Yandex Cloud security tutorials
Written by
Updated at October 13, 2025
Authentication and access management
- Access control for user groups with different roles in Yandex Identity Hub
- Using a service account with an OS Login profile for VM management via Ansible
- Managing identity federations
Network security
- Setting up virtual hosting
- Automatically copying objects from one Yandex Object Storage bucket to another
- Loading data from Yandex Direct to a Yandex Managed Service for ClickHouse® data mart using Yandex Cloud Functions, Yandex Object Storage, and Yandex Data Transfer
- Creating a load balancer with DDoS protection
- Secure user access to cloud resources based on WireGuard VPN
- Providing secure access to content in Yandex Cloud CDN
Secure virtual environment configuration
- Hosting a static Gatsby website in Yandex Object Storage
- Storing Apache Airflow™ connections and variables in Yandex Lockbox
- Deploying a fault-tolerant architecture with preemptible VMs
- Migrating services from NLB to L7 ALB for DDoS protection using Yandex Smart Web Security
Data encryption and key management
- Data encryption
- Managing Yandex Key Management Service keys with Hashicorp Terraform
- Encrypting secrets in Hashicorp Terraform
- Auto Unseal in Hashicorp Vault
- Secure password transmission to an initialization script
- Terminating TLS connections
- Secure storage of GitLab CI passwords as Yandex Lockbox secrets
- Using a Yandex Lockbox secret to store a static access key
- Getting Yandex Lockbox secret value on the GitHub side
- Getting the Yandex Lockbox secret value on the GitLab side
Collecting, monitoring, and analyzing audit logs
- Searching for Yandex Cloud events in Yandex Query
- Searching for Yandex Cloud events in Yandex Object Storage
- Searching for Yandex Cloud events in Yandex Cloud Logging
- Alert settings in Yandex Monitoring
- Configuring responses in Yandex Cloud Logging and Yandex Cloud Functions
- Processing Yandex Audit Trails events
- Exporting audit logs to SIEM systems
- Transferring logs from a VM to Yandex Cloud Logging
- Writing load balancer logs to PostgreSQL
- Transferring logs from Container Optimized Image to Yandex Cloud Logging
Application security
- Installing an NGINX ingress controller with a Yandex Certificate Manager certificate
- Building a CI/CD pipeline in GitLab with serverless products
- Creating an interactive serverless application using WebSocket
- Creating an L7 Yandex Application Load Balancer with a Yandex Smart Web Security profile
- Yandex API Gateway protection with Yandex Smart Web Security
- Adding an HTML page to work with Yandex SmartCaptcha
- Yandex SmartCaptcha in Android apps
- Invisible Yandex SmartCaptcha in Android apps
- Yandex SmartCaptcha in an Android app on Flutter
- Yandex SmartCaptcha in iOS apps
Kubernetes security
- Encrypting secrets in Yandex Managed Service for Kubernetes
- Signing and verifying Yandex Container Registry Docker images in Yandex Managed Service for Kubernetes
- Syncing with Yandex Managed Service for Kubernetes secrets
- Getting the Yandex Lockbox secret value on the custom Kubernetes installation side
- Accessing the Yandex Cloud API from a Managed Service for Kubernetes cluster using a workload identity federation in Identity and Access Management
- Creating an L7 load balancer with a Yandex Smart Web Security security profile through an Yandex Application Load Balancer Ingress controller
- Migrating services from an NLB with a Yandex Managed Service for Kubernetes cluster as a target to an L7 ALB
- Transferring Yandex Managed Service for Kubernetes cluster logs to Yandex Cloud Logging