diff --git a/.gitignore b/.gitignore index 7fc36ad..e667346 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ .DS_Store resources/_gen/* -content/lab_assets/start/lab1/lambda_functions/packages/* +content/lab_assets/start/*/cfn-project/lambda_functions/packages/ docs/ taskcat_outputs/ package-lock.json diff --git a/cloud9.md b/cloud9.md new file mode 100644 index 0000000..e15ff0c --- /dev/null +++ b/cloud9.md @@ -0,0 +1,22 @@ +## setup instructions for cloud9 + +* log in to the AWS console using the link in the Event Engine dashboard +* Navigate to the Cloud9 Service and create a new environment (select m4.large instance type) +* connect to cloud9, open preferences, and disable "AWS managed temporary credentials" +under Preferences -> AWS Settings -> Credentials +* Open a terminal +* paste in linux credentials from the Event Engine dashboard +* Install taskcat: +``` +curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py +python get-pip.py --user +sudo rm /usr/bin/pip +pip install taskcat --user +``` +* get lab assets: +``` +git clone https://github.com/taskcat/workshop.git +cp -r workshop/content/lab_assets/start/* ./ +rm -rf workshop +sudo ln -s ./ /workshop +``` diff --git a/content/000_pre/00_page1.md b/content/000_pre/00_page1.md index 5d5c77f..36fd435 100644 --- a/content/000_pre/00_page1.md +++ b/content/000_pre/00_page1.md @@ -1,10 +1,10 @@ +++ -title = "Lab Enviornment" +title = "Lab Environment" chapter = false weight = 10 +++ -You will use AWS Appstream to connect to your lab environment. You will find the Appstream URL in your team dashbaord. +You will use AWS Appstream to connect to your lab environment. You will find the Appstream URL in your team dashboard. @TODO Screenshot @@ -19,6 +19,11 @@ The AWS Appstream session that you are using for this hands on lab has the follo - cfn-lint validation - CloudFormation template auto-complete and doc links from the cfn-resource-spec +## Auto save + +The IDE is configured to auto-save files when they are changed, so there is no need to +manually save files. + ## Copy paste Copy and paste should work out of the box on all browsers, in some browsers you may get @@ -32,4 +37,4 @@ blocks of text. On Mac OS the function of the Command key is swapped with that of the Control key, so to copy/paste in the appstream environment the shortcuts are control-c and control-v -respectively. \ No newline at end of file +respectively. diff --git a/content/000_pre/_index.md b/content/000_pre/_index.md index 3474d37..b506cd6 100755 --- a/content/000_pre/_index.md +++ b/content/000_pre/_index.md @@ -10,8 +10,12 @@ If you are doing this workshop as part of an AWS event, you will be provided an To login to that AWS Account, you will be given a unique **hash**, something as below: -*b76bbe879be74e988678bb4a831365f3* +*b76bbe879* To login - open a web browser, navigate to https://dashboard.eventengine.run/ and enter the **hash** to proceed. +Once logged in you will see the event Engine dashboard, for most of this lab we will be +using a preconfigured IDE streamed to your browser using AppStream. To launch the +environment, click on the **IDE** link in the **Modules** section of the dashboard. + ![fig0.1](images/fig0.1.png) diff --git a/content/050_concepts/_index.md b/content/050_concepts/_index.md index 6be3dad..b213143 100644 --- a/content/050_concepts/_index.md +++ b/content/050_concepts/_index.md @@ -7,7 +7,7 @@ weight = 50 ## What is taskcat? **taskcat** is a tool to test AWS CloudFormation templates. It deploys your AWS -CloudFormation template in multiple AWS Regions and generates a report with a pass/fail +CloudFormation templates in multiple AWS Regions and generates a report with a pass/fail grade for each region. You can specify the regions and number of Availability Zones you want to include in the test, and pass in parameter values for your AWS CloudFormation template. taskcat is implemented as a cli and a Python class that you can use in your diff --git a/content/100_lab1/_index.md b/content/100_lab1/_index.md index a2ccf4d..d8604e7 100644 --- a/content/100_lab1/_index.md +++ b/content/100_lab1/_index.md @@ -7,16 +7,22 @@ weight = 100 ## Objective -In this lab, you will learn how you can use taskcat to test your cloudformation templates in an AWS region. +In this lab, you will learn how you can use taskcat to test your cloudformation +templates in an AWS region. ## What will you do? -First step to use Taskcat is to create a config file where you define various details about your CloudFormation project such as project name, Cloudformation template you want to test, AWS regions where you want to test your templates, etc. +First step to use Taskcat is to create a config file where you define various details +about your CloudFormation project such as project name, Cloudformation template you +want to test, AWS regions where you want to test your templates, etc. So, in this lab, you will: - Create a config file - Launch a test -To get started, navigate to the `lab1/cfn-project` folder in your IDE. +To get started, open the IDE by clicking in the **IDE** link in the Event Engine +dashboard. Then, in the new window, navigate to the `lab1/cfn-project` both the file +browser of the IDE, and the terminal (`cd lab1/cfn-project`). + diff --git a/content/100_lab1/children1/10_page4.md b/content/100_lab1/children1/10_page4.md index eb668a5..ef21601 100644 --- a/content/100_lab1/children1/10_page4.md +++ b/content/100_lab1/children1/10_page4.md @@ -19,7 +19,7 @@ project: name: cfn-project tests: mytest: - template: templates/lab1.template.yamls + template: templates/lab1.template.yaml ``` diff --git a/content/100_lab1/children1/10_page5.md b/content/100_lab1/children1/10_page5.md index 7c7274e..8b6d096 100644 --- a/content/100_lab1/children1/10_page5.md +++ b/content/100_lab1/children1/10_page5.md @@ -25,7 +25,7 @@ tests: mytest: template: templates/lab1.template.yaml regions: - - us-east-1 + - "us-east-1" ``` diff --git a/content/100_lab1/children1/10_page6.md b/content/100_lab1/children1/10_page6.md index 053e7ad..b16ff84 100644 --- a/content/100_lab1/children1/10_page6.md +++ b/content/100_lab1/children1/10_page6.md @@ -29,7 +29,7 @@ tests: mytest: template: templates/lab1.template.yaml regions: - - us-east-1 + - "us-east-1" parameters: S3BucketName: '$[taskcat_autobucket]' ``` diff --git a/content/100_lab1/children1/_index.md b/content/100_lab1/children1/_index.md index 9e2e2d5..b37d134 100644 --- a/content/100_lab1/children1/_index.md +++ b/content/100_lab1/children1/_index.md @@ -1,6 +1,7 @@ +++ title = "Add a (Project Level) config" chapter = false +weight = 100 +++ ## Project Config @@ -10,6 +11,8 @@ The project config file is located in the root of your project folder **\ Note: The default source and package folders can be changed by setting values in your -> project_config file. - -> Note: taskcat is able to build dependencies for your lambda so that you don't need to -> check them into source control. This can be done by providing a Dockerfile that -> contains the in the build steps in source folder. Or, for python functions, if a -> requirements.txt file is found, taskcat will package the dependencies defined in it -> into your zip. +In your terminal window, from the **lab1/cfn-project** dir, execute the following command to run a test. ``` - GenRandomLambda: - Type: AWS::Lambda::Function - Properties: - Description: Lambda creates simple random string - Handler: lambda_function.handler - Runtime: python3.7 - Role: !GetAtt 'LambdaExecutionRole.Arn' - Timeout: 300 - Code: - S3Bucket: !Ref 'S3BucketName' - S3Key: !Sub '${S3KeyPrefix}lambda_functions/packages/GenRandom/lambda.zip' +cd /workshop/lab1/cfn-project +taskcat test run ``` -If you want to run packaging step on its own you can run `taskcat package` - -This is _optional_, In the next step we will execute the taskcat test which will run -packaging prior to test execution. - - - +You should see the following output. +![fig1.1](/images/taskcat_execution.gif) diff --git a/content/100_lab1/children4/_index.md b/content/100_lab1/children4/_index.md index b198603..f233246 100644 --- a/content/100_lab1/children4/_index.md +++ b/content/100_lab1/children4/_index.md @@ -1,6 +1,7 @@ +++ title = "View test results" chapter = false +weight = 103 +++ diff --git a/content/200_lab2/20_page1.md b/content/200_lab2/20_page1.md index 4065247..b4d7354 100644 --- a/content/200_lab2/20_page1.md +++ b/content/200_lab2/20_page1.md @@ -37,7 +37,11 @@ file, in the IDE terminal type: open-taskcat-global-config ``` -* Example global config file: +The file will contain an empty **general** section when you open it. Let's add an +override to it for our LicenseToken. notice that the IDE has auto-complete, and +validation on the config file format, so if anything is invalid you will see it inline, +and in the **PROBLEMS** tab to the left of the terminal. Once you're done your config +should look like this: ```yaml general: diff --git a/content/200_lab2/20_page2.md b/content/200_lab2/20_page2.md index 18c0a41..78fd198 100644 --- a/content/200_lab2/20_page2.md +++ b/content/200_lab2/20_page2.md @@ -11,8 +11,9 @@ weight = 220 From the **cfn-project** dir run you taskcat test ``` +cd /workshop/lab2/cfn-project taskcat test run ``` -Expected output: -![fig1.1](/images/taskcat_execution.gif) +Estimated runtime (5 mins) +![fig2.2](/images/taskcat_execution2.gif) diff --git a/content/200_lab2/20_page3.md b/content/200_lab2/20_page3.md index 5e123ad..e693fe2 100644 --- a/content/200_lab2/20_page3.md +++ b/content/200_lab2/20_page3.md @@ -20,4 +20,5 @@ Notice that the value for **AvailablityZones** has been replaced with 2 az names us-east-1 region -@TODO: MORE SCREENSHOTS OF TEMPLATE OUTPUTS +![fig1.4](/images/stack_outputs.png) + diff --git a/content/200_lab2/_index.md b/content/200_lab2/_index.md index ffee9ed..c324f0f 100644 --- a/content/200_lab2/_index.md +++ b/content/200_lab2/_index.md @@ -5,7 +5,7 @@ weight = 200 +++ ## What you will do in this lab: -Using the provided clouformation template build a taskcat config that uses **psuedo-parameters** +Using the provided cloudformation template build a taskcat config that uses **psuedo-parameters** We will use override to inject a `LicenseToken` and dynamically inject `AvailiblityZone` values during testing diff --git a/content/300_lab3/30_page1.md b/content/300_lab3/30_page1.md index 7ae5cf9..ea41a5a 100644 --- a/content/300_lab3/30_page1.md +++ b/content/300_lab3/30_page1.md @@ -6,9 +6,8 @@ weight = 310 ## Add more regions -* Edit your `lab3/cfn_project/.taskcat.yml` parameters to include additional regions. - -* Example project config file: +* Edit your `lab3/cfn_project/.taskcat.yml` parameters to include additional regions. +Below is an example of what your file should look like once you're done. ``` project: @@ -17,9 +16,8 @@ tests: mytest: template: templates/lab3.template.yaml regions: - - us-east-1 - - us-east-2 - - us-west-2 + - "us-east-2" + - "us-west-2" parameters: S3BucketName: '$[taskcat_autobucket]' S3KeyPrefix: 'cfn-project/' @@ -31,28 +29,7 @@ tests: ## Test the new regions ``` +cd /workshop/lab3/cfn-project taskcat test run ``` - -## Test Results - -After the test completes you will see a new folder under `cfn-project` called **taskcat_outputs** -``` -cfn-project -├── lambda_functions -├── templates -├── .taskcat.yml -└── taskcat_outputs/index.html < - (report) - -``` - -open `taskcat_outputs/index.html` in the your web browser -![fig1.3](/images/fig_lab1.3.png) - -To see the test logs click the **View Logs** link - - -@TODO: SCREENSHOT OF A FAILURE (INDEX) - - -@TODO: SCREENSHOT OF SPECIFIC LAMBDA S3 ERROR (IN CFN LOG OUTPUT) +![fig3.1](/images/taskcat_execution3.gif) diff --git a/content/300_lab3/30_page2.md b/content/300_lab3/30_page2.md index b24fae1..76b2057 100644 --- a/content/300_lab3/30_page2.md +++ b/content/300_lab3/30_page2.md @@ -1,130 +1,28 @@ +++ -title = "Modify the template" +title = "View test results" chapter = false -weight = 320 +weight = 315 +++ +## Test Results -## Making our template multi-region -There are multiple potential strategies to deal with resources that require the content -in S3 to be in the same region as the stack. In this example we will add a resource to -the stack that copies the Lambda zip from the bucket in us-east-1 to the stack region -before creating the lambda. - -* In VSCode, edit the `cfn_project/templates/lab3.template.yaml` file. We'll be adding -the following snippet to the _Resources_ section of the template. - -```yaml - CopyZipsTemplate: - Type: AWS::CloudFormation::Stack - Properties: - TemplateURL: !Sub "https://${S3BucketName}.${AWS::Region}.amazonaws.com/${S3KeyPrefix}templates/copy-zips.template.yaml" - Parameters: - S3BucketName: !Ref S3BucketName - S3KeyPrefix: !Ref S3KeyPrefix - SourceObjects: "lambda_functions/packages/GenRandom/lambda.zip" +After the test completes you will see a new folder under `cfn-project` called **taskcat_outputs** ``` - -This child stack contains a Lambda backed custom resource that takes the SourceObjects -passed in and copies it to a new bucket in the same region as the stack. The outputs -return the name of the new bucket, that we will use in the Code property of our -**GenRandomLambda** resource. - -```yaml - GenRandomLambda: - Type: AWS::Lambda::Function - Properties: - Description: Lambda creates simple random string - Handler: lambda_function.handler - Runtime: python3.7 - Role: !GetAtt 'LambdaExecutionRole.Arn' - Timeout: 300 - Code: - S3Bucket: !GetAtt 'CopyZipsTemplate.Outputs.LambdaZipsBucket' - S3Key: !Sub '${S3KeyPrefix}lambda_functions/packages/GenRandom/lambda.zip' +cfn-project +├── lambda_functions +├── templates +├── .taskcat.yml +└── taskcat_outputs/index.html < - (report) ``` +To open `taskcat_outputs/index.html` in the AppStream browser, we've provided a simple +shortcut that can be executed from the terminal: -The full template should reflect the following: +``` +open-taskcat-report +``` -* Feel free to copy and paste! +![fig3.1](/images/failed_outputs.png) +To see the test logs click the **View Logs** link -``` -AWSTemplateFormatVersion: 2010-09-09 -Parameters: - S3BucketName: - AllowedPattern: '^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$' - ConstraintDescription: >- - Bucket name can include numbers, lowercase letters, uppercase - letters, and hyphens (-). It cannot start or end with a hyphen (-). - Description: >- - S3 bucket name for assets. Bucket name can - include numbers, lowercase letters, uppercase letters, and hyphens (-). It - cannot start or end with a hyphen (-). - Type: String - S3KeyPrefix: - AllowedPattern: '^[0-9a-zA-Z-/]*$' - ConstraintDescription: >- - Can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). - Default: 'cfn-project/' - Description: >- - S3 key prefix where assets are located should end with forward slash (/). - Type: String -Resources: - LambdaExecutionRole: - Type: AWS::IAM::Role - Properties: - AssumeRolePolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Principal: - Service: - - lambda.amazonaws.com - Action: - - sts:AssumeRole - Path: "/" - Policies: - - PolicyName: root - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - logs:* - Resource: arn:aws:logs:*:*:* - GenRandomLambda: - Type: AWS::Lambda::Function - Properties: - Description: Lambda creates simple random string - Handler: lambda_function.handler - Runtime: python3.7 - Role: !GetAtt 'LambdaExecutionRole.Arn' - Timeout: 300 - Code: - S3Bucket: !Ref 'S3BucketName' - S3Key: !Sub '${S3KeyPrefix}lambda_functions/packages/GenRandom/lambda.zip' - StringGenerator: - Type: Custom::RandomString - Properties: - ServiceToken: !GetAtt GenRandomLambda.Arn - Length: 12 - CopyZipsTemplate: - Type: AWS::CloudFormation::Stack - Properties: - TemplateURL: !Sub "https://${S3BucketName}.${AWS::Region}.amazonaws.com/${S3KeyPrefix}templates/copy-zips.template.yaml" - Parameters: - S3BucketName: !Ref S3BucketName - S3KeyPrefix: !Ref S3KeyPrefix - SourceObjects: "lambda_functions/packages/GenRandom/lambda.zip" -Outputs: - GeneratedRandomString: - Description: Generated Random String - Value: !GetAtt StringGenerator.RandomString - LicenseToken: - Description: LicenseToken passed in via overrides - Value: !Ref LicenseToken - AvailabilityZones: - Description: AvailabilityZones injected via $[taskcat_genaz_3] psuedo-parameter - Value: !Join [ ',', !Ref 'AvailabilityZones' ] -``` +![fig3.2](/images/failure_logs.png) diff --git a/content/300_lab3/30_page3.md b/content/300_lab3/30_page3.md index bafd677..05ab874 100644 --- a/content/300_lab3/30_page3.md +++ b/content/300_lab3/30_page3.md @@ -1,27 +1,124 @@ +++ -title = "Test again & verify!" +title = "Modify the template" chapter = false -weight = 330 +weight = 320 +++ -## Test Results +## Making our template multi-region +There are multiple potential strategies to deal with resources that require the content +in S3 to be in the same region as the stack. In this example we will add a resource to +the stack that copies the Lambda zip from the bucket in us-east-1 to the stack region +before creating the lambda. -After the test completes you will see a new folder under `cfn-project` called **taskcat_outputs** -``` -cfn-project -├── lambda_functions -├── templates -├── .taskcat.yml -└── taskcat_outputs/index.html < - (report) +* In VSCode, edit the **cfn_project/templates/lab3.template.yaml** file. We'll be adding +the following snippet to the _Resources_ section of the template. +```yaml + CopyZipsTemplate: + Type: AWS::CloudFormation::Stack + Properties: + TemplateURL: !Sub "https://${s3bucketname}.s3.amazonaws.com/$%7BS3KeyPrefix%7Dtemplates/copy-zips.template.yaml" + Parameters: + S3BucketName: !Ref S3BucketName + S3KeyPrefix: !Ref S3KeyPrefix + SourceObjects: "lambda_functions/packages/GenRandom/lambda.zip" ``` -To open `taskcat_outputs/index.html` in the AppStream browser, we've provided a simple -shortcut that can be executed from the terminal: +This child stack contains a Lambda backed custom resource that takes the SourceObjects +passed in and copies it to a new bucket in the same region as the stack. The outputs +return the name of the new bucket, that we will use in the Code property of our +**GenRandomLambda** resource. +```yaml + GenRandomLambda: + Type: AWS::Lambda::Function + Properties: + Description: Lambda creates simple random string + Handler: lambda_function.handler + Runtime: python3.7 + Role: !GetAtt 'LambdaExecutionRole.Arn' + Timeout: 300 + Code: + S3Bucket: !GetAtt 'CopyZipsTemplate.Outputs.LambdaZipsBucket' + S3Key: !Sub '${S3KeyPrefix}lambda_functions/packages/GenRandom/lambda.zip' ``` -open-taskcat-report -``` -To see the test logs click the **View Logs** link +The full **cfn_project/templates/lab3.template.yaml** template should reflect the +following: + +* Feel free to copy and paste! + +``` +AWSTemplateFormatVersion: 2010-09-09 +Parameters: + S3BucketName: + AllowedPattern: '^[0-9a-zA-Z]+([0-9a-zA-Z-]*[0-9a-zA-Z])*$' + ConstraintDescription: >- + Bucket name can include numbers, lowercase letters, uppercase + letters, and hyphens (-). It cannot start or end with a hyphen (-). + Description: >- + S3 bucket name for assets. Bucket name can + include numbers, lowercase letters, uppercase letters, and hyphens (-). It + cannot start or end with a hyphen (-). + Type: String + S3KeyPrefix: + AllowedPattern: '^[0-9a-zA-Z-/]*$' + ConstraintDescription: >- + Can include numbers, lowercase letters, uppercase letters, hyphens (-), and forward slash (/). + Default: 'cfn-project/' + Description: >- + S3 key prefix where assets are located should end with forward slash (/). + Type: String +Resources: + LambdaExecutionRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Principal: + Service: + - lambda.amazonaws.com + Action: + - sts:AssumeRole + Path: "/" + Policies: + - PolicyName: root + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: + - logs:* + Resource: arn:aws:logs:*:*:* + GenRandomLambda: + Type: AWS::Lambda::Function + Properties: + Description: Lambda creates simple random string + Handler: lambda_function.handler + Runtime: python3.7 + Role: !GetAtt 'LambdaExecutionRole.Arn' + Timeout: 300 + Code: + S3Bucket: !GetAtt 'CopyZipsTemplate.Outputs.LambdaZipsBucket' + S3Key: !Sub '${S3KeyPrefix}lambda_functions/packages/GenRandom/lambda.zip' + StringGenerator: + Type: Custom::RandomString + Properties: + ServiceToken: !GetAtt GenRandomLambda.Arn + Length: 12 + CopyZipsTemplate: + Type: AWS::CloudFormation::Stack + Properties: + TemplateURL: !Sub "https://${s3bucketname}.s3.amazonaws.com/$%7BS3KeyPrefix%7Dtemplates/copy-zips.template.yaml" + Parameters: + S3BucketName: !Ref S3BucketName + S3KeyPrefix: !Ref S3KeyPrefix + SourceObjects: "lambda_functions/packages/GenRandom/lambda.zip" +Outputs: + GeneratedRandomString: + Description: Generated Random String + Value: !GetAtt StringGenerator.RandomString +``` \ No newline at end of file diff --git a/content/300_lab3/30_page4.md b/content/300_lab3/30_page4.md new file mode 100644 index 0000000..0b07004 --- /dev/null +++ b/content/300_lab3/30_page4.md @@ -0,0 +1,35 @@ ++++ +title = "Test again & verify!" +chapter = false +weight = 330 ++++ + +## Run another test + +from the lab3/cfn-project folder in the terminal, run another taskcat test: + +``` +cd /workshop/lab3/cfn-project +taskcat test run +``` + +## Test Results + +After the test completes you will see a new folder under `cfn-project` called **taskcat_outputs** +``` +cfn-project +├── lambda_functions +├── templates +├── .taskcat.yml +└── taskcat_outputs/index.html < - (report) + +``` + +To open `taskcat_outputs/index.html` in the AppStream browser, we've provided a simple +shortcut that can be executed from the terminal: + +``` +open-taskcat-report +``` + +To see the test logs click the **View Logs** link diff --git a/content/400_lab4/40_page1.md b/content/400_lab4/40_page1.md index 04ea439..987a515 100644 --- a/content/400_lab4/40_page1.md +++ b/content/400_lab4/40_page1.md @@ -10,6 +10,7 @@ weight = 410 * Run **taskcat test run --no-delete** or **-n** flag to retain the CloudFormation stack ``` +cd /workshop/lab4/cfn-project taskcat test run --no-delete ``` @@ -17,9 +18,7 @@ taskcat test run --no-delete * Once the taskcat test completes, navigate to the CloudFormation console by clicking... -$TODO -add link to CloudFormation console +[CloudFormation Console](https://us-west-2.console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks?filteringText=&filteringStatus=active&viewNested=false&hideStacks=false&stackId=) -**Complete the survey** -@TODO -Add screenshort for the survey endpoint +TODO: Add screenshort for the survey endpoint +![fig4.1](/images/survey_link.png) diff --git a/content/400_lab4/40_page2.md b/content/400_lab4/40_page2.md new file mode 100644 index 0000000..6cb37ee --- /dev/null +++ b/content/400_lab4/40_page2.md @@ -0,0 +1,29 @@ ++++ +title = "Clean up tests" +chapter = false +weight = 420 ++++ + + +## List tests  + +* taskcat can list the tests that have not been cleaned up yet + +``` +taskcat test list +``` + +The output will display the test name, id and region for each active stack launched by +taskcat + +### Delete the test + +Using the id from the list command, clean up the test: + +``` +taskcat test clean +``` + +{{% notice tip %}} +You can clean up all tests in your account with `taskcat test clean ALL` +{{% /notice %}} diff --git a/content/500_lab5/10_page.md b/content/500_lab5/10_page.md index b0c8063..bdecfb6 100644 --- a/content/500_lab5/10_page.md +++ b/content/500_lab5/10_page.md @@ -9,7 +9,7 @@ dasbhoard and make a note of the following values. You will need this to create pipeline. - Your AWS Code Commit **repository Url** (https://) -- Your AWS Code Commit **repository name** - `quiz app` +- Your AWS Code Commit **repository name** - `quiz-app` ### Launch stack To create a CICD pipeline, you will use a CloudFormation template. Click the following diff --git a/content/500_lab5/1_page.md b/content/500_lab5/1_page.md index c13ae42..66343a5 100644 --- a/content/500_lab5/1_page.md +++ b/content/500_lab5/1_page.md @@ -32,7 +32,7 @@ AWS CodeCommit repository, in your AWS account. 1. Goto your development environment and in the terminal window, run the following command to make sure you are in the **lab5/cfn-project** folder - -``cd /mnt/c/Users/Public/Documents/Workshop/workshop/content/lab_assets/start/lab5/cfn-project/``. +`cd /workshop/lab5/cfn-project/`. 2. Run `git init`, to initialize the git repository in your project folder. This will automatically create and checkout the **master** branch. @@ -40,24 +40,27 @@ automatically create and checkout the **master** branch. 3. Replace **YOUR-NAME** with your name, in `git config user.name "YOUR-NAME"` and run it to configure your git username. -4. Run `git commit --allow-empty -m "root commit"`, to make an empty commit to the +4. Replace **YOUR-NAME** with your name, in `git config user.email "EMAIL@YOUR.DOMAIN"` and run +it to configure your git email address. + +5. Run `git commit --allow-empty -m "root commit"`, to make an empty commit to the master branch. Git doesn't allow to push empty branches to the remote repository. Therefore you are creating an empty commit by running this command. -5. Run `git checkout -b develop`, to make the **develop** branch as your working +6. Run `git checkout -b develop`, to make the **develop** branch as your working directory. -6. Run `git add .`, to stage all your changes. +7. Run `git add .`, to stage all your changes. -7. Run `git commit -m "Initial code"`, to commit your changes locally. +8. Run `git commit -m "Initial code"`, to commit your changes locally. -8. Go to your team's dashboard and copy **CodeCommit git URL**. Replace -**CODE-COMMIT-REPO-URL** with the URL you copied in the following command and run it. -`git remote add origin CODE-COMMIT-REPO-URL`. +8. Go to the [Event Engine dashboard](https://dashboard.eventengine.run/) and copy +**CodeCommit git URL**. Replace **CODE-COMMIT-REPO-URL** with the URL you copied in the +following command and run it. `git remote add origin CODE-COMMIT-REPO-URL`. -9. Run `git push origin --all`, to push your changes to the remote repository. When +10. Run `git push origin --all`, to push your changes to the remote repository. When prompted, enter the AWS CodeCommit git username and password, which you can get from your team's dashboard. Go to your AWS CodeCommit repository and you should see the source code in the -**develop** branch. **master** branch will be empty. \ No newline at end of file +**develop** branch. **master** branch will be empty. diff --git a/content/500_lab5/20_page.md b/content/500_lab5/20_page.md index 3c361e7..0a4a702 100644 --- a/content/500_lab5/20_page.md +++ b/content/500_lab5/20_page.md @@ -33,6 +33,11 @@ In **Build** stage, pipeline is using AWS CodeBuild to run TaskCat for your proj performs all the tests, as defined in the project configuration file. On success, it merges the source branch into the target/release branch. +{{% notice tip %}} +To view the build logs (which include taskcat outputs) click on the **Details** link in +the Build stage block. +{{% /notice %}} + ### Validate code promotion After the pipeline execution is completed successfully, you should have all the changes diff --git a/content/600_lab6/60_page1.md b/content/600_lab6/60_page1.md new file mode 100644 index 0000000..7401b62 --- /dev/null +++ b/content/600_lab6/60_page1.md @@ -0,0 +1,8 @@ ++++ +title = "Fix a broken project" +chapter = false +weight = 610 ++++ + +This project has issues, fix them all to get a taskcat run to pass. Project files are in +`/workshop/lab6/broken-project`. \ No newline at end of file diff --git a/content/600_lab6/60_page2.md b/content/600_lab6/60_page2.md new file mode 100644 index 0000000..d85c161 --- /dev/null +++ b/content/600_lab6/60_page2.md @@ -0,0 +1,20 @@ ++++ +title = "Build a project from scratch" +chapter = false +weight = 620 ++++ + +Write a template that creates a vpc with a private subnet and deploys an ec2 instance +into it. This lab will give you insight into the cfn-lint IDE integration, which eases +authoring templates. It also gives you an opportunity to build a taskcat config from +scratch. + +Template should have the following: + +* Allow users to provide the subnet CIDR block and AZ name via Parameters. +* Pass taskcat tests in *us-east-1*, *us-west-2* and *eu-west-1* + +{{% notice tip %}} +To ensure your stack deploys as quickly as possible, define as few vpc resources as +possible, NAT gateways in particular can add a few minutes to a vpc deployment +{{% /notice %}} diff --git a/content/600_lab6/60_page3.md b/content/600_lab6/60_page3.md new file mode 100644 index 0000000..acc62bc --- /dev/null +++ b/content/600_lab6/60_page3.md @@ -0,0 +1,8 @@ ++++ +title = "Hack the quiz app" +chapter = false +weight = 630 ++++ + +The quiz app has several weaknesses that could be exploited to ensure that you win the +custom stickers. diff --git a/content/600_lab6/_index.md b/content/600_lab6/_index.md index f6faaf6..cf4a7da 100644 --- a/content/600_lab6/_index.md +++ b/content/600_lab6/_index.md @@ -4,4 +4,8 @@ chapter = false weight = 600 +++ -### Bonus +### Bonus Labs + +this section contains additional labs that can be completed if you've got extra time. +Each section is standalone, so you can choose whichever interests you, and there's no +need to complete them in order. diff --git a/content/_index.md b/content/_index.md index 42e4a59..40e09d1 100755 --- a/content/_index.md +++ b/content/_index.md @@ -9,7 +9,7 @@ weight: 1 Whether authoring an [AWS Quick Start](https://aws.amazon.com/quickstart/) or building an AWS Marketplace template to deploy your product on AWS, having confidence that your AWS CloudFormation templates are the best possible quality is key to wowing your customers. Learn to develop templates that -are reliable, follow best practices, and portable across regions. In this workshop, we cover +are reliable, follow best practices, and are portable across regions. In this workshop, we cover AWS CloudFormation best practices, tips on authoring AAA templates, and hands-on building of a CI/CD pipeline to validate templates before they are published. diff --git a/content/lab_assets/start/lab1/cfn-project/templates/lab1.template.yaml b/content/lab_assets/start/lab1/cfn-project/templates/lab1.template.yaml index bcc6340..8affe4c 100644 --- a/content/lab_assets/start/lab1/cfn-project/templates/lab1.template.yaml +++ b/content/lab_assets/start/lab1/cfn-project/templates/lab1.template.yaml @@ -32,15 +32,8 @@ Resources: Action: - sts:AssumeRole Path: "/" - Policies: - - PolicyName: root - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - logs:* - Resource: arn:aws:logs:*:*:* + ManagedPolicyArns: + - "arn:aws:iam::aws:policy/AWSLambdaExecute" GenRandomLambda: Type: AWS::Lambda::Function Properties: @@ -53,6 +46,7 @@ Resources: S3Bucket: !Ref 'S3BucketName' S3Key: !Sub '${S3KeyPrefix}lambda_functions/packages/GenRandom/lambda.zip' StringGenerator: + DeletionPolicy: Retain Type: AWS::CloudFormation::CustomResource Properties: ServiceToken: !GetAtt GenRandomLambda.Arn diff --git a/content/lab_assets/start/lab2/cfn-project/templates/lab2.template.yaml b/content/lab_assets/start/lab2/cfn-project/templates/lab2.template.yaml index 23d459b..1c5222d 100644 --- a/content/lab_assets/start/lab2/cfn-project/templates/lab2.template.yaml +++ b/content/lab_assets/start/lab2/cfn-project/templates/lab2.template.yaml @@ -39,15 +39,8 @@ Resources: Action: - sts:AssumeRole Path: "/" - Policies: - - PolicyName: root - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - logs:* - Resource: arn:aws:logs:*:*:* + ManagedPolicyArns: + - "arn:aws:iam::aws:policy/AWSLambdaExecute" GenRandomLambda: Type: AWS::Lambda::Function Properties: @@ -60,6 +53,7 @@ Resources: S3Bucket: !Ref 'S3BucketName' S3Key: !Sub '${S3KeyPrefix}lambda_functions/packages/GenRandom/lambda.zip' StringGenerator: + DeletionPolicy: Retain Type: AWS::CloudFormation::CustomResource Properties: ServiceToken: !GetAtt GenRandomLambda.Arn diff --git a/content/lab_assets/start/lab3/cfn-project/templates/copy-zips.template.yaml b/content/lab_assets/start/lab3/cfn-project/templates/copy-zips.template.yaml index 504cd8a..c42171c 100644 --- a/content/lab_assets/start/lab3/cfn-project/templates/copy-zips.template.yaml +++ b/content/lab_assets/start/lab3/cfn-project/templates/copy-zips.template.yaml @@ -36,15 +36,13 @@ Resources: Principal: Service: lambda.amazonaws.com Action: sts:AssumeRole + ManagedPolicyArns: + - "arn:aws:iam::aws:policy/AWSLambdaExecute" Policies: - PolicyName: ConfigPolicy PolicyDocument: Version: 2012-10-17 Statement: - - Sid: Logging - Effect: Allow - Action: logs:* - Resource: '*' - Sid: S3Get Effect: Allow Action: diff --git a/content/lab_assets/start/lab3/cfn-project/templates/lab3.template.yaml b/content/lab_assets/start/lab3/cfn-project/templates/lab3.template.yaml index e523977..0dff0ad 100644 --- a/content/lab_assets/start/lab3/cfn-project/templates/lab3.template.yaml +++ b/content/lab_assets/start/lab3/cfn-project/templates/lab3.template.yaml @@ -39,15 +39,8 @@ Resources: Action: - sts:AssumeRole Path: "/" - Policies: - - PolicyName: root - PolicyDocument: - Version: '2012-10-17' - Statement: - - Effect: Allow - Action: - - logs:* - Resource: arn:aws:logs:*:*:* + ManagedPolicyArns: + - "arn:aws:iam::aws:policy/AWSLambdaExecute" GenRandomLambda: Type: AWS::Lambda::Function Properties: @@ -60,6 +53,7 @@ Resources: S3Bucket: !Ref 'S3BucketName' S3Key: !Sub '${S3KeyPrefix}lambda_functions/packages/GenRandom/lambda.zip' StringGenerator: + DeletionPolicy: Retain Type: AWS::CloudFormation::CustomResource Properties: ServiceToken: !GetAtt GenRandomLambda.Arn diff --git a/content/lab_assets/start/lab4/cfn-project/.taskcat.yml b/content/lab_assets/start/lab4/cfn-project/.taskcat.yml index 9131cee..ea6ab0c 100644 --- a/content/lab_assets/start/lab4/cfn-project/.taskcat.yml +++ b/content/lab_assets/start/lab4/cfn-project/.taskcat.yml @@ -4,6 +4,6 @@ project: parameters: S3BucketName: "$[taskcat_autobucket]" regions: - - "us-east-2" + - "us-west-2" tests: default: {} \ No newline at end of file diff --git a/content/lab_assets/start/lab4/cfn-project/lambda_functions/source/Survey/config.yaml b/content/lab_assets/start/lab4/cfn-project/lambda_functions/source/Survey/config.yaml index 241e3a8..2abffb1 100644 --- a/content/lab_assets/start/lab4/cfn-project/lambda_functions/source/Survey/config.yaml +++ b/content/lab_assets/start/lab4/cfn-project/lambda_functions/source/Survey/config.yaml @@ -1,13 +1,37 @@ Title: taskcat workshop quiz Author: AWS Quick Start team -Image: https://a0.awsstatic.com/main/images/logos/aws_logo_smile_1200x630.png +Image: https://taskcat.github.io/workshop/images/Taskcat-logo.png Theme: 282828 Questions: Question1: Type: Radio - Label: "" + Label: "What type of cloud spans all 3 altitude ranges?" Values: - Value1: "1" - Value2: "2" - Value3: "3" - Value4: "4" + Value1: "Cirrostratus" + Value2: "Cumulonimbus" + Value3: "Nimbostratus" + Value4: "Altocumulus" + Question2: + Type: Radio + Label: "At what altitude level can you find nimbostratus clouds?" + Values: + Value1: "Low" + Value2: "Middle" + Value3: "High" + Value4: "All" + Question3: + Type: Radio + Label: 'Which Latin word means "sheet" or "layer"?' + Values: + Value1: "Nimbus" + Value2: "Cumulus" + Value3: "Cirrus" + Value4: "Stratus" + Question4: + Type: Radio + Label: 'What is the origin of the name taskcat' + Values: + Value1: "Tony, the creator, had a cat that wrote CloudFormation" + Value2: "Acronym for 'Totally Active Super Kool CAT'" + Value3: "No one knows" + Value4: "Acronym for 'Tony ASKed CAT'" diff --git a/content/lab_assets/start/lab4/cfn-project/lambda_functions/source/SurveySubmit/survey_submit.py b/content/lab_assets/start/lab4/cfn-project/lambda_functions/source/SurveySubmit/survey_submit.py index b939a93..3c3deeb 100644 --- a/content/lab_assets/start/lab4/cfn-project/lambda_functions/source/SurveySubmit/survey_submit.py +++ b/content/lab_assets/start/lab4/cfn-project/lambda_functions/source/SurveySubmit/survey_submit.py @@ -65,6 +65,6 @@ def lambda_handler(event, context): 'body': html_result, 'headers': { 'Content-Type': 'text/html', - "Refresh": "5;url=Prod/newsurvey", + "Refresh": "5;url=newsurvey", } } diff --git a/content/lab_assets/start/lab4/cfn-project/templates/copy-zips.template.yaml b/content/lab_assets/start/lab4/cfn-project/templates/copy-zips.template.yaml index 397d547..e4b354a 100644 --- a/content/lab_assets/start/lab4/cfn-project/templates/copy-zips.template.yaml +++ b/content/lab_assets/start/lab4/cfn-project/templates/copy-zips.template.yaml @@ -36,15 +36,13 @@ Resources: Principal: Service: lambda.amazonaws.com Action: sts:AssumeRole + ManagedPolicyArns: + - "arn:aws:iam::aws:policy/AWSLambdaExecute" Policies: - PolicyName: ConfigPolicy PolicyDocument: Version: 2012-10-17 Statement: - - Sid: Logging - Effect: Allow - Action: logs:* - Resource: '*' - Sid: S3Get Effect: Allow Action: diff --git a/content/lab_assets/start/lab4/cfn-project/templates/survey.template.yaml b/content/lab_assets/start/lab4/cfn-project/templates/survey.template.yaml index ad940c0..317d7ca 100644 --- a/content/lab_assets/start/lab4/cfn-project/templates/survey.template.yaml +++ b/content/lab_assets/start/lab4/cfn-project/templates/survey.template.yaml @@ -72,7 +72,7 @@ Resources: PolicyDocument: Statement: - Action: - - iam:AssumeRole + - sts:AssumeRole Resource: "*" Effect: Allow AssumeRolePolicyDocument: diff --git a/content/lab_assets/start/lab5/cfn-project/lambda_functions/source/Survey/config.yaml b/content/lab_assets/start/lab5/cfn-project/lambda_functions/source/Survey/config.yaml index 241e3a8..e165b28 100644 --- a/content/lab_assets/start/lab5/cfn-project/lambda_functions/source/Survey/config.yaml +++ b/content/lab_assets/start/lab5/cfn-project/lambda_functions/source/Survey/config.yaml @@ -1,6 +1,6 @@ Title: taskcat workshop quiz Author: AWS Quick Start team -Image: https://a0.awsstatic.com/main/images/logos/aws_logo_smile_1200x630.png +Image: https://taskcat.github.io/workshop/images/Taskcat-logo.png Theme: 282828 Questions: Question1: diff --git a/content/lab_assets/start/lab5/cfn-project/lambda_functions/source/SurveySubmit/survey_submit.py b/content/lab_assets/start/lab5/cfn-project/lambda_functions/source/SurveySubmit/survey_submit.py index b939a93..e95e9d5 100644 --- a/content/lab_assets/start/lab5/cfn-project/lambda_functions/source/SurveySubmit/survey_submit.py +++ b/content/lab_assets/start/lab5/cfn-project/lambda_functions/source/SurveySubmit/survey_submit.py @@ -1,6 +1,7 @@ from yattag import Doc import boto3 import os +from datetime import datetime def acc_id_from_arn(arn): @@ -40,7 +41,8 @@ def get_ddb_table(local_acc): def lambda_handler(event, context): account_id = acc_id_from_arn(context.invoked_function_arn) table = get_ddb_table(account_id) - item_data = {'id': str(account_id)} + timestamp = int(datetime.now().timestamp() * 1000000) + item_data = {'id': str(account_id), 'timestamp': timestamp} for param in event["queryStringParameters"]: value = event["queryStringParameters"][param] if not value: @@ -65,6 +67,6 @@ def lambda_handler(event, context): 'body': html_result, 'headers': { 'Content-Type': 'text/html', - "Refresh": "5;url=Prod/newsurvey", + "Refresh": "5;url=newsurvey", } } diff --git a/content/lab_assets/start/lab5/cfn-project/templates/survey.template.yaml b/content/lab_assets/start/lab5/cfn-project/templates/survey.template.yaml index b78b7c2..1303e65 100644 --- a/content/lab_assets/start/lab5/cfn-project/templates/survey.template.yaml +++ b/content/lab_assets/start/lab5/cfn-project/templates/survey.template.yaml @@ -2,7 +2,7 @@ AWSTemplateFormatVersion: "2010-09-09" Parameters: DynamoDbArn: Type: String - Default: "" + Default: "arn:aws:dynamodb:us-west-2:840161740319:table/tcat-workshop-quiz" S3BucketName: Type: String S3KeyPrefix: @@ -56,7 +56,7 @@ Resources: - PolicyName: SurveySubmitRolePolicy PolicyDocument: Statement: - - Action: ["iam:AssumeRole"] + - Action: ["sts:AssumeRole"] Resource: "*" Effect: Allow AssumeRolePolicyDocument: diff --git a/content/lab_assets/start/lab6/broken-project/.taskcat.yml b/content/lab_assets/start/lab6/broken-project/.taskcat.yml new file mode 100644 index 0000000..a79e54c --- /dev/null +++ b/content/lab_assets/start/lab6/broken-project/.taskcat.yml @@ -0,0 +1,15 @@ +project: + templates: + - templates/broken1.template.yaml + regions: + - us-east-1 + - us-west-2 + - eu-west-1 + parameters: + DeployBucket: true +tests: + with-bucket: {} + no-bucket: + region: us-west-2 + parameters: + DeployBucket: false diff --git a/content/lab_assets/start/lab6/broken-project/templates/broken1.template.yaml b/content/lab_assets/start/lab6/broken-project/templates/broken1.template.yaml new file mode 100644 index 0000000..d56f32f --- /dev/null +++ b/content/lab_assets/start/lab6/broken-project/templates/broken1.template.yaml @@ -0,0 +1,21 @@ +AWSTemplateFormatVersion: 2010-09-09 +Parameters: + DeplyBucket: + Type: String + AllowedValues: ["true", "false"] +Conditions: +CreateBucket: !Equals [!Ref DeplyBucket, "true"] +Resources: + S3Bucket: + Type: "AWS::S3::Bucket" + Condition: CreateBucket + Properties: {} + Param: + Type: "AWS::SSM::Parameter" + Properties: + Tier: STD + Type: S + Value: !Ref S3Bucket +Outputs: + ParamArn: + Value: !GetAtt Param.Arm diff --git a/static/images/failed_outputs.png b/static/images/failed_outputs.png new file mode 100644 index 0000000..a6c823b Binary files /dev/null and b/static/images/failed_outputs.png differ diff --git a/static/images/failure_logs.png b/static/images/failure_logs.png new file mode 100644 index 0000000..176d156 Binary files /dev/null and b/static/images/failure_logs.png differ diff --git a/static/images/fig_lab1.1.png b/static/images/fig_lab1.1.png index e9a5945..4fa4d66 100644 Binary files a/static/images/fig_lab1.1.png and b/static/images/fig_lab1.1.png differ diff --git a/static/images/fig_lab1.3.png b/static/images/fig_lab1.3.png index 41bbc07..949b1b5 100644 Binary files a/static/images/fig_lab1.3.png and b/static/images/fig_lab1.3.png differ diff --git a/static/images/fig_lab1.4.png b/static/images/fig_lab1.4.png new file mode 100644 index 0000000..3f15669 Binary files /dev/null and b/static/images/fig_lab1.4.png differ diff --git a/static/images/stack_outputs.png b/static/images/stack_outputs.png new file mode 100644 index 0000000..f8e641b Binary files /dev/null and b/static/images/stack_outputs.png differ diff --git a/static/images/survey_link.png b/static/images/survey_link.png new file mode 100644 index 0000000..95e95b3 Binary files /dev/null and b/static/images/survey_link.png differ diff --git a/static/images/taskcat_execution.gif b/static/images/taskcat_execution.gif index 70ff0c9..ad5d86e 100644 Binary files a/static/images/taskcat_execution.gif and b/static/images/taskcat_execution.gif differ diff --git a/static/images/taskcat_execution2.gif b/static/images/taskcat_execution2.gif new file mode 100644 index 0000000..01d88a3 Binary files /dev/null and b/static/images/taskcat_execution2.gif differ diff --git a/static/images/taskcat_execution3.gif b/static/images/taskcat_execution3.gif new file mode 100644 index 0000000..6de383f Binary files /dev/null and b/static/images/taskcat_execution3.gif differ