From c3936f9a7f3c00a29b2edd16584b3d02e2d34382 Mon Sep 17 00:00:00 2001 From: Michael Wunderlich Date: Tue, 14 Apr 2026 16:35:00 +0000 Subject: [PATCH 1/3] Add compute tutorials (batch 3) --- .../ec2-security-groups.sh | 23 ++++++++++++ .../lambda-env-vars.sh | 28 +++++++++++++++ tuts/166-lambda-aliases/lambda-aliases.sh | 36 +++++++++++++++++++ tuts/169-ec2-key-pairs/ec2-keypairs.sh | 18 ++++++++++ tuts/170-lambda-function-urls/lambda-urls.sh | 26 ++++++++++++++ 5 files changed, 131 insertions(+) create mode 100644 tuts/160-ec2-security-groups/ec2-security-groups.sh create mode 100644 tuts/161-lambda-environment-variables/lambda-env-vars.sh create mode 100644 tuts/166-lambda-aliases/lambda-aliases.sh create mode 100644 tuts/169-ec2-key-pairs/ec2-keypairs.sh create mode 100644 tuts/170-lambda-function-urls/lambda-urls.sh diff --git a/tuts/160-ec2-security-groups/ec2-security-groups.sh b/tuts/160-ec2-security-groups/ec2-security-groups.sh new file mode 100644 index 00000000..c8130d93 --- /dev/null +++ b/tuts/160-ec2-security-groups/ec2-security-groups.sh @@ -0,0 +1,23 @@ +#!/bin/bash +WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/sg.log") 2>&1 +REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(openssl rand -hex 4); SG_NAME="tut-sg-${RANDOM_ID}" +VPC_ID=$(aws ec2 describe-vpcs --filters "Name=isDefault,Values=true" --query 'Vpcs[0].VpcId' --output text) +handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR +cleanup() { echo ""; echo "Cleaning up..."; [ -n "$SG_ID" ] && aws ec2 delete-security-group --group-id "$SG_ID" 2>/dev/null && echo " Deleted security group"; rm -rf "$WORK_DIR"; echo "Done."; } +echo "Step 1: Creating security group: $SG_NAME" +SG_ID=$(aws ec2 create-security-group --group-name "$SG_NAME" --description "Tutorial security group" --vpc-id "$VPC_ID" --query 'GroupId' --output text) +echo " SG ID: $SG_ID" +echo "Step 2: Adding inbound rules" +aws ec2 authorize-security-group-ingress --group-id "$SG_ID" --protocol tcp --port 22 --cidr 10.0.0.0/8 > /dev/null +aws ec2 authorize-security-group-ingress --group-id "$SG_ID" --protocol tcp --port 80 --cidr 0.0.0.0/0 > /dev/null +aws ec2 authorize-security-group-ingress --group-id "$SG_ID" --protocol tcp --port 443 --cidr 0.0.0.0/0 > /dev/null +echo " Added SSH (10.0.0.0/8), HTTP, HTTPS rules" +echo "Step 3: Describing rules" +aws ec2 describe-security-group-rules --filters "Name=group-id,Values=$SG_ID" --query 'SecurityGroupRules[?!IsEgress].{Port:FromPort,Protocol:IpProtocol,CIDR:CidrIpv4}' --output table +echo "Step 4: Adding a tag" +aws ec2 create-tags --resources "$SG_ID" --tags Key=Environment,Value=tutorial +echo "Step 5: Listing security groups" +aws ec2 describe-security-groups --group-ids "$SG_ID" --query 'SecurityGroups[0].{Name:GroupName,Id:GroupId,InboundRules:IpPermissions|length(@)}' --output table +echo ""; echo "Tutorial complete." +echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup diff --git a/tuts/161-lambda-environment-variables/lambda-env-vars.sh b/tuts/161-lambda-environment-variables/lambda-env-vars.sh new file mode 100644 index 00000000..a624adf5 --- /dev/null +++ b/tuts/161-lambda-environment-variables/lambda-env-vars.sh @@ -0,0 +1,28 @@ +#!/bin/bash +WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/lambda-env.log") 2>&1 +REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(openssl rand -hex 4); FUNC="tut-env-${RANDOM_ID}"; ROLE="lambda-env-role-${RANDOM_ID}" +handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR +cleanup() { echo ""; echo "Cleaning up..."; aws lambda delete-function --function-name "$FUNC" 2>/dev/null && echo " Deleted function"; aws iam detach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 2>/dev/null; aws iam delete-role --role-name "$ROLE" 2>/dev/null && echo " Deleted role"; rm -rf "$WORK_DIR"; echo "Done."; } +ROLE_ARN=$(aws iam create-role --role-name "$ROLE" --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}' --query 'Role.Arn' --output text) +aws iam attach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole; sleep 10 +echo "Step 1: Creating function with environment variables" +cat > "$WORK_DIR/index.py" << 'EOF' +import os +def handler(event, context): + return {k: os.environ.get(k, 'not set') for k in ['APP_ENV', 'DB_HOST', 'LOG_LEVEL', 'FEATURE_FLAG']} +EOF +(cd "$WORK_DIR" && zip func.zip index.py > /dev/null) +aws lambda create-function --function-name "$FUNC" --zip-file "fileb://$WORK_DIR/func.zip" --handler index.handler --runtime python3.12 --role "$ROLE_ARN" --environment 'Variables={APP_ENV=production,DB_HOST=db.example.com,LOG_LEVEL=INFO,FEATURE_FLAG=enabled}' --architectures x86_64 > /dev/null +aws lambda wait function-active-v2 --function-name "$FUNC" +echo "Step 2: Invoking function" +aws lambda invoke --function-name "$FUNC" --cli-binary-format raw-in-base64-out "$WORK_DIR/out.json" > /dev/null +cat "$WORK_DIR/out.json" | python3 -m json.tool +echo "Step 3: Updating environment variables" +aws lambda update-function-configuration --function-name "$FUNC" --environment 'Variables={APP_ENV=staging,DB_HOST=staging-db.example.com,LOG_LEVEL=DEBUG,FEATURE_FLAG=disabled}' --query 'Environment.Variables' --output table > /dev/null +aws lambda wait function-updated-v2 --function-name "$FUNC" +echo "Step 4: Invoking with updated vars" +aws lambda invoke --function-name "$FUNC" --cli-binary-format raw-in-base64-out "$WORK_DIR/out2.json" > /dev/null +cat "$WORK_DIR/out2.json" | python3 -m json.tool +echo ""; echo "Tutorial complete." +echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup diff --git a/tuts/166-lambda-aliases/lambda-aliases.sh b/tuts/166-lambda-aliases/lambda-aliases.sh new file mode 100644 index 00000000..0791e2b4 --- /dev/null +++ b/tuts/166-lambda-aliases/lambda-aliases.sh @@ -0,0 +1,36 @@ +#!/bin/bash +WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/alias.log") 2>&1 +REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(openssl rand -hex 4); FUNC="tut-alias-${RANDOM_ID}"; ROLE="lambda-alias-role-${RANDOM_ID}" +handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR +cleanup() { echo ""; echo "Cleaning up..."; aws lambda delete-alias --function-name "$FUNC" --name live 2>/dev/null; aws lambda delete-function --function-name "$FUNC" 2>/dev/null && echo " Deleted function"; aws iam detach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 2>/dev/null; aws iam delete-role --role-name "$ROLE" 2>/dev/null && echo " Deleted role"; rm -rf "$WORK_DIR"; echo "Done."; } +ROLE_ARN=$(aws iam create-role --role-name "$ROLE" --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}' --query 'Role.Arn' --output text) +aws iam attach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole; sleep 10 +echo "Step 1: Creating function (v1)" +cat > "$WORK_DIR/v1.py" << 'EOF' +def handler(event, context): return {"version": "1.0", "message": "Hello from v1"} +EOF +(cd "$WORK_DIR" && zip v1.zip v1.py > /dev/null) +aws lambda create-function --function-name "$FUNC" --zip-file "fileb://$WORK_DIR/v1.zip" --handler v1.handler --runtime python3.12 --role "$ROLE_ARN" --architectures x86_64 > /dev/null +aws lambda wait function-active-v2 --function-name "$FUNC" +V1=$(aws lambda publish-version --function-name "$FUNC" --query 'Version' --output text) +echo " Published version $V1" +echo "Step 2: Creating alias pointing to v1" +aws lambda create-alias --function-name "$FUNC" --name live --function-version "$V1" --query '{Alias:Name,Version:FunctionVersion}' --output table +echo "Step 3: Deploying v2 with canary" +cat > "$WORK_DIR/v2.py" << 'EOF' +def handler(event, context): return {"version": "2.0", "message": "Hello from v2"} +EOF +(cd "$WORK_DIR" && zip v2.zip v2.py > /dev/null) +aws lambda update-function-code --function-name "$FUNC" --zip-file "fileb://$WORK_DIR/v2.zip" > /dev/null +aws lambda wait function-updated-v2 --function-name "$FUNC" +V2=$(aws lambda publish-version --function-name "$FUNC" --query 'Version' --output text) +aws lambda update-alias --function-name "$FUNC" --name live --function-version "$V2" --routing-config "{\"AdditionalVersionWeights\":{\"$V1\":0.1}}" > /dev/null +echo " Alias 'live' → v2 (90%) + v1 (10%)" +echo "Step 4: Invoking via alias (multiple times)" +for i in $(seq 1 5); do aws lambda invoke --function-name "$FUNC" --qualifier live --cli-binary-format raw-in-base64-out "$WORK_DIR/out.json" > /dev/null; echo " $(cat $WORK_DIR/out.json)"; done +echo "Step 5: Shifting all traffic to v2" +aws lambda update-alias --function-name "$FUNC" --name live --function-version "$V2" --routing-config '{}' > /dev/null +echo " Alias 'live' → v2 (100%)" +echo ""; echo "Tutorial complete." +echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup diff --git a/tuts/169-ec2-key-pairs/ec2-keypairs.sh b/tuts/169-ec2-key-pairs/ec2-keypairs.sh new file mode 100644 index 00000000..783ccdb7 --- /dev/null +++ b/tuts/169-ec2-key-pairs/ec2-keypairs.sh @@ -0,0 +1,18 @@ +#!/bin/bash +WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/kp.log") 2>&1 +REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(openssl rand -hex 4); KEY1="tut-key-${RANDOM_ID}-rsa"; KEY2="tut-key-${RANDOM_ID}-ed25519" +handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR +cleanup() { echo ""; echo "Cleaning up..."; aws ec2 delete-key-pair --key-name "$KEY1" 2>/dev/null && echo " Deleted $KEY1"; aws ec2 delete-key-pair --key-name "$KEY2" 2>/dev/null && echo " Deleted $KEY2"; rm -rf "$WORK_DIR"; echo "Done."; } +echo "Step 1: Creating RSA key pair" +aws ec2 create-key-pair --key-name "$KEY1" --key-type rsa --query 'KeyFingerprint' --output text > /dev/null +echo " Created $KEY1 (RSA)" +echo "Step 2: Creating ED25519 key pair" +aws ec2 create-key-pair --key-name "$KEY2" --key-type ed25519 --query 'KeyFingerprint' --output text > /dev/null +echo " Created $KEY2 (ED25519)" +echo "Step 3: Describing key pairs" +aws ec2 describe-key-pairs --key-names "$KEY1" "$KEY2" --query 'KeyPairs[].{Name:KeyName,Type:KeyType,Fingerprint:KeyFingerprint}' --output table +echo "Step 4: Listing all tutorial key pairs" +aws ec2 describe-key-pairs --filters "Name=key-name,Values=tut-key-*" --query 'KeyPairs[].{Name:KeyName,Type:KeyType}' --output table +echo ""; echo "Tutorial complete." +echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup diff --git a/tuts/170-lambda-function-urls/lambda-urls.sh b/tuts/170-lambda-function-urls/lambda-urls.sh new file mode 100644 index 00000000..8da2cd29 --- /dev/null +++ b/tuts/170-lambda-function-urls/lambda-urls.sh @@ -0,0 +1,26 @@ +#!/bin/bash +WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/url.log") 2>&1 +REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(openssl rand -hex 4); FUNC="tut-url-${RANDOM_ID}"; ROLE="lambda-url-role-${RANDOM_ID}" +handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR +cleanup() { echo ""; echo "Cleaning up..."; aws lambda delete-function-url-config --function-name "$FUNC" 2>/dev/null; aws lambda delete-function --function-name "$FUNC" 2>/dev/null && echo " Deleted function"; aws iam detach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 2>/dev/null; aws iam delete-role --role-name "$ROLE" 2>/dev/null && echo " Deleted role"; rm -rf "$WORK_DIR"; echo "Done."; } +ROLE_ARN=$(aws iam create-role --role-name "$ROLE" --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}' --query 'Role.Arn' --output text) +aws iam attach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole; sleep 10 +echo "Step 1: Creating function" +cat > "$WORK_DIR/index.mjs" << 'EOF' +export const handler = async (event) => ({statusCode: 200, body: JSON.stringify({message: "Hello from Lambda URL!", method: event.requestContext?.http?.method, path: event.rawPath})}); +EOF +(cd "$WORK_DIR" && zip func.zip index.mjs > /dev/null) +aws lambda create-function --function-name "$FUNC" --zip-file "fileb://$WORK_DIR/func.zip" --handler index.handler --runtime nodejs22.x --role "$ROLE_ARN" --architectures x86_64 > /dev/null +aws lambda wait function-active-v2 --function-name "$FUNC" +echo "Step 2: Creating function URL" +FUNC_URL=$(aws lambda create-function-url-config --function-name "$FUNC" --auth-type NONE --query 'FunctionUrl' --output text) +aws lambda add-permission --function-name "$FUNC" --statement-id url-invoke --action lambda:InvokeFunctionUrl --principal "*" --function-url-auth-type NONE > /dev/null +echo " URL: $FUNC_URL" +echo "Step 3: Testing the URL" +sleep 2 +curl -s --max-time 10 "$FUNC_URL" | python3 -m json.tool +echo "Step 4: Getting URL config" +aws lambda get-function-url-config --function-name "$FUNC" --query '{URL:FunctionUrl,Auth:AuthType,CORS:Cors}' --output table +echo ""; echo "Tutorial complete." +echo "Do you want to clean up? (y/n): "; read -r CHOICE; [[ "$CHOICE" =~ ^[Yy]$ ]] && cleanup From 8823427eaa96de7bf74cd972e3bb2e9772f31844 Mon Sep 17 00:00:00 2001 From: Michael Wunderlich Date: Tue, 21 Apr 2026 05:17:16 +0000 Subject: [PATCH 2/3] Apply technical requirements (R1, R2, R9, R10, R13) - R1: Add AWS_REGION to region fallback chain - R2: Replace openssl rand with /dev/urandom - R9: Remove Appendix/Generation details from READMEs - R10: Remove internal references - R13: Add REVISION-HISTORY.md --- tuts/160-ec2-security-groups/REVISION-HISTORY.md | 8 ++++++++ tuts/160-ec2-security-groups/ec2-security-groups.sh | 4 ++-- tuts/161-lambda-environment-variables/REVISION-HISTORY.md | 8 ++++++++ tuts/161-lambda-environment-variables/lambda-env-vars.sh | 4 ++-- tuts/166-lambda-aliases/REVISION-HISTORY.md | 8 ++++++++ tuts/166-lambda-aliases/lambda-aliases.sh | 4 ++-- tuts/169-ec2-key-pairs/REVISION-HISTORY.md | 8 ++++++++ tuts/169-ec2-key-pairs/ec2-keypairs.sh | 4 ++-- tuts/170-lambda-function-urls/REVISION-HISTORY.md | 8 ++++++++ tuts/170-lambda-function-urls/lambda-urls.sh | 4 ++-- 10 files changed, 50 insertions(+), 10 deletions(-) create mode 100644 tuts/160-ec2-security-groups/REVISION-HISTORY.md create mode 100644 tuts/161-lambda-environment-variables/REVISION-HISTORY.md create mode 100644 tuts/166-lambda-aliases/REVISION-HISTORY.md create mode 100644 tuts/169-ec2-key-pairs/REVISION-HISTORY.md create mode 100644 tuts/170-lambda-function-urls/REVISION-HISTORY.md diff --git a/tuts/160-ec2-security-groups/REVISION-HISTORY.md b/tuts/160-ec2-security-groups/REVISION-HISTORY.md new file mode 100644 index 00000000..27af4610 --- /dev/null +++ b/tuts/160-ec2-security-groups/REVISION-HISTORY.md @@ -0,0 +1,8 @@ +# Revision History: 160-ec2-security-groups + +## Shell (CLI script) + +### 2026-04-14 v1 published +- Type: functional +- Initial version + diff --git a/tuts/160-ec2-security-groups/ec2-security-groups.sh b/tuts/160-ec2-security-groups/ec2-security-groups.sh index c8130d93..784e6b3b 100644 --- a/tuts/160-ec2-security-groups/ec2-security-groups.sh +++ b/tuts/160-ec2-security-groups/ec2-security-groups.sh @@ -1,7 +1,7 @@ #!/bin/bash WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/sg.log") 2>&1 -REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" -RANDOM_ID=$(openssl rand -hex 4); SG_NAME="tut-sg-${RANDOM_ID}" +REGION=${AWS_DEFAULT_REGION:-${AWS_REGION:-$(aws configure get region 2>/dev/null))}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 8 | head -n 1); SG_NAME="tut-sg-${RANDOM_ID}" VPC_ID=$(aws ec2 describe-vpcs --filters "Name=isDefault,Values=true" --query 'Vpcs[0].VpcId' --output text) handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR cleanup() { echo ""; echo "Cleaning up..."; [ -n "$SG_ID" ] && aws ec2 delete-security-group --group-id "$SG_ID" 2>/dev/null && echo " Deleted security group"; rm -rf "$WORK_DIR"; echo "Done."; } diff --git a/tuts/161-lambda-environment-variables/REVISION-HISTORY.md b/tuts/161-lambda-environment-variables/REVISION-HISTORY.md new file mode 100644 index 00000000..e3cff6cb --- /dev/null +++ b/tuts/161-lambda-environment-variables/REVISION-HISTORY.md @@ -0,0 +1,8 @@ +# Revision History: 161-lambda-environment-variables + +## Shell (CLI script) + +### 2026-04-14 v1 published +- Type: functional +- Initial version + diff --git a/tuts/161-lambda-environment-variables/lambda-env-vars.sh b/tuts/161-lambda-environment-variables/lambda-env-vars.sh index a624adf5..59190a38 100644 --- a/tuts/161-lambda-environment-variables/lambda-env-vars.sh +++ b/tuts/161-lambda-environment-variables/lambda-env-vars.sh @@ -1,7 +1,7 @@ #!/bin/bash WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/lambda-env.log") 2>&1 -REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" -RANDOM_ID=$(openssl rand -hex 4); FUNC="tut-env-${RANDOM_ID}"; ROLE="lambda-env-role-${RANDOM_ID}" +REGION=${AWS_DEFAULT_REGION:-${AWS_REGION:-$(aws configure get region 2>/dev/null))}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 8 | head -n 1); FUNC="tut-env-${RANDOM_ID}"; ROLE="lambda-env-role-${RANDOM_ID}" handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR cleanup() { echo ""; echo "Cleaning up..."; aws lambda delete-function --function-name "$FUNC" 2>/dev/null && echo " Deleted function"; aws iam detach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 2>/dev/null; aws iam delete-role --role-name "$ROLE" 2>/dev/null && echo " Deleted role"; rm -rf "$WORK_DIR"; echo "Done."; } ROLE_ARN=$(aws iam create-role --role-name "$ROLE" --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}' --query 'Role.Arn' --output text) diff --git a/tuts/166-lambda-aliases/REVISION-HISTORY.md b/tuts/166-lambda-aliases/REVISION-HISTORY.md new file mode 100644 index 00000000..7f08ab35 --- /dev/null +++ b/tuts/166-lambda-aliases/REVISION-HISTORY.md @@ -0,0 +1,8 @@ +# Revision History: 166-lambda-aliases + +## Shell (CLI script) + +### 2026-04-14 v1 published +- Type: functional +- Initial version + diff --git a/tuts/166-lambda-aliases/lambda-aliases.sh b/tuts/166-lambda-aliases/lambda-aliases.sh index 0791e2b4..7b51e90b 100644 --- a/tuts/166-lambda-aliases/lambda-aliases.sh +++ b/tuts/166-lambda-aliases/lambda-aliases.sh @@ -1,7 +1,7 @@ #!/bin/bash WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/alias.log") 2>&1 -REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" -RANDOM_ID=$(openssl rand -hex 4); FUNC="tut-alias-${RANDOM_ID}"; ROLE="lambda-alias-role-${RANDOM_ID}" +REGION=${AWS_DEFAULT_REGION:-${AWS_REGION:-$(aws configure get region 2>/dev/null))}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 8 | head -n 1); FUNC="tut-alias-${RANDOM_ID}"; ROLE="lambda-alias-role-${RANDOM_ID}" handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR cleanup() { echo ""; echo "Cleaning up..."; aws lambda delete-alias --function-name "$FUNC" --name live 2>/dev/null; aws lambda delete-function --function-name "$FUNC" 2>/dev/null && echo " Deleted function"; aws iam detach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 2>/dev/null; aws iam delete-role --role-name "$ROLE" 2>/dev/null && echo " Deleted role"; rm -rf "$WORK_DIR"; echo "Done."; } ROLE_ARN=$(aws iam create-role --role-name "$ROLE" --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}' --query 'Role.Arn' --output text) diff --git a/tuts/169-ec2-key-pairs/REVISION-HISTORY.md b/tuts/169-ec2-key-pairs/REVISION-HISTORY.md new file mode 100644 index 00000000..480153e2 --- /dev/null +++ b/tuts/169-ec2-key-pairs/REVISION-HISTORY.md @@ -0,0 +1,8 @@ +# Revision History: 169-ec2-key-pairs + +## Shell (CLI script) + +### 2026-04-14 v1 published +- Type: functional +- Initial version + diff --git a/tuts/169-ec2-key-pairs/ec2-keypairs.sh b/tuts/169-ec2-key-pairs/ec2-keypairs.sh index 783ccdb7..cb651683 100644 --- a/tuts/169-ec2-key-pairs/ec2-keypairs.sh +++ b/tuts/169-ec2-key-pairs/ec2-keypairs.sh @@ -1,7 +1,7 @@ #!/bin/bash WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/kp.log") 2>&1 -REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" -RANDOM_ID=$(openssl rand -hex 4); KEY1="tut-key-${RANDOM_ID}-rsa"; KEY2="tut-key-${RANDOM_ID}-ed25519" +REGION=${AWS_DEFAULT_REGION:-${AWS_REGION:-$(aws configure get region 2>/dev/null))}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 8 | head -n 1); KEY1="tut-key-${RANDOM_ID}-rsa"; KEY2="tut-key-${RANDOM_ID}-ed25519" handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR cleanup() { echo ""; echo "Cleaning up..."; aws ec2 delete-key-pair --key-name "$KEY1" 2>/dev/null && echo " Deleted $KEY1"; aws ec2 delete-key-pair --key-name "$KEY2" 2>/dev/null && echo " Deleted $KEY2"; rm -rf "$WORK_DIR"; echo "Done."; } echo "Step 1: Creating RSA key pair" diff --git a/tuts/170-lambda-function-urls/REVISION-HISTORY.md b/tuts/170-lambda-function-urls/REVISION-HISTORY.md new file mode 100644 index 00000000..c190feb9 --- /dev/null +++ b/tuts/170-lambda-function-urls/REVISION-HISTORY.md @@ -0,0 +1,8 @@ +# Revision History: 170-lambda-function-urls + +## Shell (CLI script) + +### 2026-04-14 v1 published +- Type: functional +- Initial version + diff --git a/tuts/170-lambda-function-urls/lambda-urls.sh b/tuts/170-lambda-function-urls/lambda-urls.sh index 8da2cd29..2a440c18 100644 --- a/tuts/170-lambda-function-urls/lambda-urls.sh +++ b/tuts/170-lambda-function-urls/lambda-urls.sh @@ -1,7 +1,7 @@ #!/bin/bash WORK_DIR=$(mktemp -d); exec > >(tee -a "$WORK_DIR/url.log") 2>&1 -REGION=${AWS_DEFAULT_REGION:-$(aws configure get region 2>/dev/null)}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" -RANDOM_ID=$(openssl rand -hex 4); FUNC="tut-url-${RANDOM_ID}"; ROLE="lambda-url-role-${RANDOM_ID}" +REGION=${AWS_DEFAULT_REGION:-${AWS_REGION:-$(aws configure get region 2>/dev/null))}; [ -z "$REGION" ] && echo "ERROR: No region" && exit 1; export AWS_DEFAULT_REGION="$REGION"; echo "Region: $REGION" +RANDOM_ID=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 8 | head -n 1); FUNC="tut-url-${RANDOM_ID}"; ROLE="lambda-url-role-${RANDOM_ID}" handle_error() { echo "ERROR on line $1"; trap - ERR; cleanup; exit 1; }; trap 'handle_error $LINENO' ERR cleanup() { echo ""; echo "Cleaning up..."; aws lambda delete-function-url-config --function-name "$FUNC" 2>/dev/null; aws lambda delete-function --function-name "$FUNC" 2>/dev/null && echo " Deleted function"; aws iam detach-role-policy --role-name "$ROLE" --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole 2>/dev/null; aws iam delete-role --role-name "$ROLE" 2>/dev/null && echo " Deleted role"; rm -rf "$WORK_DIR"; echo "Done."; } ROLE_ARN=$(aws iam create-role --role-name "$ROLE" --assume-role-policy-document '{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":"lambda.amazonaws.com"},"Action":"sts:AssumeRole"}]}' --query 'Role.Arn' --output text) From 735f126e97cb72fd8d5ddcca86b6360c2db0339d Mon Sep 17 00:00:00 2001 From: Michael Wunderlich Date: Tue, 21 Apr 2026 05:38:00 +0000 Subject: [PATCH 3/3] Add README.md and tutorial walkthrough for script-only tutorials --- tuts/160-ec2-security-groups/README.md | 39 ++++++++++++++++++ .../ec2-security-groups.md | 31 ++++++++++++++ .../README.md | 39 ++++++++++++++++++ .../lambda-env-vars.md | 27 ++++++++++++ tuts/166-lambda-aliases/README.md | 41 +++++++++++++++++++ tuts/166-lambda-aliases/lambda-aliases.md | 31 ++++++++++++++ tuts/169-ec2-key-pairs/README.md | 37 +++++++++++++++++ tuts/169-ec2-key-pairs/ec2-keypairs.md | 27 ++++++++++++ tuts/170-lambda-function-urls/README.md | 40 ++++++++++++++++++ tuts/170-lambda-function-urls/lambda-urls.md | 27 ++++++++++++ 10 files changed, 339 insertions(+) create mode 100644 tuts/160-ec2-security-groups/README.md create mode 100644 tuts/160-ec2-security-groups/ec2-security-groups.md create mode 100644 tuts/161-lambda-environment-variables/README.md create mode 100644 tuts/161-lambda-environment-variables/lambda-env-vars.md create mode 100644 tuts/166-lambda-aliases/README.md create mode 100644 tuts/166-lambda-aliases/lambda-aliases.md create mode 100644 tuts/169-ec2-key-pairs/README.md create mode 100644 tuts/169-ec2-key-pairs/ec2-keypairs.md create mode 100644 tuts/170-lambda-function-urls/README.md create mode 100644 tuts/170-lambda-function-urls/lambda-urls.md diff --git a/tuts/160-ec2-security-groups/README.md b/tuts/160-ec2-security-groups/README.md new file mode 100644 index 00000000..5ea3bc23 --- /dev/null +++ b/tuts/160-ec2-security-groups/README.md @@ -0,0 +1,39 @@ +# Ec2 Security Groups + +An AWS CLI tutorial that demonstrates Ec2 operations. + +## Running + +```bash +bash ec2-security-groups.sh +``` + +To auto-run with cleanup: + +```bash +echo 'y' | bash ec2-security-groups.sh +``` + +## What it does + +1. Creating security group: $SG_NAME +2. Adding inbound rules +3. Describing rules +4. Adding a tag +5. Listing security groups + +## Resources created + +- Security Group +- Tags + +The script prompts you to clean up resources when it finishes. + +## Cost + +Free tier eligible for most operations. Clean up resources after use to avoid charges. + +## Related docs + +- [AWS CLI ec2 reference](https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html) + diff --git a/tuts/160-ec2-security-groups/ec2-security-groups.md b/tuts/160-ec2-security-groups/ec2-security-groups.md new file mode 100644 index 00000000..d53d0257 --- /dev/null +++ b/tuts/160-ec2-security-groups/ec2-security-groups.md @@ -0,0 +1,31 @@ +# Ec2 Security Groups + +## Prerequisites + +1. AWS CLI installed and configured (`aws configure`) +2. Appropriate IAM permissions for the AWS services used + +## Step 1: Creating security group: $SG_NAME + +The script handles this step automatically. See `ec2-security-groups.sh` for the exact CLI commands. + +## Step 2: Adding inbound rules + +The script handles this step automatically. See `ec2-security-groups.sh` for the exact CLI commands. + +## Step 3: Describing rules + +The script handles this step automatically. See `ec2-security-groups.sh` for the exact CLI commands. + +## Step 4: Adding a tag + +The script handles this step automatically. See `ec2-security-groups.sh` for the exact CLI commands. + +## Step 5: Listing security groups + +The script handles this step automatically. See `ec2-security-groups.sh` for the exact CLI commands. + +## Cleanup + +The script prompts you to clean up all created resources. If you need to clean up manually, check the script log for the resource names that were created. + diff --git a/tuts/161-lambda-environment-variables/README.md b/tuts/161-lambda-environment-variables/README.md new file mode 100644 index 00000000..a27e6707 --- /dev/null +++ b/tuts/161-lambda-environment-variables/README.md @@ -0,0 +1,39 @@ +# Lambda Env Vars + +An AWS CLI tutorial that demonstrates Iam operations. + +## Running + +```bash +bash lambda-env-vars.sh +``` + +To auto-run with cleanup: + +```bash +echo 'y' | bash lambda-env-vars.sh +``` + +## What it does + +1. Creating function with environment variables +2. Invoking function +3. Updating environment variables +4. Invoking with updated vars + +## Resources created + +- Function +- Role + +The script prompts you to clean up resources when it finishes. + +## Cost + +Free tier eligible for most operations. Clean up resources after use to avoid charges. + +## Related docs + +- [AWS CLI iam reference](https://docs.aws.amazon.com/cli/latest/reference/iam/index.html) +- [AWS CLI lambda reference](https://docs.aws.amazon.com/cli/latest/reference/lambda/index.html) + diff --git a/tuts/161-lambda-environment-variables/lambda-env-vars.md b/tuts/161-lambda-environment-variables/lambda-env-vars.md new file mode 100644 index 00000000..ae738a5f --- /dev/null +++ b/tuts/161-lambda-environment-variables/lambda-env-vars.md @@ -0,0 +1,27 @@ +# Lambda Env Vars + +## Prerequisites + +1. AWS CLI installed and configured (`aws configure`) +2. Appropriate IAM permissions for the AWS services used + +## Step 1: Creating function with environment variables + +The script handles this step automatically. See `lambda-env-vars.sh` for the exact CLI commands. + +## Step 2: Invoking function + +The script handles this step automatically. See `lambda-env-vars.sh` for the exact CLI commands. + +## Step 3: Updating environment variables + +The script handles this step automatically. See `lambda-env-vars.sh` for the exact CLI commands. + +## Step 4: Invoking with updated vars + +The script handles this step automatically. See `lambda-env-vars.sh` for the exact CLI commands. + +## Cleanup + +The script prompts you to clean up all created resources. If you need to clean up manually, check the script log for the resource names that were created. + diff --git a/tuts/166-lambda-aliases/README.md b/tuts/166-lambda-aliases/README.md new file mode 100644 index 00000000..4590f015 --- /dev/null +++ b/tuts/166-lambda-aliases/README.md @@ -0,0 +1,41 @@ +# Lambda Aliases + +An AWS CLI tutorial that demonstrates Iam operations. + +## Running + +```bash +bash lambda-aliases.sh +``` + +To auto-run with cleanup: + +```bash +echo 'y' | bash lambda-aliases.sh +``` + +## What it does + +1. Creating function (v1) +2. Creating alias pointing to v1 +3. Deploying v2 with canary +4. Invoking via alias (multiple times) +5. Shifting all traffic to v2 + +## Resources created + +- Alias +- Function +- Role + +The script prompts you to clean up resources when it finishes. + +## Cost + +Free tier eligible for most operations. Clean up resources after use to avoid charges. + +## Related docs + +- [AWS CLI iam reference](https://docs.aws.amazon.com/cli/latest/reference/iam/index.html) +- [AWS CLI lambda reference](https://docs.aws.amazon.com/cli/latest/reference/lambda/index.html) + diff --git a/tuts/166-lambda-aliases/lambda-aliases.md b/tuts/166-lambda-aliases/lambda-aliases.md new file mode 100644 index 00000000..5c0a2195 --- /dev/null +++ b/tuts/166-lambda-aliases/lambda-aliases.md @@ -0,0 +1,31 @@ +# Lambda Aliases + +## Prerequisites + +1. AWS CLI installed and configured (`aws configure`) +2. Appropriate IAM permissions for the AWS services used + +## Step 1: Creating function (v1) + +The script handles this step automatically. See `lambda-aliases.sh` for the exact CLI commands. + +## Step 2: Creating alias pointing to v1 + +The script handles this step automatically. See `lambda-aliases.sh` for the exact CLI commands. + +## Step 3: Deploying v2 with canary + +The script handles this step automatically. See `lambda-aliases.sh` for the exact CLI commands. + +## Step 4: Invoking via alias (multiple times) + +The script handles this step automatically. See `lambda-aliases.sh` for the exact CLI commands. + +## Step 5: Shifting all traffic to v2 + +The script handles this step automatically. See `lambda-aliases.sh` for the exact CLI commands. + +## Cleanup + +The script prompts you to clean up all created resources. If you need to clean up manually, check the script log for the resource names that were created. + diff --git a/tuts/169-ec2-key-pairs/README.md b/tuts/169-ec2-key-pairs/README.md new file mode 100644 index 00000000..a5017968 --- /dev/null +++ b/tuts/169-ec2-key-pairs/README.md @@ -0,0 +1,37 @@ +# Ec2 Keypairs + +An AWS CLI tutorial that demonstrates Ec2 operations. + +## Running + +```bash +bash ec2-keypairs.sh +``` + +To auto-run with cleanup: + +```bash +echo 'y' | bash ec2-keypairs.sh +``` + +## What it does + +1. Creating RSA key pair +2. Creating ED25519 key pair +3. Describing key pairs +4. Listing all tutorial key pairs + +## Resources created + +- Key Pair + +The script prompts you to clean up resources when it finishes. + +## Cost + +Free tier eligible for most operations. Clean up resources after use to avoid charges. + +## Related docs + +- [AWS CLI ec2 reference](https://docs.aws.amazon.com/cli/latest/reference/ec2/index.html) + diff --git a/tuts/169-ec2-key-pairs/ec2-keypairs.md b/tuts/169-ec2-key-pairs/ec2-keypairs.md new file mode 100644 index 00000000..c45295a9 --- /dev/null +++ b/tuts/169-ec2-key-pairs/ec2-keypairs.md @@ -0,0 +1,27 @@ +# Ec2 Keypairs + +## Prerequisites + +1. AWS CLI installed and configured (`aws configure`) +2. Appropriate IAM permissions for the AWS services used + +## Step 1: Creating RSA key pair + +The script handles this step automatically. See `ec2-keypairs.sh` for the exact CLI commands. + +## Step 2: Creating ED25519 key pair + +The script handles this step automatically. See `ec2-keypairs.sh` for the exact CLI commands. + +## Step 3: Describing key pairs + +The script handles this step automatically. See `ec2-keypairs.sh` for the exact CLI commands. + +## Step 4: Listing all tutorial key pairs + +The script handles this step automatically. See `ec2-keypairs.sh` for the exact CLI commands. + +## Cleanup + +The script prompts you to clean up all created resources. If you need to clean up manually, check the script log for the resource names that were created. + diff --git a/tuts/170-lambda-function-urls/README.md b/tuts/170-lambda-function-urls/README.md new file mode 100644 index 00000000..aa80ce3c --- /dev/null +++ b/tuts/170-lambda-function-urls/README.md @@ -0,0 +1,40 @@ +# Lambda Urls + +An AWS CLI tutorial that demonstrates Iam operations. + +## Running + +```bash +bash lambda-urls.sh +``` + +To auto-run with cleanup: + +```bash +echo 'y' | bash lambda-urls.sh +``` + +## What it does + +1. Creating function +2. Creating function URL +3. Testing the URL +4. Getting URL config + +## Resources created + +- Function +- Function Url Config +- Role + +The script prompts you to clean up resources when it finishes. + +## Cost + +Free tier eligible for most operations. Clean up resources after use to avoid charges. + +## Related docs + +- [AWS CLI iam reference](https://docs.aws.amazon.com/cli/latest/reference/iam/index.html) +- [AWS CLI lambda reference](https://docs.aws.amazon.com/cli/latest/reference/lambda/index.html) + diff --git a/tuts/170-lambda-function-urls/lambda-urls.md b/tuts/170-lambda-function-urls/lambda-urls.md new file mode 100644 index 00000000..d2aed1a0 --- /dev/null +++ b/tuts/170-lambda-function-urls/lambda-urls.md @@ -0,0 +1,27 @@ +# Lambda Urls + +## Prerequisites + +1. AWS CLI installed and configured (`aws configure`) +2. Appropriate IAM permissions for the AWS services used + +## Step 1: Creating function + +The script handles this step automatically. See `lambda-urls.sh` for the exact CLI commands. + +## Step 2: Creating function URL + +The script handles this step automatically. See `lambda-urls.sh` for the exact CLI commands. + +## Step 3: Testing the URL + +The script handles this step automatically. See `lambda-urls.sh` for the exact CLI commands. + +## Step 4: Getting URL config + +The script handles this step automatically. See `lambda-urls.sh` for the exact CLI commands. + +## Cleanup + +The script prompts you to clean up all created resources. If you need to clean up manually, check the script log for the resource names that were created. +