Tutorial on how to apply end to end security to a cloud application

Before you head out to the weekend I wanted to point you to a new cloud security tutorial. If you read this at the beginning of your week: What a great start... ;-)

Did you ever wonder how different security services work together to secure a cloud application? In the new tutorial we use

• IBM Cloud Activity Tracker to log all security-related events. This includes logging in to the account, provisioning or deleting services, working with encryption keys and more.
• IBM Cloud Key Protect to manage encryption keys. For the tutorial, we generate a root key for envelope encryption of stored files. You could also import your own root key (bring your own key, BYOK). We use the root key to create encrypted buckets in the IBM Cloud Object Storage service.
• IBM Cloud Object Storage (COS) service to produce expiring links to individual files. The links can be shared with others and expire after the set amount of time, so that the file cannot be accessed thereafter.
• IBM Cloud App ID as a wrapper around (enterprise and social) Identity Providers to manage authentication and authorization through a single interface. The App ID service can be directly integrated with Kubernetes Ingress.
• IBM Cloud Container Registry as a private image registry from which we deploy the application as container into a Kubernetes cluster (IBM Cloud Kubernetes Service). The container registry includes a Vulnerability Advisors that scans for and assesses container vulnerability and then recommends fixes.

Best of all, the code for the security tutorial is shared on GitHub in this repository. If you are in a hurry, it even allows you to deploy the full Node.js in Docker application and its services with the press of a button via toolchain.

If you have feedback, suggestions, or questions about this post, please reach out to me on Twitter (@data_henrik) or LinkedIn.

Upcoming Db2 events for the German and European crowd

Upcoming Db2 events

Are you back from vacation and need to get an overview of upcoming Db2 related Events? Here we go.

• Db2 Aktuell: Already this September 24-26 in Berlin, the conference offers tracks on Db2 on the mainframe and Db2 LUW. You can proof your knowledge and get certified. There is a "bring your co-worker" offer, making it a nice team event.
• DeDUG (German Db2 User Group): The next DeDUG meeting is special in two kinds. It will be sponsored by and feature Scott Hayes (DBI Software) as speaker. And it is held at the IBM Watson Center in Munich on October 19th. As usual, it is a free event.
• IDUG 2018 EMEA Conference: Last but not least on my list is the annual International Db2 User Group conference in Europe. It runs from November 4-8 and takes place on beautiful Malta. It is THE family gathering of the European Db2 community. Don't miss it.

If you have feedback, suggestions, or questions about this post, please reach out to me on Twitter (@data_henrik) or LinkedIn.

Db2: Some Friday Fun with XML and SQL recursion

Recursion is fun!?

Right now, Michael Tiefenbacher  and I have to prepare our joint talk "Some iterations over recursion" for the IDUG Db2 Tech Conference in Malta 2018. The title of our talk promises some fun, coding up some of the sample SQL already is. Yesterday and this morning I tested a little query I wrote and brought down my machine (not Db2). In April, I wrote about two different kind of recursive queries, standard SQL and Oracle syntax. Today, let me give you insights to a nasty recursive query that features SQL, SQL/XML and XQuery.

IBM Cloud and Db2 News - August 2018 Edition

Catch up with news

This Summer I have been away few days here and there. Once back, I tried to catch up with changes for IBM Cloud and its services as well as with Db2. Here are links to what I considered noteworthy (and read so far...):  

• Db2 (for Linux, UNIX, and Windows) recently saw some fix packs. Version 11.1 is now on Mod 3 Fix Pack 3 iFix002. For an overview of the Db2 product enhancements in the different modification packs you can read this page in the Db2 Knowledge Center.
• If you follow Db2 Warehouse on Cloud, Db2 Warehouse and Db2 on Cloud, the related "What's new" page is always worth a visit. There are additional Python modules in the Docker client container for Db2 Warehouse to simplify application development. Moreover, database federation has been enhanced for Db2 on Cloud.
• One of my favorite services on IBM Cloud is Watson Assistant. I have built many chatbots and hence read the release notes with product updates. One new feature is so-called rich responses. They allow to embed multimedia and offer clickable choices. There has also been an improvement to conditional responses that simplifies building more complex dialogs.
• If you are interested in serverless (Function as a Service / FaaS) technology, then this blog about setting up a CI / CD pipeline for OpenWhisk functions (IBM Cloud Functions) might be of interest. Another blog introduces a starterkit to develop IBM Cloud Functions with TypeScript.
• Related to serverless computing is also the announcement by Google and IBM of Knative. Knative is a new open source project that provides the building blocks for serverless platforms to run on top of Kubernetes.
• Another important annoucement, again with Google and others, was the general availability of Istio 1.0. Istio allows to deploy, secure and manage services across Kubernetes and other environments.

That's it for now. Anything that you found interesting and should be included? Then leave a comment.

If you have feedback, suggestions, or questions about this post, please reach out to me on Twitter (@data_henrik) or LinkedIn.