adding reset functionality

aws/README.md

@@ -0,0 +1,56 @@
+# AWS CLI v2
+
+This bundle contains a built executable of the AWS CLI v2. Note that the AWS
+CLI v2 is in developer preview. In the future, there may be backwards
+incompatible changes introduced to the AWS CLI v2.
+
+## Installation
+
+To install the AWS CLI v2, run the `install` script:
+```
+$ sudo ./install 
+You can now run: /usr/local/bin/aws2 --version
+```
+This will install the AWS CLI v2 at `/usr/local/bin/aws2`.  Assuming
+`/usr/local/bin` is on your `PATH`, you can now run:
+```
+$ aws2 --verison
+```
+
+
+### Installing without sudo
+
+If you don't have ``sudo`` permissions or want to install the AWS
+CLI v2 only for the current user, run the `install` script with the `-b`
+and `-i` options:
+```
+$ ./install -i ~/.local/aws-cli -b ~/.local/bin
+``` 
+This will install the AWS CLI v2 in `~/.local/aws-cli` and create
+symlinks for `aws2` and `aws2_completer` in `~/.local/bin`. For more
+information about these options, run the `install` script with `-h`:
+```
+$ ./install -h
+```
+
+### Updating
+
+If you run the `install` script and there is a previously installed version
+of the AWS CLI v2, the script will error out. To update to the version included
+in this bundle, run the `install` script with `--update`:
+```
+$ sudo ./install --update
+```
+
+
+### Removing the installation
+
+To remove the AWS CLI v2, delete the its installation and symlinks:
+```
+$ sudo rm -rf /usr/local/aws-cli
+$ sudo rm /usr/local/bin/aws2
+$ sudo rm /usr/local/bin/aws2_completer
+```
+Note if you installed the AWS CLI v2 using the `-b` or `-i` options, you will
+need to remove the installation and the symlinks in the directories you
+specified.

aws/dist/awscli/customizations/wizard/wizards/configure/_main.yml

@@ -0,0 +1,146 @@
+version: "0.1"
+title: Configure the AWS CLI
+description: This wizard will create a new CLI config profile for you
+plan:
+  decide_profile_type:
+    values:
+      config_type:
+        type: prompt
+        description: "What would you like to configure"
+        choices:
+          # There's also Web Identity and SAML but we're skipping that.
+          - display: Static Credentials
+            actual_value: static_creds
+          - display: Assume Role
+            actual_value: assume_role
+          - display: Process Provider
+            actual_value: proc_provider
+          - display: Additional CLI configuration
+            actual_value: additional_config
+      profile_name:
+        type: prompt
+        description: Enter the name of the profile
+    next_step:
+      switch: config_type
+      static_creds: get_static_creds
+      assume_role: get_assume_role
+      proc_provider: get_process_provider
+      additional_config: get_extra_cli_config
+  get_static_creds:
+    values:
+      access_key_id:
+        type: prompt
+        description: Enter your Access Key Id
+      secret_key:
+        type: prompt
+        description: Enter your Secret Access Key
+    next_step: DONE
+  get_process_provider:
+    values:
+      creds_process:
+        type: prompt
+        description: Enter the credential process command
+    next_step: DONE
+  get_assume_role:
+    values:
+      existing_profiles:
+        type: sharedconfig
+        operation: ListProfiles
+      existing_roles:
+        type: apicall
+        operation: iam.ListRoles
+        params: {}
+        query: "sort_by(Roles[].{display: RoleName, actual_value: Arn}, &display)"
+      role_arn:
+        type: prompt
+        description: Select the role you want to assume
+        choices: existing_roles
+      credential_source_type:
+        type: prompt
+        description: Select your credentials source type
+        choices:
+          - display: Source Profile
+            actual_value: source_profile
+          - display: Environment Variables
+            actual_value: Environment
+          - display: Amazon EC2 Instance Metadata
+            actual_value: Ec2InstanceMetadata
+          - display: Amazon ECS Container Credentials
+            actual_value: EcsContainer
+    next_step:
+      switch: credential_source_type
+      source_profile: get_source_profile
+      Environment: DONE
+      Ec2InstanceMetadata: DONE
+      EcsContainer: DONE
+  get_source_profile:
+    values:
+      source_profile:
+        type: prompt
+        description: Select the source profile
+        choices: existing_profiles
+    next_step: DONE
+  get_extra_cli_config:
+    # TODO: Not implemented yet. I think we want a loop for this?
+    # Keep prompting for as many key/value pairs as they want.
+    values:
+      region:
+        type: prompt
+        description: "Enter the region name"
+execute:
+  # All the logic needed when the user selects assume role.
+  assume_role:
+    - type: sharedconfig
+      operation: SetValues
+      profile: "{profile_name}"
+      condition:
+        variable: config_type
+        equals: assume_role
+      params:
+        role_arn: "{role_arn}"
+    - type: sharedconfig
+      operation: SetValues
+      condition:
+        variable: credential_source_type
+        equals: source_profile
+      profile: "{profile_name}"
+      params:
+        source_profile: "{source_profile}"
+    - type: sharedconfig
+      operation: SetValues
+      condition:
+        - variable: source_profile
+          equals: null
+        - variable: config_type
+          equals: assume_role
+      profile: "{profile_name}"
+      params:
+        credential_source: "{credential_source_type}"
+  static_creds:
+    - type: sharedconfig
+      operation: SetValues
+      profile: "{profile_name}"
+      condition:
+        variable: config_type
+        equals: static_creds
+      params:
+        aws_access_key_id: "{access_key_id}"
+        aws_secret_access_key: "{secret_key}"
+  proc_provider:
+    - type: sharedconfig
+      operation: SetValues
+      profile: "{profile_name}"
+      condition:
+        variable: config_type
+        equals: proc_provider
+      params:
+        credential_process: "{creds_process}"
+  additional_config:
+    - type: sharedconfig
+      operation: SetValues
+      profile: "{profile_name}"
+      condition:
+        variable: config_type
+        equals: additional_config
+      params:
+        region: "{region}"

aws/dist/awscli/customizations/wizard/wizards/iam/new-role.yml

@@ -0,0 +1,146 @@
+version: "0.1"
+title: Create An IAM Role and Policy
+description: This wizard will create a new IAM role for you
+plan:
+  decide_role_type:
+    values:
+      # This will prompt the user using the 'description' value.
+      # The value the user enters is saved under the global variable
+      # 'name'.
+      role_type:
+        type: prompt
+        description: Select type of trusted entity
+        choices:
+          # There's also Web Identity and SAML but we're skipping that.
+          - display: AWS Service
+            actual_value: aws_service
+          - display: Another AWS Account
+            actual_value: aws_account
+    next_step:
+      switch: role_type
+      aws_service: get_role_service
+      aws_account: get_account_info
+  get_role_service:
+    values:
+      service_name:
+        type: prompt
+        description: Choose the service that will use this role
+        choices:
+          - display: Amazon EC2
+            actual_value: ec2
+          - display: AWS Lambda
+            actual_value: lambda
+      trust_policy:
+        type: template
+        value: |
+          {{
+            "Version": "2008-10-17",
+            "Statement": [
+                {{
+                    "Action": "sts:AssumeRole",
+                    "Principal": {{
+                        "Service": "{service_name}.amazonaws.com"
+                    }},
+                    "Effect": "Allow",
+                    "Sid": ""
+                }}
+            ]
+          }}
+    next_step: ask_role_permissions
+  get_account_info:
+    values:
+      account_id:
+        type: prompt
+        description: Enter the Account ID that can use this role
+      trust_policy:
+        type: template
+        value: |
+          {{
+            "Version": "2008-10-17",
+            "Statement": [
+                {{
+                    "Action": "sts:AssumeRole",
+                    "Principal": {{
+                        "AWS": "arn:aws:iam::{account_id}:root"
+                    }},
+                    "Effect": "Allow",
+                    "Sid": ""
+                    }}
+            ]
+          }}
+    next_step: ask_role_permissions
+  ask_role_permissions:
+    # The console by default asks you to pick an existing policy
+    # to attach to.  We'll just go with that behavior for now.
+    values:
+      existing_policies:
+        type: apicall
+        operation: iam.ListPolicies
+        params:
+          Scope: AWS
+        query: "sort_by(Policies[].{display: PolicyName, actual_value: Arn}, &display)"
+      policy_arn:
+        type: prompt
+        description: Choose a policy to attach to your new role
+        choices: existing_policies
+  ask_role_name:
+    values:
+      role_name:
+        type: prompt
+        description: Role name
+      role_description:
+        type: prompt
+        description: Role description
+  ask_profile_config:
+    values:
+      wants_config_profile:
+        type: prompt
+        description: Do you want to create a new CLI profile with this role?
+        choices:
+          - display: Yes
+            actual_value: yes
+          - display: No
+            actual_value: no
+    next_step:
+      switch: wants_config_profile
+      yes: get_profile_info
+      no: DONE
+  get_profile_info:
+    values:
+      new_profile_name:
+        type: prompt
+        description: Enter the name of the new profile
+      existing_profiles:
+        type: sharedconfig
+        operation: ListProfiles
+      source_profile:
+        type: prompt
+        description: Name of the source profile
+        choices: existing_profiles
+execute:
+  default:
+    - type: apicall
+      operation: iam.CreateRole
+      params:
+        RoleName: "{role_name}"
+        AssumeRolePolicyDocument: "{trust_policy}"
+        Description: "{role_description}"
+      output_var: role_arn
+      query: Role.Arn
+    - type: apicall
+      operation: iam.AttachRolePolicy
+      params:
+        RoleName: "{role_name}"
+        PolicyArn: "{policy_arn}"
+  write_config_file:
+    - type: sharedconfig
+      operation: SetValues
+      condition:
+        variable: wants_config_profile
+        equals: yes
+      profile: "{new_profile_name}"
+      params:
+        source_profile: "{source_profile}"
+        # This role_arn comes from the `output_var` in the previous
+        # executor step.
+        role_arn: "{role_arn}"