Distinguished Architect
Andrew Block
Andrew Block's contributions
Article
How the External Secrets Operator manages Quay credentials
Learn how to automate the management of short-lived credentials to access resources within Quay using the External Secrets Operator (part 3 of 3).
Article
Access Quay on OpenShift with short-lived credentials
Discover methods for leveraging short-lived credentials to access Quay resources securely within Red Hat OpenShift (part 2 of 3).
Article
How short-lived credentials in Quay improve security
Learn how to increase security by enabling short-lived credentials within Quay (part 1 of 3).
Article
How to manage Python dependencies in Ansible execution environments
Learn how to effectively manage Python content for producing Ansible execution environments.
Article
Strategies for eliminating Ansible hardcoded credentials
Discover strategies to produce an enhanced security posture for Ansible execution environments.
Learning path
Securing the Software Supply Chain with Jenkins, TAS, and TPA: A Red Hat Approach
In this learning exercise, you will learn how to secure your Jenkins pipeline
Article
Managing Sensitive Assets Within Image Mode for Red Hat Enterprise Linux
Aside from naming and versioning, managing sensitive assets, like credentials, is one of the more challenging aspects in technology. So, why is it so difficult? Well, to start off. What may be considered a sensitive asset to one individual or organization may not be the same as another. Also, given that there are so many different ways that sensitive assets can be managed, there is no universally accepted method available.
The challenges that encompass how sensitive assets are handled also apply to image mode, a new method that enables building and deploying Operating Systems using similar tools and approaches as any other traditional container. In this article, we will discuss the types of sensitive assets that apply to image mode for RHEL specifically and how to design appropriate workflows to incorporate secure practices within all phases, from build and deployment to runtime.
Learning path
Implement a cross-cloud identity framework with SPIFFE/Spire on OpenShift
Address cross-cloud identity challenges with SPIFFE/SPIRE on Red Hat OpenShift
How the External Secrets Operator manages Quay credentials
Learn how to automate the management of short-lived credentials to access resources within Quay using the External Secrets Operator (part 3 of 3).
Access Quay on OpenShift with short-lived credentials
Discover methods for leveraging short-lived credentials to access Quay resources securely within Red Hat OpenShift (part 2 of 3).
How short-lived credentials in Quay improve security
Learn how to increase security by enabling short-lived credentials within Quay (part 1 of 3).
How to manage Python dependencies in Ansible execution environments
Learn how to effectively manage Python content for producing Ansible execution environments.
Strategies for eliminating Ansible hardcoded credentials
Discover strategies to produce an enhanced security posture for Ansible execution environments.
Securing the Software Supply Chain with Jenkins, TAS, and TPA: A Red Hat Approach
In this learning exercise, you will learn how to secure your Jenkins pipeline
Managing Sensitive Assets Within Image Mode for Red Hat Enterprise Linux
Aside from naming and versioning, managing sensitive assets, like credentials, is one of the more challenging aspects in technology. So, why is it so difficult? Well, to start off. What may be considered a sensitive asset to one individual or organization may not be the same as another. Also, given that there are so many different ways that sensitive assets can be managed, there is no universally accepted method available.
The challenges that encompass how sensitive assets are handled also apply to image mode, a new method that enables building and deploying Operating Systems using similar tools and approaches as any other traditional container. In this article, we will discuss the types of sensitive assets that apply to image mode for RHEL specifically and how to design appropriate workflows to incorporate secure practices within all phases, from build and deployment to runtime.
Implement a cross-cloud identity framework with SPIFFE/Spire on OpenShift
Address cross-cloud identity challenges with SPIFFE/SPIRE on Red Hat OpenShift
