John Hanley

Security, software development and devops in a cloud world - AWS, Azure, Google, IBM & Alibaba

Category

Cloud

IBM Cloud – Securing a Cloud Server

Introduction This is part 2 of my series on IBM Cloud – Provisioning a Cloud Server. In this part, we will perform several tasks to improve the virtual server’s security and access. Review hardware firewall options. Lockdown external access by… Continue Reading →

IBM Cloud – Provisioning a Cloud Server

Introduction Today is Saturday, so I decided to write another article about IBM Cloud. Today, I will build an IBM Cloud Virtual Server Instance (VSI) running Ubuntu 18.04. This article is the first part of a series on provisioning virtual… Continue Reading →

Google Cloud – SSL Certificates the Easy Way

Introduction I use SSL certificates for everything. I am constantly creating them for internal systems and cloud services. This includes services such as web servers, SQL servers, anything where you might use a paid SSL certificate, or a self-signed certificate… Continue Reading →

Cloud Storage Bytes – New Training Videolab

This training videolab is a collection of videos Google Cloud created by Jennifer Brown @jbrojbrojbro. Jennifer is a Google Cloud Developer Advocate and a Google employee. Her videos are very good and average about 3 minutes each. This lab combines… Continue Reading →

Get Cooking in Cloud – New Training Videolab

Introduction This training videolab is a collection of videos Google Cloud created by Priyanka Vergadia @pvergadia. Priyanka is a Google Cloud Architect and a Google employee. Her videos are very good and average about 5 minutes each. This lab combines her… Continue Reading →

Google Cloud SQL for MySQL – Connection Security, High Availability and Failover

Introduction Designing an application that incorporates Google Cloud SQL requires some thought. There are several factors to consider regarding security, performance, fault tolerance and availability. Incorrectly implementing one of these areas can affect the other areas, usually negatively. In this… Continue Reading →

Introduction to Python – New Training Videolab

Introduction I watch a lot of training material from all the major education vendors (Pluralsight, Linux Academy, Cloud Academy, A Cloud Guru, and many others). For a long time, I have been wanting to add professional scriptwriting, professional graphics and… Continue Reading →

Google Cloud SQL – New Training Videolab

Introduction I watch a lot of training material from all the major education vendors (Pluralsight, Linux Academy, Cloud Academy, A Cloud Guru, and many others). For a long time, I have been wanting to add professional scriptwriting, professional graphics and… Continue Reading →

IBM Cloud – Learning the Basics – Week 1

Part 1: Introduction For several years, I have wanted to learn more about IBM Cloud. Last week, I was at a Google Presentation (I was one of the speakers) on Google Cloud Run, and IBM Cloud Kubernetes was demonstrated. That… Continue Reading →

Google Cloud SQL Proxy – Installing as a Service on GCE

Introduction Google Cloud SQL Proxy provides secure access to Cloud SQL Second Generation instances without having to whitelist IP addresses or configure SSL. Cloud SQL Proxy provides several important benefits: Secure connections: The proxy automatically encrypts traffic to and from the database using TLS… Continue Reading →

Google Cloud Run Deep Dive – Understanding the APIs – Part 2

Introduction This article discusses mapping custom domains for Google Cloud Run Managed. In a future article, I will cover Google Cloud Run on GKE. Google Cloud Run supports using a custom domain rather than the default address provided for a… Continue Reading →

Google Cloud Run Deep Dive – Understanding the APIs – Part 1

Introduction To understand Google Cloud Run, you must peel back the layers and look at the interfaces that the API offers. Understanding the API will provide you with a better understanding of the features and capabilities. If your goal is… Continue Reading →

Google Cloud Platform – Getting Started

Introduction Google Cloud Platform is a suite of cloud computing services. Google has everything from storage, compute, database, big data to AI and everything in between. I am often asked how do I get started with Google Cloud. In this… Continue Reading →

Google Cloud Run – Minimizing Cold Starts

Introduction This article discusses Google Cloud Run cold starts, what they are and how to avoid cold starts. What is Cold Start? Cloud Run is a stateless HTTP serverless container service that provides on-demand services that autoscales to zero instances…. Continue Reading →

Google Cloud – HTTP Load Balancer File Upload Error

Introduction This article is about how to upload files to Compute Engine fronted by a Google HTTP Load Balancer and how to diagnose and correct file upload timeouts. The result is a better understanding of how to configure the Google… Continue Reading →

Google Cloud Shell – CLI in Go

Google Cloud Shell CLI Written in Go This is a placeholder until I write this article. I have published the source code on GitHub. Note: This program is written for Windows. I have not yet ported it to Linux or… Continue Reading →

Security – Key Pairs and Private-Public Keys

Table of Contents Introduction Definitions Example Private & Public Keys OpenSSH Public Keys SSH-2 Public Keys Examining OpenSSH Public Keys Introduction There is a lot of confusion and inaccurate information on the Internet about Key Pairs and Private/Public keys. This… Continue Reading →

Google Cloud Run – Simple File Server in Go

Introduction This article shows how to serve files with Google Cloud Run. There are a few reasons to use Cloud Run instead of Google Cloud Storage. To learn how to deploy a simple file sharing service using Cloud Run. To… Continue Reading →

Google Cloud and Go – My Journey to Learn a new Language in 30 days

Part 1: Introduction Today I decided to learn Go in the next 30 days and document every step of my journey. How well will I know Go in 30 days? That is a difficult question and by logging the steps,… Continue Reading →

Google Cloud Asset Inventory – Reverse Engineering an API

Introduction This article describes a missing item from the articles and documentation on Google Cloud Asset Inventory. The item is the header X-Goog-User-Project. I am writing this article to show how I figured this out, so you have another method… Continue Reading →

Google Cloud Run – Identity

Introduction Sometimes your Google Cloud Run app needs to communicate with or consume other services. This can be a simple as reading an object in Cloud Storage, sending an email, or connecting to a database. What identity does Cloud Run use?… Continue Reading →

Google Cloud Run – Pricing

Introduction Google Cloud Run charges you for the resources you use when you use them. No long running compute instances, just on-demand services. There are several components to Cloud Run services. In this article, we will look at each one…. Continue Reading →

Google Developers Experts – Cloud Platform

Google Experts Program Google has honored me with Google Developers Experts Cloud Platform. I am the twentieth expert in North America. This is a global program to recognize individuals who are experts and thought leaders in one or more Google… Continue Reading →

GitHub – New Public Repository

Starting today, I am copying all of my source code for the articles on this website to GitHub. This will take a week to complete. Today’s article on Cloud Run now has a GitHub repository to make downloads and builds… Continue Reading →

Google Cloud Run – HTTPS – Part 2

Introduction This article discusses HTTP to HTTPS redirection in software. I will show you one method of server-side redirects in Python 3 and Flask. I will start by analyzing the HTTP headers received by a Cloud Run container application and… Continue Reading →

Google Cloud Run – HTTPS – Part 1

Introduction This article discusses HTTP to HTTPS redirection as implemented by Google Cloud Run. Today, all websites should deliver traffic over HTTPS. Google Cloud has adopted this policy providing HTTPS for Cloud Run service URLs with automatic redirects from HTTP to… Continue Reading →

Google Cloud – Backup Bitnami WordPress

Introduction My personal website which covers articles about Google Cloud has been growing both in traffic and content. After I wrote my article Google Professional Cloud Security Engineer Certification, my website lit up with traffic and has continued to grow…. Continue Reading →

Google Cloud – HTTP Load Balancer and IPv6

  Introduction This article covers how to add IPv6 to a load balancer on Google Cloud and create the correct DNS resource records. Google Compute Engine does not support IPv6, so this requires that a Google HTTP Load Balancer (and… Continue Reading →

Google Cloud Run – Getting Started with Python and Flask

Introduction On August 15, 2018, Google released the Alpha release of Google Cloud Run. Many of us saw the potential and went to work learning this new platform. Everything serverless gets our attention. Cloud Run is Google’s entry into serverless… Continue Reading →

Google G Suite – How to Analyze an Email Ransom Demand

Introduction Date created: May 7, 2019 Last updated: May 7, 2019 Today I received an email titled “jhanley@jhanley.com has been hacked, change your password ASAP”. The hacker claims to know my login and password, has full control over my account… Continue Reading →

Google G Suite – Sender Policy Framework – SPF

Date created: May 4, 2019 Last updated: May 5, 2019 Gmail stats graphic courtesy Google Security Blog Introduction One of the major problems with email is email spam. Spammers impersonate your identity to send emails that appear to be sent… Continue Reading →

Google Domains – Purchasing a Domain Name

Date created: May 2, 2019 Last updated: May 4, 2019 Introduction For the articles on this site, I often create subdomains for testing. This is neither safe nor secure and a mistake could take down my entire domain. Therefore, I… Continue Reading →

Google Cloud Certification Badges

I think that Google has done a nice job creating certification badges. Certify with Google Cloud and G Suite and get your own badges. Google Cloud Certified

Google Cloud Memorystore – Redis

Date created: April 17, 2019 Last updated: April 19, 2019 Introduction Redis (REmote DIctionary Server) is one of the most popular databases in the world. Redis is a Key Value dictionary. Google Cloud Memorystore is Google’s managed service for Redis…. Continue Reading →

Google Professional Cloud Security Engineer Certification

Date created: January 30, 2019 Last updated: May 5, 2019 Exam Completed: February 15, 2019 Part 1: Introduction Part 2: Post Exam Review Part 3: Daily Study Part 4: Tips and Advice Part 5: Final Exam Update March 29, 2019…. Continue Reading →

Google OAuth 2.0 – Testing with Curl – Refresh Access Token

In my earlier article on how to test Google OAuth 2.0 flows from the command line I showed how to generate Google OAuth 2.0 Access Token, Refresh Token, and ID Token. In this article, I will show how to refresh… Continue Reading →

Google OAuth 2.0 – Testing with Curl – Version 2

If you have ever wanted to test Google OAuth 2.0 flows from the command line, you will like this short article. This article is the second version. I wrote a previous article on using curl, but that version did not… Continue Reading →

Google Cloud IAM – Listing Projects

This article shows how to display a list of Google Cloud Projects that you have access to list. This article includes two examples in Python that use two different Google Cloud Python libraries. These examples produce the same output as the… Continue Reading →

Google Cloud – Creating OAuth Access Tokens for REST API Calls

The following example shows several important steps to call Google Cloud APIs without using an SDK in Python. Similar code works in just about any language (c#, java, php, nodejs). Change the source code with the filename of your service… Continue Reading →

Google Cloud – Converting Service Account Credentials from P12 to Json Format

I have written a number of articles about Google Cloud Credentials. For Service Account credentials, there are two on-disk formats: P12 and Json. This article shows how to convert these credentials from P12 to Json.

 

Google Cloud – Extracting Private Key from Service Account P12 Credentials

Google Service Account Credentials are available in two file formats: Json and P12. P12 is also known as PFX. The following code shows how to process a P12 file and split into Private Key and Certificate. This code also works… Continue Reading →

Google Cloud – Creating Access Tokens from Service Account P12 Credentials

Google Service Account Credentials are available in two file formats: Json and P12. P12 is also known as PFX. The following code shows how to use P12 credentials to list the buckets in Google Cloud Storage without using an SDK…. Continue Reading →

Google Cloud Stackdriver – IP Addresses

I have worked with Google Cloud Stackdriver for about three months. The more I learn about Stackdriver the more I like it. Great product for logging, monitoring, error reporting, application tracing and application debugging and more. One of the items… Continue Reading →

Google OAuth 2.0 – Testing with Curl

Introduction If you have ever wanted to test Google OAuth 2.0 flows from the command-line, you will like this short article. [Update: I thought about the problem below with the copy and paste requirement. I created a simple python web… Continue Reading →

Google Cloud – Creating and Authorizing Service Account Credentials with the CLI

This article is written for Windows, but the same principles apply to Linux and Mac. A service account is a special Google account that is used with applications or services, such as, Google Compute Engine. Service account credentials are stored… Continue Reading →

Google Cloud – Where are my credentials stored

Google Cloud stores your credentials in a database on your system. These credentials can then be used over and over. Google’s choice of a database means that the CLI and SDK tools can manage a huge number of credentials efficiently…. Continue Reading →

Google Cloud – Setting up Gcloud with Service Account Credentials

In this article we will download and install the Google gcloud CLI. Then we will setup gcloud with Google Service Account credentials. This article is for Windows based system but the same principles apply to Linux and Mac systems. Step… Continue Reading →

Google Cloud – Understanding Gcloud Configurations

This article is written for Windows, but the same principles apply to Linux and Mac. I need to work with multiple Google Cloud accounts and be able to easily switch my credentials between accounts. For those of you with AWS… Continue Reading →

Google Cloud Private DNS Zones

On October 23, 2018, Google introduced private DNS zones for Google Cloud DNS. This is an important announcement as this keeps internal DNS names private. Today’s article covers how to implement this new feature in Google Cloud Platform. Update: May… Continue Reading →

© 2019 John Hanley — Powered by WordPress

Theme by Anders NorenUp ↑