/go/Pulumi.dev.yaml b/web/code/iam/identities/users/paths/go/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/paths/go/Pulumi.dev.yaml rename to web/code/iam/identities/users/paths/go/Pulumi.dev.yaml diff --git a/code/iam/identities/users/paths/go/Pulumi.yaml b/web/code/iam/identities/users/paths/go/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/paths/go/Pulumi.yaml rename to web/code/iam/identities/users/paths/go/Pulumi.yaml diff --git a/code/iam/identities/users/paths/go/go.mod b/web/code/iam/identities/users/paths/go/go.mod similarity index 100% rename from code/iam/identities/users/paths/go/go.mod rename to web/code/iam/identities/users/paths/go/go.mod diff --git a/code/iam/identities/users/paths/go/go.sum b/web/code/iam/identities/users/paths/go/go.sum similarity index 100% rename from code/iam/identities/users/paths/go/go.sum rename to web/code/iam/identities/users/paths/go/go.sum diff --git a/code/iam/identities/users/paths/go/main.go b/web/code/iam/identities/users/paths/go/main.go similarity index 100% rename from code/iam/identities/users/paths/go/main.go rename to web/code/iam/identities/users/paths/go/main.go diff --git a/code/iam/identities/users/paths/js/.gitignore b/web/code/iam/identities/users/paths/js/.gitignore similarity index 100% rename from code/iam/identities/users/paths/js/.gitignore rename to web/code/iam/identities/users/paths/js/.gitignore diff --git a/code/iam/identities/users/paths/js/Pulumi.dev.yaml b/web/code/iam/identities/users/paths/js/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/paths/js/Pulumi.dev.yaml rename to web/code/iam/identities/users/paths/js/Pulumi.dev.yaml diff --git a/code/iam/identities/users/paths/js/Pulumi.yaml b/web/code/iam/identities/users/paths/js/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/paths/js/Pulumi.yaml rename to web/code/iam/identities/users/paths/js/Pulumi.yaml diff --git a/code/iam/identities/users/paths/js/index.js b/web/code/iam/identities/users/paths/js/index.js similarity index 100% rename from code/iam/identities/users/paths/js/index.js rename to web/code/iam/identities/users/paths/js/index.js diff --git a/code/iam/identities/users/paths/js/package-lock.json b/web/code/iam/identities/users/paths/js/package-lock.json similarity index 100% rename from code/iam/identities/users/paths/js/package-lock.json rename to web/code/iam/identities/users/paths/js/package-lock.json diff --git a/code/iam/identities/users/paths/js/package.json b/web/code/iam/identities/users/paths/js/package.json similarity index 100% rename from code/iam/identities/users/paths/js/package.json rename to web/code/iam/identities/users/paths/js/package.json diff --git a/code/iam/identities/users/paths/py/.gitignore b/web/code/iam/identities/users/paths/py/.gitignore similarity index 100% rename from code/iam/identities/users/paths/py/.gitignore rename to web/code/iam/identities/users/paths/py/.gitignore diff --git a/code/iam/identities/users/paths/py/Pulumi.dev.yaml b/web/code/iam/identities/users/paths/py/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/paths/py/Pulumi.dev.yaml rename to web/code/iam/identities/users/paths/py/Pulumi.dev.yaml diff --git a/code/iam/identities/users/paths/py/Pulumi.yaml b/web/code/iam/identities/users/paths/py/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/paths/py/Pulumi.yaml rename to web/code/iam/identities/users/paths/py/Pulumi.yaml diff --git a/code/iam/identities/users/paths/py/__main__.py b/web/code/iam/identities/users/paths/py/__main__.py similarity index 100% rename from code/iam/identities/users/paths/py/__main__.py rename to web/code/iam/identities/users/paths/py/__main__.py diff --git a/code/iam/identities/users/paths/py/requirements.txt b/web/code/iam/identities/users/paths/py/requirements.txt similarity index 100% rename from code/iam/identities/users/paths/py/requirements.txt rename to web/code/iam/identities/users/paths/py/requirements.txt diff --git a/code/iam/identities/users/paths/ts/.gitignore b/web/code/iam/identities/users/paths/ts/.gitignore similarity index 100% rename from code/iam/identities/users/paths/ts/.gitignore rename to web/code/iam/identities/users/paths/ts/.gitignore diff --git a/code/iam/identities/users/paths/ts/Pulumi.dev.yaml b/web/code/iam/identities/users/paths/ts/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/paths/ts/Pulumi.dev.yaml rename to web/code/iam/identities/users/paths/ts/Pulumi.dev.yaml diff --git a/code/iam/identities/users/paths/ts/Pulumi.yaml b/web/code/iam/identities/users/paths/ts/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/paths/ts/Pulumi.yaml rename to web/code/iam/identities/users/paths/ts/Pulumi.yaml diff --git a/code/iam/identities/users/paths/ts/index.ts b/web/code/iam/identities/users/paths/ts/index.ts similarity index 100% rename from code/iam/identities/users/paths/ts/index.ts rename to web/code/iam/identities/users/paths/ts/index.ts diff --git a/code/iam/identities/users/paths/ts/package-lock.json b/web/code/iam/identities/users/paths/ts/package-lock.json similarity index 100% rename from code/iam/identities/users/paths/ts/package-lock.json rename to web/code/iam/identities/users/paths/ts/package-lock.json diff --git a/code/iam/identities/users/paths/ts/package.json b/web/code/iam/identities/users/paths/ts/package.json similarity index 100% rename from code/iam/identities/users/paths/ts/package.json rename to web/code/iam/identities/users/paths/ts/package.json diff --git a/code/iam/identities/users/paths/ts/tsconfig.json b/web/code/iam/identities/users/paths/ts/tsconfig.json similarity index 100% rename from code/iam/identities/users/paths/ts/tsconfig.json rename to web/code/iam/identities/users/paths/ts/tsconfig.json diff --git a/code/iam/identities/users/user_login_profile/go/Pulumi.dev.yaml b/web/code/iam/identities/users/user_login_profile/go/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/user_login_profile/go/Pulumi.dev.yaml rename to web/code/iam/identities/users/user_login_profile/go/Pulumi.dev.yaml diff --git a/code/iam/identities/users/user_login_profile/go/Pulumi.yaml b/web/code/iam/identities/users/user_login_profile/go/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/user_login_profile/go/Pulumi.yaml rename to web/code/iam/identities/users/user_login_profile/go/Pulumi.yaml diff --git a/code/iam/identities/users/user_login_profile/go/go.mod b/web/code/iam/identities/users/user_login_profile/go/go.mod similarity index 100% rename from code/iam/identities/users/user_login_profile/go/go.mod rename to web/code/iam/identities/users/user_login_profile/go/go.mod diff --git a/code/iam/identities/users/user_login_profile/go/go.sum b/web/code/iam/identities/users/user_login_profile/go/go.sum similarity index 100% rename from code/iam/identities/users/user_login_profile/go/go.sum rename to web/code/iam/identities/users/user_login_profile/go/go.sum diff --git a/code/iam/identities/users/user_login_profile/go/main.go b/web/code/iam/identities/users/user_login_profile/go/main.go similarity index 100% rename from code/iam/identities/users/user_login_profile/go/main.go rename to web/code/iam/identities/users/user_login_profile/go/main.go diff --git a/code/iam/identities/users/user_login_profile/js/.gitignore b/web/code/iam/identities/users/user_login_profile/js/.gitignore similarity index 100% rename from code/iam/identities/users/user_login_profile/js/.gitignore rename to web/code/iam/identities/users/user_login_profile/js/.gitignore diff --git a/code/iam/identities/users/user_login_profile/js/Pulumi.dev.yaml b/web/code/iam/identities/users/user_login_profile/js/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/user_login_profile/js/Pulumi.dev.yaml rename to web/code/iam/identities/users/user_login_profile/js/Pulumi.dev.yaml diff --git a/code/iam/identities/users/user_login_profile/js/Pulumi.yaml b/web/code/iam/identities/users/user_login_profile/js/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/user_login_profile/js/Pulumi.yaml rename to web/code/iam/identities/users/user_login_profile/js/Pulumi.yaml diff --git a/code/iam/identities/users/user_login_profile/js/index.js b/web/code/iam/identities/users/user_login_profile/js/index.js similarity index 100% rename from code/iam/identities/users/user_login_profile/js/index.js rename to web/code/iam/identities/users/user_login_profile/js/index.js diff --git a/code/iam/identities/users/user_login_profile/js/package.json b/web/code/iam/identities/users/user_login_profile/js/package.json similarity index 100% rename from code/iam/identities/users/user_login_profile/js/package.json rename to web/code/iam/identities/users/user_login_profile/js/package.json diff --git a/code/iam/identities/users/user_login_profile/py/.gitignore b/web/code/iam/identities/users/user_login_profile/py/.gitignore similarity index 100% rename from code/iam/identities/users/user_login_profile/py/.gitignore rename to web/code/iam/identities/users/user_login_profile/py/.gitignore diff --git a/code/iam/identities/users/user_login_profile/py/Pulumi.dev.yaml b/web/code/iam/identities/users/user_login_profile/py/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/user_login_profile/py/Pulumi.dev.yaml rename to web/code/iam/identities/users/user_login_profile/py/Pulumi.dev.yaml diff --git a/code/iam/identities/users/user_login_profile/py/Pulumi.yaml b/web/code/iam/identities/users/user_login_profile/py/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/user_login_profile/py/Pulumi.yaml rename to web/code/iam/identities/users/user_login_profile/py/Pulumi.yaml diff --git a/code/iam/identities/users/user_login_profile/py/__main__.py b/web/code/iam/identities/users/user_login_profile/py/__main__.py similarity index 100% rename from code/iam/identities/users/user_login_profile/py/__main__.py rename to web/code/iam/identities/users/user_login_profile/py/__main__.py diff --git a/code/iam/identities/users/user_login_profile/py/requirements.txt b/web/code/iam/identities/users/user_login_profile/py/requirements.txt similarity index 100% rename from code/iam/identities/users/user_login_profile/py/requirements.txt rename to web/code/iam/identities/users/user_login_profile/py/requirements.txt diff --git a/code/iam/identities/users/user_login_profile/ts/.gitignore b/web/code/iam/identities/users/user_login_profile/ts/.gitignore similarity index 100% rename from code/iam/identities/users/user_login_profile/ts/.gitignore rename to web/code/iam/identities/users/user_login_profile/ts/.gitignore diff --git a/code/iam/identities/users/user_login_profile/ts/Pulumi.dev.yaml b/web/code/iam/identities/users/user_login_profile/ts/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/user_login_profile/ts/Pulumi.dev.yaml rename to web/code/iam/identities/users/user_login_profile/ts/Pulumi.dev.yaml diff --git a/code/iam/identities/users/user_login_profile/ts/Pulumi.yaml b/web/code/iam/identities/users/user_login_profile/ts/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/user_login_profile/ts/Pulumi.yaml rename to web/code/iam/identities/users/user_login_profile/ts/Pulumi.yaml diff --git a/code/iam/identities/users/user_login_profile/ts/index.ts b/web/code/iam/identities/users/user_login_profile/ts/index.ts similarity index 100% rename from code/iam/identities/users/user_login_profile/ts/index.ts rename to web/code/iam/identities/users/user_login_profile/ts/index.ts diff --git a/code/iam/identities/users/user_login_profile/ts/package-lock.json b/web/code/iam/identities/users/user_login_profile/ts/package-lock.json similarity index 100% rename from code/iam/identities/users/user_login_profile/ts/package-lock.json rename to web/code/iam/identities/users/user_login_profile/ts/package-lock.json diff --git a/code/iam/identities/users/user_login_profile/ts/package.json b/web/code/iam/identities/users/user_login_profile/ts/package.json similarity index 100% rename from code/iam/identities/users/user_login_profile/ts/package.json rename to web/code/iam/identities/users/user_login_profile/ts/package.json diff --git a/code/iam/identities/users/virtual_mfa_device/go/Pulumi.dev.yaml b/web/code/iam/identities/users/virtual_mfa_device/go/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/go/Pulumi.dev.yaml rename to web/code/iam/identities/users/virtual_mfa_device/go/Pulumi.dev.yaml diff --git a/code/iam/identities/users/virtual_mfa_device/go/Pulumi.yaml b/web/code/iam/identities/users/virtual_mfa_device/go/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/go/Pulumi.yaml rename to web/code/iam/identities/users/virtual_mfa_device/go/Pulumi.yaml diff --git a/code/iam/identities/users/virtual_mfa_device/go/go.mod b/web/code/iam/identities/users/virtual_mfa_device/go/go.mod similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/go/go.mod rename to web/code/iam/identities/users/virtual_mfa_device/go/go.mod diff --git a/code/iam/identities/users/virtual_mfa_device/go/go.sum b/web/code/iam/identities/users/virtual_mfa_device/go/go.sum similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/go/go.sum rename to web/code/iam/identities/users/virtual_mfa_device/go/go.sum diff --git a/code/iam/identities/users/virtual_mfa_device/go/main.go b/web/code/iam/identities/users/virtual_mfa_device/go/main.go similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/go/main.go rename to web/code/iam/identities/users/virtual_mfa_device/go/main.go diff --git a/code/iam/identities/users/virtual_mfa_device/js/.gitignore b/web/code/iam/identities/users/virtual_mfa_device/js/.gitignore similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/js/.gitignore rename to web/code/iam/identities/users/virtual_mfa_device/js/.gitignore diff --git a/code/iam/identities/users/virtual_mfa_device/js/Pulumi.dev.yaml b/web/code/iam/identities/users/virtual_mfa_device/js/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/js/Pulumi.dev.yaml rename to web/code/iam/identities/users/virtual_mfa_device/js/Pulumi.dev.yaml diff --git a/code/iam/identities/users/virtual_mfa_device/js/Pulumi.yaml b/web/code/iam/identities/users/virtual_mfa_device/js/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/js/Pulumi.yaml rename to web/code/iam/identities/users/virtual_mfa_device/js/Pulumi.yaml diff --git a/code/iam/identities/users/virtual_mfa_device/js/index.js b/web/code/iam/identities/users/virtual_mfa_device/js/index.js similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/js/index.js rename to web/code/iam/identities/users/virtual_mfa_device/js/index.js diff --git a/code/iam/identities/users/virtual_mfa_device/js/package.json b/web/code/iam/identities/users/virtual_mfa_device/js/package.json similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/js/package.json rename to web/code/iam/identities/users/virtual_mfa_device/js/package.json diff --git a/code/iam/identities/users/virtual_mfa_device/py/.gitignore b/web/code/iam/identities/users/virtual_mfa_device/py/.gitignore similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/py/.gitignore rename to web/code/iam/identities/users/virtual_mfa_device/py/.gitignore diff --git a/code/iam/identities/users/virtual_mfa_device/py/Pulumi.dev.yaml b/web/code/iam/identities/users/virtual_mfa_device/py/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/py/Pulumi.dev.yaml rename to web/code/iam/identities/users/virtual_mfa_device/py/Pulumi.dev.yaml diff --git a/code/iam/identities/users/virtual_mfa_device/py/Pulumi.yaml b/web/code/iam/identities/users/virtual_mfa_device/py/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/py/Pulumi.yaml rename to web/code/iam/identities/users/virtual_mfa_device/py/Pulumi.yaml diff --git a/code/iam/identities/users/virtual_mfa_device/py/__main__.py b/web/code/iam/identities/users/virtual_mfa_device/py/__main__.py similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/py/__main__.py rename to web/code/iam/identities/users/virtual_mfa_device/py/__main__.py diff --git a/code/iam/identities/users/virtual_mfa_device/py/requirements.txt b/web/code/iam/identities/users/virtual_mfa_device/py/requirements.txt similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/py/requirements.txt rename to web/code/iam/identities/users/virtual_mfa_device/py/requirements.txt diff --git a/code/iam/identities/users/virtual_mfa_device/ts/.gitignore b/web/code/iam/identities/users/virtual_mfa_device/ts/.gitignore similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/ts/.gitignore rename to web/code/iam/identities/users/virtual_mfa_device/ts/.gitignore diff --git a/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.dev.yaml b/web/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.dev.yaml similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/ts/Pulumi.dev.yaml rename to web/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.dev.yaml diff --git a/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.yaml b/web/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.yaml similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/ts/Pulumi.yaml rename to web/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.yaml diff --git a/code/iam/identities/users/virtual_mfa_device/ts/index.ts b/web/code/iam/identities/users/virtual_mfa_device/ts/index.ts similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/ts/index.ts rename to web/code/iam/identities/users/virtual_mfa_device/ts/index.ts diff --git a/code/iam/identities/users/virtual_mfa_device/ts/package-lock.json b/web/code/iam/identities/users/virtual_mfa_device/ts/package-lock.json similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/ts/package-lock.json rename to web/code/iam/identities/users/virtual_mfa_device/ts/package-lock.json diff --git a/code/iam/identities/users/virtual_mfa_device/ts/package.json b/web/code/iam/identities/users/virtual_mfa_device/ts/package.json similarity index 100% rename from code/iam/identities/users/virtual_mfa_device/ts/package.json rename to web/code/iam/identities/users/virtual_mfa_device/ts/package.json diff --git a/code/s3/cli/create_bucket.sh b/web/code/s3/cli/create_bucket.sh similarity index 100% rename from code/s3/cli/create_bucket.sh rename to web/code/s3/cli/create_bucket.sh diff --git a/code/s3/cli/delete_bucket.sh b/web/code/s3/cli/delete_bucket.sh similarity index 100% rename from code/s3/cli/delete_bucket.sh rename to web/code/s3/cli/delete_bucket.sh diff --git a/code/s3/cli/put_msg.sh b/web/code/s3/cli/put_msg.sh similarity index 100% rename from code/s3/cli/put_msg.sh rename to web/code/s3/cli/put_msg.sh diff --git a/web/content/_index.md b/web/content/_index.md index 7cc03e4..2758ef4 100644 --- a/web/content/_index.md +++ b/web/content/_index.md @@ -17,53 +17,27 @@ For instance, the below example demonstrates developing and deploying a serverle {{< tab name="Typescript" >}} {{< tabs >}} {{% tab name="Provision" %}} + ``` pulumi up -y ``` + {{% /tab %}} {{% tab name="Teardown" %}} + ``` pulumi destroy -y ``` + {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="index.ts" %}} -```ts -// homepage/ts/index.ts - -import * as aws from "@pulumi/aws"; -import * as awsx from "@pulumi/awsx"; - -const payload = - ''; - -// Provision an API Gateway instance. -const api = new awsx.classic.apigateway.API("serverless-party-parrot", { - routes: [ - { - // Define an HTTP endpoint. - path: "/", - method: "GET", - // Create a Lambda function that will be triggered upon accessing this endpoint. - eventHandler: new aws.lambda.CallbackFunction("handler", { - callback: async (event) => { - // Cry havoc and let slip the parrots of war. - return { - statusCode: 200, - headers: { "Content-Type": "text/html" }, - body: payload, - }; - }, - }), - }, - ], -}); - -// The URL of the deployed serverless webpage. -export const url = api.url; +```ts +{{% include file="code\homepage\ts\index.ts" %}} ``` + {{% /tab %}} {{< /tabs >}} {{% button href="https://app.pulumi.com/new?template=https://github.com/MichaelStott/tech-squawks/tree/main/code/homepage/ts" icon="rocket" %}}Deploy{{% /button %}} @@ -73,54 +47,27 @@ export const url = api.url; {{< tab name="Javascript" >}} {{< tabs >}} {{% tab name="Provision" %}} + ``` pulumi up -y ``` + {{% /tab %}} {{% tab name="Teardown" %}} + ``` pulumi destroy -y ``` + {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="index.js" %}} -```js -// homepage/js/index.js - -"use strict"; -const aws = require("@pulumi/aws"); -const awsx = require("@pulumi/awsx"); - -const payload = - ''; - -// Provision an API Gateway instance. -const api = new awsx.classic.apigateway.API("serverless-party-parrot", { - routes: [ - { - // Define an HTTP endpoint. - path: "/", - method: "GET", - // Create a Lambda function that will be triggered upon accessing this endpoint. - eventHandler: new aws.lambda.CallbackFunction("handler", { - callback: async (event) => { - // Cry havoc and let slip the parrots of war. - return { - statusCode: 200, - headers: { "Content-Type": "text/html" }, - body: payload, - }; - }, - }), - }, - ], -}); - -// The URL of the deployed serverless webpage. -exports.url = api.url; +```js +{{% include file="code\homepage\js\index.js" %}} ``` + {{% /tab %}} {{< /tabs >}} {{% button href="https://app.pulumi.com/new?template=https://github.com/MichaelStott/tech-squawks/tree/main/code/homepage/js" icon="rocket" %}}Deploy{{% /button %}} @@ -130,130 +77,41 @@ exports.url = api.url; {{< tab name="Python" >}} {{< tabs >}} {{% tab name="Provision" %}} + ``` pulumi up -y ``` + {{% /tab %}} {{% tab name="Teardown" %}} + ``` pulumi destroy -y ``` + {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="__main__.py" %}} -```py -# homepage/py/__main__.py - -import pulumi -import pulumi_aws - -from lambda_util import create_python_lambda - -LAMBDA_SOURCE = "lambda.py" -LAMBDA_PACKAGE = "lambda" -LAMBDA_VERSION = "1.0.0" - -# Provision Lambda function which will be invoked upon an http request. -lambda_function = create_python_lambda(LAMBDA_PACKAGE, LAMBDA_SOURCE, LAMBDA_VERSION) - -# Give API Gateway permissions to invoke the Lambda -lambda_permission = pulumi_aws.lambda_.Permission( - "lambdaPermission", - action="lambda:InvokeFunction", - principal="apigateway.amazonaws.com", - function=lambda_function, -) - -# Set up the API Gateway -apigw = pulumi_aws.apigatewayv2.Api( - "httpApiGateway", - protocol_type="HTTP", - route_key="GET /", - target=lambda_function.invoke_arn, -) - -# Export the API endpoint for easy access -pulumi.export("url", apigw.api_endpoint) -pulumi.export("invoke_arn", lambda_function.name) +```py +{{% include file="code\homepage\py\__main__.py" %}} ``` + {{% /tab %}} {{% tab name="lambda.py" %}} -```py -# homepage/py/lambda.py - -# Define handler logic and Lambda function -def handler(event, context): - return { - "statusCode": 200, - "headers": {"Content-Type": "text/html"}, - "body": '', - } +```py +{{% include file="code\homepage\py\lambda.py" %}} ``` + {{% /tab %}} {{% tab name="lambda_util.py" %}} -```py -# homepage/py/lambda_util.py - -import json, mimetypes, shutil, os -import pulumi_aws as aws -from pulumi_aws import lambda_, s3 -from pulumi import FileAsset - -lambda_role = aws.iam.Role( - "apiGatewayLambdaRole", - assume_role_policy=json.dumps( - { - "Version": "2012-10-17", - "Statement": [ - { - "Action": "sts:AssumeRole", - "Principal": { - "Service": "lambda.amazonaws.com", - }, - "Effect": "Allow", - "Sid": "", - } - ], - } - ), -) -role_policy_attachment = aws.iam.RolePolicyAttachment( - "lambdaRoleAttachment", - role=lambda_role, - policy_arn=aws.iam.ManagedPolicy.AWS_LAMBDA_BASIC_EXECUTION_ROLE, -) - - -def create_python_lambda(package, source, version, bucket_name="ts-test-lambda-py"): - """Uploads handler project to S3 and returns S3 object.""" - shutil.make_archive(package, "zip", ".", source) - - # Create an AWS resource (S3 Bucket)c - bucket = s3.Bucket(bucket_name) - package += ".zip" - mime_type, _ = mimetypes.guess_type(package) - obj = s3.BucketObject( - version + "/" + package, - bucket=bucket.id, - source=FileAsset(package), - content_type=mime_type, - ) - - lambda_function = lambda_.Function( - "ServerlessExample", - s3_bucket=bucket.id, - s3_key=obj.key, - handler="lambda.handler", - runtime="python3.7", - role=lambda_role.arn, - ) - - return lambda_function +```py +{{% include file="code\homepage\py\lambda_util.py" %}} ``` + {{% /tab %}} {{< /tabs >}} {{% button href="https://app.pulumi.com/new?template=https://github.com/MichaelStott/tech-squawks/tree/main/code/homepage/py" icon="rocket" %}}Deploy{{% /button %}} @@ -263,246 +121,41 @@ def create_python_lambda(package, source, version, bucket_name="ts-test-lambda-p {{< tab name="Go" >}} {{< tabs >}} {{% tab name="Provision" %}} + ``` pulumi up -y ``` + {{% /tab %}} {{% tab name="Teardown" %}} + ``` pulumi destroy -y ``` + {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="main.go" %}} -```go -// homepage/go/main.go - -ackage main - -import ( - "github.com/pulumi/pulumi-aws/sdk/v5/go/aws/apigatewayv2" - "github.com/pulumi/pulumi/sdk/v3/go/pulumi" -) - -func main() { - pulumi.Run(func(ctx *pulumi.Context) error { - // Create lambda function that will return HTML. - lambda, err := CreateGoLambda(ctx) - if err != nil { - panic(err) - } - - // Provision API Gateway instance to invoke Lambda - api, err := apigatewayv2.NewApi(ctx, - "serverless-parrot-demo-gov2", - &apigatewayv2.ApiArgs{ - ProtocolType: pulumi.String("HTTP"), - RouteKey: pulumi.String("GET /"), - Target: lambda.InvokeArn, - }, - nil, - ) - - ctx.Export("url", api.ApiEndpoint) - - return nil - }) -} +```go +{{% include file="code\homepage\go\main.go" %}} ``` + {{% /tab %}} {{% tab name="handler.go" %}} -```go -// homepage/go/handler/handler.go - -ackage main - -import ( - "github.com/aws/aws-lambda-go/events" - "github.com/aws/aws-lambda-go/lambda" -) - -// handler is a simple function that takes a string and does a ToUpper. -func handler(request events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse, error) { - return events.APIGatewayProxyResponse{ - StatusCode: 200, - Headers: map[string]string{ - "Content-Type": "text/html", - }, - Body: "", - }, nil -} - -func main() { - lambda.Start(handler) -} +```go +{{% include file="code\homepage\go\handler\handler.go" %}} ``` + {{% /tab %}} {{% tab name="lambda_util.go" %}} -```go -// homepage/go/lambda_util.go - -ackage main - -import ( - "archive/zip" - "encoding/json" - "io" - "os" - "path/filepath" - - "github.com/gabriel-vasile/mimetype" - "github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam" - "github.com/pulumi/pulumi-aws/sdk/v4/go/aws/s3" - "github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda" - "github.com/pulumi/pulumi/sdk/v3/go/pulumi" -) - -func zipSource(source, target string) error { - // 1. Create a ZIP file and zip.Writer - f, err := os.Create(target) - if err != nil { - return err - } - defer f.Close() - - writer := zip.NewWriter(f) - defer writer.Close() - - // 2. Go through all the files of the source - return filepath.Walk(source, func(path string, info os.FileInfo, err error) error { - if err != nil { - return err - } - - // 3. Create a local file header - header, err := zip.FileInfoHeader(info) - if err != nil { - return err - } - - // set compression - header.Method = zip.Deflate - - // 4. Set relative path of a file as the header name - header.Name, err = filepath.Rel(filepath.Dir(source), path) - if err != nil { - return err - } - if info.IsDir() { - header.Name += "/" - } - - // 5. Create writer for the file header and save content of the file - headerWriter, err := writer.CreateHeader(header) - if err != nil { - return err - } - - if info.IsDir() { - return nil - } - - f, err := os.Open(path) - if err != nil { - return err - } - defer f.Close() - - _, err = io.Copy(headerWriter, f) - return err - }) -} - -func CreateLambdaRole(ctx *pulumi.Context) (*iam.Role, error) { - tmpJSON0, err := json.Marshal(map[string]interface{}{ - "Version": "2012-10-17", - "Statement": []map[string]interface{}{ - map[string]interface{}{ - "Action": "sts:AssumeRole", - "Effect": "Allow", - "Sid": "", - "Principal": map[string]interface{}{ - "Service": "lambda.amazonaws.com", - }, - }, - }, - }) - if err != nil { - return nil, err - } - json0 := string(tmpJSON0) - lambdaRole, err := iam.NewRole(ctx, "lambdaRole", &iam.RoleArgs{ - AssumeRolePolicy: pulumi.String(json0), - }) - if err != nil { - return nil, err - } - _, err = iam.NewRolePolicyAttachment(ctx, "lambdaRoleAttach", &iam.RolePolicyAttachmentArgs{ - Role: lambdaRole.Name, - PolicyArn: iam.ManagedPolicyIAMReadOnlyAccess, - }) - if err != nil { - return nil, err - } - return lambdaRole, nil -} - -func CreateGoLambda(ctx *pulumi.Context) (*lambda.Function, error) { - // Package lambda function. - err := zipSource("handler/handler", "handler.zip") - if err != nil { - return nil, err - } - - // Allow API Gateway to invoke Lambda functions. - role, err := CreateLambdaRole(ctx) - if err != nil { - return nil, err - } - - // Provision bucket for uploading Lambda handler. - bucket, err := s3.NewBucket(ctx, "ts-test-bucket-go", nil) - if err != nil { - return nil, err - } - - // Upload handler to S3 bucket. - mtype, err := mimetype.DetectFile("./handler.zip") - if err != nil { - return nil, err - } - obj, err := s3.NewBucketObject(ctx, "1.0.0/handler.zip", &s3.BucketObjectArgs{ - Bucket: bucket.ID(), - Source: pulumi.NewFileAsset("./handler.zip"), - ContentType: pulumi.String(mtype.String()), - }) - - // Create and return lambda function - function, err := lambda.NewFunction( - ctx, "lambdaAPIGatewayFunction", &lambda.FunctionArgs{ - S3Bucket: bucket.ID(), - S3Key: obj.Key, - Runtime: pulumi.String("go1.x"), - Handler: pulumi.String("handler"), - Role: role.Arn, - }, - nil, - ) - - lambda.NewPermission(ctx, "lambdaPermission", &lambda.PermissionArgs{ - Action: pulumi.String("lambda:InvokeFunction"), - Principal: pulumi.String("apigateway.amazonaws.com"), - Function: function, - }) - - // Enable API Gateway to invoke the Lambda - return function, err -} +```go +{{% include file="code\homepage\go\lambda_util.go" %}} ``` + {{% /tab %}} {{< /tabs >}} {{% button href="https://app.pulumi.com/new?template=https://github.com/MichaelStott/tech-squawks/tree/main/code/homepage/go" icon="rocket" %}}Deploy{{% /button %}} @@ -511,19 +164,20 @@ func CreateGoLambda(ctx *pulumi.Context) (*lambda.Function, error) { {{< /tab >}} {{< /tabs >}} **Stack Outputs** + ``` Outputs: invoke_arn: "ServerlessExample-93b31c3" url : "https://pu00gu5pmg.execute-api.us-east-1.amazonaws.com" ``` -The exported URL will display the following image in your web browser: +The exported URL will display the following image in your web browser: ![squawk](https://cultofthepartyparrot.com/parrots/hd/revolutionparrot.gif) ### Local Development -In an effort to make these tutorials accessible to those without cloud access and minimize costs, examples are designed +In an effort to make these tutorials accessible to those without cloud access and minimize costs, examples are designed to support local execution, using technologies such as [LocalStack](https://localstack.cloud/), [Cloud Code](https://cloud.google.com/code), [Kind](https://kind.sigs.k8s.io/), etc., whenever possible. ### Study Aid diff --git a/web/content/cloud_computing/aws/canonical_requests/signing.md b/web/content/cloud_computing/aws/canonical_requests/signing.md index e1e4414..a353c0f 100644 --- a/web/content/cloud_computing/aws/canonical_requests/signing.md +++ b/web/content/cloud_computing/aws/canonical_requests/signing.md @@ -17,35 +17,41 @@ The version 4 signing process consists of the following steps and components[^2] 1. Creating the _credential scope_: This value restricts the request to the target service and region and is of the following format: `TIMESTAMP/REGION/SERVICE/SIGNING_VERSION` where the timestamp value is of form _YYYYMMDD_. 2. Generate the target string to sign: This consists of the signing algorithm used to produce the signature (AWS4-HMAC-SHA256), the Amzaon-formatted request timestamp (i.e. _YYYYMMDDHHMMSSZ_), the previously produced credential scope, and a hash of the canonical requests string, all separated by newline characters: -{{< tabs groupId="pseudo" >}} -{{% tab name="Pseudocode" %}} + {{< tabs groupId="pseudo" >}} + {{% tab name="Pseudocode" %}} + ``` signatureString = SIGNING_ALGORITHM + "\n" + -AMAZON_DATE_TIMESTAMP + "\n" + -CREDENTIAL_SCOPE + "\n" + +AMAZON_DATE_TIMESTAMP + "\n" + +CREDENTIAL_SCOPE + "\n" + SHA256(CANONICAL_REQUEST_STRING) ``` + {{% /tab %}} {{< /tabs >}} 3. Create the signature key: The _signature key_, used to sign the request string, is derived from the AWS secret key, Amazon-formatted request timestamp, region, and service. The following Pseudocode illustrates this process: -{{< tabs groupId="pseudo" >}} -{{% tab name="Pseudocode" %}} + {{< tabs groupId="pseudo" >}} + {{% tab name="Pseudocode" %}} + ``` kDate = hash("AWS4" + Key, Date) kRegion = hash(kDate, Region) kService = hash(kRegion, Service) signatureKey = hash(kService, "aws4_request") ``` + {{% /tab %}} {{< /tabs >}} 4. Sign the previously generated signature string with the signature key and encode the hexadecimal representation. -{{< tabs groupId="pseudo" >}} -{{% tab name="Pseudocode" %}} + {{< tabs groupId="pseudo" >}} + {{% tab name="Pseudocode" %}} + ``` signature = hexEncode(hash(signatureKey, signatureString)) ``` + {{% /tab %}} {{< /tabs >}} @@ -57,110 +63,20 @@ Below provides a concrete example for generating a version 4 signature from an a {{< tab name="Typescript" >}} {{< tabs >}} {{% tab name="Execution" %}} + ``` ts-node signing.ts $AWS_SECRET_KEY us-west-1 ssm "Hello World!" ``` + {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="signing.ts" %}} -```ts -// can_req/ts/signing.ts - -import * as crypto from "crypto"; - -const SIGNING_ALGORITHM = "AWS4-HMAC-SHA256"; - -export function getTimestamps(): [string, string] { - const now = new Date(); - const year = now.getUTCFullYear(); - const month = String(now.getUTCMonth() + 1).padStart(2, "0"); - const day = String(now.getUTCDate()).padStart(2, "0"); - const hours = String(now.getUTCHours()).padStart(2, "0"); - const minutes = String(now.getUTCMinutes()).padStart(2, "0"); - const seconds = String(now.getUTCSeconds()).padStart(2, "0"); - - const amzTimestamp = `${year}${month}${day}T${hours}${minutes}${seconds}Z`; - const reqTimestamp = `${year}${month}${day}`; - return [amzTimestamp, reqTimestamp]; -} - -export function getCredentialScope( - reqTimestamp: string, - region: string, - service: string -): string { - return `${reqTimestamp}/${region}/${service}/aws4_request`; -} - -export function getStringToSign( - amzTimestamp: string, - scope: string, - message: string -): string { - return [ - SIGNING_ALGORITHM, - amzTimestamp, - scope, - computeSHA256SignatureHash(message), - ].join("\n"); -} - -export function sign(key: Buffer, message: Buffer): Buffer { - return crypto.createHmac("SHA256", key).update(message).digest(); -} - -export function signHex(key: Buffer, message: Buffer): string { - return crypto.createHmac("SHA256", key).update(message).digest("hex"); -} - -export function computeSHA256SignatureHash(input: string): string { - return crypto.createHash("SHA256").update(input).digest("hex"); -} - -export function getAWS4SignatureKey( - key: string, - reqTimestamp: string, - region: string, - service: string -): Buffer { - const kDate = sign(Buffer.from("AWS4" + key), Buffer.from(reqTimestamp)); - const kRegion = sign(kDate, Buffer.from(region)); - const kService = sign(kRegion, Buffer.from(service)); - const kSigning = sign(kService, Buffer.from("aws4_request")); - return kSigning; -} - -if (require.main === module) { - // Get user input - const secretKey = process.argv[2]; - const region = process.argv[3]; - const service = process.argv[4]; - const userInput = process.argv[5]; - - // Get the required timestamp strings - let [amzTimestamp, reqTimestamp] = getTimestamps(); - console.log("Amazon Timestamp: " + amzTimestamp); - console.log("Requset Timestamp: " + reqTimestamp); - - // Get the scope of the request (the timestamp and the target service) - const scope = getCredentialScope(reqTimestamp, region, service); - console.log("Credential Scope: " + scope); - - // Get the AWS v4 signing key - const key = getAWS4SignatureKey(secretKey, reqTimestamp, region, service); - console.log("Signing Key: " + key.toString("hex")); - - // Prepare string value to sign from user input - const stringToSign = getStringToSign(amzTimestamp, scope, userInput); - console.log("String to sign: " + JSON.stringify(stringToSign)); - - // Sign and output user string - const signature = signHex(key, Buffer.from(stringToSign)); - console.log("Signed String: " + signature); -} +```ts +{{% include file="code\can_req\ts\signing.ts" %}} ``` + {{% /tab %}} {{< /tabs >}} {{% button href="https://github.com/MichaelStott/tech-squawks/tree/main/code/can_req/ts" icon="code" %}}Repository{{% /button %}} @@ -169,112 +85,20 @@ if (require.main === module) { {{< tab name="Javascript" >}} {{< tabs >}} {{% tab name="Execution" %}} + ``` node signing.js $AWS_SECRET_KEY us-west-1 ssm "Hello World!" ``` + {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="signing.js" %}} -```js -// can_req/js/signing.js - -var crypto = require("crypto"); - -const SIGNING_ALGORITHM = "AWS4-HMAC-SHA256"; - -function getTimestamps() { - const now = new Date(); - const year = now.getUTCFullYear(); - const month = String(now.getUTCMonth() + 1).padStart(2, "0"); - const day = String(now.getUTCDate()).padStart(2, "0"); - const hours = String(now.getUTCHours()).padStart(2, "0"); - const minutes = String(now.getUTCMinutes()).padStart(2, "0"); - const seconds = String(now.getUTCSeconds()).padStart(2, "0"); - - const amzTimestamp = `${year}${month}${day}T${hours}${minutes}${seconds}Z`; - const reqTimestamp = `${year}${month}${day}`; - return [amzTimestamp, reqTimestamp]; -} - -function getCredentialScope(reqTimestamp, region, service) { - return `${reqTimestamp}/${region}/${service}/aws4_request`; -} - -function getStringToSign(amzTimestamp, scope, message) { - return [ - SIGNING_ALGORITHM, - amzTimestamp, - scope, - computeSHA256SignatureHash(message), - ].join("\n"); -} - -function sign(key, msg) { - return crypto - .createHmac("SHA256", key) - .update(Buffer.from(msg, "utf-8")) - .digest(); -} - -function signHex(key, msg) { - return crypto.createHmac("SHA256", key).update(msg).digest("hex"); -} - -function computeSHA256SignatureHash(input) { - return crypto - .createHash("SHA256") - .update(Buffer.from(input, "utf-8")) - .digest("hex"); -} - -function getAWS4SignatureKey(key, reqTimestamp, region, service) { - const kDate = sign(Buffer.from("AWS4" + key, "utf-8"), reqTimestamp); - const kRegion = sign(kDate, region); - const kService = sign(kRegion, service); - const kSigning = sign(kService, "aws4_request"); - return kSigning; -} - -if (require.main === module) { - // Get user input - const secretKey = process.argv[2]; - const region = process.argv[3]; - const service = process.argv[4]; - const userInput = process.argv[5]; - - // Get the required timestamp strings - [amzTimestamp, reqTimestamp] = getTimestamps(); - console.log("Amazon Timestamp: " + amzTimestamp); - console.log("Request Timestamp: " + reqTimestamp); - - // Get the scope of the request (the timestamp and the target service) - const scope = getCredentialScope(reqTimestamp, region, service); - console.log("Credential Scope: " + scope); - - // Get the AWS v4 signing key - const key = getAWS4SignatureKey(secretKey, reqTimestamp, region, service); - console.log("Signing Key: " + key.toString("hex")); - - // Prepare string value to sign from user input - const stringToSign = getStringToSign(amzTimestamp, scope, userInput); - console.log("String to sign: " + JSON.stringify(stringToSign)); - - // Sign and output user string - const signature = signHex(key, stringToSign); - console.log("Signed String: " + signature); -} - -module.exports = { - getTimestamps, - getCredentialScope, - computeSHA256SignatureHash, - getAWS4SignatureKey, - getStringToSign, - signHex, -}; +```js +{{% include file="code\can_req\js\signing.js" %}} ``` + {{% /tab %}} {{< /tabs >}} {{% button href="https://github.com/MichaelStott/tech-squawks/tree/main/code/can_req/js" icon="code" %}}Repository{{% /button %}} @@ -283,94 +107,20 @@ module.exports = { {{< tab name="Python" >}} {{< tabs >}} {{% tab name="Execution" %}} + ``` python3 signing.py $AWS_SECRET_KEY us-west-1 ssm "Hello World!" ``` + {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="signing.py" %}} -```py -# can_req/py/signing.py - -import base64, datetime, hashlib, hmac, json, sys - -SIGNING_ALGORITHM = "AWS4-HMAC-SHA256" - - -def get_timestamps() -> tuple[str, str]: - """Get strings of required timestamps for canonical requests""" - now = datetime.datetime.utcnow() - amazon_timestamp = now.strftime("%Y%m%dT%H%M%SZ") - req_timestamp = now.strftime("%Y%m%d") - return amazon_timestamp, req_timestamp - - -def get_credential_scope(req_timestamp: str, region: str, service: str) -> str: - """Define the scope of the request, which includes the target region and service""" - return "{}/{}/{}/aws4_request".format(req_timestamp, region, service) - - -def sign(key: str, msg: str) -> bytes: - """Generate the HMAC-SHA256 hash of a target string using the provided secret key""" - return hmac.new(key, msg.encode("utf-8"), hashlib.sha256).digest() - - -def compute_sha256_hash(input: str) -> str: - """Create SHA256 hash of a target string""" - m = hashlib.sha256() - m.update(input.encode("utf-8")) - result = m.hexdigest() - return result - - -def get_string_to_sign(amzn_date_stamp: str, scope: str, can_req: str) -> str: - """Get string to sign from request parameters""" - return "\n".join( - [SIGNING_ALGORITHM, amzn_date_stamp, scope, compute_sha256_hash(can_req)] - ) - - -def get_aws4_signature_key( - key: str, datestamp: str, region: str, service_name: str -) -> bytes: - """Generature canonical requests signature""" - kdate = sign(("AWS4" + key).encode("utf-8"), datestamp) - kregion = sign(kdate, region) - kservice = sign(kregion, service_name) - ksigning = sign(kservice, "aws4_request") - return ksigning - - -if __name__ == "__main__": - # Get user input from command args - amazon_secret_key = sys.argv[1] - region = sys.argv[2] - service = sys.argv[3] - user_input = sys.argv[4] - - # Fetch the required timestamps - amazon_timestamp, req_timestamp = get_timestamps() - print("Amazon Timestamp: " + amazon_timestamp) - print("Request Timestamp: " + req_timestamp) - - # The scope/action permitted by the signed credentials - credential_scope = get_credential_scope(req_timestamp, region, service) - print("Credential Scope: " + credential_scope) - - # Generate and print signed string - signature_key = get_aws4_signature_key( - amazon_secret_key, req_timestamp, region, service - ) - print("Signing Key: " + base64.b64encode(signature_key).decode()) - string_to_sign = get_string_to_sign(amazon_timestamp, credential_scope, user_input) - print("String to sign: " + json.dumps(string_to_sign)) - signature = hmac.new( - signature_key, string_to_sign.encode("utf-8"), hashlib.sha256 - ).hexdigest() - print("Signed String: " + signature) +```py +{{% include file="code\can_req\py\signing.py" %}} ``` + {{% /tab %}} {{< /tabs >}} {{% button href="https://github.com/MichaelStott/tech-squawks/tree/main/code/can_req/py" icon="code" %}}Repository{{% /button %}} @@ -379,109 +129,27 @@ if __name__ == "__main__": {{< tab name="Go" >}} {{< tabs >}} {{% tab name="Execution" %}} + ``` go run signing_driver.go signing.go $AWS_SECRET_KEY us-west-1 ssm "Hello World!" ``` + {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="signing.go" %}} -```go -// can_req/go/signing.go - -ackage main - -import ( - hmac "crypto/hmac" - "crypto/sha256" - "encoding/json" - "fmt" - "os" - "strings" - "time" -) - -const SIGNING_ALGORITHM = "AWS4-HMAC-SHA256" - -func getTimestamps() (string, string) { - now := time.Now().UTC() - return now.Format("20060102T150405Z"), now.Format("20060102") -} - -func getCredentialScope(request_timestamp string, region string, service string) string { - return fmt.Sprintf("%s/%s/%s/aws4_request", request_timestamp, region, service) -} - -func sign(key string, message string) string { - mac := hmac.New(sha256.New, []byte(key)) - mac.Write([]byte(message)) - return string(mac.Sum(nil)) -} - -func signHex(key string, message string) string { - mac := hmac.New(sha256.New, []byte(key)) - mac.Write([]byte(message)) - return fmt.Sprintf("%x", string(mac.Sum(nil))) -} - -func computeSHA256Hash(input string) string { - hash := sha256.New() - hash.Write([]byte(input)) - return fmt.Sprintf("%x", string(hash.Sum(nil))) -} - -func getStringToSign(amazon_timestamp string, scope string, can_req string) string { - components := [...]string{SIGNING_ALGORITHM, amazon_timestamp, scope, computeSHA256Hash(can_req)} - return strings.Join(components[:], "\n") -} - -func getAWS4SignatureKey(secret_key string, request_timestamp string, region string, service string) string { - kdate := sign("AWS4"+secret_key, request_timestamp) - kregion := sign(kdate, region) - kservice := sign(kregion, service) - ksigning := sign(kservice, "aws4_request") - return ksigning -} - -func runDemo() { - // Get user input from command args - amazon_secret_key := os.Args[1] - region := os.Args[2] - service := os.Args[3] - user_input := os.Args[4] - - // Fetch the required timestamps - amazon_timestamp, request_timestamp := getTimestamps() - fmt.Printf("Amazon Timestamp: %s\n", amazon_timestamp) - fmt.Printf("Request Timestamp: %s\n", request_timestamp) - - // Get the scope/permitted API action for the signed credentials - credential_scope := getCredentialScope(request_timestamp, region, service) - fmt.Printf("Credential Scope: %s\n", credential_scope) - - // Generate and print signed string - signature_key := getAWS4SignatureKey(amazon_secret_key, request_timestamp, region, service) - fmt.Printf("Signing Key: %x\n", signature_key) - string_to_sign := getStringToSign(amazon_timestamp, credential_scope, user_input) - string_to_sign_formatted, _ := json.Marshal(string_to_sign) - fmt.Printf("String to sign: `%s`\n", string_to_sign_formatted) - signature := signHex(signature_key, string_to_sign) - fmt.Printf("Signed String: " + signature) -} +```go +{{% include file="code\can_req\go\signing.go" %}} ``` + {{% /tab %}} {{% tab name="signing_driver.go" %}} -```go -// can_req/go/signing_driver.go - -package main - -func main() { - runDemo() -} +```go +{{% include file="code\can_req\go\signing_driver.go" %}} ``` + {{% /tab %}} {{< /tabs >}} {{% button href="https://github.com/MichaelStott/tech-squawks/tree/main/code/can_req/go" icon="code" %}}Repository{{% /button %}} @@ -490,6 +158,7 @@ func main() { {{< /tabs >}} **Output** + ``` Amazon Timestamp: 20230625T174754Z Requset Timestamp: 20230625 @@ -498,7 +167,6 @@ Signing Key: 843b458b4664ec9c54e42274a490b2c7cb2802cc104dcba2ad2df8fe71c008ff String to sign: "AWS4-HMAC-SHA256\n20230625T174754Z\n20230625/us-west-1/ssm/aws4_request\n7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069" Signed String: cc1a8368f317707c89b33e8f627f722819ed4d28341fef7b56720103b5d3fe79 ``` -[^1]: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html +[^1]: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html [^2]: https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html - \ No newline at end of file diff --git a/web/content/cloud_computing/aws/iam/access/abac.md b/web/content/cloud_computing/aws/iam/access/abac.md index 94a6a82..a7d19b4 100644 --- a/web/content/cloud_computing/aws/iam/access/abac.md +++ b/web/content/cloud_computing/aws/iam/access/abac.md @@ -4,9 +4,10 @@ draft: false weight: 5 --- -To more easily maange associations between identities and policies, IAM allows you to associate the two entities together via AWS tagging. +To more easily manage associations between identities and policies, IAM allows you to associate the two entities together via AWS tagging. The following is an example policy that allows us to define a tagged policy: + ``` { "Version": "2012-10-17", @@ -26,4 +27,4 @@ The following is an example policy that allows us to define a tagged policy: } } } -``` \ No newline at end of file +``` diff --git a/web/content/cloud_computing/aws/iam/access/policies.md b/web/content/cloud_computing/aws/iam/access/policies.md index 92168ce..eb33b08 100644 --- a/web/content/cloud_computing/aws/iam/access/policies.md +++ b/web/content/cloud_computing/aws/iam/access/policies.md @@ -4,11 +4,11 @@ draft: false weight: 4 --- -IAM Policies define the permissions required for performing a given action on some target resource. A permission directly correlates to an AWS API request. Policies are associated with identities and allow cloud engineers to target specific resources. (UGHHH) +IAM Policies define the permissions required for performing a given action on some target resource. A permission directly correlates to an AWS API request. Policies are associated with identities and allow cloud engineers to target specific resources. -For common use cases, AWS provides managed resources to be assocaited with identities (Admin roles, S3 only roles, etc.), which may help reduce the amount of custom resources that an organization needs to manage. +For common use cases, AWS provides managed resources to be associated with identities (Admin roles, S3 only roles, etc.), which may help reduce the amount of custom resources that an organization needs to manage. -## Permission Boundaries +## Permission Boundaries Permission boundaries define the maximum amount of permissions an identity can have. The effective permissions for an identity are the permissions that are granted by all the policies that affect the user or role, including identity-based policies, resource-based policies and permissions boundaries. @@ -18,4 +18,4 @@ IAM policies schemas may be validated using the IAM policy analyzer: ``` $ aws accessanalyzer validate-policy -``` \ No newline at end of file +```