Skip to content
View webstean's full-sized avatar
πŸ’­
I may be slow to respond.
πŸ’­
I may be slow to respond.

Block or report webstean

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
webstean/README.md

Hi there πŸ‘‹

Hey there! I'm Andrew πŸ‘‹

πŸ“« How to reach me:

I am a cloud domain architect, mentor, and cloud advocate with over 20 years professional experience. I specialise in designing and building enterprise applications and solutions, principally in the Azure Cloud. I love a challenge and I'm skilled at progressing from a simple proposal into a well-defined and deliverable solution.

I live and work in Melbourne, Australia, but over my careeer I have lived and work in Singapore, Japan and USA (North Carolina).

Terraform has been my new favourite bit of tech in the last few years - solves so many problems of those "infra" issues in a simple elegant way.

Looking forward to full Terraform support in AZD, that will then allow to combine infrastructure provisioning and application deployment in the same GitHub Action / ADO Pipeline, with something like

## Provision Infrastructure
azd provision
## Deploy Application
azd deploy
### or do both, with
azd up

GitHub Stats

webstean's GitHub Stats Andrew Webster GitHub Top Languages

Some links to icons, pretty pictures, and important links πŸ’¬

Azure Links

Developer Portal : https://devportal.microsoft.com
DevBox Portal : https://devbox.microsoft.com/
Azure Portal : https://portal.azure.com
Preview Azure Portal : http://preview.portal.azure.com/
RC Azure Portal : http://rc.portal.azure.com/
APIM CheatSheet : https://github.com/Azure/api-management-policy-snippets/blob/master/policy-expressions%2FREADME.md/

Microsoft / Azure Icons

Azure : https://learn.microsoft.com/en-us/azure/architecture/icons/
Power Platform : https://learn.microsoft.com/en-us/power-platform/guidance/icons
Dynamics 365 : https://learn.microsoft.com/en-us/dynamics365/get-started/icons
Microsoft 365 : https://learn.microsoft.com/en-us/microsoft-365/solutions/architecture-icons-templates?view=o365-worldwide

Terraform

Terraform Awseome : https://github.com/shuaibiyy/awesome-tf/blob/master/README.md
Provider: Azure : https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs
Provider: Entra : https://registry.terraform.io/providers/hashicorp/azuread/latest/docs
Provider: AZAPI : https://registry.terraform.io/providers/hashicorp/azuread/latest/docs
Provider: PPlatform : https://registry.terraform.io/providers/microsoft/power-platform/latest/docs

Highly Recommended - OIDC Federation (Open ID Connect) for Terraform providers

Please use OIDC Federation (OpenID Connect) for better security, that way you require no secrets or certificatres to expired or get compromised.
Setting up Terraform Azure provider to use OIDC Federation
Setting up Terraform Entra ID provider to use OIDC Federation
Setting up Terraform Power Platform provider to use OIDC Federation

## Example: Add a Federation identity for GitHub to an Azure Application 
resource "azuread_application_federated_identity_credential" "example_federation" {
  for_each = github_repository.example

  display_name   = "fedcred-example-github"
  application_id = azuread_application.yourapp.id
  audiences      = ["api://AzureADTokenExchange"]
  issuer         = "https://token.actions.githubusercontent.com"
  description    = "Federated identity for ...."
  ## permission for just the main branch
  subject        = "repo:${each.value.full_name}:ref:refs/heads/main"
  ## permission for the GitHub environmnet
  subject        = "repo:${each.value.full_name}:environment:${var.environment_name}"
}

## Example: Add a Federation identity for GitHub to an Azure User Managed Identity (UMI)
## This works, even if you don't have the ability to created applications within Entra ID 
resource "azurerm_federated_identity_credential" "example_federation" {
  for_each = github_repository.example

  name                = "fedcred-example-github"
  resource_group_name = azurerm_resource_group.example.name
  audience            = ["api://AzureADTokenExchange"]
  parent_id           = azurerm_user_assigned_identity.example.id
  issuer              = "https://token.actions.githubusercontent.com"
  ## permission for just the main branch
  subject             = "repo:${each.value.full_name}:ref:refs/heads/main"
  ## permission for the GitHub environmnet
  subject             = "repo:${each.value.full_name}:environment:${var.environment_name}"
}

Popular repositories Loading

  1. stuff stuff Public

    General Stuff

    Shell 2 1

  2. simple-sip-proxy simple-sip-proxy Public

    Simple and stateless SIP proxy based on Kamailio

    Shell 1 4

  3. setup setup Public

    Various Linux Development/Admin setup scripts

    Shell 1 2

  4. baresip baresip Public

    Forked from baresip/baresip

    Baresip is a modular SIP User-Agent with audio and video support

    C

  5. re re Public

    Forked from baresip/re

    Generic library for real-time communications with async IO support

    C

  6. kamailio kamailio Public

    Forked from kamailio/kamailio

    Kamailio - The Open Source SIP Server for large VoIP and real-time communication platforms -

    C