Links/resources that changed my life:
Verifiable Credentials
- TypeScript - https://github.com/openwallet-foundation/credo-ts
- .Net Wallet - https://github.com/openwallet-foundation-labs/wallet-framework-dotnet
- React native wallet - https://github.com/openwallet-foundation/bifold-wallet
Enterprise
Cloud Architecture Materials
- https://github.com/Azure/Enterprise-Scale
- https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/ with nice visio drawing
Landing Zones
Software Architecture
- Architecture Styles Worksheet: https://www.developertoarchitect.com/downloads/architecture-styles-worksheet.pdf
2024
- https://jacquiread.com/posts/software-design/
- AWS Cognito Sample https://medium.com/@samudurand/protecting-lambda-urls-with-cognito-iam-lambda-edge-and-cdk-4ac79f9e779c
- FGA solution https://docs.permit.io/modeling/mesa-verde/ & DEMO https://github.com/permitio/mesa-verde-banking-demo
- Functional Programming on .NET - The Best of Both Worlds - Isaac Abraham - NDC Oslo 2024: https://www.youtube.com/watch?v=V9GYPOsPj4M
- Let’s build the worst Event Sourcing system! - Oskar Dudycz - NDC London 2024: https://www.youtube.com/watch?v=20zvAJAhqS0
- Secure your website with the right security headers Mozilla and SecurityHeaders
- VC for Europeans
- eIDAS test site
- Decentralized Identifiers (DIDs) as an Identifier Metasystem
- Demystifying cookies and tokens
- Awesome Self-Sovereign Identity
- (Almost) Every infrastructure decision I endorse or regret after 4 years running infrastructure at a startup
ENTRA ID - from John Savill
- Workload Identity Protection
- Governance
- Managed ID
- App Registrations, Enterprise Apps and Service Principals
- PIM
2023
- Email vs Capitalism, or, Why We Can’t Have Nice Things - Dylan Beattie - NDC Oslo 2023
- GitHub - ACA-Landing-Zone-Accelerator
- Prepare your Azure Cloud Environment with the Cloud Adoption Framework
- πThe Software Architect Elevator
2022
- πDesigning Data-Intensive Applications
- PL Async Internals in .NET
- Advanced API and Integration Problems & Patterns - Udi Dahan - NDC Oslo 2022
2021
- Foxes
- π 💥 Designing Data-Intensive Applications
- πDatabase Internals
- Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 1
- Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 2
2020
IAM
- OCTA: OAuth 2.0 and OpenID Connect (in plain English)
- https://www.nango.dev/blog/why-is-oauth-still-hard
- https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc
- https://auth0.com/docs/authorization
- awesome-iam
- OAuth β the good Parts - Dominick Baier - NDC Oslo 2021 https://www.youtube.com/watch?v=y2Psj8ACZyw
Entra ID
- Newsletter: https://entra.news
- https://github.com/merill/awesome-entra
- big picture diagram https://github.com/msandbu/azuread
- Entra ID as a code: https://www.terraprovider.com/
Workload Identity
- https://device-insight.com/en/developers-blog/use-azure-ad-workload-identity-for-pod-assigned-managed-identity-in-aks/
- https://johnlokerse.dev/2024/05/05/setup-azure-devops-workload-identity-federation-using-azure-bicep/
Security & Monitoring
- https://github.com/Cloud-Architekt/AzureAD-Attack-Defense
- https://github.com/reprise99/Sentinel-Queries
Development & Samples
- Asp.Net Web App - Confidential Client: https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2
- https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2
- JavaScript Public Client: https://github.com/Azure-Samples/ms-identity-docs-code-javascript
IAM & CIAM Solutions
CIAM
Tools
- Kleopatra - manage Yubikey certificates etc https://apps.kde.org/kleopatra/
- faking data and getting notification someone is accessing (credit card, AWS cred) https://canarytokens.org/generate
Testing
- https://oidcdebugger.com/debug
- https://chrome.google.com/webstore/detail/saml-devtools-extension/jndllhgbinhiiddokbeoeepbppdnhhio
MSAL | OpenID Connect | Azure ==> Authentication & Authorization
- MS Samples
- MSAL - Retry policies
- MSAL Logger
- Oauth - Native Flow Authorization Code Flow Diagram
- OpenID Connect Diagram - get token via confidential client
- Postman Oauth Entra ID Collection
- Default Azure Credentials
- Authentication with multiple identity providers
CIAM
- Microsoft Woodgrove Groceries -> Auzre AD B2C MS Demo
- Microsoft Woodgrove Groceries -> Entra External ID for Customers MS Demo
Azure & Microsoft 365
Azure Policies
- https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition and connected repo: https://github.com/andrewmatveychuk/azure.policy
- and from the previews link: https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition
Security
- https://medium.com/@omaxel/allow-access-to-azure-app-service-only-from-azure-front-door-bdfa16bc675d
- https://cloudtips.nl/securing-azure-web-apps-and-function-apps-with-azure-front-door-e4a5e4071290
Landing Zone
- https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/
- https://github.com/Azure/ALZ-Bicep/wiki/Accelerator
- https://github.com/Azure/terraform-azurerm-lz-vending
DevOps
- https://medium.com/into-alm/configuration-as-code-moving-away-from-library-groups-in-azure-devops-e9ff683d150d
- https://azure.github.io/Azure-Verified-Modules/
- https://github.com/Azure/bicep-registry-modules
- https://github.com/arindam0310018/10-Oct-2023-DevOps__Workload-Identity-Federation-with-Service-Principal-Using-Terraform
Entra ID as a Code
π―π― blogs and people π―π―
- https://damienbod.com/
- https://identity-man.eu/
- https://www.troyhunt.com/
- https://scotthelme.co.uk/
- https://event-driven.io/ and the tag Architecture: https://event-driven.io/en/category/architecture/
- https://blog.codingmilitia.com/
- https://architectelevator.com/
Entra ID
π€π€ Workstation & Tools & IDE’s π€π€
Identity
- SMS online service to test OTP: https://anonymsms.com/
- Temporary Email Service (you can define your email address): https://www.minuteinbox.com/
- Postman Collection
- A verification tool to replace CAPTCHAs: https://www.cloudflare.com/products/turnstile/
Debbug JWT tokens (Open ID Connect flows)
Azure AD B2C
- VS Code + B2C extension + APP insights debugger
Software Development
- Mock Service (when you need to check the request payload ;) ) https://beeceptor.com/
- Security Headers check https://securityheaders.com/
Tunnel/proxy to the local environment
- ngrok.com - need to pay 10$ for features
- www.cloudflare.com Tunnel
- Visual Studio IDE built-in proxy
Smarthome (and not only)
- HomeAssitant: https://www.home-assistant.io/
- esphome https://esphome.io/ (ESP8266 | ESP32 | other => easy yaml config and push to HomeAssistant)
- portainer https://www.portainer.io/ (Conteiner Management for Docker)
- Home DNS server? try PiHole https://pi-hole.net/
- OpenWrt as router OS https://openwrt.org/
- smart switches and other devices https://www.shelly.com/
- HAVC: Salus Controls & Panasonic AC (with https://github.com/sockless-coding/panasonic_cc integration)
Other (tools)
Other
Ε»ywot programisty - sorry only for polish programmers 👷