Security, software development and devops in a cloud world - AWS, Azure, Google, IBM & Alibaba

Category Google

Laravel – Redirecting HTTP to HTTPS

Introduction Once you have an SSL certificate configured, the next step is to redirect unencrypted traffic. There are several methods of doing this. Within your application (Laravel), by the web server (Apache or Nginx) or by the frontend (load balancer)…. Continue Reading →

Terraform – Experiments with Google Cloud DNS and IAM

Introduction I am currently preparing to recertify for the Google Professional Cloud Security Engineer Certification. I previously scheduled the HashiCorp Certified: Terraform Associate on March 29, 2021 at 3 PM. Maybe I will take both exams on the same day…. Continue Reading →

Google Cloud – Improving Security with Impersonation

Introduction A common practice in Google Cloud is to create one or more service accounts to authorize the Google Cloud CLI. Using service accounts is recommended by Google instead of user accounts. However, a service account JSON or P12 file… Continue Reading →

PowerShell – Impersonate Google Service Account

Introduction This article shows how to impersonate a service account from user account credentials. To understand how to set up everything, read the companion article: Google Cloud – Improving Security with Impersonation Save the following PowerShell script as a file… Continue Reading →

Google Cloud Compute – Mastering SSH

Introduction One of the more frequent problems on Stackoverflow is Compute Engine SSH. This article will dive into how SSH is configured on Compute Engine and how to connect using various SSH tools. I will also cover how to create… Continue Reading →

Google Compute – Stackdriver Logging – Installation, Setup & Debugging

Date created: March 10, 2018 Last updated: September 12, 2019 Google Stackdriver is a very good product for monitoring and logging your compute instances on Google Cloud, AWS, Azure, Alibaba, etc. This article covers Stackdriver logging for Google Compute instances… Continue Reading →

Google Cloud – Compute Engine Service Accounts

Date created: March 1, 2019 Last updated: March 3, 2019 Note: This article is evolving as I document my deep dive. Contents: Introduction March 1, 2019 – Day #1 – Basics and FAQ March 2, 2019 – Day #2 – Auditing, Alerting & Stackdriver… Continue Reading →

Google Cloud – The Master Series

Date created: February 27, 2019 Last updated: March 2, 2019 Introduction This month I completed two beta Google certification exams (Security, Network) with another exam scheduled for March 11th. In preparing for these exams I realized that it is important… Continue Reading →

Google Professional Cloud Network Engineer Certification

Date created: February 10, 2019 Last updated: March 13, 2019 Update: March 13, 2019. I passed this certification. Update: February 21, 2019. Bad news. My work schedule has been so long each day that I have not been able to… Continue Reading →

Google Cloud IAM – Member Types

Google Cloud IAM supports several member types that can be authorized to access Google Cloud resources. The following member types can be added to Google Cloud IAM to authorize access to your Google Cloud Platform services. Google IAM Member Types:… Continue Reading →

Google Cloud – Recovering from UFW firewall lockout – Debian

Introduction You have a Debian instance running in Google Cloud Compute Engine. You connect to this instance via SSH. One day you decide to enable the UFW firewall and your SSH connection drops. You cannot reconnect. Problem Enabling the UFW firewall… Continue Reading →

Google Cloud – Debian 9 – Resize Root File System

In Google Cloud I often use Debian 9 Stretch for my test instances. Today I was wondering if this OS automatically resizes the root file system if I resize the VM instance disk. I also want to see if this… Continue Reading →

© 2021 John Hanley — Powered by WordPress

Theme by Anders NorenUp ↑