Knowledge Base & Links
Links/resources that changed my life: Verifiable Credentials TypeScript - https://github.com/openwallet-foundation/credo-ts .Net Wallet - https://github.com/openwallet-foundation-labs/wallet-framework-dotnet React native wallet - https://github.com/openwallet-foundation/bifold-wallet Enterprise Cloud Architecture Materials https://github.com/Azure/Enterprise-Scale https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/ with nice visio drawing Landing Zones https://github.com/Azure/ALZ-Bicep/wiki/Accelerator Software Architecture Architecture Styles Worksheet: https://www.developertoarchitect.com/downloads/architecture-styles-worksheet.pdf 2024 https://jacquiread.com/posts/software-design/ AWS Cognito Sample https://medium.com/@samudurand/protecting-lambda-urls-with-cognito-iam-lambda-edge-and-cdk-4ac79f9e779c FGA solution https://docs.permit.io/modeling/mesa-verde/ & DEMO https://github.com/permitio/mesa-verde-banking-demo Functional Programming on .NET - The Best of Both Worlds - Isaac Abraham - NDC Oslo 2024: https://www.youtube.com/watch?v=V9GYPOsPj4M Let’s build the worst Event Sourcing system! - Oskar Dudycz - NDC London 2024: https://www.youtube.com/watch?v=20zvAJAhqS0 Secure your website with the right security headers Mozilla and SecurityHeaders VC for Europeans eIDAS test site Decentralized Identifiers (DIDs) as an Identifier Metasystem Demystifying cookies and tokens Awesome Self-Sovereign Identity (Almost) Every infrastructure decision I endorse or regret after 4 years running infrastructure at a startup ENTRA ID - from John Savill Workload Identity Protection Governance Managed ID App Registrations, Enterprise Apps and Service Principals PIM 2023 Email vs Capitalism, or, Why We Can’t Have Nice Things - Dylan Beattie - NDC Oslo 2023 GitHub - ACA-Landing-Zone-Accelerator Prepare your Azure Cloud Environment with the Cloud Adoption Framework 📖The Software Architect Elevator 2022 📖Designing Data-Intensive Applications PL Async Internals in .NET Advanced API and Integration Problems & Patterns - Udi Dahan - NDC Oslo 2022 2021 Foxes 📖 💥 Designing Data-Intensive Applications 📖Database Internals Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 1 Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 2 2020 💥Learn Advanced Distributed Systems Design IAM OCTA: OAuth 2.0 and OpenID Connect (in plain English) https://www.nango.dev/blog/why-is-oauth-still-hard https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc https://auth0.com/docs/authorization awesome-iam OAuth – the good Parts - Dominick Baier - NDC Oslo 2021 https://www.youtube.com/watch?v=y2Psj8ACZyw Entra ID Newsletter: https://entra.news https://github.com/merill/awesome-entra big picture diagram https://github.com/msandbu/azuread Entra ID as a code: https://www.terraprovider.com/ Workload Identity https://device-insight.com/en/developers-blog/use-azure-ad-workload-identity-for-pod-assigned-managed-identity-in-aks/ https://johnlokerse.dev/2024/05/05/setup-azure-devops-workload-identity-federation-using-azure-bicep/ Security & Monitoring https://github.com/Cloud-Architekt/AzureAD-Attack-Defense https://github.com/reprise99/Sentinel-Queries Development & Samples Asp.Net Web App - Confidential Client: https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2 https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2 JavaScript Public Client: https://github.com/Azure-Samples/ms-identity-docs-code-javascript IAM & CIAM Solutions CIAM https://auth0.com/ https://stytch.com/ Tools Kleopatra - manage Yubikey certificates etc https://apps.kde.org/kleopatra/ faking data and getting notification someone is accessing (credit card, AWS cred) https://canarytokens.org/generate Testing https://oidcdebugger.com/debug https://chrome.google.com/webstore/detail/saml-devtools-extension/jndllhgbinhiiddokbeoeepbppdnhhio MSAL | OpenID Connect | Azure ==> Authentication & Authorization MS Samples MSAL - Retry policies MSAL Logger Oauth - Native Flow Authorization Code Flow Diagram OpenID Connect Diagram - get token via confidential client Postman Oauth Entra ID Collection Default Azure Credentials Authentication with multiple identity providers CIAM Microsoft Woodgrove Groceries -> Auzre AD B2C MS Demo Microsoft Woodgrove Groceries -> Entra External ID for Customers MS Demo Azure & Microsoft 365 Microsoft 365 Licensing Map https://azurecharts.com/ Azure Policies https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition and connected repo: https://github.com/andrewmatveychuk/azure.policy and from the previews link: https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition Security https://medium.com/@omaxel/allow-access-to-azure-app-service-only-from-azure-front-door-bdfa16bc675d https://cloudtips.nl/securing-azure-web-apps-and-function-apps-with-azure-front-door-e4a5e4071290 Landing Zone https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/ https://github.com/Azure/ALZ-Bicep/wiki/Accelerator https://github.com/Azure/terraform-azurerm-lz-vending DevOps https://medium.com/into-alm/configuration-as-code-moving-away-from-library-groups-in-azure-devops-e9ff683d150d https://azure.github.io/Azure-Verified-Modules/ https://github.com/Azure/bicep-registry-modules https://github.com/arindam0310018/10-Oct-2023-DevOps__Workload-Identity-Federation-with-Service-Principal-Using-Terraform Entra ID as a Code https://registry.terraform.io/providers/hashicorp/azuread/latest https://terraprovider.com/ 👯👯 blogs and people 👯👯 https://damienbod.com/ https://identity-man.eu/ https://www.troyhunt.com/ https://scotthelme.co.uk/ https://event-driven.io/ and the tag Architecture: https://event-driven.io/en/category/architecture/ https://blog.codingmilitia.com/ https://architectelevator.com/ Entra ID https://ourcloudnetwork.com/ https://www.cloud-architekt.net/ https://cloudbrothers.info/ 🤔🤔 Workstation & Tools & IDE’s 🤔🤔 Identity SMS online service to test OTP: https://anonymsms.com/ Temporary Email Service (you can define your email address): https://www.minuteinbox.com/ Postman Collection A verification tool to replace CAPTCHAs: https://www.cloudflare.com/products/turnstile/ Debbug JWT tokens (Open ID Connect flows) https://oidcdebugger.com/debug https://jwt.ms Azure AD B2C VS Code + B2C extension + APP insights debugger Software Development Mock Service (when you need to check the request payload ;) ) https://beeceptor.com/ Security Headers check https://securityheaders.com/ Tunnel/proxy to the local environment ngrok.com - need to pay 10$ for features www.cloudflare.com Tunnel Visual Studio IDE built-in proxy Smarthome (and not only) HomeAssitant: https://www.home-assistant.io/ esphome https://esphome.io/ (ESP8266 | ESP32 | other => easy yaml config and push to HomeAssistant) portainer https://www.portainer.io/ (Conteiner Management for Docker) Home DNS server? try PiHole https://pi-hole.net/ OpenWrt as router OS https://openwrt.org/ smart switches and other devices https://www.shelly.com/ HAVC: Salus Controls & Panasonic AC (with https://github.com/sockless-coding/panasonic_cc integration) Other (tools) https://www.base64decode.org/ https://www.urlencoder.org/ Other Wat ...