OCI Cloud Shell

oci_cloud_shell_buttonThis button on the top right corner I have noticed some time ago in my internal tenancies. At that time this feature was in a Limited Availability (LA) period, but today it has been published in General Availability (GA). More details about it you can read here. What are we talking about? About OCI Cloud Shell! 🙂 I am sure it will be a powerful feature for many of you. There is no need to set up VM  to run OCI CLI commands and many more such as git, java, python, SQLPlus, kubectl, helm, maven, grade, terraform. How to access OCI Cloud Shell? You have to just click on this button and then at the bottom of your OCI Console in just a few seconds in the black popup window fully operational shell-based environment will be visible. Immediately your commands can be executed there. And of course, you are pre-authenticated to your tenancy. Nothing more to configure, just work with the cloud resources. Below you can find a quick video about how to use it for VCN creation and then deletion. Then quick ride with terraform plan and apply for the first lesson from my Terraform+OCI tutorial. Nothing big in a sense of recording, just a bit of new taste 🙂

Bon Appetit,

Martin, The Cook.

 

How to use Terraform and OCI – lesson 9

I hope you have noticed that huge news at OCI Release Notes. In February 2020 OCI global footprint has grown significantly with three new regions (Amsterdam in the Netherlands, Jeddah in Saudi Arabia and Melbourne in Australia). I am located in Europe so immediately I have requested the subscription of Amsterdam DC. So now in my tenancy, I have Frankfurt and Amsterdam regions ready to be utilized. Given this fact, it was obvious for me, I can try to set up some extension to my previous lesson, lesson 8. I could convert local VCN peering in the same region into a remote VCN peering configuration. In this new setup, my BackendServer, with all necessary cloud infrastructure, would be deployed in Amsterdam. And I have done it. So now we have brand new lesson 9 for which code is available here. There is also video, ready for you, ready to be watched! 🙂 As always I am asking kindly for subscribing to our YouTube channel. Believe me, I am planning to record more and more stuff and publish it here in a form of blog post and video blog on YT 🙂

Bon Appetit,

Martin, The Cook.

OCI File Storage Service + Network Security Groups (NSG) with Terraform

What is the topic for today? Network security of your OCI cloud infrastructure! Honestly speaking always an important topic, right? The basics of Network Security Groups (NSG), for the first time I have described in this blog post. Recently I have found in OCI Release Notes, that OCI File Storage Services supports now NSG. Immediately I have checked Terraform OCI Provider, just to confirm my favorite automation runtime also supports it. And guess what? Terraform OCI Provider in version 3.55.0 fully covers this feature. That is really amazing! Just one week later, after OCI release, Terraform Provider codebase has been updated! That is why I have decided to test it and add this stuff to my Terraform+OCI tutorial as a lesson 5a. I hope you will find it interesting! If it is true I really encourage you to subscribe to our YouTube Channel 🙂 One more thing – File Storage Service UDP and TCP ports for NSGs and Security Lists have been documented here.

Bon Appetit,

Martin, The Cook.

How to create Web Application Firewall in OCI with Terraform

Security is the primary concern for every enterprise today, as traditional firewalls monitoring ports are not sufficient to keep up the pace with the advanced hackers. To protect from intelligent and malicious threats, we need modern and advanced tools to protect web applications. In this video, we will explore Oracle cloud infrastructure’s Web Application Firewall (WAF), how it can protect the web applications from Cross-Site Scripting(XSS), SQL injection and other OWASP-defined vulnerabilities. Then, we will see how WAF can be created using Terraform scripts available from the Github.

Terraform Module: https://github.com/terraform-providers/terraform-provider-oci/tree/master/examples/waas

 

OCI NSGs – an add-on to Terraform+OCI course

Yes, OCI is changing very quickly! 🙂 Everyone, who follows OCI release notes, knows that. Oracle Cloud Gen2 is updated with new features even a couple of times every single month.  It shouldn’t surprise you. That is how the modern cloud world works now. 🙂 In my Terraform+OCI short course, I was using security lists, but last summer in July 2019, in OCI new security feature, has been released – it has been called Network Security Groups (NSG). This new feature seems to be very popular in other cloud vendors configuration, so frankly speaking, it was rather obvious for me that OCI should embrace NSG, sooner or later. And now it is there in OCI and NSG concept is supported by Terraform OCI Provider (version >= 3.33.0) as well. NSG concept is more advanced and more elastic then Security Lists, mostly because it can be implemented on the VNIC level. It means you can still use Security List on the subnet level and then create some specific NSG for particular machines nested in this subnet. Security Lists and Network Security Groups work together as an union, is that right? 🙂 I guess you should check it up as fast as possible. 🙂 Here is a brand new video I have recorded for you. 🙂

Bon Appetit,

Martin, The Cook.