| Component | Version | Resource Type | Link |
|---|---|---|---|
| Crossplane Core | v1.20.1 | Documentation | https://docs.crossplane.io/v1.20/concepts/ |
| GitHub | https://github.com/crossplane/crossplane/tree/v1.20.1 | ||
| Azure AD Provider | v1.8.0 | Marketplace | https://marketplace.upbound.io/providers/upbound/provider-azuread/v1.8.0 |
| GitHub | https://github.com/crossplane-contrib/provider-upjet-azuread/tree/v1.8.0 | ||
| Vault Provider | v2.2.1 | Marketplace | https://marketplace.upbound.io/providers/upbound/provider-vault/v2.2.1 |
| GitHub | https://github.com/upbound/provider-vault/tree/v2.2.1 |
Khan rezamt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### Keybase proof | |
| I hereby claim: | |
| * I am rezamt on github. | |
| * I am rezamt (https://keybase.io/rezamt) on keybase. | |
| * I have a public key ASA-tTT0vWv_QuMV4haSpL66UZu1mbJOnapM3nZIAjm7Gwo | |
| To claim this, I am signing this object: |
rezamt
/ 01-Vault-crossplane.yaml
Created
October 6, 2025 02:14
Vault Crossplane Provider Configuration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Attention: Vault version > 2 requires corssplane v2 | |
| --- | |
| apiVersion: pkg.crossplane.io/v1 | |
| kind: Provider | |
| metadata: | |
| name: upbound-provider-vault | |
| namespace: crossplane-system | |
| spec: | |
| package: xpkg.upbound.io/upbound/provider-vault:v2 |
keytool -genkeypair \
-alias temp \
-keystore empty.jks \
rezamt
/ 00_crossplane-provider-config-kubernetes.yaml
Last active
September 2, 2025 04:19
Corssplane Upbound
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Check ./provider-in-cluster.yaml to see how to grant permissions to the Provider | |
| apiVersion: kubernetes.crossplane.io/v1alpha1 | |
| kind: ProviderConfig | |
| metadata: | |
| name: up-provider-kubernetes-config | |
| spec: | |
| credentials: | |
| source: InjectedIdentity |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| applyTo: "**/{prod*,stg*,dev*}.yaml" | |
| --- | |
| # Command: Check Prmissions | |
| Check the Current File's Entra ID Permissions and compae them with `Reference Permissions Table` below in this file. | |
| # Permissions Report |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $username = "DOMAIN\ServiceAccount" | |
| $password = "YourPassword" | |
| $securePassword = ConvertTo-SecureString $password -AsPlainText -Force | |
| $credential = New-Object System.Management.Automation.PSCredential($username, $securePassword) | |
| # Now use the credential | |
| Start-Process powershell.exe -Credential $credential -ArgumentList "-File C:\path\to\script.ps1" |
rezamt
/ Federated sign-in risk scenarios.md
Last active
June 26, 2025 01:57
Microsoft Entra Workbook
SigninLogs
| where RiskLevelDuringSignIn in ("high", "medium") and ResultType == 50074
| where RiskState !in ("dismissed", "remediated")
| where AuthenticationRequirementPolicies has "riskBasedPolicy"
| where Status has "Redirected to external provider for MFA"
| distinct UserPrincipalName=tolower(UserPrincipalName)
NewerOlder