avatarTeri Radichel

Free AI web copilot to create summaries, insights and extended knowledge, download it at here

3937

Abstract

represent the state changes of the bank account. Each event contains a timestamp, the type of event (deposit, withdrawal, interest accrual), and the amount of the change. To reconstruct the current state of the account, the event stream is replayed, and the cumulative effect of the events is calculated.</p><p id="5b20"><b>Example Events </b>Here are some examples of events that might occur in a bank account:</p><ul><li><b>DepositMadeEvent(accountID, amount, timestamp)</b></li><li><b>WithdrawalMadeEvent(accountID, amount, timestamp)</b></li><li><b>InterestAccruedEvent(accountID, amount, timestamp)</b></li></ul><p id="846d"><b>Reconstructing the Current State </b>To reconstruct the current balance of an account, the event stream is replayed from the beginning. For each event, the corresponding amount is added or subtracted from the current balance. For example, if the event stream contains the following events:</p><div id="64a6"><pre><span class="hljs-built_in">DepositMadeEvent</span>(<span class="hljs-number">12345</span>, <span class="hljs-number">100.00</span>, <span class="hljs-number">2023</span>-<span class="hljs-number">10</span>-<span class="hljs-number">04</span>T12:<span class="hljs-number">00</span>:<span class="hljs-number">00</span>Z) <span class="hljs-built_in">WithdrawalMadeEvent</span>(<span class="hljs-number">12345</span>, <span class="hljs-number">50.00</span>, <span class="hljs-number">2023</span>-<span class="hljs-number">10</span>-<span class="hljs-number">05</span>T10:<span class="hljs-number">00</span>:<span class="hljs-number">00</span>Z) <span class="hljs-built_in">InterestAccruedEvent</span>(<span class="hljs-number">12345</span>, <span class="hljs-number">0.50</span>, <span class="hljs-number">2023</span>-<span class="hljs-number">10</span>-<span class="hljs-number">06</span>T00:<span class="hljs-number">00</span>:<span class="hljs-number">00</span>Z)</pre></div><p id="384f">The current balance of account 12345 would be 149.50.</p><h2 id="9bba">Event Sourcing Key Concepts:</h2><blockquote id="bdf0"><p><b><i>Events</i></b><i> Events are the fundamental building blocks of event sourcing. They represent atomic state changes that occur within a system. Each event encapsulates the details of a specific change, such as a deposit made to an account or a product added to a cart.</i></p></blockquote><blockquote id="e74f"><p><b><i>Event Store</i></b><i> The event store serves as the central repository for events. It persistently stores events in an append-only manner, ensuring the integrity and immutability of the event stream. This chronological record of events provides a comprehensive audit trail of system state changes.</i></p></blockquote><blockquote id="6323"><p><b><i>Event Stream</i></b><i> An event stream is an ordered sequence of events for a particular entity or process. It represents the complete history of changes for that entity, allowing for reconstruction of the system state at any point in time. The chronological ordering of events is crucial for understanding the causal relationships between changes.</i></p></blockquote><h1 id="4081">Architecting for Event Sourcing</h1><p id="b356">In systems utilizing event sourcing, a key difference lies in how data is stored. Unlike traditional relational databases that emphasize the current state of data, event sourcing prioritizes preserving the sequence of events causing state changes. This shift in data management requires a carefully structured architecture to handle both data manipulation and retrieval effectively. Consequently, an event-sourced system neatly divides into two distinct components — <b>command </b>and <b>query</b>.</p><figure id="00dd"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/1*1MH4-bsYG_TNpNn-_HIIww.png"><figcaption><b>Event Sourcing System</b></figcaption></figure><p id="bc30">The <b>command </b>side manages user interactions, translating them into e

Options

vents that indicate intended changes to the system’s state. As the data entry point, it rigorously validates incoming commands before creating and preserving events. Validated events are then stored in the event store, ensuring a secure and unchangeable system record.</p><p id="93a8">On the other hand, the <b>query </b>side exclusively retrieves and presents user data. Focused on constructing view models tailored to the client’s needs, it extracts relevant information from the event stream. This process reconstructs the system’s current state using the chronological sequence of events. Additionally, the query side can notify the client of new events for real-time updates to the user interface.</p><p id="6148"><b>Event Store </b>At the heart of event sourcing lies the event store, a specialized database designed to persistently store events in an append-only manner. This immutable repository serves as the system’s historical backbone, safeguarding the chronological sequence of events that have transpired. The event store’s primary responsibilities include:</p><ul><li><b>Event Persistence</b>: Ensures the durability and integrity of events by storing them in a tamper-proof manner.</li><li><b>Event Ordering</b>: Maintains the chronological order of events, preserving the causal relationships between them.</li><li><b>Event Retrieval</b>: Provides efficient access to events for processing, analysis, or replaying to reconstruct system state.</li></ul><p id="1369"><b>Materialized Views </b>Materialized views, also known as read models, are derived representations of the current state of the system, constructed and maintained by consuming events from the event store. They offer optimized data access for read-heavy operations, enabling efficient retrieval of frequently queried information without the need to replay the entire event stream.</p><p id="aa28">CQRS (Command/Query Responsibility Segregation), with its separation of command and query responsibilities, plays a crucial role in utilizing materialized views effectively. The query side can independently manage and update materialized views based on incoming events, ensuring that the current state of the system is always readily accessible for read operations.</p><h1 id="0fa5">Event Sourcing in Action</h1><p id="b1ea"><b>Event sourcing and CQRS</b> have gained traction in various domains due to their ability to address the challenges of modern distributed systems. Here are a few examples:</p><ul><li><b>Financial Transactions</b> Event sourcing is widely used in financial systems to record and audit transactions, ensuring transparency and traceability.</li><li><b>E-commerce Platforms </b>Event sourcing enables e-commerce platforms to capture user interactions, order history, and product changes, facilitating real-time data analysis and personalization.</li><li><b>Social Media Networks</b> Event sourcing powers social media platforms to handle the vast volume of user activity, providing a scalable and auditable record of interactions.</li></ul><h1 id="57b6">Final Thoughts</h1><p id="f6e0">Event sourcing isn’t just a trend; it’s a game-changer. It gives developers the power to build systems that don’t just handle challenges but excel in resilience and scalability. Imagine a system that keeps a perfect historical record, gracefully deals with hiccups, and smoothly adapts to changes without missing a beat. That’s what Event Sourcing brings to the table. As the need for robust and scalable systems keeps growing, Event Sourcing is becoming the go-to, making its mark as a must-have in the modern software toolkit.</p><p id="f78b"><b>Until our next adventure, stay connected, stay reliable, and keep rocking the digital world! 🚀🌐💻</b></p><p id="1e51">👏 Feel free to give it a friendly round of <b>applause </b>and hit that ‘<b>Follow</b>’ button for more engaging content. Your support truly means the world!</p></article></body>

Accidentally created empty CloudFormation stack with incorrect name and can’t delete it. Why?

Delete fails and no information in the events to tell me what the problem is

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics | Code.

🔒 Related Stories: Bugs | AWS Security | Secure Code

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I explained how I either create an empty stack and import an AWS Organization if it exists already or create a new organization from a CloudForamtion template.

Now retesting this stack and some naming convention changes, I inadverantly created a stack with a dash at the end of the name:

root-organizations-organization-

It’s an empty stack I use as a base to import the organization. Here’s the template:

#!/bin/bash
# https://github.com/tradichel/SecurityMetricsAutomation
# awsdeploy/resources/emptystack/emptystack.yaml
# author: @teriradichel @2ndsightlab
##############################################################
Conditions:
  Never:
    !Equals [ "T", "F" ]

Resources:
  EmptyStack:
    Type: Custom::EmptyStack
    Condition: Never

Now I can’t delete the stack. There is only a message at the top of the screen:

No information in the events tells me what the problem is.

If I check CloudTrail I see this error:

User: arn:aws:iam::xxxxxxxxxx:user/rootadmin is not authorized to perform: cloudformation:DeleteStack on resource: arn:aws:cloudformation:us-east-2:xxxxxxxxxxxxxx:stack/root-organizations-organization-/4a6ba7a0–88ed-11ee-b310–0ae9d4a5f3f9 with an explicit deny in an identity-based policy

The reason is because I deployed this template as the root user and the rootadmin only has permission to act on stacks that start with rootadmin.

That’s fine, but the error message should still exist in CloudFormation events to tell me what the problem is in case I’m a user that doesn’t have access to CloudTrail.

Follow for updates.

Teri Radichel | © 2nd Sight Lab 2023

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab
Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation
Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
Error Message
Cloudformation
Delete
Stack
Permissions
Recommended from ReadMedium