Follow-up on resource reclamation: Search resources and Code Engine commands

Restore IBM Cloud Code Engine projects

Some longer I time ago, I wrote about resource reclamation in IBM Cloud. When you delete a resource, it is not immediately gone but moved into a kind of trash bin. It gives you some days to reconsider or to recover from accidents. Today, I am going to share some additional tips & tricks.

Tutorial on cloud end-to-end security - an overview

Cloud solution architecture

Recently, my team updated our tutorial on applying end-to-end security to a cloud application. The tutorial features a typical app with an attached NoSQL database and object storage. Moreover, it leverages other services for increased security and to provide observability. Even better, all components can be automatically deployed, including a Tekton-based delivery pipeline. In this blog post, I am going to provide an overview and discuss some implementation details.

Best practices for successful support cases

Successful support cases

In my day job, I work with latest technology and cloud services. In addition, I work with customers / users and help them succeed. And in my private life, I also use technical equipment. In all three of these scenarios, mostly in the first two, I often create support cases. And I like to get the issues resolved, not just support cases closed. Over the years, I came up with these best practices for successful support cases.

Great chatbots in no time

Chatbots take over customer service

Last week, I was coach again at a chatbot hackathon. Chatbots have been around for a long time and I have blogged about tips & tricks for developing chatbots and resources many times. With Covid-19 transforming the world towards more digitalization and self-service, chatbot deployments grew significantly. In this post, I want to look back at the hackathon and share some wisdom for building great chatbots.

Home office and rubber duck debugging, 5 levels

Rubber duck debugging at home

Recently, I shared with you my best practices for working from home. Today, I want to add an angle specific to technical jobs, especially for developers. When you work in co-located teams, you benefit from the direct conversations and exchange. In (software) development and technical writing, it is important to rethink ongoing processes or ideas, to reassess a situation, to explain what you do. Rubber duck debugging is one such method - debugging code by explaining it to a rubber duck.

Key Protect as vault for multi-cloud setup

Guard credentials in a vault

In my previous blog post, I showed how you can easily encode and upload credentials to IBM Cloud Key Protect. Today, I am going to share sample code with you for retrieving the credentials and turning them back into a JSON object. A common use case is a multi-cloud environment where you need to store credentials for an external service. Basically, you are using Key Protect as vault. An example could be the key ID and secret to access the AWS S3 storage for importing data into IBM Cloud.

My best practices for 2FA and FIDO2 security keys

Some of my FIDO2 security keys

Since starting my journey (and blogs) with FIDO2 security keys, I got questions about how I use the keys and how I set up my various accounts for 2nd factor authentication. In this blog post, I am trying to address those questions and briefly discuss different types of FIDO2 keys. So let's get started...

My best practices for home office - Corona edition

Take some rest

If you follow my blog, you may already know that I work from home since more than 12 years. Except for some business travel, I tend to do the "things" considered work from a dedicated room in my house in Germany. Over the past years, I tried to find the balance between being productive (team, customers, employer, ...), take care of my family, socialize where possible and staying sane and healthy. Here are some of my best practices. They may or may not work for you, but at least give you some inspiration.

Startup lessons from a Fuckup Night

Last Wednesday, I attended the Fuckup Night Friedrichshafen Vol. II. If you don't know, Fuckup Nights is a global movement and event series dedicated to professional failures. That is, usually founders of failed startups tell their stories. Typically, it is a mix of funny adventures into the world of business, some sad parts and most importantly some lessons learned. So what were the lessons I took away? Read on...

How to: Enable Let's Encrypt SSL wildcard certificates for your IBM Cloud apps

Private data - secured

Early last year, I wrote about how to improve security for your custom domains on IBM Cloud. I pointed out that I was using the bluemix-letsencrypt wrapper for Cloud Foundry app to generate and retrieve SSL certificates issued by Let's Encrypt. Today, I am going to introduce you to another option which I am using. Recently, Let's Encrypt announced the support and availability of wildcard certificates. With such a wildcard certificate, all of my IBM Cloud apps available under a custom domain are covered (and secured). So let's take a look at what I did.

Securing your Python app with OpenID Connect (OIDC)

Authorized access only using OpenID Connect

Some weeks back I introduced to a tutorial on how to analyse GitHub traffic. The tutorial combines serverless technology and Cloud Foundry to automatically retrieve statistics and store them in Db2. The data can then be accessed and analyzed using a Python Flask app. Today, I going to show you how the web site is protected using OpenID Connect and IBM Cloud App ID.

How to pack serverless Python actions

Serverless access to Db2 and GitHub

For my tutorial on automated data retrieval and analytics, I use IBM Cloud Functions to automatically fetch GitHub traffic statistics once a day. It is implemented as a serverless Python action. Because some Python packages are needed, the question was how to pack and create the action. In this blog, I share some of my experiences.

IBM Cloud and Watson security questionnaires

If you are reading my blog regularly, you are aware of the entries on cloud security. Today, I want to point you to some newer reading material at the Cloud Security Alliance. They now have up-to-date self-assessment security questionnaires for the IBM Cloud.

The three available security documents cover IBM Cloud Infrastructure (IaaS), IBM Cloud Platform (PaaS), and the IBM Watson Services with their cognitive / AI capabilities. Using the provided material, you can learn about application security, audits, compliance, how business continuity and operational resilience are handled, procedures for change control, data and data center security, IAM (identify and access management) and much more. The answers include many links to references, documentation and other valuable information. Just for that it is worth going over the security questionnaires for IBM Cloud.

If you have feedback, suggestions, or questions about this post, please reach out to me on Twitter (@data_henrik) or LinkedIn.

Security Details: Serverless database access within IBM Watson Conversation service

Slackbot Architecture

Last week, I introduced you to a new tutorial for a database-driven Slackbot. Today, I am going to discuss details of how the IBM Watson Conversation service is accessing a Db2 Warehouse service from within a dialog. It uses a serverless setup with IBM Cloud Functions. All the necessary credentials to execute the code and to access the Db2 database are automatically bound. Hence, the function code and the dialog don't need any account-specific changes and are generic.

Chatbots: Some tricks with slots in IBM Watson Conversation

As you might remember, I have been using the IBM Watson Conversation service and DB2. My goal was to write a database-driven Slackbot, a Slack app that serves as chat interface to data stored in Db2. I will write more about that entire Slackbot soon, but today I wanted to share some chatbot tricks I learned. How to gather input data, perform checks and clean up the processing environment.

Slots

With my chatbot interface to Db2 I want to both query the database and insert new records. Thus, I need to collect input data of various kind. The Conversation service has a neat feature named input slots that simplifies that process. Within a dialog node (a logical step within the chat flow) I can specify a list of items the Conversation service should check for. I can tell in which variable to save that input and what question to ask if that data was not provided yet. Optional slots, i.e., optional data, can be enabled.

Secure Your Db2 Data Base - Using Trusted Contexts

Db2 Security - Trusted Context

You have that new app, maybe even in the cloud, with that user needing read and write access to the database? Don't want to open the floodgates for that favorite users? Ok, here is a way to secure your Db2 data and still provide that access. Even if that sounds impossible, trust me. And, I am going to put that "trust me" in context. Read on.

Introduction to Cloud App Security - Part 1

Security for Cloud Apps

Providing a secure app or application is a fundamental requirement. This is especially true in a cloud environment. In my post about “Securing Workloads on the IBM Cloud” I discussed the various layers that realize secure cloud computing. Today, I want to focus solely on apps that are built for deployment in the IBM Cloud. What makes up a secure app? What cloud services help establishing app security? Let’s take a look together.

Note that this is part 1 of 2. Part 2 is linked at the bottom.

Introduction to Cloud App Security - Part 2

(This is a continuation from part 1 of this introduction to Cloud App Security.)
Providing a secure app or application is a fundamental requirement. This is especially true in a cloud environment. In my post about “Securing Workloads on the IBM Cloud” I discussed the various layers that realize secure cloud computing. Today, I want to focus solely on apps that are built for deployment in the IBM Cloud. What makes up a secure app? What cloud services help establishing app security? Let’s take a look together.

App Security Services

To focus on the application logic, the functionality and business side, developers can delegate or “outsource” some of security tasks. Here is a non-exhaustive list of services that the IBM Cloud with the Bluemix platform provides. I am going to use the list of security topics from above:

Best practices for lively chatbots

TJBot as lively chatbot

More and more chatbots are being developed and there are good reasons for it. Not all chatbot projects succeed. Often, missing user acceptance is stated. The dialog system might not have hit the nerve, might not have fitted into the target environment. Would you talk with a friend who does not remember your name is repeating the same five phrases over and over again? I would not. So what can be done to make chatbots more lively, more human-like? Here are some best practices and ideas on how to implement them.

Introduction

I started my series on chatbots with lessons and tips from a chatbot hackathon. In that blog I focused on general aspects of building dialogs and designing a conversation system. The language needs to fit the audience. It is something we will look at again today. In a recent blog post I shared tips and tricks for building chatbots. It is possible to carry context throughout a conversation and embed conditions and advanced expressions into the dialog flow and single reponses. We will use that to implement some of the best practices found below. Building lively chatbots could also mean to give the bot a face. The open source project TJBot (pictured) is an example for that. The TJBot can listen, speak and see, give additional feedback and interact through its arm and its light. We won’t cover those aspects, e.g., hardware design or user interfaces, in this blog entry.

More Tips and Tricks for Building Chatbots

Chatbot Architecture

You build your first chatbot and it is working ok. Did you know that you can make chatbots even more interactive? That you can access conversation metadata and application variables inside the dialog nodes? You can even use predicates to tailor output to the usage scenario. As a follow up from our “Lessons and Tips from a Chatbot Hackathon“, let’s dig deeper into important features of the IBM Watson Conversation service on the IBM Cloud with Bluemix.