AZ 500 is one of the prestigious certification offered by Azure, and is one of the demanding certification to get you a job within Azure Security Domain. Following notes will help in summarizing and understanding of essential concepts.

  1. Azure Multi-Factor Authentication (MFA) helps safeguard access to data and applications. It provides an additional layer of security using a second form of authentication. Organizations can use Azure AD Conditional Access to make the solution fit their specific needs.
  2. Using managed identities for Azure resources, your code can get access tokens to authenticate to resources that support Azure AD authentication. The Azure…

Upgrade to Personal Pro Plan by reducing your bill by $26, and pay only $20 for an entire year — that is a loot for a powerful notion tool. Based on my personal opinion and experience, it is really a life changing tool.

Source : Notion

Notion is an excellent note taking tool, and has incredible ways to organize your thoughts, ideas and knowledge. If you have always wanted to upgrade but felt short of paying too much.

Notion provides several ways to earn $26 credit by using various tools.

Enjoy ! Happy Notetaking.


How to Create Alert Policy for Custom Metrics

Photo by Raimond Klavins on Unsplash

Create a sample VM Instance to get associated Metrics


A comprehensive list of GCP Training for partners

GCP has tons of training in its catalogues, for public and partners, here is a list of trainings one can avail as a partners, and enable the team.

#gcp #googlecloudplatform #cloud


A whitepaper On How to Build an AWS Cloud Security Architecture

Introduction

This whitepaper is primarily intended for architects who are involved in designing and implementation of AWS Architecture, and the objective of this whitepaper is two-fold, first is to highlight few challenging areas while designing an AWS Security Architecture, put down an approach on how you could define a secure and compliance-ready production architecture, second is to introduce few concepts of AWS Security offerings for Architects and Engineers who are new to cloud security, for a quick introduction.

I have mentioned few tools here, which I’m not endorsing by including them, or snubbing other tools by excluding them. If there are…


Introduction

This white-paper’s intent is to provide an overview of Cloud Security Architecture and go through Google Cloud Platform Security offerings, list out its various native services, and where they fit into the making of a robust security architecture. Simplification and elaboration of GCP security offerings will accelerate platform adoption.

Google has come a long way to bring a multitude of security offerings, while simplifying user interfaces, and efficiently integrating security elements within its various cloud resources as part of the build-by-design approach. …


Link : https://learn.hashicorp.com/tutorials/terraform/associate-review

What should you use Terraform as an IaC ( Infra as a Code )

  1. Platform Agnostic ( Works with Multiple Cloud Providers )
  2. State Management ( Maintains a local state file, which does a refresh to update the state with the real infrastructure )
  3. Operator Confidence ( User can always review before what is going to changed )


Secrets engines are Vault plugins that store, generate, or encrypt data.

Vault’s Transit secrets engine functions as Vault’s Encryption-as-a-Service, encrypting and decrypting data stored outside of Vault.

In this track, you’ll see how the Transit engine can encrypt and decrypt data stored in a MySQL database.

To learn more, see https://www.vaultproject.io/docs/secrets/transit/.

Enable the Transit Secrets Engine

The Transit secrets engine allows Vault to function as an encryption-as-a-service.

In this track, you will use the Transit secrets engine with a Python web app that talks to a MySQL server. …


Secrets engines are components which store, generate, or encrypt data. Secrets engines are incredibly flexible, so it is easiest to think about them in terms of their function. Secrets engines are provided some set of data, they take some action on that data, and they return a result.

Enable the AWS Secrets Engine

The AWS secrets engine generates AWS access credentials dynamically based on IAM policies. This generally makes working with AWS IAM easier, since it does not involve clicking around the AWS management console.

The AWS IAM credentials are time-bound and are automatically revoked when the Vault lease expires. The credentials can also be…


Secrets engines are components which store, generate, or encrypt data. Secrets engines are incredibly flexible, so it is easiest to think about them in terms of their function. Secrets engines are provided some set of data, they take some action on that data, and they return a result.

Enable the AWS Secrets Engine

The AWS secrets engine generates AWS access credentials dynamically based on IAM policies. This generally makes working with AWS IAM easier, since it does not involve clicking around the AWS management console.

The AWS IAM credentials are time-bound and are automatically revoked when the Vault lease expires. The credentials can also be…

Cloud App Security

Nawaz is a multi-cloud security architect, and has passion to build security cloud architecture.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store