Tutorial

How to Manage Application Secrets (7 Levels of Credential Management)

November 11, 2020
Categories:
Tutorial
Tags:
Vault, Security

TL;DR: If you develop web applications, inevitably you will have secrets (database credentials, 3rd party API keys, etc…) that you need to manage. I have seen a variety of approaches used here and wanted to walk through them, from least secure to most.

There are always trade-offs when writing software, and in this case the tradeoff is between convenience and security. The ideal solution will establish convenient developer workflows while also protecting user data.

cosmic-brain-progression

...

Static Site Hosting Using Google Cloud Storage and Cloudflare (with SSL!)

October 5, 2020
Categories:
Tutorial
Tags:
GCP, GCS, Cloudflare

TL;DR: I used to host my site on a virtual machine running Caddy webserver, but recently migrated it to Google Cloud Storage with Cloudflare in front of it as a proxy/cache/SSL termination solution. It’s pretty awesome! 😎

I also recorded a video about this setup on YouTube. ← Check out the video and subscribe if you are into this sort of thing 🙏

GCS Bucket Website Does this count as serverless?

...

Creating a Password Protected Website with IAP and Google App Engine

April 30, 2020
Categories:
Tutorial
Tags:
GCP, Identity Aware Proxy, App Engine

TL;DR: If you have a static website that needs to be password protected, using Google’s Identity Aware Proxy along with App Engine is one of the simplest ways to accomplish this.

If you want to follow along with a site of your own, I have provided a working example in this GitHub repo.

Note: I have also seen S3 + Lambda used to accomplish this

Docs Screenshot

...

© DevOps Directive 2020