Advertisement
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent
Cloud Compliance mit Open Policy Agent

Check these out next

Kubernetes Security
Kubernetes Security
Karthik Gaekwad
Security threats with Kubernetes - Igor Khoroshchenko
Security threats with Kubernetes - Igor Khoroshchenko
Kuberton
Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s
QAware GmbH
Clean Infrastructure as Code
Clean Infrastructure as Code
QAware GmbH
Continuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8s
QAware GmbH
Kubernetes - security you need to know about it
Kubernetes - security you need to know about it
Haydn Johnson
Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor Volkov
Kuberton
Zombies in Kubernetes
Zombies in Kubernetes
Thomas Fricke
1 of 27

Cloud Compliance mit Open Policy Agent

Oct. 23, 2020
Download to read offline
Data & Analytics

heise devSec(), Oktober 2020, online: Vortrag von Alex Krause (@alex0ptr, Software Engineer at QAware) == Dokument bitte herunterladen, falls unscharf! Please download slides if blurred! == Abstract: Microservices zerschlagen die Komplexität einer Anwendung in kleinere Prozesse und verteilte Infrastruktur. Richtlinien – z.B. für den Einsatz von Verschlüsselung, Zugriffsmanagement oder die Zuweisung von Kostenstellen – werden hiermit zu einem dezentralen Problem. Zusätzlich erschweren die an sich schon komplexen Ebenen einer Cloud-nativen Anwendung – z.B. Kubernetes-Ressourcen, IaaS-Komponenten und CI/CD-Pipelines – eine technisch einheitliche Definition solcher Richtlinien. Open Policy Agent (OPA) ist ein Projekt der Cloud Native Computing Foundation (CNCF), um Richtlinien zu definieren und zu prüfen. Das Besondere an OPA ist zum einen die einfache Integration in Cloud-native Umgebungen und zum anderen die universelle logische Programmiersprache Rego, die eine einheitliche Defintion von Regeln über Technologiegrenzen hinweg erlaubt.

QAware GmbH
QAware GmbH
Advertisement
Advertisement
Advertisement

Recommended

Cloud Compliance with Open Policy AgentCloud Compliance with Open Policy Agent
Cloud Compliance with Open Policy AgentQAware GmbH537 views27 slides
Microservices with MicronautMicroservices with Micronaut
Microservices with MicronautQAware GmbH495 views86 slides
What is Google Cloud Good For at DevFestInspire 2021What is Google Cloud Good For at DevFestInspire 2021
What is Google Cloud Good For at DevFestInspire 2021Robert John202 views15 slides
JEE on DC/OSJEE on DC/OS
JEE on DC/OSJosef Adersberger744 views64 slides
Brian Ketelsen - Microservices in Go using Micro - Codemotion Milan 2017Brian Ketelsen - Microservices in Go using Micro - Codemotion Milan 2017
Brian Ketelsen - Microservices in Go using Micro - Codemotion Milan 2017Codemotion678 views22 slides
Efficient DevOps Tooling with Java and GraalVMEfficient DevOps Tooling with Java and GraalVM
Efficient DevOps Tooling with Java and GraalVMQAware GmbH307 views25 slides

More Related Content

Slideshows for you(20)

Kubernetes SecurityKubernetes Security
Kubernetes Security
Karthik Gaekwad1.2K views
Security threats with Kubernetes - Igor Khoroshchenko Security threats with Kubernetes - Igor Khoroshchenko
Security threats with Kubernetes - Igor Khoroshchenko
Kuberton336 views
Continuous (Non)-Functional Testing of Microservices on k8s Continuous (Non)-Functional Testing of Microservices on k8s
Continuous (Non)-Functional Testing of Microservices on k8s
QAware GmbH463 views
Clean Infrastructure as CodeClean Infrastructure as Code
Clean Infrastructure as Code
QAware GmbH303 views
Continuous (Non-)Functional Testing of Microservices on K8sContinuous (Non-)Functional Testing of Microservices on K8s
Continuous (Non-)Functional Testing of Microservices on K8s
QAware GmbH159 views
Kubernetes - security you need to know about itKubernetes - security you need to know about it
Kubernetes - security you need to know about it
Haydn Johnson203 views
Cloud-native applications with Java and Kubernetes - Yehor Volkov Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor Volkov
Kuberton392 views
Zombies in KubernetesZombies in Kubernetes
Zombies in Kubernetes
Thomas Fricke104 views
Continuous Delivery With ContainersContinuous Delivery With Containers
Continuous Delivery With Containers
All Things Open149 views
Introduction to Kubernetes Security (Aqua & Weaveworks)Introduction to Kubernetes Security (Aqua & Weaveworks)
Introduction to Kubernetes Security (Aqua & Weaveworks)
Weaveworks492 views
Canary deployment with Traefik and K3SCanary deployment with Traefik and K3S
Canary deployment with Traefik and K3S
Jakub Hajek156 views
K8s from Zero to ~Hero~ Seasoned BeginnerK8s from Zero to ~Hero~ Seasoned Beginner
K8s from Zero to ~Hero~ Seasoned Beginner
Kristof Jozsa3.7K views
Keeping your Kubernetes Cluster SecureKeeping your Kubernetes Cluster Secure
Keeping your Kubernetes Cluster Secure
Gene Gotimer127 views
Kubernetes security and youKubernetes security and you
Kubernetes security and you
Karthik Gaekwad288 views
Hacking into your containers, and how to stop it!Hacking into your containers, and how to stop it!
Hacking into your containers, and how to stop it!
Eric Smalling275 views
Whats new in brigade 2Whats new in brigade 2
Whats new in brigade 2
LibbySchulze147 views
Kubernetes - Security JourneyKubernetes - Security Journey
Kubernetes - Security Journey
Jerry Jalava1.1K views
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security
DevOpsDaysRiga 2018: Andrew Martin - Continuous Kubernetes Security
DevOpsDays Riga552 views
Secure Architecture and Programming 101Secure Architecture and Programming 101
Secure Architecture and Programming 101
Mario-Leander Reimer383 views
Kubernetes SecurityKubernetes Security
Kubernetes Security
inovex GmbH995 views

Similar to Cloud Compliance mit Open Policy Agent(20)

Overview of Security Issues with Amazon S3Overview of Security Issues with Amazon S3
Overview of Security Issues with Amazon S3
Ekkard Schnedermann201 views
AWS Espressif Amazon FreeRTOSAWS Espressif Amazon FreeRTOS
AWS Espressif Amazon FreeRTOS
Amazon Web Services1.8K views
C:\Alon Tech\New Tech\Embedded Conf Tlv\Prez\Sightsys Embedded DayC:\Alon Tech\New Tech\Embedded Conf Tlv\Prez\Sightsys Embedded Day
C:\Alon Tech\New Tech\Embedded Conf Tlv\Prez\Sightsys Embedded Day
Arik Weinstein397 views
Using Splunk/ELK for auditing AWS/GCP/Azure security postureUsing Splunk/ELK for auditing AWS/GCP/Azure security posture
Using Splunk/ELK for auditing AWS/GCP/Azure security posture
Jose Hernandez208 views
Using Splunk or ELK for Auditing AWS/GCP/Azure Security postureUsing Splunk or ELK for Auditing AWS/GCP/Azure Security posture
Using Splunk or ELK for Auditing AWS/GCP/Azure Security posture
CloudVillage5.4K views
OrientDB for real & Web App developmentOrientDB for real & Web App development
OrientDB for real & Web App development
Luca Garulli8.4K views
Building your production tech stack for docker container platformBuilding your production tech stack for docker container platform
Building your production tech stack for docker container platform
Docker, Inc.2.1K views
Building Your Docker Tech StackBuilding Your Docker Tech Stack
Building Your Docker Tech Stack
Bret Fisher47 views
Microservices reativos usando a stack do Netflix na AWSMicroservices reativos usando a stack do Netflix na AWS
Microservices reativos usando a stack do Netflix na AWS
Diego Pacheco1.3K views
Mythical Mysfits: Monolith to Microservice with Docker and AWS Fargate (CON21...Mythical Mysfits: Monolith to Microservice with Docker and AWS Fargate (CON21...
Mythical Mysfits: Monolith to Microservice with Docker and AWS Fargate (CON21...
Amazon Web Services1.5K views
Distributed Systems: How to connect your real-time applicationsDistributed Systems: How to connect your real-time applications
Distributed Systems: How to connect your real-time applications
Jaime Martin Losa1.3K views
Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018
Observability for Modern Applications (CON306-R1) - AWS re:Invent 2018
Amazon Web Services1.1K views
DCEU 18: Building Your Swarm Tech Stack for the Docker Container PlatformDCEU 18: Building Your Swarm Tech Stack for the Docker Container Platform
DCEU 18: Building Your Swarm Tech Stack for the Docker Container Platform
Docker, Inc.418 views
Building Your Docker Swarm Tech StackBuilding Your Docker Swarm Tech Stack
Building Your Docker Swarm Tech Stack
Bret Fisher116 views
Azure Infrastructure as Code and Hashicorp TerraformAzure Infrastructure as Code and Hashicorp Terraform
Azure Infrastructure as Code and Hashicorp Terraform
Alex Mags862 views
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation Overview
Amazon Web Services1.4K views
M0339_v1_6977127809 (1).pptxM0339_v1_6977127809 (1).pptx
M0339_v1_6977127809 (1).pptx
viveknagle44 views
Aplicaciones distribuidas con DaprAplicaciones distribuidas con Dapr
Aplicaciones distribuidas con Dapr
César Jesús Angulo Gasco413 views
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
Kubernetes One-Click Deployment: Hands-on Workshop (Mainz)
QAware GmbH493 views
Analyzing Your Web and Application Logs Analyzing Your Web and Application Logs
Analyzing Your Web and Application Logs
Amazon Web Services321 views
Advertisement

More from QAware GmbH(20)

Put the ‘Auto’ in Autoscaling – Make Kubernetes VPA and HPA work together for...Put the ‘Auto’ in Autoscaling – Make Kubernetes VPA and HPA work together for...
Put the ‘Auto’ in Autoscaling – Make Kubernetes VPA and HPA work together for...
QAware GmbH10 views
HTTP/3 und QUIC Making the internet fasterHTTP/3 und QUIC Making the internet faster
HTTP/3 und QUIC Making the internet faster
QAware GmbH34 views
Terraform EverythingTerraform Everything
Terraform Everything
QAware GmbH15 views
Your API on Steroids Your API on Steroids
Your API on Steroids
QAware GmbH14 views
kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al. @ CNN Munichkubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al. @ CNN Munich
kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al. @ CNN Munich
QAware GmbH12 views
Go on a Bughunt in production, but without a map! @ JavaLand 2023Go on a Bughunt in production, but without a map! @ JavaLand 2023
Go on a Bughunt in production, but without a map! @ JavaLand 2023
QAware GmbH23 views
Quadratisch. Praktisch. Gut. K8s-native Quality Assurance mit Testkube @ Java...Quadratisch. Praktisch. Gut. K8s-native Quality Assurance mit Testkube @ Java...
Quadratisch. Praktisch. Gut. K8s-native Quality Assurance mit Testkube @ Java...
QAware GmbH17 views
How to provide a GraphQL API - I want it that wayHow to provide a GraphQL API - I want it that way
How to provide a GraphQL API - I want it that way
QAware GmbH23 views
REST – Das Ende der Fahnenstange? Ein Blick auf Moderne API-TechnologienREST – Das Ende der Fahnenstange? Ein Blick auf Moderne API-Technologien
REST – Das Ende der Fahnenstange? Ein Blick auf Moderne API-Technologien
QAware GmbH10 views
Clean Infrastructure as Code Clean Infrastructure as Code
Clean Infrastructure as Code
QAware GmbH68 views
Quality in a Square. K8s-native Quality Assurance of Microservices with TestkubeQuality in a Square. K8s-native Quality Assurance of Microservices with Testkube
Quality in a Square. K8s-native Quality Assurance of Microservices with Testkube
QAware GmbH31 views
The Modern Database for Enterprise ApplicationsThe Modern Database for Enterprise Applications
The Modern Database for Enterprise Applications
QAware GmbH38 views
ROSIK Stammtisch „Clean Architecture“ROSIK Stammtisch „Clean Architecture“
ROSIK Stammtisch „Clean Architecture“
QAware GmbH45 views
Terraform EverythingTerraform Everything
Terraform Everything
QAware GmbH50 views
Continuous OpenAPI Security Tests on K8s with Testkube and ZAPContinuous OpenAPI Security Tests on K8s with Testkube and ZAP
Continuous OpenAPI Security Tests on K8s with Testkube and ZAP
QAware GmbH23 views
Clean ArchitectureClean Architecture
Clean Architecture
QAware GmbH32 views
kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al.pdfkubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al.pdf
kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al.pdf
QAware GmbH35 views
kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al.kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al.
kubectl apply -f cloud-Infrastructure.yaml mit Crossplane et al.
QAware GmbH44 views
Cluster-as-code. The Many Ways towards KubernetesCluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards Kubernetes
QAware GmbH38 views
Quadratisch. Praktisch. Gut. K8s-native Quality Assurance mit Testkube Quadratisch. Praktisch. Gut. K8s-native Quality Assurance mit Testkube
Quadratisch. Praktisch. Gut. K8s-native Quality Assurance mit Testkube
QAware GmbH30 views

Recently uploaded(20)

top7588⬤com【추천인: AAKK】온라인홀덤top7588⬤com【추천인: AAKK】온라인홀덤
top7588⬤com【추천인: AAKK】온라인홀덤
yqwggcy34630 views
홀덤룰 Top7588`c0m ꕣ *추천인: AAKK* 홀덤룰 Top7588`c0m ꕣ *추천인: AAKK*
홀덤룰 Top7588`c0m ꕣ *추천인: AAKK*
yqwggcy34630 views
Top7588`c0m 홀덤사이트【추천인: AAKK】 Top7588`c0m 홀덤사이트【추천인: AAKK】
Top7588`c0m 홀덤사이트【추천인: AAKK】
yqwggcy34630 views
ꗙTOP7588닷COM홀덤라이브 *추천인: AAKK* ꗙTOP7588닷COM홀덤라이브 *추천인: AAKK*
ꗙTOP7588닷COM홀덤라이브 *추천인: AAKK*
yqwggcy34630 views
*추천인: AAKK* Top7588`c0m 홀덤게임 *추천인: AAKK* Top7588`c0m 홀덤게임
*추천인: AAKK* Top7588`c0m 홀덤게임
yqwggcy34630 views
목포오피【opss07ㆍ컴】오피쓰 목포정보→목포휴게텔ꔟ목포오피‣목포안마목포오피【opss07ㆍ컴】오피쓰 목포정보→목포휴게텔ꔟ목포오피‣목포안마
목포오피【opss07ㆍ컴】오피쓰 목포정보→목포휴게텔ꔟ목포오피‣목포안마
pieliedie880 views
홀덤라이브【추천인: AAKK】 Top7588`c0m 홀덤라이브【추천인: AAKK】 Top7588`c0m
홀덤라이브【추천인: AAKK】 Top7588`c0m
yqwggcy34630 views
Group 6 Presentation - Copy.pptxGroup 6 Presentation - Copy.pptx
Group 6 Presentation - Copy.pptx
KelvinDube40 views
의정부대박【OPSS07。COM】오피쓰≸의정부오피 의정부안마ナ의정부오피ꕘ의정부건마ナ의정부오피의정부대박【OPSS07。COM】오피쓰≸의정부오피 의정부안마ナ의정부오피ꕘ의정부건마ナ의정부오피
의정부대박【OPSS07。COM】오피쓰≸의정부오피 의정부안마ナ의정부오피ꕘ의정부건마ナ의정부오피
pieliedie880 views
Point-7-Cutting-Section.docxPoint-7-Cutting-Section.docx
Point-7-Cutting-Section.docx
MdSabbirHossain4497080 views
la contaminacion en mexicali.pdfla contaminacion en mexicali.pdf
la contaminacion en mexicali.pdf
ALANORLANDOPEREZREYE0 views
홀덤 *추천인: AAKK* TOP7588닷COM홀덤 *추천인: AAKK* TOP7588닷COM
홀덤 *추천인: AAKK* TOP7588닷COM
yqwggcy34630 views
【추천인: AAKK】top7588⬤com홀덤사이트【추천인: AAKK】top7588⬤com홀덤사이트
【추천인: AAKK】top7588⬤com홀덤사이트
yqwggcy34630 views
서산실사【opss07ㆍ컴】오피쓰°서산오피 서산안마ノ서산오피ꘜ서산건마ノ서산오피서산실사【opss07ㆍ컴】오피쓰°서산오피 서산안마ノ서산오피ꘜ서산건마ノ서산오피
서산실사【opss07ㆍ컴】오피쓰°서산오피 서산안마ノ서산오피ꘜ서산건마ノ서산오피
pieliedie880 views
ꔊtop7588⬤com텍사스홀덤 【추천인: AAKK】ꔊtop7588⬤com텍사스홀덤 【추천인: AAKK】
ꔊtop7588⬤com텍사스홀덤 【추천인: AAKK】
yqwggcy34630 views
02-hashing.pdf02-hashing.pdf
02-hashing.pdf
ssuser4c58f50 views
Lecture15.pptLecture15.ppt
Lecture15.ppt
RamaNingaiah0 views
MAPA MENTAL09.docxMAPA MENTAL09.docx
MAPA MENTAL09.docx
GREISEALEJANDRAURIBE0 views
가락휴게텔﹎【opss07ㆍ컴】오피쓰ꕔ가락OP⎞가락대한 가락오피⇔가락건마⎞가락오피가락휴게텔﹎【opss07ㆍ컴】오피쓰ꕔ가락OP⎞가락대한 가락오피⇔가락건마⎞가락오피
가락휴게텔﹎【opss07ㆍ컴】오피쓰ꕔ가락OP⎞가락대한 가락오피⇔가락건마⎞가락오피
pieliedie880 views
【추천인: AAKK】 Top7588`c0m 홀덤게임【추천인: AAKK】 Top7588`c0m 홀덤게임
【추천인: AAKK】 Top7588`c0m 홀덤게임
yqwggcy34630 views
Advertisement

Cloud Compliance mit Open Policy Agent

  1. Alex Krause alex.krause@qaware.de @alex0ptr Cloud Compliance with Open Policy Agent
  2. The Problem @alex0ptr
  3. Policy @alex0ptr “Users should only access data of their own teams/projects.” // TODOCompliance “Security First. Least Privilege, where possible.” Governance
  4. @alex0ptr May this action be allowed? Who or what can perform a certain action? Are there violations?
  5. Infrastructure Machines Network DNS RDBMSStorage Application Platform Container Orchestration Container Images CD- Pipeline Applications User Management Configuration HTTP APIs + UIs Code Continuous Integration Code Artifacts Version Control Logs Secret Store API Gateways Metrics Backups @alex0ptr 💫 Life of the YAML-Engineer
  6. @alex0ptr @PreAuthorize("#username == authentication.principal.username") public String getMyRoles(String username) { //... } 👻
  7. (1) Many components, which (2) use different concepts, protocols, and configuration languages, with(3) strong coupling to the concrete implementation. The Problems ✔ @alex0ptr
  8. Solution? 🔨 @alex0ptr
  9. @alex0ptr Open Policy Agent Engine + Language
  10. @alex0ptr Open Policy Agent ‣ Policy Engine ‣ universal ‣ lightweight ‣ de-coupled ‣ easy to integrate“Policy-based control for cloud native environments”
  11. @alex0ptr OPA: Rego ‣ inheritance: datalog ‣ declarative, logic ‣ made for Policies ‣ and structured data “Use Rego for defining policy that is easy to read and write.”
  12. @alex0ptr
  13. @alex0ptr
  14. The Dream: ✨ Central Policy Repository ✨ @alex0ptr
  15. The Present @alex0ptr
  16. 🎊 Demo 🎉 The Basics @alex0ptr
  17. @alex0ptr @Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .anyRequest() .authenticated() .accessDecisionManager(accessDecisionManager()); } @Bean public AccessDecisionManager accessDecisionManager() { List<AccessDecisionVoter<? extends Object>> decisionVoters = Arrays .asList(new OPAVoter("http://localhost:8181/v1/data/http/authz/allow")); return new UnanimousBased(decisionVoters); } }
  18. @alex0ptr “Policy Controller for Kubernetes” ‣ K8s Admission Controller ‣ CRDs for Policies ‣ Audit ‣ Policy Library Gatekeeper 🎉
  19. 🎊 Demo 🎉 Gatekeeper @alex0ptr
  20. @alex0ptr “Write tests against structured configuration data […]” ‣ CLI wrapper for OPA ‣ shift-left for Policies ‣ YAML/JSON, HCL(2), INI, TOML, Dockerfile ‣ go-getter support Conftest 🎉
  21. 🎊 Demo 🎉 Conftest @alex0ptr
  22. Conclusion @alex0ptr
  23. 😄 😕 @alex0ptr Gatekeeper Rego Conftest Tooling Integration Integrations Complexity
  24. xing.com/companies/qawaregmbh linkedin.com/company/qaware-gmbh slideshare.net/qaware twitter.com/qaware github.com/qaware youtube.com/qawaregmbh Alex Krause alex.krause@qaware.de @alex0ptr
  25. QAware21.09.2018 25
  26. QAware GmbH Mainz Rheinstraße 4 D 55116 Mainz Tel.: +49 (0) 6131 215 69 – 0 Fax: +49 (0) 6131 215 69 – 68 xing.com/companies/qawaregmbh linkedin.com/company/qaware-gmbh slideshare.net/qaware twitter.com/qaware github.com/qaware youtube.com/qawaregmbh
  27. QAware GmbH München Aschauer Straße 32 81549 München Tel.: +49 (0) 89 23 23 15 – 0 Fax: +49 (0) 89 23 23 15 – 129 xing.com/companies/qawaregmbh linkedin.com/company/qaware-gmbh slideshare.net/qaware twitter.com/qaware github.com/qaware youtube.com/qawaregmbh
Advertisement