[Yandex Cloud documentation](../../index.md) > [Tutorials](../index.md) > Security > All tutorials

# Security guides

* [Access control for user groups with different roles in Yandex Identity Hub](user-group-access-control.md)
* [Creating an L7 load balancer with DDoS protection](alb-with-ddos-protection/index.md)
* [Setting up basic protection in Smart Web Security](sws-basic-protection.md)
* [Creating an L7 load balancer with a Smart Web Security security profile through an Application Load Balancer Ingress controller](alb-ingress-with-sws-profile.md)
* [Migrating services from an NLB to an L7 ALB to enable Yandex Smart Web Security protection](migration-from-nlb-to-alb/index.md)
* [Terminating TLS connections](tls-termination/index.md)
* [Transferring logs from a VM instance to Yandex Cloud Logging](vm-fluent-bit-logging.md)
* [Writing load balancer logs to PostgreSQL](logging.md)
* [Secure storage of GitLab CI passwords as Yandex Lockbox](gitlab-lockbox-integration.md) secrets
* [Using a Yandex Lockbox secret to store a static access key](static-key-in-lockbox/index.md)
* [Using a service account with an OS Login profile for VM management via Ansible](sa-oslogin-ansible.md)
* [Providing secure access to content in Cloud CDN](protected-access-to-content/index.md)
* [Uploading Yandex Audit Trails audit logs to KUMA SIEM](audit-trails-events-to-kuma/index.md)
* [Event search in audit logs](search-events-audit-logs/index.md)
* [Getting Yandex Lockbox secret value on the GitHub side](wlif-github-integration.md)
* [Getting Yandex Lockbox secret value on the GitLab side](wlif-gitlab-integration.md)
* [Getting the Yandex Lockbox secret value on the custom Kubernetes installation side](wlif-k8s-integration.md)
* [Accessing the Yandex Cloud API from a Managed Service for Kubernetes cluster using a workload identity federation in Identity and Access Management](wlif-managed-k8s-integration.md)
* [Transferring logs from Container Optimized Image to Yandex Cloud Logging](coi-fluent-bit-logging.md)
* [Transferring Yandex Managed Service for Kubernetes cluster logs to Yandex Cloud Logging](../container-infrastructure/k8s-fluent-bit-logging.md)
* [Creating an L7 load balancer in Yandex Application Load Balancer with a Yandex Smart Web Security profile](balancer-with-sws-profile/index.md)
* [Creating a distributed infrastructure with secure access](distributed-secured-infrastructure.md)
* [Centralized online publication and protection against DDoS attacks of applications hosted in different Yandex Cloud folders](different-folders-services.md)
* [Configuring dashboards and alerts in Yandex Monitoring](alerts-monitoring.md)
* [Exporting audit logs to MaxPatrol SIEM](maxpatrol/index.md)
* [Uploading audit logs to Splunk SIEM](export-logs-to-splunk.md)
* [Uploading audit logs to ArcSight SIEM](export-logs-to-arcsight.md)
* [Transferring Yandex MPP Analytics for PostgreSQL cluster logs to Yandex Cloud Logging](mgp-to-cloud-logging.md)
* [Obtaining the information you need to have a resource whitelisted by the Russian Ministry of Digital Development](info-for-federal-ip-whitelist.md)
* [Uploading objects into an Yandex Object Storage bucket using an ephemeral access key](ephemeral-key-storage.md)

## Managing identity federations {#federations}

* [Authentication via Active Directory](integration-adfs.md)
* [Google Workspace authentication](integration-gworkspace.md)
* [Authentication via Microsoft Entra ID](integration-azure.md)
* [Keycloak authentication](integration-keycloak.md)

### User group mapping {#matching-user-groups}

* [User group mapping in Microsoft Active Directory Federation Services](adfs.md)
* [User group mapping in Microsoft Entra ID](entra-id.md)
* [User group mapping in Keycloak](keycloak.md)

## Yandex SmartCaptcha use cases {#smartcaptcha}

* [Adding an HTML page to work with Yandex SmartCaptcha](mobile-app/website.md)
* [Yandex SmartCaptcha in Android apps](mobile-app/android/quickstart-android.md)
* [Invisible Yandex SmartCaptcha in Android apps](mobile-app/android/invisible-captcha-android.md)
* [Yandex SmartCaptcha in an Android app on Flutter](mobile-app/android/quickstart-android-flutter.md)
* [Yandex SmartCaptcha in iOS apps](mobile-app/ios/quickstart-ios.md)
* [Syncing Yandex Lockbox and Yandex Managed Service for Kubernetes secrets](../container-infrastructure/kubernetes-lockbox-secrets.md)
* [Encrypting secrets in Yandex Managed Service for Kubernetes](../container-infrastructure/kms-k8s.md)
* [Signing and verifying Yandex Container Registry Docker images in Yandex Managed Service for Kubernetes](../container-infrastructure/sign-cr-with-cosign.md)
* [Managing Yandex Key Management Service keys with Hashicorp Terraform](terraform-key.md)
* [Encrypting secrets in Hashicorp Terraform](terraform-secret.md)
* [Auto Unseal in Hashicorp Vault](vault-secret.md)

## Data encryption {#encrypt}

* [Which encryption method should I choose?](encrypt/index.md)
* [Encrypting data using the Yandex Cloud CLI and API](encrypt/cli-api.md)
* [Encrypting data using the Yandex Cloud SDK](encrypt/sdk.md)
* [Encrypting data using the AWS Encryption SDK](encrypt/aws-encryption-sdk.md)
* [Encrypting data using Google Tink](encrypt/google-tink.md)
* [Getting Yandex Lockbox secret value on the GitHub side](wlif-github-integration.md)
* [Server-side encryption for an Object Storage bucket](server-side-encryption.md)

## Integrations of workload identity federations {#wlif-integration}

* [Getting Yandex Lockbox secret value on the GitHub side](wlif-github-integration.md)
* [Getting Yandex Lockbox secret value on the GitLab side](wlif-gitlab-integration.md)
* [Getting the Yandex Lockbox secret value on the custom Kubernetes installation side](wlif-k8s-integration.md)
* [Accessing the Yandex Cloud API from a Managed Service for Kubernetes cluster using a workload identity federation in Identity and Access Management](wlif-managed-k8s-integration.md)

## Setting up SSO for applications {#sso}

* [1C:Enterprise](single-sign-on/oidc-1c-enterprise.md)
* Cloud.ru
    * [Creating a SAML app in Yandex Identity Hub for integration with Cloud.ru](single-sign-on/cloud-ru/saml-cloud-ru.md)
    * [Creating an OIDC application in Yandex Identity Hub for integration with Cloud.ru](single-sign-on/cloud-ru/oidc-cloud-ru.md)
* Grafana Cloud
    * [Creating a SAML application in Yandex Identity Hub for integration with Grafana Cloud](single-sign-on/grafana/saml-grafana.md)
    * [Creating an OIDC application in Yandex Identity Hub for integration with Grafana Cloud](single-sign-on/grafana/oidc-grafana.md)
* [Grafana OSS](single-sign-on/oidc-grafana-oss.md)
* [Harbor](single-sign-on/oidc-harbor.md)
* Jenkins
    * [Creating a SAML app in Yandex Identity Hub for integration with Jenkins](single-sign-on/jenkins/saml-jenkins.md)
    * [Creating an OIDC application in Yandex Identity Hub for integration with Jenkins](single-sign-on/jenkins/oidc-jenkins.md)
* [Managed Service for GitLab](single-sign-on/saml-managed-gitlab.md)
* [Managed Service for OpenSearch](single-sign-on/saml-opensearch.md)
* [MWS](single-sign-on/oidc-mws.md)
* [OpenSearch](single-sign-on/saml-opensearch-self-managed.md)
* OpenVPN
    * [OpenVPN Access Server](single-sign-on/saml-ovpn.md)
    * [OpenVPN Community Edition](single-sign-on/oidc-ovpn.md)
* [Selectel](single-sign-on/saml-selectel.md)
* [Sentry](single-sign-on/saml-sentry.md)
* [SonarQube](single-sign-on/saml-sonarqube.md)
* VK Cloud
    * [Creating a SAML app in Yandex Identity Hub for integration with VK Cloud](single-sign-on/vk-cloud/saml-vk-cloud.md)
* [Zabbix](single-sign-on/saml-zabbix.md)
* [Passwork](single-sign-on/saml-passwork.md)
* [Yandex 360](single-sign-on/saml-yandex-360.md)
* [Yandex Browser for organizations](single-sign-on/saml-ya-browser-corporate.md)
* [Configuring single sign-on for applications that do not support SSO](single-sign-on/oidc-nginx-oauth2-proxy.md)