Background In recent years, a lot of companies are moving toward microservices and cloud-native architecture to accelerate delivery. Most of them use Docker. But there is an issue: Security is often treated as an afterthought, not part of the development lifecycle. In reality: Many public Docker images contain known vulnerabilities (CVEs) Developers frequently use base…
Overview AWS Organizations help manage multiple AWS accounts under one entity. With this feature, you can organize accounts, apply security policies, and optimize billing. Prerequisite Before starting, ensure you have: AWS accounts Legitimate (valid) email address Implementation Create AWS Organization We need to create an organization first as the root. Go to AWS Organizations, then…
Introduction ArgoCD is a continuous delivery tool that implements GitOps. It enables the automated deployment and synchronization of the application manifest from Git repository to our Kubernetes cluster. ArgoCD ensures the consistency and reduces manual intervention. While ArgoCD is cloud-agnostic and can be deployed for any Kubernetes cluster, we will deploy it on AWS Elastic…
Overview Ansible is an IT automation tool. It can be used for configuring system, deploying software, or orchestrating more advanced IT taskssuch as continuous deployments. Before we followed the instructions, we must prepare these as prerequisites. Prerequisites EC2 AWS (In this simulation, i use 3 instances. (2 ubuntu – 1 master and 1 target; 1…
Overview As an introduction, I wanna say that I love games. Whatever the genre, like Action, RPG, FPS, Adventure, Strategy, etc. I love them all. I feel competitive when playing these games. At the same time, as an engineer, I need to explore and learn about the technologies. Gaming Session!!! Recently, I found interesting thing…
Overview On websites, we usually find features to do file upload. At the same time, file upload is one of the attacks of cyber security. We need to take care of our system, so that our customer feel satisfied and secure when using our applications. In this page, we are going to do introduction to…
Overview DDoS stands for Distributed Denial of Service, it’s grouped as the attack which targetted servers, services, or networks to disrupt normal traffic. In this simulation, we will use Alibaba Cloud resources. In addition, we need Wireshark to monitor data packets and DoS software to send data packets. Implementation Let’s logged in to our console…
Overview In this era, we are concerned about data security. We need to do a security method to protect the data, one of the solutions is using KMS from Alibaba Cloud. KMS stands for Key Management Service, which is a secure and easy-to-use management service provided by Alibaba Cloud. It can allow you to use…
Overview In Alibaba Cloud, we can do synchronization for our RDS and ECS. For data disaster recovery, ETL (extract, transform, load), etc, we need to implement replication between RDS MySQL and offline MySQL instances, we will set offline MYSQL instance from ECS. Prerequisites Alibaba Cloud Access ECS RDS Implementation For the ECS Instance, we will…
Overview Terraform is an open-source tool to do Infrastructure as a code. It means that we will create resources by using this tool. In this article, we are going to use Terraform to manage resources. Let’s create the scenario, we want to create resources with this specifications. 1 VPC 1 Public Subnet (vSwitch) 1 Private…