Populated english version fixed to Japanese version

.bumpversion.cfg

@@ -1,4 +1,4 @@
 [bumpversion]
-current_version = 3.3.0
+current_version = 3.4.5
 commit = True
 tag = False

code/solutions/dynamic-references/database.yaml

@@ -31,7 +31,7 @@ Resources:
           - id: F80
           - id: F27
     Properties:
-      DBInstanceClass: db.t2.micro
+      DBInstanceClass: db.t3.micro
       AllocatedStorage: "20"
       Engine: mysql
       MasterUsername: !Ref DBUsername

code/workspace/dynamic-references/database.yaml

@@ -31,7 +31,7 @@ Resources:
           - id: F80
           - id: F27
     Properties:
-      DBInstanceClass: db.t2.micro
+      DBInstanceClass: db.t3.micro
       AllocatedStorage: "20"
       Engine: mysql
       MasterUsername: !Ref DBUsername

code/workspace/hooks/.gitignore

@@ -0,0 +1 @@
+example-hook*/

code/workspace/hooks/sample-s3-bucket.template

@@ -0,0 +1,5 @@
+AWSTemplateFormatVersion: "2010-09-09"
+
+Description: Sample template describing an Amazon S3 bucket. (uksb-1q9p31idr) (tag:hooks).
+
+# Add your code here.

content/advanced/hooks/example-in-python/challenge/index.ja.md

@@ -0,0 +1,6 @@
+---
+title: "Challenge"
+weight: 490
+---
+
+Japanese translation is not available yet. Please use the English version.

content/advanced/hooks/example-in-python/challenge/index.md

@@ -0,0 +1,58 @@
+---
+title: "Challenge"
+weight: 490
+---
+
+Previously on this lab, you've written unit tests to validate the core logic of your hook. One of the requirements you were given was to allow for a mechanism to ignore S3 buckets whose names are specified by the hook administrator in the hook's configuration. You've used contract tests and end-to-end tests to validate aspects for this use case: in this challenge, you are tasked to write unit test code for this use case.
+
+First, make sure you're in the `example-hook/` directory, as you'll need to run unit tests from there.
+
+Next, open the existing `src/examplecompany_s3_versioningenabled/tests/test_handlers.py` file. Your task is to append, at the end of the file, a new unit test method you'll write, called `test_when_s3_bucket_is_ignored_then_validation_always_succeeds()`, to assert that when you specify the `my-ignored-bucket,my-other-ignored-bucket` comma-delimited list as an input to the type configuration, the hook validation succeeds regardless of the versioning configuration for the bucket. When you write the unit test method, do not specify the versioning configuration in the resource properties input.
+
+Once you've written the new unit test method, run unit tests from the `example-hook/` directory, and make sure your new test passes as well.
+
+:::expand{header="Need a hint?"}
+- Look at the existing `test_when_s3_bucket_versioning_status_is_enabled_then_succeed()` test method; make a copy of it, and replace the method name in the method copy with `test_when_s3_bucket_is_ignored_then_validation_always_succeeds()`;
+- in the test method you just copied (see the hint above), is there something you'll need to add and to remove for the `resourceProperties` input?
+- Is there anything you need to add to `IgnoreS3BucketNames` further below?
+- Look at the assertion for the response's message: does it need to be updated?
+:::
+
+::::expand{header="Want to see the solution?"}
+Append the following content to the `src/examplecompany_s3_versioningenabled/tests/test_handlers.py` empty file you just created (add two empty lines before pasting the code below):
+
+:::code{language=python showLineNumbers=false showCopyAction=true}
+def test_when_s3_bucket_is_ignored_then_validation_always_succeeds() -> (  # noqa: D103 E501
+    None
+):
+    MOCK_BASE_HOOK_HANDLER_REQUEST.hookContext.targetModel = {
+        "resourceProperties": {
+            "BucketName": "my-other-ignored-bucket",
+        },
+    }
+
+    response = handlers._run_pre_create_pre_update_common_checks(
+        session=None,
+        request=MOCK_BASE_HOOK_HANDLER_REQUEST,
+        callback_context=MOCK_CALLBACK_CONTEXT,
+        type_configuration=TypeConfigurationModel(
+            IgnoreS3BucketNames="my-ignored-bucket,my-other-ignored-bucket",
+        ),
+    )
+
+    assert response.message == "Ignoring versioning configuration."
+    assert response.status == OperationStatus.SUCCESS
+    assert response.errorCode is None
+    assert response.callbackContext is None
+    assert response.callbackDelaySeconds == 0
+:::
+
+Next, run the unit tests from the `example-hook/` directory to verify:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+pytest --cov
+:::
+
+::::
+
+Choose **Next** to continue!

content/advanced/hooks/example-in-python/cleanup/index.ja.md

@@ -0,0 +1,6 @@
+---
+title: "Cleanup"
+weight: 495
+---
+
+Japanese translation is not available yet. Please use the English version.

content/advanced/hooks/example-in-python/cleanup/index.md

@@ -0,0 +1,147 @@
+---
+title: "Cleanup"
+weight: 495
+---
+
+You'll start with deregistering your hook:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws cloudformation deregister-type \
+    --type-name ExampleCompany::S3::VersioningEnabled \
+    --type HOOK \
+    --region us-east-1
+:::
+
+Next, you'll delete the stack, created or updated for you by the CloudFormation CLI that you've used to submit the hook to the private registry, by first removing its termination protection:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws cloudformation update-termination-protection \
+    --no-enable-termination-protection \
+    --stack-name examplecompany-s3-versioningenabled-role-stack \
+    --region us-east-1
+:::
+
+Delete the stack mentioned above:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws cloudformation delete-stack \
+    --stack-name examplecompany-s3-versioningenabled-role-stack \
+    --region us-east-1
+
+aws cloudformation wait stack-delete-complete \
+    --stack-name examplecompany-s3-versioningenabled-role-stack \
+    --region us-east-1
+:::
+
+Next, before deleting objects from the artifacts bucket created by the `CloudFormationManagedUploadInfrastructure` stack (you've learned about it earlier on this lab), and the stack itself (if you'll choose to do so), you'll need to delete artifacts that you've generated as part of submitting the hook to the registry: this includes the ZIP archive for the hook's code. Start with identifying name of the S3 bucket that the managed upload infrastructure stack created for you:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws cloudformation describe-stack-resources \
+    --stack-name CloudFormationManagedUploadInfrastructure \
+    --query "StackResources[?LogicalResourceId=='ArtifactBucket'].PhysicalResourceId" \
+    --region us-east-1 \
+    --output text
+:::
+
+Make a note of the bucket name returned by the command; for example, `cloudformationmanageduploadinfrast-artifactbucket-[...omitted...]`. Next, list the bucket's content:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws s3 ls s3://cloudformationmanageduploadinfrast-artifactbucket-[...omitted...]
+:::
+
+Make a note of the ZIP file for your hook, that should look like this: `examplecompany-s3-versioningenabled-YYYY-MM-DDTHH-MM-SS.zip`. The bucket where this object is stored has versioning enabled, and you'll need to get the object's version ID with this command (make sure to replace the name of the bucket and of the object):
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws s3api list-object-versions \
+    --bucket cloudformationmanageduploadinfrast-artifactbucket-[...omitted...] \
+    --prefix examplecompany-s3-versioningenabled-YYYY-MM-DDTHH-MM-SS.zip \
+    --query "Versions[*].VersionId" --output text
+:::
+
+Make a note of the version ID, that should look like this: `abcdEXAMPLEabcdEXAMPLEabcdEXAMPLE`; next, delete the object version by making sure to replace the bucket name, the object name, and the version ID:
+
+:::code{language=shell showLineNumbers=false showCopyAction=false}
+aws s3api delete-object \
+    --bucket cloudformationmanageduploadinfrast-artifactbucket-[...omitted...] \
+    --key examplecompany-s3-versioningenabled-YYYY-MM-DDTHH-MM-SS.zip \
+    --version-id abcdEXAMPLEabcdEXAMPLEabcdEXAMPLE
+:::
+
+If you have performed more than one registry submission for your hook as part of this lab, you might find in the bucket more object(s), whose name start(s) with `examplecompany-s3-versioningenabled-`, and that you would want to remove as well in the same way as shown above.
+
+::alert[If you're currently using your AWS account to create CloudFormation extensions, you might find other objects in the S3 buckets managed by the `CloudFormationManagedUploadInfrastructure` stack (the artifact bucket, and the access log bucket as well), that you might choose to retain. If you wish to proceed with deleting this data and managed upload infrastructure, follow steps shown next; otherwise, skip the remaining part of this cleanup.]{type="warning"}
+
+Next, retrieve the name of the access log bucket:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws cloudformation describe-stack-resources \
+    --stack-name CloudFormationManagedUploadInfrastructure \
+    --query "StackResources[?LogicalResourceId=='AccessLogsBucket'].PhysicalResourceId" \
+    --region us-east-1 \
+    --output text
+:::
+
+Make a note of the bucket name (example: `cloudformationmanageduploadinfra-accesslogsbucket--[...omitted...]`. List its content (replace the bucket name):
+
+:::code{language=shell showLineNumbers=false showCopyAction=false}
+aws s3 ls s3://cloudformationmanageduploadinfra-accesslogsbucket--[...omitted...]
+:::
+
+As described on this [page](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html#how-logs-delivered), Amazon S3 periodically collects and consolidates access logs when you enable server access logging for your bucket (that is, in this case, the bucket for artifacts using the logs bucket), and then uploads the logs to the target logging bucket. If you do not see objects in the logs bucket above at this time, there might be a chance, depending on your case, that logs might be delivered whilst you are attempting to delete the logs bucket later on, if you choose to do so. You cannot delete a bucket with objects in it; if this is the case, you'll get an error when deleting the stack that created the logs bucket: if you choose to delete logs in your logs bucket, use the same process you chose to use above for objects in the artifacts bucket, before (re)attempting to delete the bucket (or the stack that creates it; see steps below for more information).
+
+Next, update the `CloudFormationManagedUploadInfrastructure` stack's settings to disable the `DeletionPolicy: Retain` and `UpdateReplacePolicy: Retain` for both `AccessLogsBucket` and `EncryptionKey` resources. First, get the template for the stack, and save it to the `CloudFormationManagedUploadInfrastructure.template` file on your machine:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws cloudformation get-template \
+    --stack-name CloudFormationManagedUploadInfrastructure \
+    --query TemplateBody \
+    --region us-east-1 \
+    --output text > CloudFormationManagedUploadInfrastructure.template
+:::
+
+Open the `CloudFormationManagedUploadInfrastructure.template` file with your text editor, and:
+- replace all occurrences of `DeletionPolicy: Retain` with `DeletionPolicy: Delete`;
+- replace all occurrences of `UpdateReplacePolicy: Retain` with `UpdateReplacePolicy: Delete`.
+
+Save the updated template, and use it to update the stack next:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws cloudformation update-stack \
+    --stack-name CloudFormationManagedUploadInfrastructure \
+    --template-body file://CloudFormationManagedUploadInfrastructure.template \
+    --capabilities CAPABILITY_IAM \
+    --region us-east-1
+
+aws cloudformation wait stack-update-complete \
+    --stack-name CloudFormationManagedUploadInfrastructure \
+    --region us-east-1
+:::
+
+Delete the updated template copy on your machine:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+rm CloudFormationManagedUploadInfrastructure.template
+:::
+
+Remove the termination protection from the stack:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws cloudformation update-termination-protection \
+    --no-enable-termination-protection \
+    --stack-name CloudFormationManagedUploadInfrastructure \
+    --region us-east-1
+:::
+
+Delete the stack:
+
+:::code{language=shell showLineNumbers=false showCopyAction=true}
+aws cloudformation delete-stack \
+    --stack-name CloudFormationManagedUploadInfrastructure \
+    --region us-east-1
+
+aws cloudformation wait stack-delete-complete \
+    --stack-name CloudFormationManagedUploadInfrastructure \
+    --region us-east-1
+:::
+
+Almost done! Choose **Next** to continue!

content/advanced/hooks/example-in-python/conclusion/index.ja.md

@@ -0,0 +1,6 @@
+---
+title: "Conclusion"
+weight: 499
+---
+
+Japanese translation is not available yet. Please use the English version.

content/advanced/hooks/example-in-python/conclusion/index.md

@@ -0,0 +1,12 @@
+---
+title: "Conclusion"
+weight: 499
+---
+
+Congratulations! You have built and tested a sample hook in Python! You've learned key concepts, expectations and objectives for you to keep in mind when writing your proactive validation controls with Hooks.
+
+You can see a list of hooks in the public CloudFormation registry when you navigate to the [AWS CloudFormation Console](https://console.aws.amazon.com/cloudformation/), choose **Registry** and then **Public extensions** from the left navigation bar, and then use the filters to list the available hooks.
+
+Also, you can find some existing hooks in the following repositories:
+- https://github.com/aws-cloudformation/community-registry-extensions
+- https://github.com/aws-cloudformation/aws-cloudformation-samples

content/advanced/hooks/example-in-python/end-to-end-test/index.ja.md

@@ -0,0 +1,6 @@
+---
+title: "End-to-end test"
+weight: 480
+---
+
+Japanese translation is not available yet. Please use the English version.