Hier zwei eher grössere MindMaps als Buch Zusammenfassungen zum Buch “Was wir sind und was wir sein könnten” von Gerald Hüther

Was wir sind

Was wir sein könnten

Kürzlich habe ich mir den Vortrag “Übers Wasser gehen für Anfänger” von Johannes Hartl angehört. Der Vortrag behandelt das Thema: ‘Wie gehst du mit tiefer Trauer und tiefem Leid um?’
Gegen Ende des Vortrags zeigt er, welche möglichen Früchte auf dem Boden herausfordernder Situationen entstehen können – sogenannte ‘Früchte des Herzens’. Diese habe ich in folgender Mindmap veranschaulicht:

Anhand des sehr unterhaltsamen Buches Klo-Psychologe: In 100 Sitzungen zum Seelenklempner habe ich mich nach hundert lehrreichen Sitzungen entscheiden, ein paar MindMaps zur Übersicht der Themen zu erstellen.

Folgendes MindMap zur Übersicht der Hauptthemen, welche im Buch behandelt wurden:

Übersicht

1. Tiefenpsychologie

2. Persönlichtkeitspsychologie

In the latest blog post (1/2) Setting up Azure workload identity federation with Terraform in Azure DevOps pipelines (2 Part Series) we learned how to setup Azure DevOps using Workload Identiy Federation

Because we are using a managed identity and not a service principal with a secret that has a certain lifetime, we are not directly able to run terraform from locally.

But what about using a service principal for local activities whose secret will expire after a few hours instead of months?
This wasn’t practical when using a service principal in the service connection. Typically, the secret had a longer lifetime, so it didn’t need to be renewed every time within the service connection.

I was curious about how to set up Azure DevOps to utilize Terraform for deploying Azure resources with workload identity federation instead of relying on a service principal with secrets. In this blog post, I will demonstrate how I set up this configuration.

To learn more about workload identity federation read the docs:
Workload identity federation - Microsoft Entra | Microsoft Learn

Prerequisites

• Azure DevOps Org
• “Customer Azure Tenant” with Subscription
• “Backend Azure Tenant” with Subscription (can be in the same tenant - in our example we use different tenants)
• Azure Powershell Module

Overview - Setup Steps

1. Create a storage account that will store the Terraform state file
2. Create a managed identity which has contributor permissions on this storage account
3. If not already the case, install the Terraform extension for your Azure DevOps Org
4. Create a new Azure DevOps Project
5. Create a service connection to the “backend tenant” using workload identity federation with your previously created managed identity
6. Create a managed identity in the customer tenant where you finally want to deploy Azure Resources using Terraform, with Contributor permission on the Subscription
7. Create a service connection to the customer tenant using workload identity federation with your previously created managed identity
8. Create a repository with basic Terraform files
9. Create an Azure DevOps Pipeline

MindMap for the Book
Steal Like an Artist: 10 Things Nobody Told You About Being Creative