Secure your access to GCloud cli with Service Accounts
Do you want a time-sensitive way to give access to a third party to your GCP account with a low administrative burden? Look no further! Set up a service account! How to do it It's actually very simple: Create a new service account, and give it the permissions needed by the third party Ask the third party for a Google Identity Add this identity to the service account with the TokenCreator permissions Profit! Now the third party needs to execute the gcloud command with an addit
How to keep your AWS Keys Safe on your terminal
One of the causes of AWS Keys leaks is configuring your AWS CLI by using the command aws configure; This can lead you to store your credentials in plain text under your home folder. If you are using Linux or macOS, you may know about the Keychain and D-bus secret service, so let’s combine both things into a secure and robust solution to keep your keys safe. We will use https://github.com/sorah/envchain as the primary tool to automate the keychain unlock, export the values int
A security approach: Zoom
Many of us know the application that we will talk about today. During this time that quarantine began to be implemented as a result of the Covid-19, the Zoom video call application had a sudden success with a peak of 200 million video calls per day, thus it gained popularity as it allowed many people to feel more close and that companies and businesses will connect with their employees to develop their activities. However, its popularity only resulted in the application being
DevSecOps as an extension of DevOps
A couple of months ago we’ve heard about Docker and vulnerabilities found on some of their images. It’s easy to imagine what could happen if one of our applications would be running on one of those images. Sometimes the inexperience or the times to deliver decide us to use one of the images available on the docker’s site, but do we really know what are we using? Sometimes It's reduced to a faith thing. But having the right tools we could forget about that kind of issue, or at
