Security, software development and devops in a cloud world

Category Security

Google Professional Cloud Security Engineer Recertification

This article is a journal of my path to take the Google Professional Cloud Security Engineer Recertification. I plan to track my progress, resources and post exam tips. Date created: March 2, 2021 Last updated: March 7, 2021 Exam Completed:… Continue Reading →

IBM Cloud – Securing a Cloud Server

Introduction This is part 2 of my series on IBM Cloud – Provisioning a Cloud Server. In this part, we will perform several tasks to improve the virtual server’s security and access. Review hardware firewall options. Lockdown external access by… Continue Reading →

Never Implement Proxy TLS Interception

Introduction I was answering a question on StackOverflow. The questioner has implemented Proxy TLS Interception which is very dangerous. I am reposting this thread on my website to share the details of my answer. The Question: how to configure Google… Continue Reading →

Google Cloud – SSL Certificates the Easy Way

Introduction I use SSL certificates for everything. I am constantly creating them for internal systems and cloud services. This includes services such as web servers, SQL servers, anything where you might use a paid SSL certificate, or a self-signed certificate… Continue Reading →

Google Cloud SQL for MySQL – Connection Security, High Availability and Failover

Introduction Designing an application that incorporates Google Cloud SQL requires some thought. There are several factors to consider regarding security, performance, fault tolerance and availability. Incorrectly implementing one of these areas can affect the other areas, usually negatively. In this… Continue Reading →

Google Cloud SQL Proxy – Installing as a Service on GCE

Introduction Google Cloud SQL Proxy provides secure access to Cloud SQL Second Generation instances without having to whitelist IP addresses or configure SSL. Cloud SQL Proxy provides several important benefits: Secure connections: The proxy automatically encrypts traffic to and from the database using TLS… Continue Reading →

Google Cloud – Creating OAuth Access Tokens for REST API Calls

The following example shows several important steps to call Google Cloud APIs without using an SDK in Python. Similar code works in just about any language (c#, java, php, nodejs). Change the source code with the filename of your service… Continue Reading →

Google Cloud – Converting Service Account Credentials from P12 to Json Format

I have written a number of articles about Google Cloud Credentials. For Service Account credentials, there are two on-disk formats: P12 and Json. This article shows how to convert these credentials from P12 to Json.

  John HanleyI design… Continue Reading →

Google Cloud – Extracting Private Key from Service Account P12 Credentials

Google Service Account Credentials are available in two file formats: Json and P12. P12 is also known as PFX. The following code shows how to process a P12 file and split into Private Key and Certificate. This code also works… Continue Reading →

Google Cloud – Creating Access Tokens from Service Account P12 Credentials

Google Service Account Credentials are available in two file formats: Json and P12. P12 is also known as PFX. The following code shows how to use P12 credentials to list the buckets in Google Cloud Storage without using an SDK…. Continue Reading →

Google Cloud – Creating and Authorizing Service Account Credentials with the CLI

This article is written for Windows, but the same principles apply to Linux and Mac. A service account is a special Google account that is used with applications or services, such as Google Compute Engine. Service account credentials are stored… Continue Reading →

CURL SSL Certificate Problem

Part 1 – The CURL command-line program If curl is not set up correctly for SSL (HTTPS) data transfers an error is displayed. The error message starts like this: curl: (60) SSL certificate problem: unable to get local issuer certificate… Continue Reading →

© 2024 John Hanley — Powered by WordPress

Theme by Anders NorenUp ↑