Tag: security

Anthos Config Connector and Redis security

A short disclaimer. I am writing it in the middle of March 2022 and it is possible that when you read the blog the information published here is not relevant anymore. Cloud products are evolving very fast.

I write the post to share some observations and potential issues you might have with deploying GCP Memorystore for Redis instances through Anthos Config Connector (ACC) controller. If you are not familiar with ACCI, I strongly recommend reading at least a high level overview of the product. In essence this is a Kubernetes addon which allows you to automatically deploy and manage GCP services by applying a manifest file (YAML or Helm chart) to a Kubernetes cluster with the ACC controller. It allows you to use the Kubernetes cluster as a deployment tool for GCP resources in your organization. This is a really interesting approach and might transform your environment in the cloud. But it implies some challenges around security which I am going to discuss in the blog.

Continue reading “Anthos Config Connector and Redis security”

Oracle Cloud Infrastructure multi-factor authentication

For some time we didn’t have a multi-factor authentication in the Oracle cloud and those short-lived numeric codes were one of the best way to reinforce your protection and prevent a bad actor to break your credentials. It is not 100% protection but it is well better than a username and a password. Just recently I read in the Oracle Infrastructure cloud blog about new native multi-factor authentication for Identity and Access Management (IAM) system on Oracle Cloud Infrastructure (OCI). Of course, I went directly to my account and started to test it. Continue reading “Oracle Cloud Infrastructure multi-factor authentication”