Saturday, December 21, 2019

Taco Cat Goat Cheese Pizza - A great family game!

Taco Cat Goat Cheese Pizza!

Now say that 5 times really fast. It's hard to say. Now imagine having to say "Taco" "Cat" "Goat" "Cheese" "Pizza" in turn while laying down pictures of things that don't match the words. Then imagine having to slap your hand down on the card if the word you say matches the card. It's really difficult but fun!

Then add narwhals, groundhogs, and gorillas to the mix.

That's what you get with the game Taco Cat Goat Cheese Pizza

Fun and sore hands. And lots of laughter!
I bought this game a while ago but we only recently played it. It was surprising how much fun we had within the first round of playing it. We can hardly wait to play it again!

The suggested age is 8 years and up, but if you have a child that can read fairly well, then it is probably fine for younger ages. It was definitely no problem for our 7-year-old daughter. She did much better than I did!

Wednesday, June 26, 2019

Install Oh-my-zsh and powerline fonts on Ubuntu 18.04

I recently installed Ubuntu 18.04 on my X1 Carbon (1st Gen that sat under the bed for years), and I'm actually enjoying using this notebook again!

The first thing I did was install a few basics that included oh-my-zsh. I love the information that the prompt displays for your git repos. Shown below is oh-my-zsh using the agnoster theme. 

Oh-My-Zsh with Git Repo Status

However, if the powerline fonts aren't installed, then it doesn't look so great. The icons show up as boxes with X's in them. 

I didn't have the powerline fonts installed, so I searched for the correct way to install the fonts on Ubuntu and found that a bunch of people were having difficulties.

I ended up following the directions on the powerline font github repo's README, and it worked without too much effort, so I figured I would post all the steps I followed to get oh-my-zsh installed and configured the way I like it.

Oh-My-Zsh and Powerline Font Install

First, install oh-my-zsh.
sh -c "$(curl -fsSL"

After the install, you end up with a .zshrc file in your home directory. I updated the .zshrc file to use the agnoster theme instead of the default theme of robbyrussell. Just update the ZSH_THEME value.

Second, install the powerline fonts so you can see the nice status icons for the current directory of your git repos. You can install the fonts this way:
sudo apt-get install fonts-powerline

Or by cloning the git repo and running their install script:
git clone --depth=1
cd fonts
cd ..
rm -rf fonts

If after running those commands (which probably only needed to consist of the apt-get install), the prompt for zsh has not started showing the nice status icons and colorized branches, then you can update the fontconfig information by creating a file in this directory (create the directory if it doesn't exist):

Then copy this file to ~/.config/fontconfig/conf.d.

Followed by running the font config cache command, which will force the font config cache to be update (-f) and display status information (-v).
fc-cache -vf 

It was after I ran the fc-cache command that I noticed the terminal show the git repo status information with the branch and sattus icons. I used both the apt-get install fonts-powerline method, and the 

Sunday, January 27, 2019

Yeoman generator for creating a terraform directory structure for AWS providers...

I use AWS for work, and use terraform for creating the resources. My team uses a common directory structure for our terraform files, and it seems to work pretty well for separating resources between project groups, logical environments, and regions. However, creating new project directory structures can be a pain, so I decided to create a yeoman generator to automate the process. 

Please check out the generator I made, and let me know what you think!

Clone from git:
git clone

Install using npm:

npm install --global generator-tf-proj

Generate a terraform project structure using yeoman:

yo tf-proj

Saturday, January 20, 2018

AWS IoT Button and Philips Hue API...

I bought some Philips Hue Lights, and have really enjoyed them - but I enjoy them even more now that I have the IoT button integrated with the lights. 

Here is a video showing my AWS IoT button interacting with my Philips Hue Go lamp.

Philips Hue API:

The Philips Hue REST API is really easy to use to retrieve information about the lights connected to the Hue bridge, and for controlling the lights. You can follow the instructions on this page to help you get up and running with the API.

AWS IoT Button:

I had seen the AWS IoT button on Amazon and, although I didn't have any ideas of what I would do with the button, I wanted to work on a project which would use one of the buttons. I found this fun project that also uses an AWS IoT button, and the Philips Hue API with the Go lamp. I had bought a Philips Hue Go light, as well as a number of other Philips Hue lights, so I decided to recreate the project from the youtube video above but using an AWS lambda instead of using a raspberry pi

Something that was pointed out to me (embarrassingly) is that this method is not secure. Sending unencrypted information to the Hue bridge, which includes the auth, would allow an attacker to send their own API calls to the bridge. One of the API calls could have a security hole that could be used by an attacker / curious person. 

A couple of ideas I've had for using the Philips Hue lights are flash lights with certain colors to indicate either a rise above, or drop below, stock or crypto currency price points, and flash lights when people are close to home (integrate with IFTTT).

However, using the IoT button to control the lights looked fun and gave me an excuse to learn a little bit about AWS Lambdas. It's worth mentioning that Philips makes a switch that can be easily programmed to control your Philips Hue lights.

Parts list :

- Philips Hue Go light, but it works with all of the Philips Hue color lights
- AWS IoT Button

Set up IoT Button:

I used the "Getting Started" guide to set up the IoT button.  It walks you through registering your device, creating and activating a device certificate, creating and attaching an IoT policy to the device certificate, attach the certificate to a "Thing" (the button), and configuring your IoT button to know how to connect to your WiFi.

One of the last steps in the "Getting Started" guide is configuring and testing rules. The example has the IoT button pushes send an SNS message that gets sent as a text message to your phone. I decided to have the SNS message trigger a lambda, and use the lambda to send the REST calls to my Philips Hue bridge.

AWS Lambda:

Here is the AWS Lambda code that I used:

I have my router configured to use Dynamic DNS, and then I have a port forwarding rule to forward to the Philips Hue bridge.  The lambda figures out if the button click was a single click, a double click, or a long click.  The double clicks will turn the light on and off, the single click will increment the hue to set the light to, and a long click will set the light to use the color loop effect.

I hope you find this post useful! Please leave links to any projects you feel like sharing using AWS IoT buttons and/or Philips Hue lights in the comment section below.

Sunday, August 6, 2017

Create an AWS Lambda using Java...

Here's a quick walk through for creating an AWS lambda using Java. I happen to use IntelliJ with maven, but you can use whatever IDE and package management you prefer to use. You can find a similar walk-through in the online AWS documentation or in the AWS Lambda In Action book.

1. Create an IAM role for the Lambda to use:
  • Click the "Create new role" button.
  • In the "Select role type" section, Click the "Select" button for "AWS Lambda" from the "AWS Service Role" section.
  • Enter the policy name of "AmazonS3FullAccess", click the check box, and click the "Next step" button.
  • Enter a name in the "Role name" text box (for this example, use "hello-lambda-role"), and enter a fitting description in the "Role description" text box. Click the "Create role" button.

2. Create an S3 bucket.

3. Create a Java project for your AWS Lambda code:
  • Using IntelliJ, create a maven project using maven-archetype-quickstart.
  • Add the aws lambda core dependency to the project's pom file:

  • Create a class called HelloWorldLambda that implements RequestHandler<String, String>:

public class HelloWorldLambda implements RequestHandler<String, String> {
public String handleRequest(String input, Context context) {
    String output = "Hello, " + input + "!";
    return output;
  • Build the project so that the jar is created setting the output jar name to be HelloLambda.jar.

4. Create the lambda in the AWS console:
  • Click on the "Get Started Now" button.
  • Click on the "Blank Function" item.

  • On the "Configure triggers" page, click in the grey dashed square and then select "S3".
    • Select the bucket that you created in step 2.
    • Select the event type "Object Created (All)".
    • Click "Enable trigger".
  • Click the "Next" button. 
  • Enter a name for the lambda like "hello-lambda"
  • Select "Java 8" for the Runtime

  • Click on the "Upload" button and select your HelloLambda.jar.

  • In the "Lambda function handler and role", enter the full package path to your HelloWorldLambda class.
  • Select "Choose an existing role" for the Role section.
  • Select the "hello-lambda-role" that you created in step 1.

  • In the "Tags" section, enter the value "Name" for the key, and "hello-lambda" for the value.

  • In the "Advanced settings", increase the memory to 512 MB. Leave the timeout at 15 seconds.

  • Click the "Create function" button.

5. Test the lambda!

* Go to "Functions" section of the AWS console's Lambda page.
* Select the "hello-lambda" function by clicking the option button.
* Click on the "Actions" drop down, and click on "Test function". The "Input test event" dialg will appear.
* Enter the text "testing", and then click the "Save and test" button.

This will trigger the lambda function, and you'll see the output in the "Execution result" section.

6. Test the lambda with an S3 creation event:

Uploading a text file with a single line of text to your S3 bucket that you created in step 2 will trigger your lambda, and you can see that the lambda is invoked by using the following steps.

  • Go to the AWS Lambda console page, and select the "Functions" section.
  • Click on the "hello-lambda" function. This should take you to the details for your lambda.  
  • Click on the "Monitoring" tab. 

You'll see that you have invocations for both the test run, and the S3 upload. My image shows invocations for multiple file uploads, and multiple tests.

Learn more about AWS Lambdas through AWS Lambda In Action.

Wednesday, July 26, 2017

AWS IAM Users and MFA

AWS Identity and Access Management (IAM) Users and Multi-Factor Authentication (MFA)

Amazon Web Services are easy and incredibly fun to use. Need to spin up a web server and Redis cluster? No problem! But how do you protect the AWS account from unauthorized use? Well, IAM users and MFA of course!

The AWS Certified Solutions Architect exam guide covers IAM users and groups, as well as enabling MFA for your IAM user accounts, in Chapter 6.

The exercises at the end of the chapter have you create an IAM group, an IAM user, and then enable MFA for your newly created IAM user (in exercise 6.6). I've really enjoyed going through the exam guide specifically due to the chapter review quizzes (answers with explanations are in the back of the book) and the exercises. 

Here are the steps that I used for creating an IAM group and user (using exercises 6.1 and 6.3 as the motivator, and following along in the very easy to use AWS console interface).

Creating an IAM Group:
  • Go to the IAM service in the AWS console.
  • Click the "Groups" console item.
  • Click the "Create New Group" button to start the group creation wizard.
  • Enter your group name in the "Group Name' text box and then click "Next Step". I chose "Administrators" as the AWS exam guide suggested.
  • In the Attach Policy step, the exam book tells you to click the "IAMFullAccess" policy check box. The "IAMFullAccess" policy gives the group members full access to IAM via the AWS Management Console. The AWS online documentation for creating your first user and group has you select the "AdministratorAccess" policy - which will give you full access to AWS services and resources. I chose the "AdministratorAccess" policy.
  • The last step is to review your proposed settings. Click the "Create Group" button. You'll be returned to the "Groups" list view, and you'll see your new group.

Creating an IAM User:
  • Go to the IAM service in the AWS console.
  • Click the "Users" console item.
  • Click the "Add user" button to start the user creation wizard.
  • Enter a user name in the "User name" text box.
  • In the "Select AWS access type" section, click  the "AWS Management Console access" check box. This will cause the "Console password" options to appear.
  • Select the "Custom password" option, and enter a password. 
  • The "Require password reset" check box is checked by default. If you are creating a user for someone else to use, then it is a good idea to keep this option checked.
  • Click the "Next: Permissions" button.
  • On the "Permissions" step of the wizard, click the "Add user to group" image if it is not already highlighted (this is the default selection).
  • Check the checkbox for the group you created above.
  • Click the "Next: Review" button.
  • Click the "Create user" button. You'll be taken to "Success" page where you can see the user listed. It will contain a signin link that includes your AWS user ID as part of the url.  ie,  You'll also be able to download the user credentials via a download button. The success page mentions that you can create new credentials at any time. The credentials file lists the user name and the signin link. 

Enable MFA for an IAM user:
  • Go to the IAM service in the AWS console.
  • Click the "Users" console item.
  • Click on the user name for the user you would like to enable MFA.
  • Click on the "Security credentials" tab.
  • Click on the edit icon for "Assigned MFA device".
  • Choose "A virtual MFA device" in the "Manage MFA Device" pop up dialog, and then click the "Next Step" button.
  • You're instructed to install an AWS MFA-compatible application on the device of your choice - PC, smartphone, etc. There is a link in the dialog that will take you to a list of MFA-compatible applications.  Install one of the compatible applications. I used the smart phone option, and installed the Google Authenticator application.
  • Click the "Next Step" button. 
  • A QR code is displayed in the AWS "Manage MFA Device" pop up dialog, and you are instructed to use your smart phone to scan the code.  
  • If you're using the Google Authenticator, then a 6 digit code is displayed on your device, and is refreshed every 30 seconds.
  • You're instructed to enter two sets of the 6 digit codes, and then told to click "Activate Virtual MFA"
At this point the user account is configured for MFA. The next time that user logs in they will be prompted to enter a 6 digit MFA code. Your MFA enabled user account is now a lot more secure than it was. 

I highly recommend the exam guide even though it is starting to get a bit dated. The book gives you a condensed and comprehensive look - and the exercises really help drive home the material. I found that some of the exercises were a bit sparse in information, and no longer match what the AWS console shows you, but it is close enough that you can figure things out without getting lost. 

The experience was very fun, and the end result is that I now have a much more secure admin account!