Taswar Bhatti
The synonyms of software simplicity
Redis

In this blog post I wanted to cover how to use Redis with AspNetCore WebAPI. Most of my examples have been covering using console application since I wanted to explain the core concepts of Redis and the functionality. Now lets see how you can use it in a Web Application.

Create the webapi

To start we will create webapi using command line dotnet new

Now that we have our skeleton created, we need to add some of the dependency for Redis. I have used dotnet command line again to add the dependencies. I am also using Message Pack for my serialization, there are other options also like Newtonsoft etc.

If you want to learn more about Message Pack https://msgpack.org/index.html

Running Redis in Docker

I am using Docker to run my Redis server, the command to execute to run my redis server as below

If you want to know more about docker and redis read my previous blog post http://taswar.zeytinsoft.com/redis-running-in-docker/

Now we will need our aspnetcore information on how to connect to redis, the best option is to use your appsettings.json file to have the information. For production you will probably like to store it in some external configuration management like Hashicorp Vault or Azure Vault.
Open up your appsettings.json file and add the Redis configuration information. One can add multiple Hosts in the array, for us we only have 1 server running on localhost.

Redis AspNetCore WebApi

Now we need to configure our webapi to start using redis, we will modify our Startup.cs file and use the build in IoC (Dependency Injection) container that it provides to hook things up in our ConfigureServices method.

Create a Controller

Lets add a new controller and call it RedisController, we will use the controller to call redis to store some values and to get some values out of redis. The sample below shows a HttpGet, HttpPost and a HttpDelete method decorated attribute. As you may also notice that the IRedisCacheClient was injected into the constructor by the IoC Container when we configured our services in Startup.cs

Testing the methods

I used curl to test out the method, first I used the POST method to create the data I wanted. I am using the -k prefix since I wanted to ignore the cert and I just posted some random json data into the method, even though in the method I don’t use it as above, but just to give an example of how you would pass in data.

Now I can call the get call to get the data, one can use curl or just use chrome to call the get call. The result are show below.

Calling StackExchange.Redis Api

What if we want to call Redis StackExchange calls directly? We can do so like below I am using the SetAdd method and SetMembers to get values out of Redis Sets

Summary

I hope this explain how to use redis with your aspnetcore application, you can get the source code for this project on github. https://github.com/taswar/RedisForNetDevelopers/tree/master/14.RedisAspDotNetCore. Also feel free to comment on it and ask questions, if there is something missing feel free to reach out.

aws-iam

This would be the last post on how to add AWS IAM users sign-in link for signin to console. If you wish to read the other post please check them out below.

How to add AWS IAM users sign-in link for signin to console

In your Dashboard click and on Customize
AWS-IAM-Customize-Sign-In-Link

AWS IAM Customize Sign In Link

Enter the name you want to use for your sign-in and create the alias you wish to have
AWS-IAM-Account-Alias

Account Alias

Now your users can visit the url you have create and sign in, I will use the user I create before, NOTE: now the Alias is already filled in.
AWS-IAM-Login

AWS-IAM-Login

Once logged in using the csv file we saved earlier we will need to change the password
AWS-IAM-Change-Password

AWS IAM Change Password

When we have satisfied our Password Policy we will then be redirected to the console
AWS-IAM-Logged-In-Console

AWS Console Logged In

Summary

This concludes our AWS IAM part of securing your AWS account there is a lot more that one can add to it. Probably in the future I will add more into it. If you like these AWS post let me know, I intend to add more of them.

aws-iam

This would be the second last section to cover the AWS IAM. We will cover Apply an IAM password policy in AWS. If you wish to read the previous section the links are provided below.

Apply an IAM password policy

We can now click on the dashboard for Apply an IAM password policy
AWS-IAM-Apply-IAM-Password-Policy

Apply IAM Password Policy

Click on the Set Password Policy
AWS-IAM-Set-Password-Policy

AWS IAM Set Password Policy

Now inside the section you can pick the options you wish to add, I have added a sample below.
AWS-IAM-Set-Password-Policy-Display

Set Password Policy Display

AWS-Set-Password-Policy-Sample

Password Policy Sample

By completing this part now we have full green check marks in our IAM Resources in AWS
AWS-IAM-Resources

AWS-IAM-Resources

Summary

We have now completed our AWS IAM Resources and have completed and got full green check marks for them. Congratulations. I wanted to cover one more thing, check my next blog post and you will find out.

aws-iam

In this post we will cover using groups to assign permissions to users in AWS. This is the third part on IAM on AWS to protect your account. You can view previous part below.

Use groups to assign permissions in AWS

Lets now expand the section of Groups in our IAM Dashboard and click on Manage Group
AWS-IAM-Use-Groups-To-Assign-Permissions

Use Groups To Assign Permissions

We can then click on Create New Group
AWS-IAM-Create-New-Group

Create New Group

I will create a group named “admin”
AWS-IAM-Set-Group-Name

Set Group Name

I will now attach the AdministratorAcccess Policy to the group I just created
AWS-IAM-Attach-Group-Policy

Attach Group Policy

You can now review the group and the attach policy and continue
AWS-IAM-Group-Review

IAM Group Review

We can now clean up some items and add the group to the user we previous created so that the user is in the admin group rather than having direct permission to AdminstratorAccess. Click on the newly create admin user
AWS-IAM-New-Group-Created-Select

New Group Created Select

We can now click on Add Users to Group to add the previously created user
AWS-IAM-Add-Users-To-Group

Add Users To Group

Select the user/users you wish to add to the group.
AWS-IAM-Select-User-to-Group

Select User to Group

Afterwards we will find that the user in now added to the group
AWS-IAM-User-Added-To-Group

User Added To Group

We can now remove the user policy that the user has since the user is already in Admin Group we can revoke the policy of AdministratorAccess, there is no need to have 2 things that mean the same. Click on User and select the policy and click on the right to delete it.
AWS-IAM-Remove-User-From-Policy

Remove User From Policy

A prompt will show to confirm the detach of policy from the user, click on Detach and the policy will be removed.
AWS-IAM-Detach-Policy

Detach Policy

Summary

We have covered the forth step in our IAM in AWS on groups to assign permissions to users in AWS. Next we will cover how to Apply an IAM password policy.

aws-iam

I hope you have read the first part covered on how to protect your root account with MFA. In this post we will continue on and protect our AWS account by creating individual IAM users.

Create individual IAM users

We can now move to creating individual IAM users section
AWS-IAM-Create-individual-IAM-users

Create individual IAM users

Now we can expand the section and click on Manage Users
AWS-IAM-Create-individual-IAM-manage-users

Create individual IAM Manage users

Once inside the section click on Add User
AWS-IAM-AddUser

AWS IAM Add User

Type the user name, set access type and auto generate password. Remember to require password reset to be more secure.
AWS-IAM-Set-User-Details

AWS-IAM-Set-User-Details

AWS-IAM-Require_Password_Reset

Require Password Reset

Set the permissions to the user, I have clicked on attach existing policies directly and have selected Admin access for my user.
IAM-User-Set-Permissions

User Set Permissions

You can then add tags if you want it is optional. I have added User with Admin as tag like below.
AWS-IAM-Add-User-Tags

Add User Tags

You can then review the user and click on Create User
AWS-IAM-Review_User-Details

Review User Details

Your user will be create, remember to download the csv file or email the user with their temporary creds
AWS-IAM-User-Created

User Created

Summary

Here are the steps to create individual users in AWS using their IAM. Next section we will cover how to creaet groups so assign to the user we just created

aws-iam

In this post I wanted to cover how to Activate U2F Fido Keys for AWS root account.

After logging if you click on IAM you will see the dashboard like below where 4 steps are not yet complete. We will complete those first steps and other post will cover the other steps such that we can have better security in our AWS account.

Activate MFA on your root account

AWS Security Status

We will now expand the second step and activate MFA
AWSActiveMFA

AWS Active MFA

Then you will be prompted for Security Creditials and click on it
AWSActiveMFAContineSecurityCreds

Continue Security Credentials

Choose the MFA Tab and click on Active MFA
AWSActiveMFA-IAMDashboard

AWS Active MFA IAM Dashboard

I will use the U2F Yubikey option to activate my root account
AWSActiveMFA-U2F

Active MFA U2F

This will prompt for allowing the browser to access your key and since I am on windows it will also prompt for a non browser based prompt to allow it, once you plug in your yubikey then you can click the key icon.
YubiKey

YubiKey

Aws-prompt-u2f

Aws prompt u2f brower allow prompt

Aws-prompt-u2f-step2

Aws prompt u2f windows prompt

Now your Admin account that was used for creating the AWS account is using U2F for authentication
AWS-Setup-U2F-Complete

AWS Setup U2F Complete

Summary

I hope this has helped in setting up U2F with your FIDO token to protect the root account, in other post we will cover the other 3 steps.

Azure Cost Budget

I have covered how to do Cost Budget in AWS, I thought I can also do one for Azure of how to have a budget in Azure with Cost Budget.

Step by Step – How to create a Cost Budget in Azure

First login to your azure portal, and click on Cost Management and Billing in the menu.

CostManagementBillingAzure

Cost Management Billing Azure

Then click on the Cost Management.
CostManagement

Cost Management

Once inside the section, click on Budgets
BudgetsAzure

Budgets Azure

Once in Budget, click on Add and fill out the section with a name, the end date and the amount of budget
BudgetDetailsAzure

Budget Details Azure

Then click on next will bring you to your Alert section, fill out the percentage that you want to alert on, I have filled out 90% and also the email to notify on
SetBudgetAlertsAzure

Set Budget Alerts Azure

Click on Create and you will now have a budget for spending on Azure
BudgetAzureSummary

Budget Azure Summary

Summary

I hope this helped, there is also Action Groups that you can use to delete VM or other functionality when a certain limit has been reached, that can be done on the Alert page.

Taswar-Bhatti-Austin-Texas-NodeJS-Meetup-May-2019

I had a work workshop to attend in Austin Texas and though it would be fun to speak at a meetup group on Using Hashicorp Vault for your NodeJS. I tired the Microsoft group first but was not successful due to their schedule and mine. Fortunate for me the Austin NodeJS Meetup was perfect with my schedule, plus it was right in downtown (Near dirty six). I was able to speak on one of my favorite security topic on using Vault for your nodejs application. Again thanks to Matt Walters and Proof Technologies to organizing the meetup and free pizza.
Here is the link to the meetup if you are in Austin definitely check the out, a nice crowd to join. https://www.meetup.com/austinnodejs/events/srwjzqyzhbtb/

There was also a recording or live stream, uploaded to my youtube if you are interested.

Slides of Austin Meetup

For anyone starting new on Amazon they might want to start with a small aws budget on a their free trial to learn amazon. Even if you are a small to large company you will want to have a budget for your cloud services.
Amazon provides an easy way to alert and to create a budget for your cloud.
Lets get started on how to create a budget

Step by Step – How to create a AWS Budget in Amazon Web Services

First login to amazon console and then click on my account and you will see My Billing Dashboard in the drop down like below.

My Billing Dashboard Menu

Once inside the page, on the left hand you will see the menu for the section, click on budget.
aws-my-billing-budget-menu

aws-my-billing-budget-menu

Then click on the Create a Budget blue button.
aws-budgets

create aws budgets

I will create a cost budget so I have selected the cost budget and clicked on Set your budget
aws-cost-budget

aws-cost-budget

Then I have to set a name for the budget below I have set it as aws testing budget, it is set up as monthly and recurring.
aws-set-your-budget

aws-set-your-budget

I have set it as a fixed budget with a 10 dollar limit.
aws-fixed-budget-amount

aws-fixed-budget-amount

Afterwards you can click on Configure Alerts to configure when to alert you when the budget is close to a certain percentage or amount
aws-config-budget-alerts

aws-config-budget-alerts

I have set up the alert to 10% of the amount which is just 1 dollar, so aws will notify me on the email provided below when I am at 1 dollar
aws-budget-alert

aws-budget-alert

It will then confirm your budget on a page and you can see the details in a table
aws-budget-table

aws-budget-table

Summary

I hope this helps you in setting up your budget in aws when you are trying out aws or when you want to set up a budget for your company.

Taswar_Bhatti_VS2019_With_Python

I had a talk on Getting productive with Python on Visual Studio 2019, at the Ottawa .NET User Group (https://www.meetup.com/ottawaitcommunity/events/259081628/). Thanks to all the people who came to the talk, I wish my demo worked properly unfortunately sometimes things just dont work 🙂

Nevertheless here are the slides for the talk.

UA-4524639-2