Four Effective Strategies for Optimizing Application Security with ASPM
Download Ebook Now
SEP 25 2024 REGISTER NOW
1000+ DOWNLOADS GRAB IT NOW
This blog guides users as to how to enable basic form authentication for Spinnaker via Halyard.
August 10, 2021
Introduction Security Assertion Markup Language (SAML) is a standard used for user login to different applications like Spinnaker, based on their logged-in sessions used in another context. This single sign-on (SSO) login standard has significant advantages over logging in using a username/password: No need to type in credentials No need to remember and renew passwords No weak passwords The […]
June 30, 2021
Background The self-signed certs (certificates) for mutual TLS, used as a means of security and authentication for communication between Spinnaker microservices, are usually short-lived (maybe for three months) and expire after the specified period of time. If the mTLS certs are approaching expiry, these certs need to be updated to extend their expiry time. The cert-manager is […]
February 27, 2021
Background Spinnaker instances often use x.509 as a certificate authority (ca) issued by Identity Provider (IDP) for authentication in Spinnaker. Spin CLI is the command-line interface to access Spinnaker from outside using a terminal rather than a browser. We can manage applications, pipelines, pipeline templates as a code, projects, and canary configs through Spin CLI. Spin […]
January 29, 2021
Industry Standard Authentication for your deployments Manage access using OAuth, SAML, LDAP, X.509, Github teams. Schedule a Demo Introduction Security Assertion Markup Language (SAML) is a standard for logging users into applications based on their sessions in another context. This single sign-on (SSO) login standard has significant advantages over logging in using a username/password: Advantages […]
January 15, 2021
What is APM ? APM tools are used to monitor and track the overall health, performance, and behavior of the deployed app and the environment where it runs. For applications and microservices running in Kubernetes, Prometheus is a popular APM tool that provides detailed actionable metrics for the DevOps teams on the performance of containers, pods and […]
December 4, 2020
While deploying Spinnaker in the cloud, often we have a situation in the production environments where-in all the developers, QA, and DevOps team members belong to the same group in LDAP (Lightweight Directory Access Protocol). But ideally, every team member should not have the authorization to create/deploy applications. There is a way by which we can prevent people without proper […]
November 25, 2020
While deploying an application to the Azure Kubernetes Service (AKS) clusters with Spinnaker, users need Azure accounts with proper authorization ( service principal key ) to access the Azure Kubernetes Service (AKS) resources. An Azure service principal (a special user) is an identity created for use with applications, hosted services, and automated tools to access Azure resources. This access key is restricted by the roles assigned to the service principal, giving you control over which resources can be accessed and at which level.
November 24, 2020
The authentication mechanism in Spinnaker supports a variety of different login sources. There are three basic systems involved with Spinnaker’s authentication workflow: your identity provider (IDP), Gate, and Deck. x509 client certificates can be used as an identity provider. What is x509? x509 is a standard defining the format of public-key certificates. An x509 certificate […]
October 26, 2020
OpsMx has released OpsMx Enterprise Spinnaker (OES) 2.10. Following are the key feature addition of these releases are: Policy Management– to help customers enforce policies into their software deployments with easy and simple steps. Audit Enhancements: It also brings more visibility into policy compliance, which is a major enhancement to the Audit feature. Simplified Account […]
July 29, 2020
Introduction As the Spinnaker is evolving, new features are being incorporated and one of them is External Account Configuration which allows the configurations to be externalized via Git, Hashicorp Vault, databases, CredHub, etc. You may be asked if we can keep the cloud provider account details in a remote repository? If so, what if an account change […]
January 7, 2020