Jon Leaman

A Few CloudTrail Best Practices

There are many tools out there to help monitor and alert on AWS accounts, both native and third-party. Across every tool I have tested, one alert is always critical and it’s so easy to fix that there is no excuse not to have it on — CloudTrail.

CloudTrail, in short, logs every API call in your AWS account. The importance of this should be self-evident to my readers, so bear with me. If something bad happens in your account, you want to know who did it and when. You want an audit trail! Without CloudTrail, you’ll be flying without a rear-view mirror. You won’t have any hindsight to be 20-20 about, and that’s a shame.

At what cost? Basically the cost of storing the data in S3 and CloudWatch — minimal. If you’re not sold and you’ve read this, I’ll have no sympathy.

Moving on.

Historically, CloudTrail was enabled per region. This means that when a new region comes online, you must remember to go and enable it in that region. If you don’t automate this, there is room for neglect. CloudTrail now has an ‘all-regions’ setting per trail. My recommendation is create a new trail that has all-regions enabled. If this is as far as you go, that’s okay, but we can take it a step further.

At this point, you’ll have an S3 bucket that is logging all API calls across all regions, and in the event a new region comes online, that region too. Additionally, you can pipe these logs through CloudWatch, which I recommend. Typically, most customers only use 1-3 regions, so if you have non-readonly activity in any of the other regions, you probably want to be alerted. I’m going to walk you through setting up alerts to answer the following question:

How can I be alerted of any activity in non-approved regions, with the exception of read-only calls?

Continue reading

Jon Leaman

Lambda 101 – Serverless Business Logic

I’ll keep this post short and let the video do the talking. This twelve minute video will walk through three different Lambda examples and investigate the payloads of each. The goal is to get developers and system administrators comfortable with using Lambda to execute business logic!

See below for more details. Enjoy!

Here are some additional references:

Function code:

1) Jeff Barr’s Blog @ AWS is a good source for new announcements, interesting use cases, and much more:

2) CloudSploit’s write up on how they made their whole company serverless with some insights on the savings they’ve seen:

3) A deep dive into developing a serverless application and many of the considerations that need to be made. Written by Mike Watters (

4) Working with serverless applications is great, but how to you manage such an application over the lifecycle of the app? Michael Wittig ( answers this question on his blog:

5) Could it get any easier!? The innovation has just begun! Check out AWS’s Python Serverless Microframework:

I hope you enjoyed. If you have feedback or questions, leave them here!

Jon Leaman

How I solved Aristotle’s Puzzle in 1 Hour (no spoilers)

I was given Aristotle’s Number game as a gift this Christmas.  The difficulty on the back read “Nightmarish”, but I wasn’t scared.  That said, my title may be misleading.  It took me 3-4 days to figure out all 12 solutions, but my script only took 1 hour and 3 minutes to run through the 250m permutations I was able to break it down into.  How this puzzle is solved without a computer is mind boggling.  gameBoard

The rules are simple.  You have 19 hex pieces that have a number 1-19 on them.  They need to be placed on the board, seen above, so that all rows sum to 38.  That’s in any direction, leaving 15 different rows that need to sum to 38.

I started as anyone might start.  Manually plugging away.  After getting ‘close’ a few times and failing, I figured I could brute force this, so I opened Excel.  That tactic turned out to be laughable.  With 19! possible combinations, I needed to narrow down my search.  How many tiles did I need to solve to figure out the rest of the puzzle?  Well, after some failed attempts, it’s possible to take the 15 equations that should sum to 38 and reduce them down to 12 equations with 7 independent variables!  That means we will only need to solve 19!/(19-7)! iterations.  The process to derive these equations is called Guassian Elimination.  Huge props to hwiechers (Careful, this link contains a spoiler!) for showing me these equations — I had to take them at face value given my limitations in this area.

Once I had these equations it didn’t take much time at all to write the script to take the iterations, solve the equations, and check if everything added up.  My code can be foundhere:

Boy am I happy to be done with this puzzle!

Cheers and have a happy New Year!