DevOps

How to test K8S SA’s permissions when OIDC IAM Role was provided in AWS EKS

With the following 'human readable' title, "How to test ( or an example to make use of ) the Kubernetes ServiceAccount's functionality if an AWS IAM Role, which can be…

Read more

Preventing email deliverability failures and spoofing

Long story short, as almost all vulnerabilities comes from human side, we had a small missconfig in our SPF/DMARC record which was found randomly by a security freelancer who inform…

Read more

GCP Infrastucture Overview

Disclaimer This project is a proof of concept based on our perception about how a start-up cloud infrastructure should be so it not guarantee any best practices nor any 'ready…

Read more

GitLab CI/CD Pipeline – Push Image to GRC and Cannary Deploy to GKE | GCP Infrastructure overview

When the infrastructure is done and all resources are in place we need to create a CI/CD pipeline to allow our code to be deployed. We choose GitLab's CI/CD pipeline…

Read more

Multiple ip’s on same interface | Proxmox

A common scenario is that you'll need multiple public ip's on same physical machine in the cluster but you have only two NIC's, of which one is for management. Proxmox…

Read more

One line appsec firewall for nginx w. fail2ban

After we saw that that a lot of traffic | ~25% | is coming from bots ( some kind of automated script or program ) who are trying to login…

Read more

Setting up a VPN server for small infrastructures

Supposed that we have a small application which have dev, test and prod env. that should only be accessible for team members and we wanna have access from home or…

Read more

Setting up Proxmox with Ansible, part1

In first article of this series we will makae a simple configuration to set-up the enviroment and perform a simple task: check if LXC Container is not presentAnsible provides 2…

Read more