Can You Keep a Secret? - Bucharest, 2018
Slides Resources Check out my post from the original talk for the resources shown in this presentation. Photo credit: @technerdteitzel.
Slides Resources Check out my post from the original talk for the resources shown in this presentation. Photo credit: @technerdteitzel.
Securely managing application secrets can be challenging - especially in complex, multi-datacenter environments. Many common secret management tools and services only solve specific use cases, and are often coupled to specific cloud providers. HashiCorp Vault is an open-source secret management tool designed to support distributed applications and infrastructure as first-class citizens. It provides powerful features such as: Centralised secret storage Dynamic secrets Encryption as a Service Identity brokering Access control management Audit logging This session will introduce some important Vault concepts and operational considerations, before diving into a technical demonstration of the current Drupal integration capabilities....
Originally posted 2017-11-24 on the PreviousNext blog. Even tech giants like Uber are bitten by poor secret management in their applications. The snippet below describes how storing AWS keys in their repository resulted in a data breach, affecting 57 million customers and drivers. Here’s how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company....
Every Drupal application has its secrets - and I don’t mean that dodgy code you wrote during an all-nighter. Database credentials, API keys, personally identifiable information - a secret is any data which could cause harm to your organisation if exposed. This session will introduce the concepts of secrets and secret management, before moving onto practical examples of securely storing secrets in Drupal. Video Unfortunately the recording doesn’t include the slides, see below if you would like to reference them....
I was lucky enough to have my topic Can You Keep a Secret? selected for DrupalSouth Auckland in November. In this presentation I will run through the basics of secret management, before diving into recipes for leveraging tools like HashiCorp Vault and AWS KMS in your Drupal projects. It is shaping up to be a great conference - there are a lot of really interesting talks scheduled, including 9 from my PreviousNext colleagues!...
Background A few weeks ago I decided to replace my ageing and bloated Drupal 7 blog. I decided on the following criteria that the solution had to meet: The project git repo must be private. Hosting infrastructure had to be under my control and completely codified. The solution should require very little supporting infrastructure such as databases. Deployment of changes to the site or infrastructure must be automated. These requirements immediately ruled out a few options including GitHub Pages and SaaS blogging platforms like wordpress....
During a recent project, I ran into an issue where the new stack (defined using Terraform) needed to connect to a legacy server via private network interfaces. The Terraform stack was encapsulated within its own VPC, and the legacy server was in the default VPC. Both VPCs were in the same region. AWS has a feature called “VPC peering” which establishes a connection between two VPCs - exactly what was required for this use case....
As Drupal continues to experience huge growth with government and enterprise clients, the scale and complexity of Drupal implementations also grows. A common issue affecting these bigger projects is poor website performance. Problems of this nature have huge and costly impacts on the customer; lost sales and advertising revenue, loss of consumer confidence and brand legitimacy, SEO penalties, increased hosting infrastructure costs - the list goes on. Not to mention the developers tasked with fixing the problem!...
Originally published 2013-04-08 on Business Spectator. Bitcoin has been getting attention recently due to its meteoric rise in value against fiat currencies. Just over a week ago the market capitalisation reached $1 billion. Overnight it cracked the $2 billion mark, with each Bitcoin valued at $US194.90. Nobody yet knows the true value of 1BTC, and no one knows what will happen when this ‘price discovery’ comes to an end....
In a little over a week Drupal Down Under 2012 will commence in Melbourne! I’m very excited to attend after the awesomeness of last year’s event in Brisbane. Planning my schedule was very difficult as there are so many great looking sessions! Huge kudos to Itomic for sponsoring my ticket. Unfortunately Itomic’s presence will be halved from last year; staff reshuffles, annual leave and the opening of our new office in the UK has left us a bit undermanned!...