Skip to content

Commit c3936f9

Browse files
mwunderlmwunderl
committed
Add compute tutorials (batch 3)
1 parent 49f07d9 commit c3936f9

5 files changed

Lines changed: 131 additions & 0 deletions

File tree

tuts/160-ec2-security-groups/ec2-security-groups.sh

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
#!/bin/bash
2+
WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/sg.log") 2>&1
3+
REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION"
4+
RANDOM_ID=$(openssl rand -hex 4); SG_NAME="tut-sg-${RANDOM_ID}"
5+
VPC_ID=$(aws ec2 describe-vpcs --filters "Name=isDefault,Values=true" --query 'Vpcs[0].VpcId' --output text)
6+
handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR
7+
cleanup() { echo ""; echo "Cleaning up..."; [ -n "$SG_ID" ] && aws ec2 delete-security-group --group-id "$SG_ID" 2>/dev/null && echo " Deleted security group"; rm -rf "$WORK_DIR"; echo "Done."; }
8+
echo "Step 1: Creating security group: $SG_NAME"
9+
SG_ID=$(aws ec2 create-security-group --group-name "$SG_NAME" --description "Tutorial security group" --vpc-id "$VPC_ID" --query 'GroupId' --output text)
10+
echo " SG ID: $SG_ID"
11+
echo "Step 2: Adding inbound rules"
12+
aws ec2 authorize-security-group-ingress --group-id "$SG_ID" --protocol tcp --port 22 --cidr 10.0.0.0/8 > /dev/null
13+
aws ec2 authorize-security-group-ingress --group-id "$SG_ID" --protocol tcp --port 80 --cidr 0.0.0.0/0 > /dev/null
14+
aws ec2 authorize-security-group-ingress --group-id "$SG_ID" --protocol tcp --port 443 --cidr 0.0.0.0/0 > /dev/null
15+
echo " Added SSH (10.0.0.0/8), HTTP, HTTPS rules"
16+
echo "Step 3: Describing rules"
17+
aws ec2 describe-security-group-rules --filters "Name=group-id,Values=$SG_ID" --query 'SecurityGroupRules[?!IsEgress].{Port:FromPort,Protocol:IpProtocol,CIDR:CidrIpv4}' --output table
18+
echo "Step 4: Adding a tag"
19+
aws ec2 create-tags --resources "$SG_ID" --tags Key=Environment,Value=tutorial
20+
echo "Step 5: Listing security groups"
21+
aws ec2 describe-security-groups --group-ids "$SG_ID" --query 'SecurityGroups[0].{Name:GroupName,Id:GroupId,InboundRules:IpPermissions|length(@)}' --output table
22+
echo ""; echo "Tutorial complete."
23+
echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup

tuts/161-lambda-environment-variables/lambda-env-vars.sh

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
#!/bin/bash
2+
WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/lambda-env.log") 2>&1
3+
REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION"
4+
RANDOM_ID=$(openssl rand -hex 4); FUNC="tut-env-${RANDOM_ID}"; ROLE="lambda-env-role-${RANDOM_ID}"
5+
handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR
6+
cleanup() { echo ""; echo "Cleaning up..."; aws lambda delete-function --function-name "$FUNC" 2>/dev/null && echo " Deleted function"; aws iam detach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 2>/dev/null; aws iam delete-role --role-name "$ROLE" 2>/dev/null && echo " Deleted role"; rm -rf "$WORK_DIR"; echo "Done."; }
7+
ROLE_ARN=$(aws iam create-role --role-name "$ROLE" --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}' --query 'Role.Arn' --output text)
8+
aws iam attach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole; sleep 10
9+
echo "Step 1: Creating function with environment variables"
10+
cat > "$WORK_DIR/index.py" << 'EOF'
11+
import os
12+
def handler(event, context):
13+
return {k: os.environ.get(k, 'not set') for k in ['APP_ENV', 'DB_HOST', 'LOG_LEVEL', 'FEATURE_FLAG']}
14+
EOF
15+
(cd "$WORK_DIR" && zip func.zip index.py > /dev/null)
16+
aws lambda create-function --function-name "$FUNC" --zip-file "fileb://$WORK_DIR/func.zip" --handler index.handler --runtime python3.12 --role "$ROLE_ARN" --environment 'Variables={APP_ENV=production,DB_HOST=db.example.com,LOG_LEVEL=INFO,FEATURE_FLAG=enabled}' --architectures x86_64 > /dev/null
17+
aws lambda wait function-active-v2 --function-name "$FUNC"
18+
echo "Step 2: Invoking function"
19+
aws lambda invoke --function-name "$FUNC" --cli-binary-format raw-in-base64-out "$WORK_DIR/out.json" > /dev/null
20+
cat "$WORK_DIR/out.json" | python3 -m json.tool
21+
echo "Step 3: Updating environment variables"
22+
aws lambda update-function-configuration --function-name "$FUNC" --environment 'Variables={APP_ENV=staging,DB_HOST=staging-db.example.com,LOG_LEVEL=DEBUG,FEATURE_FLAG=disabled}' --query 'Environment.Variables' --output table > /dev/null
23+
aws lambda wait function-updated-v2 --function-name "$FUNC"
24+
echo "Step 4: Invoking with updated vars"
25+
aws lambda invoke --function-name "$FUNC" --cli-binary-format raw-in-base64-out "$WORK_DIR/out2.json" > /dev/null
26+
cat "$WORK_DIR/out2.json" | python3 -m json.tool
27+
echo ""; echo "Tutorial complete."
28+
echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup

tuts/166-lambda-aliases/lambda-aliases.sh

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
#!/bin/bash
2+
WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/alias.log") 2>&1
3+
REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION"
4+
RANDOM_ID=$(openssl rand -hex 4); FUNC="tut-alias-${RANDOM_ID}"; ROLE="lambda-alias-role-${RANDOM_ID}"
5+
handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR
6+
cleanup() { echo ""; echo "Cleaning up..."; aws lambda delete-alias --function-name "$FUNC" --name live 2>/dev/null; aws lambda delete-function --function-name "$FUNC" 2>/dev/null && echo " Deleted function"; aws iam detach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 2>/dev/null; aws iam delete-role --role-name "$ROLE" 2>/dev/null && echo " Deleted role"; rm -rf "$WORK_DIR"; echo "Done."; }
7+
ROLE_ARN=$(aws iam create-role --role-name "$ROLE" --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}' --query 'Role.Arn' --output text)
8+
aws iam attach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole; sleep 10
9+
echo "Step 1: Creating function (v1)"
10+
cat > "$WORK_DIR/v1.py" << 'EOF'
11+
def handler(event, context): return {"version": "1.0", "message": "Hello from v1"}
12+
EOF
13+
(cd "$WORK_DIR" && zip v1.zip v1.py > /dev/null)
14+
aws lambda create-function --function-name "$FUNC" --zip-file "fileb://$WORK_DIR/v1.zip" --handler v1.handler --runtime python3.12 --role "$ROLE_ARN" --architectures x86_64 > /dev/null
15+
aws lambda wait function-active-v2 --function-name "$FUNC"
16+
V1=$(aws lambda publish-version --function-name "$FUNC" --query 'Version' --output text)
17+
echo " Published version $V1"
18+
echo "Step 2: Creating alias pointing to v1"
19+
aws lambda create-alias --function-name "$FUNC" --name live --function-version "$V1" --query '{Alias:Name,Version:FunctionVersion}' --output table
20+
echo "Step 3: Deploying v2 with canary"
21+
cat > "$WORK_DIR/v2.py" << 'EOF'
22+
def handler(event, context): return {"version": "2.0", "message": "Hello from v2"}
23+
EOF
24+
(cd "$WORK_DIR" && zip v2.zip v2.py > /dev/null)
25+
aws lambda update-function-code --function-name "$FUNC" --zip-file "fileb://$WORK_DIR/v2.zip" > /dev/null
26+
aws lambda wait function-updated-v2 --function-name "$FUNC"
27+
V2=$(aws lambda publish-version --function-name "$FUNC" --query 'Version' --output text)
28+
aws lambda update-alias --function-name "$FUNC" --name live --function-version "$V2" --routing-config "{\"AdditionalVersionWeights\":{\"$V1\":0.1}}" > /dev/null
29+
echo " Alias 'live' → v2 (90%) + v1 (10%)"
30+
echo "Step 4: Invoking via alias (multiple times)"
31+
for i in $(seq 1 5); do aws lambda invoke --function-name "$FUNC" --qualifier live --cli-binary-format raw-in-base64-out "$WORK_DIR/out.json" > /dev/null; echo " $(cat $WORK_DIR/out.json)"; done
32+
echo "Step 5: Shifting all traffic to v2"
33+
aws lambda update-alias --function-name "$FUNC" --name live --function-version "$V2" --routing-config '{}' > /dev/null
34+
echo " Alias 'live' → v2 (100%)"
35+
echo ""; echo "Tutorial complete."
36+
echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup

tuts/169-ec2-key-pairs/ec2-keypairs.sh

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
#!/bin/bash
2+
WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/kp.log") 2>&1
3+
REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION"
4+
RANDOM_ID=$(openssl rand -hex 4); KEY1="tut-key-${RANDOM_ID}-rsa"; KEY2="tut-key-${RANDOM_ID}-ed25519"
5+
handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR
6+
cleanup() { echo ""; echo "Cleaning up..."; aws ec2 delete-key-pair --key-name "$KEY1" 2>/dev/null && echo " Deleted $KEY1"; aws ec2 delete-key-pair --key-name "$KEY2" 2>/dev/null && echo " Deleted $KEY2"; rm -rf "$WORK_DIR"; echo "Done."; }
7+
echo "Step 1: Creating RSA key pair"
8+
aws ec2 create-key-pair --key-name "$KEY1" --key-type rsa --query 'KeyFingerprint' --output text > /dev/null
9+
echo " Created $KEY1 (RSA)"
10+
echo "Step 2: Creating ED25519 key pair"
11+
aws ec2 create-key-pair --key-name "$KEY2" --key-type ed25519 --query 'KeyFingerprint' --output text > /dev/null
12+
echo " Created $KEY2 (ED25519)"
13+
echo "Step 3: Describing key pairs"
14+
aws ec2 describe-key-pairs --key-names "$KEY1" "$KEY2" --query 'KeyPairs[].{Name:KeyName,Type:KeyType,Fingerprint:KeyFingerprint}' --output table
15+
echo "Step 4: Listing all tutorial key pairs"
16+
aws ec2 describe-key-pairs --filters "Name=key-name,Values=tut-key-*" --query 'KeyPairs[].{Name:KeyName,Type:KeyType}' --output table
17+
echo ""; echo "Tutorial complete."
18+
echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup

tuts/170-lambda-function-urls/lambda-urls.sh

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
#!/bin/bash
2+
WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/url.log") 2>&1
3+
REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION"
4+
RANDOM_ID=$(openssl rand -hex 4); FUNC="tut-url-${RANDOM_ID}"; ROLE="lambda-url-role-${RANDOM_ID}"
5+
handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR
6+
cleanup() { echo ""; echo "Cleaning up..."; aws lambda delete-function-url-config --function-name "$FUNC" 2>/dev/null; aws lambda delete-function --function-name "$FUNC" 2>/dev/null && echo " Deleted function"; aws iam detach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 2>/dev/null; aws iam delete-role --role-name "$ROLE" 2>/dev/null && echo " Deleted role"; rm -rf "$WORK_DIR"; echo "Done."; }
7+
ROLE_ARN=$(aws iam create-role --role-name "$ROLE" --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}' --query 'Role.Arn' --output text)
8+
aws iam attach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole; sleep 10
9+
echo "Step 1: Creating function"
10+
cat > "$WORK_DIR/index.mjs" << 'EOF'
11+
export const handler = async (event) => ({statusCode: 200, body: JSON.stringify({message: "Hello from Lambda URL!", method: event.requestContext?.http?.method, path: event.rawPath})});
12+
EOF
13+
(cd "$WORK_DIR" && zip func.zip index.mjs > /dev/null)
14+
aws lambda create-function --function-name "$FUNC" --zip-file "fileb://$WORK_DIR/func.zip" --handler index.handler --runtime nodejs22.x --role "$ROLE_ARN" --architectures x86_64 > /dev/null
15+
aws lambda wait function-active-v2 --function-name "$FUNC"
16+
echo "Step 2: Creating function URL"
17+
FUNC_URL=$(aws lambda create-function-url-config --function-name "$FUNC" --auth-type NONE --query 'FunctionUrl' --output text)
18+
aws lambda add-permission --function-name "$FUNC" --statement-id url-invoke --action lambda:InvokeFunctionUrl --principal "*" --function-url-auth-type NONE > /dev/null
19+
echo " URL: $FUNC_URL"
20+
echo "Step 3: Testing the URL"
21+
sleep 2
22+
curl -s --max-time 10 "$FUNC_URL" | python3 -m json.tool
23+
echo "Step 4: Getting URL config"
24+
aws lambda get-function-url-config --function-name "$FUNC" --query '{URL:FunctionUrl,Auth:AuthType,CORS:Cors}' --output table
25+
echo ""; echo "Tutorial complete."
26+
echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup

0 commit comments

Comments
 (0)