<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Api on Brave New Geek</title><link>https://bravenewgeek.com/tag/api/</link><description>Recent content in Api on Brave New Geek</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Tue, 29 Jan 2019 15:36:12 -0600</lastBuildDate><atom:link href="https://bravenewgeek.com/tag/api/index.xml" rel="self" type="application/rss+xml"/><item><title>Authenticating Stackdriver Uptime Checks for Identity-Aware Proxy</title><link>https://bravenewgeek.com/authenticating-stackdriver-uptime-checks-for-identity-aware-proxy/</link><pubDate>Tue, 29 Jan 2019 14:46:43 -0600</pubDate><guid>https://bravenewgeek.com/authenticating-stackdriver-uptime-checks-for-identity-aware-proxy/</guid><description>&lt;p&gt;&lt;a href="https://cloud.google.com/stackdriver/"&gt;Google Stackdriver&lt;/a&gt; provides a set of tools for monitoring and managing services running in GCP, AWS, or on-prem infrastructure. One feature Stackdriver has is “uptime checks,” which enable you to verify the availability of your service and track response latencies over time from up to six different geographic locations around the world. While Stackdriver uptime checks are not as feature-rich as other similar products such as &lt;a href="https://www.pingdom.com/"&gt;Pingdom&lt;/a&gt;, they are also completely &lt;em&gt;free&lt;/em&gt;. For GCP users, this provides a great starting point for quickly setting up health checks and alerting for your applications.&lt;/p&gt;</description></item><item><title>API Authentication with GCP Identity-Aware Proxy</title><link>https://bravenewgeek.com/api-authentication-with-gcp-identity-aware-proxy/</link><pubDate>Fri, 25 Jan 2019 11:21:53 -0600</pubDate><guid>https://bravenewgeek.com/api-authentication-with-gcp-identity-aware-proxy/</guid><description>&lt;p&gt;&lt;a href="https://cloud.google.com/iap/"&gt;Cloud Identity-Aware Proxy (Cloud IAP)&lt;/a&gt; is a free service which can be used to implement authentication and authorization for applications running in Google Cloud Platform (GCP). This includes &lt;a href="https://cloud.google.com/appengine/"&gt;Google App Engine&lt;/a&gt; applications as well as workloads running on &lt;a href="https://cloud.google.com/compute/"&gt;Compute Engine (GCE)&lt;/a&gt; VMs and &lt;a href="https://cloud.google.com/kubernetes-engine/"&gt;Google Kubernetes Engine (GKE)&lt;/a&gt; by way of &lt;a href="https://blog.realkinetic.com/http-to-https-using-google-cloud-load-balancer-dda57ac97c"&gt;Google Cloud Load Balancers&lt;/a&gt;.&lt;/p&gt;
&lt;p&gt;When enabled, IAP requires users accessing a web application to login using their Google account and ensure they have the appropriate role to access the resource. This can be used to provide secure access to web applications without the need for a VPN. This is part of what Google now calls &lt;a href="https://cloud.google.com/beyondcorp/"&gt;BeyondCorp&lt;/a&gt;, which is an enterprise security model designed to enable employees to work from untrusted networks without a VPN. At Real Kinetic, we frequently bump into companies practicing &lt;a href="https://www.onelogin.com/blog/the-death-star-a-lesson-in-cybersecurity"&gt;Death-Star security&lt;/a&gt;, which is basically relying on a hard outer shell to protect a soft, gooey interior. It’s simple and easy to administer, but it’s also vulnerable. That’s why we always approach security from a perspective of &lt;a href="https://en.wikipedia.org/wiki/Defense_in_depth_(computing)"&gt;&lt;em&gt;defense in depth&lt;/em&gt;&lt;/a&gt;.&lt;/p&gt;</description></item></channel></rss>