Due to COVID-19, vOpen.Tech had to move so quickly from being a physical event to a virtual one. That meant that collecting registrations and user info as well as registering users had to be done online. Azure AD B2C was the silver bullet that allowed us to overcome and succeed, with almost no code and in less that 15 days! In this session we will see how easy, fast and cheap we can have a production-ready, fully scalable, robust and secure IAM PaaS system with Azure AD B2C.
Using the GitHub self-hosted runner and Azure Virtual Machines to login with a System Assigned Managed Identity
I recently started thinking about the typical setup process for a GitHub Action Workflow which will deploy into Azure. Typically, the process is to use the Azure/login GitHub Action, and then use the azure/cli or another Azure GitHub Action to deploy into GitHub. This is a nice approach. However, from my initial research - I wasn’t able to see a way use the Azure/login GitHub Action to deploy into Azure using a System Assigned Managed Identity. This got me wondering, is this possible?
Principal of least privilege is a commonly used phrase within the Technology Industry. The idea is that we’ll assign permissions of what the user needs to get the job done, rather than anything broader or more privileged. This helps reduce the blast radius in the event of a compromised account. This stretches to Azure resources at the management plane, but in some cases can also stretch to the data plane of those resources. We’ll be exploring these further in this blog post.
Planning to build a cloud application, but not so sure on the latest Identity Patterns? Not sure on your AAD compared with your AAD B2B or AAD B2C? Then check out this episode, where Chris Reddington is joined by Christos Matskas.