diff --git a/.github/workflows/pr-check.yaml b/.github/workflows/pr-check.yaml index 65012c7..8759b3f 100644 --- a/.github/workflows/pr-check.yaml +++ b/.github/workflows/pr-check.yaml @@ -22,15 +22,15 @@ jobs: runs-on: ubuntu-latest if: ${{ needs.get-pulumi-projects.outputs.matrix != '[]' && needs.get-pulumi-projects.outputs.matrix != '' }} strategy: - matrix: + matrix: project: ${{fromJson(needs.get-pulumi-projects.outputs.matrix)}} steps: - uses: actions/checkout@v3 with: submodules: true - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v2 with: - node-version: 16.17.x + node-version: 14.x - uses: actions/setup-go@v2 with: go-version: 1.17.x @@ -39,8 +39,8 @@ jobs: python-version: 3.9 - uses: actions/setup-java@v3 with: - distribution: "temurin" - java-version: "17" + distribution: 'temurin' + java-version: '17' - name: Set up Homebrew id: set-up-homebrew uses: Homebrew/actions/setup-homebrew@master @@ -59,7 +59,7 @@ jobs: upsert: true command: preview stack-name: dev - work-dir: ./${{ matrix.project }} + work-dir: ./${{ matrix.project }} comment-on-pr: false env: PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} @@ -75,7 +75,7 @@ jobs: - name: Setup Hugo uses: peaceiris/actions-hugo@v2 with: - hugo-version: "0.111.3" + hugo-version: '0.111.3' - name: Set up Homebrew id: set-up-homebrew uses: Homebrew/actions/setup-homebrew@master @@ -94,7 +94,7 @@ jobs: - name: Setup Hugo uses: peaceiris/actions-hugo@v2 with: - hugo-version: "0.111.3" + hugo-version: '0.111.3' - name: Set up Homebrew id: set-up-homebrew uses: Homebrew/actions/setup-homebrew@master @@ -120,3 +120,4 @@ jobs: comment-on-pr: true env: PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} + diff --git a/web/code/can_req/go/README.md b/code/can_req/go/README.md similarity index 100% rename from web/code/can_req/go/README.md rename to code/can_req/go/README.md diff --git a/web/code/can_req/go/request.go b/code/can_req/go/request.go similarity index 100% rename from web/code/can_req/go/request.go rename to code/can_req/go/request.go diff --git a/web/code/can_req/go/signing.go b/code/can_req/go/signing.go similarity index 100% rename from web/code/can_req/go/signing.go rename to code/can_req/go/signing.go diff --git a/web/code/can_req/go/signing_driver.go b/code/can_req/go/signing_driver.go similarity index 100% rename from web/code/can_req/go/signing_driver.go rename to code/can_req/go/signing_driver.go diff --git a/web/code/can_req/js/README.md b/code/can_req/js/README.md similarity index 100% rename from web/code/can_req/js/README.md rename to code/can_req/js/README.md diff --git a/web/code/can_req/js/package.json b/code/can_req/js/package.json similarity index 100% rename from web/code/can_req/js/package.json rename to code/can_req/js/package.json diff --git a/web/code/can_req/js/request.js b/code/can_req/js/request.js similarity index 100% rename from web/code/can_req/js/request.js rename to code/can_req/js/request.js diff --git a/web/code/can_req/js/signing.js b/code/can_req/js/signing.js similarity index 100% rename from web/code/can_req/js/signing.js rename to code/can_req/js/signing.js diff --git a/web/code/can_req/py/README.md b/code/can_req/py/README.md similarity index 100% rename from web/code/can_req/py/README.md rename to code/can_req/py/README.md diff --git a/web/code/can_req/py/__pycache__/signing.cpython-310.pyc b/code/can_req/py/__pycache__/signing.cpython-310.pyc similarity index 100% rename from web/code/can_req/py/__pycache__/signing.cpython-310.pyc rename to code/can_req/py/__pycache__/signing.cpython-310.pyc diff --git a/web/code/can_req/py/request.py b/code/can_req/py/request.py similarity index 100% rename from web/code/can_req/py/request.py rename to code/can_req/py/request.py diff --git a/web/code/can_req/py/requirements.txt b/code/can_req/py/requirements.txt similarity index 100% rename from web/code/can_req/py/requirements.txt rename to code/can_req/py/requirements.txt diff --git a/web/code/can_req/py/signing.py b/code/can_req/py/signing.py similarity index 100% rename from web/code/can_req/py/signing.py rename to code/can_req/py/signing.py diff --git a/web/code/can_req/ts/README.md b/code/can_req/ts/README.md similarity index 100% rename from web/code/can_req/ts/README.md rename to code/can_req/ts/README.md diff --git a/web/code/can_req/ts/request.ts b/code/can_req/ts/request.ts similarity index 100% rename from web/code/can_req/ts/request.ts rename to code/can_req/ts/request.ts diff --git a/web/code/can_req/ts/signing.ts b/code/can_req/ts/signing.ts similarity index 100% rename from web/code/can_req/ts/signing.ts rename to code/can_req/ts/signing.ts diff --git a/web/code/can_req/ts/tsconfig.json b/code/can_req/ts/tsconfig.json similarity index 100% rename from web/code/can_req/ts/tsconfig.json rename to code/can_req/ts/tsconfig.json diff --git a/web/code/containers/docker/images/parent/Dockerfile b/code/containers/docker/images/parent/Dockerfile similarity index 100% rename from web/code/containers/docker/images/parent/Dockerfile rename to code/containers/docker/images/parent/Dockerfile diff --git a/web/code/containers/docker/images/parent/Makefile b/code/containers/docker/images/parent/Makefile similarity index 100% rename from web/code/containers/docker/images/parent/Makefile rename to code/containers/docker/images/parent/Makefile diff --git a/web/code/containers/docker/images/parent/message.txt b/code/containers/docker/images/parent/message.txt similarity index 100% rename from web/code/containers/docker/images/parent/message.txt rename to code/containers/docker/images/parent/message.txt diff --git a/web/code/containers/docker/images/scratch/Dockerfile b/code/containers/docker/images/scratch/Dockerfile similarity index 100% rename from web/code/containers/docker/images/scratch/Dockerfile rename to code/containers/docker/images/scratch/Dockerfile diff --git a/web/code/containers/docker/images/scratch/Makefile b/code/containers/docker/images/scratch/Makefile similarity index 100% rename from web/code/containers/docker/images/scratch/Makefile rename to code/containers/docker/images/scratch/Makefile diff --git a/web/code/containers/docker/images/scratch/README.md b/code/containers/docker/images/scratch/README.md similarity index 100% rename from web/code/containers/docker/images/scratch/README.md rename to code/containers/docker/images/scratch/README.md diff --git a/web/code/containers/docker/images/scratch/go.mod b/code/containers/docker/images/scratch/go.mod similarity index 100% rename from web/code/containers/docker/images/scratch/go.mod rename to code/containers/docker/images/scratch/go.mod diff --git a/web/code/containers/docker/images/scratch/hello b/code/containers/docker/images/scratch/hello similarity index 100% rename from web/code/containers/docker/images/scratch/hello rename to code/containers/docker/images/scratch/hello diff --git a/web/code/containers/docker/images/scratch/main.go b/code/containers/docker/images/scratch/main.go similarity index 100% rename from web/code/containers/docker/images/scratch/main.go rename to code/containers/docker/images/scratch/main.go diff --git a/web/code/containers/docker/overview/Dockerfile b/code/containers/docker/overview/Dockerfile similarity index 100% rename from web/code/containers/docker/overview/Dockerfile rename to code/containers/docker/overview/Dockerfile diff --git a/web/code/containers/docker/overview/Makefile b/code/containers/docker/overview/Makefile similarity index 100% rename from web/code/containers/docker/overview/Makefile rename to code/containers/docker/overview/Makefile diff --git a/web/code/containers/docker/overview/README.md b/code/containers/docker/overview/README.md similarity index 100% rename from web/code/containers/docker/overview/README.md rename to code/containers/docker/overview/README.md diff --git a/web/code/homepage/go/Makefile b/code/homepage/go/Makefile similarity index 100% rename from web/code/homepage/go/Makefile rename to code/homepage/go/Makefile diff --git a/web/code/homepage/go/Pulumi.dev.yaml b/code/homepage/go/Pulumi.dev.yaml similarity index 100% rename from web/code/homepage/go/Pulumi.dev.yaml rename to code/homepage/go/Pulumi.dev.yaml diff --git a/web/code/homepage/go/Pulumi.yaml b/code/homepage/go/Pulumi.yaml similarity index 100% rename from web/code/homepage/go/Pulumi.yaml rename to code/homepage/go/Pulumi.yaml diff --git a/web/code/homepage/go/go.mod b/code/homepage/go/go.mod similarity index 100% rename from web/code/homepage/go/go.mod rename to code/homepage/go/go.mod diff --git a/web/code/homepage/go/go.sum b/code/homepage/go/go.sum similarity index 100% rename from web/code/homepage/go/go.sum rename to code/homepage/go/go.sum diff --git a/web/code/homepage/go/handler/handler b/code/homepage/go/handler/handler similarity index 100% rename from web/code/homepage/go/handler/handler rename to code/homepage/go/handler/handler diff --git a/web/code/homepage/go/handler/handler.go b/code/homepage/go/handler/handler.go similarity index 100% rename from web/code/homepage/go/handler/handler.go rename to code/homepage/go/handler/handler.go diff --git a/web/code/homepage/go/lambda_util.go b/code/homepage/go/lambda_util.go similarity index 100% rename from web/code/homepage/go/lambda_util.go rename to code/homepage/go/lambda_util.go diff --git a/web/code/homepage/go/main.go b/code/homepage/go/main.go similarity index 100% rename from web/code/homepage/go/main.go rename to code/homepage/go/main.go diff --git a/web/code/homepage/js/.gitignore b/code/homepage/js/.gitignore similarity index 100% rename from web/code/homepage/js/.gitignore rename to code/homepage/js/.gitignore diff --git a/web/code/homepage/js/Pulumi.dev.yaml b/code/homepage/js/Pulumi.dev.yaml similarity index 100% rename from web/code/homepage/js/Pulumi.dev.yaml rename to code/homepage/js/Pulumi.dev.yaml diff --git a/web/code/homepage/js/Pulumi.yaml b/code/homepage/js/Pulumi.yaml similarity index 100% rename from web/code/homepage/js/Pulumi.yaml rename to code/homepage/js/Pulumi.yaml diff --git a/web/code/homepage/js/index.js b/code/homepage/js/index.js similarity index 100% rename from web/code/homepage/js/index.js rename to code/homepage/js/index.js diff --git a/web/code/homepage/js/package-lock.json b/code/homepage/js/package-lock.json similarity index 100% rename from web/code/homepage/js/package-lock.json rename to code/homepage/js/package-lock.json diff --git a/web/code/homepage/js/package.json b/code/homepage/js/package.json similarity index 100% rename from web/code/homepage/js/package.json rename to code/homepage/js/package.json diff --git a/web/code/homepage/py/.gitignore b/code/homepage/py/.gitignore similarity index 100% rename from web/code/homepage/py/.gitignore rename to code/homepage/py/.gitignore diff --git a/web/code/homepage/py/Pulumi.dev.yaml b/code/homepage/py/Pulumi.dev.yaml similarity index 100% rename from web/code/homepage/py/Pulumi.dev.yaml rename to code/homepage/py/Pulumi.dev.yaml diff --git a/web/code/homepage/py/Pulumi.yaml b/code/homepage/py/Pulumi.yaml similarity index 100% rename from web/code/homepage/py/Pulumi.yaml rename to code/homepage/py/Pulumi.yaml diff --git a/web/code/homepage/py/__main__.py b/code/homepage/py/__main__.py similarity index 100% rename from web/code/homepage/py/__main__.py rename to code/homepage/py/__main__.py diff --git a/web/code/homepage/py/lambda.py b/code/homepage/py/lambda.py similarity index 100% rename from web/code/homepage/py/lambda.py rename to code/homepage/py/lambda.py diff --git a/web/code/homepage/py/lambda_util.py b/code/homepage/py/lambda_util.py similarity index 100% rename from web/code/homepage/py/lambda_util.py rename to code/homepage/py/lambda_util.py diff --git a/web/code/homepage/py/requirements.txt b/code/homepage/py/requirements.txt similarity index 100% rename from web/code/homepage/py/requirements.txt rename to code/homepage/py/requirements.txt diff --git a/web/code/homepage/ts/.gitignore b/code/homepage/ts/.gitignore similarity index 100% rename from web/code/homepage/ts/.gitignore rename to code/homepage/ts/.gitignore diff --git a/web/code/homepage/ts/Pulumi.dev.yaml b/code/homepage/ts/Pulumi.dev.yaml similarity index 100% rename from web/code/homepage/ts/Pulumi.dev.yaml rename to code/homepage/ts/Pulumi.dev.yaml diff --git a/web/code/homepage/ts/Pulumi.yaml b/code/homepage/ts/Pulumi.yaml similarity index 100% rename from web/code/homepage/ts/Pulumi.yaml rename to code/homepage/ts/Pulumi.yaml diff --git a/web/code/homepage/ts/index.ts b/code/homepage/ts/index.ts similarity index 100% rename from web/code/homepage/ts/index.ts rename to code/homepage/ts/index.ts diff --git a/web/code/homepage/ts/package-lock.json b/code/homepage/ts/package-lock.json similarity index 100% rename from web/code/homepage/ts/package-lock.json rename to code/homepage/ts/package-lock.json diff --git a/web/code/homepage/ts/package.json b/code/homepage/ts/package.json similarity index 100% rename from web/code/homepage/ts/package.json rename to code/homepage/ts/package.json diff --git a/web/code/homepage/ts/tsconfig.json b/code/homepage/ts/tsconfig.json similarity index 100% rename from web/code/homepage/ts/tsconfig.json rename to code/homepage/ts/tsconfig.json diff --git a/web/code/iam/identities/users/access_credentials/go/Pulumi.dev.yaml b/code/iam/identities/users/access_credentials/go/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/access_credentials/go/Pulumi.dev.yaml rename to code/iam/identities/users/access_credentials/go/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/access_credentials/go/Pulumi.yaml b/code/iam/identities/users/access_credentials/go/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/access_credentials/go/Pulumi.yaml rename to code/iam/identities/users/access_credentials/go/Pulumi.yaml diff --git a/web/code/iam/identities/users/access_credentials/go/go.mod b/code/iam/identities/users/access_credentials/go/go.mod similarity index 100% rename from web/code/iam/identities/users/access_credentials/go/go.mod rename to code/iam/identities/users/access_credentials/go/go.mod diff --git a/web/code/iam/identities/users/access_credentials/go/go.sum b/code/iam/identities/users/access_credentials/go/go.sum similarity index 100% rename from web/code/iam/identities/users/access_credentials/go/go.sum rename to code/iam/identities/users/access_credentials/go/go.sum diff --git a/web/code/iam/identities/users/access_credentials/go/main.go b/code/iam/identities/users/access_credentials/go/main.go similarity index 100% rename from web/code/iam/identities/users/access_credentials/go/main.go rename to code/iam/identities/users/access_credentials/go/main.go diff --git a/web/code/iam/identities/users/access_credentials/js/.gitignore b/code/iam/identities/users/access_credentials/js/.gitignore similarity index 100% rename from web/code/iam/identities/users/access_credentials/js/.gitignore rename to code/iam/identities/users/access_credentials/js/.gitignore diff --git a/web/code/iam/identities/users/access_credentials/js/Pulumi.dev.yaml b/code/iam/identities/users/access_credentials/js/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/access_credentials/js/Pulumi.dev.yaml rename to code/iam/identities/users/access_credentials/js/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/access_credentials/js/Pulumi.yaml b/code/iam/identities/users/access_credentials/js/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/access_credentials/js/Pulumi.yaml rename to code/iam/identities/users/access_credentials/js/Pulumi.yaml diff --git a/web/code/iam/identities/users/access_credentials/js/index.js b/code/iam/identities/users/access_credentials/js/index.js similarity index 100% rename from web/code/iam/identities/users/access_credentials/js/index.js rename to code/iam/identities/users/access_credentials/js/index.js diff --git a/web/code/iam/identities/users/access_credentials/js/package-lock.json b/code/iam/identities/users/access_credentials/js/package-lock.json similarity index 100% rename from web/code/iam/identities/users/access_credentials/js/package-lock.json rename to code/iam/identities/users/access_credentials/js/package-lock.json diff --git a/web/code/iam/identities/users/access_credentials/js/package.json b/code/iam/identities/users/access_credentials/js/package.json similarity index 100% rename from web/code/iam/identities/users/access_credentials/js/package.json rename to code/iam/identities/users/access_credentials/js/package.json diff --git a/web/code/iam/identities/users/access_credentials/py/.gitignore b/code/iam/identities/users/access_credentials/py/.gitignore similarity index 100% rename from web/code/iam/identities/users/access_credentials/py/.gitignore rename to code/iam/identities/users/access_credentials/py/.gitignore diff --git a/web/code/iam/identities/users/access_credentials/py/Pulumi.dev.yaml b/code/iam/identities/users/access_credentials/py/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/access_credentials/py/Pulumi.dev.yaml rename to code/iam/identities/users/access_credentials/py/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/access_credentials/py/Pulumi.yaml b/code/iam/identities/users/access_credentials/py/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/access_credentials/py/Pulumi.yaml rename to code/iam/identities/users/access_credentials/py/Pulumi.yaml diff --git a/web/code/iam/identities/users/access_credentials/py/__main__.py b/code/iam/identities/users/access_credentials/py/__main__.py similarity index 100% rename from web/code/iam/identities/users/access_credentials/py/__main__.py rename to code/iam/identities/users/access_credentials/py/__main__.py diff --git a/web/code/iam/identities/users/access_credentials/py/requirements.txt b/code/iam/identities/users/access_credentials/py/requirements.txt similarity index 100% rename from web/code/iam/identities/users/access_credentials/py/requirements.txt rename to code/iam/identities/users/access_credentials/py/requirements.txt diff --git a/web/code/iam/identities/users/access_credentials/ts/.gitignore b/code/iam/identities/users/access_credentials/ts/.gitignore similarity index 100% rename from web/code/iam/identities/users/access_credentials/ts/.gitignore rename to code/iam/identities/users/access_credentials/ts/.gitignore diff --git a/web/code/iam/identities/users/access_credentials/ts/Pulumi.dev.yaml b/code/iam/identities/users/access_credentials/ts/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/access_credentials/ts/Pulumi.dev.yaml rename to code/iam/identities/users/access_credentials/ts/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/access_credentials/ts/Pulumi.yaml b/code/iam/identities/users/access_credentials/ts/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/access_credentials/ts/Pulumi.yaml rename to code/iam/identities/users/access_credentials/ts/Pulumi.yaml diff --git a/web/code/iam/identities/users/access_credentials/ts/index.ts b/code/iam/identities/users/access_credentials/ts/index.ts similarity index 100% rename from web/code/iam/identities/users/access_credentials/ts/index.ts rename to code/iam/identities/users/access_credentials/ts/index.ts diff --git a/web/code/iam/identities/users/access_credentials/ts/package-lock.json b/code/iam/identities/users/access_credentials/ts/package-lock.json similarity index 100% rename from web/code/iam/identities/users/access_credentials/ts/package-lock.json rename to code/iam/identities/users/access_credentials/ts/package-lock.json diff --git a/web/code/iam/identities/users/access_credentials/ts/package.json b/code/iam/identities/users/access_credentials/ts/package.json similarity index 100% rename from web/code/iam/identities/users/access_credentials/ts/package.json rename to code/iam/identities/users/access_credentials/ts/package.json diff --git a/web/code/iam/identities/users/access_credentials/ts/tsconfig.json b/code/iam/identities/users/access_credentials/ts/tsconfig.json similarity index 100% rename from web/code/iam/identities/users/access_credentials/ts/tsconfig.json rename to code/iam/identities/users/access_credentials/ts/tsconfig.json diff --git a/web/code/iam/identities/users/create_user/go/Pulumi.dev.yaml b/code/iam/identities/users/create_user/go/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/create_user/go/Pulumi.dev.yaml rename to code/iam/identities/users/create_user/go/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/create_user/go/Pulumi.yaml b/code/iam/identities/users/create_user/go/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/create_user/go/Pulumi.yaml rename to code/iam/identities/users/create_user/go/Pulumi.yaml diff --git a/web/code/iam/identities/users/create_user/go/go.mod b/code/iam/identities/users/create_user/go/go.mod similarity index 100% rename from web/code/iam/identities/users/create_user/go/go.mod rename to code/iam/identities/users/create_user/go/go.mod diff --git a/web/code/iam/identities/users/create_user/go/go.sum b/code/iam/identities/users/create_user/go/go.sum similarity index 100% rename from web/code/iam/identities/users/create_user/go/go.sum rename to code/iam/identities/users/create_user/go/go.sum diff --git a/web/code/iam/identities/users/create_user/go/main.go b/code/iam/identities/users/create_user/go/main.go similarity index 100% rename from web/code/iam/identities/users/create_user/go/main.go rename to code/iam/identities/users/create_user/go/main.go diff --git a/web/code/iam/identities/users/create_user/js/.gitignore b/code/iam/identities/users/create_user/js/.gitignore similarity index 100% rename from web/code/iam/identities/users/create_user/js/.gitignore rename to code/iam/identities/users/create_user/js/.gitignore diff --git a/web/code/iam/identities/users/create_user/js/Pulumi.dev.yaml b/code/iam/identities/users/create_user/js/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/create_user/js/Pulumi.dev.yaml rename to code/iam/identities/users/create_user/js/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/create_user/js/Pulumi.yaml b/code/iam/identities/users/create_user/js/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/create_user/js/Pulumi.yaml rename to code/iam/identities/users/create_user/js/Pulumi.yaml diff --git a/web/code/iam/identities/users/create_user/js/index.js b/code/iam/identities/users/create_user/js/index.js similarity index 100% rename from web/code/iam/identities/users/create_user/js/index.js rename to code/iam/identities/users/create_user/js/index.js diff --git a/web/code/iam/identities/users/create_user/js/package-lock.json b/code/iam/identities/users/create_user/js/package-lock.json similarity index 100% rename from web/code/iam/identities/users/create_user/js/package-lock.json rename to code/iam/identities/users/create_user/js/package-lock.json diff --git a/web/code/iam/identities/users/create_user/js/package.json b/code/iam/identities/users/create_user/js/package.json similarity index 100% rename from web/code/iam/identities/users/create_user/js/package.json rename to code/iam/identities/users/create_user/js/package.json diff --git a/web/code/iam/identities/users/create_user/py/.gitignore b/code/iam/identities/users/create_user/py/.gitignore similarity index 100% rename from web/code/iam/identities/users/create_user/py/.gitignore rename to code/iam/identities/users/create_user/py/.gitignore diff --git a/web/code/iam/identities/users/create_user/py/Pulumi.dev.yaml b/code/iam/identities/users/create_user/py/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/create_user/py/Pulumi.dev.yaml rename to code/iam/identities/users/create_user/py/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/create_user/py/Pulumi.yaml b/code/iam/identities/users/create_user/py/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/create_user/py/Pulumi.yaml rename to code/iam/identities/users/create_user/py/Pulumi.yaml diff --git a/web/code/iam/identities/users/create_user/py/__main__.py b/code/iam/identities/users/create_user/py/__main__.py similarity index 100% rename from web/code/iam/identities/users/create_user/py/__main__.py rename to code/iam/identities/users/create_user/py/__main__.py diff --git a/web/code/iam/identities/users/create_user/py/requirements.txt b/code/iam/identities/users/create_user/py/requirements.txt similarity index 100% rename from web/code/iam/identities/users/create_user/py/requirements.txt rename to code/iam/identities/users/create_user/py/requirements.txt diff --git a/web/code/iam/identities/users/create_user/ts/.gitignore b/code/iam/identities/users/create_user/ts/.gitignore similarity index 100% rename from web/code/iam/identities/users/create_user/ts/.gitignore rename to code/iam/identities/users/create_user/ts/.gitignore diff --git a/web/code/iam/identities/users/create_user/ts/Pulumi.dev.yaml b/code/iam/identities/users/create_user/ts/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/create_user/ts/Pulumi.dev.yaml rename to code/iam/identities/users/create_user/ts/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/create_user/ts/Pulumi.yaml b/code/iam/identities/users/create_user/ts/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/create_user/ts/Pulumi.yaml rename to code/iam/identities/users/create_user/ts/Pulumi.yaml diff --git a/web/code/iam/identities/users/create_user/ts/index.ts b/code/iam/identities/users/create_user/ts/index.ts similarity index 100% rename from web/code/iam/identities/users/create_user/ts/index.ts rename to code/iam/identities/users/create_user/ts/index.ts diff --git a/web/code/iam/identities/users/create_user/ts/package-lock.json b/code/iam/identities/users/create_user/ts/package-lock.json similarity index 100% rename from web/code/iam/identities/users/create_user/ts/package-lock.json rename to code/iam/identities/users/create_user/ts/package-lock.json diff --git a/web/code/iam/identities/users/create_user/ts/package.json b/code/iam/identities/users/create_user/ts/package.json similarity index 100% rename from web/code/iam/identities/users/create_user/ts/package.json rename to code/iam/identities/users/create_user/ts/package.json diff --git a/web/code/iam/identities/users/create_user/ts/tsconfig.json b/code/iam/identities/users/create_user/ts/tsconfig.json similarity index 100% rename from web/code/iam/identities/users/create_user/ts/tsconfig.json rename to code/iam/identities/users/create_user/ts/tsconfig.json diff --git a/web/code/iam/identities/users/paths/go/Pulumi.dev.yaml b/code/iam/identities/users/paths/go/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/paths/go/Pulumi.dev.yaml rename to code/iam/identities/users/paths/go/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/paths/go/Pulumi.yaml b/code/iam/identities/users/paths/go/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/paths/go/Pulumi.yaml rename to code/iam/identities/users/paths/go/Pulumi.yaml diff --git a/web/code/iam/identities/users/paths/go/go.mod b/code/iam/identities/users/paths/go/go.mod similarity index 100% rename from web/code/iam/identities/users/paths/go/go.mod rename to code/iam/identities/users/paths/go/go.mod diff --git a/web/code/iam/identities/users/paths/go/go.sum b/code/iam/identities/users/paths/go/go.sum similarity index 100% rename from web/code/iam/identities/users/paths/go/go.sum rename to code/iam/identities/users/paths/go/go.sum diff --git a/web/code/iam/identities/users/paths/go/main.go b/code/iam/identities/users/paths/go/main.go similarity index 100% rename from web/code/iam/identities/users/paths/go/main.go rename to code/iam/identities/users/paths/go/main.go diff --git a/web/code/iam/identities/users/paths/js/.gitignore b/code/iam/identities/users/paths/js/.gitignore similarity index 100% rename from web/code/iam/identities/users/paths/js/.gitignore rename to code/iam/identities/users/paths/js/.gitignore diff --git a/web/code/iam/identities/users/paths/js/Pulumi.dev.yaml b/code/iam/identities/users/paths/js/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/paths/js/Pulumi.dev.yaml rename to code/iam/identities/users/paths/js/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/paths/js/Pulumi.yaml b/code/iam/identities/users/paths/js/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/paths/js/Pulumi.yaml rename to code/iam/identities/users/paths/js/Pulumi.yaml diff --git a/web/code/iam/identities/users/paths/js/index.js b/code/iam/identities/users/paths/js/index.js similarity index 100% rename from web/code/iam/identities/users/paths/js/index.js rename to code/iam/identities/users/paths/js/index.js diff --git a/web/code/iam/identities/users/paths/js/package-lock.json b/code/iam/identities/users/paths/js/package-lock.json similarity index 100% rename from web/code/iam/identities/users/paths/js/package-lock.json rename to code/iam/identities/users/paths/js/package-lock.json diff --git a/web/code/iam/identities/users/paths/js/package.json b/code/iam/identities/users/paths/js/package.json similarity index 100% rename from web/code/iam/identities/users/paths/js/package.json rename to code/iam/identities/users/paths/js/package.json diff --git a/web/code/iam/identities/users/paths/py/.gitignore b/code/iam/identities/users/paths/py/.gitignore similarity index 100% rename from web/code/iam/identities/users/paths/py/.gitignore rename to code/iam/identities/users/paths/py/.gitignore diff --git a/web/code/iam/identities/users/paths/py/Pulumi.dev.yaml b/code/iam/identities/users/paths/py/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/paths/py/Pulumi.dev.yaml rename to code/iam/identities/users/paths/py/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/paths/py/Pulumi.yaml b/code/iam/identities/users/paths/py/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/paths/py/Pulumi.yaml rename to code/iam/identities/users/paths/py/Pulumi.yaml diff --git a/web/code/iam/identities/users/paths/py/__main__.py b/code/iam/identities/users/paths/py/__main__.py similarity index 100% rename from web/code/iam/identities/users/paths/py/__main__.py rename to code/iam/identities/users/paths/py/__main__.py diff --git a/web/code/iam/identities/users/paths/py/requirements.txt b/code/iam/identities/users/paths/py/requirements.txt similarity index 100% rename from web/code/iam/identities/users/paths/py/requirements.txt rename to code/iam/identities/users/paths/py/requirements.txt diff --git a/web/code/iam/identities/users/paths/ts/.gitignore b/code/iam/identities/users/paths/ts/.gitignore similarity index 100% rename from web/code/iam/identities/users/paths/ts/.gitignore rename to code/iam/identities/users/paths/ts/.gitignore diff --git a/web/code/iam/identities/users/paths/ts/Pulumi.dev.yaml b/code/iam/identities/users/paths/ts/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/paths/ts/Pulumi.dev.yaml rename to code/iam/identities/users/paths/ts/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/paths/ts/Pulumi.yaml b/code/iam/identities/users/paths/ts/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/paths/ts/Pulumi.yaml rename to code/iam/identities/users/paths/ts/Pulumi.yaml diff --git a/web/code/iam/identities/users/paths/ts/index.ts b/code/iam/identities/users/paths/ts/index.ts similarity index 100% rename from web/code/iam/identities/users/paths/ts/index.ts rename to code/iam/identities/users/paths/ts/index.ts diff --git a/web/code/iam/identities/users/paths/ts/package-lock.json b/code/iam/identities/users/paths/ts/package-lock.json similarity index 100% rename from web/code/iam/identities/users/paths/ts/package-lock.json rename to code/iam/identities/users/paths/ts/package-lock.json diff --git a/web/code/iam/identities/users/paths/ts/package.json b/code/iam/identities/users/paths/ts/package.json similarity index 100% rename from web/code/iam/identities/users/paths/ts/package.json rename to code/iam/identities/users/paths/ts/package.json diff --git a/web/code/iam/identities/users/paths/ts/tsconfig.json b/code/iam/identities/users/paths/ts/tsconfig.json similarity index 100% rename from web/code/iam/identities/users/paths/ts/tsconfig.json rename to code/iam/identities/users/paths/ts/tsconfig.json diff --git a/web/code/iam/identities/users/user_login_profile/go/Pulumi.dev.yaml b/code/iam/identities/users/user_login_profile/go/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/user_login_profile/go/Pulumi.dev.yaml rename to code/iam/identities/users/user_login_profile/go/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/user_login_profile/go/Pulumi.yaml b/code/iam/identities/users/user_login_profile/go/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/user_login_profile/go/Pulumi.yaml rename to code/iam/identities/users/user_login_profile/go/Pulumi.yaml diff --git a/web/code/iam/identities/users/user_login_profile/go/go.mod b/code/iam/identities/users/user_login_profile/go/go.mod similarity index 100% rename from web/code/iam/identities/users/user_login_profile/go/go.mod rename to code/iam/identities/users/user_login_profile/go/go.mod diff --git a/web/code/iam/identities/users/user_login_profile/go/go.sum b/code/iam/identities/users/user_login_profile/go/go.sum similarity index 100% rename from web/code/iam/identities/users/user_login_profile/go/go.sum rename to code/iam/identities/users/user_login_profile/go/go.sum diff --git a/web/code/iam/identities/users/user_login_profile/go/main.go b/code/iam/identities/users/user_login_profile/go/main.go similarity index 100% rename from web/code/iam/identities/users/user_login_profile/go/main.go rename to code/iam/identities/users/user_login_profile/go/main.go diff --git a/web/code/iam/identities/users/user_login_profile/js/.gitignore b/code/iam/identities/users/user_login_profile/js/.gitignore similarity index 100% rename from web/code/iam/identities/users/user_login_profile/js/.gitignore rename to code/iam/identities/users/user_login_profile/js/.gitignore diff --git a/web/code/iam/identities/users/user_login_profile/js/Pulumi.dev.yaml b/code/iam/identities/users/user_login_profile/js/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/user_login_profile/js/Pulumi.dev.yaml rename to code/iam/identities/users/user_login_profile/js/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/user_login_profile/js/Pulumi.yaml b/code/iam/identities/users/user_login_profile/js/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/user_login_profile/js/Pulumi.yaml rename to code/iam/identities/users/user_login_profile/js/Pulumi.yaml diff --git a/web/code/iam/identities/users/user_login_profile/js/index.js b/code/iam/identities/users/user_login_profile/js/index.js similarity index 100% rename from web/code/iam/identities/users/user_login_profile/js/index.js rename to code/iam/identities/users/user_login_profile/js/index.js diff --git a/web/code/iam/identities/users/user_login_profile/js/package.json b/code/iam/identities/users/user_login_profile/js/package.json similarity index 100% rename from web/code/iam/identities/users/user_login_profile/js/package.json rename to code/iam/identities/users/user_login_profile/js/package.json diff --git a/web/code/iam/identities/users/user_login_profile/py/.gitignore b/code/iam/identities/users/user_login_profile/py/.gitignore similarity index 100% rename from web/code/iam/identities/users/user_login_profile/py/.gitignore rename to code/iam/identities/users/user_login_profile/py/.gitignore diff --git a/web/code/iam/identities/users/user_login_profile/py/Pulumi.dev.yaml b/code/iam/identities/users/user_login_profile/py/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/user_login_profile/py/Pulumi.dev.yaml rename to code/iam/identities/users/user_login_profile/py/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/user_login_profile/py/Pulumi.yaml b/code/iam/identities/users/user_login_profile/py/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/user_login_profile/py/Pulumi.yaml rename to code/iam/identities/users/user_login_profile/py/Pulumi.yaml diff --git a/web/code/iam/identities/users/user_login_profile/py/__main__.py b/code/iam/identities/users/user_login_profile/py/__main__.py similarity index 100% rename from web/code/iam/identities/users/user_login_profile/py/__main__.py rename to code/iam/identities/users/user_login_profile/py/__main__.py diff --git a/web/code/iam/identities/users/user_login_profile/py/requirements.txt b/code/iam/identities/users/user_login_profile/py/requirements.txt similarity index 100% rename from web/code/iam/identities/users/user_login_profile/py/requirements.txt rename to code/iam/identities/users/user_login_profile/py/requirements.txt diff --git a/web/code/iam/identities/users/user_login_profile/ts/.gitignore b/code/iam/identities/users/user_login_profile/ts/.gitignore similarity index 100% rename from web/code/iam/identities/users/user_login_profile/ts/.gitignore rename to code/iam/identities/users/user_login_profile/ts/.gitignore diff --git a/web/code/iam/identities/users/user_login_profile/ts/Pulumi.dev.yaml b/code/iam/identities/users/user_login_profile/ts/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/user_login_profile/ts/Pulumi.dev.yaml rename to code/iam/identities/users/user_login_profile/ts/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/user_login_profile/ts/Pulumi.yaml b/code/iam/identities/users/user_login_profile/ts/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/user_login_profile/ts/Pulumi.yaml rename to code/iam/identities/users/user_login_profile/ts/Pulumi.yaml diff --git a/web/code/iam/identities/users/user_login_profile/ts/index.ts b/code/iam/identities/users/user_login_profile/ts/index.ts similarity index 100% rename from web/code/iam/identities/users/user_login_profile/ts/index.ts rename to code/iam/identities/users/user_login_profile/ts/index.ts diff --git a/web/code/iam/identities/users/user_login_profile/ts/package-lock.json b/code/iam/identities/users/user_login_profile/ts/package-lock.json similarity index 100% rename from web/code/iam/identities/users/user_login_profile/ts/package-lock.json rename to code/iam/identities/users/user_login_profile/ts/package-lock.json diff --git a/web/code/iam/identities/users/user_login_profile/ts/package.json b/code/iam/identities/users/user_login_profile/ts/package.json similarity index 100% rename from web/code/iam/identities/users/user_login_profile/ts/package.json rename to code/iam/identities/users/user_login_profile/ts/package.json diff --git a/web/code/iam/identities/users/virtual_mfa_device/go/Pulumi.dev.yaml b/code/iam/identities/users/virtual_mfa_device/go/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/go/Pulumi.dev.yaml rename to code/iam/identities/users/virtual_mfa_device/go/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/virtual_mfa_device/go/Pulumi.yaml b/code/iam/identities/users/virtual_mfa_device/go/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/go/Pulumi.yaml rename to code/iam/identities/users/virtual_mfa_device/go/Pulumi.yaml diff --git a/web/code/iam/identities/users/virtual_mfa_device/go/go.mod b/code/iam/identities/users/virtual_mfa_device/go/go.mod similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/go/go.mod rename to code/iam/identities/users/virtual_mfa_device/go/go.mod diff --git a/web/code/iam/identities/users/virtual_mfa_device/go/go.sum b/code/iam/identities/users/virtual_mfa_device/go/go.sum similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/go/go.sum rename to code/iam/identities/users/virtual_mfa_device/go/go.sum diff --git a/web/code/iam/identities/users/virtual_mfa_device/go/main.go b/code/iam/identities/users/virtual_mfa_device/go/main.go similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/go/main.go rename to code/iam/identities/users/virtual_mfa_device/go/main.go diff --git a/web/code/iam/identities/users/virtual_mfa_device/js/.gitignore b/code/iam/identities/users/virtual_mfa_device/js/.gitignore similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/js/.gitignore rename to code/iam/identities/users/virtual_mfa_device/js/.gitignore diff --git a/web/code/iam/identities/users/virtual_mfa_device/js/Pulumi.dev.yaml b/code/iam/identities/users/virtual_mfa_device/js/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/js/Pulumi.dev.yaml rename to code/iam/identities/users/virtual_mfa_device/js/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/virtual_mfa_device/js/Pulumi.yaml b/code/iam/identities/users/virtual_mfa_device/js/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/js/Pulumi.yaml rename to code/iam/identities/users/virtual_mfa_device/js/Pulumi.yaml diff --git a/web/code/iam/identities/users/virtual_mfa_device/js/index.js b/code/iam/identities/users/virtual_mfa_device/js/index.js similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/js/index.js rename to code/iam/identities/users/virtual_mfa_device/js/index.js diff --git a/web/code/iam/identities/users/virtual_mfa_device/js/package.json b/code/iam/identities/users/virtual_mfa_device/js/package.json similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/js/package.json rename to code/iam/identities/users/virtual_mfa_device/js/package.json diff --git a/web/code/iam/identities/users/virtual_mfa_device/py/.gitignore b/code/iam/identities/users/virtual_mfa_device/py/.gitignore similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/py/.gitignore rename to code/iam/identities/users/virtual_mfa_device/py/.gitignore diff --git a/web/code/iam/identities/users/virtual_mfa_device/py/Pulumi.dev.yaml b/code/iam/identities/users/virtual_mfa_device/py/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/py/Pulumi.dev.yaml rename to code/iam/identities/users/virtual_mfa_device/py/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/virtual_mfa_device/py/Pulumi.yaml b/code/iam/identities/users/virtual_mfa_device/py/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/py/Pulumi.yaml rename to code/iam/identities/users/virtual_mfa_device/py/Pulumi.yaml diff --git a/web/code/iam/identities/users/virtual_mfa_device/py/__main__.py b/code/iam/identities/users/virtual_mfa_device/py/__main__.py similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/py/__main__.py rename to code/iam/identities/users/virtual_mfa_device/py/__main__.py diff --git a/web/code/iam/identities/users/virtual_mfa_device/py/requirements.txt b/code/iam/identities/users/virtual_mfa_device/py/requirements.txt similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/py/requirements.txt rename to code/iam/identities/users/virtual_mfa_device/py/requirements.txt diff --git a/web/code/iam/identities/users/virtual_mfa_device/ts/.gitignore b/code/iam/identities/users/virtual_mfa_device/ts/.gitignore similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/ts/.gitignore rename to code/iam/identities/users/virtual_mfa_device/ts/.gitignore diff --git a/web/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.dev.yaml b/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.dev.yaml similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.dev.yaml rename to code/iam/identities/users/virtual_mfa_device/ts/Pulumi.dev.yaml diff --git a/web/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.yaml b/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.yaml similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/ts/Pulumi.yaml rename to code/iam/identities/users/virtual_mfa_device/ts/Pulumi.yaml diff --git a/web/code/iam/identities/users/virtual_mfa_device/ts/index.ts b/code/iam/identities/users/virtual_mfa_device/ts/index.ts similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/ts/index.ts rename to code/iam/identities/users/virtual_mfa_device/ts/index.ts diff --git a/web/code/iam/identities/users/virtual_mfa_device/ts/package-lock.json b/code/iam/identities/users/virtual_mfa_device/ts/package-lock.json similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/ts/package-lock.json rename to code/iam/identities/users/virtual_mfa_device/ts/package-lock.json diff --git a/web/code/iam/identities/users/virtual_mfa_device/ts/package.json b/code/iam/identities/users/virtual_mfa_device/ts/package.json similarity index 100% rename from web/code/iam/identities/users/virtual_mfa_device/ts/package.json rename to code/iam/identities/users/virtual_mfa_device/ts/package.json diff --git a/web/code/s3/cli/create_bucket.sh b/code/s3/cli/create_bucket.sh similarity index 100% rename from web/code/s3/cli/create_bucket.sh rename to code/s3/cli/create_bucket.sh diff --git a/web/code/s3/cli/delete_bucket.sh b/code/s3/cli/delete_bucket.sh similarity index 100% rename from web/code/s3/cli/delete_bucket.sh rename to code/s3/cli/delete_bucket.sh diff --git a/web/code/s3/cli/put_msg.sh b/code/s3/cli/put_msg.sh similarity index 100% rename from web/code/s3/cli/put_msg.sh rename to code/s3/cli/put_msg.sh diff --git a/scripts/ci_helper.py b/scripts/ci_helper.py index b3a0eff..0a7af9a 100644 --- a/scripts/ci_helper.py +++ b/scripts/ci_helper.py @@ -10,10 +10,10 @@ class CIHelper(): """ Helper class for all CI/CD operations. """ - DEFAULT_PROJECT_DIR = "web/code" + DEFAULT_PROJECT_DIR = "code" def __init__(self): - """ Initialize enumerators. Determine which directories to test. + """ Initialize enumera tors. Determine which directories to test. """ self.project_dir = os.getenv("PROJECT_DIR", self.DEFAULT_PROJECT_DIR) self.blacklisted = self._get_ignore_dirs() @@ -71,11 +71,11 @@ def code(): @web.command("has-changed") def changed_web(): - click.echo(CIHelper().dir_changed("web/content")) + click.echo(CIHelper().dir_changed("web/")) @code.command("has-changed") def changed_code(): - click.echo(CIHelper().dir_changed("web/code")) + click.echo(CIHelper().dir_changed("code/")) @code.command("ls") def list_pulumi(): diff --git a/web/code/homepage/py/lambda.zip b/web/code/homepage/py/lambda.zip deleted file mode 100644 index fb20ea5..0000000 Binary files a/web/code/homepage/py/lambda.zip and /dev/null differ diff --git a/web/content/_index.md b/web/content/_index.md index 2758ef4..7cc03e4 100644 --- a/web/content/_index.md +++ b/web/content/_index.md @@ -17,27 +17,53 @@ For instance, the below example demonstrates developing and deploying a serverle {{< tab name="Typescript" >}} {{< tabs >}} {{% tab name="Provision" %}} - ``` pulumi up -y ``` - {{% /tab %}} {{% tab name="Teardown" %}} - ``` pulumi destroy -y ``` - {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="index.ts" %}} - ```ts -{{% include file="code\homepage\ts\index.ts" %}} -``` +// homepage/ts/index.ts + +import * as aws from "@pulumi/aws"; +import * as awsx from "@pulumi/awsx"; + +const payload = + ''; + +// Provision an API Gateway instance. +const api = new awsx.classic.apigateway.API("serverless-party-parrot", { + routes: [ + { + // Define an HTTP endpoint. + path: "/", + method: "GET", + // Create a Lambda function that will be triggered upon accessing this endpoint. + eventHandler: new aws.lambda.CallbackFunction("handler", { + callback: async (event) => { + // Cry havoc and let slip the parrots of war. + return { + statusCode: 200, + headers: { "Content-Type": "text/html" }, + body: payload, + }; + }, + }), + }, + ], +}); + +// The URL of the deployed serverless webpage. +export const url = api.url; +``` {{% /tab %}} {{< /tabs >}} {{% button href="https://app.pulumi.com/new?template=https://github.com/MichaelStott/tech-squawks/tree/main/code/homepage/ts" icon="rocket" %}}Deploy{{% /button %}} @@ -47,27 +73,54 @@ pulumi destroy -y {{< tab name="Javascript" >}} {{< tabs >}} {{% tab name="Provision" %}} - ``` pulumi up -y ``` - {{% /tab %}} {{% tab name="Teardown" %}} - ``` pulumi destroy -y ``` - {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="index.js" %}} - ```js -{{% include file="code\homepage\js\index.js" %}} -``` +// homepage/js/index.js + +"use strict"; +const aws = require("@pulumi/aws"); +const awsx = require("@pulumi/awsx"); + +const payload = + ''; + +// Provision an API Gateway instance. +const api = new awsx.classic.apigateway.API("serverless-party-parrot", { + routes: [ + { + // Define an HTTP endpoint. + path: "/", + method: "GET", + // Create a Lambda function that will be triggered upon accessing this endpoint. + eventHandler: new aws.lambda.CallbackFunction("handler", { + callback: async (event) => { + // Cry havoc and let slip the parrots of war. + return { + statusCode: 200, + headers: { "Content-Type": "text/html" }, + body: payload, + }; + }, + }), + }, + ], +}); + +// The URL of the deployed serverless webpage. +exports.url = api.url; +``` {{% /tab %}} {{< /tabs >}} {{% button href="https://app.pulumi.com/new?template=https://github.com/MichaelStott/tech-squawks/tree/main/code/homepage/js" icon="rocket" %}}Deploy{{% /button %}} @@ -77,41 +130,130 @@ pulumi destroy -y {{< tab name="Python" >}} {{< tabs >}} {{% tab name="Provision" %}} - ``` pulumi up -y ``` - {{% /tab %}} {{% tab name="Teardown" %}} - ``` pulumi destroy -y ``` - {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="__main__.py" %}} - ```py -{{% include file="code\homepage\py\__main__.py" %}} -``` +# homepage/py/__main__.py + +import pulumi +import pulumi_aws + +from lambda_util import create_python_lambda + +LAMBDA_SOURCE = "lambda.py" +LAMBDA_PACKAGE = "lambda" +LAMBDA_VERSION = "1.0.0" + +# Provision Lambda function which will be invoked upon an http request. +lambda_function = create_python_lambda(LAMBDA_PACKAGE, LAMBDA_SOURCE, LAMBDA_VERSION) + +# Give API Gateway permissions to invoke the Lambda +lambda_permission = pulumi_aws.lambda_.Permission( + "lambdaPermission", + action="lambda:InvokeFunction", + principal="apigateway.amazonaws.com", + function=lambda_function, +) +# Set up the API Gateway +apigw = pulumi_aws.apigatewayv2.Api( + "httpApiGateway", + protocol_type="HTTP", + route_key="GET /", + target=lambda_function.invoke_arn, +) + +# Export the API endpoint for easy access +pulumi.export("url", apigw.api_endpoint) +pulumi.export("invoke_arn", lambda_function.name) + +``` {{% /tab %}} {{% tab name="lambda.py" %}} - ```py -{{% include file="code\homepage\py\lambda.py" %}} -``` +# homepage/py/lambda.py + +# Define handler logic and Lambda function +def handler(event, context): + return { + "statusCode": 200, + "headers": {"Content-Type": "text/html"}, + "body": '', + } +``` {{% /tab %}} {{% tab name="lambda_util.py" %}} - ```py -{{% include file="code\homepage\py\lambda_util.py" %}} -``` +# homepage/py/lambda_util.py + +import json, mimetypes, shutil, os +import pulumi_aws as aws +from pulumi_aws import lambda_, s3 +from pulumi import FileAsset + +lambda_role = aws.iam.Role( + "apiGatewayLambdaRole", + assume_role_policy=json.dumps( + { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Principal": { + "Service": "lambda.amazonaws.com", + }, + "Effect": "Allow", + "Sid": "", + } + ], + } + ), +) +role_policy_attachment = aws.iam.RolePolicyAttachment( + "lambdaRoleAttachment", + role=lambda_role, + policy_arn=aws.iam.ManagedPolicy.AWS_LAMBDA_BASIC_EXECUTION_ROLE, +) + + +def create_python_lambda(package, source, version, bucket_name="ts-test-lambda-py"): + """Uploads handler project to S3 and returns S3 object.""" + shutil.make_archive(package, "zip", ".", source) + + # Create an AWS resource (S3 Bucket)c + bucket = s3.Bucket(bucket_name) + package += ".zip" + mime_type, _ = mimetypes.guess_type(package) + obj = s3.BucketObject( + version + "/" + package, + bucket=bucket.id, + source=FileAsset(package), + content_type=mime_type, + ) + + lambda_function = lambda_.Function( + "ServerlessExample", + s3_bucket=bucket.id, + s3_key=obj.key, + handler="lambda.handler", + runtime="python3.7", + role=lambda_role.arn, + ) + + return lambda_function +``` {{% /tab %}} {{< /tabs >}} {{% button href="https://app.pulumi.com/new?template=https://github.com/MichaelStott/tech-squawks/tree/main/code/homepage/py" icon="rocket" %}}Deploy{{% /button %}} @@ -121,41 +263,246 @@ pulumi destroy -y {{< tab name="Go" >}} {{< tabs >}} {{% tab name="Provision" %}} - ``` pulumi up -y ``` - {{% /tab %}} {{% tab name="Teardown" %}} - ``` pulumi destroy -y ``` - {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="main.go" %}} - ```go -{{% include file="code\homepage\go\main.go" %}} -``` +// homepage/go/main.go + +ackage main + +import ( + "github.com/pulumi/pulumi-aws/sdk/v5/go/aws/apigatewayv2" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +func main() { + pulumi.Run(func(ctx *pulumi.Context) error { + // Create lambda function that will return HTML. + lambda, err := CreateGoLambda(ctx) + if err != nil { + panic(err) + } + + // Provision API Gateway instance to invoke Lambda + api, err := apigatewayv2.NewApi(ctx, + "serverless-parrot-demo-gov2", + &apigatewayv2.ApiArgs{ + ProtocolType: pulumi.String("HTTP"), + RouteKey: pulumi.String("GET /"), + Target: lambda.InvokeArn, + }, + nil, + ) + + ctx.Export("url", api.ApiEndpoint) + + return nil + }) +} +``` {{% /tab %}} {{% tab name="handler.go" %}} - ```go -{{% include file="code\homepage\go\handler\handler.go" %}} -``` +// homepage/go/handler/handler.go + +ackage main + +import ( + "github.com/aws/aws-lambda-go/events" + "github.com/aws/aws-lambda-go/lambda" +) + +// handler is a simple function that takes a string and does a ToUpper. +func handler(request events.APIGatewayProxyRequest) (events.APIGatewayProxyResponse, error) { + return events.APIGatewayProxyResponse{ + StatusCode: 200, + Headers: map[string]string{ + "Content-Type": "text/html", + }, + Body: "", + }, nil +} + +func main() { + lambda.Start(handler) +} +``` {{% /tab %}} {{% tab name="lambda_util.go" %}} - ```go -{{% include file="code\homepage\go\lambda_util.go" %}} -``` +// homepage/go/lambda_util.go + +ackage main + +import ( + "archive/zip" + "encoding/json" + "io" + "os" + "path/filepath" + + "github.com/gabriel-vasile/mimetype" + "github.com/pulumi/pulumi-aws/sdk/v4/go/aws/iam" + "github.com/pulumi/pulumi-aws/sdk/v4/go/aws/s3" + "github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda" + "github.com/pulumi/pulumi/sdk/v3/go/pulumi" +) + +func zipSource(source, target string) error { + // 1. Create a ZIP file and zip.Writer + f, err := os.Create(target) + if err != nil { + return err + } + defer f.Close() + + writer := zip.NewWriter(f) + defer writer.Close() + + // 2. Go through all the files of the source + return filepath.Walk(source, func(path string, info os.FileInfo, err error) error { + if err != nil { + return err + } + + // 3. Create a local file header + header, err := zip.FileInfoHeader(info) + if err != nil { + return err + } + + // set compression + header.Method = zip.Deflate + + // 4. Set relative path of a file as the header name + header.Name, err = filepath.Rel(filepath.Dir(source), path) + if err != nil { + return err + } + if info.IsDir() { + header.Name += "/" + } + + // 5. Create writer for the file header and save content of the file + headerWriter, err := writer.CreateHeader(header) + if err != nil { + return err + } + + if info.IsDir() { + return nil + } + + f, err := os.Open(path) + if err != nil { + return err + } + defer f.Close() + + _, err = io.Copy(headerWriter, f) + return err + }) +} + +func CreateLambdaRole(ctx *pulumi.Context) (*iam.Role, error) { + tmpJSON0, err := json.Marshal(map[string]interface{}{ + "Version": "2012-10-17", + "Statement": []map[string]interface{}{ + map[string]interface{}{ + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Sid": "", + "Principal": map[string]interface{}{ + "Service": "lambda.amazonaws.com", + }, + }, + }, + }) + if err != nil { + return nil, err + } + json0 := string(tmpJSON0) + lambdaRole, err := iam.NewRole(ctx, "lambdaRole", &iam.RoleArgs{ + AssumeRolePolicy: pulumi.String(json0), + }) + if err != nil { + return nil, err + } + _, err = iam.NewRolePolicyAttachment(ctx, "lambdaRoleAttach", &iam.RolePolicyAttachmentArgs{ + Role: lambdaRole.Name, + PolicyArn: iam.ManagedPolicyIAMReadOnlyAccess, + }) + if err != nil { + return nil, err + } + return lambdaRole, nil +} + +func CreateGoLambda(ctx *pulumi.Context) (*lambda.Function, error) { + // Package lambda function. + err := zipSource("handler/handler", "handler.zip") + if err != nil { + return nil, err + } + + // Allow API Gateway to invoke Lambda functions. + role, err := CreateLambdaRole(ctx) + if err != nil { + return nil, err + } + + // Provision bucket for uploading Lambda handler. + bucket, err := s3.NewBucket(ctx, "ts-test-bucket-go", nil) + if err != nil { + return nil, err + } + + // Upload handler to S3 bucket. + mtype, err := mimetype.DetectFile("./handler.zip") + if err != nil { + return nil, err + } + obj, err := s3.NewBucketObject(ctx, "1.0.0/handler.zip", &s3.BucketObjectArgs{ + Bucket: bucket.ID(), + Source: pulumi.NewFileAsset("./handler.zip"), + ContentType: pulumi.String(mtype.String()), + }) + + // Create and return lambda function + function, err := lambda.NewFunction( + ctx, "lambdaAPIGatewayFunction", &lambda.FunctionArgs{ + S3Bucket: bucket.ID(), + S3Key: obj.Key, + Runtime: pulumi.String("go1.x"), + Handler: pulumi.String("handler"), + Role: role.Arn, + }, + nil, + ) + + lambda.NewPermission(ctx, "lambdaPermission", &lambda.PermissionArgs{ + Action: pulumi.String("lambda:InvokeFunction"), + Principal: pulumi.String("apigateway.amazonaws.com"), + Function: function, + }) + + // Enable API Gateway to invoke the Lambda + return function, err +} +``` {{% /tab %}} {{< /tabs >}} {{% button href="https://app.pulumi.com/new?template=https://github.com/MichaelStott/tech-squawks/tree/main/code/homepage/go" icon="rocket" %}}Deploy{{% /button %}} @@ -164,20 +511,19 @@ pulumi destroy -y {{< /tab >}} {{< /tabs >}} **Stack Outputs** - ``` Outputs: invoke_arn: "ServerlessExample-93b31c3" url : "https://pu00gu5pmg.execute-api.us-east-1.amazonaws.com" ``` -The exported URL will display the following image in your web browser: +The exported URL will display the following image in your web browser: ![squawk](https://cultofthepartyparrot.com/parrots/hd/revolutionparrot.gif) ### Local Development -In an effort to make these tutorials accessible to those without cloud access and minimize costs, examples are designed +In an effort to make these tutorials accessible to those without cloud access and minimize costs, examples are designed to support local execution, using technologies such as [LocalStack](https://localstack.cloud/), [Cloud Code](https://cloud.google.com/code), [Kind](https://kind.sigs.k8s.io/), etc., whenever possible. ### Study Aid diff --git a/web/content/cloud_computing/aws/canonical_requests/signing.md b/web/content/cloud_computing/aws/canonical_requests/signing.md index a353c0f..e1e4414 100644 --- a/web/content/cloud_computing/aws/canonical_requests/signing.md +++ b/web/content/cloud_computing/aws/canonical_requests/signing.md @@ -17,41 +17,35 @@ The version 4 signing process consists of the following steps and components[^2] 1. Creating the _credential scope_: This value restricts the request to the target service and region and is of the following format: `TIMESTAMP/REGION/SERVICE/SIGNING_VERSION` where the timestamp value is of form _YYYYMMDD_. 2. Generate the target string to sign: This consists of the signing algorithm used to produce the signature (AWS4-HMAC-SHA256), the Amzaon-formatted request timestamp (i.e. _YYYYMMDDHHMMSSZ_), the previously produced credential scope, and a hash of the canonical requests string, all separated by newline characters: - {{< tabs groupId="pseudo" >}} - {{% tab name="Pseudocode" %}} - +{{< tabs groupId="pseudo" >}} +{{% tab name="Pseudocode" %}} ``` signatureString = SIGNING_ALGORITHM + "\n" + -AMAZON_DATE_TIMESTAMP + "\n" + -CREDENTIAL_SCOPE + "\n" + +AMAZON_DATE_TIMESTAMP + "\n" + +CREDENTIAL_SCOPE + "\n" + SHA256(CANONICAL_REQUEST_STRING) ``` - {{% /tab %}} {{< /tabs >}} 3. Create the signature key: The _signature key_, used to sign the request string, is derived from the AWS secret key, Amazon-formatted request timestamp, region, and service. The following Pseudocode illustrates this process: - {{< tabs groupId="pseudo" >}} - {{% tab name="Pseudocode" %}} - +{{< tabs groupId="pseudo" >}} +{{% tab name="Pseudocode" %}} ``` kDate = hash("AWS4" + Key, Date) kRegion = hash(kDate, Region) kService = hash(kRegion, Service) signatureKey = hash(kService, "aws4_request") ``` - {{% /tab %}} {{< /tabs >}} 4. Sign the previously generated signature string with the signature key and encode the hexadecimal representation. - {{< tabs groupId="pseudo" >}} - {{% tab name="Pseudocode" %}} - +{{< tabs groupId="pseudo" >}} +{{% tab name="Pseudocode" %}} ``` signature = hexEncode(hash(signatureKey, signatureString)) ``` - {{% /tab %}} {{< /tabs >}} @@ -63,20 +57,110 @@ Below provides a concrete example for generating a version 4 signature from an a {{< tab name="Typescript" >}} {{< tabs >}} {{% tab name="Execution" %}} - ``` ts-node signing.ts $AWS_SECRET_KEY us-west-1 ssm "Hello World!" ``` - {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="signing.ts" %}} - ```ts -{{% include file="code\can_req\ts\signing.ts" %}} -``` +// can_req/ts/signing.ts + +import * as crypto from "crypto"; + +const SIGNING_ALGORITHM = "AWS4-HMAC-SHA256"; + +export function getTimestamps(): [string, string] { + const now = new Date(); + const year = now.getUTCFullYear(); + const month = String(now.getUTCMonth() + 1).padStart(2, "0"); + const day = String(now.getUTCDate()).padStart(2, "0"); + const hours = String(now.getUTCHours()).padStart(2, "0"); + const minutes = String(now.getUTCMinutes()).padStart(2, "0"); + const seconds = String(now.getUTCSeconds()).padStart(2, "0"); + + const amzTimestamp = `${year}${month}${day}T${hours}${minutes}${seconds}Z`; + const reqTimestamp = `${year}${month}${day}`; + return [amzTimestamp, reqTimestamp]; +} + +export function getCredentialScope( + reqTimestamp: string, + region: string, + service: string +): string { + return `${reqTimestamp}/${region}/${service}/aws4_request`; +} + +export function getStringToSign( + amzTimestamp: string, + scope: string, + message: string +): string { + return [ + SIGNING_ALGORITHM, + amzTimestamp, + scope, + computeSHA256SignatureHash(message), + ].join("\n"); +} + +export function sign(key: Buffer, message: Buffer): Buffer { + return crypto.createHmac("SHA256", key).update(message).digest(); +} + +export function signHex(key: Buffer, message: Buffer): string { + return crypto.createHmac("SHA256", key).update(message).digest("hex"); +} + +export function computeSHA256SignatureHash(input: string): string { + return crypto.createHash("SHA256").update(input).digest("hex"); +} + +export function getAWS4SignatureKey( + key: string, + reqTimestamp: string, + region: string, + service: string +): Buffer { + const kDate = sign(Buffer.from("AWS4" + key), Buffer.from(reqTimestamp)); + const kRegion = sign(kDate, Buffer.from(region)); + const kService = sign(kRegion, Buffer.from(service)); + const kSigning = sign(kService, Buffer.from("aws4_request")); + return kSigning; +} + +if (require.main === module) { + // Get user input + const secretKey = process.argv[2]; + const region = process.argv[3]; + const service = process.argv[4]; + const userInput = process.argv[5]; + + // Get the required timestamp strings + let [amzTimestamp, reqTimestamp] = getTimestamps(); + console.log("Amazon Timestamp: " + amzTimestamp); + console.log("Requset Timestamp: " + reqTimestamp); + + // Get the scope of the request (the timestamp and the target service) + const scope = getCredentialScope(reqTimestamp, region, service); + console.log("Credential Scope: " + scope); + + // Get the AWS v4 signing key + const key = getAWS4SignatureKey(secretKey, reqTimestamp, region, service); + console.log("Signing Key: " + key.toString("hex")); + + // Prepare string value to sign from user input + const stringToSign = getStringToSign(amzTimestamp, scope, userInput); + console.log("String to sign: " + JSON.stringify(stringToSign)); + + // Sign and output user string + const signature = signHex(key, Buffer.from(stringToSign)); + console.log("Signed String: " + signature); +} +``` {{% /tab %}} {{< /tabs >}} {{% button href="https://github.com/MichaelStott/tech-squawks/tree/main/code/can_req/ts" icon="code" %}}Repository{{% /button %}} @@ -85,20 +169,112 @@ ts-node signing.ts $AWS_SECRET_KEY us-west-1 ssm "Hello World!" {{< tab name="Javascript" >}} {{< tabs >}} {{% tab name="Execution" %}} - ``` node signing.js $AWS_SECRET_KEY us-west-1 ssm "Hello World!" ``` - {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="signing.js" %}} - ```js -{{% include file="code\can_req\js\signing.js" %}} -``` +// can_req/js/signing.js + +var crypto = require("crypto"); + +const SIGNING_ALGORITHM = "AWS4-HMAC-SHA256"; + +function getTimestamps() { + const now = new Date(); + const year = now.getUTCFullYear(); + const month = String(now.getUTCMonth() + 1).padStart(2, "0"); + const day = String(now.getUTCDate()).padStart(2, "0"); + const hours = String(now.getUTCHours()).padStart(2, "0"); + const minutes = String(now.getUTCMinutes()).padStart(2, "0"); + const seconds = String(now.getUTCSeconds()).padStart(2, "0"); + + const amzTimestamp = `${year}${month}${day}T${hours}${minutes}${seconds}Z`; + const reqTimestamp = `${year}${month}${day}`; + return [amzTimestamp, reqTimestamp]; +} + +function getCredentialScope(reqTimestamp, region, service) { + return `${reqTimestamp}/${region}/${service}/aws4_request`; +} + +function getStringToSign(amzTimestamp, scope, message) { + return [ + SIGNING_ALGORITHM, + amzTimestamp, + scope, + computeSHA256SignatureHash(message), + ].join("\n"); +} + +function sign(key, msg) { + return crypto + .createHmac("SHA256", key) + .update(Buffer.from(msg, "utf-8")) + .digest(); +} + +function signHex(key, msg) { + return crypto.createHmac("SHA256", key).update(msg).digest("hex"); +} + +function computeSHA256SignatureHash(input) { + return crypto + .createHash("SHA256") + .update(Buffer.from(input, "utf-8")) + .digest("hex"); +} + +function getAWS4SignatureKey(key, reqTimestamp, region, service) { + const kDate = sign(Buffer.from("AWS4" + key, "utf-8"), reqTimestamp); + const kRegion = sign(kDate, region); + const kService = sign(kRegion, service); + const kSigning = sign(kService, "aws4_request"); + return kSigning; +} + +if (require.main === module) { + // Get user input + const secretKey = process.argv[2]; + const region = process.argv[3]; + const service = process.argv[4]; + const userInput = process.argv[5]; + + // Get the required timestamp strings + [amzTimestamp, reqTimestamp] = getTimestamps(); + console.log("Amazon Timestamp: " + amzTimestamp); + console.log("Request Timestamp: " + reqTimestamp); + + // Get the scope of the request (the timestamp and the target service) + const scope = getCredentialScope(reqTimestamp, region, service); + console.log("Credential Scope: " + scope); + + // Get the AWS v4 signing key + const key = getAWS4SignatureKey(secretKey, reqTimestamp, region, service); + console.log("Signing Key: " + key.toString("hex")); + + // Prepare string value to sign from user input + const stringToSign = getStringToSign(amzTimestamp, scope, userInput); + console.log("String to sign: " + JSON.stringify(stringToSign)); + + // Sign and output user string + const signature = signHex(key, stringToSign); + console.log("Signed String: " + signature); +} + +module.exports = { + getTimestamps, + getCredentialScope, + computeSHA256SignatureHash, + getAWS4SignatureKey, + getStringToSign, + signHex, +}; +``` {{% /tab %}} {{< /tabs >}} {{% button href="https://github.com/MichaelStott/tech-squawks/tree/main/code/can_req/js" icon="code" %}}Repository{{% /button %}} @@ -107,20 +283,94 @@ node signing.js $AWS_SECRET_KEY us-west-1 ssm "Hello World!" {{< tab name="Python" >}} {{< tabs >}} {{% tab name="Execution" %}} - ``` python3 signing.py $AWS_SECRET_KEY us-west-1 ssm "Hello World!" ``` - {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="signing.py" %}} - ```py -{{% include file="code\can_req\py\signing.py" %}} -``` +# can_req/py/signing.py + +import base64, datetime, hashlib, hmac, json, sys + +SIGNING_ALGORITHM = "AWS4-HMAC-SHA256" + + +def get_timestamps() -> tuple[str, str]: + """Get strings of required timestamps for canonical requests""" + now = datetime.datetime.utcnow() + amazon_timestamp = now.strftime("%Y%m%dT%H%M%SZ") + req_timestamp = now.strftime("%Y%m%d") + return amazon_timestamp, req_timestamp + + +def get_credential_scope(req_timestamp: str, region: str, service: str) -> str: + """Define the scope of the request, which includes the target region and service""" + return "{}/{}/{}/aws4_request".format(req_timestamp, region, service) + +def sign(key: str, msg: str) -> bytes: + """Generate the HMAC-SHA256 hash of a target string using the provided secret key""" + return hmac.new(key, msg.encode("utf-8"), hashlib.sha256).digest() + + +def compute_sha256_hash(input: str) -> str: + """Create SHA256 hash of a target string""" + m = hashlib.sha256() + m.update(input.encode("utf-8")) + result = m.hexdigest() + return result + + +def get_string_to_sign(amzn_date_stamp: str, scope: str, can_req: str) -> str: + """Get string to sign from request parameters""" + return "\n".join( + [SIGNING_ALGORITHM, amzn_date_stamp, scope, compute_sha256_hash(can_req)] + ) + + +def get_aws4_signature_key( + key: str, datestamp: str, region: str, service_name: str +) -> bytes: + """Generature canonical requests signature""" + kdate = sign(("AWS4" + key).encode("utf-8"), datestamp) + kregion = sign(kdate, region) + kservice = sign(kregion, service_name) + ksigning = sign(kservice, "aws4_request") + return ksigning + + +if __name__ == "__main__": + # Get user input from command args + amazon_secret_key = sys.argv[1] + region = sys.argv[2] + service = sys.argv[3] + user_input = sys.argv[4] + + # Fetch the required timestamps + amazon_timestamp, req_timestamp = get_timestamps() + print("Amazon Timestamp: " + amazon_timestamp) + print("Request Timestamp: " + req_timestamp) + + # The scope/action permitted by the signed credentials + credential_scope = get_credential_scope(req_timestamp, region, service) + print("Credential Scope: " + credential_scope) + + # Generate and print signed string + signature_key = get_aws4_signature_key( + amazon_secret_key, req_timestamp, region, service + ) + print("Signing Key: " + base64.b64encode(signature_key).decode()) + string_to_sign = get_string_to_sign(amazon_timestamp, credential_scope, user_input) + print("String to sign: " + json.dumps(string_to_sign)) + signature = hmac.new( + signature_key, string_to_sign.encode("utf-8"), hashlib.sha256 + ).hexdigest() + print("Signed String: " + signature) + +``` {{% /tab %}} {{< /tabs >}} {{% button href="https://github.com/MichaelStott/tech-squawks/tree/main/code/can_req/py" icon="code" %}}Repository{{% /button %}} @@ -129,27 +379,109 @@ python3 signing.py $AWS_SECRET_KEY us-west-1 ssm "Hello World!" {{< tab name="Go" >}} {{< tabs >}} {{% tab name="Execution" %}} - ``` go run signing_driver.go signing.go $AWS_SECRET_KEY us-west-1 ssm "Hello World!" ``` - {{% /tab %}} {{< /tabs >}} {{< tabs >}} {{% tab name="signing.go" %}} - ```go -{{% include file="code\can_req\go\signing.go" %}} -``` +// can_req/go/signing.go + +ackage main + +import ( + hmac "crypto/hmac" + "crypto/sha256" + "encoding/json" + "fmt" + "os" + "strings" + "time" +) + +const SIGNING_ALGORITHM = "AWS4-HMAC-SHA256" + +func getTimestamps() (string, string) { + now := time.Now().UTC() + return now.Format("20060102T150405Z"), now.Format("20060102") +} + +func getCredentialScope(request_timestamp string, region string, service string) string { + return fmt.Sprintf("%s/%s/%s/aws4_request", request_timestamp, region, service) +} + +func sign(key string, message string) string { + mac := hmac.New(sha256.New, []byte(key)) + mac.Write([]byte(message)) + return string(mac.Sum(nil)) +} + +func signHex(key string, message string) string { + mac := hmac.New(sha256.New, []byte(key)) + mac.Write([]byte(message)) + return fmt.Sprintf("%x", string(mac.Sum(nil))) +} + +func computeSHA256Hash(input string) string { + hash := sha256.New() + hash.Write([]byte(input)) + return fmt.Sprintf("%x", string(hash.Sum(nil))) +} + +func getStringToSign(amazon_timestamp string, scope string, can_req string) string { + components := [...]string{SIGNING_ALGORITHM, amazon_timestamp, scope, computeSHA256Hash(can_req)} + return strings.Join(components[:], "\n") +} + +func getAWS4SignatureKey(secret_key string, request_timestamp string, region string, service string) string { + kdate := sign("AWS4"+secret_key, request_timestamp) + kregion := sign(kdate, region) + kservice := sign(kregion, service) + ksigning := sign(kservice, "aws4_request") + return ksigning +} + +func runDemo() { + // Get user input from command args + amazon_secret_key := os.Args[1] + region := os.Args[2] + service := os.Args[3] + user_input := os.Args[4] + + // Fetch the required timestamps + amazon_timestamp, request_timestamp := getTimestamps() + fmt.Printf("Amazon Timestamp: %s\n", amazon_timestamp) + fmt.Printf("Request Timestamp: %s\n", request_timestamp) + + // Get the scope/permitted API action for the signed credentials + credential_scope := getCredentialScope(request_timestamp, region, service) + fmt.Printf("Credential Scope: %s\n", credential_scope) + + // Generate and print signed string + signature_key := getAWS4SignatureKey(amazon_secret_key, request_timestamp, region, service) + fmt.Printf("Signing Key: %x\n", signature_key) + string_to_sign := getStringToSign(amazon_timestamp, credential_scope, user_input) + string_to_sign_formatted, _ := json.Marshal(string_to_sign) + fmt.Printf("String to sign: `%s`\n", string_to_sign_formatted) + signature := signHex(signature_key, string_to_sign) + fmt.Printf("Signed String: " + signature) +} +``` {{% /tab %}} {{% tab name="signing_driver.go" %}} - ```go -{{% include file="code\can_req\go\signing_driver.go" %}} -``` +// can_req/go/signing_driver.go +package main + +func main() { + runDemo() +} + +``` {{% /tab %}} {{< /tabs >}} {{% button href="https://github.com/MichaelStott/tech-squawks/tree/main/code/can_req/go" icon="code" %}}Repository{{% /button %}} @@ -158,7 +490,6 @@ go run signing_driver.go signing.go $AWS_SECRET_KEY us-west-1 ssm "Hello World!" {{< /tabs >}} **Output** - ``` Amazon Timestamp: 20230625T174754Z Requset Timestamp: 20230625 @@ -167,6 +498,7 @@ Signing Key: 843b458b4664ec9c54e42274a490b2c7cb2802cc104dcba2ad2df8fe71c008ff String to sign: "AWS4-HMAC-SHA256\n20230625T174754Z\n20230625/us-west-1/ssm/aws4_request\n7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069" Signed String: cc1a8368f317707c89b33e8f627f722819ed4d28341fef7b56720103b5d3fe79 ``` - [^1]: https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html + [^2]: https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html + \ No newline at end of file diff --git a/web/content/cloud_computing/aws/iam/access/abac.md b/web/content/cloud_computing/aws/iam/access/abac.md index a7d19b4..94a6a82 100644 --- a/web/content/cloud_computing/aws/iam/access/abac.md +++ b/web/content/cloud_computing/aws/iam/access/abac.md @@ -4,10 +4,9 @@ draft: false weight: 5 --- -To more easily manage associations between identities and policies, IAM allows you to associate the two entities together via AWS tagging. +To more easily maange associations between identities and policies, IAM allows you to associate the two entities together via AWS tagging. The following is an example policy that allows us to define a tagged policy: - ``` { "Version": "2012-10-17", @@ -27,4 +26,4 @@ The following is an example policy that allows us to define a tagged policy: } } } -``` +``` \ No newline at end of file diff --git a/web/content/cloud_computing/aws/iam/access/policies.md b/web/content/cloud_computing/aws/iam/access/policies.md index eb33b08..92168ce 100644 --- a/web/content/cloud_computing/aws/iam/access/policies.md +++ b/web/content/cloud_computing/aws/iam/access/policies.md @@ -4,11 +4,11 @@ draft: false weight: 4 --- -IAM Policies define the permissions required for performing a given action on some target resource. A permission directly correlates to an AWS API request. Policies are associated with identities and allow cloud engineers to target specific resources. +IAM Policies define the permissions required for performing a given action on some target resource. A permission directly correlates to an AWS API request. Policies are associated with identities and allow cloud engineers to target specific resources. (UGHHH) -For common use cases, AWS provides managed resources to be associated with identities (Admin roles, S3 only roles, etc.), which may help reduce the amount of custom resources that an organization needs to manage. +For common use cases, AWS provides managed resources to be assocaited with identities (Admin roles, S3 only roles, etc.), which may help reduce the amount of custom resources that an organization needs to manage. -## Permission Boundaries +## Permission Boundaries Permission boundaries define the maximum amount of permissions an identity can have. The effective permissions for an identity are the permissions that are granted by all the policies that affect the user or role, including identity-based policies, resource-based policies and permissions boundaries. @@ -18,4 +18,4 @@ IAM policies schemas may be validated using the IAM policy analyzer: ``` $ aws accessanalyzer validate-policy -``` +``` \ No newline at end of file