www.jhanley.com Development Site

This site is used for development and testing before being published to the main site. Go to main site

Article Index:

Title Content Date
Hello Cloud World! October 13, 2018. Welcome to my new blogging site where I will publish my articles on software development for the cloud. I support AWS, Alibaba, Azure, Google, and IBM. Languages C/C++, Python, PHP, Java/Scala, JavaScript/Node.js and C# 2018-10-13
CURL SSL Certificate Problem Part 1 - The CURL command-line program If curl is not setup correctly for SSL (HTTPS) data transfers an error is displayed. The error message starts like this: curl: (60) SSL certificate problem: unable to get local issuer certificate 2018-10-22
Understanding Google Cloud Storage Scopes Google Cloud Storage uses scopes to determine what permissions an identity has on a specified resource. Google scopes are formatted as urls. There are three basic types: read-only, read-write and full-control. read-only Only allows acce 2018-10-22
Google Compute - Startup Script Total Execution Time I have been testing Google Compute VM instances with custom startup scripts. I wanted to figure out how long my startup scripts were taking to initialize an instance. The VM instance has Debian 9 Stretch as the OS. Knowing the OS I can n 2018-10-25
Google Compute - Install Stackdriver 2018-10-26
Windows Command Prompt - Loading a File into a Variable Often I need to load the content of a file into a Windows Command Prompt variable. This is useful when writing batch scripts where the return value from one program is used as input for another program. At other times I need to process a js 2018-10-26
Let's Encrypt - Debian 9 on Google Compute Instance Let's Encrypt is a Certificate Authority (CA) that issues free SSL certifications. I have used these certificates on web servers, cloud functions, load balancers, and many more. In this article I will show how to obtain an SSL certificat 2018-10-26
Comparing AWS & Google - IP Packet Forwarding When you configure an instance that will forward packets, you need to change an option. The option name depends on the cloud vendor. Example usage would be a VPN, or NAT instance. Normally an instance is source or destination for traffic 2018-10-27
Google Cloud - Debian 9 - Resize Root File System In Google Cloud I often use Debian 9 Stretch for my test instances. Today I was wondering if this OS automatically resizes the root file system if I resize the VM instance disk. I also want to see if this can be done "online" and by using s 2018-10-27
Google Cloud Billing Catalog API Google Cloud supports a Cloud Billing Catalog API. I have not worked with this API yet. Today, I plan to experiment. Documentation page to get started with Google Cloud Platform Pricing: Get Google Cloud Platform Pricing Information 2018-10-28
Google Cloud Private DNS Zones On October 23, 2018, Google introduced private DNS zones for Google Cloud DNS. This is an important announcement as this keeps internal DNS names private. Today's article covers how to implement this new feature in Google Cloud Platform. 2018-10-29
Google Cloud - Understanding Gcloud Configurations This article is written for Windows, but the same principles apply to Linux and Mac. I need to work with multiple Google Cloud accounts and be able to easily switch my credentials between accounts. For those of you with AWS backgrounds, 2018-11-01
Google Cloud - Setting up Gcloud with Service Account Credentials In this article we will download and install the Google gcloud CLI. Then we will setup gcloud with Google Service Account credentials. This article is for Windows based system but the same principles apply to Linux and Mac systems. Step 1 2018-11-02
Google Cloud - Where are my credentials stored Google Cloud stores your credentials in a database on your system. These credentials can then be used over and over. Google's choice of a database means that the CLI and SDK tools can manage a huge number of credentials efficiently. Credent 2018-11-02
Google Cloud - Creating and Authorizing Service Account Credentials with the CLI This article is written for Windows, but the same principles apply to Linux and Mac. A service account is a special Google account that is used with applications or services, such as, Google Compute Engine. Service account credentials ar 2018-11-04
Google OAuth 2.0 - Testing with Curl Introduction If you have ever wanted to test Google OAuth 2.0 flows from the command-line, you will like this short article. [Update: I thought about the problem below with the copy and paste requirement. I created a simple python web 2018-11-17
Google Cloud Application Default Credentials Google Cloud Application Default Credentials (ADC) are not credentials. ADC is a strategy to locate Google Cloud Service Account credentials. If the environment variable GOOGLE_APPLICATION_CREDENTIALS is set, ADC will use the fil 2018-12-04
Google Cloud Stackdriver - IP Addresses I have worked with Google Cloud Stackdriver for about three months. The more I learn about Stackdriver the more I like it. Great product for logging, monitoring, error reporting, application tracing and application debugging and more. On 2018-12-19
Google Cloud - Creating Access Tokens from Service Account P12 Credentials Google Service Account Credentials are available in two file formats: Json and P12. P12 is also known as PFX. The following code shows how to use P12 credentials to list the buckets in Google Cloud Storage without using an SDK. Note: The 2018-12-21
Google Cloud - Recovering from UFW lockout Introduction You have a Debian instance running in Google Cloud Compute Engine. You connect to this instance via SSH. One day you decide to enable the UFW firewall and your SSH connection drops. You cannot reconnect. Problem The problem 2018-12-22
Google Cloud - Extracting Private Key from Service Account P12 Credentials Google Service Account Credentials are available in two file formats: Json and P12. P12 is also known as PFX. The following code shows how to process a P12 file and split into Private Key and Certificate. This code also works with normal SS 2018-12-22
Google Cloud - Converting Service Account Credentials from P12 to Json Format I have written a number of articles about Google Cloud Credentials. For Service Account credentials, there are two on-disk formats: P12 and Json. This article shows how to convert these credentials from P12 to Json. #################### 2018-12-22
Google Cloud - Creating OAuth Access Tokens for REST API Calls The following example shows several important steps to call Google Cloud APIs without using an SDK in Python. Similar code works in just about any language (c#, java, php, nodejs). Change the source code with the filename of your service 2018-12-25
Google Cloud IAM - Member Types Google Cloud IAM supports several member types that can be authorized to access Google Cloud resources. The following member types can be added to Google Cloud IAM to authorize access to your Google Cloud Platform services. Google IAM Me 2018-12-26
Google Cloud IAM - Listing Projects This article shows how to display a list of Google Cloud Projects that you have access to list. This article includes two examples in Python that use two different Google Cloud Python libraries. These examples produce the same output as th 2019-01-13
Google OAuth 2.0 – Testing with Curl - Version 2 If you have ever wanted to test Google OAuth 2.0 flows from the command line, you will like this short article. This article is the second version. I wrote a previous article on using curl, but that version did not have a custom web serv 2019-01-14
Google OAuth 2.0 – Testing with Curl – Refresh Access Token In my earlier article on how to test Google OAuth 2.0 flows from the command line I showed how to generate Google OAuth 2.0 Access Token, Refresh Token, and ID Token. In this article, I will show how to refresh an Access Token. You wi 2019-01-14
Google Professional Cloud Security Engineer Certification Date created: January 30, 2019 Last updated: March 2, 2021 Exam Completed: February 15, 2019 Part 1: Introduction Part 2: Post Exam Review Part 3: Daily Study Part 4: Tips and Advice Part 5: Final Exam Update March 29, 2019. 2019-01-30
Google Professional Cloud Network Engineer Certification Date created: February 10, 2019 Last updated: March 13, 2019 Update: March 13, 2019. I passed this certification. Update: February 21, 2019. Bad news. My work schedule has been so long each day that I have not been able to study 2019-02-10
Google Cloud - The Master Series Date created: February 27, 2019 Last updated: March 2, 2019 Introduction This month I completed two beta Google certification exams (Security, Network) with another exam scheduled for March 11th. In preparing for these exams I realized t 2019-02-27
Google Cloud - Compute Engine Service Accounts Date created: March 1, 2019 Last updated: March 3, 2019 Note: This article is evolving as I document my deep dive. Contents: Introduction March 1, 2019 – Day #1 - Basics and FAQ March 2, 2019 – Day #2 - Auditin 2019-03-02
Google Compute – Stackdriver Logging - Installation, Setup & Debugging Date created: March 10, 2018 Last updated: September 12, 2019 Google Stackdriver is a very good product for monitoring and logging your compute instances on Google Cloud, AWS, Azure, Alibaba, etc. This article covers Stackdriver logg 2019-03-10
Google Cloud Certified - Associate Cloud Engineer Date created: March 22, 2019 Last updated: March 25, 2019 Today I took the Associate Cloud Engineer exam and passed. The exam was medium difficulty. However, I took this exam for granted and I did not study or prepare at all. Thi 2019-03-22
Google Cloud Memorystore - Redis Date created: April 17, 2019 Last updated: April 19, 2019 Introduction Redis (REmote DIctionary Server) is one of the most popular databases in the world. Redis is a Key Value dictionary. Google Cloud Memorystore is Google's managed 2019-04-17
Google Cloud Certification Badges I think that Google has done a nice job creating certification badges. Certify with Google Cloud and G Suite and get your own badges. Google Cloud Certified 2019-04-23
Google Domains - Purchasing a Domain Name Date created: May 2, 2019 Last updated: May 4, 2019 Introduction For the articles on this site, I often create subdomains for testing. This is neither safe nor secure and a mistake could take down my entire domain. Therefore, I purchased 2019-05-02
Google G Suite - Sender Policy Framework - SPF Date created: May 4, 2019 Last updated: May 5, 2019 Gmail stats graphic courtesy Google Security Blog Introduction One of the major problems with email is email spam. Spammers impersonate your identity to send emails that appear t 2019-05-04
Google G Suite - How to Analyze an Email Ransom Demand Introduction Date created: May 7, 2019 Last updated: May 7, 2019 Today I received an email titled "jhanley@jhanley.dev has been hacked, change your password ASAP". The hacker claims to know my login and password, has full control o 2019-05-07
Google Cloud Run - Getting Started with Python and Flask Introduction On August 15, 2018, Google released the Alpha release of Google Cloud Run. Many of us saw the potential and went to work learning this new platform. Everything serverless gets our attention. Cloud Run is Google's entry into 2019-05-10
Google Cloud - HTTP Load Balancer and IPv6   Introduction This article covers how to add IPv6 to a load balancer on Google Cloud and create the correct DNS resource records. Google Compute Engine does not support IPv6, so this requires that a Google HTTP Load Balancer (an 2019-05-11
Google Cloud - Backup Bitnami WordPress Introduction My personal website which covers articles about Google Cloud has been growing both in traffic and content. After I wrote my article Google Professional Cloud Security Engineer Certification, my website lit up with traffic and 2019-05-12
Google Cloud Run - HTTPS - Part 1 Introduction This article discusses HTTP to HTTPS redirection as implemented by Google Cloud Run. Today, all websites should deliver traffic over HTTPS. Google Cloud has adopted this policy providing HTTPS for Cloud Run service URLs wit 2019-05-13
Google Cloud Run - HTTPS - Part 2 Introduction This article discusses HTTP to HTTPS redirection in software. I will show you one method of server-side redirects in Python 3 and Flask. I will start by analyzing the HTTP headers received by a Cloud Run container applicatio 2019-05-15
GitHub - New Public Repository Starting today, I am copying all of my source code for the articles on this website to GitHub. This will take a week to complete. Today's article on Cloud Run now has a GitHub repository to make downloads and builds easier. Most repositorie 2019-05-15
Google Developers Experts - Cloud Platform Google Experts Program Google has honored me with Google Developers Experts Cloud Platform. I am the twentieth expert in North America. This is a global program to recognize individuals who are experts and thought leaders in one or more 2019-05-22
Google Cloud Run - Pricing Introduction Google Cloud Run charges you for the resources you use when you use them. No long running compute instances, just on-demand services. There are several components to Cloud Run services. In this article, we will look at each 2019-05-27
Google Cloud Run - Identity Introduction Sometimes your Google Cloud Run app needs to communicate with or consume other services. This can be a simple as reading an object in Cloud Storage, sending an email, or connecting to a database. What identity does Cloud Ru 2019-06-03
Google Cloud Asset Inventory - Reverse Engineering an API Introduction This article describes a missing item from the articles and documentation on Google Cloud Asset Inventory. The item is the header X-Goog-User-Project. I am writing this article to show how I figured this out, so you have ano 2019-06-07
Google Cloud and Go - My Journey to Learn a new Language in 30 days Part 1: Introduction Today I decided to learn Go in the next 30 days and document every step of my journey. How well will I know Go in 30 days? That is a difficult question and by logging the steps, I can hopefully measure progress. How 2019-06-11
Google Cloud - Go - Identity Based Access Control Introduction This article will discuss several key features if you are programming for Google Cloud Platform. Key features of this article: Using a service account that has no permissions to read a non-public Cloud Storage object 2019-06-13
Google Cloud Run - Simple File Server in Go Introduction This article shows how to serve files with Google Cloud Run. There are a few reasons to use Cloud Run instead of Google Cloud Storage. To learn how to deploy a simple file sharing service using Cloud Run. To have a m 2019-06-17
Security - Key Pairs and Private-Public Keys Table of Contents Introduction Definitions Example Private & Public Keys OpenSSH Public Keys SSH-2 Public Keys Examining OpenSSH Public Keys Introduction There is a lot of confusion and inaccurate information on the Internet a 2019-06-19
Google Cloud Shell - CLI in Go Google Cloud Shell CLI Written in Go This is a placeholder until I write this article. I have published the source code on GitHub. Note: This program is written for Windows. I have not yet ported it to Linux or Mac OS. Volunteers? 2019-06-29
Google Cloud - HTTP Load Balancer File Upload Error Introduction This article is about how to upload files to Compute Engine fronted by a Google HTTP Load Balancer and how to diagnose and correct file upload timeouts. The result is a better understanding of how to configure the Google Clo 2019-07-06
Google Cloud Run - Minimizing Cold Starts Introduction This article discusses Google Cloud Run cold starts, what they are and how to avoid cold starts. What is Cold Start? Cloud Run is a stateless HTTP serverless container service that provides on-demand services that autoscal 2019-07-06
Google Cloud Platform - Getting Started Introduction Google Cloud Platform is a suite of cloud computing services. Google has everything from storage, compute, database, big data to AI and everything in between. I am often asked how do I get started with Google Cloud. In this 2019-07-07
Google Cloud Run Deep Dive - Understanding the APIs - Part 1 Introduction To understand Google Cloud Run, you must peel back the layers and look at the interfaces that the API offers. Understanding the API will provide you with a better understanding of the features and capabilities. If your goal 2019-07-13
Google Cloud Run Deep Dive – Understanding the APIs – Part 2 Introduction This article discusses mapping custom domains for Google Cloud Run Managed. In a future article, I will cover Google Cloud Run on GKE. Google Cloud Run supports using a custom domain rather than the default address provid 2019-07-14
Google Cloud SQL Proxy - Installing as a Service on GCE Introduction Google Cloud SQL Proxy provides secure access to Cloud SQL Second Generation instances without having to whitelist IP addresses or configure SSL. Cloud SQL Proxy provides several important benefits: Secure connection 2019-07-28
Google Cloud SQL - New Training Videolab Introduction I watch a lot of training material from all the major education vendors (Pluralsight, Linux Academy, Cloud Academy, A Cloud Guru, and many others). For a long time, I have been wanting to add professional scriptwriting, profes 2019-08-07
Introduction to Python - New Training Videolab Introduction I watch a lot of training material from all the major education vendors (Pluralsight, Linux Academy, Cloud Academy, A Cloud Guru, and many others). For a long time, I have been wanting to add professional scriptwriting, profes 2019-08-07
Google Cloud SQL for MySQL - Connection Security, High Availability and Failover Introduction Designing an application that incorporates Google Cloud SQL requires some thought. There are several factors to consider regarding security, performance, fault tolerance and availability. Incorrectly implementing one of thes 2019-08-15
Get Cooking in Cloud - New Training Videolab Introduction This training videolab is a collection of videos Google Cloud created by Priyanka Vergadia @pvergadia. Priyanka is a Google Cloud Architect and a Google employee. Her videos are very good and average about 5 minutes each. 2019-08-22
Cloud Storage Bytes - New Training Videolab This training videolab is a collection of videos Google Cloud created by Jennifer Brown @jbrojbrojbro. Jennifer is a Google Cloud Developer Advocate and a Google employee. Her videos are very good and average about 3 minutes each. This l 2019-08-22
Google Cloud - SSL Certificates the Easy Way Introduction I use SSL certificates for everything. I am constantly creating them for internal systems and cloud services. This includes services such as web servers, SQL servers, anything where you might use a paid SSL certificate, or a 2019-09-15
Never Implement Proxy TLS Interception Introduction I was answering a question on StackOverflow. The questioner has implemented Proxy TLS Interception which is very dangerous. I am reposting this thread on my website to share the details of my answer. The Question: how to con 2019-09-22
Socratica Python Kickstarter Project  Socratica Python Kickstarter Campaign Introduction from Socratica's Kickstarter Campaign Socratica - a small educational film studio with big dreams. You know us for our high-quality video lessons about math, science, and programmi 2019-09-23
IBM Cloud - New Website Today I moved all of my IBM Cloud and Red Hat OpenShift content to a new site. The new site will focus on IBM Cloud, Red Hat, Serverless Containers and OpenShift. Most of my work is in Hybrid and Multi-Cloud. Kubernetes, Google Anthos and R 2019-10-22
Microsoft Security Certifications - New Year's Resolution Introduction I am working on two new security certifications for my new year's resolution. My specialties include security, identity, access management, and networking with a focus on hybrid and multi-cloud. For the first quarter, I plan 2020-01-11
Certification Practice Tests What is a Certification Practice Test? There are two types: Practice Questions and Practice Tests. Practice Questions help you test your knowledge and prepare for certification. These could be as simple as a list of questions where you 2020-01-14
Google Cloud Compute - Mastering SSH Introduction One of the more frequent problems on Stackoverflow is Compute Engine SSH. This article will dive into how SSH is configured on Compute Engine and how to connect using various SSH tools. I will also cover how to create SSH ke 2020-02-10
PowerShell - Impersonate Google Service Account Introduction This article shows how to impersonate a service account from user account credentials. To understand how to set up everything, read the companion article: Google Cloud - Improving Security with Impersonation Save the 2020-03-15
Google Cloud - Improving Security with Impersonation Introduction A common practice in Google Cloud is to create one or more service accounts to authorize the Google Cloud CLI. Using service accounts is recommended by Google instead of user accounts. However, a service account JSON or P12 2020-03-15
What programming language do I write software in? Introduction I recently had a conversation with the Principle Security Architect for a large company concerned with security, identity, and access management. He asked me, "What language do you write your code in and why?". I answered h 2020-03-21
Hostwinds - Virtual Private Servers Introduction One of the things that I love about the cloud, is that you can deploy servers in minutes. What previously took weeks of time, purchase orders, etc. is now a few clicks of the mouse. One of my action items is to set up my 2020-08-02
Google Cloud Run - Debugging an ASP.NET Core Time Zone Issue Introduction I am writing ASP.NET Core code for an automated cloud directory synchronization process that will run on Google Cloud Run and Kubernetes. This code requires the current date and time in the local time zone. Simple problem, or 2020-09-20
Google Professional Cloud Security Engineer Recertification This article is a journal of my path to take the Google Professional Cloud Security Engineer Recertification. I plan to track my progress, resources and post exam tips. Date created: March 2, 2021 Last updated: March 7, 2021 Exam C 2021-03-02
Terraform - Experiments with Google Cloud DNS and IAM Introduction I am currently preparing to recertify for the Google Professional Cloud Security Engineer Certification. I previously scheduled the HashiCorp Certified: Terraform Associate on March 29, 2021 at 3 PM. Maybe I will take both exa 2021-03-07
WireGuard Introduction Introduction This article is the first in a series of using WireGuard in the cloud. This article starts by explaining what WireGuard is. Additional articles will demonstrate how to configure WireGuard for both Windows and Ubuntu for the 2021-03-10