Find Insecure Code With CodeQL Before You Commit
You have a bunch of code to commit for your Docker image so that you can update your app that runs in Amazon EKS. STOP! First scan your source code with CodeQL before you commit and push! Photo by Muhammad Zaqy Al Fattah on Unsplash The Solution In this tutorial, we’ll go over scanning C#…
Keep readingAWS Secrets Manager or AWS SSM Parameter Store?
“From the Mailbag” gives us at AWS w/ .NET the opportunity to answer questions from our users. Got a question for us? Ask us here. Photo by Joanna Kosinska on Unsplash Question: The company that I work for is heavily invested in AWS Systems Manager Parameter Store. But, I have been reading up on AWS…
Keep reading3 Things: Developing with AWS KMS
There’s a lot that goes into cryptographic key management — creation, rotation, expiry, replacement, revocation, etc. AWS Key Management Service performs all of the aforementioned operations, but also seamlessly integrates with many AWS services, like, S3, SNS, SQS, et. al. Simply put, key management is hard and AWS Key Management Service can greatly simplify your…
Keep readingSecuring .NET App Secrets with AWS Secrets Manager
Similar to AWS Systems Manager Parameter Store, AWS Secrets Manager allows for storing, managing, and reclaiming OAuth tokens, database credentials, API keys, and other secrets. However, there are big differences between the two AWS services. AWS Secrets Manager was created for storing confidential data like passwords and secrets so encryption of the stored data is…
Keep readingEncrypting Data in .NET apps Using AWS Key Management Service
Get all the code on GitHub. Let’s be honest, cryptography can be a dense and intimidating topic for most. When contemplating your cryptography strategy, there are so many questions that need to be answered: symmetric or asymmetric encryption? Which algorithm should you use? What will the key management story be? etc. — etc…. Utilizing a…
Keep reading
AWS with .NET 