Secure deployments keeping your application secrets private -duug fest

•Download as PPTX, PDF•

0 likes•318 views

This document discusses several approaches for securely managing secrets in deployments, including using a release orchestrator, ARM templates, accessing secrets directly from Key Vault, and accessing supported services directly. It recommends using a release orchestrator for existing situations, ARM templates to avoid duplicating secrets manually, and directly accessing Key Vault or supported services when possible to allow secrets to be automatically picked up on deployment and rolled more easily. Config builders are also presented as a way to handle secrets for local development and deployments.

Software

SECURE DEPLOYMENTS
KEEPING YOUR
SECRETS PRIVATE
Henry Been
"Locks" (CC BY-NC-ND 2.0) by wolf4max

WONDERING WHO
IS THAT GUY?
HENRY BEEN
Independent Devops & Azure Architect
E: consultancy@henrybeen.nl
T: @henry_been
L: linkedin.com/in/henrybeen
W: henrybeen.nl

THE NEED FOR SECRET MANAGEMENT
Develop Build Deploy Operate
Dev Ops
DevOps

Secret management goals
No team member needs
production access
Frequently
change secrets
Decouple authentication
from authorization
No secrets in
source control

1. Let operations deploys
2. Enter manually in the portal
3. Encrypted in source control
4. Use once, obscure https endpoint
HOW NOT TO..

Approach 1
USING RELEASE ORCHESTRATOR
VSTS
Secrets
Azure Web AppCode

USING RELEASE ORCHESTRATOR
• Secrets are pretty secure
• Easy to start with
• Fits existing situations
• You see and copy secrets
• Secrets visible in portal
• Duplication of secrets
• Cannot roll secrets easily
Pros Cons

Prerequisite: Have primary & secondary secrets
1. Change the secret in release orchestrator to secondary secret
2. Release
3. Roll primary secret
4. Change the secret in release orchestrator to primary secret
5. Release
6. Roll secondary secret
Intermezzo: Roll a secret

Approach 2
USING ARM TEMPLATES
Azure
Web App
Key Vault
VSTSCode & Infra

USING ARM TEMPLATES
• No manual copying or
sharing of secrets
• No more manual
duplication of Azure keys
• Secrets visible in portal
• Still cannot roll secrets
easily
Pros Cons

Approach 3
DIRECTLY FROM KEY VAULT
VSTS
Azure
Web App
Code & Infra
Key Vault

HOWTO: Local Development
1. Grant your developer account access to (another) Key Vault
• Best alternative
• Requires your machine to be in the same AD domain
2. Only use Key Vault in Azure (locally use Web.config)
• You have to write code to do this (though pretty straightforward)
3. Manually create a development identity and use that
• However… do not check secrets into source control

DIRECTLY ACCESS KEY VAULT
• No manual copying or
sharing of secrets
• No more duplication of
Azure keys
• Secrets no longer visible
in portal
• Changed secrets are
automatically picked up
• Only available on Azure
Web Apps, Azure
Functions and
DataFactory V2
Pros Cons

Approach 4
DIRECTLY ACCESS SERVICE
VSTS
Azure
Web App
Code & Infra
AAD
Other Service

DIRECTLY ACCESS SERVICE
• No more secrets • Only available on Azure
Web Apps, Azure Functions
and DataFactory V2
• Only on supported services
Pros Cons

Supported services
• Azure Resource Manager
• Azure Key Vault
• Azure Data Lake
• Azure SQL DB
• Azure Event Hubs
• Azure Service Bus
• Azure Storage
https://docs.microsoft.com/en-us/azure/active-directory/managed-service-identity/services-support-msi

SECRETS
FOR LOCAL
DEVELOPMENT
AND DEPLOYMENTS
USING CONFIG BUILDERS
Requires:
• (.NET Framework ≥ 4.7.1 &&.NET Framework
4.7.1 Development Tools) || ASP.NET Core 2.0

CONFIG BUILDERS
Runtime
AppSettings
App.config ConfigBuilders

Using .NET Framework
How I made it work…

Premade config builders
• EnvironmentConfigBuilder
• UserSecretsConfigBuilder
• AzureKeyVaultConfigBuilder
• KeyPerFileConfigBuilder
• SimpleJsonConfigBuilder
https://docs.microsoft.com/en-us/azure/active-directory/managed-service-identity/services-support-msi

Use your release orchestrator
Manual deployment NEVER EVER EVUHRR
When you deploy only code
Keyvault and ARM templates When you also deploy infra
Application identity / KeyVault When available & possible
Application identity / Oauth resource When available & possible
WHAT TO USE WHEN?
Config builders When available & possible

DO TRY THIS AT HOME!
HENRY BEEN
Independent Devops & Azure Architect
E: consultancy@henrybeen.nl
T: @henry_been
L: linkedin.com/in/henrybeen
W: henrybeen.nl

What's hot

Build a REST API for your Mobile Apps using Node.js

Stormpath

Azure Functions make it easy to create and host webhook interfaces without maintaining a server. You can quickly setup an endpoint to receive data and act on it. Being able to ingest, process, and respond to data from a variety of sources without building out an infrastructure gives you time to focus on building functionality. In this presentation, Nick Zimmerman, Sr. Site Reliability Engineer at SparkPost, will show you how to setup an Azure Function, accept webhook data, process that data with C#, and integrate that data into an application in real time.

Webhooks with Azure Functions - Live 360 Conference

SparkPost

Get set.. Introduction to Windows Azure Development

Thomas Robbins

java in cloud - adopt cloud dev's DHARMA

Hochi Chuang

How to Hack (And Secure) Serverless Apps on Azure

Dean Bryen

You successfully managed to treat your infrastructure as code. And your application config is kept in version control as well. Wait! What did you do with your DB passwords and API tokens? Secrets need special treatment to fully automate your deployment pipeline. In this talk, I will show you how. Slide deck from my Jazoon TechDays presentation from 7 Sep 2019, recorded here: https://www.youtube.com/watch?v=Ip8eTPj3Jsk

Secrets as Code

Johann Gyger

Zero Credential Development with Managed Identities for Azure resources

Joonas Westlin

True story of re architecting website for scale on windows azure

Sergejus Barinovas

Firebase.pptx

siddhiiAgarwal

Firebase.pptx

TanviBudhabaware

Interested in getting started in the cloud but unsure where to start? Already working in the cloud but feeling a bit overwhelmed? In this session we're going to take a look at how you can kickstart your cloud journey by leveraging open source blueprints on Amazon Lightsail. We will start with a quick overview of cloud computing and Amazon Lightsail, from there we'll look at how Lightsail supports a variety of open source applications and dev stacks. We'll deploy and scale a MEAN stack application and finish up showing how you can use custom blueprints to deploy whatever package you like. - a talk by Mike Coleman, Developer Advocate, Amazon Web Services, at the Open Source Summit North America, August 2018.

Jumpstarting Your Cloud Journey with OSS on Amazon Lightsail

Amazon Web Services

Using Cookies to Store Your Postman Secrets

Postman

OWIN Why should i care?

Terence Kruger

Are you looking to move to the cloud, but aren’t sure quite where to start? Are you already using AWS, and are looking for ways to simplify some of your workflows? If you answered “yes” (or even “maybe”) to either one of those questions, this session / hands-on workshop is for you. We’re going to take you through using Amazon Lightsail, an AWS service that provides the quickest way to get started in the cloud, to deploy and scale an application on AWS.

Deploying and Scaling Your First Cloud Application with Amazon Lightsail

AWS Germany

Programming with Azure Active Directory

Joonas Westlin

DDD Melbourne 2014 security in ASP.Net Web API 2

Pratik Khasnabis

Active Authentication to Protect IT Assets - Onion ID

banerjeea

Securing IT infrastructure is a critical task that is fought with multiple challenges. This task becomes even harder due to the ever-expanding landscape of threats. In this webinar, we will highlight these challenges, threats and identify important problems with the status quo in IT Security. We will then discuss how an Active Authentication approach can rise to the challenge and deliver an end-to-end solution that addresses these problems.

Active authentication to protect IT assets

Plesk

Heroku cloud platform

Hasan Khatib

What's hot (19)

Build a REST API for your Mobile Apps using Node.js

Webhooks with Azure Functions - Live 360 Conference

Get set.. Introduction to Windows Azure Development

java in cloud - adopt cloud dev's DHARMA

How to Hack (And Secure) Serverless Apps on Azure

Secrets as Code

Zero Credential Development with Managed Identities for Azure resources

True story of re architecting website for scale on windows azure

Firebase.pptx

Jumpstarting Your Cloud Journey with OSS on Amazon Lightsail

Using Cookies to Store Your Postman Secrets

OWIN Why should i care?

Deploying and Scaling Your First Cloud Application with Amazon Lightsail

Programming with Azure Active Directory

DDD Melbourne 2014 security in ASP.Net Web API 2

Active Authentication to Protect IT Assets - Onion ID

Active authentication to protect IT assets

Heroku cloud platform

Similar to Secure deployments keeping your application secrets private -duug fest

Secure your Azure Web App 2019

Frans Lytzen

Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault

Tom Kerkhove

Zero credential development with managed identities

Joonas Westlin

So you have deployed your web app to Azure. Now, how do you make it more secure and compliant? In this fast-paced talk we will run through an overview of some of the Azure technologies that you can use to better protect your web applications in Azure - all depending on your required security level, of course. The talk will set out a framework for you to consider which protections you want to put in place and provide you with the awareness of the tools at your disposal. https://www.lytzen.name/talks/Securing_web_apps_in_azure.html

Secure your web app presentation

Frans Lytzen

Puppet enables automated flow. "Security" is often perceived as antithetical to flow. We will demonstrate how to create secure Puppet workflows, where agents have individual identities that are authenticated, authorized, and their activity audited. We will show how this can be done without slowing down provisioning and deployment workflows, and how to get started immediately using open source resources and a Puppet Forge module. We will go on to how to apply these capabilities across the organization, including how to: - generalize this approach for containers, container orchestration and other automation components - include human users in secure automated workflows when necessary - scale this approach for large organizations - allow security teams to establish foundational enterprise security policies for automation - delegate day-to-day management responsibilities to individual teams, without losing control.

PuppetConf 2017: Securing Secrets for Puppet, Without Interrupting Flow- Ryan...

Puppet

Passwordless Development using Azure Identity

Sarah Dutkiewicz

Secure Your Code Implement DevSecOps in Azure

kloia

Intelligent Cloud Conference 2018 - Building secure cloud applications with A...

Tom Kerkhove

Keys are always needed to access services in Azure and beyond. Storing and managing keys presents many problems, for example rotating and disabling them. Keys often also allow blanket access to the service with no way to limit it. Sometimes there is only one key that needs to be shared by services, so you won't have any way to disable access from one individually. In this talk we will go through Managed Identities for Azure Resources, how they work, and how you can use them to use Azure services in a secure way without having to manage any keys yourself. We will go through a demo application which uses various Azure services through a managed identity, removing the need to use keys entirely. The source code will be available to the audience so they have samples that they can use to implement managed identities in their own applications.

Zero Credential Development with Managed Identities

Joonas Westlin

Techdays Finland 2018 - Building secure cloud applications with Azure Key Vault

Tom Kerkhove

Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)

Codit

Security has become more and more important as we move to the cloud and countries & companies are being hacked – remember the Sony hack? But how do we securely store sensitive data such as connection strings to our databases? Where do we store our encryption keys? Can I share them with my customers? How do I prevent abuse of my secrets and block them from doing so? That’s what this session is all about – I will introduce you to the concepts of Microsoft Azure Key Vault where you can use this as it allows you to securely store keys, credentials and other secrets in the cloud. We will also have a look at how it enables us to store encryption keys for SQL Server TDE and how it can help you safeguard your cloud solutions even more.

ITProceed 2015 - Securing Sensitive Data with Azure Key Vault

Tom Kerkhove

Vincent biret azure functions and flow (ottawa)

Vincent Biret

Vincent biret azure functions and flow (toronto)

Vincent Biret

SPS calgary 2017 introduction to azure functions microsoft flow

Vincent Biret

You have some on-premise application. Perheaps you have Wordpress/PHP or Node.js/Javascript, you like them, but you don't want to handle, some ops issues, like managing FastCGI (for PHP) or Node service. Why don't you publish them on Azure? Web Sites already support PHP and Node. And you can store MySql DB on ClearDb as DBaaS. And then you can scale out your app bringing your session out the server with Redis. And, again, you can do some worker jobs with Azure Web Jobs. And undestand how can you use Kudu features to debug and work better with websites.

Migrare Applicazioni Web su Azure

Marco Parenzan

Speakers: 1. Sanjib Panigrahi, https://www.linkedin.com/in/sanjibpanigrahi/ 2. Vpin Jha, https://www.linkedin.com/in/vipinkumarjha/ Topics Covered: 1. AZ-204 Exam benefit and Certification Roadmap. 2. Implement user authentication and authorization 3. Implement secure cloud solutions Complete AZ-204 Training Playlist https://youtube.com/playlist?list=PLBUNlq0o5irSs3XR3nanSVWCbreCvWKG_ Slide deck : https://azureezy.com/az-204-training/ AzureTalk community references: 1. AzureTalk Telegram Group: https://t.me/azuretalk 2. Azure DevOps Telegram Group: https://t.me/azuredevopspro 3. AzureEzy Website: https://azureezy.com Azure Reference Links Azure Reference Links 1. Popular Microsoft Azure training: https://docs.microsoft.com/en-us/learn/?WT.mc_id=sitertzn_homepage_learn-redirect-handsonlabs 2. Azure Docs: https://docs.microsoft.com/en-us/azure/

AZ-204 : Implement Azure security

AzureEzy1

Azure Ninja Tips and Tricks

Todd Whitehead

Zure Azure PaaS Zero to Hero - DevOps training day

Okko Oulasvirta

Shifting security left simplifying security for k8s open shift environments

LibbySchulze

Similar to Secure deployments keeping your application secrets private -duug fest (20)

Secure your Azure Web App 2019

Azure Low Lands 2019 - Building secure cloud applications with Azure Key Vault

Zero credential development with managed identities

Secure your web app presentation

PuppetConf 2017: Securing Secrets for Puppet, Without Interrupting Flow- Ryan...

Passwordless Development using Azure Identity

Secure Your Code Implement DevSecOps in Azure

Intelligent Cloud Conference 2018 - Building secure cloud applications with A...

Zero Credential Development with Managed Identities

Techdays Finland 2018 - Building secure cloud applications with Azure Key Vault

Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)

ITProceed 2015 - Securing Sensitive Data with Azure Key Vault

Vincent biret azure functions and flow (ottawa)

Vincent biret azure functions and flow (toronto)

SPS calgary 2017 introduction to azure functions microsoft flow

Migrare Applicazioni Web su Azure

AZ-204 : Implement Azure security

Azure Ninja Tips and Tricks

Zure Azure PaaS Zero to Hero - DevOps training day

Shifting security left simplifying security for k8s open shift environments

More from Henry Been

Henry been azure resource manager - inside out

Henry Been

Dot netsaterday henry been - logging instrumentation dashboards alerts

Henry Been

Cloud brew henry been - logging instrumentation dashboards alerts

Henry Been

Serverless computing henry been - logging instrumentation dashboards alerts

Henry Been

Serverless computing henry been - continuous deployment of azure functions

Henry Been

Logging, Instrumentation, Dashboards and Alerts - for developers

Henry Been

Cloud brew cloudcamp

Henry Been

Writing, build and releasing your own vsts extension

Henry Been

Continuous delivery for the it pro

Henry Been

Focus on business value by going Serverless

Henry Been

To create an application that is truly designed for massive scale, scale-out at every level of the solution is needed. While doing so at the services level, many developers are still using a single database to serve every request. In response to this, a new pattern, database-per-tenant, is emerging. In this pattern, all data is distributed over a large number of databases. In this session Henry will explore this pattern in detail, covering its advantages and disadvantages and a number of common scenarios around such an architecture.

Henry been database-per-tenant with 50k databases

Henry Been

Henry been - Multi-tenant applications using 30k databases

Henry Been

More from Henry Been (12)

Henry been azure resource manager - inside out

Dot netsaterday henry been - logging instrumentation dashboards alerts

Cloud brew henry been - logging instrumentation dashboards alerts

Serverless computing henry been - logging instrumentation dashboards alerts

Serverless computing henry been - continuous deployment of azure functions

Logging, Instrumentation, Dashboards and Alerts - for developers

Cloud brew cloudcamp

Writing, build and releasing your own vsts extension

Continuous delivery for the it pro

Focus on business value by going Serverless

Henry been database-per-tenant with 50k databases

Henry been - Multi-tenant applications using 30k databases

Recently uploaded

HR Software Buyers Guide in 2024 - HRSoftware.com

Fatema Valibhai

At TECUNIQUE, we're a stable and steadily growing Indian software services company with over 14 years of industry experience. Specializing in offshore software development and quality assurance services, we've built a reputation for delivering unique and effective solutions to start-ups, software development companies, enterprises, and digital agencies. We pride ourselves on our commitment to excellence and innovation. By blending insightful business domain knowledge with exceptional technical prowess, we craft tailor-made solutions that meet the unique needs of our clients. Our dedicated teams are adept in specific technologies, ensuring seamless integration of skills and delivering reliable, scalable, and high-quality software solutions aligned with our clients' preferences. Bespoke Dedicated Teams: Crafted to meet your specific needs and technology preferences, our dedicated teams are committed to delivering top-notch software solutions. Offshore Software Development: Accelerate your software development and scale up quickly with our 12+ years of expertise in offshore development. Quality Assurance Services: Ensure the quality of your software products with our dedicated teams of experienced QA professionals. IT Staff Augmentation: Overcome skill gaps with our client-centric software team, offering staff augmentation services. Expert Software Services: Unlock our capabilities in custom software development, product development, and quality assurance. Mission and Vision: Our mission at TECUNIQUE is to be the catalyst for our clients' success in the dynamic domain of software development. Rooted in our core values of respect, authenticity, and responsibility, we strive to ease the software outsourcing experience, reducing both time and cost to market for our clients. We envision ourselves as the leading Indian software services company, renowned for our unwavering commitment to excellence and innovation. www.tecunique.com

TECUNIQUE: Success Stories: IT Service provider

mohitmore19

+971565801893 Mtp-Kit (500MG) Prices » Dubai [(+971565801893**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Leen Whatsapp +971565801893 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971565801893''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971565801893' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Clinic in Abu Dhabi, United Arab Emirates.+971565801893

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...

Health

Craft an AI & Machine Learning Pitch with our Editable Professional PowerPoint Template. Ignite your AI & Machine Learning pitch with our cutting-edge PowerPoint template tailored for the industry. Perfect for AI conferences, investor presentations, sales pitches to tech-focused companies, training sessions, and educational programs. - 20+ editable slides: Get a variety of options to choose from for your presentation. - Time-saving solution: Download, replace text/images with a few clicks. - User-friendly customization: Easy to use and personalize. - Modern and attractive design: Captivating visuals, sleek layout. - Tailored to your requirements: Fully alterable for customization. - Well-organized slides: Complete control over content. - Thematic specificity: Reflects healthcare industry with relevant graphics. - Showcase your business idea: Communicate value proposition effectively.

AI & Machine Learning Presentation Template

Presentation.STUDIO

%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein

masabamasaba

How To Troubleshoot Collaboration Apps for the Modern Connected Worker

ThousandEyes

Azure Native Qumulo scales elastically for common High Performance Compute (HPC) workloads based on application requirements for: Financial Services, Automotive, Genomics / Life Sciences, Media and Entertainment, Energy, Oil and Gas, etc. Performance can be dialed UP (and back down) much higher than the examples shown here. These slides offer a glimpse into ANQ's HPC capabilities, although at a smaller scale. We invite YOU to do your own testing (with a free ANQ trial) and work with us to test your HPC workloads in Azure.

Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf

ryanfarris8

Investing in AI transformation today The modern business advantage: Uncovering deep insights with AI Organizations around the world have come to recognize AI as the transformative technology that enables them to gain real business advantage. AI’s ability to organize vast quantities of data allows those who implement it to uncover deep business insights, augment human expertise, drive operational efficiency, transform their products, and better serve their customers

Microsoft AI Transformation Partner Playbook.pdf

Willy Marroquin (WillyDevNET)

In the past six months, the AI landscape has undergone a massive transformation, ushering in a new era of productivity with the latest in Large Language Models (LLMs) and AI technology. This deep dive unlocks how to: Create CustomGPT Models: No coding needed to tailor AI for your unique projects. Integrate your own data, including PDFs and Excel sheets, making information handling a breeze. Plus, discover how to call your own actions/integrations for even more personalized utility. Navigate Advanced Prompting: Overcome AI's memory limits and utilize Retrieval-Augmented Generation for accessing your personalized data, streamlining how you interact with AI. Stay Ahead with AI Trends: Peek into the evolving world of LLMs, featuring newcomers like Google Gemini, Anthropic Claude, Open Sora, and Twitter Grok, and understand what their advancements mean for your productivity. Witness Real-Life Transformations: Through examples and prompt demonstrations, see firsthand how these AI strategies revolutionize routine tasks, from data analysis to content creation. Learn to leverage image output and input for advanced practical use cases, adding a new dimension to your productivity toolkit. No previous coding or AI experience is needed for this talk. Stay ahead in the fast-evolving world of work. Embrace the AI revolution and transform your workflow with advanced LLM techniques. Join us to ensure you're not left behind in the productivity race.

AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques

VictorSzoltysek

Pharm-D Biostatistics and Research methodology

Anusha Are

(Vivek)Call Us, 8448380779,Call girls in Delhi NCr – We Offer best in class call girls. escort Service At Affordable Price At low Rate with Space Night 8000 We Are One Of The Oldest Escort and Call girls Agencies in Delhi. You Will Find That Our Female Escorts Are Full Of Fun, Sexy And They Would Love Enjoy Your Company. We Have A Fantastic Selection Of Escort Ladies Available For In-Calls As Well As Out-Calls. Our Escorts Are Not Only Beautiful But All Have Great Personalities Making Them The Perfect Companion For Any Occasion. In-Call:- You Can Come At Our Place in Delhi Our place Which Is Very Clean Hygienic 100% safe Accommodation. Out-Call:- You have To Come Pick The Girl From My Place We Are Also Provide Door Step Services (Delhi Ncr, Noida, Gurgaon, Faridabad, Ghaziabad Note:- Pic Collectors Time Passers Bargainers Stay Away As We Respect The Value For Your Money Time And Expect The Same From You Hygienic:- Full Ac room And Clean Rooms Available In Hotel 24 * 7 Hourly In Delhi NCR More Details, With WhatsApp Number, +91-8448380779

call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️

Delhi Call girls

%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein

masabamasaba

In today's dynamic e-commerce landscape, the payment gateway emerges as a linchpin, ensuring smooth and secure transactions between buyers and sellers. In this discourse, we delve into the meticulous process of devising test cases tailored for scrutinizing payment gateways. Crafting precise test cases for payment gateways is a quintessential responsibility for testers operating within the service industry. This article meticulously explores pivotal scenarios integral to how to test payment gateways, coupled with essential guidelines for drafting effective test cases.

Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf

kalichargn70th171

Software Quality Assurance Interview Questions

Arshad QA

Looking for an efficient way to manage your finances? Look no further than our money management app. With easy-to-use features, you can track your expenses, create budgets, and monitor your savings goals all in one place. Our app provides real-time updates on your spending habits and helps you make smarter financial decisions. Take control of your finances today with our user-friendly money management app.

Right Money Management App For Your Financial Goals

Jhone kinadey

VTU technical seminar 8Th Sem on Scikit-learn

AmarnathKambale

Conference: Engage2024 in Antwerp Type: Workshop Speakers: Florian Vogler, Henning Kunz, Christoph Adler Title: Navigating the Future with The Hitchhiker's Guide to Notes and Domino 14 Abstract: Embark on an exhilarating journey with industry trailblazers Florian Vogler, Henning Kunz, and Christoph Adler in this not-to-be-missed workshop at the forefront of the tech universe. Get ready for a thrilling kick-off as we navigate the current state of the HCL universe, setting the stage for an exploration of the groundbreaking Notes and Domino 14. Discover the latest enhancements and revolutionary features that will redefine your experience. In this interactive session, unlock a treasure trove of tips and tricks to elevate your utilization of version 14, both with and without the game-changing panagenda MarvelClient. Brace yourself for also diving into Nomad, Nomad Web, and VoltMX, expanding your horizons in the expansive HCL landscape. Be a part of this exclusive opportunity to stay ahead in the ever-evolving world of HCL technologies. Your journey to mastering Notes and Domino 14 begins here. And remember, in the spirit of intergalactic exploration, don't forget to bring your towel!

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...

panagenda

%in ivory park+277-882-255-28 abortion pills for sale in ivory park

masabamasaba

Data spaces in distributed environments should be allowed to evolve in agile ways providing data space owners with large flexibility about which data they store. Agility and heterogeneity, however, jeopardize data exchanges because representations may build on varying ontologies and data consumers may not rely on the semantic correctness of their queries in the context of semantically heterogeneous, evolving data spaces. Graph data spaces are one example of a powerful model for representing and querying data whose semantics may change over time. To assert and enforce conditions on individual graph data spaces, shape languages (e.g SHACL) have been developed. We investigate the question of how querying and programming can be guarded by reasoning over SHACL constraints in a distributed setting and we sketch a picture of how a future landscape based on semantically heterogeneous data spaces might look like.

Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...

Steffen Staab

Technology has taken up space all over the world. From generating content with a single command on ChatGPT to getting your food served by Robots at your favorite restaurant, artificial advancements have ruled every space. Every industry is set to develop top-notch technology in every sector; finance, IT, healthcare, gaming, and banking, with competitive market standards. One of these rapidly growing industries is Mobile App Development. According to the Straits Research report, it is expected to reach USD 583.03 billion at a CAGR OF 12.8% between (2022 and 2030). It clearly shows how mobile app development has become an integral part of the digital landscape and revolutionized technology.

The Top App Development Trends Shaping the Industry in 2024-25 .pdf

ayushiqss

Recently uploaded (20)

HR Software Buyers Guide in 2024 - HRSoftware.com

TECUNIQUE: Success Stories: IT Service provider

+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...

AI & Machine Learning Presentation Template

%in Stilfontein+277-882-255-28 abortion pills for sale in Stilfontein

How To Troubleshoot Collaboration Apps for the Modern Connected Worker

Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf

Microsoft AI Transformation Partner Playbook.pdf

AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques

Pharm-D Biostatistics and Research methodology

call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️

%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein

Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf

Software Quality Assurance Interview Questions

Right Money Management App For Your Financial Goals

VTU technical seminar 8Th Sem on Scikit-learn

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...

%in ivory park+277-882-255-28 abortion pills for sale in ivory park

Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...

The Top App Development Trends Shaping the Industry in 2024-25 .pdf

Secure deployments keeping your application secrets private -duug fest

1. SECURE DEPLOYMENTS KEEPING YOUR SECRETS PRIVATE Henry Been "Locks" (CC BY-NC-ND 2.0) by wolf4max

2. WONDERING WHO IS THAT GUY? HENRY BEEN Independent Devops & Azure Architect E: consultancy@henrybeen.nl T: @henry_been L: linkedin.com/in/henrybeen W: henrybeen.nl

3. So… WHO DOES DEVOPS?

4. THE NEED FOR SECRET MANAGEMENT Develop Build Deploy Operate Dev Ops DevOps

5. Secret management goals No team member needs production access Frequently change secrets Decouple authentication from authorization No secrets in source control

6. HOW NOT TO DO SECRET MANAGEMENT

7. 1. Let operations deploys 2. Enter manually in the portal 3. Encrypted in source control 4. Use once, obscure https endpoint HOW NOT TO..

8. So… HOW THEN?

10. Approach 1 USING RELEASE ORCHESTRATOR VSTS Secrets Azure Web AppCode

11. DEMO TIME! USING RELEASE ORCHESTRATOR

12. USING RELEASE ORCHESTRATOR • Secrets are pretty secure • Easy to start with • Fits existing situations • You see and copy secrets • Secrets visible in portal • Duplication of secrets • Cannot roll secrets easily Pros Cons

13. Prerequisite: Have primary & secondary secrets 1. Change the secret in release orchestrator to secondary secret 2. Release 3. Roll primary secret 4. Change the secret in release orchestrator to primary secret 5. Release 6. Roll secondary secret Intermezzo: Roll a secret

14. Approach 2 USING ARM TEMPLATES Azure Web App Key Vault VSTSCode & Infra

15. DEMO TIME! USING ARM TEMPLATES

16. USING ARM TEMPLATES • No manual copying or sharing of secrets • No more manual duplication of Azure keys • Secrets visible in portal • Still cannot roll secrets easily Pros Cons

17. Approach 3 DIRECTLY FROM KEY VAULT VSTS Azure Web App Code & Infra Key Vault

18. HOWTO: Local Development 1. Grant your developer account access to (another) Key Vault • Best alternative • Requires your machine to be in the same AD domain 2. Only use Key Vault in Azure (locally use Web.config) • You have to write code to do this (though pretty straightforward) 3. Manually create a development identity and use that • However… do not check secrets into source control

19. DEMO TIME! DIRECTLY ACCESS KEY VAULT

20. DIRECTLY ACCESS KEY VAULT • No manual copying or sharing of secrets • No more duplication of Azure keys • Secrets no longer visible in portal • Changed secrets are automatically picked up • Only available on Azure Web Apps, Azure Functions and DataFactory V2 Pros Cons

21. Approach 4 DIRECTLY ACCESS SERVICE VSTS Azure Web App Code & Infra AAD Other Service

22. DEMO TIME! DIRECTLY ACCESS SERVICE

23. DIRECTLY ACCESS SERVICE • No more secrets • Only available on Azure Web Apps, Azure Functions and DataFactory V2 • Only on supported services Pros Cons

24. Supported services • Azure Resource Manager • Azure Key Vault • Azure Data Lake • Azure SQL DB • Azure Event Hubs • Azure Service Bus • Azure Storage https://docs.microsoft.com/en-us/azure/active-directory/managed-service-identity/services-support-msi

25. SECRETS FOR LOCAL DEVELOPMENT AND DEPLOYMENTS USING CONFIG BUILDERS Requires: • (.NET Framework ≥ 4.7.1 &&.NET Framework 4.7.1 Development Tools) || ASP.NET Core 2.0

26. CONFIG BUILDERS Runtime AppSettings App.config ConfigBuilders

27. Using .NET Framework How I made it work…

28. What should work…

29. Using .NET Framework Local development…

30. Premade config builders • EnvironmentConfigBuilder • UserSecretsConfigBuilder • AzureKeyVaultConfigBuilder • KeyPerFileConfigBuilder • SimpleJsonConfigBuilder https://docs.microsoft.com/en-us/azure/active-directory/managed-service-identity/services-support-msi

31. Using .NET Core

32. Use your release orchestrator Manual deployment NEVER EVER EVUHRR When you deploy only code Keyvault and ARM templates When you also deploy infra Application identity / KeyVault When available & possible Application identity / Oauth resource When available & possible WHAT TO USE WHEN? Config builders When available & possible

33. DO TRY THIS AT HOME! HENRY BEEN Independent Devops & Azure Architect E: consultancy@henrybeen.nl T: @henry_been L: linkedin.com/in/henrybeen W: henrybeen.nl

Editor's Notes

"Locks" (CC BY-NC-ND 2.0) by wolf4max

Secure deployments keeping your application secrets private -duug fest

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Similar to Secure deployments keeping your application secrets private -duug fest

Similar to Secure deployments keeping your application secrets private -duug fest (20)

More from Henry Been

More from Henry Been (12)

Recently uploaded

Recently uploaded (20)

Secure deployments keeping your application secrets private -duug fest

Editor's Notes