Author: rodrigtech

Many customers that I’ve been advising constantly are challenged with how much access should be restricted without disruption to business operations. Typically, when we’re approaching Zero-Trust a backbone of Azure is Azure AD that sits as the IdP. In this I’m going to show some features that I find many customers unaware of in Conditional…

From a graphical standpoint its easy to see the control plane as being multiple components the idea of microservices is splitting these services up to be infrastructure independent and for the most part it is important to understand this as you’re organization is considering moving to kubernetes. Multiple approaches to adoption can be determined by…

Certified Kubernetes Administrator has been on my mind for the last year but I didn’t have enough time to start on the curriculum due to other vouchers I had were expiring so now I found myself with one month to burn a CKA + CKS Bundle. This was in the back of my mind but…

You’re likely wondering how are microservices orchestration services secured and what tools do exist to give us visibility. The biggest concern I see with many that have moved to cloud without proper strategies such as CAF and establishing Governance/Security as code prior to the leap, is visibility. How are my services actively exposed? Aqua Security…

Kubernetes offers a plethora of plugins that are used throughout your orchestration needs however natively speaking on security we have to consider RBAC and roles that are needed or used to access the resources in our cluster. For today’s demo I’m going to go through some CLI of creating a role, deciphering the YAML, and…

Today I’m going to cover concepts aligned with CKA in terms of security. Certificate Signing Requests have to be approved by the kubernetes administrator to be allowed For this tutorial I’m going to be running AKS in Azure you can run K8s in you’re preferred platform such as GCP, AWS or DigitalOcean. I’m running this…

Azure DevOps is the platform that operates on Microsoft Cloud providing CI/CD capabilities to developers in one area, for this post I’m going to show how to run a release pipeline with TFSec to run IaC Scanning on potential misconfigurations that can arise when writing IaC. If you want to follow along a few pre-requisites…

When deciding on breaking down monolithic applications for a micro-services approach, take good inventory of your technical depth of your team. Kubernetes will unlock an entire universe of possibilities with many plugins, repos, and products to choose from you might be asking yourself where do I begin. When deciding AKS/EKS/GKE determine on how much do…

Microsoft has made some bold acquisitions and recently launched Microsoft Entra with a few new offerings in Azure. Notably, the acquisition of CloudKnox has been integrated with Permissions Management if you recall permissions in IAM can really make or break access that can be overlooked by those who don’t understand permissions. But what happens when…