From c2afe41269b35d46201761ab74ffa4b15f836ac6 Mon Sep 17 00:00:00 2001
From: Mischa van den Burg <mischavandenburg@gmail.com>
Date: Wed, 3 Apr 2024 20:00:00 +0200
Subject: [PATCH] Automated commit at Wed Apr  3 20:00:00 CEST 2024

---
 content/Azure Verified Modules.md             | 12 ++++++++
 content/Benefits of Azure Verified Modules.md | 29 +++++++++++++++++++
 content/Blueprint.md                          |  8 +++++
 content/CKS.md                                |  3 ++
 ... are simply holders of TLS Certificates.md | 13 +++++++++
 ...Local Testing of Azure Verified Modules.md | 17 +++++++++++
 6 files changed, 82 insertions(+)
 create mode 100644 content/Azure Verified Modules.md
 create mode 100644 content/Benefits of Azure Verified Modules.md
 create mode 100644 content/Blueprint.md
 create mode 100644 content/Kubernetes users are simply holders of TLS Certificates.md
 create mode 100644 content/Local Testing of Azure Verified Modules.md

diff --git a/content/Azure Verified Modules.md b/content/Azure Verified Modules.md
new file mode 100644
index 000000000..1b457599d
--- /dev/null
+++ b/content/Azure Verified Modules.md	
@@ -0,0 +1,12 @@
+
+[[Local Testing of Azure Verified Modules]]
+
+[[Benefits of Azure Verified Modules]]
+
+## Links:
+
+[[An Introduction to Azure Verified Modules (AVM) (youtube.com)]]
+
+
+
+202404020954
\ No newline at end of file
diff --git a/content/Benefits of Azure Verified Modules.md b/content/Benefits of Azure Verified Modules.md
new file mode 100644
index 000000000..6aabc34bc
--- /dev/null
+++ b/content/Benefits of Azure Verified Modules.md	
@@ -0,0 +1,29 @@
+- modules have an owner within microsoft
+- you can raise a support ticket on the modules
+- modules are aligned with a unified IaC strategy that's formed within Microsoft
+- Aligned with Well Architected Framework
+
+- Currently supports Bicep & Terraform, but may support other tooling in the future as well (Crossplane? Pulumi?)]
+	- Advantage: IaC setup is multi-lingual by default
+	- Uses the same paramater interfaces (see following point)
+
+- Some Azure resources have different implementations of configuration. Such as Customer Managed Keys. The Azure Verified Modules create an interface over this that is the same across all modules, so you can use the same parameters and don't have to worry about the different implementations on the ARM side
+	- [Interfaces | Azure Verified Modules](https://azure.github.io/Azure-Verified-Modules/specs/shared/interfaces/)
+
+
+Our opinionated way within the company should be to align with the WAF. AVM does this out of the box. **Azure Verified Modules = Well Architected Framework in Code. **
+
+# Security
+
+For the security pillar, the AVM use the Microsoft Cloud Security Benchmark (MCSB) and Microsoft Defender for Cloud (MDFC) to align input parameter/variables.
+
+
+
+![[Pasted image 20240402111716.png]]
+
+
+## Links:
+
+
+
+202404031930
\ No newline at end of file
diff --git a/content/Blueprint.md b/content/Blueprint.md
new file mode 100644
index 000000000..c956c8d3c
--- /dev/null
+++ b/content/Blueprint.md
@@ -0,0 +1,8 @@
+
+The health protocol conceived of by Bryan Johnson.
+
+## Links:
+
+
+
+202404021413
\ No newline at end of file
diff --git a/content/CKS.md b/content/CKS.md
index e42f5c9e4..51bef784d 100644
--- a/content/CKS.md
+++ b/content/CKS.md
@@ -24,6 +24,9 @@
 
 [[Generating TLS certificate for testing on Kubernetes]]
 
+## Certificates
+
+[[Kubernetes users are simply holders of TLS Certificates]]
 
 
 ## Other
diff --git a/content/Kubernetes users are simply holders of TLS Certificates.md b/content/Kubernetes users are simply holders of TLS Certificates.md
new file mode 100644
index 000000000..cd816c565
--- /dev/null
+++ b/content/Kubernetes users are simply holders of TLS Certificates.md	
@@ -0,0 +1,13 @@
+Users don't exist in the cluster as a resource. Certificates are generated and a single user will use those certificates to authenticate with the API server.
+
+he cloud provider will handle issuing these certificates when the credentials / kubeconfig is retrieved.
+
+The client certificate will be signed by the cluster CA, and the CN is the username.
+
+![[Pasted image 20240401105713.png]]
+
+## Links:
+
+
+
+202404011056
\ No newline at end of file
diff --git a/content/Local Testing of Azure Verified Modules.md b/content/Local Testing of Azure Verified Modules.md
new file mode 100644
index 000000000..227aee202
--- /dev/null
+++ b/content/Local Testing of Azure Verified Modules.md	
@@ -0,0 +1,17 @@
+
+`az deployment sub what-if -f main.test.bicep -l northeurope -p resourceGroupName=mischa-aci-test`
+
+## Generating the Docs
+
+When updating code, the README must be auto generated. This is done with a powershell script.
+
+First you need to dot source it, then run it:
+
+`. Set-AVMModule.ps1`
+`Set-AVMModule -ModuleFolderPath ./avm/res/container-instance/container-group/`
+
+## Links:
+
+
+
+202404031425
\ No newline at end of file