A mapping (no not a Swardley thing) of On Prem, AWS and Azure Security Components

2018/05/28

A useful one pager to compare the various security products of AWS, Azure and the usual on-prem suspects/capabilities.

via Conceptual Mapping of On-premises Infrastructure Security Components to Cloud Security Services by Adrian Grigorof CISSP, CISM, CRISC,CCSK – physical, providers, security function | Peerlyst

Advertisements

Where to start when you’re putting stuff into Azure

2018/05/04

Stumbled upon this page a few weeks back when looking for approaches to how Azure Subscriptions and tenancies can be established and governed well.

via Best practices for enterprises moving to Azure | Microsoft Docs


Azure AD Connector Configuration Dumper

2018/03/06

So today I discovered that if you inspect the Azure AD Connector config via its GUI the config it gives you is actually about 5% of what is actually there. Specifically, the GUI doesn’t display the rules for OU filtering.

To work around this you can use the sync tool to display the OU filtering config. You’ll need to login as your in-prem AD sync user though to do this. If you don’t have those credentials then you can gather the config using the tool below and then turn it into an easier to review HTML output.

Be warned though, a small AD I ran this against produced a 3MB html file of stuff. There is A LOT of items in AADC that average admins wont ever see or hear about.

Microsoft/AADConnectConfigDocumenter: AAD Connect configuration documenter is a tool to generate documentation of an AAD Connect installation.


Terraform and dependancies

2018/03/06

Ive been using Terraform recently to achieve some IaaS capabilities for myself quickly and easily. Its pretty neat and if you haven’t played with it yet I suggest you have a look. The main challenge i’m trying to overcome at the moment is when you want to use Terraform to add resources to an established tenancy. eg adding a VM to an existing vNet thats not managed by Terraform. While trying to get my brain around that I found this article which was very useful and worth sharing. Terraform Environment+Application Design Pattern – apparently.me.uk


Don’t leave your keys in the lock

2018/02/05

MS Azure has announced a nifty tool that spots secret information in Github related to Azure keys.

via Managing Azure Secrets on GitHub Repositories | Blog | Microsoft Azure


[SAVED] – 10 Lessons from 10 Years of AWS

2018/01/23

Architecting and designing at Cloud Scale? Learn from this guy.

AWS have their well architected framework of course however this guy goes further than the AWS pillars and into the whys and wherefores in some detail.

via 10 Lessons from 10 Years of AWS (part 1) – Hacker Noon