DevOps Directive

A place for DevOps and Cloud infrastructure content!

Recent Posts:

How to Manage Application Secrets (7 Levels of Credential Management)

November 11, 2020
Vault, Security

TL;DR: If you develop web applications, inevitably you will have secrets (database credentials, 3rd party API keys, etc…) that you need to manage. I have seen a variety of approaches used here and wanted to walk through them, from least secure to most.

There are always trade-offs when writing software, and in this case the tradeoff is between convenience and security. The ideal solution will establish convenient developer workflows while also protecting user data.


Static Site Hosting Using Google Cloud Storage and Cloudflare (with SSL!)

October 5, 2020
GCP, GCS, Cloudflare

TL;DR: I used to host my site on a virtual machine running Caddy webserver, but recently migrated it to Google Cloud Storage with Cloudflare in front of it as a proxy/cache/SSL termination solution. It’s pretty awesome! 😎

I also recorded a video about this setup on YouTube. ← Check out the video and subscribe if you are into this sort of thing 🙏

GCS Bucket Website Does this count as serverless?

Doing Stupid Stuff with GitHub Actions

July 25, 2020
GitHub, GitHub Actions, CI, CD

TL;DR: DevOps doesn’t have to be all work and no play. I built 5 stupid (but fun!) GitHub actions… because why not?

The full code for these actions can all be found in this GitHub repo. I encourage you to fork and/or add issues/PRs with impractical actions of your own!

I also recorded a video about this project on YouTube. ← Check out the video and subscribe if you are into this sort of thing 🙏

Whiteboard Screenshot

Creating a Password Protected Website with IAP and Google App Engine

April 30, 2020
GCP, Identity Aware Proxy, App Engine

TL;DR: If you have a static website that needs to be password protected, using Google’s Identity Aware Proxy along with App Engine is one of the simplest ways to accomplish this.

If you want to follow along with a site of your own, I have provided a working example in this GitHub repo.

Note: I have also seen S3 + Lambda used to accomplish this

Docs Screenshot

© DevOps Directive 2020