Tuesday, May 9, 2023

Decode JWTs in bash

Today, it is once again time for one of those "let's document it" blog posts. Lately, I looked into one of the IBM Cloud security features, trusted profiles based on compute resources. I described how to turn your container into a trusted identity. For developing code locally, I needed to copy over files from the Kubernetes pods to my local machine, then decode JWT access tokens, all using the command line. Here is what I did.

Thursday, April 20, 2023

Blast from the past: Procfile for Python cloud apps

One of my first cloud apps

Recently, I tried out a feature of IBM Cloud Code Engine: Deploying my app directly from source code. It was a simple app, but it failed. I was stunned and investigated the problem. To my surprise, I could have known it because it was something from the past: A Procfile was needed.

Thursday, March 30, 2023

IBM Cloud and Terraform: How to use a REST API

I am a regular user of the IBM Cloud provider plugin for Terraform. I use Terraform with the command line on my local machine or with IBM Cloud Schematics as managed service. Often, I am testing and evaluating new features. Sometimes, I face the situation where not all necessary functionality is available in Terraform. But luckily, often there exists already an API function. In this blog post I am going to show how to use a REST API with everything else done in Terraform.

Friday, March 24, 2023

Analyze your IBM Cloud access management setup

ER diagram for cloud security data
Recently, I looked into how to analyze the access management setup of my IBM Cloud account. I wanted to better understand what kind of access policies exist, what service instances are covered by rules and policies, etc. In the past, I have shared with you how to get insights into IBM Cloud account privileges or how to improve security by identifying inactive identities. This time, I looked across the existing APIs to obtain identity and access management (IAM) and resource data. I retrieved, then analyzed that security data. With these insights, it is possible to improve security for your IBM Cloud account and its resources.

Tuesday, March 21, 2023

flatpak: How to deal with unwanted package updates

Not all software is available as package for my Linux distribution. That's why I use flatpak for some applications. Recently, a new app version introduced a bug. It resulted in random crashes. So I looked into a way to get back to an older, more stable app version.

Friday, January 20, 2023

Create your IBM Cloud toolchain with Terraform

Tekton pipeline in action on IBM Cloud
Automation is key to cost-efficient use of (cloud) resources and to security. One of our security-focused IBM Cloud solution tutorials, Apply end to end security to a cloud application, comes with an automation to easily provision all required services and to use a toolchain with CI/CD pipeline to build and deploy the app as container.

Because the tutorial is from some years back, it has been updated, reworked, modernized, and kept in shape to stay current. The improvements include the code for the deployment automation.

Tuesday, January 10, 2023

Generate PowerPoint slides from your Db2 data with Python

Generated PowerPoint slide with Db2 data
How did you spend the holidays? I had some days off and then used the last day of vacation for some fun programming. Last year, I wanted to test the python-pptx package, but couldn't find time. So I used my "fun day" to generate / code up some PowerPoint slides. To make it more interesting, I added some charts from data retrieved from Db2 in my IBM Cloud account. Here is a quick recipe.