Knowledge Base & Links
Motto Prediction is very difficult, especially about the future. Niels Bohr Links/resources that changed my life: Verifiable Credentials TypeScript - https://github.com/openwallet-foundation/credo-ts .Net Wallet - https://github.com/openwallet-foundation-labs/wallet-framework-dotnet React native wallet - https://github.com/openwallet-foundation/bifold-wallet ๐ฃ VC for Europeans eIDAS test site Decentralized Identifiers (DIDs) as an Identifier Metasystem https://github.com/decentralized-identity/didcomm-messaging https://demo.didcomm.org/ ๐ผ https://github.com/e-id-admin/eidch-android-wallet Enterprise Cloud Architecture Materials https://github.com/Azure/Enterprise-Scale https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/ with nice visio drawing Landing Zones https://github.com/Azure/ALZ-Bicep/wiki/Accelerator Software Architecture Architecture Styles Worksheet: https://www.developertoarchitect.com/downloads/architecture-styles-worksheet.pdf evolutionary-architecture by example Github and Video Radar https://www.stigg.io/ https://supademo.com https://backstage.io (https://github.com/shano/awesome-backstage) AI in 2024 https://bolt.new (React UI by AI) https://aider.chat/ testing: https://app.co.dev/ testing: https://v0.dev/ 2024 ๐ https://learn.microsoft.com/en-us/entra/architecture/external-identity-deployment-architectures ๐ https://learn.microsoft.com/en-us/entra/global-secure-access/how-to-configure-kerberos-sso https://jacquiread.com/posts/software-design/ ๐ AWS Cognito Sample https://medium.com/@samudurand/protecting-lambda-urls-with-cognito-iam-lambda-edge-and-cdk-4ac79f9e779c ๐ FGA solution https://docs.permit.io/modeling/mesa-verde/ & DEMO https://github.com/permitio/mesa-verde-banking-demo Functional Programming on .NET - The Best of Both Worlds - Isaac Abraham - NDC Oslo 2024: https://www.youtube.com/watch?v=V9GYPOsPj4M Letโs build the worst Event Sourcing system! - Oskar Dudycz - NDC London 2024: https://www.youtube.com/watch?v=20zvAJAhqS0 ๐จ ๐ Secure your website with the right security headers Mozilla and SecurityHeaders VC for Europeans eIDAS test site Decentralized Identifiers (DIDs) as an Identifier Metasystem ๐ Demystifying cookies and tokens Awesome Self-Sovereign Identity ๐จ (Almost) Every infrastructure decision I endorse or regret after 4 years running infrastructure at a startup ENTRA ID - from John Savill Workload Identity Protection Governance Managed ID App Registrations, Enterprise Apps and Service Principals PIM 2023 Email vs Capitalism, or, Why We Canโt Have Nice Things - Dylan Beattie - NDC Oslo 2023 GitHub - ACA-Landing-Zone-Accelerator Prepare your Azure Cloud Environment with the Cloud Adoption Framework ๐The Software Architect Elevator 2022 ๐Designing Data-Intensive Applications ๐จ PL Async Internals in .NET Advanced API and Integration Problems & Patterns - Udi Dahan - NDC Oslo 2022 2021 Foxes ๐ ๐ฅ Designing Data-Intensive Applications ๐Database Internals Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 1 Serverless Chats: Streaming Data at Scale Using Serverless with Anahit Pogosova Part 2 2020 ๐ฅLearn Advanced Distributed Systems Design IAM OCTA: OAuth 2.0 and OpenID Connect (in plain English) https://www.nango.dev/blog/why-is-oauth-still-hard https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc https://auth0.com/docs/authorization awesome-iam OAuth โ the good Parts - Dominick Baier - NDC Oslo 2021 https://www.youtube.com/watch?v=y2Psj8ACZyw Open Source https://github.com/discord/access https://github.com/jhaals/yopass https://github.com/JanssenProject/jans Entra ID Journey to Azure AD PRT- Primary Refresh Token Newsletter: https://entra.news https://github.com/merill/awesome-entra big picture diagram https://github.com/msandbu/azuread Entra ID as a code: https://www.terraprovider.com/ https://identity-man.eu/2020/11/23/an-introduction-to-azure-ad-identity-governance/ Workload Identity https://device-insight.com/en/developers-blog/use-azure-ad-workload-identity-for-pod-assigned-managed-identity-in-aks/ https://johnlokerse.dev/2024/05/05/setup-azure-devops-workload-identity-federation-using-azure-bicep/ Security & Monitoring https://github.com/Cloud-Architekt/AzureAD-Attack-Defense https://github.com/reprise99/Sentinel-Queries Development & Samples Asp.Net Web App - Confidential Client: https://github.com/Azure-Samples/active-directory-aspnetcore-webapp-openidconnect-v2 https://github.com/Azure-Samples/active-directory-dotnetcore-daemon-v2 JavaScript Public Client: https://github.com/Azure-Samples/ms-identity-docs-code-javascript For External ID sample: https://github.com/Azure-Samples/ms-identity-ciam-javascript-tutorial IAM & CIAM Solutions CIAM https://auth0.com/ https://stytch.com/ Tools Kleopatra - manage Yubikey certificates etc https://apps.kde.org/kleopatra/ faking data and getting notification someone is accessing (credit card, AWS cred) https://canarytokens.org/generate Testing https://oidcdebugger.com/debug https://chrome.google.com/webstore/detail/saml-devtools-extension/jndllhgbinhiiddokbeoeepbppdnhhio MSAL | OpenID Connect | Azure ==> Authentication & Authorization Summary about MS samples & platforms https://learn.microsoft.com/en-us/entra/identity-platform/sample-v2-code MS Samples MSAL - Retry policies MSAL Logger Oauth - Native Flow Authorization Code Flow Diagram OpenID Connect Diagram - get token via confidential client Postman Oauth Entra ID Collection Default Azure Credentials Authentication with multiple identity providers CIAM Microsoft Woodgrove Groceries -> Auzre AD B2C MS Demo Microsoft Woodgrove Groceries -> Entra External ID for Customers MS Demo Azure & Microsoft 365 Microsoft 365 Licensing Map https://azurecharts.com/ Azure Policies https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition and connected repo: https://github.com/andrewmatveychuk/azure.policy and from the previews link: https://blog.tyang.org/2021/12/06/monitoring-azure-policy-compliance-states-2021-edition Security https://medium.com/@omaxel/allow-access-to-azure-app-service-only-from-azure-front-door-bdfa16bc675d https://cloudtips.nl/securing-azure-web-apps-and-function-apps-with-azure-front-door-e4a5e4071290 Landing Zone https://www.youtube.com/watch?v=IyQM_wG_X_Q & https://github.com/Azure/terraform-azurerm-caf-enterprise-scale https://learn.microsoft.com/en-us/azure/cloud-adoption-framework/ready/landing-zone/ https://github.com/Azure/ALZ-Bicep/wiki/Accelerator https://github.com/Azure/terraform-azurerm-lz-vending DevOps https://medium.com/into-alm/configuration-as-code-moving-away-from-library-groups-in-azure-devops-e9ff683d150d https://azure.github.io/Azure-Verified-Modules/ https://github.com/Azure/bicep-registry-modules https://github.com/arindam0310018/10-Oct-2023-DevOps__Workload-Identity-Federation-with-Service-Principal-Using-Terraform Documentation & Internal Development tools https://github.com/backstage/backstage IaC https://spacelift.io/ (Terraform&OpenTofu) = https://registry.terraform.io/modules/Azure-Terraformer/atat/github/latest Entra ID as a Code https://registry.terraform.io/providers/hashicorp/azuread/latest https://terraprovider.com/ ๐ฏ๐ฏ blogs and people ๐ฏ๐ฏ https://damienbod.com/ https://identity-man.eu/ https://www.troyhunt.com/ https://scotthelme.co.uk/ https://event-driven.io/ and the tag Architecture: https://event-driven.io/en/category/architecture/ https://blog.codingmilitia.com/ https://architectelevator.com/ Entra ID https://ourcloudnetwork.com/ https://www.cloud-architekt.net/ https://cloudbrothers.info/ ๐ค๐ค Workstation & Tools & IDEโs ๐ค๐ค Identity SMS online service to test OTP: https://anonymsms.com/ Temporary Email Service (you can define your email address): https://www.minuteinbox.com/ Postman Collection A verification tool to replace CAPTCHAs: https://www.cloudflare.com/products/turnstile/ Debbug JWT tokens (Open ID Connect flows) https://oidcdebugger.com/debug https://jwt.ms Azure AD B2C VS Code + B2C extension + APP insights debugger Software Development temp mail(trashmail) as a service https://github.com/HaschekSolutions/opentrashmail Mock Service (when you need to check the request payload ;) ) https://beeceptor.com/ Security Headers check https://securityheaders.com/ https://backstage.io/ Tunnel/proxy to the local environment ngrok.com - need to pay 10$ for features www.cloudflare.com Tunnel Visual Studio IDE built-in proxy Smarthome (and not only) HomeAssitant: https://www.home-assistant.io/ esphome https://esphome.io/ (ESP8266 | ESP32 | other => easy yaml config and push to HomeAssistant) portainer https://www.portainer.io/ (Conteiner Management for Docker) Home DNS server? try PiHole https://pi-hole.net/ OpenWrt as router OS https://openwrt.org/ smart switches and other devices https://www.shelly.com/ HAVC: Salus Controls & Panasonic AC (with https://github.com/sockless-coding/panasonic_cc integration) Other (tools) https://www.base64decode.org/ https://www.urlencoder.org/ Other Wat ...