Category Archives: Security

What is: SAML – an overview, its structure and requests tracing between a Jenkins and Okta SSO
0 (0)

17 November 2019

During the SAML SSO configuration for our Jenkins, I faced an issue, when some attributes weren’t passed from Okta to the Jenkins instance. So in this post will try to figure out what is SAML in general, will take a short overview of its architecture and main components, and will make some SAML-requests tracing/sniffing to… Read More »

Loading

Okta: G-Suite integration – provisioning and users import and export
0 (0)

25 October 2019

And going forward with Okta setup for our project. Previous posts: Okta: SSO authentication for Gmail and Slack Jenkins: SAML Authentication with Okta SSO and users groups Jenkins: SAML, Okta, users groups, and Role-Based Security plugin Github: SAML, Okta, and Github Enterprise Cloud – Organization SSO configuration The next task is to integrate our Google… Read More »

Loading

Github: SAML, Okta, and Github Enterprise Cloud – Organization SSO configuration
0 (0)

21 October 2019

As a follow-up to the SSO, Okta, and SAML. We already did everything for our Jenkins (see the Jenkins: SAML, Okta, user groups, and Role-Based Security plugin post) – now it’s time to do the same thing with our Github organization. The idea is the same as for the Jenkins’ setup: keep all users in… Read More »

Loading

OpenVPN: the No route to host and ERR_ADDRESS_UNREACHABLE errors – the cause and a solution
0 (0)

14 October 2019

We have an OpenVPN Access Server running, see its setup in the OpenVPN: OpenVPN Access Server set up and AWS VPC peering configuration post. The VPN server is hosted in a first AWS VPC, while a Bitwarden service – in another one VPC. Between those VPCs we have a VPC peering configured, and the OpenVPN… Read More »

Loading

Jenkins: SAML Authentication with Okta SSO and users groups
0 (0)

11 October 2019

SAML – Secure Assertion Markup Language is used for federated authentication when some service which we need to get access to (a Service Provider), asks another service (an Identity Provider) to perform a user’s authentification. Check the documentation here>>>. Service Provider (SP): is a system where need to authenticate, in our case this will be Jenkins… Read More »

Loading

Okta: the Custom domain and TLS configuration
0 (0)

4 October 2019

You can use your own domain configured for Okta. The one thing worth to mention here is the fact that Okta’s official plugin doesn’t work with a Custom domain feature so you’ll have to use Okta’s URL for the plugin authentification, see the  documentation for details. Custom domain configuration Go to the Settings > Customization:… Read More »

Loading

Kubernetes: part 4 – AWS EKS authentification, aws-iam-authenticator and AWS IAM
0 (0)

3 September 2019

Let’s proceed with our AWS Elastic Kubernetes Service, EKS. Previous parts: Kubernetes: part 1 – architecture and main components overview Kubernetes: part 2 – a cluster set up on AWS with AWS cloud-provider and AWS LoadBalancer Kubernetes: part 3 – AWS EKS overview and manual EKS cluster set up. In the previous – Kubernetes: part… Read More »

Loading

AWS: IAM users keys rotation, EC2 IAM Roles and Jenkins
0 (0)

30 May 2019

Today I checked our IAM-users and “suddenly” recalled that it’s good to update their credentials sometimes: Well, that’s good to do but here is a question: it’s simple enough to set an expire for keys in IAM, but what to do with all scripts which are used in our Jenkins and which are using those… Read More »

Loading