Friday, August 30, 2019

Updated: Cloud App Security - an introduction

IBM Cloud offers security services
Two years back, I had created two blog articles providing an introduction to cloud app security with an overview of topics, then discussing details on how to implement those security requirements with (then) Bluemix services. Recently, I had some time to update look into cloud app security again, adapt my previous write-up to the current state of (now) IBM Cloud. You can read it on the IBM Cloud blog as "Cloud App Security: What Makes a Secure App?".

Happy reading! If you have feedback, suggestions, or questions about this post, please reach out to me on Twitter (@data_henrik) or LinkedIn.

Monday, August 19, 2019

Track API key usage by combining IBM Cloud IAM and LogDNA search

Which key is still in use...?
Recently, I blogged about tracking account activity from the command line. I showed you how to search IBM Cloud Activity Tracker with LogDNA records using a Python script. Today, I discuss how to combine the IAM Identity Services API with the LogDNA search to track usage of API keys. The goal is to find out whether API keys for a user or service ID were recently used. If they were not used for long, they might be up for deletion.

Offboarding on IBM Cloud: Considerations when removing a user

Only authorized persons have access
Over my past blog posts I have looked into how to rotate credentials in different compute environments. I looked at Cloud Foundry on IBM Cloud, Cloud Functions and Kubernetes. The background is that I wanted to understand what it takes to maintain security during the regular DevSecOps cycles and when someone in the team leaves. The latter often is called offboarding.

Monday, August 12, 2019

Get some REST with Db2

Db2 has a REST API
Many of the IBM Cloud services have a REST API, an overview of REST APIs is here in the IBM Cloud docs. Recently, I realized that I had not yet tried the Db2 on Cloud API and the API for Db2 Warehouse on Cloud. Thus, last Friday I took some time to test out some code using one of my Db2 instances on IBM Cloud. Here is what you need to get started....