IAM Projects & Notes
Things I'm building, testing, breaking, and learning.
Identity-Centric Security Design for Healthcare
Designing identity, access management and security controls for a small healthcare organization — built around Microsoft Entra ID as the central identity platform.
Conditional Access & Identity Protection
Risk-based Conditional Access and Identity Protection in Microsoft Entra ID — creating policies that force MFA on risky sign-ins and understand the difference between user risk and sign-in risk.
Cloudflare Access Federation with Entra ID
Federation, OIDC authentication and automatic SCIM provisioning between Entra ID and Cloudflare Access — step by step with common pitfalls documented.
AI-Assisted Azure RBAC Analysis
Combine Azure RBAC data with a local AI model (Ollama/llama3) and PowerShell to automatically identify over-privileged access and least privilege violations.
JML Monitor for Microsoft Entra ID
Built a JML monitor (Joiner-Mover-Leaver) for Microsoft Entra ID with Python and Graph API — to track group changes and detect access drift.
Hybrid Identity with Active Directory and Microsoft Entra ID
Build a hybrid identity environment with Windows Server 2022, Active Directory and Entra Connect — step by step from empty VM to synced identity environment.