Microservices and Secrets management - How to comply with security must-dos

-
Very nice and concise article with respect to secret management and what you need to consider when building microservices to meet with security requirements

Microservices and Secrets management - How to comply with security must-dos

The article highlights the following must-dos when considering a solution for secret management as part of your overall microservices deployment architecture

  • Secure storage of various type of secrets (API Token, Keys, Certificates, username & passwords)
  • Reliable API based access to secrets
  • Dynamic secret distribution for automated encryption and authentication of keys
  • Full Audit of access to secrets.
  • Multi-level role based access to secrets
  • Centralized revocation of secrets and redistribution


Comments

Post a Comment

Popular posts from this blog

Basic Send Message to MQ with Java and IBM MQ JMS

-
package my.mq.samples;

import javax.jms.JMSException;
import javax.jms.Session;
import javax.jms.TextMessage;

import com.ibm.mq.jms.MQQueue;

import com.ibm.mq.jms.MQQueueConnection;
import com.ibm.mq.jms.MQQueueConnectionFactory;
import com.ibm.mq.jms.MQQueueSender;
import com.ibm.mq.jms.MQQueueSession;
import com.ibm.msg.client.wmq.WMQConstants;

public class MQSend {

public static void main(String[] args)
{
try {
MQQueueConnectionFactory cf = new MQQueueConnectionFactory();
cf.setHostName("localhost");
cf.setPort(1414);

cf.setIntProperty(WMQConstants.WMQ_CONNECTION_MODE, WMQConstants.WMQ_CM_CLIENT);

cf.setQueueManager("QM_GRIDSERVER");
cf.setChannel("SYSTEM.ADMIN.SVRCONN");

MQQueueConnection connection = (MQQueueConnection) cf.createQueueConnection();
//MQQueueConnection connection = (MQQueueConnection) cf.createQueueConnection("username","password");

MQQueueSession session = (MQQueueSession) connection.createQueueSession(false, Session.AUTO_ACKN…
Read more

Basic Receive Message to MQ with Java and IBM MQ JMS

-
package my.mq.samples;

import javax.jms.JMSException;
import javax.jms.Session;
import javax.jms.TextMessage;
import com.ibm.mq.jms.MQQueue;
import com.ibm.mq.jms.MQQueueConnection;
import com.ibm.mq.jms.MQQueueConnectionFactory;
import com.ibm.mq.jms.MQQueueReceiver;
import com.ibm.mq.jms.MQQueueSession;
import com.ibm.msg.client.wmq.WMQConstants;

public class MQReceive {

public static void main(String[] args)
{
try {
MQQueueConnectionFactory cf = new MQQueueConnectionFactory();
cf.setHostName("localhost");
cf.setPort(1414);

cf.setIntProperty(WMQConstants.WMQ_CONNECTION_MODE, WMQConstants.WMQ_CM_CLIENT);

cf.setQueueManager("QM_GRIDSERVER");
cf.setChannel("SYSTEM.ADMIN.SVRCONN");

MQQueueConnection connection = (MQQueueConnection) cf.createQueueConnection();
//MQQueueConnection connection = (MQQueueConnection) cf.createQueueConnection("username","password");

MQQueueSession session = (MQQueueSession) connection.createQueueSession(false, Session.AUTO…
Read more

Creating a simple Alert / Success Message with ASP.NET/VB using Bootstrap

-
In your AddContact.aspx page use something like the following

      <div class="row-fluid">
            <div class="span6">
                <h2>New Contact</h2>
            </div>
            <div class="span6">
                <asp:Label ID="AlertWindow" Visible="false" CssClass="alert alert-success" runat="server"></asp:Label>
            </div>
        </div>

And in your AddContact.aspx.vb code use something similar to this.  Basically set the message for the alert window, make the alert window visible and set the approprate css style.  You can make this  alot cleaner with a set of classes to implement bootstrap for ASP.NET.  So this is just an example.

    ......
    ......
    AlertWindow.Visible = True
    Try
        ......
        sSQLQuery = "INSERT INTO......"
        ......
        AlertWindow.Text = "New Contact Added Succes…
Read more