From 4e3e00bb30ee2f9e4ebb11adf463f4e66b94dbf4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 28 Sep 2021 11:48:58 +0200
Subject: [PATCH 1/5] chore(deps): bump codecov/codecov-action from 2.0.2 to
2.1.0 (#675)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
.github/workflows/python_build.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/python_build.yml b/.github/workflows/python_build.yml
index 26fbaeb3c4e..6dc4446ee14 100644
--- a/.github/workflows/python_build.yml
+++ b/.github/workflows/python_build.yml
@@ -37,7 +37,7 @@ jobs:
- name: Complexity baseline
run: make complexity-baseline
- name: Upload coverage to Codecov
- uses: codecov/codecov-action@v2.0.2
+ uses: codecov/codecov-action@v2.1.0
with:
file: ./coverage.xml
# flags: unittests
From 68e2c8ebdcf5c35d3deddb1b12672b594746a566 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 28 Sep 2021 09:49:34 +0000
Subject: [PATCH 2/5] chore(deps): bump boto3 from 1.18.41 to 1.18.49 (#703)
Bumps [boto3](https://github.com/boto/boto3) from 1.18.41 to 1.18.49.
Changelog
Sourced from boto3's changelog.
1.18.49
- api-change:
appintegrations: [botocore] The Amazon AppIntegrations service enables you to configure and reuse connections to external applications.
- api-change:
wisdom: [botocore] Released Amazon Connect Wisdom, a feature of Amazon Connect, which provides real-time recommendations and search functionality in general availability (GA). For more information, see https://docs.aws.amazon.com/wisdom/latest/APIReference/Welcome.html.
- api-change:
pinpoint: [botocore] Added support for journey with contact center activity
- api-change:
voice-id: [botocore] Released the Amazon Voice ID SDK, for usage with the Amazon Connect Voice ID feature released for Amazon Connect.
- api-change:
connect: [botocore] This release updates a set of APIs: CreateIntegrationAssociation, ListIntegrationAssociations, CreateUseCase, and StartOutboundVoiceContact. You can use it to create integrations with Amazon Pinpoint for the Amazon Connect Campaigns use case, Amazon Connect Voice ID, and Amazon Connect Wisdom.
- api-change:
elbv2: [botocore] Update elbv2 client to latest version
1.18.48
- api-change:
license-manager: [botocore] AWS License Manager now allows customers to get the LicenseArn in the Checkout API Response.
- api-change:
ec2: [botocore] DescribeInstances now returns Platform Details, Usage Operation, and Usage Operation Update Time.
1.18.47
- api-change:
mediaconvert: [botocore] This release adds style and positioning support for caption or subtitle burn-in from rich text sources such as TTML. This release also introduces configurable image-based trick play track generation.
- api-change:
appsync: [botocore] Documented the new OpenSearchServiceDataSourceConfig data type. Added deprecation notes to the ElasticsearchDataSourceConfig data type.
- api-change:
ssm: [botocore] Added cutoff behavior support for preventing new task invocations from starting when the maintenance window cutoff time is reached.
1.18.46
- api-change:
imagebuilder: [botocore] This feature adds support for specifying GP3 volume throughput and configuring instance metadata options for instances launched by EC2 Image Builder.
- api-change:
wafv2: [botocore] Added the regex match rule statement, for matching web requests against a single regular expression.
- api-change:
mediatailor: [botocore] This release adds support to configure logs for playback configuration.
- api-change:
lexv2-models: [botocore] Update lexv2-models client to latest version
- api-change:
iam: [botocore] Added changes to OIDC API about not using port numbers in the URL.
- api-change:
license-manager: [botocore] AWS License Manager now allows customers to change their Windows Server or SQL license types from Bring-Your-Own-License (BYOL) to License Included or vice-versa (using the customer's media).
- api-change:
mediapackage-vod: [botocore] MediaPackage VOD will now return the current processing statuses of an asset's endpoints. The status can be QUEUED, PROCESSING, PLAYABLE, or FAILED.
1.18.45
- api-change:
comprehend: [botocore] Amazon Comprehend now supports versioning of custom models, improved training with ONE_DOC_PER_FILE text documents for custom entity recognition, ability to provide specific test sets during training, and live migration to new model endpoints.
- api-change:
iot: [botocore] This release adds support for verifying, viewing and filtering AWS IoT Device Defender detect violations with four verification states.
- api-change:
ecr: [botocore] This release adds additional support for repository replication
- api-change:
ec2: [botocore] This update adds support for downloading configuration templates using new APIs (GetVpnConnectionDeviceTypes and GetVpnConnectionDeviceSampleConfiguration) and Internet Key Exchange version 2 (IKEv2) parameters for many popular CGW devices.
1.18.44
... (truncated)
Commits
5ab9194 Merge branch 'release-1.18.49'db3460e Bumping version to 1.18.496a5bac3 Add changelog entries from botocore76a599b Add support for Python 3.10 (#3009)fb82bde Merge branch 'release-1.18.48'4d4aa02 Merge branch 'release-1.18.48' into develop7f75005 Bumping version to 1.18.488feb681 Add changelog entries from botocore485029e Declare support for Python 3.9 (#2942)09041c4 Convert functional tests to pytest- Additional commits viewable in compare view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
poetry.lock | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/poetry.lock b/poetry.lock
index 22784e5754d..2205938537e 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -81,14 +81,14 @@ d = ["aiohttp (>=3.3.2)", "aiohttp-cors"]
[[package]]
name = "boto3"
-version = "1.18.41"
+version = "1.18.49"
description = "The AWS SDK for Python"
category = "main"
optional = false
python-versions = ">= 3.6"
[package.dependencies]
-botocore = ">=1.21.41,<1.22.0"
+botocore = ">=1.21.49,<1.22.0"
jmespath = ">=0.7.1,<1.0.0"
s3transfer = ">=0.5.0,<0.6.0"
@@ -97,7 +97,7 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"]
[[package]]
name = "botocore"
-version = "1.21.41"
+version = "1.21.49"
description = "Low-level, data-driven core of boto 3."
category = "main"
optional = false
@@ -361,7 +361,7 @@ python-versions = "*"
python-dateutil = ">=2.8.1"
[package.extras]
-dev = ["twine", "markdown", "flake8"]
+dev = ["twine", "markdown", "flake8", "wheel"]
[[package]]
name = "gitdb"
@@ -1074,12 +1074,12 @@ black = [
{file = "black-20.8b1.tar.gz", hash = "sha256:1c02557aa099101b9d21496f8a914e9ed2222ef70336404eeeac8edba836fbea"},
]
boto3 = [
- {file = "boto3-1.18.41-py3-none-any.whl", hash = "sha256:aaa6ba286d92fb03f27dd619220c6c1de2c010f39cac7afa72f505f073a31db1"},
- {file = "boto3-1.18.41.tar.gz", hash = "sha256:44f73009506dba227e0d421e4fc44a863d8ff315aaa47d9a7be6c549a6a88a12"},
+ {file = "boto3-1.18.49-py3-none-any.whl", hash = "sha256:1a2908d2829268f1b2355bad3a96bfdc8e41523629b5d958bcedfc35d2d232dd"},
+ {file = "boto3-1.18.49.tar.gz", hash = "sha256:e520655c9caf2f21853644d88b59b1c32bc44ccd58b20574883b25eb6256d938"},
]
botocore = [
- {file = "botocore-1.21.41-py3-none-any.whl", hash = "sha256:efad68a52ee2d939618e0fcb3da0a46dff10cb2e0e128c1e2749bbfc58953a12"},
- {file = "botocore-1.21.41.tar.gz", hash = "sha256:b877f9175843939db6fde3864ffc47611863710b85dc0336bb2433e921dc8790"},
+ {file = "botocore-1.21.49-py3-none-any.whl", hash = "sha256:eab89183f7d94cabacde79a266060bb9429249e33a39b7ba4c1b15c965095477"},
+ {file = "botocore-1.21.49.tar.gz", hash = "sha256:0161c3b64e34315928aae7fdbce49e684c9c2cfad2435cb22023b7ad87306f12"},
]
certifi = [
{file = "certifi-2020.12.5-py2.py3-none-any.whl", hash = "sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"},
@@ -1214,6 +1214,7 @@ future = [
]
ghp-import = [
{file = "ghp-import-2.0.1.tar.gz", hash = "sha256:753de2eace6e0f7d4edfb3cce5e3c3b98cd52aadb80163303d1d036bda7b4483"},
+ {file = "ghp_import-2.0.1-py3-none-any.whl", hash = "sha256:8241a8e9f8dd3c1fafe9696e6e081b57a208ef907e9939c44e7415e407ab40ea"},
]
gitdb = [
{file = "gitdb-4.0.7-py3-none-any.whl", hash = "sha256:6c4cc71933456991da20917998acbe6cf4fb41eeaab7d6d67fbc05ecd4c865b0"},
From 808ac71f1cd03494df373c7a906f94bf35a66dbf Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 Oct 2021 11:11:20 +0000
Subject: [PATCH 3/5] chore(deps): bump boto3 from 1.18.49 to 1.18.51 (#713)
Bumps [boto3](https://github.com/boto/boto3) from 1.18.49 to 1.18.51.
Changelog
Sourced from boto3's changelog.
1.18.51
- api-change:
lambda: [botocore] Adds support for Lambda functions powered by AWS Graviton2 processors. Customers can now select the CPU architecture for their functions.
- api-change:
sesv2: [botocore] This release includes the ability to use 2048 bits RSA key pairs for DKIM in SES, either with Easy DKIM or Bring Your Own DKIM.
- api-change:
amp: [botocore] This release adds alert manager and rule group namespace APIs
1.18.50
- api-change:
transfer: [botocore] Added changes for managed workflows feature APIs.
- api-change:
imagebuilder: [botocore] Fix description for AmiDistributionConfiguration Name property, which actually refers to the output AMI name. Also updated for consistent terminology to use "base" image, and another update to fix description text.
Commits
dee188a Merge branch 'release-1.18.51'f8c782a Bumping version to 1.18.51da2cc18 Add changelog entries from botocore3518cfb Merge branch 'release-1.18.50'3d202fc Merge branch 'release-1.18.50' into developac5e53c Bumping version to 1.18.50dc280fd Add changelog entries from botocoref009e3b Merge branch 'release-1.18.49' into develop- See full diff in compare view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
poetry.lock | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/poetry.lock b/poetry.lock
index 2205938537e..ae56006b9c2 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -81,14 +81,14 @@ d = ["aiohttp (>=3.3.2)", "aiohttp-cors"]
[[package]]
name = "boto3"
-version = "1.18.49"
+version = "1.18.51"
description = "The AWS SDK for Python"
category = "main"
optional = false
python-versions = ">= 3.6"
[package.dependencies]
-botocore = ">=1.21.49,<1.22.0"
+botocore = ">=1.21.51,<1.22.0"
jmespath = ">=0.7.1,<1.0.0"
s3transfer = ">=0.5.0,<0.6.0"
@@ -97,7 +97,7 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"]
[[package]]
name = "botocore"
-version = "1.21.49"
+version = "1.21.51"
description = "Low-level, data-driven core of boto 3."
category = "main"
optional = false
@@ -1074,12 +1074,12 @@ black = [
{file = "black-20.8b1.tar.gz", hash = "sha256:1c02557aa099101b9d21496f8a914e9ed2222ef70336404eeeac8edba836fbea"},
]
boto3 = [
- {file = "boto3-1.18.49-py3-none-any.whl", hash = "sha256:1a2908d2829268f1b2355bad3a96bfdc8e41523629b5d958bcedfc35d2d232dd"},
- {file = "boto3-1.18.49.tar.gz", hash = "sha256:e520655c9caf2f21853644d88b59b1c32bc44ccd58b20574883b25eb6256d938"},
+ {file = "boto3-1.18.51-py3-none-any.whl", hash = "sha256:83d6f539e0f0e0f0c532bb2b11d1e9c5055d1d806d64a61aff4f49399c294ee7"},
+ {file = "boto3-1.18.51.tar.gz", hash = "sha256:98279095b1d08ee6d8d587f2c66fda6d560ad3046e98cd140c1aa8e1ed018c70"},
]
botocore = [
- {file = "botocore-1.21.49-py3-none-any.whl", hash = "sha256:eab89183f7d94cabacde79a266060bb9429249e33a39b7ba4c1b15c965095477"},
- {file = "botocore-1.21.49.tar.gz", hash = "sha256:0161c3b64e34315928aae7fdbce49e684c9c2cfad2435cb22023b7ad87306f12"},
+ {file = "botocore-1.21.51-py3-none-any.whl", hash = "sha256:2089f9fa36a59d8c02435c49d58ccc7b3ceb9c0c054ea4f71631c3c3a1c5245e"},
+ {file = "botocore-1.21.51.tar.gz", hash = "sha256:17a10dd33334e7e3aaa4e12f66317284f96bb53267e20bc877a187c442681772"},
]
certifi = [
{file = "certifi-2020.12.5-py2.py3-none-any.whl", hash = "sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"},
From dbe45da073ae2721ee1ae1c9f62db831121dc60d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 1 Oct 2021 11:11:25 +0000
Subject: [PATCH 4/5] chore(deps-dev): bump flake8-bugbear from 21.9.1 to
21.9.2 (#712)
Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 21.9.1 to 21.9.2.
Release notes
Sourced from flake8-bugbear's releases.
21.9.2
- Fix crash on call in except statement in _to_name_str (#187)
- Update B006: list, dictionary, and set comprehensions are now also disallowed (#186)
Commits
ace91cc Update setup.py + Change Log for 21.9.2 releasefdfa3a0 Do not crash on call in except statement (#187)d4e1350 EHN: also raise B006 for list/dict/set comprehensions (#186)931d95a Remove executable flags (#188)8210776 Fix string formatting to make black --experimental-string-processing happy- See full diff in compare view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
---
poetry.lock | 8 ++++----
pyproject.toml | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/poetry.lock b/poetry.lock
index ae56006b9c2..374ef8ad735 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -244,7 +244,7 @@ toml = "*"
[[package]]
name = "flake8-bugbear"
-version = "21.9.1"
+version = "21.9.2"
description = "A plugin for flake8 finding likely bugs and design problems in your program. Contains warnings that don't belong in pyflakes and pycodestyle."
category = "dev"
optional = false
@@ -1047,7 +1047,7 @@ pydantic = ["pydantic", "email-validator"]
[metadata]
lock-version = "1.1"
python-versions = "^3.6.1"
-content-hash = "ddec4b961b63336adb798a590c98df41a874da5ee4b0e37993c3c3a0437dc839"
+content-hash = "c55d59c37d135eeba1ae059cbfe702c6167dd68645d1001bc90482dddfde8ab4"
[metadata.files]
appdirs = [
@@ -1179,8 +1179,8 @@ flake8-black = [
{file = "flake8_black-0.2.3-py3-none-any.whl", hash = "sha256:cc080ba5b3773b69ba102b6617a00cc4ecbad8914109690cfda4d565ea435d96"},
]
flake8-bugbear = [
- {file = "flake8-bugbear-21.9.1.tar.gz", hash = "sha256:2f60c8ce0dc53d51da119faab2d67dea978227f0f92ed3c44eb7d65fb2e06a96"},
- {file = "flake8_bugbear-21.9.1-py36.py37.py38-none-any.whl", hash = "sha256:45bfdccfb9f2d8aa140e33cac8f46f1e38215c13d5aa8650e7e188d84e2f94c6"},
+ {file = "flake8-bugbear-21.9.2.tar.gz", hash = "sha256:db9a09893a6c649a197f5350755100bb1dd84f110e60cf532fdfa07e41808ab2"},
+ {file = "flake8_bugbear-21.9.2-py36.py37.py38-none-any.whl", hash = "sha256:4f7eaa6f05b7d7ea4cbbde93f7bcdc5438e79320fa1ec420d860c181af38b769"},
]
flake8-builtins = [
{file = "flake8-builtins-1.5.3.tar.gz", hash = "sha256:09998853b2405e98e61d2ff3027c47033adbdc17f9fe44ca58443d876eb00f3b"},
diff --git a/pyproject.toml b/pyproject.toml
index c5197c626ab..2f2c2549d9e 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -49,7 +49,7 @@ bandit = "^1.7.0"
radon = "^5.1.0"
xenon = "^0.8.0"
flake8-eradicate = "^1.1.0"
-flake8-bugbear = "^21.9.1"
+flake8-bugbear = "^21.9.2"
mkdocs-material = "^7.3.0"
mkdocs-git-revision-date-plugin = "^0.3.1"
mike = "^0.6.0"
From 68c810e6feb7a02cd16629414c8dd7fa808983de Mon Sep 17 00:00:00 2001
From: Dani Comnea
Date: Fri, 1 Oct 2021 12:36:55 +0100
Subject: [PATCH 5/5] docs: Terraform reference for SAR Lambda Layer (#716)
Co-authored-by: heitorlessa
---
docs/index.md | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 48 insertions(+)
diff --git a/docs/index.md b/docs/index.md
index 781a96e2eb3..b79a2e7074f 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -124,6 +124,54 @@ If using SAM, you can include this SAR App as part of your shared Layers stack,
)
```
+=== "Terraform"
+
+ > Credits to [Dani Comnea](https://github.com/DanyC97) for providing the Terraform equivalent.
+
+ ```terraform hl_lines="12-13 15-20 23-25 40"
+ terraform {
+ required_version = "~> 0.13"
+ required_providers {
+ aws = "~> 3.50.0"
+ }
+ }
+
+ provider "aws" {
+ region = "us-east-1"
+ }
+
+ resource "aws_serverlessapplicationrepository_cloudformation_stack" "deploy_sar_stack" {
+ name = "aws-lambda-powertools-python-layer"
+
+ application_id = data.aws_serverlessapplicationrepository_application.sar_app.application_id
+ semantic_version = data.aws_serverlessapplicationrepository_application.sar_app.semantic_version
+ capabilities = [
+ "CAPABILITY_IAM",
+ "CAPABILITY_NAMED_IAM"
+ ]
+ }
+
+ data "aws_serverlessapplicationrepository_application" "sar_app" {
+ application_id = "arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer"
+ semantic_version = var.aws_powertools_version
+ }
+
+ variable "aws_powertools_version" {
+ type = string
+ default = "1.20.2"
+ description = "The AWS Powertools release version"
+ }
+
+ output "deployed_powertools_sar_version" {
+ value = data.aws_serverlessapplicationrepository_application.sar_app.semantic_version
+ }
+
+ # Fetch Lambda Powertools Layer ARN from deployed SAR App
+ output "aws_lambda_powertools_layer_arn" {
+ value = aws_serverlessapplicationrepository_cloudformation_stack.deploy_sar_stack.outputs.LayerVersionArn
+ }
+ ```
+
??? tip "Example of least-privileged IAM permissions to deploy Layer"
> Credits to [mwarkentin](https://github.com/mwarkentin) for providing the scoped down IAM permissions.