Skip to main content

Posts

Showing posts with the label Cloud

Using Hashicorp Vault

Why a Vault? The reason for having a vault is to have the secrets for the application stored in a very "safe" / "secure" location so that only trusted clients of the Vault (Web Apps / Services etc ) can get access to the secrets. When we do not use a vault, the dev team will check-in the secrets like Database Credentials, AWS credentials etc to the source control, which leaves it open to be accessible to anyone that gets access to source code. There are a lot of Vaults out there in AWS, Azure etc, but this system is opensource and we have full control of the installation and security, which piqued my interest and hence I started exploration. Dangers of exposing Secrets In the hands of wrong person, it could be disastrous, especially if the secret has more privileges, more the depth of the damage Developers might get to try out changes with these credentials. In recent years, a colleague of mine forgot to append the where clause in the production

Software As A Service (SaaS)

A Short Note on SaaS [Software As A Service]. IMHO, I am building upon a short post on SAAS, this is not exhaustive, but I encourage the readers to share their valuable comments to improve this post. SaaS is an abbreviation of Software As A Service.AKA Software on Demand, where the vendors develop, host and operate on the software and make it available on the internet for its consumers / customers. SaaS is the most mature category of cloud service, since it evolved from the application-service-provider model of software hosting. With SaaS, software applications are rented from a provider as opposed to purchased for enterprise installation and deployment. SaaS is the most mature category of cloud service, since it evolved from the application-service-provider model of software hosting. With SaaS, software applications are rented from a provider as opposed to purchased for enterprise installation and deployment. Users Can range from small group to multitude SaaS Considerat