Links/resources that changed my life:

Verifiable Credentials

• TypeScript - https://github.com/openwallet-foundation/credo-ts
• .Net Wallet - https://github.com/openwallet-foundation-labs/wallet-framework-dotnet
• React native wallet - https://github.com/openwallet-foundation/bifold-wallet

Enterprise

Cloud Architecture Materials

• https://github.com/Azure/Enterprise-Scale
• https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/ with nice visio drawing

Landing Zones

• https://github.com/Azure/ALZ-Bicep/wiki/Accelerator

Software Architecture

• Architecture Styles Worksheet: https://www.developertoarchitect.com/downloads/architecture-styles-worksheet.pdf

2024

• https://jacquiread.com/posts/software-design/
• AWS Cognito Sample https://medium.com/@samudurand/protecting-lambda-urls-with-cognito-iam-lambda-edge-and-cdk-4ac79f9e779c
• FGA solution https://docs.permit.io/modeling/mesa-verde/ & DEMO https://github.com/permitio/mesa-verde-banking-demo
• Functional Programming on .NET - The Best of Both Worlds - Isaac Abraham - NDC Oslo 2024: https://www.youtube.com/watch?v=V9GYPOsPj4M
• Let’s build the worst Event Sourcing system! - Oskar Dudycz - NDC London 2024: https://www.youtube.com/watch?v=20zvAJAhqS0
• Secure your website with the right security headers Mozilla and SecurityHeaders
• VC for Europeans
• eIDAS test site
• Decentralized Identifiers (DIDs) as an Identifier Metasystem
• Demystifying cookies and tokens
• Awesome Self-Sovereign Identity
• (Almost) Every infrastructure decision I endorse or regret after 4 years running infrastructure at a startup

ENTRA ID - from John Savill

• Workload Identity Protection
• Governance
• Managed ID
• App Registrations, Enterprise Apps and Service Principals
• PIM

2023

• Email vs Capitalism, or, Why We Can’t Have Nice Things - Dylan Beattie - NDC Oslo 2023
• GitHub - ACA-Landing-Zone-Accelerator
• Prepare your Azure Cloud Environment with the Cloud Adoption Framework
• 📖The Software Architect Elevator

2022

• 📖Designing Data-Intensive Applications
• PL Async Internals in .NET
• Advanced API and Integration Problems & Patterns - Udi Dahan - NDC Oslo 2022

2021

• Foxes
• 📖 💥 Designing Data-Intensive Applications
• 📖Database Internals
• Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 1
• Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 2

2020

• 💥Learn Advanced Distributed Systems Design

IAM

• OCTA: OAuth 2.0 and OpenID Connect (in plain English)
• https://www.nango.dev/blog/why-is-oauth-still-hard
• https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc
• https://auth0.com/docs/authorization
• awesome-iam
• OAuth – the good Parts - Dominick Baier - NDC Oslo 2021 https://www.youtube.com/watch?v=y2Psj8ACZyw

Entra ID

• Newsletter: https://entra.news
• https://github.com/merill/awesome-entra
• big picture diagram https://github.com/msandbu/azuread
• Entra ID as a code: https://www.terraprovider.com/

Workload Identity

• https://device-insight.com/en/developers-blog/use-azure-ad-workload-identity-for-pod-assigned-managed-identity-in-aks/
• https://johnlokerse.dev/2024/05/05/setup-azure-devops-workload-identity-federation-using-azure-bicep/

Security & Monitoring

• https://github.com/Cloud-Architekt/AzureAD-Attack-Defense
• https://github.com/reprise99/Sentinel-Queries

Development & Samples

• Asp.Net Web App - Confidential Client: https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2
• https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2
• JavaScript Public Client: https://github.com/Azure-Samples/ms-identity-docs-code-javascript

IAM & CIAM Solutions

CIAM

• https://auth0.com/
• https://stytch.com/

Tools

• Kleopatra - manage Yubikey certificates etc https://apps.kde.org/kleopatra/
• faking data and getting notification someone is accessing (credit card, AWS cred) https://canarytokens.org/generate

Testing

• https://oidcdebugger.com/debug
• https://chrome.google.com/webstore/detail/saml-devtools-extension/jndllhgbinhiiddokbeoeepbppdnhhio

MSAL | OpenID Connect | Azure ==> Authentication & Authorization

• MS Samples
• MSAL - Retry policies
• MSAL Logger
• Oauth - Native Flow Authorization Code Flow Diagram
• OpenID Connect Diagram - get token via confidential client
• Postman Oauth Entra ID Collection
• Default Azure Credentials
• Authentication with multiple identity providers

CIAM

• Microsoft Woodgrove Groceries -> Auzre AD B2C MS Demo
• Microsoft Woodgrove Groceries -> Entra External ID for Customers MS Demo

Azure & Microsoft 365

• Microsoft 365 Licensing Map
• https://azurecharts.com/

Azure Policies

• https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition and connected repo: https://github.com/andrewmatveychuk/azure.policy
• and from the previews link: https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition

Security

• https://medium.com/@omaxel/allow-access-to-azure-app-service-only-from-azure-front-door-bdfa16bc675d
• https://cloudtips.nl/securing-azure-web-apps-and-function-apps-with-azure-front-door-e4a5e4071290

Landing Zone

• https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/
• https://github.com/Azure/ALZ-Bicep/wiki/Accelerator
• https://github.com/Azure/terraform-azurerm-lz-vending

DevOps

• https://medium.com/into-alm/configuration-as-code-moving-away-from-library-groups-in-azure-devops-e9ff683d150d
• https://azure.github.io/Azure-Verified-Modules/
• https://github.com/Azure/bicep-registry-modules
• https://github.com/arindam0310018/10-Oct-2023-DevOps__Workload-Identity-Federation-with-Service-Principal-Using-Terraform

Entra ID as a Code

• https://registry.terraform.io/providers/hashicorp/azuread/latest
• https://terraprovider.com/

👯👯 blogs and people 👯👯

• https://damienbod.com/
• https://identity-man.eu/
• https://www.troyhunt.com/
• https://scotthelme.co.uk/
• https://event-driven.io/ and the tag Architecture: https://event-driven.io/en/category/architecture/
• https://blog.codingmilitia.com/
• https://architectelevator.com/

Entra ID

• https://ourcloudnetwork.com/
• https://www.cloud-architekt.net/
• https://cloudbrothers.info/

🤔🤔 Workstation & Tools & IDE’s 🤔🤔

Identity

• SMS online service to test OTP: https://anonymsms.com/
• Temporary Email Service (you can define your email address): https://www.minuteinbox.com/
• Postman Collection
• A verification tool to replace CAPTCHAs: https://www.cloudflare.com/products/turnstile/

Debbug JWT tokens (Open ID Connect flows)

• https://oidcdebugger.com/debug
• https://jwt.ms

Azure AD B2C

• VS Code + B2C extension + APP insights debugger

Software Development

• Mock Service (when you need to check the request payload ;) ) https://beeceptor.com/
• Security Headers check https://securityheaders.com/

Tunnel/proxy to the local environment

• ngrok.com - need to pay 10$ for features
• www.cloudflare.com Tunnel
• Visual Studio IDE built-in proxy

Smarthome (and not only)

• HomeAssitant: https://www.home-assistant.io/
• esphome https://esphome.io/ (ESP8266 | ESP32 | other => easy yaml config and push to HomeAssistant)
• portainer https://www.portainer.io/ (Conteiner Management for Docker)
• Home DNS server? try PiHole https://pi-hole.net/
• OpenWrt as router OS https://openwrt.org/
• smart switches and other devices https://www.shelly.com/
• HAVC: Salus Controls & Panasonic AC (with https://github.com/sockless-coding/panasonic_cc integration)

Other (tools)

• https://www.base64decode.org/
• https://www.urlencoder.org/

Other

• Wat

• Mountain Biking

• Żywot programisty - sorry only for polish programmers 👷‍♂️