security
Restrict FROM address with AWS SES domain identities
aws
security
snippets
Use conditional keys in your SES IAM policies to prevent attackers impersonating your staff.
Securing Drupal on Kubernetes
drupal
kubernetes
security
presentations
I presented a draft of my DrupalCon talk at the March 2020 Sydney Drupal Meetup.
How to generate temporary download links to S3 objects
aws
security
snippets
s3
Pre-signed URLs are a great way to share large files without giving the
recipient permanent access. Learn how to use the AWS CLI to create links
that expire after a certain amount of time.
AWS KMS cryptographic operations on the command line
aws
security
snippets
Leverage AWS KMS on the command line using these simple commands.
Encrypted Drupal Database Connections with Amazon RDS
drupal
security
aws
Malicious users can intercept or monitor plaintext data transmitting across unencrypted networks, jeopardising the confidentiality of sensitive data in Drupal applications. This tutorial will show you how to mitigate this type of attack by encrypting your database queries in transit.
Can You Keep a Secret? - Bucharest, 2018
hackcamp
drupal
conferences
security
presentations
My presentation on secrets management at DrupalHackCamp 2018 in Bucharest, Romania.
HashiCorp Vault for Drupalers
hackcamp
drupal
conferences
security
presentations
vault
My presentation on HashiCorp Vault at DrupalHackCamp 2018 in Bucharest, Romania.
Securing Drupal: Storing API Tokens in Lockr
drupal
security
As seen in the recent Uber hack, storing secrets such as API tokens in your project repository can leave your organisation vulnerable to data breaches and extortion. This tutorial demonstrates a simple and effective way to mitigate this kind of threat by leveraging Key module to store API tokens in remote key storage.
Can You Keep a Secret? - Auckland, 2017
drupalsouth
drupal
conferences
security
presentations
My presentation on secret management at DrupalSouth 2017 in Auckland, NZ.