Managing secrets and using secrets in the Azure Kubernetes environment is a very important security aspect. While working with Kubernetes and secrets in particular you will know that they are not secure by default. In fact, they are just base64 encoded strings which can be easily decoded. …

This article covers the process of configuring ExternalDNS with Azure Kubernetes Service (AKS) and Azure DNS. By deploying and configuring External-DNS and necessary Azure services correctly, you can ensure proper routing from your custom domain into Kubernetes. Ingress object will update the DNS zone with the correct record. Steps to be performed: Create a…

This article shows how to deploy the NGINX ingress controller in an Azure Kubernetes Service (AKS) cluster. The ingress controller is configured with a static public IP address on Azure Standard Load Balancer. The cert-manager project is used to automatically generate and configure Let’s Encrypt certificates. …

SonarQube is an open-source tool that assists in code quality analysis and reporting. It scans your source code looking for potential bugs, vulnerabilities, and maintainability issues, and then presents the results in a report which will allow you to identify potential issues in your application. Community edition of SonarQube is…

While Kubernetes offers enhanced pace, portability, and the ability to use microservices architectures, they can also introduce security vulnerabilities and broaden the attack surface. To make it more secure and robust, Kube cluster should be designed and architected keeping security as the primary aspect. In this article, we will set…

What is Terraform State File? By default, when you run “terraform plan” or the “terrafom apply” commands, a record called terraform.tfstate file is created locally. This state file is used by Terraform to map resources to the configuration, keep track of metadata, and to improve performance for large infrastructures. …

Digitization is evolving the businesses to adopt modern approaches in their IT infrastructure. This is the reason everyone talks about speed, agility and time to market, but security is the least discussed and focussed part of the infrastructure. DevSecOps takes care of continuous security along with continuous integration and deployment…

Many Organisations neglect necessary security measures while designing their IT infrastructure and end up with a chaotic approach to incident management and mitigation. Security mostly works with the 20:80 rule, where 20% of the time spent on implementing security will make the environment 80% secure. We hear a lot about…

Nowadays, Organisations are following the digital transformation path and making strategies to modernise their applications to run in PAAS or containers. Refactoring an application in this fashion achieves many benefits of the cloud. If we talk specifically about cloud environments, Azure App Service is among the famous choices. Deploying a…