OCI-Ballerina module

What is Ballerina?

Ballerina is an open-source, general-purpose, cloud-native programming language that incorporates concepts of distributed systems and micro-service development with both textual and graphical syntax. So why a completely new language? In the current micro-services world, I believe the language should have more capabilities to deal with creating containers, storing and deploying them to cloud platforms. The trend seems to be similar to the frameworks around JavaScript. Angular and React were born to incorporate the best practices to write clean and efficient code. One could argue that those are frameworks or libraries that could also be added to the language, but what if those features are available already in the language? It is all up to the developer to decide to choose the capabilities available in the language (Remember “import” in java?). For more details and discussions, check here

The OCI-Ballerina GitHub module:

The GitHub module provides the language to interact with OCI resources for a seamless native cloud application development process. The module would enable a user to efficiently provision and manage infrastructure resources on OCI. For example, a user might write business logic code or configuration code (e.g. provisioning scripts).

Risk Events Service from Oracle CASB

The Oracle Cloud Access Security Broker gives visibility into the entire cloud stack and acts as the security automation tool for the IT needs. For more details, check the details here. There are different modules like threat detection, predictivity analytics, and Security configuration available in CASB. In this example, we will take advantage of CASB’s risk events API to get the risk event data for the cloud tenancy. We will save this data to OCI Object Storage, which then could be leveraged to integrate with any other security and monitoring systems like Splunk, QRadar, or Oracle Management Cloud.

Prerequisites:

Once the module is downloaded from the GitHub, we need to configure the tenancy details as mentioned below. Once configured and tested, we can create an ociClient object to interact with OCI.

Image – Prerequisites to interact with OCI

JSON to CSV Transform:

Once we acquire the risk event data in JSON format, we can take the advantage of the native JSON to CSV file (shown below) converter available in the Ballerina language, to upload the file to object storage.

Image: JSON to CSV converter built in the language

Image: CSV file uploaded to OCI object storage

Summary:

To create a micro-service that fetches risk event data from Oracle CASB, we took advantage of the GitHub module for OCI-Ballerina interaction. We obtained the risk events data in a JSON format, converted into a CSV file, and uploaded it to the OCI object storage. The GitHub module also allows a user to interact with other OCI resources to develop and deploy on OCI.

How to Create API Gateway in OCI using Terraform

In microservices-based applications, business logic is spread across multiple services. Different clients like mobile and web browsers interact with these services. Such interactions might require protocol conversion, handling network latency, protecting from malicious traffic, etc. To handle such scenarios, complex distributed applications like Netflix use API Gateway to optimize the API interaction and improve the performance of the system.

In this video, we will discuss more about Oracle Cloud Infrastructure API Gateway in detail and how to create it using Terraform available in this Github module.

 

How to create Web Application Firewall in OCI with Terraform

Security is the primary concern for every enterprise today, as traditional firewalls monitoring ports are not sufficient to keep up the pace with the advanced hackers. To protect from intelligent and malicious threats, we need modern and advanced tools to protect web applications. In this video, we will explore Oracle cloud infrastructure’s Web Application Firewall (WAF), how it can protect the web applications from Cross-Site Scripting(XSS), SQL injection and other OWASP-defined vulnerabilities. Then, we will see how WAF can be created using Terraform scripts available from the Github.

Terraform Module: https://github.com/terraform-providers/terraform-provider-oci/tree/master/examples/waas