Much have changed, site is still hosted in Azure but now on a Static Web App.
New website!
So the new website is hosted in Azure on a Static Web App now instead of using a storage account this makes moer sense and reducing costs as I needed to have a Azure Front Door before to the storage account since the old CDN was deprecated a while back, it also greatly improves the workflow of updating since I just push the changes needed to my GitHub repo and the workflow generates and publishes the changes.
The backend has also been changed from Jekyll to Hugo as well mostly for ease of use from my end, for me it feels easier and thats something that was needed for me since I had some issues running Jekyll.
Quick update.
So since the last blogpost couple of things have changed, quit as a consultant at Maxitech AB in June 2024 and started my own business so running solo now as a freelancer/consultant, Cloud Identity AB is the company now and its been quite a ride from the start.
Current assignment is at Tekniska Verken in Linköping, Sweden.
Primarly working with Entra ID and everything around that, enchancing security, automating tasks both and designing and implementing zero-trust architechture in Entra ID.
Some of the latest PowerShell creations:
- An internal PowerShell module that makes the daily tasks faster and more automated.
- Licensing automation based on usage of applications and storage in OneDrive/Exchange Online it also sends a mail with suggestions on who can be moved down a license tier based on activity and usage also prevents users from being downgraded if the usage is above a certain limit.
- Small automation that checks Entra ID / Azure admin accounts if they have Source of Authority set to cloud.
- An lifecycle management automation for admin accounts, where the script checks the status and information on the users normal account and applies the same status and information on the Entra ID cloud only account.
- An seperate cleanup automation has been added that will lookup what permissions the admin account has on it, if it comes from a group, PIM or is directly assigned in both Entra ID and in Azure, it then takes the permissions, write them to a multi valued attribute on the account with information on what permissions have been removed, it also adds a date in another attribute and if the account has been disabled for 30 days it will become deleted.
- An automation that takes every admin account assigned a high privileged role either eligible or permanent and puts them in a specific group.
The plan is to try and write one new blog post each month with things I am intrested in currently in regarding atleast Entra ID and PowerShell, might come some Active Directory, Azure, Group Policies and even some DevOps stuff moving forward.